Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu. Moc děkuji!

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
gastrotop
Návštěvník
Návštěvník
Příspěvky: 141
Registrován: 16 zář 2006 15:40

Prosím o kontrolu. Moc děkuji!

#1 Příspěvek od gastrotop »

Logfile of random's system information tool 1.10 (written by random/random)
Run by DetialStav at 2022-01-24 12:01:50
Microsoft Windows 10 Home
System drive C: has 106 GB (47%) free of 227 GB
Total RAM: 3472 MB (11% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:01:57, on 24.01.2022
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.19041.1202)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\Lenovo.Vantage.AddinHost.x86.exe
C:\Program Files\WindowsApps\AppleInc.iCloud_13.0.201.0_x86__nzyj5cx40ttqa\iCloud\iCloudServices.exe
C:\Program Files\WindowsApps\AppleInc.iCloud_13.0.201.0_x86__nzyj5cx40ttqa\iCloud\iCloudDrive.exe
C:\Program Files\WindowsApps\AppleInc.iCloud_13.0.201.0_x86__nzyj5cx40ttqa\iCloud\iCloudPhotos.exe
C:\Program Files\WindowsApps\AppleInc.iCloud_13.0.201.0_x86__nzyj5cx40ttqa\iCloud\ApplePhotoStreams.exe
C:\Program Files (x86)\Tenda\Common\RaUI.exe
C:\Program Files\WindowsApps\AppleInc.iCloud_13.0.201.0_x86__nzyj5cx40ttqa\iCloud\APSDaemon.exe
C:\Program Files\WindowsApps\AppleInc.iCloud_13.0.201.0_x86__nzyj5cx40ttqa\iCloud\secd.exe
C:\Program Files (x86)\Sticky Password\spNMHost.exe
C:\WINDOWS\Lenovo\iMController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
C:\WINDOWS\Lenovo\iMController\PluginHost86\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
C:\Users\DetialStav\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\PROFIT.exe
C:\Program Files\Adobe\Acrobat DC\Acrobat\x86\Acrobat\Acrobat.exe
C:\Program Files\Adobe\Acrobat DC\Acrobat\x86\Acrobat\Acrobat.exe
C:\Program Files\trend micro\DetialStav.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\97.0.1072.69\BHO\ie_to_edge_bho.dll
O4 - HKLM\..\Run: [USB Gamepad] C:\WINDOWS\USB Vibration\7906\USB Gamepad.exe -boot
O4 - HKLM\..\Run: [Intel Driver & Support Assistant] C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
O4 - HKCU\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
O4 - HKCU\..\Run: [StickyPassword] C:\Program Files (x86)\Sticky Password\stpass.exe
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [MicrosoftEdgeAutoLaunch_0F96C50E422CE382CA230B43EA35C0D0] "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: Tenda Wireless Utility.lnk = C:\Program Files (x86)\Tenda\Common\RaUI.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - AMD - C:\WINDOWS\System32\DriverStore\FileRepository\u0358356.inf_amd64_894c3b4bc882c059\B358199\atiesrxx.exe
O23 - Service: Avira Optimizer Host (AviraOptimizerHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_a2657 - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @oem7.inf,%ServiceDisplayName%;Dolby DAX API Service (DolbyDAXAPI) - Dolby Laboratories - C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_0222c12a396c055f\DAX3API.exe
O23 - Service: Intel(R) Driver & Support Assistant (DSAService) - Intel - C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
O23 - Service: Intel(R) Driver & Support Assistant Updater (DSAUpdateService) - Intel - C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ELAN Service (ETDService) - Unknown owner - C:\WINDOWS\System32\ETDService.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Fortemedia APO Control Service (FMAPOService) - Unknown owner - C:\WINDOWS\System32\FMService64.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\97.0.4692.99\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP JumpStart Bridge (HPJumpStartBridge) - HP Inc. - c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
O23 - Service: HP Print Scan Doctor Service (HPPrintScanDoctorService) - HP Inc. - C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
O23 - Service: HP CASL Framework Service (hpqcaslwmiex) - HP - C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\System32\ibtsiva (file missing)
O23 - Service: @oem84.inf,%ImcSvcDisplayName%;System Interface Foundation Service (ImControllerService) - Lenovo Group Ltd. - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
O23 - Service: Intel(R) SUR QC Software Asset Manager (Intel(R) SUR QC SAM) - Intel Corporation - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LenovoVantageService - Lenovo Group Ltd. - C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\LenovoVantageService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: RalinkRegistryWriter - Ralink Technology, Corp. - C:\Program Files (x86)\Tenda\Common\RaRegistry.exe
O23 - Service: RalinkRegistryWriter64 - Ralink Technology, Corp. - C:\Program Files (x86)\Tenda\Common\RaRegistry64.exe
O23 - Service: RaMediaServer - Unknown owner - C:\Program Files (x86)\Tenda\Common\RaMediaServer.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Universal Service (RtkAudioUniversalService) - Realtek Semiconductor - C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_11f809ac26966b9b\RtkAudUService64.exe
O23 - Service: @oem16.inf,%RtkBtManServ.SvcDesc%;Realtek Bluetooth Device Manager Service (RtkBtManServ) - Realtek Semiconductor Corp. - C:\WINDOWS\RtkBtManServ.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 12515 bytes

======Listing Processes======









C:\WINDOWS\system32\lsass.exe
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
"fontdrvhost.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-e657dc56-141f-4fab-a924-19de4f343bb9 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-9f0df83e-fe19-4dc5-a8f9-f1dc0c60ab93 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-41d32391-702a-4f00-b982-ee6c877f45bc -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-67d5e57e-7339-442d-bca6-5162902f1e13 -LifetimeId:704abbab-cf6c-4216-9fb9-ef475d747e50 -DeviceGroupId: -HostArg:0
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService -p
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k netsvcs -p
C:\WINDOWS\system32\svchost.exe -k appmodel -p
C:\WINDOWS\System32\svchost.exe -k NetworkService -p
dashost.exe {d0a12c6a-7693-451f-999e8faade18a5b1}
C:\WINDOWS\System32\DriverStore\FileRepository\u0358356.inf_amd64_894c3b4bc882c059\B358199\atiesrxx.exe
C:\WINDOWS\System32\ETDService.exe

C:\WINDOWS\system32\svchost.exe -k LocalService -p
dashost.exe {7f049e2c-afb1-4cce-a682a3cb99ac2bb6}
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
"C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe"
C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_0222c12a396c055f\DAX3API.exe
"C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe"
C:\WINDOWS\System32\ibtsiva
C:\WINDOWS\System32\FMService64.exe
C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
"C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\LenovoVantageService.exe"
"C:\Program Files (x86)\Tenda\Common\RaRegistry.exe"
"C:\Program Files (x86)\Tenda\Common\RaRegistry64.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_11f809ac26966b9b\RtkAudUService64.exe"
C:\WINDOWS\RtkBtManServ.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p

C:\WINDOWS\System32\svchost.exe -k netsvcs
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted -p

C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
atieclxx
"C:\WINDOWS\System32\DriverStore\FileRepository\DAX3_S~2.INF\\DAX3API.exe" -capturestream
"C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe"
C:\WINDOWS\system32\ETDCtrlHelper.exe
C:\WINDOWS\system32\ETDCtrl.exe
"C:\WINDOWS\system32\ETDTouch.exe"
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\svchost.exe -k BthAppGroup -p
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"ctfmon.exe"
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p
"C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\Lenovo.Vantage.AddinHost.exe" VantageCoreAddin C:\ProgramData\Lenovo\Vantage\Addins\\VantageCoreAddin\1.0.0.28\VantageCoreAddin.dll 8f2d88506fb949979d97ba9930456a00 8399716e-b425-4ed0-babe-037ac2a1042e
"C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\Lenovo.Vantage.AddinHost.exe" DeviceSettingsSystemAddin C:\ProgramData\Lenovo\Vantage\Addins\\DeviceSettingsSystemAddin\1.0.0.12\DeviceSettingsSystemAddin.dll 8853e8afb3344adf8cb9444a053c5d97 8399716e-b425-4ed0-babe-037ac2a1042e
"C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\Lenovo.Vantage.AddinHost.exe" LenovoServiceBridgeAddin C:\ProgramData\Lenovo\Vantage\Addins\\LenovoServiceBridgeAddin\1.0.0.54\LenovoServiceBridgeAddin.dll c82617513d274d0cb71d28bb459b078e 8399716e-b425-4ed0-babe-037ac2a1042e
"C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\Lenovo.Vantage.AddinHost.Amd64.exe" LenovoBoostAddin C:\ProgramData\Lenovo\Vantage\Addins\\LenovoBoostAddin\1.0.0.32\LenovoBoostAddin.dll 9dfe4c8ccabe4652a929dcd97f6f9c6c 8399716e-b425-4ed0-babe-037ac2a1042e
"C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe"

"C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\Lenovo.Vantage.AddinHost.Amd64.exe" LenovoBoostSystemAddin C:\ProgramData\Lenovo\Vantage\Addins\\LenovoBoostSystemAddin\1.0.0.32\LenovoBoostSystemAddin.dll c5d75f25d6e34391bb9f524e50d91bfa 8399716e-b425-4ed0-babe-037ac2a1042e
"C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe"
"C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
-name 6bb40112-0f29-4760-b5b5-337b35550deb -runas -pluginName IdeaNotebookPlugin -pluginVersion 1.2.77.34
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\Lenovo.Vantage.AddinHost.x86.exe" DeviceSettingsHeartbeatAddin C:\ProgramData\Lenovo\Vantage\Addins\\DeviceSettingsHeartbeatAddin\1.0.0.21\DeviceSettingsHeartbeatAddin.dll 65e07ca000fa42d7aaafc49bcee1d699 8399716e-b425-4ed0-babe-037ac2a1042e
"C:\Windows\System32\SecurityHealthSystray.exe"

"C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_11f809ac26966b9b\RtkAudUService64.exe" -background
"C:\Program Files\WindowsApps\AppleInc.iCloud_13.0.201.0_x86__nzyj5cx40ttqa\iCloud\iCloudServices.exe"
"C:\Program Files\WindowsApps\AppleInc.iCloud_13.0.201.0_x86__nzyj5cx40ttqa\iCloud\iCloudDrive.exe"
"C:\Program Files\WindowsApps\AppleInc.iCloud_13.0.201.0_x86__nzyj5cx40ttqa\iCloud\iCloudPhotos.exe"
"C:\Program Files\WindowsApps\AppleInc.iCloud_13.0.201.0_x86__nzyj5cx40ttqa\iCloud\ApplePhotoStreams.exe"
"C:\Program Files (x86)\Tenda\Common\RaUI.exe" -s
"C:\Program Files\WindowsApps\AppleInc.iCloud_13.0.201.0_x86__nzyj5cx40ttqa\iCloud\APSDaemon.exe" -Embedding
"c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
C:\Program Files\WindowsApps\AppleInc.iCloud_13.0.201.0_x86__nzyj5cx40ttqa\iCloud\secd.exe -Embedding

"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="5292.0.315848657\2050442184" -parentBuildID 20220113185450 -prefsHandle 1656 -prefMapHandle 1648 -prefsLen 1 -prefMapSize 292892 -appDir "C:\Program Files (x86)\Mozilla Firefox\browser" - 5292 "\\.\pipe\gecko-crash-server-pipe.5292" 1732 2a9fddd9c48 gpu
C:\WINDOWS\system32\svchost.exe -k DevicesFlow
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="5292.3.226556831\1009850018" -childID 2 -isForBrowser -prefsHandle 3200 -prefMapHandle 3216 -prefsLen 910 -prefMapSize 292892 -jsInitHandle 1388 -jsInitLen 279340 -parentBuildID 20220113185450 -appDir "C:\Program Files (x86)\Mozilla Firefox\browser" - 5292 "\\.\pipe\gecko-crash-server-pipe.5292" 3276 2aa032c5548 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="5292.11.1754303369\771999795" -childID 6 -isForBrowser -prefsHandle 4324 -prefMapHandle 4300 -prefsLen 6098 -prefMapSize 292892 -jsInitHandle 1388 -jsInitLen 279340 -parentBuildID 20220113185450 -appDir "C:\Program Files (x86)\Mozilla Firefox\browser" - 5292 "\\.\pipe\gecko-crash-server-pipe.5292" 4288 2aa072dbe48 tab
"C:\Program Files (x86)\Sticky Password\spNMHost.exe" "C:\Program Files (x86)\Sticky Password\spNMHostMoz.json" {ecb80162-dfbd-4d91-a8da-17b35ba4707a}
"C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe" -ServerName:InputApp.AppX9jnwykgrccxc8by3hsrsh07r423xzvav.mca

"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="5292.14.125796728\1676463121" -parentBuildID 20220113185450 -prefsHandle 4176 -prefMapHandle 9456 -prefsLen 7368 -prefMapSize 292892 -appDir "C:\Program Files (x86)\Mozilla Firefox\browser" - 5292 "\\.\pipe\gecko-crash-server-pipe.5292" 9468 2aa09e63e48 rdd
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="5292.16.417149883\1922100133" -childID 7 -isForBrowser -prefsHandle 8600 -prefMapHandle 8604 -prefsLen 7500 -prefMapSize 292892 -jsInitHandle 1388 -jsInitLen 279340 -parentBuildID 20220113185450 -appDir "C:\Program Files (x86)\Mozilla Firefox\browser" - 5292 "\\.\pipe\gecko-crash-server-pipe.5292" 8632 2aa05627248 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="5292.17.1546857400\1922990408" -childID 8 -isForBrowser -prefsHandle 8860 -prefMapHandle 8868 -prefsLen 7500 -prefMapSize 292892 -jsInitHandle 1388 -jsInitLen 279340 -parentBuildID 20220113185450 -appDir "C:\Program Files (x86)\Mozilla Firefox\browser" - 5292 "\\.\pipe\gecko-crash-server-pipe.5292" 5128 2aa00c0fc48 tab
"cmd" /c ""C:\Users\DetialStav\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe" -tag entry=LSBUpdater.exe,info={entry=unknown,afterupdate=no}"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Users\DetialStav\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe" -tag entry=LSBUpdater.exe,info={entry=unknown,afterupdate=no}
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}

C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k netsvcs -p
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="5292.92.1669437438\1795041886" -parentBuildID 20220113185450 -prefsHandle 7580 -prefMapHandle 7988 -prefsLen 9855 -prefMapSize 292892 -appDir "C:\Program Files (x86)\Mozilla Firefox\browser" - 5292 "\\.\pipe\gecko-crash-server-pipe.5292" 2592 2aa0013be48 socket
"C:\WINDOWS\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe" -ServerName:WindowsDefaultLockScreen.AppX7y4nbzq37zn4ks9k7amqjywdat7d3j2z.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\mousocoreworker.exe -Embedding
-name 58a7df7b-44ec-4f31-ad75-d9ff8a8e0a0a -runas -pluginName LenovoVisionProtectionPlugin -pluginVersion 1.2.98.14
-name 86d8b8e3-a372-4f35-8d68-5fcd79a73ca9 -runas -pluginName GenericMessagingPlugin -pluginVersion 3.2.0.57
-name dc427af5-06aa-48a3-ab2f-d89de25b179a -runas -pluginName DolbyAudioPlugin -pluginVersion 1.2.240.5
"C:\WINDOWS\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe" -name f2abbe99-d765-406c-adc2-604192c5eef0 -runas SYSTEM -pluginName LenovoAppScenarioPluginSystem -pluginVersion 1.2.190.5
"C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\Lenovo.Vantage.AddinHost.exe" LenovoSecurityAddin C:\ProgramData\Lenovo\Vantage\Addins\\LenovoSecurityAddin\1.0.0.31\LenovoSecurityAddin.dll 62221536e194416289e0d44a2404c5df 8399716e-b425-4ed0-babe-037ac2a1042e
-name 468d4c93-13ca-499a-a373-a9f17d2d606e -runas -pluginName GenericDisplayPlugin -pluginVersion 1.2.179.5

"C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\DetialStav\Downloads\FA1431018366.pdf"
"C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" --type=renderer /prefetch:1 "C:\Users\DetialStav\Downloads\FA1431018366.pdf"
"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_2\AcroCEF.exe" --locale=cs_cz --backgroundcolor=5066061
"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_2\AcroCEF.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1612,5182805645859981910,11901150591420553168,131072 --enable-features=CastMediaRouteProvider --disable-features=CalculateNativeWinOcclusion --lang=en-US --service-sandbox-type=utility --disable-pack-loading --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_2\debug.log" --log-severity=disable --product-version="ReaderServices/21.11.20039 Chrome/80.0.0.0" --lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_2\debug.log" --mojo-platform-channel-handle=2080 --allow-no-sandbox-job /prefetch:8
"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_2\AcroCEF.exe" --type=renderer --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_2\debug.log" --touch-events=enabled --field-trial-handle=1612,5182805645859981910,11901150591420553168,131072 --enable-features=CastMediaRouteProvider --disable-features=CalculateNativeWinOcclusion --disable-gpu-compositing --lang=en-US --disable-pack-loading --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_2\debug.log" --log-severity=disable --product-version="ReaderServices/21.11.20039 Chrome/80.0.0.0" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=3 --mojo-platform-channel-handle=2088 --allow-no-sandbox-job /prefetch:1
"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_2\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1612,5182805645859981910,11901150591420553168,131072 --enable-features=CastMediaRouteProvider --disable-features=CalculateNativeWinOcclusion --lang=en-US --service-sandbox-type=network --disable-pack-loading --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_2\debug.log" --log-severity=disable --product-version="ReaderServices/21.11.20039 Chrome/80.0.0.0" --lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_2\debug.log" --mojo-platform-channel-handle=2344 --allow-no-sandbox-job /prefetch:8
"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_2\AcroCEF.exe" --type=renderer --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_2\debug.log" --touch-events=enabled --field-trial-handle=1612,5182805645859981910,11901150591420553168,131072 --enable-features=CastMediaRouteProvider --disable-features=CalculateNativeWinOcclusion --disable-gpu-compositing --lang=en-US --disable-pack-loading --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_2\debug.log" --log-severity=disable --product-version="ReaderServices/21.11.20039 Chrome/80.0.0.0" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=8 --mojo-platform-channel-handle=2684 --allow-no-sandbox-job /prefetch:1
C:\WINDOWS\system32\svchost.exe -k PrintWorkflow
"C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="5292.114.1318266813\1501312473" -childID 38 -isForBrowser -prefsHandle 5572 -prefMapHandle 3452 -prefsLen 10989 -prefMapSize 292892 -jsInitHandle 1388 -jsInitLen 279340 -parentBuildID 20220113185450 -appDir "C:\Program Files (x86)\Mozilla Firefox\browser" - 5292 "\\.\pipe\gecko-crash-server-pipe.5292" 3516 2aa09eb4248 tab
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --flag-switches-begin --flag-switches-end --no-startup-window /prefetch:5
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\DetialStav\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\DetialStav\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=97.0.4692.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=97.0.1072.69 --initial-client-data=0xf0,0xf4,0xf8,0xcc,0xfc,0x7fff3cb0db60,0x7fff3cb0db70,0x7fff3cb0db80
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2164,5509821187523739032,4125491387824688950,131072 --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2108 /prefetch:2
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2164,5509821187523739032,4125491387824688950,131072 --lang=cs --service-sandbox-type=none --mojo-platform-channel-handle=2064 /prefetch:3
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2164,5509821187523739032,4125491387824688950,131072 --lang=cs --service-sandbox-type=utility --mojo-platform-channel-handle=2636 /prefetch:8
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:AD2F1837.HPPrinterControl.AppXg27tfcrjvepe7p6m0w5zs7c77x5b4hhe.mca
"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_2\AcroCEF.exe" --type=renderer --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_2\debug.log" --touch-events=enabled --field-trial-handle=1612,5182805645859981910,11901150591420553168,131072 --enable-features=CastMediaRouteProvider --disable-features=CalculateNativeWinOcclusion --disable-gpu-compositing --lang=en-US --disable-pack-loading --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_2\debug.log" --log-severity=disable --product-version="ReaderServices/21.11.20039 Chrome/80.0.0.0" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=11 --mojo-platform-channel-handle=1384 --allow-no-sandbox-job /prefetch:1
"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_2\AcroCEF.exe" --type=renderer --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_2\debug.log" --touch-events=enabled --field-trial-handle=1612,5182805645859981910,11901150591420553168,131072 --enable-features=CastMediaRouteProvider --disable-features=CalculateNativeWinOcclusion --disable-gpu-compositing --lang=en-US --disable-pack-loading --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_2\debug.log" --log-severity=disable --product-version="ReaderServices/21.11.20039 Chrome/80.0.0.0" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=14 --mojo-platform-channel-handle=2504 --allow-no-sandbox-job /prefetch:1
"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_2\AcroCEF.exe" --type=renderer --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_2\debug.log" --touch-events=enabled --field-trial-handle=1612,5182805645859981910,11901150591420553168,131072 --enable-features=CastMediaRouteProvider --disable-features=CalculateNativeWinOcclusion --disable-gpu-compositing --lang=en-US --disable-pack-loading --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_2\debug.log" --log-severity=disable --product-version="ReaderServices/21.11.20039 Chrome/80.0.0.0" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --mojo-platform-channel-handle=3136 --allow-no-sandbox-job /prefetch:1
"C:\Program Files\LibreOffice\program\scalc.exe" -o "C:\Users\DetialStav\Desktop\2022\Rozpočty\32022_Odolená voda.xls"
"C:\Program Files\LibreOffice\program\scalc.exe" -o "C:\Users\DetialStav\Desktop\2022\Rozpočty\32022_Odolená voda.xls" --calc
"C:\Program Files\LibreOffice\program\scalc.exe" "-o" "C:\Users\DetialStav\Desktop\2022\Rozpočty\32022_Odolená voda.xls" "--calc" "-env:OOO_CWD=2C:\\Users\\DetialStav\\Desktop\\2022\\Rozpočty"
"C:\Users\DetialStav\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\PROFIT.exe"
C:\WINDOWS\splwow64.exe 12288
"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_2\AcroCEF.exe" --type=renderer --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_2\debug.log" --touch-events=enabled --field-trial-handle=1612,5182805645859981910,11901150591420553168,131072 --enable-features=CastMediaRouteProvider --disable-features=CalculateNativeWinOcclusion --disable-gpu-compositing --lang=en-US --disable-pack-loading --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_2\debug.log" --log-severity=disable --product-version="ReaderServices/21.11.20039 Chrome/80.0.0.0" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --mojo-platform-channel-handle=976 --allow-no-sandbox-job /prefetch:1
"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_2\AcroCEF.exe" --type=renderer --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_2\debug.log" --touch-events=enabled --field-trial-handle=1612,5182805645859981910,11901150591420553168,131072 --enable-features=CastMediaRouteProvider --disable-features=CalculateNativeWinOcclusion --disable-gpu-compositing --lang=en-US --disable-pack-loading --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_2\debug.log" --log-severity=disable --product-version="ReaderServices/21.11.20039 Chrome/80.0.0.0" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=2668 --allow-no-sandbox-job /prefetch:1
"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_2\AcroCEF.exe" --type=renderer --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_2\debug.log" --touch-events=enabled --field-trial-handle=1612,5182805645859981910,11901150591420553168,131072 --enable-features=CastMediaRouteProvider --disable-features=CalculateNativeWinOcclusion --disable-gpu-compositing --lang=en-US --disable-pack-loading --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_2\debug.log" --log-severity=disable --product-version="ReaderServices/21.11.20039 Chrome/80.0.0.0" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=2624 --allow-no-sandbox-job /prefetch:1
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="5292.508.1022437907\61789924" -childID 168 -isForBrowser -prefsHandle 9948 -prefMapHandle 10228 -prefsLen 10989 -prefMapSize 292892 -jsInitHandle 1388 -jsInitLen 279340 -parentBuildID 20220113185450 -appDir "C:\Program Files (x86)\Mozilla Firefox\browser" - 5292 "\\.\pipe\gecko-crash-server-pipe.5292" 8124 2aa1ea94c48 tab
"C:\Program Files\Adobe\Acrobat DC\Acrobat\x86\Acrobat\Acrobat.exe" --type=compute-only-broker --ipc-rdr-channel=ko.621711f4.4f8f341c.2 --ipc-co-channel=ko.1142b0e2.1c77228a.1 --proc=5 --helperprocpid=14600 --channeltype=2 /CR
"C:\Program Files\Adobe\Acrobat DC\Acrobat\x86\Acrobat\Acrobat.exe" --type=compute-only-renderer --ipc-rdr-channel=ko.621711f4.4f8f341c.2 --ipc-co-channel=ko.1142b0e2.1c77228a.1 --proc=5 --helperprocpid=14600 --channeltype=2 /n /prefetch:2 /CR
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="5292.588.239878646\1381877528" -childID 195 -isForBrowser -prefsHandle 6452 -prefMapHandle 8272 -prefsLen 10990 -prefMapSize 292892 -jsInitHandle 1388 -jsInitLen 279340 -parentBuildID 20220113185450 -appDir "C:\Program Files (x86)\Mozilla Firefox\browser" - 5292 "\\.\pipe\gecko-crash-server-pipe.5292" 10116 2aa12a8b948 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="5292.601.472183692\444381456" -childID 198 -isForBrowser -prefsHandle 8240 -prefMapHandle 10164 -prefsLen 11053 -prefMapSize 292892 -jsInitHandle 1388 -jsInitLen 279340 -parentBuildID 20220113185450 -appDir "C:\Program Files (x86)\Mozilla Firefox\browser" - 5292 "\\.\pipe\gecko-crash-server-pipe.5292" 10264 2aa032c7948 tab
"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_2\AcroCEF.exe" --type=renderer --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_2\debug.log" --touch-events=enabled --field-trial-handle=1612,5182805645859981910,11901150591420553168,131072 --enable-features=CastMediaRouteProvider --disable-features=CalculateNativeWinOcclusion --disable-gpu-compositing --lang=en-US --disable-pack-loading --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_2\debug.log" --log-severity=disable --product-version="ReaderServices/21.11.20039 Chrome/80.0.0.0" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=19 --mojo-platform-channel-handle=3524 --allow-no-sandbox-job /prefetch:1
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="5292.614.68137135\1402926912" -childID 203 -isForBrowser -prefsHandle 6196 -prefMapHandle 4760 -prefsLen 11054 -prefMapSize 292892 -jsInitHandle 1388 -jsInitLen 279340 -parentBuildID 20220113185450 -appDir "C:\Program Files (x86)\Mozilla Firefox\browser" - 5292 "\\.\pipe\gecko-crash-server-pipe.5292" 4136 2aa02216e48 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="5292.617.380792817\1993294177" -childID 204 -isForBrowser -prefsHandle 8696 -prefMapHandle 1428 -prefsLen 11054 -prefMapSize 292892 -jsInitHandle 1388 -jsInitLen 279340 -parentBuildID 20220113185450 -appDir "C:\Program Files (x86)\Mozilla Firefox\browser" - 5292 "\\.\pipe\gecko-crash-server-pipe.5292" 9260 2aa0008bf48 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="5292.619.1968171733\662182704" -childID 205 -isForBrowser -prefsHandle 3920 -prefMapHandle 9268 -prefsLen 11054 -prefMapSize 292892 -jsInitHandle 1388 -jsInitLen 279340 -parentBuildID 20220113185450 -appDir "C:\Program Files (x86)\Mozilla Firefox\browser" - 5292 "\\.\pipe\gecko-crash-server-pipe.5292" 2976 2aa06895348 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="5292.622.107630777\2093521128" -childID 206 -isForBrowser -prefsHandle 3400 -prefMapHandle 7784 -prefsLen 11054 -prefMapSize 292892 -jsInitHandle 1388 -jsInitLen 279340 -parentBuildID 20220113185450 -appDir "C:\Program Files (x86)\Mozilla Firefox\browser" - 5292 "\\.\pipe\gecko-crash-server-pipe.5292" 4200 2aa0008ad48 tab
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe34_ Global\UsGthrCtrlFltPipeMssGthrPipe34 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 812 816 824 8192 820 796
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\AUDIODG.EXE 0x4c4
"C:\Users\DetialStav\Desktop\RSITx64.exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\DetialStav\AppData\Roaming\Mozilla\Firefox\Profiles\co5tb96t.default

prefs.js - "browser.startup.homepage" - "www.seznam.cz"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\97.0.1072.69\BHO\ie_to_edge_bho_64.dll [2022-01-20 532352]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\97.0.1072.69\BHO\ie_to_edge_bho.dll [2022-01-20 421760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2019-12-07 86016]
"RtkAudUService"=C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_11f809ac26966b9b\RtkAudUService64.exe [2021-08-12 1274712]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"=C:\Windows\SysWOW64\OneDriveSetup.exe [2019-12-07 30870320]
"StickyPassword"=C:\Program Files (x86)\Sticky Password\stpass.exe [2019-02-28 64672]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2021-12-07 35373696]
"MicrosoftEdgeAutoLaunch_0F96C50E422CE382CA230B43EA35C0D0"=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe [2022-01-20 3427712]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB Gamepad"=C:\WINDOWS\USB Vibration\7906\USB Gamepad.exe [2008-12-10 796784]
"Intel Driver & Support Assistant"=C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [2021-12-08 288184]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Tenda Wireless Utility.lnk - C:\Program Files (x86)\Tenda\Common\RaUI.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcCtnrSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsQuic]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcCtnrSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"shell"=explorer.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"aux1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave1"=wdmaud.drv
"aux2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave2"=wdmaud.drv

======File associations======

.inf - install -
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2022-01-18 09:08:51 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2022-01-18 09:08:51 ----A---- C:\WINDOWS\system32\Hydrogen.dll
2022-01-18 09:08:45 ----A---- C:\WINDOWS\system32\tcbloader.dll
2022-01-18 09:08:45 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2022-01-18 09:08:45 ----A---- C:\WINDOWS\system32\hvix64.exe
2022-01-18 09:08:45 ----A---- C:\WINDOWS\system32\hvax64.exe
2022-01-18 09:08:44 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2022-01-18 09:08:44 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2022-01-18 09:08:44 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2022-01-18 09:08:44 ----A---- C:\WINDOWS\SYSWOW64\GameInput.dll
2022-01-18 09:08:44 ----A---- C:\WINDOWS\system32\sppcext.dll
2022-01-18 09:08:43 ----A---- C:\WINDOWS\system32\sppsvc.exe
2022-01-18 09:08:43 ----A---- C:\WINDOWS\system32\netlogon.dll
2022-01-18 09:08:42 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2022-01-18 09:08:42 ----A---- C:\WINDOWS\system32\msv1_0.dll
2022-01-18 09:08:41 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2022-01-18 09:08:41 ----A---- C:\WINDOWS\system32\ISM.dll
2022-01-18 09:08:41 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2022-01-18 09:08:41 ----A---- C:\WINDOWS\system32\GameInput.dll
2022-01-18 09:08:41 ----A---- C:\WINDOWS\system32\FWPUCLNT.DLL
2022-01-18 09:08:41 ----A---- C:\WINDOWS\system32\drivers\wfplwfs.sys
2022-01-18 09:08:41 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2022-01-18 09:08:41 ----A---- C:\WINDOWS\system32\BFE.DLL
2022-01-18 09:08:41 ----A---- C:\WINDOWS\explorer.exe
2022-01-18 08:47:01 ----HDC---- C:\$WinREAgent
2022-01-18 08:46:22 ----A---- C:\WINDOWS\SYSWOW64\poqexec.exe
2022-01-18 08:46:18 ----A---- C:\WINDOWS\system32\poqexec.exe
2022-01-17 18:19:14 ----DC---- C:\Program Files (x86)\Mozilla Firefox
2022-01-12 13:40:36 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2022-01-12 13:40:36 ----A---- C:\WINDOWS\SYSWOW64\DolbyDecMFT.dll
2022-01-12 13:40:36 ----A---- C:\WINDOWS\system32\DolbyDecMFT.dll
2022-01-12 13:40:34 ----A---- C:\WINDOWS\SYSWOW64\WebClnt.dll
2022-01-12 13:40:34 ----A---- C:\WINDOWS\SYSWOW64\tsgqec.dll
2022-01-12 13:40:34 ----A---- C:\WINDOWS\SYSWOW64\runas.exe
2022-01-12 13:40:34 ----A---- C:\WINDOWS\SYSWOW64\provsvc.dll
2022-01-12 13:40:34 ----A---- C:\WINDOWS\system32\mfcore.dll
2022-01-12 13:40:33 ----A---- C:\WINDOWS\SYSWOW64\nshwfp.dll
2022-01-12 13:40:33 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2022-01-12 13:40:33 ----A---- C:\WINDOWS\SYSWOW64\msimsg.dll
2022-01-12 13:40:33 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2022-01-12 13:40:33 ----A---- C:\WINDOWS\SYSWOW64\certutil.exe
2022-01-12 13:40:33 ----A---- C:\WINDOWS\SYSWOW64\certreq.exe
2022-01-12 13:40:32 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2022-01-12 13:40:31 ----A---- C:\WINDOWS\SYSWOW64\xolehlp.dll
2022-01-12 13:40:31 ----A---- C:\WINDOWS\SYSWOW64\mtxclu.dll
2022-01-12 13:40:31 ----A---- C:\WINDOWS\SYSWOW64\msdtcprx.dll
2022-01-12 13:40:31 ----A---- C:\WINDOWS\SYSWOW64\iassam.dll
2022-01-12 13:40:31 ----A---- C:\WINDOWS\SYSWOW64\iasads.dll
2022-01-12 13:40:31 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2022-01-12 13:40:31 ----A---- C:\WINDOWS\SYSWOW64\dhcpsapi.dll
2022-01-12 13:40:31 ----A---- C:\WINDOWS\SYSWOW64\dataclen.dll
2022-01-12 13:40:30 ----A---- C:\WINDOWS\SYSWOW64\tar.exe
2022-01-12 13:40:30 ----A---- C:\WINDOWS\SYSWOW64\net1.exe
2022-01-12 13:40:30 ----A---- C:\WINDOWS\SYSWOW64\curl.exe
2022-01-12 13:40:30 ----A---- C:\WINDOWS\SYSWOW64\archiveint.dll
2022-01-12 13:40:29 ----A---- C:\WINDOWS\system32\WebClnt.dll
2022-01-12 13:40:29 ----A---- C:\WINDOWS\system32\tsgqec.dll
2022-01-12 13:40:29 ----A---- C:\WINDOWS\system32\runas.exe
2022-01-12 13:40:29 ----A---- C:\WINDOWS\system32\rdpudd.dll
2022-01-12 13:40:29 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2022-01-12 13:40:29 ----A---- C:\WINDOWS\system32\provsvc.dll
2022-01-12 13:40:29 ----A---- C:\WINDOWS\system32\nltest.exe
2022-01-12 13:40:29 ----A---- C:\WINDOWS\system32\mstscax.dll
2022-01-12 13:40:29 ----A---- C:\WINDOWS\system32\ListSvc.dll
2022-01-12 13:40:29 ----A---- C:\WINDOWS\system32\ksetup.exe
2022-01-12 13:40:29 ----A---- C:\WINDOWS\system32\drivers\PktMon.sys
2022-01-12 13:40:29 ----A---- C:\WINDOWS\system32\certutil.exe
2022-01-12 13:40:29 ----A---- C:\WINDOWS\system32\certreq.exe
2022-01-12 13:40:28 ----A---- C:\WINDOWS\system32\nshwfp.dll
2022-01-12 13:40:28 ----A---- C:\WINDOWS\system32\msimsg.dll
2022-01-12 13:40:28 ----A---- C:\WINDOWS\system32\msi.dll
2022-01-12 13:40:28 ----A---- C:\WINDOWS\system32\Chakra.dll
2022-01-12 13:40:28 ----A---- C:\WINDOWS\system32\drivers\rdpvideominiport.sys
2022-01-12 13:40:26 ----A---- C:\WINDOWS\system32\tar.exe
2022-01-12 13:40:26 ----A---- C:\WINDOWS\system32\net1.exe
2022-01-12 13:40:26 ----A---- C:\WINDOWS\system32\mtxclu.dll
2022-01-12 13:40:26 ----A---- C:\WINDOWS\system32\mshtml.dll
2022-01-12 13:40:26 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2022-01-12 13:40:26 ----A---- C:\WINDOWS\system32\msdtctm.dll
2022-01-12 13:40:26 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2022-01-12 13:40:26 ----A---- C:\WINDOWS\system32\iasads.dll
2022-01-12 13:40:26 ----A---- C:\WINDOWS\system32\dsauth.dll
2022-01-12 13:40:26 ----A---- C:\WINDOWS\system32\dhcpsapi.dll
2022-01-12 13:40:26 ----A---- C:\WINDOWS\system32\dataclen.dll
2022-01-12 13:40:26 ----A---- C:\WINDOWS\system32\curl.exe
2022-01-12 13:40:26 ----A---- C:\WINDOWS\system32\computecore.dll
2022-01-12 13:40:26 ----A---- C:\WINDOWS\system32\CBDHSvc.dll
2022-01-12 13:40:26 ----A---- C:\WINDOWS\system32\archiveint.dll
2022-01-12 13:40:24 ----A---- C:\WINDOWS\system32\vertdll.dll
2022-01-12 13:40:24 ----A---- C:\WINDOWS\system32\skci.dll
2022-01-12 13:40:23 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2022-01-12 13:40:23 ----A---- C:\WINDOWS\SYSWOW64\TSpkg.dll
2022-01-12 13:40:23 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2022-01-12 13:40:23 ----A---- C:\WINDOWS\SYSWOW64\scesrv.dll
2022-01-12 13:40:23 ----A---- C:\WINDOWS\SYSWOW64\rastls.dll
2022-01-12 13:40:23 ----A---- C:\WINDOWS\SYSWOW64\raschap.dll
2022-01-12 13:40:23 ----A---- C:\WINDOWS\SYSWOW64\pku2u.dll
2022-01-12 13:40:23 ----A---- C:\WINDOWS\SYSWOW64\netprovfw.dll
2022-01-12 13:40:23 ----A---- C:\WINDOWS\SYSWOW64\netjoin.dll
2022-01-12 13:40:23 ----A---- C:\WINDOWS\SYSWOW64\netid.dll
2022-01-12 13:40:23 ----A---- C:\WINDOWS\SYSWOW64\joinutil.dll
2022-01-12 13:40:22 ----A---- C:\WINDOWS\SYSWOW64\wkscli.dll
2022-01-12 13:40:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2022-01-12 13:40:22 ----A---- C:\WINDOWS\SYSWOW64\wincredui.dll
2022-01-12 13:40:22 ----A---- C:\WINDOWS\SYSWOW64\tdh.dll
2022-01-12 13:40:22 ----A---- C:\WINDOWS\SYSWOW64\srvcli.dll
2022-01-12 13:40:22 ----A---- C:\WINDOWS\SYSWOW64\schedcli.dll
2022-01-12 13:40:22 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2022-01-12 13:40:22 ----A---- C:\WINDOWS\SYSWOW64\samcli.dll
2022-01-12 13:40:22 ----A---- C:\WINDOWS\SYSWOW64\offlinelsa.dll
2022-01-12 13:40:22 ----A---- C:\WINDOWS\SYSWOW64\netutils.dll
2022-01-12 13:40:22 ----A---- C:\WINDOWS\SYSWOW64\netmsg.dll
2022-01-12 13:40:22 ----A---- C:\WINDOWS\SYSWOW64\ncryptprov.dll
2022-01-12 13:40:22 ----A---- C:\WINDOWS\SYSWOW64\msimg32.dll
2022-01-12 13:40:22 ----A---- C:\WINDOWS\SYSWOW64\mf3216.dll
2022-01-12 13:40:22 ----A---- C:\WINDOWS\SYSWOW64\logoncli.dll
2022-01-12 13:40:22 ----A---- C:\WINDOWS\SYSWOW64\gmsaclient.dll
2022-01-12 13:40:22 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2022-01-12 13:40:22 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2022-01-12 13:40:22 ----A---- C:\WINDOWS\SYSWOW64\es.dll
2022-01-12 13:40:22 ----A---- C:\WINDOWS\SYSWOW64\comsvcs.dll
2022-01-12 13:40:22 ----A---- C:\WINDOWS\SYSWOW64\CertPolEng.dll
2022-01-12 13:40:22 ----A---- C:\WINDOWS\SYSWOW64\BitLockerCsp.dll
2022-01-12 13:40:22 ----A---- C:\WINDOWS\SYSWOW64\authz.dll
2022-01-12 13:40:21 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2022-01-12 13:40:21 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2022-01-12 13:40:21 ----A---- C:\WINDOWS\SYSWOW64\uReFS.dll
2022-01-12 13:40:21 ----A---- C:\WINDOWS\SYSWOW64\shacctprofile.dll
2022-01-12 13:40:17 ----A---- C:\WINDOWS\SYSWOW64\wpnapps.dll
2022-01-12 13:40:17 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryUpgrade.dll
2022-01-12 13:40:17 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryCore.dll
2022-01-12 13:40:17 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryClient.dll
2022-01-12 13:40:17 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryBroker.dll
2022-01-12 13:40:17 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.HumanInterfaceDevice.dll
2022-01-12 13:40:17 ----A---- C:\WINDOWS\SYSWOW64\win32u.dll
2022-01-12 13:40:17 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2022-01-12 13:40:17 ----A---- C:\WINDOWS\SYSWOW64\StateRepository.Core.dll
2022-01-12 13:40:17 ----A---- C:\WINDOWS\SYSWOW64\negoexts.dll
2022-01-12 13:40:17 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2022-01-12 13:40:17 ----A---- C:\WINDOWS\SYSWOW64\KerbClientShared.dll
2022-01-12 13:40:17 ----A---- C:\WINDOWS\SYSWOW64\CertEnrollCtrl.exe
2022-01-12 13:40:17 ----A---- C:\WINDOWS\SYSWOW64\CertEnroll.dll
2022-01-12 13:40:17 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2022-01-12 13:40:17 ----A---- C:\WINDOWS\SYSWOW64\certca.dll
2022-01-12 13:40:16 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2022-01-12 13:40:16 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2022-01-12 13:40:16 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryPS.dll
2022-01-12 13:40:16 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepository.dll
2022-01-12 13:40:16 ----A---- C:\WINDOWS\SYSWOW64\Windows.AccountsControl.dll
2022-01-12 13:40:16 ----A---- C:\WINDOWS\SYSWOW64\TileDataRepository.dll
2022-01-12 13:40:16 ----A---- C:\WINDOWS\SYSWOW64\profext.dll
2022-01-12 13:40:15 ----A---- C:\WINDOWS\SYSWOW64\Windows.System.Launcher.dll
2022-01-12 13:40:15 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Core.dll
2022-01-12 13:40:15 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2022-01-12 13:40:15 ----A---- C:\WINDOWS\SYSWOW64\thumbcache.dll
2022-01-12 13:40:15 ----A---- C:\WINDOWS\SYSWOW64\ShareHost.dll
2022-01-12 13:40:15 ----A---- C:\WINDOWS\SYSWOW64\AppContracts.dll
2022-01-12 13:40:14 ----A---- C:\WINDOWS\SYSWOW64\wscproxystub.dll
2022-01-12 13:40:14 ----A---- C:\WINDOWS\SYSWOW64\wscisvif.dll
2022-01-12 13:40:14 ----A---- C:\WINDOWS\SYSWOW64\wscapi.dll
2022-01-12 13:40:14 ----A---- C:\WINDOWS\SYSWOW64\wscadminui.exe
2022-01-12 13:40:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2022-01-12 13:40:14 ----A---- C:\WINDOWS\SYSWOW64\usercpl.dll
2022-01-12 13:40:14 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2022-01-12 13:40:14 ----A---- C:\WINDOWS\SYSWOW64\sechost.dll
2022-01-12 13:40:14 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2022-01-12 13:40:14 ----A---- C:\WINDOWS\SYSWOW64\netplwiz.dll
2022-01-12 13:40:14 ----A---- C:\WINDOWS\SYSWOW64\netapi32.dll
2022-01-12 13:40:14 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2022-01-12 13:40:14 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2022-01-12 13:40:14 ----A---- C:\WINDOWS\SYSWOW64\kernel32.dll
2022-01-12 13:40:14 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2022-01-12 13:40:14 ----A---- C:\WINDOWS\SYSWOW64\advapi32.dll
2022-01-12 13:40:13 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2022-01-12 13:40:13 ----A---- C:\WINDOWS\SYSWOW64\msobjs.dll
2022-01-12 13:40:13 ----A---- C:\WINDOWS\SYSWOW64\msaudite.dll
2022-01-12 13:40:13 ----A---- C:\WINDOWS\SYSWOW64\adtschema.dll
2022-01-12 13:40:13 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2022-01-12 13:40:13 ----A---- C:\WINDOWS\system32\TSpkg.dll
2022-01-12 13:40:13 ----A---- C:\WINDOWS\system32\shell32.dll
2022-01-12 13:40:13 ----A---- C:\WINDOWS\system32\scesrv.dll
2022-01-12 13:40:13 ----A---- C:\WINDOWS\system32\pku2u.dll
2022-01-12 13:40:13 ----A---- C:\WINDOWS\system32\LsaIso.exe
2022-01-12 13:40:13 ----A---- C:\WINDOWS\system32\keymgr.dll
2022-01-12 13:40:13 ----A---- C:\WINDOWS\system32\iumcrypt.dll
2022-01-12 13:40:12 ----A---- C:\WINDOWS\system32\taskcomp.dll
2022-01-12 13:40:12 ----A---- C:\WINDOWS\system32\sppobjs.dll
2022-01-12 13:40:12 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2022-01-12 13:40:12 ----A---- C:\WINDOWS\system32\rastls.dll
2022-01-12 13:40:12 ----A---- C:\WINDOWS\system32\rasmans.dll
2022-01-12 13:40:12 ----A---- C:\WINDOWS\system32\raschap.dll
2022-01-12 13:40:12 ----A---- C:\WINDOWS\system32\rascustom.dll
2022-01-12 13:40:12 ----A---- C:\WINDOWS\system32\netprovfw.dll
2022-01-12 13:40:12 ----A---- C:\WINDOWS\system32\netjoin.dll
2022-01-12 13:40:12 ----A---- C:\WINDOWS\system32\joinutil.dll
2022-01-12 13:40:12 ----A---- C:\WINDOWS\system32\djoin.exe
2022-01-12 13:40:11 ----A---- C:\WINDOWS\system32\WUDFPlatform.dll
2022-01-12 13:40:11 ----A---- C:\WINDOWS\system32\WUDFHost.exe
2022-01-12 13:40:11 ----A---- C:\WINDOWS\system32\WUDFCompanionHost.exe
2022-01-12 13:40:11 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2022-01-12 13:40:11 ----A---- C:\WINDOWS\system32\wincredui.dll
2022-01-12 13:40:11 ----A---- C:\WINDOWS\system32\tdh.dll
2022-01-12 13:40:11 ----A---- C:\WINDOWS\system32\shutdownux.dll
2022-01-12 13:40:11 ----A---- C:\WINDOWS\system32\LocationFrameworkPS.dll
2022-01-12 13:40:11 ----A---- C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2022-01-12 13:40:11 ----A---- C:\WINDOWS\system32\LocationFramework.dll
2022-01-12 13:40:11 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2022-01-12 13:40:11 ----A---- C:\WINDOWS\system32\gdi32full.dll
2022-01-12 13:40:11 ----A---- C:\WINDOWS\system32\efscore.dll
2022-01-12 13:40:11 ----A---- C:\WINDOWS\system32\drivers\WUDFRd.sys
2022-01-12 13:40:11 ----A---- C:\WINDOWS\system32\drivers\WUDFPf.sys
2022-01-12 13:40:11 ----A---- C:\WINDOWS\system32\BitLockerCsp.dll
2022-01-12 13:40:10 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2022-01-12 13:40:10 ----A---- C:\WINDOWS\system32\wkssvc.dll
2022-01-12 13:40:10 ----A---- C:\WINDOWS\system32\usermgr.dll
2022-01-12 13:40:10 ----A---- C:\WINDOWS\system32\sechost.dll
2022-01-12 13:40:10 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2022-01-12 13:40:10 ----A---- C:\WINDOWS\system32\ntlanman.dll
2022-01-12 13:40:10 ----A---- C:\WINDOWS\system32\msimg32.dll
2022-01-12 13:40:10 ----A---- C:\WINDOWS\system32\msctf.dll
2022-01-12 13:40:10 ----A---- C:\WINDOWS\system32\mf3216.dll
2022-01-12 13:40:10 ----A---- C:\WINDOWS\system32\KernelBase.dll
2022-01-12 13:40:10 ----A---- C:\WINDOWS\system32\gmsaclient.dll
2022-01-12 13:40:10 ----A---- C:\WINDOWS\system32\drivers\msrpc.sys
2022-01-12 13:40:10 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2022-01-12 13:40:08 ----A---- C:\WINDOWS\system32\wkscli.dll
2022-01-12 13:40:08 ----A---- C:\WINDOWS\system32\srvcli.dll
2022-01-12 13:40:08 ----A---- C:\WINDOWS\system32\schedcli.dll
2022-01-12 13:40:08 ----A---- C:\WINDOWS\system32\schannel.dll
2022-01-12 13:40:08 ----A---- C:\WINDOWS\system32\offlinelsa.dll
2022-01-12 13:40:08 ----A---- C:\WINDOWS\system32\ntdll.dll
2022-01-12 13:40:08 ----A---- C:\WINDOWS\system32\msobjs.dll
2022-01-12 13:40:08 ----A---- C:\WINDOWS\system32\msaudite.dll
2022-01-12 13:40:08 ----A---- C:\WINDOWS\system32\lsasrv.dll
2022-01-12 13:40:08 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2022-01-12 13:40:08 ----A---- C:\WINDOWS\system32\drivers\http.sys
2022-01-12 13:40:08 ----A---- C:\WINDOWS\system32\adtschema.dll
2022-01-12 13:40:04 ----A---- C:\WINDOWS\system32\profsvc.dll
2022-01-12 13:40:04 ----A---- C:\WINDOWS\system32\ncryptprov.dll
2022-01-12 13:40:04 ----A---- C:\WINDOWS\system32\logoncli.dll
2022-01-12 13:40:04 ----A---- C:\WINDOWS\system32\dpapisrv.dll
2022-01-12 13:40:04 ----A---- C:\WINDOWS\system32\authz.dll
2022-01-12 13:40:03 ----A---- C:\WINDOWS\system32\samsrv.dll
2022-01-12 13:40:03 ----A---- C:\WINDOWS\system32\samlib.dll
2022-01-12 13:40:03 ----A---- C:\WINDOWS\system32\samcli.dll
2022-01-12 13:40:03 ----A---- C:\WINDOWS\system32\offlinesam.dll
2022-01-12 13:40:03 ----A---- C:\WINDOWS\system32\netmsg.dll
2022-01-12 13:40:03 ----A---- C:\WINDOWS\system32\drivers\pcw.sys
2022-01-12 13:40:03 ----A---- C:\WINDOWS\system32\ci.dll
2022-01-12 13:40:02 ----A---- C:\WINDOWS\system32\winresume.exe
2022-01-12 13:40:02 ----A---- C:\WINDOWS\system32\winload.exe
2022-01-12 13:40:02 ----A---- C:\WINDOWS\system32\trkwks.dll
2022-01-12 13:40:02 ----A---- C:\WINDOWS\system32\es.dll
2022-01-12 13:40:02 ----A---- C:\WINDOWS\system32\dwmcore.dll
2022-01-12 13:40:02 ----A---- C:\WINDOWS\system32\comsvcs.dll
2022-01-12 13:40:02 ----A---- C:\WINDOWS\system32\CertPolEng.dll
2022-01-12 13:40:01 ----A---- C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2022-01-12 13:40:01 ----A---- C:\WINDOWS\system32\uReFS.dll
2022-01-12 13:40:01 ----A---- C:\WINDOWS\system32\shacct.dll
2022-01-12 13:40:01 ----A---- C:\WINDOWS\system32\refsutil.exe
2022-01-12 13:40:01 ----A---- C:\WINDOWS\system32\PasswordEnrollmentManager.dll
2022-01-12 13:40:01 ----A---- C:\WINDOWS\system32\drivers\refsv1.sys
2022-01-12 13:40:01 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2022-01-12 13:40:01 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2022-01-12 13:40:01 ----A---- C:\WINDOWS\system32\ApplicationFrame.dll
2022-01-12 13:40:00 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2022-01-12 13:40:00 ----A---- C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2022-01-12 13:40:00 ----A---- C:\WINDOWS\system32\SettingsHandlers_User.dll
2022-01-12 13:40:00 ----A---- C:\WINDOWS\system32\netapi32.dll
2022-01-12 13:40:00 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2022-01-12 13:40:00 ----A---- C:\WINDOWS\system32\drivers\bindflt.sys
2022-01-12 13:40:00 ----A---- C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2022-01-12 13:40:00 ----A---- C:\WINDOWS\system32\bindfltapi.dll
2022-01-12 13:39:59 ----A---- C:\WINDOWS\system32\wpnapps.dll
2022-01-12 13:39:59 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2022-01-12 13:39:59 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2022-01-12 13:39:59 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2022-01-12 13:39:59 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2022-01-12 13:39:59 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2022-01-12 13:39:59 ----A---- C:\WINDOWS\system32\win32u.dll
2022-01-12 13:39:59 ----A---- C:\WINDOWS\system32\win32kfull.sys
2022-01-12 13:39:59 ----A---- C:\WINDOWS\system32\win32k.sys
2022-01-12 13:39:59 ----A---- C:\WINDOWS\system32\StateRepository.Core.dll
2022-01-12 13:39:59 ----A---- C:\WINDOWS\system32\kerberos.dll
2022-01-12 13:39:59 ----A---- C:\WINDOWS\system32\KerbClientShared.dll
2022-01-12 13:39:58 ----A---- C:\WINDOWS\system32\wintrust.dll
2022-01-12 13:39:58 ----A---- C:\WINDOWS\system32\Windows.StateRepository.dll
2022-01-12 13:39:58 ----A---- C:\WINDOWS\system32\profext.dll
2022-01-12 13:39:57 ----A---- C:\WINDOWS\system32\windows.storage.dll
2022-01-12 13:39:57 ----A---- C:\WINDOWS\system32\win32kbase.sys
2022-01-12 13:39:57 ----A---- C:\WINDOWS\system32\TileDataRepository.dll
2022-01-12 13:39:57 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2022-01-12 13:39:57 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2022-01-12 13:39:57 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2022-01-12 13:39:57 ----A---- C:\WINDOWS\system32\cdd.dll
2022-01-12 13:39:56 ----A---- C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2022-01-12 13:39:56 ----A---- C:\WINDOWS\system32\Windows.AccountsControl.dll
2022-01-12 13:39:56 ----A---- C:\WINDOWS\system32\negoexts.dll
2022-01-12 13:39:56 ----A---- C:\WINDOWS\system32\cloudAP.dll
2022-01-12 13:39:56 ----A---- C:\WINDOWS\system32\CertEnroll.dll
2022-01-12 13:39:56 ----A---- C:\WINDOWS\system32\certcli.dll
2022-01-12 13:39:56 ----A---- C:\WINDOWS\system32\certca.dll
2022-01-12 13:39:55 ----A---- C:\WINDOWS\system32\Windows.System.Launcher.dll
2022-01-12 13:39:55 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2022-01-12 13:39:55 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2022-01-12 13:39:55 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2022-01-12 13:39:55 ----A---- C:\WINDOWS\system32\AppContracts.dll
2022-01-12 13:39:54 ----A---- C:\WINDOWS\system32\winlogonext.dll
2022-01-12 13:39:54 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2022-01-12 13:39:54 ----A---- C:\WINDOWS\system32\usercpl.dll
2022-01-12 13:39:54 ----A---- C:\WINDOWS\system32\ShareHost.dll
2022-01-12 13:39:54 ----A---- C:\WINDOWS\system32\netplwiz.dll
2022-01-12 13:39:54 ----A---- C:\WINDOWS\system32\kernel32.dll
2022-01-12 13:39:54 ----A---- C:\WINDOWS\system32\cdpsvc.dll
2022-01-12 13:39:54 ----A---- C:\WINDOWS\system32\authui.dll
2022-01-12 13:39:53 ----A---- C:\WINDOWS\system32\wscsvc.dll
2022-01-12 13:39:53 ----A---- C:\WINDOWS\system32\wscproxystub.dll
2022-01-12 13:39:53 ----A---- C:\WINDOWS\system32\wscisvif.dll
2022-01-12 13:39:53 ----A---- C:\WINDOWS\system32\wscapi.dll
2022-01-12 13:39:53 ----A---- C:\WINDOWS\system32\wscadminui.exe
2022-01-12 13:39:53 ----A---- C:\WINDOWS\system32\twinui.dll
2022-01-12 13:39:53 ----A---- C:\WINDOWS\system32\TaskFlowDataEngine.dll
2022-01-12 13:39:53 ----A---- C:\WINDOWS\system32\ptpprov.dll
2022-01-12 13:39:53 ----A---- C:\WINDOWS\system32\PinEnrollmentHelper.dll
2022-01-12 13:39:53 ----A---- C:\WINDOWS\system32\ManageCI.dll
2022-01-12 13:39:53 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2022-01-12 13:39:53 ----A---- C:\WINDOWS\system32\kdcpw.dll
2022-01-12 13:39:53 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2022-01-12 13:39:53 ----A---- C:\WINDOWS\system32\deviceregistration.dll
2022-01-12 13:39:53 ----A---- C:\WINDOWS\system32\browcli.dll
2022-01-12 13:39:53 ----A---- C:\WINDOWS\system32\agentactivationruntimewindows.dll
2022-01-12 13:39:53 ----A---- C:\WINDOWS\system32\advapi32.dll
2022-01-12 13:39:52 ----A---- C:\WINDOWS\system32\vmbuspipe.dll
2022-01-12 13:39:52 ----A---- C:\WINDOWS\system32\SpeechPal.dll
2022-01-12 13:39:52 ----A---- C:\WINDOWS\system32\drivers\vmbus.sys
2022-01-12 13:39:52 ----A---- C:\WINDOWS\system32\drivers\Vid.sys
2022-01-12 13:39:52 ----A---- C:\WINDOWS\system32\drivers\netvsc.sys
2022-01-12 13:39:51 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2022-01-12 13:39:51 ----A---- C:\WINDOWS\system32\drivers\spacedump.sys

======List of files/folders modified in the last 1 month======

2022-01-24 12:01:54 ----DC---- C:\Program Files\trend micro
2022-01-24 11:53:41 ----D---- C:\WINDOWS\Temp
2022-01-24 11:48:01 ----D---- C:\WINDOWS\system32\sru
2022-01-24 11:24:03 ----D---- C:\WINDOWS\Prefetch
2022-01-24 11:05:45 ----DC---- C:\Program Files (x86)\Google
2022-01-24 09:50:22 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2022-01-24 09:20:40 ----D---- C:\ProgramData\firebird
2022-01-24 09:11:54 ----D---- C:\WINDOWS\system32\NDF
2022-01-24 09:10:29 ----D---- C:\WINDOWS\system32\config
2022-01-24 09:07:27 ----D---- C:\WINDOWS\WinSxS
2022-01-24 09:06:45 ----RD---- C:\WINDOWS\Microsoft.NET
2022-01-24 06:44:52 ----D---- C:\WINDOWS\AppReadiness
2022-01-24 06:44:38 ----HD---- C:\Program Files\WindowsApps
2022-01-24 06:17:16 ----ADC---- C:\Program Files\CCleaner
2022-01-24 05:44:09 ----D---- C:\WINDOWS\system32\SleepStudy
2022-01-21 13:54:57 ----D---- C:\WINDOWS\System32
2022-01-21 13:54:57 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2022-01-21 13:54:56 ----D---- C:\WINDOWS\INF
2022-01-21 13:50:55 ----DC---- C:\Program Files (x86)\Mozilla Maintenance Service
2022-01-21 13:50:53 ----RD---- C:\Program Files (x86)
2022-01-21 13:47:40 ----D---- C:\WINDOWS\ServiceState
2022-01-21 13:47:39 ----ASH---- C:\DumpStack.log.tmp
2022-01-21 13:47:17 ----D---- C:\WINDOWS\system32\catroot2
2022-01-21 13:47:09 ----D---- C:\WINDOWS\SysWOW64
2022-01-21 13:47:09 ----D---- C:\WINDOWS\bcastdvr
2022-01-21 13:47:09 ----D---- C:\Windows
2022-01-21 13:47:08 ----D---- C:\WINDOWS\system32\DriverStore
2022-01-21 13:47:08 ----D---- C:\WINDOWS\system32\drivers
2022-01-21 11:08:05 ----D---- C:\ProgramData\tmp
2022-01-21 11:08:02 ----D---- C:\ProgramData\hps
2022-01-20 13:17:37 ----DC---- C:\Stavitel
2022-01-18 09:09:58 ----D---- C:\WINDOWS\CbsTemp
2022-01-18 08:50:18 ----SHD---- C:\System Volume Information
2022-01-18 08:21:49 ----A---- C:\WINDOWS\storelibdebug.txt
2022-01-17 08:58:24 ----D---- C:\WINDOWS\system32\LogFiles
2022-01-17 08:57:28 ----D---- C:\WINDOWS\SYSWOW64\wbem
2022-01-17 08:57:28 ----D---- C:\WINDOWS\SYSWOW64\Dism
2022-01-17 08:57:28 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2022-01-17 08:57:27 ----SD---- C:\WINDOWS\system32\DiagSvcs
2022-01-17 08:57:27 ----D---- C:\WINDOWS\SystemResources
2022-01-17 08:57:27 ----D---- C:\WINDOWS\system32\setup
2022-01-17 08:57:27 ----D---- C:\WINDOWS\system32\oobe
2022-01-17 08:57:27 ----D---- C:\WINDOWS\system32\migration
2022-01-17 08:57:27 ----D---- C:\WINDOWS\system32\en-US
2022-01-17 08:57:27 ----D---- C:\WINDOWS\system32\Dism
2022-01-17 08:57:27 ----D---- C:\WINDOWS\system32\cs-CZ
2022-01-17 08:57:27 ----D---- C:\WINDOWS\system32\Boot
2022-01-17 08:57:25 ----D---- C:\WINDOWS\system32\CodeIntegrity
2022-01-17 08:56:31 ----SHD---- C:\WINDOWS\Installer
2022-01-17 08:56:30 ----SHDC---- C:\Config.Msi
2022-01-17 08:56:06 ----D---- C:\WINDOWS\system32\Tasks
2022-01-12 13:18:26 ----DC---- C:\WINDOWS\system32\MRT
2022-01-12 13:18:20 ----AC---- C:\WINDOWS\system32\MRT.exe
2022-01-12 09:41:24 ----D---- C:\WINDOWS\Logs

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2021-06-10 57168]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2021-07-16 41984]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2019-12-07 78136]
R1 CimFS;CimFS; C:\WINDOWS\system32\drivers\CimFS.sys [2021-10-01 98304]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2019-12-07 59392]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2019-12-07 8704]
R1 HWiNFO;HWiNFO Kernel Driver; \??\C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [2019-04-05 66336]
R2 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2022-01-12 149320]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2021-10-29 496640]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2021-01-22 53248]
R3 ACPIVPC;@oem58.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2021-07-26 44024]
R3 amdgpio2;@oem62.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys [2020-03-16 46344]
R3 amdi2c;@oem90.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys [2020-04-13 64816]
R3 amdkmdag;amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\u0358356.inf_amd64_894c3b4bc882c059\B358199\amdkmdag.sys [2020-08-26 71107088]
R3 AtiHDAudioService;@oem31.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT6.sys [2021-08-03 246200]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2021-12-03 113664]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2021-01-22 106496]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2019-12-07 133632]
R3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2021-12-03 1559552]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2021-12-03 110592]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2019-12-07 66576]
R3 ETD;@oem68.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\System32\drivers\ETD.sys [2020-05-13 743872]
R3 ETDHCF;@oem120.inf,%ETDHCF.SVCDESC%;ELAN HID Class Filter Service; C:\WINDOWS\System32\drivers\ETDHCF.sys [2020-03-29 30144]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2021-07-27 6515264]
R3 iwdbus;@oem53.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-12-01 38896]
R3 MpKsl077f0b4c;MpKsl077f0b4c; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{70203ACA-9566-4783-8FCB-BB75B223612C}\MpKslDrv.sys [2022-01-24 134376]
R3 MsQuic;@%SystemRoot%\system32\drivers\msquic.sys,-1; C:\WINDOWS\system32\drivers\msquic.sys [2021-01-22 322376]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2019-12-07 213504]
R3 RtkBtFilter;@oem16.inf,%BtFilt.SvcDesc%;Realtek Bluetooth Filter Driver; C:\WINDOWS\System32\drivers\RtkBtfilter.sys [2021-09-04 802264]
R3 RTWlanE;@oem74.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\WINDOWS\System32\drivers\rtwlane.sys [2020-04-29 11549792]
S0 amdpsp;@oem83.inf,%amdpsp.SVCDESC%;AMD PSP Service; C:\WINDOWS\System32\drivers\amdpsp.sys [2020-03-24 135184]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2019-12-07 43832]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2019-12-07 319800]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2019-12-07 884752]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2019-12-07 172344]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2019-12-07 124216]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2019-12-07 135992]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2019-12-07 81720]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2019-12-07 105480]
S0 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2019-12-07 168464]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2019-12-07 58680]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2019-12-07 68408]
S0 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2019-12-07 138040]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2019-12-07 42296]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2019-12-07 158736]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2019-12-07 23040]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2019-12-07 415232]
S3 AppleLowerFilter;@oem11.inf,%AppleLowerFilterDisplayName%;Apple Lower Filter Driver; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [2020-10-09 35976]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2021-12-03 18432]
S3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2019-12-07 279040]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2021-12-03 45568]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2019-12-07 44032]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys [2019-12-07 23040]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2019-12-07 55824]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2019-12-07 66560]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2021-09-13 95056]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2019-12-07 30208]
S3 CH341SER_A64;CH341SER_A64; C:\WINDOWS\System32\Drivers\CH341S64.SYS [2019-03-04 69016]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2019-12-07 1853752]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2019-12-07 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2019-12-07 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2019-12-07 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2019-12-07 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2019-12-07 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2019-12-07 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2019-12-07 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2019-12-07 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2019-12-07 177152]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2019-12-07 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2019-12-07 558904]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2021-01-22 47104]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel(R) Dynamic Device Peak Power Manager Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2019-12-07 30720]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2019-12-07 59704]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2019-12-07 537608]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2019-12-07 64016]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2021-07-09 391168]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-12-07 65024]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2019-12-07 1131320]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2019-12-07 146232]
S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys [2019-12-07 72720]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2021-12-03 214528]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2022-01-12 130360]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2019-12-07 17408]
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2019-12-07 27136]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2022-01-12 990536]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2019-12-07 115712]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2019-12-07 35128]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2019-12-07 35128]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2021-11-17 169728]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\u0358356.inf_amd64_894c3b4bc882c059\B358199\atiesrxx.exe [2020-08-26 537624]
R2 AviraOptimizerHost;Avira Optimizer Host; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2020-06-03 2988544]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
R2 CDPUserSvc_a2657;Uživatelská služba platformy připojených zařízení_a2657; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2021-01-22 57360]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
R2 DolbyDAXAPI;@oem7.inf,%ServiceDisplayName%;Dolby DAX API Service; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_0222c12a396c055f\DAX3API.exe [2021-01-04 2301912]
R2 DSAService;Intel(R) Driver & Support Assistant; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [2021-12-08 39352]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2021-01-22 57360]
R2 ETDService;ELAN Service; C:\WINDOWS\System32\ETDService.exe [2020-05-13 254912]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2018-09-05 670816]
R2 FMAPOService;Fortemedia APO Control Service; C:\WINDOWS\System32\FMService64.exe [2021-08-05 387872]
R2 HPJumpStartBridge;HP JumpStart Bridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [2017-05-23 471040]
R2 HPPrintScanDoctorService;HP Print Scan Doctor Service; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [2021-05-20 288360]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2020-08-20 379736]
R2 ibtsiva;Intel Bluetooth Service; C:\WINDOWS\System32\ibtsiva []
R2 ImControllerService;@oem84.inf,%ImcSvcDisplayName%;System Interface Foundation Service; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2021-11-07 83200]
R2 LenovoVantageService;LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\LenovoVantageService.exe [2021-12-14 31016]
R2 OneSyncSvc_a2657;Hostitel synchronizace_a2657; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
R2 RalinkRegistryWriter;RalinkRegistryWriter; C:\Program Files (x86)\Tenda\Common\RaRegistry.exe [2011-03-31 375872]
R2 RalinkRegistryWriter64;RalinkRegistryWriter64; C:\Program Files (x86)\Tenda\Common\RaRegistry64.exe [2011-03-31 454208]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2018-09-05 170592]
R2 RtkAudioUniversalService;Realtek Audio Universal Service; C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_11f809ac26966b9b\RtkAudUService64.exe [2021-08-12 1274712]
R2 RtkBtManServ;@oem16.inf,%RtkBtManServ.SvcDesc%;Realtek Bluetooth Device Manager Service; C:\WINDOWS\RtkBtManServ.exe [2021-09-04 781280]
R3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
R3 BluetoothUserService_a2657;Služba pro podporu uživatelů Bluetooth_a2657; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
R3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
R3 cbdhsvc_a2657;Uživatelská služba schránky_a2657; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
R3 DevicePickerUserSvc_a2657;DevicePicker_a2657; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
R3 DevicesFlowUserSvc_a2657;Tok zařízení_a2657; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
R3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
R3 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2021-01-22 57360]
R3 DSAUpdateService;Intel(R) Driver & Support Assistant Updater; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [2021-12-08 177080]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2021-01-22 57360]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2021-01-22 57360]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2021-01-22 57360]
R3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2021-01-22 57360]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
R3 PimIndexMaintenanceSvc_a2657;Data kontaktů_a2657; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
R3 PrintWorkflowUserSvc_a2657;PrintWorkflow_a2657; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2021-01-22 57360]
R3 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2021-10-01 986032]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
S2 edgeupdate;Služba Microsoft Edge Update (edgeupdate); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-08-18 224160]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-30 153752]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2021-01-22 57360]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
S3 AarSvc_a2657;Agent Activation Runtime_a2657; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
S3 BcastDVRUserService_a2657;Uživatelská služba pro GameDVR a vysílání her_a2657; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
S3 CaptureService_a2657;CaptureService_a2657; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2021-01-22 57360]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
S3 ConsentUxUserSvc_a2657;ConsentUX_a2657; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2021-09-13 382696]
S3 CredentialEnrollmentManagerUserSvc_a2657;CredentialEnrollmentManagerUserSvc_a2657; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2021-09-13 382696]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
S3 DeviceAssociationBrokerSvc_a2657;DeviceAssociationBroker_a2657; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2022-01-12 94208]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2021-01-22 57360]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
S3 edgeupdatem;Služba Microsoft Edge Update (edgeupdatem); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-08-18 224160]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2021-01-22 57360]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2021-01-22 57360]
S3 GoogleChromeElevationService;Google Chrome Elevation Service (GoogleChromeElevationService); C:\Program Files (x86)\Google\Chrome\Application\97.0.4692.99\elevation_service.exe [2022-01-19 1470296]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2021-01-22 57360]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-30 153752]
S3 hpqcaslwmiex;HP CASL Framework Service; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [2016-06-03 1031704]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
S3 Intel(R) SUR QC SAM;Intel(R) SUR QC Software Asset Manager; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2021-07-21 3075936]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2021-01-22 57360]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
S3 MessagingService_a2657;Služba zasílání zpráv_a2657; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
S3 MicrosoftEdgeElevationService;Microsoft Edge Elevation Service (MicrosoftEdgeElevationService); C:\Program Files (x86)\Microsoft\Edge\Application\97.0.1072.69\elevation_service.exe [2022-01-20 1610128]
S3 MixedRealityOpenXRSvc;@%SystemRoot%\system32\MixedRealityRuntime.dll,-101; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2022-01-17 243128]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2018-09-05 310880]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-06-14 161472]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2021-01-22 106496]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2021-01-22 57360]
S3 RaMediaServer;RaMediaServer; C:\Program Files (x86)\Tenda\Common\RaMediaServer.exe [2011-03-04 621632]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2021-01-22 57360]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2021-01-22 1265152]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2021-01-22 57360]

-----------------EOF-----------------
:oops:

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o kontrolu. Moc děkuji!

#2 Příspěvek od Diallix »

Dobry den.

:arrow: Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

gastrotop
Návštěvník
Návštěvník
Příspěvky: 141
Registrován: 16 zář 2006 15:40

Re: Prosím o kontrolu. Moc děkuji!

#3 Příspěvek od gastrotop »

# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2021-12-02.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-27-2022
# Duration: 00:00:22
# OS: Windows 10 Home
# Cleaned: 19
# Awaiting reboot:3
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.HPJumpStartBridge Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{EB0912FF-C311-4E0F-A6B1-420FDD3C295E}
Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP CUSTOMER FEEDBACK
Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Users\DetialStav\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Users\DetialStav\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Windows\System32\config\systemprofile\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Users\DetialStav\AppData\Local\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1
Deleted Preinstalled.LenovoServiceBridge Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1
Deleted Preinstalled.LenovoUpdate Folder C:\Program Files (x86)\LENOVO\SYSTEM UPDATE
Deleted Preinstalled.LenovoUpdate Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{03C6CC92-68F2-4961-9A73-CAECA350BD08}
Deleted Preinstalled.LenovoUpdate Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\TVSU_is1
Needs Reboot Preinstalled.HPJumpStartBridge Folder C:\Program Files (x86)\HP\HP JUMPSTART BRIDGE
Needs Reboot Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS
Needs Reboot Preinstalled.LenovoServiceBridge Folder C:\Users\DetialStav\AppData\Local\PROGRAMS\LENOVO\LENOVO SERVICE BRIDGE


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

***** Reboot Required to Complete *****


***** [ Folders ] *****

Cleaning failed C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS
Cleaning failed C:\Program Files (x86)\HP\HP JUMPSTART BRIDGE
Cleaning failed C:\Users\DetialStav\AppData\Local\PROGRAMS\LENOVO\LENOVO SERVICE BRIDGE

*************************

AdwCleaner[S00].txt - [1242 octets] - [24/04/2018 17:04:43]
AdwCleaner[C00].txt - [1367 octets] - [24/04/2018 17:06:55]
AdwCleaner[S01].txt - [1242 octets] - [09/05/2018 20:38:54]
AdwCleaner[S02].txt - [1242 octets] - [24/05/2018 20:04:41]
AdwCleaner[S03].txt - [1242 octets] - [26/05/2018 17:09:18]
AdwCleaner[S04].txt - [1242 octets] - [01/06/2018 05:04:51]
AdwCleaner[S05].txt - [1242 octets] - [18/06/2018 17:26:26]
AdwCleaner[S06].txt - [1273 octets] - [25/06/2018 16:55:35]
AdwCleaner[C06].txt - [1378 octets] - [25/06/2018 16:55:58]
AdwCleaner[S07].txt - [1242 octets] - [27/06/2018 06:08:08]
AdwCleaner[S08].txt - [1242 octets] - [06/07/2018 07:26:18]
AdwCleaner[S09].txt - [1242 octets] - [21/07/2018 02:36:28]
AdwCleaner[S10].txt - [1242 octets] - [26/08/2018 22:11:32]
AdwCleaner[S11].txt - [2043 octets] - [09/09/2018 21:47:16]
AdwCleaner[S12].txt - [1230 octets] - [02/10/2018 19:54:16]
AdwCleaner[S13].txt - [1230 octets] - [10/10/2018 21:28:02]
AdwCleaner[S14].txt - [1230 octets] - [10/10/2018 21:28:42]
AdwCleaner[S15].txt - [1242 octets] - [07/11/2018 17:26:01]
AdwCleaner[S16].txt - [1230 octets] - [05/02/2019 14:54:36]
AdwCleaner[S17].txt - [1230 octets] - [05/02/2019 14:56:22]
AdwCleaner[S18].txt - [2470 octets] - [12/02/2019 10:05:40]
AdwCleaner[C18].txt - [2656 octets] - [12/02/2019 10:06:03]
AdwCleaner[S19].txt - [1230 octets] - [19/02/2019 22:05:45]
AdwCleaner[C19].txt - [1355 octets] - [19/02/2019 22:06:18]
AdwCleaner[S20].txt - [1230 octets] - [24/02/2019 22:37:25]
AdwCleaner[S21].txt - [1230 octets] - [14/03/2019 07:55:21]
AdwCleaner[S22].txt - [1242 octets] - [17/03/2019 21:32:39]
AdwCleaner[S23].txt - [3236 octets] - [07/04/2019 00:05:53]
AdwCleaner[C23].txt - [3015 octets] - [07/04/2019 00:07:07]
AdwCleaner[S24].txt - [2398 octets] - [07/04/2019 00:18:53]
AdwCleaner[S25].txt - [2465 octets] - [07/04/2019 12:05:36]
AdwCleaner[C25].txt - [2354 octets] - [07/04/2019 12:05:48]
AdwCleaner[S26].txt - [3245 octets] - [08/04/2019 13:50:41]
AdwCleaner[C26].txt - [3411 octets] - [08/04/2019 13:50:53]
AdwCleaner[S27].txt - [3324 octets] - [14/04/2019 18:25:35]
AdwCleaner[S28].txt - [3385 octets] - [28/04/2019 09:34:34]
AdwCleaner[S29].txt - [3446 octets] - [15/05/2019 08:13:46]
AdwCleaner[S30].txt - [3507 octets] - [19/05/2019 16:42:58]
AdwCleaner[S31].txt - [3568 octets] - [23/05/2019 16:44:07]
AdwCleaner[S32].txt - [3629 octets] - [26/05/2019 15:17:16]
AdwCleaner[S33].txt - [3690 octets] - [29/05/2019 11:35:07]
AdwCleaner[S34].txt - [3751 octets] - [14/10/2019 05:23:57]
AdwCleaner[S35].txt - [3812 octets] - [28/01/2020 13:45:26]
AdwCleaner[S36].txt - [3873 octets] - [16/09/2020 13:13:28]
AdwCleaner[S37].txt - [3934 octets] - [15/01/2021 09:50:40]
AdwCleaner[S38].txt - [5812 octets] - [15/03/2021 13:40:06]
AdwCleaner[S39].txt - [4056 octets] - [15/07/2021 06:10:01]
AdwCleaner[S40].txt - [5935 octets] - [06/10/2021 09:33:59]
AdwCleaner[S41].txt - [6413 octets] - [24/01/2022 12:55:33]
AdwCleaner[S42].txt - [6474 octets] - [25/01/2022 14:13:30]
AdwCleaner[S43].txt - [6535 octets] - [27/01/2022 06:15:44]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C43].txt ##########
:oops:

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o kontrolu. Moc děkuji!

#4 Příspěvek od Diallix »

Preskenujte pocitac s FRST - navod tu: https://forum.viry.cz/viewtopic.php?f=24&t=132509, skopirujte FRST.log + Addition log sem.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

gastrotop
Návštěvník
Návštěvník
Příspěvky: 141
Registrován: 16 zář 2006 15:40

Re: Prosím o kontrolu. Moc děkuji!

#5 Příspěvek od gastrotop »

Log v příloze. Moc děkuji!
Addition.zip
(25.06 KiB) Staženo 59 x
Addition.zip
(25.06 KiB) Staženo 59 x
:oops:

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o kontrolu. Moc děkuji!

#6 Příspěvek od Diallix »

Dajte sem, prosím, aj log FRST.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

gastrotop
Návštěvník
Návštěvník
Příspěvky: 141
Registrován: 16 zář 2006 15:40

Re: Prosím o kontrolu. Moc děkuji!

#7 Příspěvek od gastrotop »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-01-2022
Ran by DetialStav (administrator) on DESKTOP-LDKMV3C (LENOVO 81N3) (27-01-2022 12:29:09)
Running from C:\Users\DetialStav\Desktop
Loaded Profiles: DetialStav
Platform: Microsoft Windows 10 Home Version 21H2 19044.1469 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0358356.inf_amd64_894c3b4bc882c059\B358199\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0358356.inf_amd64_894c3b4bc882c059\B358199\atiesrxx.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_13.0.201.0_x86__nzyj5cx40ttqa\iCloud\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_13.0.201.0_x86__nzyj5cx40ttqa\iCloud\APSDaemon.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_13.0.201.0_x86__nzyj5cx40ttqa\iCloud\iCloudDrive.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_13.0.201.0_x86__nzyj5cx40ttqa\iCloud\iCloudPhotos.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_13.0.201.0_x86__nzyj5cx40ttqa\iCloud\iCloudServices.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_13.0.201.0_x86__nzyj5cx40ttqa\iCloud\secd.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(Canon Inc.) C:\Program Files\WindowsApps\34791E63.CanonOfficePrinterUtility_12.7.0.0_x64__6e5tt8cgb93ep\OIPDevApp.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~2.INF\DAX3API.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_0222c12a396c055f\DAX3API.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrlHelper.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDTouch.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spNMHost.exe
(Lenovo (Beijing) Limited -> Lenovo Group Limited) C:\Users\DetialStav\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\Lenovo.Vantage.AddinHost.Amd64.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\Lenovo.Vantage.AddinHost.exe <4>
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\Lenovo.Vantage.AddinHost.x86.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\LenovoVantageService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <14>
(Ralink Technology Corporation -> Ralink Technology, Corp.) C:\Program Files (x86)\Tenda\Common\RaRegistry.exe
(Ralink Technology Corporation -> Ralink Technology, Corp.) C:\Program Files (x86)\Tenda\Common\RaRegistry64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_11f809ac26966b9b\RtkAudUService64.exe <2>
(Tenda Technology, Corp.) [File not signed] C:\Program Files (x86)\Tenda\Common\RaUI.exe
(The Document Foundation -> The Document Foundation) C:\Program Files\LibreOffice\program\scalc.exe
(The Document Foundation -> The Document Foundation) C:\Program Files\LibreOffice\program\soffice.bin
(The Document Foundation -> The Document Foundation) C:\Program Files\LibreOffice\program\soffice.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_11f809ac26966b9b\RtkAudUService64.exe [1274712 2021-08-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [USB Gamepad] => C:\WINDOWS\USB Vibration\7906\USB Gamepad.exe [796784 2008-12-10] (Shen Zhen Dragon Rise Macro Technology Limited Company -> )
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [288184 2021-12-08] (Intel Corporation -> Intel)
HKU\S-1-5-21-696771267-3938895601-123810913-1001\...\Run: [StickyPassword] => C:\Program Files (x86)\Sticky Password\stpass.exe [64672 2019-02-28] (Lamantine Software a.s. -> Lamantine Software a.s.)
HKU\S-1-5-21-696771267-3938895601-123810913-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35373696 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-696771267-3938895601-123810913-1001\...\Run: [MicrosoftEdgeAutoLaunch_0F96C50E422CE382CA230B43EA35C0D0] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKU\S-1-5-21-696771267-3938895601-123810913-1001\...\MountPoints2: {4bbeb490-7ab8-11ec-b637-283926cf663a} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-696771267-3938895601-123810913-1001\...\MountPoints2: {4bbeb49e-7ab8-11ec-b637-283926cf663a} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-696771267-3938895601-123810913-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [809472 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon iP4600 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9A.DLL [27648 2008-04-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\PDF Print Monitor BZ101: C:\Program Files\Common Files\STORMWARE\PDF Printer\Ports\STORMWARE\bzpdf.dll [210944 2013-10-04] (Bullzip) [File not signed]
HKLM\...\Print\Monitors\pdfcmon: C:\WINDOWS\system32\pdfcmon.dll [117248 2018-05-03] (pdfforge GmbH) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\97.0.4692.99\Installer\chrmstp.exe [2022-01-20] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Tenda Wireless Utility.lnk [2017-01-19]
ShortcutTarget: Tenda Wireless Utility.lnk -> C:\Program Files (x86)\Tenda\Common\RaUI.exe (Tenda Technology, Corp.) [File not signed]

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0326CBC0-2171-43B6-94D3-75145F910F2A} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {11023425-93F1-457D-BCD6-9E347C6F450D} - System32\Tasks\CCleanerSkipUAC - DetialStav => C:\Program Files\CCleaner\CCleaner.exe [29442688 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {17FF49B2-1872-4C14-90DA-24FBECDFF2E8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {1B396993-0736-4365-B687-F8D1AE483E5C} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3075936 2021-07-21] (Intel Corporation -> Intel Corporation)
Task: {2005E0DF-E0DE-4795-9370-F96EFC73AA4E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {234E1787-4BC1-4742-97AE-9E2867F5E771} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {39BA82BB-6EF9-43A4-9BE5-8C3EF284D246} - \Lenovo\ImController\TimeBasedEvents\fc2d8dc7-fb89-4ada-bbfc-982166197368 -> No File <==== ATTENTION
Task: {3AF2DDF4-F756-4D5D-A842-56899C1BFBD4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-10-30] (Google Inc -> Google Inc.)
Task: {514FB4F4-B481-4A3C-BE48-6B86BF01041B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {51872596-6DD7-490C-BBB1-4F4479D7FAB2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {54D3BD30-E93F-4114-94AD-FAF5C288643F} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -task -source HPSA (No File)
Task: {5553AB66-77A5-4F86-84A0-8564EAF4FC16} - \Lenovo\ImController\TimeBasedEvents\d6f5effc-5b43-4e79-9246-4dbd8bcfce90 -> No File <==== ATTENTION
Task: {5566F57F-7B29-4F19-AB3F-6D3642FB8326} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5826535F-31D3-4E71-A586-A7BC7C0989B8} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {6085A113-59CB-41A8-97D8-74F006668F63} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-696771267-3938895601-123810913-1001 => C:\Users\DetialStav\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [88408 2021-12-29] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {6B5E9E05-9314-4D78-9306-13D963EFD57E} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\ScheduleEventAction.exe [26408 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
Task: {808EFF55-86D5-42F6-8D72-295EA9220D1F} - System32\Tasks\HPCustParticipation HP DeskJet 3700 series => C:\Program Files\HP\HP DeskJet 3700 series\Bin\HPCustPartic.exe [6439048 2018-04-06] (Hewlett Packard -> HP Inc.)
Task: {80F2C231-C3D7-4827-AEA2-396A991EB822} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe /CM -search R -action INSTALL -includerebootpackages 1,3,4,5 -noicon -noreboot -nolicense -defaultupdate -schtask (No File)
Task: {913D02B1-24A1-47EB-A53E-94D3BAB962E6} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [38504 2021-05-20] (HP Inc. -> HP Inc.)
Task: {919565FA-1D00-48E0-A192-39369ABB4B18} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe /noreport (No File)
Task: {9E5323F9-C70C-4C69-A1F7-557E56D14CC1} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [38504 2021-05-20] (HP Inc. -> HP Inc.)
Task: {A185AEC4-DDC1-4D50-8578-80C59719A74E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-10-30] (Google Inc -> Google Inc.)
Task: {A7079F5D-A5A7-45AB-8442-19BBEDB352E1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A855EC07-AAC8-493E-AE0C-E66840E9F4A7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /taskrestart (No File)
Task: {A9EFF859-6FCD-40A6-849B-21F9C1650BA9} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe (No File)
Task: {AD1AA2F1-B0A4-422F-A506-464515C199FB} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe PendingTask (No File)
Task: {B17C784E-BE1B-400E-A229-CB107076E648} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /L Analysis (No File)
Task: {B6B01B2A-3245-4E6B-9055-3D0EC41F2554} - \Lenovo\ImController\TimeBasedEvents\6facd06b-f494-4dcc-ab07-2ba885e3f244 -> No File <==== ATTENTION
Task: {BD0B5039-46E1-4F47-A252-E98FF0718F31} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {BD473A00-A38C-4B99-8370-ED57E63E9EC1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136304 2021-03-30] (HP Inc. -> HP Inc.)
Task: {C0A524A6-9290-4F83-A596-E1F25D0E2DC4} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\ScheduleEventAction.exe [26408 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
Task: {C452C7F5-0FDB-4620-BB1B-43C9907E5262} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {C5FE9C63-A0CC-44E5-A2B4-175506C9D523} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-12-07] (Piriform Software Ltd -> Piriform)
Task: {C7913291-9D38-4DCF-9BBF-005F8AD1A0C7} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {D5CAA049-B8B4-41DC-BBC8-27AAF7CEE654} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3075936 2021-07-21] (Intel Corporation -> Intel Corporation)
Task: {D5E92B2E-2BDD-475B-ADE9-270440ABD1F4} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {D860AFF6-46E4-42BC-90FC-03B185157D9C} - \Lenovo\ImController\TimeBasedEvents\149dbb88-0110-4c02-89b7-bdc5b5067191 -> No File <==== ATTENTION
Task: {DB90EF65-52D3-4A10-9678-A48161270ED1} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {E1D14EA8-BE4C-41BC-A3D5-6181DC989AC9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {E58607EA-855D-448E-A906-1301B4C00155} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\ScheduleEventAction.exe [26408 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
Task: {E94A59CC-648F-4EF7-8B3F-702F18F4208C} - \Lenovo\ImController\TimeBasedEvents\02163108-9351-47e2-8f3c-4a270fcb0e4c -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1071b511-ef41-4cc6-bf4f-f418c2866057}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{56d71714-1138-406c-8b4f-3222c56a8608}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{a9c9ecf2-5e5e-4ff2-b3bf-97bd847cde90}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{b43acc7d-e586-44c9-94ad-a3b2c51ef408}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{b9dbec15-08a0-4c82-ae36-3da69183e21e}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d48723a2-268e-4633-ab27-494feb8f6efa}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{e5647106-bb82-473b-8284-4a85a2cecd9a}: [DhcpNameServer] 217.168.208.20 217.168.208.21

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\DetialStav\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-27]

FireFox:
========
FF DefaultProfile: co5tb96t.default
FF ProfilePath: C:\Users\DetialStav\AppData\Roaming\Mozilla\Firefox\Profiles\co5tb96t.default [2022-01-27]
FF Homepage: Mozilla\Firefox\Profiles\co5tb96t.default -> www.seznam.cz
FF Notifications: Mozilla\Firefox\Profiles\co5tb96t.default -> hxxps://webmail1.webnode.com; hxxps://www.tectake.cz; hxxps://www.aliexpress.com
FF Extension: (YouTube Video and Audio Downloader) - C:\Users\DetialStav\AppData\Roaming\Mozilla\Firefox\Profiles\co5tb96t.default\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2017-05-23] [Legacy]
FF Extension: (FormApps Extension) - C:\Users\DetialStav\AppData\Roaming\Mozilla\Firefox\Profiles\co5tb96t.default\Extensions\{69F080C9-A1D8-42F8-BD83-3D54D4BC81B3}.xpi [2017-08-21]
FF Extension: (All Fall by MaDonna) - C:\Users\DetialStav\AppData\Roaming\Mozilla\Firefox\Profiles\co5tb96t.default\Extensions\{bcf82491-347b-4ed2-bb41-4c06f37aeb25}.xpi [2021-08-29]
FF Extension: (Sticky Password - správce hesel) - C:\Users\DetialStav\AppData\Roaming\Mozilla\Firefox\Profiles\co5tb96t.default\Extensions\{ecb80162-dfbd-4d91-a8da-17b35ba4707a}.xpi [2021-11-22]
FF Extension: (YouTube Video and Audio Downloader (Dev Edt.)) - C:\Users\DetialStav\AppData\Roaming\Mozilla\Firefox\Profiles\co5tb96t.default\Extensions\{f73df109-8fb4-453e-8373-f59e61ca4da3}.xpi [2022-01-19]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-696771267-3938895601-123810913-1001: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\DetialStav\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-11-15] (RocketLife -> RocketLife, LLP)

Chrome:
=======
CHR Profile: C:\Users\DetialStav\AppData\Local\Google\Chrome\User Data\Default [2021-12-15]
CHR Extension: (Prezentace) - C:\Users\DetialStav\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-09]
CHR Extension: (Dokumenty) - C:\Users\DetialStav\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-09]
CHR Extension: (Disk Google) - C:\Users\DetialStav\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-30]
CHR Extension: (YouTube) - C:\Users\DetialStav\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-30]
CHR Extension: (Tabulky) - C:\Users\DetialStav\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\DetialStav\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-11-09]
CHR Extension: (FormApps Extension) - C:\Users\DetialStav\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2017-11-09]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\DetialStav\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-11-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\DetialStav\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-01-17]
CHR Extension: (Gmail) - C:\Users\DetialStav\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-30]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKU\S-1-5-21-696771267-3938895601-123810913-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2988544 2020-06-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_0222c12a396c055f\DAX3API.exe [2301912 2021-01-04] (Dolby Laboratories, Inc. -> Dolby Laboratories)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [39352 2021-12-08] (Intel Corporation -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [177080 2021-12-08] (Intel Corporation -> Intel)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [387872 2021-08-05] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-05-23] (HP Inc. -> HP Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [288360 2021-05-20] (HP Inc. -> HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\LenovoVantageService.exe [31016 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
R2 RalinkRegistryWriter; C:\Program Files (x86)\Tenda\Common\RaRegistry.exe [375872 2011-03-31] (Ralink Technology Corporation -> Ralink Technology, Corp.)
R2 RalinkRegistryWriter64; C:\Program Files (x86)\Tenda\Common\RaRegistry64.exe [454208 2011-03-31] (Ralink Technology Corporation -> Ralink Technology, Corp.)
S3 RaMediaServer; C:\Program Files (x86)\Tenda\Common\RaMediaServer.exe [621632 2011-03-04] (Ralink Technology Corporation -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 ImControllerService; %SystemRoot%\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [X]
S3 SUService; "C:\Program Files (x86)\Lenovo\System Update\SUService.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 CH341SER_A64; C:\WINDOWS\System32\Drivers\CH341S64.SYS [69016 2019-03-04] (Microsoft Windows Hardware Compatibility Publisher -> www.winchiphead.com)
R1 HWiNFO; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [66336 2019-04-05] (Martin Malik - REALiX -> REALiX(tm))
R3 MpKsl1efdfe97; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7031821C-3A33-48BD-B7DE-353EF2EA0DF0}\MpKslDrv.sys [134376 2022-01-27] (Microsoft Windows -> Microsoft Corporation)
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435432 2021-12-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-16] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-27 06:12 - 2022-01-27 06:12 - 008540344 _____ (Malwarebytes) C:\Users\DetialStav\Desktop\adwcleaner_8.3.1.exe
2022-01-27 06:10 - 2022-01-27 06:10 - 000442114 _____ C:\Users\DetialStav\Downloads\cenik-praha-a-okoli-2022-web.pdf
2022-01-27 06:06 - 2022-01-27 06:07 - 000041077 _____ C:\Users\DetialStav\Downloads\20220126_03_ 171450_975.pdf
2022-01-27 06:06 - 2022-01-27 06:06 - 000077905 _____ C:\Users\DetialStav\Downloads\FA1431018556.pdf
2022-01-27 05:42 - 2022-01-27 05:54 - 000013312 _____ C:\Users\DetialStav\Downloads\Rozpočet elektroinstalace Odolená Voda.xls
2022-01-26 14:14 - 2022-01-26 14:14 - 000001172 ____C C:\Users\DetialStav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\soubory profil-Melnik chodnik.lnk
2022-01-26 14:10 - 2022-01-26 14:10 - 000200626 _____ C:\Users\DetialStav\Downloads\Oznameni o vyberu dodavatele.pdf
2022-01-26 14:05 - 2022-01-26 14:06 - 000199087 _____ C:\Users\DetialStav\Downloads\Oznameni o vysledku vyberoveho rizeni.pdf
2022-01-26 13:14 - 2022-01-27 12:30 - 000028999 ____C C:\Users\DetialStav\Desktop\FRST.txt
2022-01-26 13:08 - 2022-01-26 13:08 - 002311680 _____ (Farbar) C:\Users\DetialStav\Desktop\FRST64.exe
2022-01-26 12:19 - 2022-01-26 12:19 - 000040157 _____ C:\Users\DetialStav\Downloads\7200661(1).pdf
2022-01-26 12:19 - 2022-01-26 12:19 - 000000000 ____C C:\Users\DetialStav\Downloads\7200661.pdf
2022-01-26 08:49 - 2022-01-26 08:49 - 001998007 _____ C:\Users\DetialStav\Downloads\Chodnik 1 rozpocet.pdf
2022-01-26 08:48 - 2022-01-26 08:48 - 001116492 _____ C:\Users\DetialStav\Downloads\priloha_c_4_a_vykaz_vymer_Oprava_chodniku_ul_Pivovarska_a_1_maje.pdf
2022-01-26 08:20 - 2022-01-26 08:20 - 000177405 _____ C:\Users\DetialStav\Downloads\SCAN0002.PDF
2022-01-25 18:29 - 2022-01-25 18:29 - 000422546 _____ C:\Users\DetialStav\Downloads\Prodejní Nabídka NA282200145.pdf
2022-01-25 11:30 - 2022-01-25 11:30 - 002172229 _____ C:\Users\DetialStav\Downloads\Verejne_zakazky_maleho_rozsahu-studijni_prirucka_2020.pdf
2022-01-25 10:27 - 2022-01-25 10:27 - 000918154 _____ C:\Users\DetialStav\Downloads\Prodejní Faktura 6282105212.pdf
2022-01-25 05:57 - 2022-01-25 05:57 - 000222450 _____ C:\Users\DetialStav\Downloads\4390 DAVÍDEK - DKE s.r.o..pdf
2022-01-25 05:44 - 2022-01-25 05:44 - 000255164 _____ C:\Users\DetialStav\Downloads\Výzva.pdf
2022-01-25 05:37 - 2022-01-25 05:37 - 000141429 _____ C:\Users\DetialStav\Downloads\Upomenuti_platby_6344562063.PDF
2022-01-24 11:43 - 2022-01-24 11:43 - 000617099 _____ C:\Users\DetialStav\Downloads\objednávka_deska.pdf
2022-01-24 10:02 - 2022-01-24 10:02 - 006447603 _____ C:\Users\DetialStav\Downloads\1624073374-dekpanel-d.pdf
2022-01-24 09:59 - 2022-01-24 09:59 - 000383240 _____ C:\Users\DetialStav\Downloads\2121439724-dekpanel-d.pdf
2022-01-24 08:46 - 2022-01-24 08:46 - 000621119 _____ C:\Users\DetialStav\Downloads\21526525.pdf
2022-01-24 08:46 - 2022-01-24 08:46 - 000491373 _____ C:\Users\DetialStav\Downloads\Faktura_CZ_21527022.pdf
2022-01-24 08:45 - 2022-01-24 08:45 - 000491795 _____ C:\Users\DetialStav\Downloads\Faktura_CZ_21527502.pdf
2022-01-24 08:42 - 2022-01-24 08:42 - 000655090 _____ C:\Users\DetialStav\Downloads\objednávka Davídek.pdf
2022-01-24 05:54 - 2022-01-24 05:54 - 000079276 _____ C:\Users\DetialStav\Downloads\FA1431018366.pdf
2022-01-21 19:14 - 2022-01-27 06:19 - 000000000 ___DC C:\Program Files (x86)\Mozilla Firefox
2022-01-21 09:15 - 2022-01-21 09:15 - 000147594 _____ C:\Users\DetialStav\Downloads\acre-cenik-i-mat-na-real-zel-str-ech-15-10-2021.pdf
2022-01-21 09:15 - 2022-01-21 09:15 - 000139596 _____ C:\Users\DetialStav\Downloads\acre-cenik-ii-mat-na-real-zel-str-ech-15-10-2021.pdf
2022-01-21 08:54 - 2022-01-21 08:54 - 000194211 _____ C:\Users\DetialStav\Downloads\RD Odolená Voda.pdf
2022-01-21 06:12 - 2022-01-21 06:14 - 000000000 ___DC C:\Users\DetialStav\Downloads\Informace o pojisteni vozidla na dalsi obdobi
2022-01-21 06:11 - 2022-01-21 06:11 - 000138459 _____ C:\Users\DetialStav\Downloads\Informace o pojisteni vozidla na dalsi obdobi.zip
2022-01-20 12:47 - 2022-01-20 12:47 - 000436194 _____ C:\Users\DetialStav\Downloads\3210257266.pdf
2022-01-20 12:45 - 2022-01-20 12:46 - 000437162 _____ C:\Users\DetialStav\Downloads\3220078764.pdf
2022-01-20 12:45 - 2022-01-20 12:45 - 000446627 _____ C:\Users\DetialStav\Downloads\AVRA22089402.pdf
2022-01-20 12:17 - 2022-01-20 12:17 - 000445991 _____ C:\Users\DetialStav\Downloads\AVRA21252923.pdf
2022-01-20 08:45 - 2022-01-20 08:45 - 000401140 _____ C:\Users\DetialStav\Downloads\87383291-drarifx4.pdf
2022-01-20 08:45 - 2022-01-20 08:45 - 000277153 _____ C:\Users\DetialStav\Downloads\87383291-2frxsj7m.pdf
2022-01-20 08:44 - 2022-01-20 08:44 - 000656207 _____ C:\Users\DetialStav\Downloads\87383291-98hvjefk.pdf
2022-01-20 08:34 - 2022-01-20 08:34 - 000443961 _____ C:\Users\DetialStav\Downloads\VYZVA K PODANI NABIDEK_podepsana.pdf
2022-01-20 05:54 - 2022-01-20 05:54 - 000143805 _____ C:\Users\DetialStav\Downloads\priloha_991268327_0_6810_22_dopis_ministra.pdf
2022-01-20 05:53 - 2022-01-20 05:53 - 000782119 _____ C:\Users\DetialStav\Downloads\Certifikát od zákazníků Poptávej.cz.pdf
2022-01-18 13:43 - 2022-01-18 13:43 - 002660722 _____ C:\Users\DetialStav\Downloads\pravidla_rugby_rodice.pdf
2022-01-18 13:22 - 2022-01-18 13:22 - 100210688 _____ C:\Users\DetialStav\Downloads\Foto-poškozená střecha.zip
2022-01-18 12:47 - 2022-01-18 12:47 - 000617390 _____ C:\Users\DetialStav\Downloads\Rozpočet obce 2022_schválený.pdf
2022-01-18 12:38 - 2022-01-18 12:38 - 000111534 _____ C:\Users\DetialStav\Downloads\Usnesení ZO 29.9.2021.pdf
2022-01-18 12:37 - 2022-01-18 12:37 - 000062597 _____ C:\Users\DetialStav\Downloads\Usneseni RO 25-2021.pdf
2022-01-18 12:36 - 2022-01-18 12:36 - 000068014 _____ C:\Users\DetialStav\Downloads\Usneseni RO 26-2021.pdf
2022-01-18 12:33 - 2022-01-18 12:33 - 000310926 _____ C:\Users\DetialStav\Downloads\Usnesení ZO 21.12.2021.pdf
2022-01-18 12:03 - 2022-01-18 12:03 - 001122175 _____ C:\Users\DetialStav\Downloads\Program dotace podpora sportování_2022.pdf
2022-01-18 11:31 - 2022-01-18 11:31 - 000147486 _____ C:\Users\DetialStav\Downloads\CertifikatTestu.pdf
2022-01-18 11:22 - 2022-01-18 11:22 - 000146246 _____ C:\Users\DetialStav\Downloads\OckovaciCertifikat.pdf
2022-01-18 09:16 - 2022-01-18 09:16 - 000093992 _____ C:\Users\DetialStav\Downloads\RM č. 1, ze dne 06.01.2022.pdf
2022-01-18 09:08 - 2022-01-18 09:08 - 000011905 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-01-18 08:47 - 2022-01-18 08:47 - 000000000 __HDC C:\$WinREAgent
2022-01-18 07:54 - 2022-01-18 07:54 - 000000000 ___DC C:\Users\DetialStav\Desktop\Erika
2022-01-17 11:02 - 2022-01-17 13:57 - 001051275 _____ C:\Users\DetialStav\Downloads\kalkulace_58715.pdf
2022-01-17 08:13 - 2022-01-17 08:13 - 000109055 _____ C:\Users\DetialStav\Downloads\priloha_989359131_0_vyzva_k_zaplaceni_odpovednost_provozovatele.pdf
2022-01-17 08:12 - 2022-01-17 08:12 - 000064591 _____ C:\Users\DetialStav\Downloads\Informace ke skodni udalosti cislo 7948236.pdf
2022-01-17 06:24 - 2022-01-17 06:24 - 000275773 _____ C:\Users\DetialStav\Downloads\1351_220113131659_001.pdf
2022-01-17 06:23 - 2022-01-17 06:23 - 000090126 _____ C:\Users\DetialStav\Downloads\Kralupy nad Vltavou - dopadová plocha.pdf
2022-01-17 06:22 - 2022-01-17 06:22 - 000135283 _____ C:\Users\DetialStav\Downloads\VZ118.pdf
2022-01-17 06:21 - 2022-01-17 06:21 - 000072878 _____ C:\Users\DetialStav\Downloads\invoice_2022002417.pdf
2022-01-17 06:20 - 2022-01-17 06:20 - 000132294 _____ C:\Users\DetialStav\Downloads\Faktura vydaná - Nábytkár-FV2200196.pdf
2022-01-17 06:19 - 2022-01-17 06:19 - 000424485 _____ C:\Users\DetialStav\Downloads\20210618.pdf
2022-01-17 06:18 - 2022-01-17 06:18 - 000237466 _____ C:\Users\DetialStav\Downloads\UPO22000152.pdf
2022-01-17 06:18 - 2022-01-17 06:18 - 000183897 _____ C:\Users\DetialStav\Downloads\Pripomenuti_platby_6344562063.PDF
2022-01-17 05:57 - 2022-01-17 05:57 - 000114176 _____ C:\Users\DetialStav\Downloads\odbaveni.pdf
2022-01-17 05:55 - 2022-01-17 05:55 - 000100560 _____ C:\Users\DetialStav\Downloads\MR Davidek Dominik (ADT).pdf
2022-01-12 16:49 - 2022-01-12 16:49 - 000350414 _____ C:\Users\DetialStav\Downloads\Zadávací podmínky.pdf
2022-01-12 13:40 - 2022-01-12 13:40 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-01-12 13:40 - 2022-01-12 13:40 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-01-12 11:31 - 2022-01-12 11:31 - 000116071 ____C C:\Users\DetialStav\Downloads\vyuctovani-a-zalohy.pdf
2022-01-12 11:30 - 2022-01-12 11:30 - 000072107 ____C C:\Users\DetialStav\Downloads\Faktury a zálohy PRE.pdf
2022-01-12 08:23 - 2022-01-26 13:45 - 000000000 ___DC C:\Users\DetialStav\Desktop\2022
2022-01-11 10:06 - 2022-01-11 10:06 - 000000000 ___DC C:\Users\DetialStav\Downloads\zasilka-TVSJRA5EM9I7JCIV
2022-01-11 09:57 - 2022-01-11 09:58 - 117391964 _____ C:\Users\DetialStav\Downloads\zasilka-TVSJRA5EM9I7JCIV.zip
2022-01-11 09:45 - 2022-01-11 09:45 - 000028133 ____C C:\Users\DetialStav\Downloads\Twilight Saga.avi
2022-01-05 16:19 - 2022-01-05 16:19 - 009132185 _____ C:\Users\DetialStav\Downloads\DRAFT RD ODOLENA VODA.pdf
2022-01-05 09:31 - 2022-01-05 09:31 - 014137540 _____ C:\Users\DetialStav\Downloads\attachments.zip
2022-01-05 09:31 - 2022-01-05 09:31 - 000000000 ___DC C:\Users\DetialStav\Downloads\attachments
2022-01-03 07:38 - 2022-01-03 07:38 - 000457564 _____ C:\Users\DetialStav\Downloads\Mimořádné-opatření-–-omezení-maloobchodního-prodeje-zboží-služeb-a-poskytování-služeb-s-účinností-od-3.-1.-2022.pdf
2022-01-03 07:32 - 2022-01-03 07:32 - 000217731 _____ C:\Users\DetialStav\Downloads\IHOACA8A5PWJ.pdf
2022-01-03 06:17 - 2022-01-03 06:17 - 002961011 _____ C:\Users\DetialStav\Downloads\koncept - RD odolena voda.pdf
2022-01-03 06:17 - 2022-01-03 06:17 - 000895567 _____ C:\Users\DetialStav\Downloads\Staticky posudek - STP_DEM.pdf
2022-01-03 06:12 - 2022-01-03 06:12 - 000121600 _____ C:\Users\DetialStav\Downloads\faktura-2022000855.pdf
2022-01-03 06:01 - 2022-01-03 06:01 - 000062469 _____ C:\Users\DetialStav\Downloads\1153239290277_12_ucet_20211231.pdf
2022-01-03 05:52 - 2022-01-03 05:52 - 000621028 _____ C:\Users\DetialStav\Downloads\Faktura_CZ_21529581.pdf
2022-01-03 05:51 - 2022-01-03 05:51 - 000430185 _____ C:\Users\DetialStav\Downloads\20210827.pdf
2022-01-03 05:51 - 2022-01-03 05:51 - 000018262 _____ C:\Users\DetialStav\Downloads\FV221579.pdf
2022-01-03 05:50 - 2022-01-03 05:50 - 000097223 _____ C:\Users\DetialStav\Downloads\21004742.pdf
2022-01-03 05:49 - 2022-01-03 05:49 - 000120808 _____ C:\Users\DetialStav\Downloads\sken.pdf
2022-01-03 05:47 - 2022-01-03 05:47 - 001179469 _____ C:\Users\DetialStav\Downloads\DKE.pdf
2022-01-03 05:47 - 2022-01-03 05:47 - 000075260 _____ C:\Users\DetialStav\Downloads\Faktura_210100142- DKE-.pdf
2022-01-03 05:41 - 2022-01-03 05:41 - 000663841 _____ C:\Users\DetialStav\Downloads\Faktura_210130091.pdf
2022-01-02 17:13 - 2022-01-02 17:13 - 000070983 ____C C:\Users\DetialStav\Downloads\Faktura 2022-002.pdf
2022-01-02 17:08 - 2022-01-02 17:14 - 000071533 ____C C:\Users\DetialStav\Downloads\Faktura 2022-001_2.pdf
2022-01-02 17:05 - 2022-01-02 17:06 - 000071586 ____C C:\Users\DetialStav\Downloads\Faktura 2022-001.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-27 12:29 - 2018-02-22 19:05 - 000000000 ___DC C:\FRST
2022-01-27 12:18 - 2021-01-22 15:31 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-27 12:05 - 2016-10-30 22:29 - 000000000 ___DC C:\Program Files (x86)\Google
2022-01-27 09:04 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-27 08:48 - 2016-11-17 22:08 - 000000000 ___DC C:\Users\DetialStav\AppData\LocalLow\Mozilla
2022-01-27 07:52 - 2018-05-24 17:38 - 000000000 ____D C:\Users\DetialStav\AppData\Local\D3DSCache
2022-01-27 07:31 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-27 07:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-01-27 06:26 - 2021-01-22 15:41 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-01-27 06:26 - 2019-12-07 15:41 - 000683426 _____ C:\WINDOWS\system32\perfh005.dat
2022-01-27 06:26 - 2019-12-07 15:41 - 000137206 _____ C:\WINDOWS\system32\perfc005.dat
2022-01-27 06:26 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-01-27 06:24 - 2016-10-30 23:30 - 000000000 ___DC C:\Program Files\CCleaner
2022-01-27 06:23 - 2021-12-03 11:18 - 000000000 ___RD C:\Users\DetialStav\iCloudDrive
2022-01-27 06:19 - 2021-01-22 15:45 - 000000006 ___HC C:\WINDOWS\Tasks\SA.DAT
2022-01-27 06:19 - 2021-01-22 15:31 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-27 06:19 - 2020-09-21 12:32 - 000065536 _____ C:\WINDOWS\psp_storage.bin
2022-01-27 06:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-01-27 06:19 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-01-27 06:19 - 2016-10-01 09:57 - 000000000 ___DC C:\Program Files (x86)\Mozilla Maintenance Service
2022-01-27 06:18 - 2021-01-22 15:45 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2022-01-27 06:18 - 2020-09-21 15:43 - 000000000 ____D C:\ProgramData\Lenovo
2022-01-27 06:18 - 2020-09-21 15:43 - 000000000 ____D C:\Program Files (x86)\Lenovo
2022-01-27 06:18 - 2020-09-21 12:24 - 000000000 ____D C:\WINDOWS\Lenovo
2022-01-27 06:18 - 2018-04-08 10:27 - 000000000 ____D C:\Users\DetialStav\AppData\Roaming\Hewlett-Packard
2022-01-27 06:18 - 2018-04-08 10:18 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2022-01-27 06:18 - 2018-04-08 10:17 - 000000000 ____D C:\Users\DetialStav\AppData\Local\Hewlett-Packard
2022-01-27 06:18 - 2018-04-08 10:17 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2022-01-27 06:16 - 2021-10-15 04:47 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-01-27 06:16 - 2016-10-01 09:57 - 000001228 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-01-25 13:10 - 2021-03-29 10:15 - 000000000 ___DC C:\Stavitel
2022-01-25 11:59 - 2019-10-16 14:04 - 000000000 ____D C:\ProgramData\firebird
2022-01-25 06:43 - 2016-10-01 07:07 - 000000000 ___DC C:\Users\DetialStav\Documents\záloha_účetnictví
2022-01-24 12:01 - 2016-11-07 22:32 - 000000000 ___DC C:\Program Files\trend micro
2022-01-24 09:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-01-24 05:48 - 2020-08-18 19:36 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-01-21 13:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-01-21 11:08 - 2018-02-16 07:03 - 000000000 ____D C:\ProgramData\tmp
2022-01-21 11:08 - 2018-02-16 07:03 - 000000000 ____D C:\ProgramData\hps
2022-01-21 06:00 - 2021-01-22 15:45 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-01-21 06:00 - 2021-01-22 15:45 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-01-20 05:56 - 2016-10-30 22:30 - 000002301 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-19 05:42 - 2021-02-11 06:48 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6f0cc3bcd58eb
2022-01-19 05:42 - 2021-01-22 15:45 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-19 05:37 - 2021-01-22 15:45 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-01-18 09:09 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-01-18 08:21 - 2021-10-18 12:23 - 000002380 _____ C:\WINDOWS\storelibdebug.txt
2022-01-17 12:24 - 2020-07-01 19:30 - 000000000 ___DC C:\Users\DetialStav\Desktop\PRACOVNÍ
2022-01-17 10:14 - 2021-11-22 06:10 - 000001657 ____C C:\Users\Public\Desktop\PROFIT.lnk
2022-01-17 10:14 - 2016-10-01 10:00 - 000002693 _____ C:\ProgramData\Microsoft\Windows\Start Menu\PROFIT.lnk
2022-01-17 10:14 - 2016-10-01 10:00 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LPsoft PROFIT
2022-01-17 08:58 - 2021-01-22 15:31 - 000580288 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-01-17 08:57 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-01-17 08:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-01-17 08:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-01-17 08:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-01-17 08:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-01-17 08:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-01-17 08:56 - 2021-01-22 15:45 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-01-17 08:55 - 2021-11-08 07:33 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-01-17 08:55 - 2021-11-08 07:33 - 000002061 ____C C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2022-01-17 05:43 - 2017-11-08 20:44 - 000000000 ____D C:\Users\DetialStav\AppData\Local\PlaceholderTileLogoFolder
2022-01-13 01:07 - 2021-10-07 07:28 - 000064248 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.InfInstaller.exe
2022-01-13 01:06 - 2021-10-07 07:28 - 000109312 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.CoInstaller.dll
2022-01-13 01:06 - 2021-03-14 22:27 - 000431016 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2022-01-13 01:06 - 2021-03-14 22:27 - 000109312 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\WudfUpdate_02000.dll
2022-01-12 13:22 - 2016-10-01 10:38 - 000000000 ___DC C:\WINDOWS\system32\MRT
2022-01-12 13:18 - 2016-10-01 10:38 - 145765912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-01-06 10:04 - 2020-09-21 15:43 - 000000000 ____D C:\Users\DetialStav\AppData\Local\LenovoServiceBridge

==================== Files in the root of some directories ========

2021-01-28 09:07 - 2021-01-28 10:50 - 000016206 _____ () C:\Program Files (x86)\unins000.dat
2021-01-28 10:50 - 2021-01-28 10:50 - 001383755 _____ () C:\Program Files (x86)\unins000.exe
2019-04-07 19:42 - 2019-04-07 19:42 - 000000017 _____ () C:\Users\DetialStav\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
:oops:

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o kontrolu. Moc děkuji!

#8 Příspěvek od Diallix »

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

HKU\S-1-5-21-696771267-3938895601-123810913-1001\...\MountPoints2: {4bbeb490-7ab8-11ec-b637-283926cf663a} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-696771267-3938895601-123810913-1001\...\MountPoints2: {4bbeb49e-7ab8-11ec-b637-283926cf663a} - "D:\HiSuiteDownLoader.exe"
Task: {0326CBC0-2171-43B6-94D3-75145F910F2A} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {17FF49B2-1872-4C14-90DA-24FBECDFF2E8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {234E1787-4BC1-4742-97AE-9E2867F5E771} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {39BA82BB-6EF9-43A4-9BE5-8C3EF284D246} - \Lenovo\ImController\TimeBasedEvents\fc2d8dc7-fb89-4ada-bbfc-982166197368 -> No File <==== ATTENTION
Task: {3AF2DDF4-F756-4D5D-A842-56899C1BFBD4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-10-30] (Google Inc -> Google Inc.)
Task: {51872596-6DD7-490C-BBB1-4F4479D7FAB2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {54D3BD30-E93F-4114-94AD-FAF5C288643F} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -task -source HPSA (No File)
Task: {5553AB66-77A5-4F86-84A0-8564EAF4FC16} - \Lenovo\ImController\TimeBasedEvents\d6f5effc-5b43-4e79-9246-4dbd8bcfce90 -> No File <==== ATTENTION
Task: {5826535F-31D3-4E71-A586-A7BC7C0989B8} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {6085A113-59CB-41A8-97D8-74F006668F63} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-696771267-3938895601-123810913-1001 => C:\Users\DetialStav\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [88408 2021-12-29] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {A9EFF859-6FCD-40A6-849B-21F9C1650BA9} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe (No File)
Task: {AD1AA2F1-B0A4-422F-A506-464515C199FB} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe PendingTask (No File)
Task: {B17C784E-BE1B-400E-A229-CB107076E648} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /L Analysis (No File)
Task: {B6B01B2A-3245-4E6B-9055-3D0EC41F2554} - \Lenovo\ImController\TimeBasedEvents\6facd06b-f494-4dcc-ab07-2ba885e3f244 -> No File <==== ATTENTION
Task: {A185AEC4-DDC1-4D50-8578-80C59719A74E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-10-30] (Google Inc -> Google Inc.)
Task: {D860AFF6-46E4-42BC-90FC-03B185157D9C} - \Lenovo\ImController\TimeBasedEvents\149dbb88-0110-4c02-89b7-bdc5b5067191 -> No File <==== ATTENTION
Task: {E94A59CC-648F-4EF7-8B3F-702F18F4208C} - \Lenovo\ImController\TimeBasedEvents\02163108-9351-47e2-8f3c-4a270fcb0e4c -> No File <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
S2 ImControllerService; %SystemRoot%\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [X]
S3 SUService; "C:\Program Files (x86)\Lenovo\System Update\SUService.exe" [X]
2021-01-28 09:07 - 2021-01-28 10:50 - 000016206 _____ () C:\Program Files (x86)\unins000.dat
2021-01-28 10:50 - 2021-01-28 10:50 - 001383755 _____ () C:\Program Files (x86)\unins000.exe
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
HKU\S-1-5-21-696771267-3938895601-123810913-1001\Software\Classes\.scr: DWGTrueViewScriptFile => C:\WINDOWS\system32\notepad.exe "%1"
FirewallRules: [TCP Query User{808525D5-81F6-4AAB-9BB9-90759C4C9DF9}F:\prof_plus\profit_!!!!!!\profit.exe] => (Allow) F:\prof_plus\profit_!!!!!!\profit.exe => No File
FirewallRules: [UDP Query User{0211D532-6268-443A-8AE0-69EF93D4B691}F:\prof_plus\profit_!!!!!!\profit.exe] => (Allow) F:\prof_plus\profit_!!!!!!\profit.exe => No File
FirewallRules: [TCP Query User{8E79FB2C-C7B0-4D57-9439-0C0A26A1D3F6}E:\profit_usb\prof_plus\profit_!!!!!!\profit.exe] => (Allow) E:\profit_usb\prof_plus\profit_!!!!!!\profit.exe => No File
FirewallRules: [UDP Query User{1FD547E9-E110-49F2-AE25-C2E2429F984E}E:\profit_usb\prof_plus\profit_!!!!!!\profit.exe] => (Allow) E:\profit_usb\prof_plus\profit_!!!!!!\profit.exe => No File
FirewallRules: [{93B08560-BA92-4139-94B6-1749777092D8}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe => No File
FirewallRules: [{A792D579-6361-4179-8356-1F9CDCABD24F}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe => No File

EmptyTemp:

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

gastrotop
Návštěvník
Návštěvník
Příspěvky: 141
Registrován: 16 zář 2006 15:40

Re: Prosím o kontrolu. Moc děkuji!

#9 Příspěvek od gastrotop »

Fix result of Farbar Recovery Scan Tool (x64) Version: 30-01-2022
Ran by DetialStav (31-01-2022 06:15:06) Run:4
Running from C:\Users\DetialStav\Desktop
Loaded Profiles: defaultuser0 & DetialStav
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKU\S-1-5-21-696771267-3938895601-123810913-1001\...\MountPoints2: {4bbeb490-7ab8-11ec-b637-283926cf663a} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-696771267-3938895601-123810913-1001\...\MountPoints2: {4bbeb49e-7ab8-11ec-b637-283926cf663a} - "D:\HiSuiteDownLoader.exe"
Task: {0326CBC0-2171-43B6-94D3-75145F910F2A} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {17FF49B2-1872-4C14-90DA-24FBECDFF2E8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {234E1787-4BC1-4742-97AE-9E2867F5E771} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {39BA82BB-6EF9-43A4-9BE5-8C3EF284D246} - \Lenovo\ImController\TimeBasedEvents\fc2d8dc7-fb89-4ada-bbfc-982166197368 -> No File <==== ATTENTION
Task: {3AF2DDF4-F756-4D5D-A842-56899C1BFBD4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-10-30] (Google Inc -> Google Inc.)
Task: {51872596-6DD7-490C-BBB1-4F4479D7FAB2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {54D3BD30-E93F-4114-94AD-FAF5C288643F} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -task -source HPSA (No File)
Task: {5553AB66-77A5-4F86-84A0-8564EAF4FC16} - \Lenovo\ImController\TimeBasedEvents\d6f5effc-5b43-4e79-9246-4dbd8bcfce90 -> No File <==== ATTENTION
Task: {5826535F-31D3-4E71-A586-A7BC7C0989B8} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {6085A113-59CB-41A8-97D8-74F006668F63} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-696771267-3938895601-123810913-1001 => C:\Users\DetialStav\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [88408 2021-12-29] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {A9EFF859-6FCD-40A6-849B-21F9C1650BA9} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe (No File)
Task: {AD1AA2F1-B0A4-422F-A506-464515C199FB} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe PendingTask (No File)
Task: {B17C784E-BE1B-400E-A229-CB107076E648} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /L Analysis (No File)
Task: {B6B01B2A-3245-4E6B-9055-3D0EC41F2554} - \Lenovo\ImController\TimeBasedEvents\6facd06b-f494-4dcc-ab07-2ba885e3f244 -> No File <==== ATTENTION
Task: {A185AEC4-DDC1-4D50-8578-80C59719A74E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-10-30] (Google Inc -> Google Inc.)
Task: {D860AFF6-46E4-42BC-90FC-03B185157D9C} - \Lenovo\ImController\TimeBasedEvents\149dbb88-0110-4c02-89b7-bdc5b5067191 -> No File <==== ATTENTION
Task: {E94A59CC-648F-4EF7-8B3F-702F18F4208C} - \Lenovo\ImController\TimeBasedEvents\02163108-9351-47e2-8f3c-4a270fcb0e4c -> No File <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
S2 ImControllerService; %SystemRoot%\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [X]
S3 SUService; "C:\Program Files (x86)\Lenovo\System Update\SUService.exe" [X]
2021-01-28 09:07 - 2021-01-28 10:50 - 000016206 _____ () C:\Program Files (x86)\unins000.dat
2021-01-28 10:50 - 2021-01-28 10:50 - 001383755 _____ () C:\Program Files (x86)\unins000.exe
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
HKU\S-1-5-21-696771267-3938895601-123810913-1001\Software\Classes\.scr: DWGTrueViewScriptFile => C:\WINDOWS\system32\notepad.exe "%1"
FirewallRules: [TCP Query User{808525D5-81F6-4AAB-9BB9-90759C4C9DF9}F:\prof_plus\profit_!!!!!!\profit.exe] => (Allow) F:\prof_plus\profit_!!!!!!\profit.exe => No File
FirewallRules: [UDP Query User{0211D532-6268-443A-8AE0-69EF93D4B691}F:\prof_plus\profit_!!!!!!\profit.exe] => (Allow) F:\prof_plus\profit_!!!!!!\profit.exe => No File
FirewallRules: [TCP Query User{8E79FB2C-C7B0-4D57-9439-0C0A26A1D3F6}E:\profit_usb\prof_plus\profit_!!!!!!\profit.exe] => (Allow) E:\profit_usb\prof_plus\profit_!!!!!!\profit.exe => No File
FirewallRules: [UDP Query User{1FD547E9-E110-49F2-AE25-C2E2429F984E}E:\profit_usb\prof_plus\profit_!!!!!!\profit.exe] => (Allow) E:\profit_usb\prof_plus\profit_!!!!!!\profit.exe => No File
FirewallRules: [{93B08560-BA92-4139-94B6-1749777092D8}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe => No File
FirewallRules: [{A792D579-6361-4179-8356-1F9CDCABD24F}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe => No File

EmptyTemp:


*****************

HKU\S-1-5-21-696771267-3938895601-123810913-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4bbeb490-7ab8-11ec-b637-283926cf663a} => removed successfully
HKU\S-1-5-21-696771267-3938895601-123810913-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4bbeb49e-7ab8-11ec-b637-283926cf663a} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0326CBC0-2171-43B6-94D3-75145F910F2A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0326CBC0-2171-43B6-94D3-75145F910F2A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{17FF49B2-1872-4C14-90DA-24FBECDFF2E8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{17FF49B2-1872-4C14-90DA-24FBECDFF2E8}" => removed successfully
C:\WINDOWS\System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{234E1787-4BC1-4742-97AE-9E2867F5E771}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{234E1787-4BC1-4742-97AE-9E2867F5E771}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{39BA82BB-6EF9-43A4-9BE5-8C3EF284D246}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{39BA82BB-6EF9-43A4-9BE5-8C3EF284D246}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\fc2d8dc7-fb89-4ada-bbfc-982166197368" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3AF2DDF4-F756-4D5D-A842-56899C1BFBD4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3AF2DDF4-F756-4D5D-A842-56899C1BFBD4}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{51872596-6DD7-490C-BBB1-4F4479D7FAB2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{51872596-6DD7-490C-BBB1-4F4479D7FAB2}" => removed successfully
C:\WINDOWS\System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{54D3BD30-E93F-4114-94AD-FAF5C288643F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{54D3BD30-E93F-4114-94AD-FAF5C288643F}" => removed successfully
C:\WINDOWS\System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA)" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5553AB66-77A5-4F86-84A0-8564EAF4FC16}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5553AB66-77A5-4F86-84A0-8564EAF4FC16}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\d6f5effc-5b43-4e79-9246-4dbd8bcfce90" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5826535F-31D3-4E71-A586-A7BC7C0989B8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5826535F-31D3-4E71-A586-A7BC7C0989B8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Monitor" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6085A113-59CB-41A8-97D8-74F006668F63}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6085A113-59CB-41A8-97D8-74F006668F63}" => removed successfully
C:\WINDOWS\System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-696771267-3938895601-123810913-1001 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Lenovo Service Bridge\S-1-5-21-696771267-3938895601-123810913-1001" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A9EFF859-6FCD-40A6-849B-21F9C1650BA9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9EFF859-6FCD-40A6-849B-21F9C1650BA9}" => removed successfully
C:\WINDOWS\System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\BatteryGauge\BatteryGaugeMaintenance" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AD1AA2F1-B0A4-422F-A506-464515C199FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AD1AA2F1-B0A4-422F-A506-464515C199FB}" => removed successfully
C:\WINDOWS\System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TVT\TVSUUpdateTask_UserLogOn" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B17C784E-BE1B-400E-A229-CB107076E648}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B17C784E-BE1B-400E-A229-CB107076E648}" => removed successfully
C:\WINDOWS\System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Support Assistant\PC Health Analysis" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B6B01B2A-3245-4E6B-9055-3D0EC41F2554}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B6B01B2A-3245-4E6B-9055-3D0EC41F2554}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\6facd06b-f494-4dcc-ab07-2ba885e3f244" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A185AEC4-DDC1-4D50-8578-80C59719A74E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A185AEC4-DDC1-4D50-8578-80C59719A74E}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D860AFF6-46E4-42BC-90FC-03B185157D9C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D860AFF6-46E4-42BC-90FC-03B185157D9C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\149dbb88-0110-4c02-89b7-bdc5b5067191" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E94A59CC-648F-4EF7-8B3F-702F18F4208C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E94A59CC-648F-4EF7-8B3F-702F18F4208C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\02163108-9351-47e2-8f3c-4a270fcb0e4c" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
HKLM\System\CurrentControlSet\Services\ImControllerService => removed successfully
ImControllerService => service removed successfully
HKLM\System\CurrentControlSet\Services\SUService => removed successfully
SUService => service removed successfully
C:\Program Files (x86)\unins000.dat => moved successfully
C:\Program Files (x86)\unins000.exe => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKU\S-1-5-21-696771267-3938895601-123810913-1001\Software\Classes\DWGTrueViewScriptFile => removed successfully
HKU\S-1-5-21-696771267-3938895601-123810913-1001\Software\Classes\.scr => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{808525D5-81F6-4AAB-9BB9-90759C4C9DF9}F:\prof_plus\profit_!!!!!!\profit.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0211D532-6268-443A-8AE0-69EF93D4B691}F:\prof_plus\profit_!!!!!!\profit.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8E79FB2C-C7B0-4D57-9439-0C0A26A1D3F6}E:\profit_usb\prof_plus\profit_!!!!!!\profit.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1FD547E9-E110-49F2-AE25-C2E2429F984E}E:\profit_usb\prof_plus\profit_!!!!!!\profit.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{93B08560-BA92-4139-94B6-1749777092D8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A792D579-6361-4179-8356-1F9CDCABD24F}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 60215729 B
Java, Flash, Steam htmlcache => 1154 B
Windows/system/drivers => 5250549 B
Edge => 70682 B
Chrome => 164455 B
Firefox => 1383658707 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 48518 B
defaultuser0 => 48518 B
DetialStav => 73819846 B

RecycleBin => 8634010038 B
EmptyTemp: => 9.5 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 06:19:45 ====
:oops:

gastrotop
Návštěvník
Návštěvník
Příspěvky: 141
Registrován: 16 zář 2006 15:40

Re: Prosím o kontrolu. Moc děkuji!

#10 Příspěvek od gastrotop »

Prosím dokončit kontrolu, noťas se chová poněkud divně... občas začne blikat černá obrazovka a naskočí až po restartu.. Děkuji
:oops:

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o kontrolu. Moc děkuji!

#11 Příspěvek od Diallix »

Mohli by ste tu dať nové logy FRST + ADDITION?
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

gastrotop
Návštěvník
Návštěvník
Příspěvky: 141
Registrován: 16 zář 2006 15:40

Re: Prosím o kontrolu. Moc děkuji!

#12 Příspěvek od gastrotop »

Addition (2).zip
(25.43 KiB) Staženo 59 x
:oops:

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o kontrolu. Moc děkuji!

#13 Příspěvek od Diallix »

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

CloseProcesses:
CreateRestorePoint:

C:\users\detialstav\appdata\roaming\microsoft\internet explorer\quick launch\user pinned\taskbar\profit.exe] => (Allow) C:\users\detialstav\appdata\roaming\microsoft\internet explorer\quick launch\user pinned\taskbar\profit.exe
C:\lpsoft

S3 MpKsl919b2231; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9002D2A3-F08A-4B71-8660-B9152A917EFA}\MpKslDrv.sys [X]
Task: {D42A5B64-EB92-482F-B598-7F647E49939E} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_TVSUUpdateTask_Once => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 2 /f /reg:32
Task: {C7913291-9D38-4DCF-9BBF-005F8AD1A0C7} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {A32C4AFE-C9BC-4308-BD7B-F69E2718F0F5} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {919565FA-1D00-48E0-A192-39369ABB4B18} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe /noreport (No File)
Task: {80F2C231-C3D7-4827-AEA2-396A991EB822} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe /CM -search R -action INSTALL -includerebootpackages 1,3,4,5 -noicon -noreboot -nolicense -defaultupdate -schtask (No File)
Task: {6C66B172-C2B1-468F-82A0-2AFCEC28AEAC} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {25661D72-1303-44AE-BDC2-2DA57D8A72F1} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
HKU\S-1-5-21-696771267-3938895601-123810913-1001\...\Run: [MicrosoftEdgeAutoLaunch_0F96C50E422CE382CA230B43EA35C0D0] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
FirewallRules: [TCP Query User{11CA634E-987C-4C87-8B40-D87DE627EC58}C:\users\detialstav\appdata\roaming\microsoft\internet explorer\quick launch\user pinned\taskbar\profit.exe] => (Allow) C:\users\detialstav\appdata\roaming\microsoft\internet explorer\quick launch\user pinned\taskbar\profit.exe () [File not signed]
FirewallRules: [UDP Query User{FD5A2886-5AC0-4F8B-9684-62EC0F47F2E0}C:\users\detialstav\appdata\roaming\microsoft\internet explorer\quick launch\user pinned\taskbar\profit.exe] => (Allow) C:\users\detialstav\appdata\roaming\microsoft\internet explorer\quick launch\user pinned\taskbar\profit.exe () [File not signed]
FirewallRules: [TCP Query User{D4C6B85B-6066-4765-8E99-03F22CF2D2ED}C:\lpsoft\profit\profit.exe] => (Allow) C:\lpsoft\profit\profit.exe () [File not signed]
FirewallRules: [UDP Query User{0BFE4A49-EBC9-4C89-9761-5DC9109D9597}C:\lpsoft\profit\profit.exe] => (Allow) C:\lpsoft\profit\profit.exe () [File not signed]
FirewallRules: [{8E8B6F73-7DE8-4C04-BCEF-74867C507CC2}] => (Allow) LPort=5357
FirewallRules: [UDP Query User{37872462-0E03-4312-86C4-F765F7FFF973}C:\users\detialstav\appdata\roaming\microsoft\internet explorer\quick launch\user pinned\taskbar\profit.exe] => (Block) C:\users\detialstav\appdata\roaming\microsoft\internet explorer\quick launch\user pinned\taskbar\profit.exe () [File not signed]
FirewallRules: [TCP Query User{B93A3BEC-E6D3-43E7-B382-77583405575D}C:\users\detialstav\appdata\roaming\microsoft\internet explorer\quick launch\user pinned\taskbar\profit.exe] => (Block) C:\users\detialstav\appdata\roaming\microsoft\internet explorer\quick launch\user pinned\taskbar\profit.exe () [File not signed]

EmptyTemp:

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

gastrotop
Návštěvník
Návštěvník
Příspěvky: 141
Registrován: 16 zář 2006 15:40

Re: Prosím o kontrolu. Moc děkuji!

#14 Příspěvek od gastrotop »

Fix result of Farbar Recovery Scan Tool (x64) Version: 14-02-2022 01
Ran by DetialStav (16-02-2022 06:15:42) Run:5
Running from C:\Users\DetialStav\Desktop
Loaded Profiles: defaultuser0 & DetialStav
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:

C:\users\detialstav\appdata\roaming\microsoft\internet explorer\quick launch\user pinned\taskbar\profit.exe] => (Allow) C:\users\detialstav\appdata\roaming\microsoft\internet explorer\quick launch\user pinned\taskbar\profit.exe
C:\lpsoft

S3 MpKsl919b2231; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9002D2A3-F08A-4B71-8660-B9152A917EFA}\MpKslDrv.sys [X]
Task: {D42A5B64-EB92-482F-B598-7F647E49939E} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_TVSUUpdateTask_Once => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 2 /f /reg:32
Task: {C7913291-9D38-4DCF-9BBF-005F8AD1A0C7} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {A32C4AFE-C9BC-4308-BD7B-F69E2718F0F5} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {919565FA-1D00-48E0-A192-39369ABB4B18} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe /noreport (No File)
Task: {80F2C231-C3D7-4827-AEA2-396A991EB822} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe /CM -search R -action INSTALL -includerebootpackages 1,3,4,5 -noicon -noreboot -nolicense -defaultupdate -schtask (No File)
Task: {6C66B172-C2B1-468F-82A0-2AFCEC28AEAC} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {25661D72-1303-44AE-BDC2-2DA57D8A72F1} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
HKU\S-1-5-21-696771267-3938895601-123810913-1001\...\Run: [MicrosoftEdgeAutoLaunch_0F96C50E422CE382CA230B43EA35C0D0] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
FirewallRules: [TCP Query User{11CA634E-987C-4C87-8B40-D87DE627EC58}C:\users\detialstav\appdata\roaming\microsoft\internet explorer\quick launch\user pinned\taskbar\profit.exe] => (Allow) C:\users\detialstav\appdata\roaming\microsoft\internet explorer\quick launch\user pinned\taskbar\profit.exe () [File not signed]
FirewallRules: [UDP Query User{FD5A2886-5AC0-4F8B-9684-62EC0F47F2E0}C:\users\detialstav\appdata\roaming\microsoft\internet explorer\quick launch\user pinned\taskbar\profit.exe] => (Allow) C:\users\detialstav\appdata\roaming\microsoft\internet explorer\quick launch\user pinned\taskbar\profit.exe () [File not signed]
FirewallRules: [TCP Query User{D4C6B85B-6066-4765-8E99-03F22CF2D2ED}C:\lpsoft\profit\profit.exe] => (Allow) C:\lpsoft\profit\profit.exe () [File not signed]
FirewallRules: [UDP Query User{0BFE4A49-EBC9-4C89-9761-5DC9109D9597}C:\lpsoft\profit\profit.exe] => (Allow) C:\lpsoft\profit\profit.exe () [File not signed]
FirewallRules: [{8E8B6F73-7DE8-4C04-BCEF-74867C507CC2}] => (Allow) LPort=5357
FirewallRules: [UDP Query User{37872462-0E03-4312-86C4-F765F7FFF973}C:\users\detialstav\appdata\roaming\microsoft\internet explorer\quick launch\user pinned\taskbar\profit.exe] => (Block) C:\users\detialstav\appdata\roaming\microsoft\internet explorer\quick launch\user pinned\taskbar\profit.exe () [File not signed]
FirewallRules: [TCP Query User{B93A3BEC-E6D3-43E7-B382-77583405575D}C:\users\detialstav\appdata\roaming\microsoft\internet explorer\quick launch\user pinned\taskbar\profit.exe] => (Block) C:\users\detialstav\appdata\roaming\microsoft\internet explorer\quick launch\user pinned\taskbar\profit.exe () [File not signed]

EmptyTemp:


*****************

Processes closed successfully.
Restore point was successfully created.
"C:\users\detialstav\appdata\roaming\microsoft\internet explorer\quick launch\user pinned\taskbar\profit.exe] => (Allow) C:\users\detialstav\appdata\roaming\microsoft\internet explorer\quick launch\user pinned\taskbar\profit.exe" => not found
C:\lpsoft => moved successfully
MpKsl919b2231 => service not found.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D42A5B64-EB92-482F-B598-7F647E49939E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D42A5B64-EB92-482F-B598-7F647E49939E}" => removed successfully
C:\WINDOWS\System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_TVSUUpdateTask_Once => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_TVSUUpdateTask_Once" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C7913291-9D38-4DCF-9BBF-005F8AD1A0C7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C7913291-9D38-4DCF-9BBF-005F8AD1A0C7}" => removed successfully
C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A32C4AFE-C9BC-4308-BD7B-F69E2718F0F5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A32C4AFE-C9BC-4308-BD7B-F69E2718F0F5}" => removed successfully
C:\WINDOWS\System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Mozilla\Firefox Default Browser Agent E7CF176E110C211B" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{919565FA-1D00-48E0-A192-39369ABB4B18}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{919565FA-1D00-48E0-A192-39369ABB4B18}" => removed successfully
C:\WINDOWS\System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Support Assistant\Product Configurator" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{80F2C231-C3D7-4827-AEA2-396A991EB822}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{80F2C231-C3D7-4827-AEA2-396A991EB822}" => removed successfully
C:\WINDOWS\System32\Tasks\TVT\TVSUUpdateTask => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TVT\TVSUUpdateTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6C66B172-C2B1-468F-82A0-2AFCEC28AEAC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C66B172-C2B1-468F-82A0-2AFCEC28AEAC}" => removed successfully
C:\WINDOWS\System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{25661D72-1303-44AE-BDC2-2DA57D8A72F1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{25661D72-1303-44AE-BDC2-2DA57D8A72F1}" => removed successfully
C:\WINDOWS\System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Mozilla\Firefox Background Update E7CF176E110C211B" => removed successfully
"HKU\S-1-5-21-696771267-3938895601-123810913-1001\Software\Microsoft\Windows\CurrentVersion\Run\\MicrosoftEdgeAutoLaunch_0F96C50E422CE382CA230B43EA35C0D0" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{11CA634E-987C-4C87-8B40-D87DE627EC58}C:\users\detialstav\appdata\roaming\microsoft\internet explorer\quick launch\user pinned\taskbar\profit.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FD5A2886-5AC0-4F8B-9684-62EC0F47F2E0}C:\users\detialstav\appdata\roaming\microsoft\internet explorer\quick launch\user pinned\taskbar\profit.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D4C6B85B-6066-4765-8E99-03F22CF2D2ED}C:\lpsoft\profit\profit.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0BFE4A49-EBC9-4C89-9761-5DC9109D9597}C:\lpsoft\profit\profit.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8E8B6F73-7DE8-4C04-BCEF-74867C507CC2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{37872462-0E03-4312-86C4-F765F7FFF973}C:\users\detialstav\appdata\roaming\microsoft\internet explorer\quick launch\user pinned\taskbar\profit.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B93A3BEC-E6D3-43E7-B382-77583405575D}C:\users\detialstav\appdata\roaming\microsoft\internet explorer\quick launch\user pinned\taskbar\profit.exe" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 786432 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13788495 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 20829252 B
Edge => 0 B
Chrome => 0 B
Firefox => 1152738712 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 8450 B
defaultuser0 => 8450 B
DetialStav => 54462146 B

RecycleBin => 0 B
EmptyTemp: => 1.2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 06:18:56 ====
:oops:

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o kontrolu. Moc děkuji!

#15 Příspěvek od Diallix »

Ok, poprosím o nové logy FRST a ADDITION.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Zamčeno