Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

prosím o kontrolu děkuji

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
simy13
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 26 kvě 2021 20:35

prosím o kontrolu děkuji

#1 Příspěvek od simy13 »

Logfile of random's system information tool 1.10 (written by random/random)
Run by pc at 2021-05-26 21:29:55
Microsoft Windows 10 Pro
System drive C: has 77 GB (26%) free of 299 GB
Total RAM: 8169 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:30:02, on 26.05.2021
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.19041.0001)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
C:\Program Files\trend micro\pc.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O1 - Hosts: 109.94.209.70 fitgirlrepacks.in # Fake FitGirl site
O1 - Hosts: 109.94.209.70 www.fitgirlrepacks.in # Fake FitGirl site
O1 - Hosts: 109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
O1 - Hosts: 109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirl-repacks.to # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirl-repack.com # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirl-repacks.website # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirlrepack.games # Fake FitGirl site
O1 - Hosts: 109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
O1 - Hosts: 109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
O1 - Hosts: 109.94.209.70 www.fitgirl-repacks.to # Fake FitGirl site
O1 - Hosts: 109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site
O1 - Hosts: 109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site
O1 - Hosts: 109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site
O1 - Hosts: 109.94.209.70 www.fitgirlrepack.games # Fake FitGirl site
O1 - Hosts: 109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirl-repack.net # Fake FitGirl site
O1 - Hosts: 109.94.209.70 www.fitgirl-repack.net # Fake FitGirl site
O1 - Hosts: 109.94.209.70 fitgirlpack.site # Fake FitGirl site
O1 - Hosts: 109.94.209.70 www.fitgirlpack.site # Fake FitGirl site
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\BHO\ie_to_edge_bho.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Avira SystrayStartTrigger] "C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\pc\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Adobe Reader Synchronizer] "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe"
O4 - HKCU\..\Run: [269cb9d1f0c741c63247e1d77e6f3f30] ..
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
O23 - Service: Avira Protected Service (AntivirProtectedService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: Avira Optimizer Host (AviraOptimizerHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
O23 - Service: Avira Phantom VPN (AviraPhantomVPN) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
O23 - Service: Avira Security (AviraSecurity) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
O23 - Service: Avira Updater Service (AviraUpdaterService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_92b8664 - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.77\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Avira Virtual Disk Driver Helper (ImDskSvc) - Unknown owner - C:\WINDOWS\system32\imdsksvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 10423 bytes

======Listing Processes======








C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s DispBrokerDesktopSvc
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s NlaSvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s EventSystem
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Themes

C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s netprofm
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s FontCache
C:\WINDOWS\system32\svchost.exe -k LocalService -p
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\Antivirus\sched.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
C:\WINDOWS\SysWOW64\svchost.exe -k hpdevmgmt -s hpqddsvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s IKEEXT
C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s WpnService
dashost.exe {71e1cdc3-6f7e-4555-a6bea0ca914b9567}
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s SstpSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s WdiServiceHost
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
C:\WINDOWS\SysWOW64\svchost.exe -k hpdevmgmt -s hpqcxs08
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -s RmSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CDPSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s lfsvc
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s LicenseManager



C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UsoSvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s DsSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\System32\svchost.exe -k netsvcs -p
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s AppMgmt
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"fontdrvhost.exe"
"dwm.exe"
sihost.exe
"ctfmon.exe"
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
"C:\Program Files (x86)\Avira\Antivirus\avgnt.exe"
C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wuauserv
"C:\Program Files (x86)\Avira\Antivirus\avguard.exe"
"C:\Program Files (x86)\Avira\Antivirus\avshadow.exe" avshadowcontrol0_000091f4

C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts

C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\AUDIODG.EXE 0x598
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe"

"C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe"
"C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe"
"C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Maintenance.exe" -heartbeat delayed
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe"
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s BITS
"C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe" -ServerName:InputApp.AppX9jnwykgrccxc8by3hsrsh07r423xzvav.mca
"C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe"
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe119_ Global\UsGthrCtrlFltPipeMssGthrPipe119 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 804 808 816 8192 812 788
C:\WINDOWS\servicing\TrustedInstaller.exe
"C:\Users\pc\Downloads\RSITx64.exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\reez1ulx.default-release-1616317886315

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.10]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.11]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.12]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\BHO\ie_to_edge_bho_64.dll [2021-05-20 550808]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\BHO\ie_to_edge_bho.dll [2021-05-20 410008]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2019-12-07 86016]
""= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\pc\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2020-12-08 1938296]
""= []
"Adobe Reader Synchronizer"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [2021-04-27 5536440]
"269cb9d1f0c741c63247e1d77e6f3f30"=.. []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
"Avira SystrayStartTrigger"=C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [2021-04-01 706192]
""= []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcCtnrSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsQuic]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcCtnrSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"shell"=explorer.exe

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"DisallowCpl"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"aux1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave1"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave2"=wdmaud.drv

======File associations======

.inf - install -
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2021-05-26 21:29:56 ----D---- C:\Program Files\trend micro
2021-05-26 21:29:55 ----D---- C:\rsit
2021-05-19 20:35:52 ----D---- C:\Program Files (x86)\Rise of the Tomb Raider
2021-05-19 14:59:09 ----D---- C:\Users\pc\AppData\Roaming\Crystal Dynamics
2021-05-19 14:45:31 ----D---- C:\Users\pc\AppData\Roaming\Rise_Of_TB_Instaler
2021-05-14 16:41:44 ----D---- C:\WINDOWS\Panther
2021-05-14 16:17:41 ----A---- C:\WINDOWS\system32\msrahc.dll
2021-05-14 16:17:40 ----A---- C:\WINDOWS\system32\wbadmin.exe
2021-05-14 16:17:35 ----A---- C:\WINDOWS\system32\WalletService.dll
2021-05-14 16:17:33 ----A---- C:\WINDOWS\SYSWOW64\quickassist.exe
2021-05-14 16:17:33 ----A---- C:\WINDOWS\system32\quickassist.exe
2021-05-14 16:17:32 ----A---- C:\WINDOWS\system32\libcrypto.dll
2021-05-14 16:17:31 ----A---- C:\WINDOWS\SYSWOW64\mfps.dll
2021-05-14 16:17:31 ----A---- C:\WINDOWS\SYSWOW64\mfh264enc.dll
2021-05-14 16:17:31 ----A---- C:\WINDOWS\SYSWOW64\DolbyDecMFT.dll
2021-05-14 16:17:30 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2021-05-14 16:17:30 ----A---- C:\WINDOWS\system32\SettingsHandlers_AnalogShell.dll
2021-05-14 16:17:30 ----A---- C:\WINDOWS\system32\HoloSI.PCShell.dll
2021-05-14 16:17:30 ----A---- C:\WINDOWS\system32\DolbyDecMFT.dll
2021-05-14 16:17:28 ----A---- C:\WINDOWS\system32\Hydrogen.dll
2021-05-14 16:17:27 ----A---- C:\WINDOWS\system32\HologramWorld.dll
2021-05-14 16:17:26 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2021-05-14 16:17:26 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2021-05-14 16:17:26 ----A---- C:\WINDOWS\system32\mfh264enc.dll
2021-05-14 16:17:26 ----A---- C:\WINDOWS\system32\HolographicExtensions.dll
2021-05-14 16:17:25 ----A---- C:\WINDOWS\system32\mfps.dll
2021-05-14 16:17:25 ----A---- C:\WINDOWS\system32\mfcore.dll
2021-05-14 16:17:24 ----A---- C:\WINDOWS\SYSWOW64\Microsoft.Uev.Office2013CustomActions.dll
2021-05-14 16:17:24 ----A---- C:\WINDOWS\SYSWOW64\Microsoft.Uev.AppAgent.dll
2021-05-14 16:17:24 ----A---- C:\WINDOWS\SYSWOW64\KeyboardFilterCore.dll
2021-05-14 16:17:24 ----A---- C:\WINDOWS\SYSWOW64\AppVEntSubsystems32.dll
2021-05-14 16:17:23 ----A---- C:\WINDOWS\system32\uwfcsp.dll
2021-05-14 16:17:23 ----A---- C:\WINDOWS\system32\uwfcfgmgmt.dll
2021-05-14 16:17:23 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2021-05-14 16:17:23 ----A---- C:\WINDOWS\system32\cscsvc.dll
2021-05-14 16:17:22 ----A---- C:\WINDOWS\system32\KeyboardFilterSvc.dll
2021-05-14 16:17:22 ----A---- C:\WINDOWS\system32\KeyboardFilterManager.dll
2021-05-14 16:17:22 ----A---- C:\WINDOWS\system32\KeyboardFilterCore.dll
2021-05-14 16:17:22 ----A---- C:\WINDOWS\system32\CustomShellHost.exe
2021-05-14 16:17:21 ----A---- C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll
2021-05-14 16:17:21 ----A---- C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
2021-05-14 16:17:20 ----A---- C:\WINDOWS\system32\AppVEntSubsystems64.dll
2021-05-14 16:17:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.Mirage.Internal.dll
2021-05-14 16:17:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.Mirage.dll
2021-05-14 16:17:18 ----A---- C:\WINDOWS\SYSWOW64\tsgqec.dll
2021-05-14 16:17:18 ----A---- C:\WINDOWS\SYSWOW64\SessEnv.dll
2021-05-14 16:17:18 ----A---- C:\WINDOWS\SYSWOW64\remotepg.dll
2021-05-14 16:17:18 ----A---- C:\WINDOWS\SYSWOW64\rdvvmtransport.dll
2021-05-14 16:17:18 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2021-05-14 16:17:12 ----A---- C:\WINDOWS\SYSWOW64\wsp_health.dll
2021-05-14 16:17:12 ----A---- C:\WINDOWS\SYSWOW64\wsp_fs.dll
2021-05-14 16:17:12 ----A---- C:\WINDOWS\SYSWOW64\mfsensorgroup.dll
2021-05-14 16:17:11 ----A---- C:\WINDOWS\SYSWOW64\nshwfp.dll
2021-05-14 16:17:11 ----A---- C:\WINDOWS\SYSWOW64\CheckNetIsolation.exe
2021-05-14 16:17:11 ----A---- C:\WINDOWS\SYSWOW64\FrameServerClient.dll
2021-05-14 16:17:10 ----A---- C:\WINDOWS\SYSWOW64\msjet40.dll
2021-05-14 16:17:10 ----A---- C:\WINDOWS\SYSWOW64\iemigplugin.dll
2021-05-14 16:17:10 ----A---- C:\WINDOWS\SYSWOW64\fwcfg.dll
2021-05-14 16:17:10 ----A---- C:\WINDOWS\SYSWOW64\authfwcfg.dll
2021-05-14 16:17:09 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2021-05-14 16:17:09 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2021-05-14 16:17:09 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2021-05-14 16:17:08 ----A---- C:\WINDOWS\SYSWOW64\IndexedDbLegacy.dll
2021-05-14 16:17:07 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2021-05-14 16:17:07 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2021-05-14 16:17:07 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2021-05-14 16:17:05 ----A---- C:\WINDOWS\SYSWOW64\smphost.dll
2021-05-14 16:17:05 ----A---- C:\WINDOWS\SYSWOW64\resutils.dll
2021-05-14 16:17:05 ----A---- C:\WINDOWS\SYSWOW64\nshhttp.dll
2021-05-14 16:17:05 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2021-05-14 16:17:05 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2021-05-14 16:17:05 ----A---- C:\WINDOWS\SYSWOW64\clusapi.dll
2021-05-14 16:17:04 ----A---- C:\WINDOWS\SYSWOW64\storagewmi.dll
2021-05-14 16:17:04 ----A---- C:\WINDOWS\SYSWOW64\mispace.dll
2021-05-14 16:17:03 ----A---- C:\WINDOWS\system32\dsregcmd.exe
2021-05-14 16:17:02 ----A---- C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2021-05-14 16:17:02 ----A---- C:\WINDOWS\system32\vmrdvcore.dll
2021-05-14 16:17:02 ----A---- C:\WINDOWS\system32\Spectrum.exe
2021-05-14 16:17:01 ----A---- C:\WINDOWS\system32\Windows.Mirage.dll
2021-05-14 16:17:01 ----A---- C:\WINDOWS\system32\tsgqec.dll
2021-05-14 16:17:01 ----A---- C:\WINDOWS\system32\termsrv.dll
2021-05-14 16:17:01 ----A---- C:\WINDOWS\system32\SessEnv.dll
2021-05-14 16:17:01 ----A---- C:\WINDOWS\system32\remotepg.dll
2021-05-14 16:17:01 ----A---- C:\WINDOWS\system32\rdvvmtransport.dll
2021-05-14 16:17:01 ----A---- C:\WINDOWS\system32\rdsdwmdr.dll
2021-05-14 16:17:00 ----A---- C:\WINDOWS\system32\mstscax.dll
2021-05-14 16:16:59 ----A---- C:\WINDOWS\system32\wsp_health.dll
2021-05-14 16:16:59 ----A---- C:\WINDOWS\system32\wsp_fs.dll
2021-05-14 16:16:59 ----A---- C:\WINDOWS\system32\mfsensorgroup.dll
2021-05-14 16:16:59 ----A---- C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-05-14 16:16:59 ----A---- C:\WINDOWS\system32\FsIso.exe
2021-05-14 16:16:59 ----A---- C:\WINDOWS\system32\FrameServerClient.dll
2021-05-14 16:16:59 ----A---- C:\WINDOWS\system32\FrameServer.dll
2021-05-14 16:16:58 ----A---- C:\WINDOWS\system32\reseteng.dll
2021-05-14 16:16:58 ----A---- C:\WINDOWS\system32\nshwfp.dll
2021-05-14 16:16:58 ----A---- C:\WINDOWS\system32\iemigplugin.dll
2021-05-14 16:16:58 ----A---- C:\WINDOWS\system32\CheckNetIsolation.exe
2021-05-14 16:16:58 ----A---- C:\WINDOWS\system32\fwcfg.dll
2021-05-14 16:16:58 ----A---- C:\WINDOWS\system32\authfwcfg.dll
2021-05-14 16:16:57 ----A---- C:\WINDOWS\system32\IESettingSync.exe
2021-05-14 16:16:57 ----A---- C:\WINDOWS\system32\ieframe.dll
2021-05-14 16:16:56 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2021-05-14 16:16:56 ----A---- C:\WINDOWS\system32\jscript9.dll
2021-05-14 16:16:55 ----A---- C:\WINDOWS\system32\IndexedDbLegacy.dll
2021-05-14 16:16:55 ----A---- C:\WINDOWS\system32\Chakra.dll
2021-05-14 16:16:54 ----A---- C:\WINDOWS\system32\mshtml.dll
2021-05-14 16:16:53 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2021-05-14 16:16:53 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2021-05-14 16:16:52 ----A---- C:\WINDOWS\system32\jscript.dll
2021-05-14 16:16:52 ----A---- C:\WINDOWS\system32\edgehtml.dll
2021-05-14 16:16:51 ----A---- C:\WINDOWS\system32\storagewmi.dll
2021-05-14 16:16:51 ----A---- C:\WINDOWS\system32\spaceman.exe
2021-05-14 16:16:51 ----A---- C:\WINDOWS\system32\smphost.dll
2021-05-14 16:16:51 ----A---- C:\WINDOWS\system32\nshhttp.dll
2021-05-14 16:16:51 ----A---- C:\WINDOWS\system32\mispace.dll
2021-05-14 16:16:51 ----A---- C:\WINDOWS\system32\drivers\EhStorClass.sys
2021-05-14 16:16:51 ----A---- C:\WINDOWS\system32\DispBroker.Desktop.dll
2021-05-14 16:16:50 ----A---- C:\WINDOWS\system32\Windows.Internal.PlatformExtension.MiracastBannerExperience.dll
2021-05-14 16:16:48 ----A---- C:\WINDOWS\system32\tcbloader.dll
2021-05-14 16:16:48 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2021-05-14 16:16:48 ----A---- C:\WINDOWS\system32\resutils.dll
2021-05-14 16:16:48 ----A---- C:\WINDOWS\system32\kdhvcom.dll
2021-05-14 16:16:48 ----A---- C:\WINDOWS\system32\clusapi.dll
2021-05-14 16:16:48 ----A---- C:\WINDOWS\system32\CIDiag.exe
2021-05-14 16:16:47 ----A---- C:\WINDOWS\system32\ssdpsrv.dll
2021-05-14 16:16:47 ----A---- C:\WINDOWS\system32\ssdpapi.dll
2021-05-14 16:16:47 ----A---- C:\WINDOWS\system32\hvloader.dll
2021-05-14 16:16:47 ----A---- C:\WINDOWS\system32\hvix64.exe
2021-05-14 16:16:47 ----A---- C:\WINDOWS\system32\hvax64.exe
2021-05-14 16:16:47 ----A---- C:\WINDOWS\system32\drivers\hvservice.sys
2021-05-14 16:16:46 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2021-05-14 16:16:46 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2021-05-14 16:16:46 ----A---- C:\WINDOWS\SYSWOW64\rtm.dll
2021-05-14 16:16:46 ----A---- C:\WINDOWS\SYSWOW64\rasapi32.dll
2021-05-14 16:16:46 ----A---- C:\WINDOWS\SYSWOW64\iprtrmgr.dll
2021-05-14 16:16:46 ----A---- C:\WINDOWS\SYSWOW64\iprtprio.dll
2021-05-14 16:16:45 ----A---- C:\WINDOWS\SYSWOW64\mprdim.dll
2021-05-14 16:16:45 ----A---- C:\WINDOWS\SYSWOW64\mprddm.dll
2021-05-14 16:16:45 ----A---- C:\WINDOWS\SYSWOW64\fphc.dll
2021-05-14 16:16:45 ----A---- C:\WINDOWS\SYSWOW64\drvstore.dll
2021-05-14 16:16:44 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2021-05-14 16:16:44 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2021-05-14 16:16:36 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2021-05-14 16:16:36 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2021-05-14 16:16:35 ----A---- C:\WINDOWS\SYSWOW64\winipsec.dll
2021-05-14 16:16:35 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.CredDialogController.dll
2021-05-14 16:16:35 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2021-05-14 16:16:35 ----A---- C:\WINDOWS\SYSWOW64\polstore.dll
2021-05-14 16:16:35 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2021-05-14 16:16:35 ----A---- C:\WINDOWS\SYSWOW64\nshipsec.dll
2021-05-14 16:16:35 ----A---- C:\WINDOWS\SYSWOW64\httpapi.dll
2021-05-14 16:16:35 ----A---- C:\WINDOWS\SYSWOW64\FwRemoteSvr.dll
2021-05-14 16:16:35 ----A---- C:\WINDOWS\SYSWOW64\DMAppsRes.dll
2021-05-14 16:16:35 ----A---- C:\WINDOWS\SYSWOW64\dabapi.dll
2021-05-14 16:16:34 ----A---- C:\WINDOWS\SYSWOW64\wimgapi.dll
2021-05-14 16:16:34 ----A---- C:\WINDOWS\SYSWOW64\uReFS.dll
2021-05-14 16:16:34 ----A---- C:\WINDOWS\SYSWOW64\SndVolSSO.dll
2021-05-14 16:16:34 ----A---- C:\WINDOWS\SYSWOW64\PCShellCommonProxyStub.dll
2021-05-14 16:16:34 ----A---- C:\WINDOWS\SYSWOW64\cldapi.dll
2021-05-14 16:16:32 ----A---- C:\WINDOWS\SYSWOW64\SHCore.dll
2021-05-14 16:16:32 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2021-05-14 16:16:32 ----A---- C:\WINDOWS\SYSWOW64\container.dll
2021-05-14 16:16:32 ----A---- C:\WINDOWS\SYSWOW64\AppResolver.dll
2021-05-14 16:16:31 ----A---- C:\WINDOWS\SYSWOW64\win32u.dll
2021-05-14 16:16:31 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2021-05-14 16:16:31 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2021-05-14 16:16:31 ----A---- C:\WINDOWS\SYSWOW64\ngccredprov.dll
2021-05-14 16:16:31 ----A---- C:\WINDOWS\SYSWOW64\mskeyprotect.dll
2021-05-14 16:16:31 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2021-05-14 16:16:30 ----A---- C:\WINDOWS\SYSWOW64\wfapigp.dll
2021-05-14 16:16:30 ----A---- C:\WINDOWS\SYSWOW64\OneCoreUAPCommonProxyStub.dll
2021-05-14 16:16:30 ----A---- C:\WINDOWS\SYSWOW64\FWPUCLNT.DLL
2021-05-14 16:16:30 ----A---- C:\WINDOWS\SYSWOW64\fwpolicyiomgr.dll
2021-05-14 16:16:30 ----A---- C:\WINDOWS\SYSWOW64\fwbase.dll
2021-05-14 16:16:30 ----A---- C:\WINDOWS\SYSWOW64\FirewallAPI.dll
2021-05-14 16:16:29 ----A---- C:\WINDOWS\SYSWOW64\WordBreakers.dll
2021-05-14 16:16:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2021-05-14 16:16:29 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2021-05-14 16:16:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Graphics.Display.DisplayColorManagement.dll
2021-05-14 16:16:29 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2021-05-14 16:16:29 ----A---- C:\WINDOWS\SYSWOW64\EditBufferTestHook.dll
2021-05-14 16:16:29 ----A---- C:\WINDOWS\SYSWOW64\dxgi.dll
2021-05-14 16:16:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2021-05-14 16:16:28 ----A---- C:\WINDOWS\SYSWOW64\UserDeviceRegistration.Ngc.dll
2021-05-14 16:16:28 ----A---- C:\WINDOWS\SYSWOW64\UserDeviceRegistration.dll
2021-05-14 16:16:28 ----A---- C:\WINDOWS\SYSWOW64\SystemEventsBrokerClient.dll
2021-05-14 16:16:28 ----A---- C:\WINDOWS\SYSWOW64\GameInput.dll
2021-05-14 16:16:28 ----A---- C:\WINDOWS\SYSWOW64\dsregtask.dll
2021-05-14 16:16:28 ----A---- C:\WINDOWS\SYSWOW64\dsreg.dll
2021-05-14 16:16:28 ----A---- C:\WINDOWS\SYSWOW64\directmanipulation.dll
2021-05-14 16:16:28 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2021-05-14 16:16:28 ----A---- C:\WINDOWS\SYSWOW64\aadauthhelper.dll
2021-05-14 16:16:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Input.Inking.dll
2021-05-14 16:16:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2021-05-14 16:16:26 ----A---- C:\WINDOWS\SYSWOW64\ReAgent.dll
2021-05-14 16:16:26 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2021-05-14 16:16:26 ----A---- C:\WINDOWS\SYSWOW64\diskpart.exe
2021-05-14 16:16:25 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2021-05-14 16:16:25 ----A---- C:\WINDOWS\SYSWOW64\taskschd.dll
2021-05-14 16:16:25 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2021-05-14 16:16:25 ----A---- C:\WINDOWS\SYSWOW64\InputSwitch.dll
2021-05-14 16:16:24 ----A---- C:\WINDOWS\SYSWOW64\stobject.dll
2021-05-14 16:16:24 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2021-05-14 16:16:24 ----A---- C:\WINDOWS\SYSWOW64\cmifw.dll
2021-05-14 16:16:23 ----A---- C:\WINDOWS\SYSWOW64\WpcWebFilter.dll
2021-05-14 16:16:23 ----A---- C:\WINDOWS\SYSWOW64\Wpc.dll
2021-05-14 16:16:23 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.ConversationalAgent.dll
2021-05-14 16:16:23 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2021-05-14 16:16:23 ----A---- C:\WINDOWS\SYSWOW64\agentactivationruntime.dll
2021-05-14 16:16:23 ----A---- C:\WINDOWS\SYSWOW64\AarSvc.dll
2021-05-14 16:16:22 ----A---- C:\WINDOWS\SYSWOW64\agentactivationruntimewindows.dll
2021-05-14 16:16:22 ----A---- C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-14 16:16:20 ----A---- C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2021-05-14 16:16:20 ----A---- C:\WINDOWS\system32\vbscript.dll
2021-05-14 16:16:20 ----A---- C:\WINDOWS\system32\shell32.dll
2021-05-14 16:16:20 ----A---- C:\WINDOWS\system32\rasmans.dll
2021-05-14 16:16:20 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2021-05-14 16:16:19 ----A---- C:\WINDOWS\system32\vpnike.dll
2021-05-14 16:16:19 ----A---- C:\WINDOWS\system32\rasapi32.dll
2021-05-14 16:16:19 ----A---- C:\WINDOWS\system32\drivers\agilevpn.sys
2021-05-14 16:16:18 ----A---- C:\WINDOWS\system32\rtm.dll
2021-05-14 16:16:18 ----A---- C:\WINDOWS\system32\mprdim.dll
2021-05-14 16:16:18 ----A---- C:\WINDOWS\system32\mprddm.dll
2021-05-14 16:16:18 ----A---- C:\WINDOWS\system32\iprtrmgr.dll
2021-05-14 16:16:18 ----A---- C:\WINDOWS\system32\iprtprio.dll
2021-05-14 16:16:18 ----A---- C:\WINDOWS\system32\drivers\ipfltdrv.sys
2021-05-14 16:16:17 ----A---- C:\WINDOWS\system32\sppnp.dll
2021-05-14 16:16:17 ----A---- C:\WINDOWS\system32\drvstore.dll
2021-05-14 16:16:16 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2021-05-14 16:16:16 ----A---- C:\WINDOWS\system32\pnidui.dll
2021-05-14 16:16:16 ----A---- C:\WINDOWS\system32\fphc.dll
2021-05-14 16:16:15 ----A---- C:\WINDOWS\system32\ubpm.dll
2021-05-14 16:16:15 ----A---- C:\WINDOWS\system32\taskschd.dll
2021-05-14 16:16:15 ----A---- C:\WINDOWS\system32\schedsvc.dll
2021-05-14 16:16:15 ----A---- C:\WINDOWS\system32\LockController.dll
2021-05-14 16:16:15 ----A---- C:\WINDOWS\system32\InputSwitch.dll
2021-05-14 16:16:15 ----A---- C:\WINDOWS\system32\drivers\scsiport.sys
2021-05-14 16:16:14 ----A---- C:\WINDOWS\system32\winipsec.dll
2021-05-14 16:16:14 ----A---- C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2021-05-14 16:16:14 ----A---- C:\WINDOWS\system32\urlmon.dll
2021-05-14 16:16:14 ----A---- C:\WINDOWS\system32\msIso.dll
2021-05-14 16:16:14 ----A---- C:\WINDOWS\system32\iertutil.dll
2021-05-14 16:16:14 ----A---- C:\WINDOWS\system32\edgeIso.dll
2021-05-14 16:16:07 ----A---- C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2021-05-14 16:16:07 ----A---- C:\WINDOWS\system32\polstore.dll
2021-05-14 16:16:07 ----A---- C:\WINDOWS\system32\nshipsec.dll
2021-05-14 16:16:07 ----A---- C:\WINDOWS\system32\LogonController.dll
2021-05-14 16:16:07 ----A---- C:\WINDOWS\system32\IPSECSVC.DLL
2021-05-14 16:16:07 ----A---- C:\WINDOWS\system32\FwRemoteSvr.dll
2021-05-14 16:16:07 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2021-05-14 16:16:07 ----A---- C:\WINDOWS\system32\DMAppsRes.dll
2021-05-14 16:16:06 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2021-05-14 16:16:06 ----A---- C:\WINDOWS\system32\wkssvc.dll
2021-05-14 16:16:06 ----A---- C:\WINDOWS\system32\msctf.dll
2021-05-14 16:16:06 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2021-05-14 16:16:06 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2021-05-14 16:16:05 ----A---- C:\WINDOWS\system32\smss.exe
2021-05-14 16:16:05 ----A---- C:\WINDOWS\system32\KernelBase.dll
2021-05-14 16:16:05 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2021-05-14 16:16:05 ----A---- C:\WINDOWS\system32\drivers\netio.sys
2021-05-14 16:16:05 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2021-05-14 16:16:04 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2021-05-14 16:16:03 ----A---- C:\WINDOWS\system32\utcutil.dll
2021-05-14 16:16:03 ----A---- C:\WINDOWS\system32\runexehelper.exe
2021-05-14 16:16:03 ----A---- C:\WINDOWS\system32\ntdll.dll
2021-05-14 16:16:03 ----A---- C:\WINDOWS\system32\hal.dll
2021-05-14 16:16:03 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2021-05-14 16:16:03 ----A---- C:\WINDOWS\system32\diagnosticdataquery.dll
2021-05-14 16:16:03 ----A---- C:\WINDOWS\system32\dabapi.dll
2021-05-14 16:16:03 ----A---- C:\WINDOWS\system32\dab.dll
2021-05-14 16:16:02 ----A---- C:\WINDOWS\system32\SecurityHealthHost.exe
2021-05-14 16:16:02 ----A---- C:\WINDOWS\system32\SecurityHealthAgent.dll
2021-05-14 16:16:02 ----A---- C:\WINDOWS\system32\oleaut32.dll
2021-05-14 16:16:02 ----A---- C:\WINDOWS\system32\httpapi.dll
2021-05-14 16:16:02 ----A---- C:\WINDOWS\system32\drivers\http.sys
2021-05-14 16:16:02 ----A---- C:\WINDOWS\system32\diagtrack.dll
2021-05-14 16:16:02 ----A---- C:\WINDOWS\system32\ci.dll
2021-05-14 16:16:01 ----A---- C:\WINDOWS\system32\wow64.dll
2021-05-14 16:16:01 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2021-05-14 16:16:01 ----A---- C:\WINDOWS\system32\SecurityHealthService.exe
2021-05-14 16:16:01 ----A---- C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2021-05-14 16:16:01 ----A---- C:\WINDOWS\system32\conhost.exe
2021-05-14 16:16:00 ----A---- C:\WINDOWS\system32\wimserv.exe
2021-05-14 16:16:00 ----A---- C:\WINDOWS\system32\dwmcore.dll
2021-05-14 16:16:00 ----A---- C:\WINDOWS\system32\drivers\wimmount.sys
2021-05-14 16:15:59 ----A---- C:\WINDOWS\system32\wimgapi.dll
2021-05-14 16:15:59 ----A---- C:\WINDOWS\system32\drivers\cldflt.sys
2021-05-14 16:15:59 ----A---- C:\WINDOWS\system32\CloudExperienceHost.dll
2021-05-14 16:15:57 ----A---- C:\WINDOWS\system32\uReFS.dll
2021-05-14 16:15:57 ----A---- C:\WINDOWS\system32\refsutil.exe
2021-05-14 16:15:57 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2021-05-14 16:15:57 ----A---- C:\WINDOWS\system32\cldapi.dll
2021-05-14 16:15:56 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2021-05-14 16:15:56 ----A---- C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2021-05-14 16:15:56 ----A---- C:\WINDOWS\system32\SndVolSSO.dll
2021-05-14 16:15:56 ----A---- C:\WINDOWS\system32\acmigration.dll
2021-05-14 16:15:55 ----A---- C:\WINDOWS\system32\win32appinventorycsp.dll
2021-05-14 16:15:55 ----A---- C:\WINDOWS\system32\invagent.dll
2021-05-14 16:15:55 ----A---- C:\WINDOWS\system32\appraiser.dll
2021-05-14 16:15:55 ----A---- C:\WINDOWS\system32\aeinv.dll
2021-05-14 16:15:54 ----A---- C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2021-05-14 16:15:54 ----A---- C:\WINDOWS\system32\DevicesFlowBroker.dll
2021-05-14 16:15:54 ----A---- C:\WINDOWS\system32\ConstraintIndex.Search.dll
2021-05-14 16:15:51 ----A---- C:\WINDOWS\system32\NotificationControllerPS.dll
2021-05-14 16:15:51 ----A---- C:\WINDOWS\system32\NotificationController.dll
2021-05-14 16:15:51 ----A---- C:\WINDOWS\system32\CustomInstallExec.exe
2021-05-14 16:15:51 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2021-05-14 16:15:50 ----A---- C:\WINDOWS\system32\ReAgent.dll
2021-05-14 16:15:50 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2021-05-14 16:15:50 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2021-05-14 16:15:50 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2021-05-14 16:15:50 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2021-05-14 16:15:40 ----A---- C:\WINDOWS\system32\Windows.Internal.CapturePicker.Desktop.dll
2021-05-14 16:15:40 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2021-05-14 16:15:40 ----A---- C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2021-05-14 16:15:40 ----A---- C:\WINDOWS\system32\PCShellCommonProxyStub.dll
2021-05-14 16:15:40 ----A---- C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
2021-05-14 16:15:39 ----A---- C:\WINDOWS\system32\usosvc.dll
2021-05-14 16:15:39 ----A---- C:\WINDOWS\system32\usocoreworker.exe
2021-05-14 16:15:39 ----A---- C:\WINDOWS\system32\SettingsHandlers_SpeechPrivacy.dll
2021-05-14 16:15:39 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2021-05-14 16:15:39 ----A---- C:\WINDOWS\system32\MoUsoCoreWorker.exe
2021-05-14 16:15:39 ----A---- C:\WINDOWS\system32\AppResolver.dll
2021-05-14 16:15:38 ----A---- C:\WINDOWS\system32\win32kfull.sys
2021-05-14 16:15:38 ----A---- C:\WINDOWS\system32\wc_storage.dll
2021-05-14 16:15:38 ----A---- C:\WINDOWS\system32\SHCore.dll
2021-05-14 16:15:38 ----A---- C:\WINDOWS\system32\policymanagerprecheck.dll
2021-05-14 16:15:38 ----A---- C:\WINDOWS\system32\drivers\bindflt.sys
2021-05-14 16:15:38 ----A---- C:\WINDOWS\system32\daxexec.dll
2021-05-14 16:15:38 ----A---- C:\WINDOWS\system32\container.dll
2021-05-14 16:15:38 ----A---- C:\WINDOWS\system32\bindfltapi.dll
2021-05-14 16:15:37 ----A---- C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2021-05-14 16:15:37 ----A---- C:\WINDOWS\system32\win32u.dll
2021-05-14 16:15:37 ----A---- C:\WINDOWS\system32\win32k.sys
2021-05-14 16:15:36 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2021-05-14 16:15:36 ----A---- C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2021-05-14 16:15:36 ----A---- C:\WINDOWS\system32\SystemEventsBrokerClient.dll
2021-05-14 16:15:36 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2021-05-14 16:15:36 ----A---- C:\WINDOWS\system32\FWPUCLNT.DLL
2021-05-14 16:15:36 ----A---- C:\WINDOWS\system32\fwpolicyiomgr.dll
2021-05-14 16:15:36 ----A---- C:\WINDOWS\system32\fwbase.dll
2021-05-14 16:15:36 ----A---- C:\WINDOWS\system32\drivers\wfplwfs.sys
2021-05-14 16:15:36 ----A---- C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
2021-05-14 16:15:36 ----A---- C:\WINDOWS\system32\BFE.DLL
2021-05-14 16:15:35 ----A---- C:\WINDOWS\system32\wfapigp.dll
2021-05-14 16:15:35 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2021-05-14 16:15:35 ----A---- C:\WINDOWS\system32\icfupgd.dll
2021-05-14 16:15:35 ----A---- C:\WINDOWS\system32\fwmdmcsp.dll
2021-05-14 16:15:35 ----A---- C:\WINDOWS\system32\FirewallAPI.dll
2021-05-14 16:15:34 ----A---- C:\WINDOWS\system32\windows.storage.dll
2021-05-14 16:15:33 ----A---- C:\WINDOWS\system32\Windows.Internal.Graphics.Display.DisplayColorManagement.dll
2021-05-14 16:15:33 ----A---- C:\WINDOWS\system32\tsf3gip.dll
2021-05-14 16:15:33 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2021-05-14 16:15:33 ----A---- C:\WINDOWS\system32\ISM.dll
2021-05-14 16:15:33 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2021-05-14 16:15:32 ----A---- C:\WINDOWS\system32\WordBreakers.dll
2021-05-14 16:15:32 ----A---- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2021-05-14 16:15:32 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2021-05-14 16:15:32 ----A---- C:\WINDOWS\system32\win32kbase.sys
2021-05-14 16:15:32 ----A---- C:\WINDOWS\system32\InputService.dll
2021-05-14 16:15:32 ----A---- C:\WINDOWS\system32\EditBufferTestHook.dll
2021-05-14 16:15:31 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2021-05-14 16:15:31 ----A---- C:\WINDOWS\system32\dxgi.dll
2021-05-14 16:15:30 ----A---- C:\WINDOWS\system32\oemlicense.dll
2021-05-14 16:15:30 ----A---- C:\WINDOWS\system32\ngccredprov.dll
2021-05-14 16:15:30 ----A---- C:\WINDOWS\system32\mskeyprotect.dll
2021-05-14 16:15:30 ----A---- C:\WINDOWS\system32\licensingdiag.exe
2021-05-14 16:15:30 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2021-05-14 16:15:30 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2021-05-14 16:15:30 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2021-05-14 16:15:30 ----A---- C:\WINDOWS\system32\drivers\ClipSp.sys
2021-05-14 16:15:30 ----A---- C:\WINDOWS\system32\Clipc.dll
2021-05-14 16:15:30 ----A---- C:\WINDOWS\system32\cdd.dll
2021-05-14 16:15:29 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2021-05-14 16:15:29 ----A---- C:\WINDOWS\system32\certcli.dll
2021-05-14 16:15:28 ----A---- C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2021-05-14 16:15:28 ----A---- C:\WINDOWS\system32\GameInput.dll
2021-05-14 16:15:28 ----A---- C:\WINDOWS\system32\appinfo.dll
2021-05-14 16:15:28 ----A---- C:\WINDOWS\system32\aadtb.dll
2021-05-14 16:15:28 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2021-05-14 16:15:28 ----A---- C:\WINDOWS\system32\aadauthhelper.dll
2021-05-14 16:15:27 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2021-05-14 16:15:26 ----A---- C:\WINDOWS\system32\directmanipulation.dll
2021-05-14 16:15:26 ----A---- C:\WINDOWS\system32\cdpusersvc.dll
2021-05-14 16:15:21 ----A---- C:\WINDOWS\system32\vdsbas.dll
2021-05-14 16:15:20 ----A---- C:\WINDOWS\system32\twinui.dll
2021-05-14 16:15:20 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2021-05-14 16:15:20 ----A---- C:\WINDOWS\system32\diskpart.exe
2021-05-14 16:15:20 ----A---- C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-14 16:15:19 ----A---- C:\WINDOWS\system32\windows.internal.shellcommon.shareexperience.dll
2021-05-14 16:15:19 ----A---- C:\WINDOWS\system32\StartTileData.dll
2021-05-14 16:15:18 ----A---- C:\WINDOWS\system32\Windows.Internal.PlatformExtension.DevicePickerExperience.dll
2021-05-14 16:15:18 ----A---- C:\WINDOWS\system32\pkeyhelper.dll
2021-05-14 16:15:17 ----A---- C:\WINDOWS\system32\wlanhlp.dll
2021-05-14 16:15:17 ----A---- C:\WINDOWS\system32\wfdprov.dll
2021-05-14 16:15:17 ----A---- C:\WINDOWS\system32\usbmon.dll
2021-05-14 16:15:09 ----A---- C:\WINDOWS\system32\wlansvcpal.dll
2021-05-14 16:15:09 ----A---- C:\WINDOWS\system32\wlansvc.dll
2021-05-14 16:15:09 ----A---- C:\WINDOWS\system32\wlansec.dll
2021-05-14 16:15:09 ----A---- C:\WINDOWS\system32\wlanmsm.dll
2021-05-14 16:15:09 ----A---- C:\WINDOWS\system32\wlanapi.dll
2021-05-14 16:15:09 ----A---- C:\WINDOWS\system32\WiFiConfigSP.dll
2021-05-14 16:15:09 ----A---- C:\WINDOWS\system32\stobject.dll
2021-05-14 16:15:08 ----A---- C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2021-05-14 16:15:08 ----A---- C:\WINDOWS\system32\UserDeviceRegistration.dll
2021-05-14 16:15:08 ----A---- C:\WINDOWS\system32\dsregtask.dll
2021-05-14 16:15:08 ----A---- C:\WINDOWS\system32\dsreg.dll
2021-05-14 16:15:08 ----A---- C:\WINDOWS\explorer.exe
2021-05-14 16:15:07 ----A---- C:\WINDOWS\system32\Wpc.dll
2021-05-14 16:15:07 ----A---- C:\WINDOWS\system32\spoolsv.exe
2021-05-14 16:15:07 ----A---- C:\WINDOWS\system32\cmifw.dll
2021-05-14 16:15:06 ----A---- C:\WINDOWS\system32\WpcMon.exe
2021-05-14 16:15:05 ----A---- C:\WINDOWS\system32\WpcWebFilter.dll
2021-05-14 16:15:05 ----A---- C:\WINDOWS\system32\WpcApi.dll
2021-05-14 16:15:05 ----A---- C:\WINDOWS\system32\ApproveChildRequest.exe
2021-05-14 16:15:04 ----A---- C:\WINDOWS\system32\WpcTok.exe
2021-05-14 16:15:04 ----A---- C:\WINDOWS\system32\WpcRefreshTask.dll
2021-05-14 16:15:04 ----A---- C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2021-05-14 16:15:02 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2021-05-14 16:15:01 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2021-05-14 16:15:01 ----A---- C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-05-14 16:15:00 ----A---- C:\WINDOWS\system32\agentactivationruntimewindows.dll
2021-05-14 16:15:00 ----A---- C:\WINDOWS\system32\agentactivationruntime.dll
2021-05-14 16:15:00 ----A---- C:\WINDOWS\system32\AarSvc.dll
2021-05-14 16:14:59 ----A---- C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2021-05-14 16:14:59 ----A---- C:\WINDOWS\system32\autopilotdiag.dll
2021-05-14 16:14:59 ----A---- C:\WINDOWS\system32\autopilot.dll
2021-05-14 16:14:58 ----A---- C:\WINDOWS\system32\Windows.Management.Service.dll
2021-05-14 16:14:56 ----A---- C:\WINDOWS\system32\tellib.dll
2021-05-14 16:14:51 ----A---- C:\WINDOWS\system32\drivers\vmstorfl.sys
2021-05-14 16:14:48 ----A---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2021-05-14 16:14:48 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2021-05-14 16:14:48 ----A---- C:\WINDOWS\system32\drivers\sdstor.sys
2021-05-14 16:14:48 ----A---- C:\WINDOWS\system32\drivers\BTHUSB.SYS
2021-05-14 16:14:48 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2021-05-14 16:14:48 ----A---- C:\WINDOWS\system32\drivers\BthMini.SYS
2021-05-14 16:14:48 ----A---- C:\WINDOWS\system32\drivers\bthenum.sys
2021-05-14 16:14:47 ----A---- C:\WINDOWS\system32\drivers\storufs.sys
2021-05-14 16:14:47 ----A---- C:\WINDOWS\system32\drivers\sbp2port.sys
2021-05-14 16:14:47 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2021-05-14 16:14:47 ----A---- C:\WINDOWS\system32\drivers\acpi.sys
2021-05-14 16:14:46 ----A---- C:\WINDOWS\system32\drivers\USBAUDIO.sys
2021-05-14 15:33:40 ----A---- C:\WINDOWS\SYSWOW64\poqexec.exe
2021-05-14 15:33:37 ----A---- C:\WINDOWS\system32\poqexec.exe
2021-05-06 19:47:29 ----D---- C:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2021-05-26 21:29:56 ----RD---- C:\Program Files
2021-05-26 21:29:50 ----D---- C:\WINDOWS\Temp
2021-05-26 21:29:11 ----D---- C:\ProgramData\Mozilla
2021-05-26 21:28:05 ----D---- C:\WINDOWS\Prefetch
2021-05-26 21:27:55 ----D---- C:\ProgramData\NVIDIA
2021-05-26 21:27:48 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2021-05-26 21:03:16 ----D---- C:\WINDOWS\system32\sru
2021-05-26 21:02:25 ----D---- C:\WINDOWS\system32\SleepStudy
2021-05-26 18:36:03 ----D---- C:\WINDOWS\SysWOW64
2021-05-26 17:13:12 ----D---- C:\Program Files\CCleaner
2021-05-26 16:47:33 ----SHD---- C:\System Volume Information
2021-05-26 16:46:29 ----RD---- C:\WINDOWS\Microsoft.NET
2021-05-26 06:44:16 ----HD---- C:\Program Files\WindowsApps
2021-05-26 06:44:14 ----D---- C:\WINDOWS\AppReadiness
2021-05-25 12:53:44 ----D---- C:\Windows
2021-05-25 12:26:03 ----D---- C:\Program Files (x86)\GOG Games
2021-05-25 12:13:52 ----D---- C:\AdwCleaner
2021-05-25 12:09:30 ----D---- C:\Users\pc\AppData\Roaming\uTorrent
2021-05-25 12:05:52 ----D---- C:\WINDOWS\Logs
2021-05-25 06:01:26 ----D---- C:\WINDOWS\system32\drivers\etc
2021-05-25 06:00:58 ----D---- C:\ProgramData\Package Cache
2021-05-25 06:00:04 ----SHD---- C:\WINDOWS\Installer
2021-05-25 06:00:04 ----D---- C:\WINDOWS\System32
2021-05-25 05:56:58 ----D---- C:\WINDOWS\SYSWOW64\directx
2021-05-25 05:56:49 ----HD---- C:\WINDOWS\msdownld.tmp
2021-05-24 21:17:53 ----D---- C:\Games
2021-05-24 15:58:59 ----D---- C:\WINDOWS\system32\config
2021-05-20 06:47:59 ----D---- C:\WINDOWS\INF
2021-05-20 06:47:59 ----D---- C:\WINDOWS\debug
2021-05-20 06:45:56 ----D---- C:\WINDOWS\system32\Tasks
2021-05-20 06:43:35 ----ASH---- C:\DumpStack.log.tmp
2021-05-19 20:35:52 ----RD---- C:\Program Files (x86)
2021-05-18 20:27:22 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2021-05-17 19:25:11 ----D---- C:\WINDOWS\system32\catroot2
2021-05-17 18:00:01 ----D---- C:\WINDOWS\system32\LogFiles
2021-05-16 20:05:33 ----D---- C:\WINDOWS\WinSxS
2021-05-14 16:48:27 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2021-05-14 16:43:19 ----D---- C:\WINDOWS\system32\DriverStore
2021-05-14 16:40:58 ----D---- C:\WINDOWS\system32\drivers
2021-05-14 16:40:57 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2021-05-14 16:38:20 ----D---- C:\WINDOWS\SYSWOW64\WinMetadata
2021-05-14 16:38:20 ----D---- C:\WINDOWS\SYSWOW64\wbem
2021-05-14 16:38:20 ----D---- C:\WINDOWS\SYSWOW64\setup
2021-05-14 16:38:20 ----D---- C:\WINDOWS\SYSWOW64\oobe
2021-05-14 16:38:20 ----D---- C:\WINDOWS\SYSWOW64\migration
2021-05-14 16:38:20 ----D---- C:\WINDOWS\SYSWOW64\lt-LT
2021-05-14 16:38:20 ----D---- C:\WINDOWS\SYSWOW64\Dism
2021-05-14 16:38:20 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2021-05-14 16:38:19 ----D---- C:\WINDOWS\SystemResources
2021-05-14 16:38:15 ----D---- C:\WINDOWS\system32\WinMetadata
2021-05-14 16:38:15 ----D---- C:\WINDOWS\system32\wbem
2021-05-14 16:38:15 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2021-05-14 16:38:15 ----D---- C:\WINDOWS\system32\setup
2021-05-14 16:38:15 ----D---- C:\WINDOWS\system32\OpenSSH
2021-05-14 16:38:15 ----D---- C:\WINDOWS\system32\oobe
2021-05-14 16:38:15 ----D---- C:\WINDOWS\system32\migration
2021-05-14 16:38:15 ----D---- C:\WINDOWS\system32\lt-LT
2021-05-14 16:38:15 ----D---- C:\WINDOWS\system32\en-US
2021-05-14 16:38:15 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2021-05-14 16:38:14 ----D---- C:\WINDOWS\system32\Dism
2021-05-14 16:38:14 ----D---- C:\WINDOWS\system32\cs-CZ
2021-05-14 16:38:14 ----D---- C:\WINDOWS\system32\Boot
2021-05-14 16:38:09 ----RD---- C:\WINDOWS\PrintDialog
2021-05-14 16:38:09 ----D---- C:\WINDOWS\Provisioning
2021-05-14 16:38:09 ----D---- C:\WINDOWS\PolicyDefinitions
2021-05-14 16:38:09 ----D---- C:\WINDOWS\DiagTrack
2021-05-14 16:38:09 ----D---- C:\WINDOWS\cs-CZ
2021-05-14 16:38:08 ----D---- C:\WINDOWS\bcastdvr
2021-05-14 16:38:08 ----D---- C:\WINDOWS\apppatch
2021-05-14 16:38:08 ----D---- C:\Program Files\Windows Defender Advanced Threat Protection
2021-05-14 16:23:55 ----D---- C:\WINDOWS\CbsTemp
2021-05-14 16:23:39 ----A---- C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-05-14 15:32:30 ----D---- C:\WINDOWS\system32\MRT
2021-05-14 15:28:33 ----AC---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 avdevprot;avdevprot; C:\WINDOWS\system32\DRIVERS\avdevprot.sys [2021-02-02 78936]
R0 avusbflt;avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [2021-02-02 45472]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2019-12-07 57360]
R0 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2021-04-16 296264]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2021-01-16 41984]
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2021-03-16 199312]
R1 avkmgr;avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [2021-02-02 46704]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2019-12-07 78136]
R1 CimFS;CimFS; C:\WINDOWS\system32\drivers\CimFS.sys [2021-03-11 91136]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2019-12-07 59392]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2019-12-07 8704]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2021-03-31 209744]
R2 avnetflt;avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [2021-02-02 89736]
R2 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2021-05-14 148816]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2021-05-14 495616]
R2 ImDisk;Avira Virtual Disk Driver; C:\WINDOWS\system32\DRIVERS\imdisk.sys [2020-08-18 95376]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2021-01-16 53248]
R3 e1i65x64;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\WINDOWS\System32\drivers\e1i65x64.sys [2019-12-07 553984]
R3 MEIx64;@oem6.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2015-07-10 193336]
R3 MsQuic;@%SystemRoot%\system32\drivers\msquic.sys,-1; C:\WINDOWS\system32\drivers\msquic.sys [2021-01-16 322376]
R3 NVHDA;@oem3.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2020-10-05 230720]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_60daf66a00f2e0b6\nvlddmkm.sys [2020-10-05 32479640]
S0 avelam;avelam; C:\WINDOWS\system32\drivers\avelam.sys [2021-02-02 22336]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2019-12-07 43832]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2019-12-07 319800]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2019-12-07 884752]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2019-12-07 172344]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2019-12-07 124216]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2019-12-07 135992]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2019-12-07 81720]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2019-12-07 105480]
S0 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2019-12-07 168464]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2019-12-07 58680]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2019-12-07 68408]
S0 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2019-12-07 138040]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2019-12-07 42296]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2019-12-07 158736]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2019-12-07 23040]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2019-12-07 415232]
S3 amdgpio2;@amdgpio2.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys [2019-12-07 18432]
S3 amdi2c;@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys [2019-12-07 45568]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2021-01-16 18432]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2021-04-16 138056]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2021-04-16 174392]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2021-04-16 154952]
S3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2019-12-07 279040]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2021-05-14 113664]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2021-01-16 106496]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2021-05-14 45568]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2021-05-14 1560064]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2021-05-14 110592]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2019-12-07 44032]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2019-12-07 66576]
S3 dot4;@oem8.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
S3 Dot4Print;@oem1.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\WINDOWS\System32\drivers\Dot4Prt.sys [2012-10-19 27040]
S3 dot4usb;@oem8.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys [2019-12-07 23040]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2019-12-07 55824]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2019-12-07 66560]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2021-05-14 95056]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2019-12-07 30208]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2019-12-07 1853752]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2019-12-07 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2019-12-07 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2019-12-07 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2019-12-07 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2019-12-07 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2019-12-07 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2019-12-07 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2019-12-07 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2019-12-07 177152]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2019-12-07 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2019-12-07 558904]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2021-01-16 47104]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel(R) Dynamic Device Peak Power Manager Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2019-12-07 30720]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2019-12-07 59704]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2019-12-07 537608]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2019-12-07 64016]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2021-01-16 386048]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-12-07 65024]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2019-12-07 1131320]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2019-12-07 146232]
S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys [2019-12-07 72720]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2021-02-12 207360]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver; C:\WINDOWS\System32\drivers\nvstusb.sys [2017-11-09 504360]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2021-04-16 129872]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2019-12-07 17408]
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2019-12-07 27136]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-12-07 990008]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2019-12-07 213504]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2019-12-07 115712]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2019-12-07 35128]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2019-12-07 35128]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntivirProtectedService;Avira Protected Service; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [2021-03-16 537472]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [2021-03-16 484904]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\Antivirus\sched.exe [2021-03-16 484904]
R2 Avira.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [2021-04-01 634768]
R2 AviraOptimizerHost;Avira Optimizer Host; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2020-06-03 2988544]
R2 AviraPhantomVPN;Avira Phantom VPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [2021-05-06 383976]
R2 AviraSecurity;Avira Security; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [2021-05-05 244040]
R2 AviraUpdaterService;Avira Updater Service; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [2021-04-13 159080]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
R2 CDPUserSvc_92b8664;Uživatelská služba platformy připojených zařízení_92b8664; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2021-01-16 57360]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2020-10-01 885224]
R2 OneSyncSvc_92b8664;Hostitel synchronizace_92b8664; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
R3 cbdhsvc_92b8664;Uživatelská služba schránky_92b8664; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2021-01-16 57360]
R3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2021-01-16 57360]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2021-01-16 57360]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2021-01-16 57360]
R3 PimIndexMaintenanceSvc_92b8664;Data kontaktů_92b8664; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2021-01-16 57360]
R3 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2021-05-14 987552]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2021-01-25 169672]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [2021-03-16 1208432]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [2021-03-16 575776]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2021-01-16 57360]
S2 edgeupdate;Služba Microsoft Edge Update (edgeupdate); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-06 224160]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2020-05-08 154920]
S2 ImDskSvc;Avira Virtual Disk Driver Helper; C:\WINDOWS\system32\imdsksvc.exe [2020-08-18 25720]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2021-01-16 57360]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2021-01-16 57360]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2021-01-16 57360]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
S3 AarSvc_92b8664;Agent Activation Runtime_92b8664; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
S3 AssignedAccessManagerSvc;@%SystemRoot%\system32\assignedaccessmanagersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
S3 BcastDVRUserService_92b8664;Uživatelská služba pro GameDVR a vysílání her_92b8664; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
S3 BluetoothUserService_92b8664;Služba pro podporu uživatelů Bluetooth_92b8664; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
S3 CaptureService_92b8664;CaptureService_92b8664; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
S3 ConsentUxUserSvc_92b8664;ConsentUX_92b8664; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2021-03-11 388888]
S3 CredentialEnrollmentManagerUserSvc_92b8664;CredentialEnrollmentManagerUserSvc_92b8664; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2021-03-11 388888]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
S3 DeviceAssociationBrokerSvc_92b8664;DeviceAssociationBroker_92b8664; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
S3 DevicePickerUserSvc_92b8664;DevicePicker_92b8664; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
S3 DevicesFlowUserSvc_92b8664;Tok zařízení_92b8664; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2021-01-16 57360]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
S3 edgeupdatem;Služba Microsoft Edge Update (edgeupdatem); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-06 224160]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2021-01-16 57360]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2019-11-08 46184]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2021-01-16 57360]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.77\elevation_service.exe [2021-05-23 1457320]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2021-01-16 57360]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2020-05-08 154920]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2021-01-16 57360]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
S3 MessagingService_92b8664;Služba zasílání zpráv_92b8664; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
S3 MicrosoftEdgeElevationService;Microsoft Edge Elevation Service; C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\elevation_service.exe [2021-05-20 1567648]
S3 MixedRealityOpenXRSvc;@%SystemRoot%\system32\MixedRealityRuntime.dll,-101; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2021-05-06 242672]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2021-01-16 57360]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2021-01-16 106496]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
S3 PrintWorkflowUserSvc_92b8664;PrintWorkflow_92b8664; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2021-01-16 57360]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2021-01-16 57360]
S3 Sense;@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2021-05-14 5393288]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2021-01-16 1265152]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2021-04-16 757064]
S4 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2021-04-16 94208]
S4 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2021-01-16 57360]
S4 DialogBlockingService;@%SystemRoot%\system32\DialogBlockingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-01-16 57360]

-----------------EOF-----------------

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: prosím o kontrolu děkuji

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Spustit skenovani a pockaj na dokoncenie
  • V pripade nalezov nechaj vsetky nalezy oznacene a klikni na Karantena (ak nie su ziadne nalezy, tak na Spustit zakladni opravu)
  • V pripade, ze sa detekuje aj "predinstalovany software", tieto programy mozes, ale nemusis zmazat (toto nie su skodlive programy, ale iba zbytocnosti)
  • Potvrd vyzvu, pockaj na dokoncenie a potvrd restartovanie PC
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah skopiruj a vloz do dalsej odpovede
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

simy13
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 26 kvě 2021 20:35

Re: prosím o kontrolu děkuji

#3 Příspěvek od simy13 »

# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build: 03-22-2021
# Database: 2021-05-17.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-27-2021
# Duration: 00:00:01
# OS: Windows 10 Pro
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1249 octets] - [06/04/2019 22:39:54]
AdwCleaner[S01].txt - [1310 octets] - [21/03/2021 20:02:09]
AdwCleaner[C01].txt - [1496 octets] - [21/03/2021 20:03:04]
AdwCleaner[S02].txt - [1432 octets] - [20/05/2021 06:41:07]
AdwCleaner[C02].txt - [1618 octets] - [20/05/2021 06:41:50]
AdwCleaner[S03].txt - [1820 octets] - [25/05/2021 12:13:26]
AdwCleaner[C03].txt - [1972 octets] - [25/05/2021 12:13:59]
AdwCleaner[S04].txt - [1832 octets] - [26/05/2021 21:27:33]
AdwCleaner[C04].txt - [2022 octets] - [26/05/2021 21:27:49]
AdwCleaner[S05].txt - [1954 octets] - [27/05/2021 05:59:34]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C05].txt ##########

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: prosím o kontrolu děkuji

#4 Příspěvek od Conder »

:arrow: Poprosim o obidva logy z FRST (FRST.txt a Addition.txt) podla tohto navodu: https://forum.viry.cz/viewtopic.php?f=13&t=154679
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

simy13
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 26 kvě 2021 20:35

Re: prosím o kontrolu děkuji

#5 Příspěvek od simy13 »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2021
Ran by pc (28-05-2021 16:50:51)
Running from C:\Users\pc\Desktop
Windows 10 Pro Version 20H2 19042.985 (X64) (2021-01-16 13:52:27)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-591005949-3795881383-2982760695-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-591005949-3795881383-2982760695-503 - Limited - Disabled)
Guest (S-1-5-21-591005949-3795881383-2982760695-501 - Limited - Disabled)
pc (S-1-5-21-591005949-3795881383-2982760695-1001 - Administrator - Enabled) => C:\Users\pc
WDAGUtilityAccount (S-1-5-21-591005949-3795881383-2982760695-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {88AE6B46-DC3C-455A-A21B-085F285A3546}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20155 - Adobe Systems Incorporated)
Avira (HKLM-x32\...\{21098ed5-59e9-4203-b79e-63f3c373e022}) (Version: 1.2.155.4877 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{2CA8B2E7-B4B7-4553-83E6-448A543EA5AD}) (Version: 1.2.155.4877 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2104.2083 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.37.4.17510 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.1.49.18598 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version: - Avira Operations GmbH & Co. KG;)
Avira Software Updater (HKLM-x32\...\{5FFF909D-D88F-42B9-9A85-328A1290611C}) (Version: 2.0.6.48309 - Avira Operations GmbH & Co. KG) Hidden
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.10.0.11063 - Avira Operations GmbH & Co. KG) Hidden
BIOMUTANT (HKLM-x32\...\BIOMUTANT_is1) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.78 - Piriform)
Foxit PDF Editor (HKLM-x32\...\Foxit PDF Editor) (Version: 2.2.0.0205 - Foxit Software)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.77 - Google LLC)
Hellbound (HKU\S-1-5-21-591005949-3795881383-2982760695-1001\...\Hellbound) (Version: - HOODLUM)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{BCDD692B-172D-440A-9A1B-501C71D72CC8}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
K-Lite Mega Codec Pack 10.0.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.0.0 - )
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.37 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-591005949-3795881383-2982760695-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Mozilla Firefox 88.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 88.0.1 (x64 cs)) (Version: 88.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 76.0 - Mozilla)
NVIDIA Ovladač HD audia 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 456.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 456.71 - NVIDIA Corporation)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skully (HKU\S-1-5-21-591005949-3795881383-2982760695-1001\...\Skully) (Version: - HOODLUM)
The Witcher: EEDC (HKLM-x32\...\The Witcher: EEDC_is1) (Version: - )
Tony Vočko a případ růžového tapíra (HKLM-x32\...\{EC27DF14-030F-4BF2-B323-723FF7F0D4AB}_is1) (Version: 1.0 - RelikZ)
Unlocker (HKLM\...\{5993C960-4E90-4A00-A2F3-D0C4020A6992}) (Version: 1.9.2 - ajua Custom Installers)
Unlocker (HKLM-x32\...\{5577A25D-E4FE-4BFB-A660-E0D766BC4EDD}) (Version: 1.9.2 - ajua Custom Installers)
Vampirem (HKLM-x32\...\Vampirem_is1) (Version: - )
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)
Wolfenstein The Old Blood (HKLM-x32\...\Wolfenstein The Old Blood_is1) (Version: - )

Packages:
=========
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_127.1.115.0_x64__v10z8vjag6ke6 [2021-05-13] (HP Inc.)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5170.0_x64__8wekyb3d8bbwe [2021-05-24] (Microsoft Studios) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2021-03-16] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2021-03-16] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\system32\lagarith.dll [148992 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\WINDOWS\system32\x264vfw64.dll [3554304 2013-03-17] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\system32\xvidvfw.dll [258560 2011-06-24] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\WINDOWS\system32\ff_vfw.dll [127488 2013-08-14] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3649536 2013-03-17] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [243200 2011-06-24] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2013-08-14] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2020-05-07 18:01 - 2021-05-24 21:18 - 000002480 _____ C:\WINDOWS\system32\drivers\etc\hosts
109.94.209.70 fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 fitgirl-repack.com # Fake FitGirl site
109.94.209.70 fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 fitgirlrepack.games # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 www.fitgirlrepack.games # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repack.net # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.net # Fake FitGirl site
109.94.209.70 fitgirlpack.site # Fake FitGirl site
109.94.209.70 www.fitgirlpack.site # Fake FitGirl site

2020-07-18 08:47 - 2020-07-18 08:47 - 000000374 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-591005949-3795881383-2982760695-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKU\S-1-5-21-591005949-3795881383-2982760695-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{658F35B1-839A-49DE-8AC3-A19E394A9205}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{DB249C55-CD66-46C6-AF15-111ED2CB68BE}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{8400D88A-CC4A-4489-8445-53C4AAF9BB0C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FC73ADF5-7360-4EA6-A38D-C712B6B1E2DA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{463C951F-D8EC-49CD-8817-B9C245007F5A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C4F23A84-2D83-47A3-BB27-A3F1BF10F42E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D2084A04-C463-40F0-8A4B-AD2115AA69D1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{63B878E9-043A-4C32-AE45-20AC85F133F6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{4C08F6B0-3BE5-4AE1-A1FC-7918D8D538E5}C:\program files (x86)\rise of the tomb raider\rottr.exe] => (Allow) C:\program files (x86)\rise of the tomb raider\rottr.exe (Eidos Inc.) [File not signed]
FirewallRules: [UDP Query User{7781DE02-C5BB-4316-8DF4-66517404344D}C:\program files (x86)\rise of the tomb raider\rottr.exe] => (Allow) C:\program files (x86)\rise of the tomb raider\rottr.exe (Eidos Inc.) [File not signed]
FirewallRules: [{90F6D3FD-5453-47A9-B269-1E97772112E0}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{745EA221-4099-4B34-8EA1-D184EE1B9F0F}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{A4494513-595F-4961-BEDC-99A9782EAB39}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{6562D5CF-B3AF-4EDC-839A-EADB54D569B0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

26-05-2021 16:47:07 Naplánovaný kontrolní bod
27-05-2021 17:16:48 Nainstalováno: Microsoft Visual C++ 2005 Redistributable

==================== Faulty Device Manager Devices ============

Name: PC Camera
Description: PC Camera
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (05/26/2021 09:28:14 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).

Error: (05/26/2021 05:34:51 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program firefox.exe verze 88.0.1.7794 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 7e70

Čas spuštění: 01d751d8740c0988

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\Mozilla Firefox\firefox.exe

ID hlášení: 7a4c8bae-dcf0-4cac-bea4-c6ed36fb4af7

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Top level window is idle

Error: (05/25/2021 12:14:19 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).

Error: (05/25/2021 12:03:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: yuzu.exe, verze: 0.0.0.0, časové razítko: 0x60311143
Název chybujícího modulu: yuzu.exe, verze: 0.0.0.0, časové razítko: 0x60311143
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000025ec8f
ID chybujícího procesu: 0x3ea4
Čas spuštění chybující aplikace: 0x01d7514ae4895b74
Cesta k chybující aplikaci: C:\Program Files (x86)\GOG Games\Super Mario Odyssey\yuzu.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\GOG Games\Super Mario Odyssey\yuzu.exe
ID zprávy: 687640e1-4ed7-43d2-bbf1-08dada0ede85
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/25/2021 11:46:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: yuzu.exe, verze: 0.0.0.0, časové razítko: 0x60311143
Název chybujícího modulu: yuzu.exe, verze: 0.0.0.0, časové razítko: 0x60311143
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000025ec8f
ID chybujícího procesu: 0x5b7c
Čas spuštění chybující aplikace: 0x01d7511aa630b0bb
Cesta k chybující aplikaci: C:\Program Files (x86)\GOG Games\Super Mario Odyssey\yuzu.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\GOG Games\Super Mario Odyssey\yuzu.exe
ID zprávy: deee5d45-f025-4955-8e6e-339b708ad948
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/25/2021 06:01:10 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x8007001f, Zařízení připojené k systému nefunguje.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (05/25/2021 06:00:10 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (05/25/2021 05:58:53 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x8007001f, Zařízení připojené k systému nefunguje.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet


System errors:
=============
Error: (05/27/2021 05:59:55 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avira Optimizer Host byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (05/27/2021 05:59:55 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avira Updater Service byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (05/27/2021 05:59:55 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Avira Service Host byla neočekávaně ukončena. Tento stav nastal již 3krát.

Error: (05/27/2021 05:59:55 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avira Phantom VPN byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (05/27/2021 05:59:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (05/27/2021 05:59:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avira Security byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (05/26/2021 09:27:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avira Optimizer Host byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (05/26/2021 09:27:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Instalační služba modulů systému Windows byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.


Windows Defender:
================
Date: 2021-02-02 16:35:04
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {A3964236-309C-48F8-A8F5-541A79E6CEC3}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-02-02 16:24:54
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {990F0FA3-4E9D-45FA-9DD2-677A669554CE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-02-02 16:14:16
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUA:Win32/GameHack
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\pc\Downloads\Wolfenstein.The.Old.Blood-CODEX\codex-wolfenstein.the.old.blood\setup.exe; file:_C:\Wolfenstein.The.Old.Blood-CODEX\codex-wolfenstein.the.old.blood\setup.exe; file:_D:\Wolfenstein.The.Old.Blood-CODEX\codex-wolfenstein.the.old.blood\setup.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-BUIQGPN\pc
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.331.33.0, AS: 1.331.33.0, NIS: 1.331.33.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-02-02 16:13:59
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {021DB1EC-4EE5-4E5A-A12E-3D17722759E1}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-02-02 15:49:34
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUA:Win32/GameHack
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\pc\Downloads\Wolfenstein.The.Old.Blood-CODEX\codex-wolfenstein.the.old.blood\setup.exe; file:_D:\Wolfenstein.The.Old.Blood-CODEX\codex-wolfenstein.the.old.blood\setup.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-BUIQGPN\pc
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.331.33.0, AS: 1.331.33.0, NIS: 1.331.33.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5

CodeIntegrity:
===============
Date: 2021-03-16 18:16:23
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Avira\Antivirus\libcurl.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: Intel Corp. BLH6710H.86A.0119.2011.0523.1030 05/23/2011
Motherboard: Intel Corporation DH67CL
Processor: Intel(R) Pentium(R) CPU G860 @ 3.00GHz
Percentage of memory in use: 31%
Total physical RAM: 8169.45 MB
Available physical RAM: 5577.07 MB
Total Virtual: 18058.87 MB
Available Virtual: 13283.71 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:291.92 GB) (Free:30.23 GB) NTFS
Drive d: () (Fixed) (Total:172.79 GB) (Free:102.22 GB) NTFS

\\?\Volume{81168116-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.54 GB) (Free:0.5 GB) NTFS
\\?\Volume{81168116-0000-0000-0000-801d49000000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 81168116)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=291.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=520 MB) - (Type=27)
Partition 4: (Not Active) - (Size=172.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-05-2021
Ran by pc (administrator) on DESKTOP-BUIQGPN (28-05-2021 16:46:23)
Running from C:\Users\pc\Desktop
Loaded Profiles: pc
Platform: Windows 10 Pro Version 20H2 19042.985 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(BitTorrent Inc -> BitTorrent, Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\pc\AppData\Local\Microsoft\OneDrive\20.201.1005.0009\FileCoAuth.exe <2>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsMaps_10.2104.2.0_x64__8wekyb3d8bbwe\Maps.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.985_none_e72c6fe7263b0fe4\TiWorker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [706192 2021-04-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-591005949-3795881383-2982760695-1001\...\Run: [] => [X]
HKU\S-1-5-21-591005949-3795881383-2982760695-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5536440 2021-04-27] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-591005949-3795881383-2982760695-1001\...\Run: [269cb9d1f0c741c63247e1d77e6f3f30] => C:\WINDOWS\system32\.. [0 2021-05-25] ()
HKU\S-1-5-21-591005949-3795881383-2982760695-1001\...\Policies\Explorer: [DisallowCpl] 1
HKLM\...\Windows x64\Print Processors\hpfpp70v: C:\Windows\System32\spool\prtprocs\x64\hpfpp70v.dll [248320 2009-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\hpf3l70v.dll: C:\WINDOWS\system32\hpf3l70v.dll [136704 2009-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.77\Installer\chrmstp.exe [2021-05-26] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2020-05-27]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {020B8D4F-ED6C-48BF-A706-92C3EDA12CEA} - System32\Tasks\ebtools => C:\Program Files (x86)\EUROBYTE TOOLS\vp4.exe [302976 2021-03-01] (EUROBYTE SOFTWARE s.r.o. -> OEM)
Task: {0FABBC8C-8AEF-48D8-8871-753D43761435} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [29757392 2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {6F0228FF-374A-405C-9F23-28360FDA0F3D} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696304 2021-05-06] (Mozilla Corporation -> Mozilla Foundation)
Task: {8D68F718-A2F0-4B69-8CCF-DA61A8732A0A} - System32\Tasks\Avira_Security_Update => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [229760 2021-05-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {BFBF306C-2F78-4FF3-8FDA-73D95BF36BE0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2020-05-08] (Google Inc -> Google LLC)
Task: {DD9119A4-908C-4458-90A9-7E3EBFC11E5B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {E3A062A3-6759-4C8E-9778-34FD8FCAB1D2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27616328 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {EC10146E-D00E-4384-8E9F-84ED36D86EF5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-18] (Piriform Software Ltd -> Piriform)
Task: {F6BB5510-A28C-4034-AF85-DF98D6A003BB} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2651216 2021-03-16] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {FB9D81C3-BBB1-4011-A130-2DFBD1AF8465} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2020-05-08] (Google Inc -> Google LLC)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{87b6a530-c8a3-48da-97bc-b26e97b2eb24}: [DhcpNameServer] 192.168.1.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\pc\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-27]

FireFox:
========
FF DefaultProfile: dc063tec.default
FF ProfilePath: C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\dc063tec.default [2020-05-08]
FF Extension: (Avira Password Manager) - C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\dc063tec.default\Extensions\passwordmanager@avira.com [2020-05-08]
FF ProfilePath: C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\reez1ulx.default-release-1616317886315 [2021-05-28]
FF Extension: (Blokátor reklam AdGuard) - C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\reez1ulx.default-release-1616317886315\Extensions\adguardadblocker@adguard.com.xpi [2021-05-27]
FF Extension: (To Google Translate) - C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\reez1ulx.default-release-1616317886315\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2021-03-22]
FF Extension: (Linkificator) - C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\reez1ulx.default-release-1616317886315\Extensions\linkificator@markapola.xpi [2021-03-22]
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-27] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-591005949-3795881383-2982760695-1001: @jlgplayer3.julegame.com -> C:\Users\pc\AppData\Local\JuleGame\jlgplayer\npjlgplayer3.dll [No File]

Chrome:
=======
CHR Profile: C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default [2021-05-26]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-05-08]
CHR Extension: (Chrome Media Router) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-16]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]

Opera:
=======
OPR Profile: C:\Users\pc\AppData\Roaming\Opera Software\Opera Stable [2021-05-25]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1208432 2021-03-16] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [537472 2021-03-16] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [484904 2021-03-16] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [484904 2021-03-16] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [575776 2021-03-16] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [634768 2021-04-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2988544 2020-06-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [383976 2021-05-06] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [244040 2021-05-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [159080 2021-04-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 ImDskSvc; C:\WINDOWS\system32\imdsksvc.exe [25720 2020-08-18] (Avira Operations GmbH & Co. KG -> Olof Lagerkvist)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5393288 2021-05-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2021-01-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2021-01-16] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2021-02-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22336 2021-02-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [209744 2021-03-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [199312 2021-03-16] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2021-02-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2021-02-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [45472 2021-02-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R2 ImDisk; C:\WINDOWS\system32\DRIVERS\imdisk.sys [95376 2020-08-18] (Microsoft Windows Hardware Compatibility Publisher -> Olof Lagerkvist)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2021-01-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2021-01-16] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2021-01-16] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

Error Reading file: "C:\Users\pc\Downloads\Zámek a klíč (2020) S01 complet CZ dabing "
2021-05-28 16:46 - 2021-05-28 16:47 - 000016004 _____ C:\Users\pc\Desktop\FRST.txt
2021-05-28 16:45 - 2021-05-28 16:47 - 000000000 ____D C:\FRST
2021-05-28 16:45 - 2021-05-28 16:44 - 002299904 _____ (Farbar) C:\Users\pc\Desktop\FRST64.exe
2021-05-28 16:44 - 2021-05-28 16:44 - 002299904 _____ (Farbar) C:\Users\pc\Downloads\FRST64.exe
2021-05-27 17:59 - 2021-05-27 17:59 - 000000000 ____D C:\Users\pc\AppData\Local\Biomutant
2021-05-27 17:53 - 2021-05-27 17:59 - 000000765 _____ C:\Users\pc\Desktop\BIOMUTANT.lnk
2021-05-27 17:53 - 2021-05-27 17:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BIOMUTANT
2021-05-27 16:38 - 2021-05-27 16:39 - 000000000 ____D C:\Users\Public\Documents\The Witcher
2021-05-27 16:30 - 2021-05-27 16:30 - 000001950 _____ C:\Users\Public\Desktop\The Witcher - EE - DC.lnk
2021-05-27 05:59 - 2021-05-25 12:12 - 008534696 _____ (Malwarebytes) C:\Users\pc\Desktop\adwcleaner_8.2.exe
2021-05-26 21:29 - 2021-05-26 21:30 - 000000000 ____D C:\rsit
2021-05-26 21:29 - 2021-05-26 21:30 - 000000000 ____D C:\Program Files\trend micro
2021-05-26 21:29 - 2021-05-26 21:29 - 001222144 _____ C:\Users\pc\Downloads\RSITx64.exe
2021-05-25 06:01 - 2021-05-24 21:18 - 000002480 _____ C:\WINDOWS\system32\Drivers\etc\hosts.check
2021-05-24 21:10 - 2021-05-24 21:10 - 000000746 _____ C:\Users\pc\Desktop\0god.cfg
2021-05-24 21:08 - 2021-05-24 21:08 - 000023386 _____ C:\Users\pc\Desktop\66.txt
2021-05-24 20:20 - 2021-05-24 20:20 - 000000000 ____D C:\Users\pc\Downloads\The Legend of Zelda Breath of the Wild
2021-05-22 21:44 - 2021-05-24 21:18 - 000002480 _____ C:\WINDOWS\system32\Drivers\etc\hosts.rollback
2021-05-22 21:44 - 2021-05-22 21:44 - 000000000 ____D C:\Users\pc\AppData\Local\Vampirem
2021-05-22 21:44 - 2020-05-07 17:58 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts.backup
2021-05-22 21:31 - 2021-05-22 21:31 - 000001363 _____ C:\Users\Public\Desktop\Vampirem.lnk
2021-05-20 20:55 - 2021-05-20 21:33 - 000000000 ____D C:\Users\pc\Downloads\Alice.in.Borderland.S01.DUBBED.WEBRip.x264-ION10
2021-05-19 20:35 - 2021-05-20 06:18 - 000000000 ____D C:\Program Files (x86)\Rise of the Tomb Raider
2021-05-19 20:25 - 2021-05-19 20:27 - 000000000 ____D C:\Users\pc\Documents\FLiNGTrainer
2021-05-19 14:59 - 2021-05-19 14:59 - 000000000 ____D C:\Users\pc\Documents\Rise of the Tomb Raider
2021-05-19 14:59 - 2021-05-19 14:59 - 000000000 ____D C:\Users\pc\AppData\Roaming\Crystal Dynamics
2021-05-19 14:45 - 2021-05-19 14:45 - 000000000 ____D C:\Users\pc\AppData\Roaming\Rise_Of_TB_Instaler
2021-05-16 21:27 - 2021-05-17 18:31 - 000012288 _____ C:\Users\pc\AppData\Roaming\emp.bin
2021-05-14 16:41 - 2021-05-14 16:41 - 000000000 ____D C:\WINDOWS\Panther
2021-05-14 16:17 - 2021-05-14 16:17 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-05-14 16:17 - 2021-05-14 16:17 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-05-14 16:17 - 2021-05-14 16:17 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-05-14 16:17 - 2021-05-14 16:17 - 000153600 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
2021-05-14 16:16 - 2021-05-14 16:16 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-05-14 16:16 - 2021-05-14 16:16 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-05-14 16:16 - 2021-05-14 16:16 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-14 16:16 - 2021-05-14 16:16 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-05-14 16:16 - 2021-05-14 16:16 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-05-14 16:16 - 2021-05-14 16:16 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-05-14 16:15 - 2021-05-14 16:15 - 001823816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-05-14 16:15 - 2021-05-14 16:15 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-05-14 16:15 - 2021-05-14 16:15 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-14 16:15 - 2021-05-14 16:15 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-05-13 16:00 - 2021-05-13 16:06 - 1422417920 _____ C:\Users\pc\Downloads\Avantgarda - Vanguard.2020.480p.BluRay.CZ.dabing.avi
2021-05-10 05:24 - 2021-05-10 05:24 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-05-08 20:39 - 2021-05-08 20:39 - 000000755 _____ C:\Users\Public\Desktop\Tony Vočko a případ růžového tapíra.lnk
2021-05-08 20:39 - 2021-05-08 20:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tony Vočko
2021-05-06 19:47 - 2021-05-14 16:40 - 000000000 ____D C:\Program Files\Mozilla Firefox

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-05-28 16:46 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-05-28 16:45 - 2020-09-04 23:09 - 000000000 ____D C:\Users\pc\AppData\Roaming\uTorrent
2021-05-28 16:45 - 2020-05-07 18:07 - 000000000 ____D C:\ProgramData\Mozilla
2021-05-28 16:45 - 2018-07-05 13:19 - 000000000 ____D C:\Users\pc\AppData\LocalLow\Mozilla
2021-05-28 16:02 - 2021-01-16 15:26 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-05-28 16:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-05-28 12:10 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-05-28 12:09 - 2020-06-06 17:49 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-05-28 12:09 - 2020-06-06 17:49 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-05-28 05:21 - 2020-05-08 03:15 - 000000000 ____D C:\Program Files\CCleaner
2021-05-27 17:59 - 2020-06-26 16:30 - 000000000 ____D C:\Users\pc\AppData\Local\UnrealEngine
2021-05-27 17:40 - 2021-02-02 22:59 - 000000000 ____D C:\Games
2021-05-27 17:16 - 2021-02-02 23:44 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2021-05-27 17:16 - 2020-06-26 16:09 - 000000000 ___HD C:\WINDOWS\msdownld.tmp
2021-05-27 16:30 - 2020-09-06 10:38 - 000000000 ____D C:\Program Files (x86)\GOG Games
2021-05-27 06:00 - 2020-05-07 17:27 - 000000000 ____D C:\ProgramData\NVIDIA
2021-05-26 04:55 - 2020-05-08 03:15 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-05-26 04:55 - 2020-05-08 03:15 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-05-25 12:13 - 2019-04-06 22:39 - 000000000 ____D C:\AdwCleaner
2021-05-25 06:00 - 2020-05-08 03:17 - 000000000 ____D C:\ProgramData\Package Cache
2021-05-20 06:47 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-05-20 06:43 - 2021-01-16 15:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-05-20 06:43 - 2021-01-16 15:25 - 000008192 ___SH C:\DumpStack.log.tmp
2021-05-20 06:42 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-05-19 14:59 - 2021-01-16 10:49 - 000000000 ____D C:\Users\pc\AppData\Local\D3DSCache
2021-05-18 20:27 - 2021-01-16 15:43 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-05-18 20:27 - 2019-12-07 16:43 - 000716770 _____ C:\WINDOWS\system32\perfh005.dat
2021-05-18 20:27 - 2019-12-07 16:43 - 000144948 _____ C:\WINDOWS\system32\perfc005.dat
2021-05-17 18:33 - 2020-05-07 18:00 - 000000000 ____D C:\Users\pc\AppData\Local\Packages
2021-05-14 20:34 - 2021-04-16 22:41 - 000001078 _____ C:\Users\Public\Desktop\Avira.lnk
2021-05-14 20:34 - 2021-04-16 22:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2021-05-14 20:34 - 2021-02-02 20:05 - 000003714 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update
2021-05-14 16:48 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-05-14 16:43 - 2021-01-16 15:26 - 000266504 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-05-14 16:40 - 2020-05-07 18:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-05-14 16:38 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-05-14 16:38 - 2019-12-07 16:44 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-05-14 16:38 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-05-14 16:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-05-14 16:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-05-14 16:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-05-14 16:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-05-14 16:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-05-14 16:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-05-14 16:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-05-14 16:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-05-14 16:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-05-14 16:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-05-14 16:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-05-14 16:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-05-14 16:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-05-14 16:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-05-14 16:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-05-14 16:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-05-14 16:23 - 2019-12-07 16:47 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-05-14 16:23 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-05-14 15:32 - 2020-05-07 21:09 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-05-14 15:28 - 2020-05-07 21:09 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-05-13 21:12 - 2021-02-18 20:11 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-05-11 07:13 - 2020-05-09 06:33 - 000000000 ____D C:\Users\Public\Security Sessions
2021-05-11 05:59 - 2021-02-02 20:03 - 000000000 ____D C:\Users\Public\Speedup Sessions
2021-05-10 05:24 - 2020-05-07 18:07 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk

==================== Files in the root of some directories ========

2021-05-16 21:27 - 2021-05-17 18:31 - 000012288 _____ () C:\Users\pc\AppData\Roaming\emp.bin

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: prosím o kontrolu děkuji

#6 Příspěvek od Conder »

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
    File: C:\Program Files (x86)\EUROBYTE TOOLS\vp4.exe
    ExportKey: HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer
    Folder: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe
    File: C:\WINDOWS\System32\drivers\BthA2dp.sys
    CMD: dir /a "C:\Users\pc\Downloads"
    
    HKLM\...\Run: [] => [X]
    HKLM-x32\...\Run: [] => [X]
    HKU\S-1-5-21-591005949-3795881383-2982760695-1001\...\Run: [] => [X]
    FF Plugin HKU\S-1-5-21-591005949-3795881383-2982760695-1001: @jlgplayer3.julegame.com -> C:\Users\pc\AppData\Local\JuleGame\jlgplayer\npjlgplayer3.dll [No File]
    2021-05-26 21:29 - 2021-05-26 21:30 - 000000000 ____D C:\rsit
    2021-05-26 21:29 - 2021-05-26 21:30 - 000000000 ____D C:\Program Files\trend micro
    2021-05-26 21:29 - 2021-05-26 21:29 - 001222144 _____ C:\Users\pc\Downloads\RSITx64.exe
    
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah skopiruj a vloz do dalsej odpovede
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

simy13
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 26 kvě 2021 20:35

Re: prosím o kontrolu děkuji

#7 Příspěvek od simy13 »

Fix result of Farbar Recovery Scan Tool (x64) Version: 02-06-2021
Ran by pc (02-06-2021 21:39:45) Run:1
Running from C:\Users\pc\Desktop
Loaded Profiles: pc
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Program Files (x86)\EUROBYTE TOOLS\vp4.exe
ExportKey: HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer
Folder: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe
File: C:\WINDOWS\System32\drivers\BthA2dp.sys
CMD: dir /a "C:\Users\pc\Downloads"

HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-591005949-3795881383-2982760695-1001\...\Run: [] => [X]
FF Plugin HKU\S-1-5-21-591005949-3795881383-2982760695-1001: @jlgplayer3.julegame.com -> C:\Users\pc\AppData\Local\JuleGame\jlgplayer\npjlgplayer3.dll [No File]
2021-05-26 21:29 - 2021-05-26 21:30 - 000000000 ____D C:\rsit
2021-05-26 21:29 - 2021-05-26 21:30 - 000000000 ____D C:\Program Files\trend micro
2021-05-26 21:29 - 2021-05-26 21:29 - 001222144 _____ C:\Users\pc\Downloads\RSITx64.exe

EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 2461
Average :
Sum : 451543933
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========


========================= File: C:\Program Files (x86)\EUROBYTE TOOLS\vp4.exe ========================

C:\Program Files (x86)\EUROBYTE TOOLS\vp4.exe
File is digitally signed
MD5: 3AFF46AFFAA3CF38AB4A76E8D25B21AC
Creation and modification date: 2021-03-21 21:35 - 2021-03-01 09:17
Size: 000302976
Attributes: ----A
Company Name: EUROBYTE SOFTWARE s.r.o. -> OEM
Internal Name: vp4
Original Name: vp4.exe
Product: VycistitPocitac
Description:
File Version: 4.0.0.320
Product Version: 4.0.0.320
Copyright:
VirusTotal: 0

====== End of File: ======

================== ExportKey: ===================

[HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer]
[HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer\FlipAhead]
"Enabled"="0"
[HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer\Geolocation]
"PolicyDisableGeolocation"="1"

=== End of ExportKey ===

========================= Folder: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe ========================

2021-05-14 16:14 - 2021-05-14 16:14 - 000000321 ____A [2270739F508AE8BB0632DC8270079026] () C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AppxBlockMap.xml
2021-05-14 16:14 - 2021-05-14 16:14 - 000024908 ____A [2C013FDBF70FEF87F617FDD284494264] () C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AppxManifest.xml
2021-05-14 16:14 - 2021-05-14 16:14 - 000008615 ____A [8D0B1A107D4546502BC2FF0E448948D1] () C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AppxSignature.p7x
2021-05-14 16:14 - 2021-05-14 16:14 - 001234704 ____A [9206E60C818E1BC9F40C960A83B6E354] () C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\resources.pri
2021-01-16 15:41 - 2021-01-16 15:54 - 000000000 __SHD [00000000000000000000000000000000] () C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoft.system.package.metadata
2021-01-16 15:54 - 2021-05-14 16:48 - 000000000 ____D [00000000000000000000000000000000] () C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoft.system.package.metadata\Autogen
2021-01-16 15:54 - 2021-05-14 16:48 - 000000004 ___AS [1036E3DDDC89A4E68D8A33F3823A180E] () C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoft.system.package.metadata\Autogen\JSByteCodeCache_64

====== End of Folder: ======


========================= File: C:\WINDOWS\System32\drivers\BthA2dp.sys ========================

C:\WINDOWS\System32\drivers\BthA2dp.sys
File not signed
MD5: 7F09708B8C651A0C0E2A2725136BA254
Creation and modification date: 2019-12-07 11:07 - 2019-12-07 11:07
Size: 000279040
Attributes: ----A
Company Name: Microsoft Corporation
Internal Name: btha2dp.sys
Original Name: btha2dp.sys
Product: Microsoft® Windows® Operating System
Description: Bluetooth A2DP Driver
File Version: 10.0.19041.1 (WinBuild.160101.0800)
Product Version: 10.0.19041.1
Copyright: © Microsoft Corporation. All rights reserved.
VirusTotal: https://www.virustotal.com/gui/file/044 ... 1622657055

====== End of File: ======


========= dir /a "C:\Users\pc\Downloads" =========

Volume in drive C has no label.
Volume Serial Number is B017-D008

Directory of C:\Users\pc\Downloads

02.06.2021 21:37 <DIR> .
02.06.2021 21:37 <DIR> ..
13.02.2019 21:21 64 646 10400372_1173187123126_8269303_n.jpg
29.06.2020 06:06 52 211 105833575_3925997050809035_5167658638765505755_o.jpg
03.10.2018 20:16 103 566 11153281_20162573137500.zip
12.10.2020 20:33 502 097 116265255_4056510937757645_1354951330048999418_o.jpg
26.12.2020 13:47 188 510 125367142_416911262863633_3927420573889715179_n.jpg
21.11.2020 07:23 85 740 126837612_4601937616548305_8618270809559294421_o.jpg
24.01.2021 09:51 49 705 141931023_3341560619282783_8336442475881637914_n.jpg
25.10.2018 14:59 4 341 234 20181001_083139.jpg.zip
25.03.2020 15:58 <DIR> 2020-03 (bře)
18.02.2021 22:08 543 394 22.pdf
28.12.2018 11:20 97 558 49344436_2339394599469296_6311270539562319872_o.jpg
07.07.2019 19:40 282 990 66084676_1553321391465088_645802015749832704_n.jpg
07.07.2019 19:41 104 492 66441336_428520941330066_8250759255108354048_n.jpg
27.05.2020 19:12 38 624 400 AdbeRdr11000_cs_CZ.exe
06.04.2019 22:39 7 025 360 adwcleaner_7.3.exe
20.05.2021 21:33 <DIR> Alice.in.Borderland.S01.DUBBED.WEBRip.x264-ION10
13.05.2021 16:06 1 422 417 920 Avantgarda - Vanguard.2020.480p.BluRay.CZ.dabing.avi
30.08.2018 01:13 419 avngi.srt
14.10.2020 15:56 1 221 032 193 Books of Blood-2020-Webrip-AAC.5.1-1080p.H.264-1920x960-cz title vlozene vypinatelne.mkv
06.04.2019 20:35 20 915 232 ccsetup555_rtb.exe
08.05.2020 03:14 22 267 336 ccsetup565.exe
06.12.2020 08:38 1 090 492 416 Co by kdyby_This Is Where I Leave You (2014) CZ dabing.avi
24.11.2020 15:36 1 645 764 182 cupricesit.avi
24.11.2020 15:26 297 cupricesit.srt
06.10.2020 16:29 2 645 729 007 DELIVER US FROM EVIL.2020.720p.HDRip.H264.AAC.cz.tit.mkv
16.01.2021 15:53 282 desktop.ini
12.02.2019 15:11 <DIR> DLL Suite 9.0.....HanzyKisik
18.03.2021 19:54 281 588 dokument-125874350(1).pdf
26.01.2021 17:27 281 588 dokument-125874350.pdf
01.02.2021 17:20 1 294 700 648 El.robo.del.siglo.(The.Heist.of.the.Century).(2020).CZ.TITULKY.mkv
12.02.2019 15:02 <DIR> faktury
02.04.2021 22:55 <DIR> Fargo Série 3 (CZ-ENG)[WebRip]
29.11.2020 12:48 1 956 896 595 Fatman.2020.1080p.cz.sub.WEBRip.x264.mkv
28.07.2018 14:03 313 848 Firefox Installer.exe
04.05.2019 12:04 1 207 336 flashplayer32_xa_install.exe
17.11.2020 14:37 1 410 680 flash_player.exe
04.08.2019 17:14 682 735 FRM_CPE_03-Zadost_o_ukonceni_smlouvy.pdf
28.05.2021 16:44 2 299 904 FRST64.exe
25.11.2020 20:46 1 480 638 916 Gia CZ (1998).avi
06.09.2018 05:30 5 490 082 Gmail.zip
12.02.2019 11:48 4 906 hlubmonme.srt
02.03.2019 13:14 <DIR> HWIDGEN v.10.24 Aktivátor digitální licence pro Windows 10
26.12.2019 14:41 1 961 655 IMG_20191226_105207.jpg
05.11.2020 17:09 1 820 990 958 Inheritance (2020) cz.titl.avi
14.02.2019 09:24 1 136 176 installbackupandsync.exe
02.08.2018 20:28 466 lock.forced.cz.srt
02.08.2018 20:58 2 622 890 272 lock2.avi
11.10.2020 09:43 2 118 358 749 LX.2048.2020.1080p.WEBRip.x264.cz.tit.mkv
17.04.2019 14:41 101 919 meření.jpg
18.02.2021 19:05 104 346 mKonto_01588065_190101_210218.pdf
07.02.2021 09:16 128 210 mudr.jpg
22.01.2021 20:44 2 691 491 571 Nomadland.(Země nomádů).(2020).1080p.CZ.TITULKY.mkv
07.03.2020 14:12 688 092 549 N_S_III_1.rar
18.02.2021 20:33 543 393 OdporEPR_RE.pdf
09.10.2020 14:47 1 209 644 778 Oloture-2019-Webrip-AAC.5.1-1080p.H.264-1920x1012-cz title vlozene.m4v
17.11.2020 15:32 1 984 994 169 Orígenes secretos - Původ neznámý sp 5.1 cz sp tit.mkv
06.02.2021 10:59 47 616 postovni_kuryr_pravidla.doc
26.05.2021 21:29 1 222 144 RSITx64.exe
09.04.2021 22:14 1 671 744 452 Rytíři spravedlnosti CZ titulky (2020).avi
21.03.2020 11:37 2 155 500 827 Sing Street_2016_titulky.CZ.mkv
21.04.2019 23:07 14 574 sndmft.cat
21.04.2019 22:58 51 321 snDMFT.inf
21.04.2019 23:07 6 886 784 SonixDeviceMFT.dll
05.07.2018 14:06 5 140 824 tcmd920x64.exe
24.05.2021 20:20 <DIR> The Legend of Zelda Breath of the Wild
13.03.2021 23:28 <DIR> The.Mandalorian.S02.720p.WEBRip.DDP5.1.Atmos.x264-MZABI
09.10.2020 14:49 1 446 278 263 They.Live.Inside.Us.2020.HDRip.XviD.AC3.cztit.mkv
01.07.2019 12:23 57 221 488 torbrowser-install-win64-8.5.3_en-US.exe
20.10.2020 18:47 13 229 Transakční historie.html
09.03.2020 16:24 1 705 339 962 U Zlaté rukavice 2019 cz titulky-paja.mkv
21.10.2020 19:19 346 112 Unlockerx64 1.9.2.msi
05.11.2020 15:40 2 271 706 609 Vanocni vysadek - Operation.Christmas.Drop.2020.1080p.WEBRip,CZ,dabing.5.1.mkv
28.05.2020 22:36 15 301 888 vc_redist.x64.exe
22.01.2021 00:25 <DIR> Windows-10x64
02.02.2021 20:55 <DIR> Wolfenstein 2009
05.02.2020 20:19 <DIR> x64
16.02.2020 15:42 <DIR> Zámek a klíč (2020) S01 complet CZ dabing
65 File(s) 35 342 149 317 bytes
14 Dir(s) 32 963 403 776 bytes free

========= End of CMD: =========

"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKU\S-1-5-21-591005949-3795881383-2982760695-1001\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
HKU\S-1-5-21-591005949-3795881383-2982760695-1001\Software\MozillaPlugins\@jlgplayer3.julegame.com => removed successfully
"C:\Users\pc\AppData\Local\JuleGame\jlgplayer\npjlgplayer3.dll" => not found
C:\rsit => moved successfully
C:\Program Files\trend micro => moved successfully
C:\Users\pc\Downloads\RSITx64.exe => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 24501945 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 110212 B
Edge => 77394 B
Chrome => 139264 B
Firefox => 985248302 B
Opera => 140000 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 3984 B
NetworkService => 3984 B
pc => 4451629 B

RecycleBin => 1708345572 B
EmptyTemp: => 2.5 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:41:58 ====

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: prosím o kontrolu děkuji

#8 Příspěvek od Conder »

Log vyzera OK. Su s PC nejake problemy?

V logu je este hlaseny problem so zlozkou "C:\Users\pc\Downloads\Zámek a klíč (2020) S01 complet CZ dabing" - nie su s nou nejake problemy (napr. s otvorenim)?
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

simy13
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 26 kvě 2021 20:35

Re: prosím o kontrolu děkuji

#9 Příspěvek od simy13 »

tato složka je prázdná ale nejde odstranit děkuji mnoho krát

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: prosím o kontrolu děkuji

#10 Příspěvek od Conder »

Tu zlozku by malo byt mozne odstranit tymto prikazom do prikazoveho riadku:

Kód: Vybrat vše

rmdir /s /q C:\Users\pc\Downloads\ZMEKAK~1
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Odpovědět