Prosím kontrolu logu

Zpráva

cudla11 · #1 Příspěvek od **cudla11** » 06 lis 2021 07:47

Logfile of random's system information tool 1.10 (written by random/random)
Run by Petr at 2021-11-06 07:26:39
Microsoft Windows 10 Pro
System drive C: has 73 GB (30%) free of 243 GB
Total RAM: 7613 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:26:52, on 06.11.2021
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.19041.1202)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNMON.EXE
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\Lenovo\iMController\PluginHost86\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
C:\Users\Petr\AppData\Local\JDownloader 2.0\JDownloader2.exe
C:\Program Files\trend micro\Petr.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo17win10.msn.com/?pc=LCTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://securesearch.org/homepage?hp=2& ... 2020-09-25 10:30:14&bName=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\95.0.1020.40\BHO\ie_to_edge_bho.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_311\bin\ssv.dll
O2 - BHO: McAfee WebAdvisor - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_311\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Autodesk Desktop App] "C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
O4 - HKLM\..\Run: [Bonus.SSR.FR12] "C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe" /autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [EPSDNMON] "C:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNMON.EXE"
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O9 - Extra 'Tools' menuitem: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: Autodesk Desktop App Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Intel® SGX AESM (AESMService) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_69d915519e0a2ac8\aesm_service.exe
O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8a8976fda8c58073\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8a8976fda8c58073\IntelCpHDCPSvc.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_75e72 - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @C:\WINDOWS\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\WINDOWS\system32\CxAudMsg64.exe (file missing)
O23 - Service: CxUtilSvc - Conexant Systems, Inc. - C:\Program Files\Conexant\SAII\CxUtilSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing)
O23 - Service: @oem102.inf,%ServiceDisplayName%;Intel(R) Dynamic Platform and Thermal Framework service (esifsvc) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_7ecc5be6ca7b3b0d\esif_uf.exe
O23 - Service: ELAN Service (ETDService) - Unknown owner - C:\WINDOWS\System32\ETDService.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\95.0.4638.69\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8a8976fda8c58073\igfxCUIService.exe
O23 - Service: @oem20.inf,%ImcSvcDisplayName%;System Interface Foundation Service (ImControllerService) - Lenovo Group Ltd. - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
O23 - Service: @oem66.inf,%SocketHECIServiceName%;Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) - Intel(R) Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\SocketHeciServer.exe
O23 - Service: @oem66.inf,%TPMProvisioningServiceName%;Intel(R) TPM Provisioning Service (Intel(R) TPM Provisioning Service) - Intel(R) Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\TPMProvisioningService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LenovoVantageService - Lenovo Group Ltd. - C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\LenovoVantageService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\WINDOWS\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee WebAdvisor - McAfee, LLC - C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: PDF24 - geek software GmbH - C:\Program Files\PDF24\pdf24.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\WINDOWS\system32\SAsrv.exe
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14860 bytes

======Listing Processes======

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-df745285-8e47-4caf-b0bf-de4c861a99f8 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-98531385-dbd6-4a08-889c-1c13b23ea0da -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-4562fc2d-a1fe-4870-9b98-ea246b8ba355 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-39909b81-95c7-4b84-ab04-77e97b17fee6 -LifetimeId:1fb4c055-b0ea-42aa-8d75-28a60c3e366c -DeviceGroupId: -HostArg:0
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-fc8df305-e9ac-4e04-abe6-efa2210ee3af -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-901f00bf-ece5-4e8e-ace5-973ac8872c80 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-db8c5a6e-46b8-422c-8349-55ebbb49f8cd -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-50cedc25-a3ab-4fa7-b675-70c9bafddb4c -LifetimeId:4097ce26-9441-41f3-8b65-2722fb6f562f -DeviceGroupId: -HostArg:0
winlogon.exe
"fontdrvhost.exe"
"dwm.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-ad916861-c2ed-4947-be5b-a39510220b58 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-b916df54-bcaa-4462-96ec-acf12896b8bc -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-cc91b4fb-161c-4dab-89ff-6b1681c183fb -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-701c170b-211e-4ddc-9828-c3759183385d -LifetimeId:3ae2ffb2-72e3-4d4b-92fb-5f6be3cdfa41 -DeviceGroupId: -HostArg:0
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\WINDOWS\System32\ETDService.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Themes
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s EventSystem
C:\WINDOWS\system32\svchost.exe -k LocalService -p

C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s NlaSvc
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s DispBrokerDesktopSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8a8976fda8c58073\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s netprofm
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s FontCache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -s RmSvc
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k WbioSvcGroup -s WbioSrvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\WINDOWS\system32\WLANExt.exe 1286725207776
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\WINDOWS\system32\CxAudMsg64.exe
"C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe"
C:\Windows\system32\EscSvc64.exe
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8a8976fda8c58073\IntelCpHDCPSvc.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s SstpSvc
"C:\WINDOWS\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"

"C:\Program Files\Conexant\SAII\CxUtilSvc.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe"
"C:\WINDOWS\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_7ecc5be6ca7b3b0d\esif_uf.exe"
"C:\WINDOWS\system32\SAsrv.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s LanmanServer
"C:\Program Files\PDF24\pdf24.exe" -service
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s WdiServiceHost
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8a8976fda8c58073\IntelCpHeciSvc.exe
dashost.exe {d3b8b5ea-e93b-430b-94f6ef022f1bd120}
C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc

C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\system32\ETDCtrlHelper.exe
C:\WINDOWS\system32\ETDCtrl.exe
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
"ctfmon.exe"
"C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8a8976fda8c58073\igfxEM.exe"
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CDPSvc
"C:\WINDOWS\system32\ETDTouch.exe"
explorer.exe
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
"C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
"C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe" -ServerName:InputApp.AppX9jnwykgrccxc8by3hsrsh07r423xzvav.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
-name 4d562b42-fd13-4e11-8475-536066087ebc -runas -pluginName IdeaNotebookPlugin -pluginVersion 1.2.76.13
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\System32\SecurityHealthSystray.exe"

"C:\Program Files\CONEXANT\ForteConfig\fmapp.exe"
"C:\Program Files\PDF24\pdf24.exe"
"C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
"C:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNMON.EXE"
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.1.32.0_x64__5grkq8ppsgwt4\LaunchUtility\utility.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k netsvcs -p
C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_69d915519e0a2ac8\aesm_service.exe

C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc

C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\SocketHeciServer.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UsoSvc

-name 29c9c77c-fddd-4672-b56f-528eae794d81 -runas -pluginName DolbyAudioPlugin -pluginVersion 1.2.239.24
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe -Embedding
"C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe"

C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\system32\svchost.exe -k LocalService -s W32Time
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s DsSvc
-name a79614f6-e80f-4ff9-b3a5-b1c1771575f6 -runas -pluginName GenericDisplayPlugin -pluginVersion 1.2.179.5
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
taskhostw.exe
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s LicenseManager
"C:\Program Files\McAfee\WebAdvisor\UIHost.exe"
"C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe"
"C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe" -ServerName:App.AppXsm3pg4n7er43kdh1qp4e79f1j7am68r8.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2021.21090.10008.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\mousocoreworker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21092.145.0_x64__8wekyb3d8bbwe\YourPhone.exe" -ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding

C:\Windows\System32\smartscreen.exe -Embedding
"C:\Users\Petr\AppData\Local\JDownloader 2.0\JDownloader2.exe" -afterupdate
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\AUDIODG.EXE 0x474
"C:\Program Files\Mozilla Firefox\firefox.exe"
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="940.0.479121497\985214331" -parentBuildID 20211103134640 -prefsHandle 1728 -prefMapHandle 1720 -prefsLen 1 -prefMapSize 265800 -appdir "C:\Program Files\Mozilla Firefox\browser" - 940 "\\.\pipe\gecko-crash-server-pipe.940" 1820 1abf8dac138 gpu
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="940.1.151341180\538034780" -parentBuildID 20211103134640 -prefsHandle 2224 -prefMapHandle 2220 -prefsLen 425 -prefMapSize 265800 -appdir "C:\Program Files\Mozilla Firefox\browser" - 940 "\\.\pipe\gecko-crash-server-pipe.940" 2232 1abf9b0b938 socket
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="940.2.493986422\407046708" -childID 1 -isForBrowser -prefsHandle 2916 -prefMapHandle 2912 -prefsLen 552 -prefMapSize 265800 -jsInit 1512 278680 -parentBuildID 20211103134640 -appdir "C:\Program Files\Mozilla Firefox\browser" - 940 "\\.\pipe\gecko-crash-server-pipe.940" 2928 1abfe270938 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="940.4.24777863\1919320632" -childID 2 -isForBrowser -prefsHandle 4576 -prefMapHandle 4572 -prefsLen 5261 -prefMapSize 265800 -jsInit 1512 278680 -parentBuildID 20211103134640 -appdir "C:\Program Files\Mozilla Firefox\browser" - 940 "\\.\pipe\gecko-crash-server-pipe.940" 4448 1ac01857338 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="940.6.178282238\1041566305" -childID 3 -isForBrowser -prefsHandle 5292 -prefMapHandle 4576 -prefsLen 5960 -prefMapSize 265800 -jsInit 1512 278680 -parentBuildID 20211103134640 -appdir "C:\Program Files\Mozilla Firefox\browser" - 940 "\\.\pipe\gecko-crash-server-pipe.940" 5328 1ac039f9f38 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="940.8.286857403\1459144515" -childID 4 -isForBrowser -prefsHandle 5748 -prefMapHandle 5772 -prefsLen 5960 -prefMapSize 265800 -jsInit 1512 278680 -parentBuildID 20211103134640 -appdir "C:\Program Files\Mozilla Firefox\browser" - 940 "\\.\pipe\gecko-crash-server-pipe.940" 5796 1ac02ec3338 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="940.10.1939565258\276046159" -parentBuildID 20211103134640 -prefsHandle 7988 -prefMapHandle 7992 -prefsLen 8203 -prefMapSize 265800 -appdir "C:\Program Files\Mozilla Firefox\browser" - 940 "\\.\pipe\gecko-crash-server-pipe.940" 7408 1ac05acb538 rdd
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="940.12.1196588461\69537051" -childID 5 -isForBrowser -prefsHandle 8096 -prefMapHandle 4576 -prefsLen 9060 -prefMapSize 265800 -jsInit 1512 278680 -parentBuildID 20211103134640 -appdir "C:\Program Files\Mozilla Firefox\browser" - 940 "\\.\pipe\gecko-crash-server-pipe.940" 428 1abff447d38 tab
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe34_ Global\UsGthrCtrlFltPipeMssGthrPipe34 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 800 804 812 8192 808 784
"C:\Users\Petr\Desktop\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\WINDOWS\tasks\EPSON XP-900 Series Update {1D34E24D-3602-4463-BC8C-53017AC68CA0}.job - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSRGE.EXE /EXE:"{1D34E24D-3602-4463-BC8C-53017AC68CA0}" /F:"Update"

=========Mozilla firefox=========

ProfilePath - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\h0hpy4yt.default-release

prefs.js - "browser.startup.homepage" - "www.seznam.cz"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.311.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_311\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.311.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_311\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf]
"Description"=Handles PDF files in place in the browser
"Path"=C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf]
"Description"=Handles PDF files in place in the browser
"Path"=C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf]
"Description"=Handles PDF files in place in the browser
"Path"=C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.10]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.11]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.12]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf]
"Description"=Handles PDF files in place in the browser
"Path"=C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf]
"Description"=Handles PDF files in place in the browser
"Path"=C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf]
"Description"=Handles PDF files in place in the browser
"Path"=C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll

C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\h0hpy4yt.default-release\searchplugins\
yahoo.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\95.0.1020.40\BHO\ie_to_edge_bho_64.dll [2021-10-29 525216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-10-20 1423696]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\95.0.1020.40\BHO\ie_to_edge_bho.dll [2021-10-29 407456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-11-02 154944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_311\bin\ssv.dll [2021-10-25 615768]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-10-20 1118336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_311\bin\jp2ssv.dll [2021-10-25 279384]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2019-12-07 86016]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2017-06-23 603992]
"ForteConfig"=C:\Program Files\Conexant\ForteConfig\fmapp.exe [2010-10-26 49056]
"AdobeGCInvoker-1.0"=C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2021-09-07 3412736]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2017-06-07 1832280]
"PDF24"=C:\Program Files\PDF24\pdf24.exe [2021-10-11 585464]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2020-03-25 365160]
"EPSDNMON"=C:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNMON.EXE [2020-07-27 346712]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2021-10-19 35116160]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Desktop App"=C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [2017-03-10 704424]
"Bonus.SSR.FR12"=C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe [2016-10-18 1527960]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2021-09-27 706344]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcCtnrSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsQuic]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcCtnrSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"DisableTaskMgr"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"aux1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave1"=wdmaud.drv
"aux2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave2"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"aux3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave3"=wdmaud.drv

======File associations======

.inf - install -
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open -
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2021-11-06 07:26:39 ----D---- C:\rsit
2021-11-06 07:26:39 ----D---- C:\Program Files\trend micro
2021-11-05 09:32:35 ----D---- C:\Program Files\Mozilla Firefox
2021-11-05 08:50:34 ----A---- C:\Users\Petr\AppData\Roaming\xxcv.dll
2021-11-05 08:50:34 ----A---- C:\Users\Petr\AppData\Roaming\rony.txt
2021-11-05 08:49:48 ----A---- C:\Users\Petr\AppData\Roaming\1.exe
2021-11-05 08:49:48 ----A---- C:\Users\Petr\AppData\Roaming\0.exe
2021-11-05 08:49:47 ----A---- C:\Users\Petr\AppData\Roaming\++.bat
2021-11-05 08:49:43 ----A---- C:\Users\Petr\AppData\Roaming\all cookies.exe
2021-11-05 08:45:42 ----D---- C:\WINDOWS\SYSWOW64\XPSViewer
2021-11-05 08:45:39 ----D---- C:\Program Files\Reference Assemblies
2021-11-05 08:45:39 ----D---- C:\Program Files\MSBuild
2021-11-05 08:45:39 ----D---- C:\Program Files (x86)\Reference Assemblies
2021-11-05 08:45:39 ----D---- C:\Program Files (x86)\MSBuild
2021-11-05 08:45:03 ----A---- C:\WINDOWS\SYSWOW64\TsWpfWrp.exe
2021-11-05 08:45:03 ----A---- C:\WINDOWS\SYSWOW64\PresentationNative_v0300.dll
2021-11-05 08:45:03 ----A---- C:\WINDOWS\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2021-11-05 08:45:00 ----A---- C:\WINDOWS\system32\TsWpfWrp.exe
2021-11-05 08:45:00 ----A---- C:\WINDOWS\system32\PresentationNative_v0300.dll
2021-11-05 08:45:00 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2021-11-04 13:41:39 ----D---- C:\Program Files (x86)\Microsoft Games
2021-11-04 13:30:31 ----A---- C:\Users\Petr\AppData\Roaming\specific.exe
2021-11-04 13:30:31 ----A---- C:\Users\Petr\AppData\Roaming\fffffffffffffffffffffffffdsds3.txt
2021-11-04 13:30:30 ----A---- C:\Users\Petr\AppData\Roaming\fffffffffffffffffffffffffdsds1.txt
2021-11-04 13:30:24 ----A---- C:\Users\Petr\AppData\Roaming\fffffffffffffffffffffffffdsds.txt
2021-11-04 13:30:00 ----A---- C:\Users\Petr\AppData\Roaming\cvcv.txt
2021-11-04 09:59:33 ----D---- C:\Program Files\CCleaner
2021-11-03 03:22:33 ----D---- C:\Program Files\PCHealthCheck
2021-11-02 18:44:13 ----SHD---- C:\Config.Msi
2021-10-18 13:58:52 ----D---- C:\Program Files\PDF24
2021-10-13 04:04:57 ----A---- C:\WINDOWS\SYSWOW64\wmpshell.dll
2021-10-13 04:04:57 ----A---- C:\WINDOWS\SYSWOW64\wmpeffects.dll
2021-10-13 04:04:57 ----A---- C:\WINDOWS\SYSWOW64\wmpdxm.dll
2021-10-13 04:04:56 ----A---- C:\WINDOWS\SYSWOW64\wmploc.DLL
2021-10-13 04:04:56 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2021-10-13 04:04:56 ----A---- C:\WINDOWS\SYSWOW64\spwmp.dll
2021-10-13 04:04:56 ----A---- C:\WINDOWS\SYSWOW64\dxmasf.dll
2021-10-13 04:04:56 ----A---- C:\WINDOWS\system32\wmpshell.dll
2021-10-13 04:04:56 ----A---- C:\WINDOWS\system32\wmploc.DLL
2021-10-13 04:04:56 ----A---- C:\WINDOWS\system32\wmpeffects.dll
2021-10-13 04:04:56 ----A---- C:\WINDOWS\system32\wmpdxm.dll
2021-10-13 04:04:56 ----A---- C:\WINDOWS\system32\spwmp.dll
2021-10-13 04:04:56 ----A---- C:\WINDOWS\system32\dxmasf.dll
2021-10-13 04:04:55 ----A---- C:\WINDOWS\system32\wmp.dll
2021-10-13 04:04:53 ----A---- C:\WINDOWS\SYSWOW64\wpdshext.dll
2021-10-13 04:04:53 ----A---- C:\WINDOWS\SYSWOW64\quickassist.exe
2021-10-13 04:04:53 ----A---- C:\WINDOWS\SYSWOW64\PortableDeviceWiaCompat.dll
2021-10-13 04:04:53 ----A---- C:\WINDOWS\SYSWOW64\DolbyDecMFT.dll
2021-10-13 04:04:53 ----A---- C:\WINDOWS\system32\quickassist.exe
2021-10-13 04:04:52 ----A---- C:\WINDOWS\SYSWOW64\WMADMOD.DLL
2021-10-13 04:04:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Streaming.dll
2021-10-13 04:04:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2021-10-13 04:04:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Audio.dll
2021-10-13 04:04:52 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2021-10-13 04:04:52 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2021-10-13 04:04:52 ----A---- C:\WINDOWS\SYSWOW64\mfps.dll
2021-10-13 04:04:52 ----A---- C:\WINDOWS\SYSWOW64\mfmkvsrcsnk.dll
2021-10-13 04:04:52 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2021-10-13 04:04:52 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2021-10-13 04:04:52 ----A---- C:\WINDOWS\SYSWOW64\mf.dll
2021-10-13 04:04:52 ----A---- C:\WINDOWS\SYSWOW64\dlnashext.dll
2021-10-13 04:04:52 ----A---- C:\WINDOWS\system32\SettingsHandlers_AnalogShell.dll
2021-10-13 04:04:52 ----A---- C:\WINDOWS\system32\DolbyDecMFT.dll
2021-10-13 04:04:51 ----A---- C:\WINDOWS\system32\wpdshext.dll
2021-10-13 04:04:51 ----A---- C:\WINDOWS\system32\WMADMOD.DLL
2021-10-13 04:04:51 ----A---- C:\WINDOWS\system32\Windows.Media.Streaming.dll
2021-10-13 04:04:51 ----A---- C:\WINDOWS\system32\PortableDeviceWiaCompat.dll
2021-10-13 04:04:51 ----A---- C:\WINDOWS\system32\Hydrogen.dll
2021-10-13 04:04:51 ----A---- C:\WINDOWS\system32\HolographicExtensions.dll
2021-10-13 04:04:51 ----A---- C:\WINDOWS\system32\DMRServer.dll
2021-10-13 04:04:51 ----A---- C:\WINDOWS\system32\dlnashext.dll
2021-10-13 04:04:50 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2021-10-13 04:04:50 ----A---- C:\WINDOWS\system32\Windows.Media.Audio.dll
2021-10-13 04:04:50 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2021-10-13 04:04:50 ----A---- C:\WINDOWS\system32\mfsvr.dll
2021-10-13 04:04:50 ----A---- C:\WINDOWS\system32\mfps.dll
2021-10-13 04:04:50 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2021-10-13 04:04:50 ----A---- C:\WINDOWS\system32\mfmkvsrcsnk.dll
2021-10-13 04:04:50 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2021-10-13 04:04:49 ----A---- C:\WINDOWS\SYSWOW64\Microsoft.Uev.AppAgent.dll
2021-10-13 04:04:49 ----A---- C:\WINDOWS\system32\uwfservicingapi.dll
2021-10-13 04:04:49 ----A---- C:\WINDOWS\system32\uwfcsp.dll
2021-10-13 04:04:49 ----A---- C:\WINDOWS\system32\uwfcfgmgmt.dll
2021-10-13 04:04:49 ----A---- C:\WINDOWS\system32\TSErrRedir.dll
2021-10-13 04:04:49 ----A---- C:\WINDOWS\system32\rdpshell.exe
2021-10-13 04:04:49 ----A---- C:\WINDOWS\system32\rdpinit.exe
2021-10-13 04:04:49 ----A---- C:\WINDOWS\system32\Microsoft.Uev.CommonBridge.dll
2021-10-13 04:04:49 ----A---- C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
2021-10-13 04:04:49 ----A---- C:\WINDOWS\system32\mfcore.dll
2021-10-13 04:04:49 ----A---- C:\WINDOWS\system32\mf.dll
2021-10-13 04:04:49 ----A---- C:\WINDOWS\system32\AgentService.exe
2021-10-13 04:04:48 ----A---- C:\WINDOWS\SYSWOW64\WebClnt.dll
2021-10-13 04:04:48 ----A---- C:\WINDOWS\system32\Microsoft.Uev.ModernAppAgent.dll
2021-10-13 04:04:47 ----A---- C:\WINDOWS\SYSWOW64\tsgqec.dll
2021-10-13 04:04:47 ----A---- C:\WINDOWS\SYSWOW64\perfts.dll
2021-10-13 04:04:47 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2021-10-13 04:04:47 ----A---- C:\WINDOWS\SYSWOW64\mstsc.exe
2021-10-13 04:04:47 ----A---- C:\WINDOWS\SYSWOW64\msjet40.dll
2021-10-13 04:04:47 ----A---- C:\WINDOWS\SYSWOW64\msisip.dll
2021-10-13 04:04:47 ----A---- C:\WINDOWS\SYSWOW64\mfsensorgroup.dll
2021-10-13 04:04:47 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2021-10-13 04:04:47 ----A---- C:\WINDOWS\SYSWOW64\iemigplugin.dll
2021-10-13 04:04:47 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2021-10-13 04:04:47 ----A---- C:\WINDOWS\SYSWOW64\FrameServerClient.dll
2021-10-13 04:04:47 ----A---- C:\WINDOWS\SYSWOW64\AcXtrnal.dll
2021-10-13 04:04:47 ----A---- C:\WINDOWS\SYSWOW64\AcLayers.dll
2021-10-13 04:04:45 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2021-10-13 04:04:45 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2021-10-13 04:04:45 ----A---- C:\WINDOWS\SYSWOW64\IndexedDbLegacy.dll
2021-10-13 04:04:44 ----A---- C:\WINDOWS\SYSWOW64\smphost.dll
2021-10-13 04:04:44 ----A---- C:\WINDOWS\SYSWOW64\Robocopy.exe
2021-10-13 04:04:44 ----A---- C:\WINDOWS\SYSWOW64\PayloadRestrictions.dll
2021-10-13 04:04:44 ----A---- C:\WINDOWS\SYSWOW64\mispace.dll
2021-10-13 04:04:44 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2021-10-13 04:04:44 ----A---- C:\WINDOWS\SYSWOW64\imapi2fs.dll
2021-10-13 04:04:44 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2021-10-13 04:04:44 ----A---- C:\WINDOWS\SYSWOW64\cleanmgr.exe
2021-10-13 04:04:44 ----A---- C:\WINDOWS\SYSWOW64\autofmt.exe
2021-10-13 04:04:44 ----A---- C:\WINDOWS\SYSWOW64\autoconv.exe
2021-10-13 04:04:43 ----A---- C:\WINDOWS\system32\wpnpinst.exe
2021-10-13 04:04:43 ----A---- C:\WINDOWS\system32\WebClnt.dll
2021-10-13 04:04:43 ----A---- C:\WINDOWS\system32\SIHClient.exe
2021-10-13 04:04:43 ----A---- C:\WINDOWS\system32\sharemediacpl.dll
2021-10-13 04:04:43 ----A---- C:\WINDOWS\system32\mstsc.exe
2021-10-13 04:04:43 ----A---- C:\WINDOWS\system32\inetppui.dll
2021-10-13 04:04:43 ----A---- C:\WINDOWS\system32\inetpp.dll
2021-10-13 04:04:43 ----A---- C:\WINDOWS\system32\drivers\mrxdav.sys
2021-10-13 04:04:43 ----A---- C:\WINDOWS\system32\CPFilters.dll
2021-10-13 04:04:43 ----A---- C:\WINDOWS\system32\AcXtrnal.dll
2021-10-13 04:04:43 ----A---- C:\WINDOWS\system32\AcLayers.dll
2021-10-13 04:04:42 ----A---- C:\WINDOWS\system32\tsgqec.dll
2021-10-13 04:04:42 ----A---- C:\WINDOWS\system32\ResetEngine.dll
2021-10-13 04:04:42 ----A---- C:\WINDOWS\system32\perfts.dll
2021-10-13 04:04:42 ----A---- C:\WINDOWS\system32\pcwutl.dll
2021-10-13 04:04:42 ----A---- C:\WINDOWS\system32\mstscax.dll
2021-10-13 04:04:42 ----A---- C:\WINDOWS\system32\msisip.dll
2021-10-13 04:04:42 ----A---- C:\WINDOWS\system32\mfsensorgroup.dll
2021-10-13 04:04:42 ----A---- C:\WINDOWS\system32\klist.exe
2021-10-13 04:04:42 ----A---- C:\WINDOWS\system32\IESettingSync.exe
2021-10-13 04:04:42 ----A---- C:\WINDOWS\system32\iemigplugin.dll
2021-10-13 04:04:42 ----A---- C:\WINDOWS\system32\FsIso.exe
2021-10-13 04:04:42 ----A---- C:\WINDOWS\system32\FrameServerClient.dll
2021-10-13 04:04:42 ----A---- C:\WINDOWS\system32\FrameServer.dll
2021-10-13 04:04:41 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2021-10-13 04:04:41 ----A---- C:\WINDOWS\system32\jscript9.dll
2021-10-13 04:04:41 ----A---- C:\WINDOWS\system32\IndexedDbLegacy.dll
2021-10-13 04:04:41 ----A---- C:\WINDOWS\system32\ieframe.dll
2021-10-13 04:04:41 ----A---- C:\WINDOWS\system32\Chakra.dll
2021-10-13 04:04:40 ----A---- C:\WINDOWS\system32\StorSvc.dll
2021-10-13 04:04:40 ----A---- C:\WINDOWS\system32\StorageUsage.dll
2021-10-13 04:04:40 ----A---- C:\WINDOWS\system32\mshtml.dll
2021-10-13 04:04:40 ----A---- C:\WINDOWS\system32\jscript.dll
2021-10-13 04:04:40 ----A---- C:\WINDOWS\system32\imapi2fs.dll
2021-10-13 04:04:40 ----A---- C:\WINDOWS\system32\DispBroker.Desktop.dll
2021-10-13 04:04:40 ----A---- C:\WINDOWS\system32\defragres.dll
2021-10-13 04:04:39 ----A---- C:\WINDOWS\system32\spaceman.exe
2021-10-13 04:04:39 ----A---- C:\WINDOWS\system32\smphost.dll
2021-10-13 04:04:39 ----A---- C:\WINDOWS\system32\Robocopy.exe
2021-10-13 04:04:39 ----A---- C:\WINDOWS\system32\mispace.dll
2021-10-13 04:04:39 ----A---- C:\WINDOWS\system32\dosettings.dll
2021-10-13 04:04:39 ----A---- C:\WINDOWS\system32\defragsvc.dll
2021-10-13 04:04:39 ----A---- C:\WINDOWS\system32\defragproxy.dll
2021-10-13 04:04:39 ----A---- C:\WINDOWS\system32\computecore.dll
2021-10-13 04:04:39 ----A---- C:\WINDOWS\system32\cleanmgr.exe
2021-10-13 04:04:39 ----A---- C:\WINDOWS\system32\autofmt.exe
2021-10-13 04:04:39 ----A---- C:\WINDOWS\system32\autoconv.exe
2021-10-13 04:04:38 ----A---- C:\WINDOWS\system32\tcbloader.dll
2021-10-13 04:04:38 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2021-10-13 04:04:38 ----A---- C:\WINDOWS\system32\skci.dll
2021-10-13 04:04:38 ----A---- C:\WINDOWS\system32\SgrmEnclave_secure.dll
2021-10-13 04:04:38 ----A---- C:\WINDOWS\system32\SgrmEnclave.dll
2021-10-13 04:04:38 ----A---- C:\WINDOWS\system32\PayloadRestrictions.dll
2021-10-13 04:04:38 ----A---- C:\WINDOWS\system32\hvix64.exe
2021-10-13 04:04:38 ----A---- C:\WINDOWS\system32\hvax64.exe
2021-10-13 04:04:38 ----A---- C:\WINDOWS\system32\BioIso.exe
2021-10-13 04:04:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2021-10-13 04:04:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Playback.MediaPlayer.dll
2021-10-13 04:04:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2021-10-13 04:04:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.BackgroundMediaPlayback.dll
2021-10-13 04:04:37 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2021-10-13 04:04:37 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2021-10-13 04:04:37 ----A---- C:\WINDOWS\SYSWOW64\setupcln.dll
2021-10-13 04:04:37 ----A---- C:\WINDOWS\SYSWOW64\SearchFolder.dll
2021-10-13 04:04:37 ----A---- C:\WINDOWS\SYSWOW64\rtutils.dll
2021-10-13 04:04:37 ----A---- C:\WINDOWS\SYSWOW64\rasmontr.dll
2021-10-13 04:04:37 ----A---- C:\WINDOWS\SYSWOW64\rasdial.exe
2021-10-13 04:04:37 ----A---- C:\WINDOWS\SYSWOW64\rasapi32.dll
2021-10-13 04:04:37 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2021-10-13 04:04:37 ----A---- C:\WINDOWS\SYSWOW64\pku2u.dll
2021-10-13 04:04:37 ----A---- C:\WINDOWS\SYSWOW64\ntprint.exe
2021-10-13 04:04:37 ----A---- C:\WINDOWS\SYSWOW64\ntprint.dll
2021-10-13 04:04:37 ----A---- C:\WINDOWS\SYSWOW64\netshell.dll
2021-10-13 04:04:37 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2021-10-13 04:04:37 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2021-10-13 04:04:37 ----A---- C:\WINDOWS\SYSWOW64\mprmsg.dll
2021-10-13 04:04:37 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2021-10-13 04:04:37 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2021-10-13 04:04:37 ----A---- C:\WINDOWS\SYSWOW64\enrollmentapi.dll
2021-10-13 04:04:37 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2021-10-13 04:04:37 ----A---- C:\WINDOWS\SYSWOW64\dmenrollengine.dll
2021-10-13 04:04:37 ----A---- C:\WINDOWS\SYSWOW64\dmcmnutils.dll
2021-10-13 04:04:37 ----A---- C:\WINDOWS\SYSWOW64\cmdial32.dll
2021-10-13 04:04:36 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2021-10-13 04:04:36 ----A---- C:\WINDOWS\SYSWOW64\DbgModel.dll
2021-10-13 04:04:36 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2021-10-13 04:04:36 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2021-10-13 04:04:35 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2021-10-13 04:04:35 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2021-10-13 04:04:35 ----A---- C:\WINDOWS\SYSWOW64\wevtapi.dll
2021-10-13 04:04:35 ----A---- C:\WINDOWS\SYSWOW64\virtdisk.dll
2021-10-13 04:04:35 ----A---- C:\WINDOWS\SYSWOW64\usoapi.dll
2021-10-13 04:04:35 ----A---- C:\WINDOWS\SYSWOW64\untfs.dll
2021-10-13 04:04:35 ----A---- C:\WINDOWS\SYSWOW64\ulib.dll
2021-10-13 04:04:35 ----A---- C:\WINDOWS\SYSWOW64\SHCore.dll
2021-10-13 04:04:35 ----A---- C:\WINDOWS\SYSWOW64\mdmregistration.dll
2021-10-13 04:04:35 ----A---- C:\WINDOWS\SYSWOW64\Magnify.exe
2021-10-13 04:04:35 ----A---- C:\WINDOWS\SYSWOW64\ifsutil.dll
2021-10-13 04:04:35 ----A---- C:\WINDOWS\SYSWOW64\dcomp.dll
2021-10-13 04:04:35 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2021-10-13 04:04:35 ----A---- C:\WINDOWS\SYSWOW64\cldapi.dll
2021-10-13 04:04:35 ----A---- C:\WINDOWS\SYSWOW64\autochk.exe
2021-10-13 04:04:34 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2021-10-13 04:04:34 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2021-10-13 04:04:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Graphics.Display.DisplayColorManagement.dll
2021-10-13 04:04:34 ----A---- C:\WINDOWS\SYSWOW64\win32u.dll
2021-10-13 04:04:34 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2021-10-13 04:04:34 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2021-10-13 04:04:34 ----A---- C:\WINDOWS\SYSWOW64\wfapigp.dll
2021-10-13 04:04:34 ----A---- C:\WINDOWS\SYSWOW64\webauthn.dll
2021-10-13 04:04:34 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2021-10-13 04:04:34 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2021-10-13 04:04:34 ----A---- C:\WINDOWS\SYSWOW64\TextShaping.dll
2021-10-13 04:04:34 ----A---- C:\WINDOWS\SYSWOW64\rdpserverbase.dll
2021-10-13 04:04:34 ----A---- C:\WINDOWS\SYSWOW64\OneCoreUAPCommonProxyStub.dll
2021-10-13 04:04:34 ----A---- C:\WINDOWS\SYSWOW64\MrmCoreR.dll
2021-10-13 04:04:34 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2021-10-13 04:04:34 ----A---- C:\WINDOWS\SYSWOW64\KerbClientShared.dll
2021-10-13 04:04:34 ----A---- C:\WINDOWS\SYSWOW64\fwpolicyiomgr.dll
2021-10-13 04:04:34 ----A---- C:\WINDOWS\SYSWOW64\fwbase.dll
2021-10-13 04:04:34 ----A---- C:\WINDOWS\SYSWOW64\FirewallAPI.dll
2021-10-13 04:04:34 ----A---- C:\WINDOWS\SYSWOW64\esent.dll
2021-10-13 04:04:34 ----A---- C:\WINDOWS\SYSWOW64\D3D12Core.dll
2021-10-13 04:04:34 ----A---- C:\WINDOWS\SYSWOW64\D3D12.dll
2021-10-13 04:04:34 ----A---- C:\WINDOWS\SYSWOW64\biwinrt.dll
2021-10-13 04:04:34 ----A---- C:\WINDOWS\SYSWOW64\BCP47mrm.dll
2021-10-13 04:04:34 ----A---- C:\WINDOWS\SYSWOW64\BCP47Langs.dll
2021-10-13 04:04:34 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2021-10-13 04:04:33 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_9.dll
2021-10-13 04:04:33 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2021-10-13 04:04:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2021-10-13 04:04:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.Preview.DOSettings.dll
2021-10-13 04:04:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.ConversationalAgent.dll
2021-10-13 04:04:33 ----A---- C:\WINDOWS\SYSWOW64\uxtheme.dll
2021-10-13 04:04:33 ----A---- C:\WINDOWS\SYSWOW64\UXInit.dll
2021-10-13 04:04:33 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2021-10-13 04:04:33 ----A---- C:\WINDOWS\SYSWOW64\TokenBrokerUI.dll
2021-10-13 04:04:33 ----A---- C:\WINDOWS\SYSWOW64\TokenBrokerCookies.exe
2021-10-13 04:04:33 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2021-10-13 04:04:33 ----A---- C:\WINDOWS\SYSWOW64\tbauth.dll
2021-10-13 04:04:33 ----A---- C:\WINDOWS\SYSWOW64\taskschd.dll
2021-10-13 04:04:33 ----A---- C:\WINDOWS\SYSWOW64\SpatializerApo.dll
2021-10-13 04:04:33 ----A---- C:\WINDOWS\SYSWOW64\SpatialAudioLicenseSrv.exe
2021-10-13 04:04:33 ----A---- C:\WINDOWS\SYSWOW64\RTWorkQ.dll
2021-10-13 04:04:33 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2021-10-13 04:04:33 ----A---- C:\WINDOWS\SYSWOW64\remoteaudioendpoint.dll
2021-10-13 04:04:33 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2021-10-13 04:04:33 ----A---- C:\WINDOWS\SYSWOW64\msftedit.dll
2021-10-13 04:04:33 ----A---- C:\WINDOWS\SYSWOW64\HrtfApo.dll
2021-10-13 04:04:33 ----A---- C:\WINDOWS\SYSWOW64\GameInput.dll
2021-10-13 04:04:33 ----A---- C:\WINDOWS\SYSWOW64\FlightSettings.dll
2021-10-13 04:04:33 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2021-10-13 04:04:33 ----A---- C:\WINDOWS\SYSWOW64\eapphost.dll
2021-10-13 04:04:33 ----A---- C:\WINDOWS\SYSWOW64\eappgnui.dll
2021-10-13 04:04:33 ----A---- C:\WINDOWS\SYSWOW64\eappcfg.dll
2021-10-13 04:04:33 ----A---- C:\WINDOWS\SYSWOW64\eapp3hst.dll
2021-10-13 04:04:33 ----A---- C:\WINDOWS\SYSWOW64\dxgi.dll
2021-10-13 04:04:33 ----A---- C:\WINDOWS\SYSWOW64\dsreg.dll
2021-10-13 04:04:33 ----A---- C:\WINDOWS\SYSWOW64\dot3cfg.dll
2021-10-13 04:04:33 ----A---- C:\WINDOWS\SYSWOW64\ContentDeliveryManager.Utilities.dll
2021-10-13 04:04:33 ----A---- C:\WINDOWS\SYSWOW64\CloudExperienceHostCommon.dll
2021-10-13 04:04:33 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2021-10-13 04:04:33 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2021-10-13 04:04:33 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2021-10-13 04:04:33 ----A---- C:\WINDOWS\SYSWOW64\agentactivationruntimewindows.dll
2021-10-13 04:04:33 ----A---- C:\WINDOWS\SYSWOW64\agentactivationruntime.dll
2021-10-13 04:04:33 ----A---- C:\WINDOWS\SYSWOW64\AarSvc.dll
2021-10-13 04:04:33 ----A---- C:\WINDOWS\SYSWOW64\aadauthhelper.dll
2021-10-13 04:04:32 ----A---- C:\WINDOWS\system32\vbscript.dll
2021-10-13 04:04:32 ----A---- C:\WINDOWS\system32\SmiEngine.dll
2021-10-13 04:04:32 ----A---- C:\WINDOWS\system32\shell32.dll
2021-10-13 04:04:32 ----A---- C:\WINDOWS\system32\setupcln.dll
2021-10-13 04:04:32 ----A---- C:\WINDOWS\system32\SearchFolder.dll
2021-10-13 04:04:32 ----A---- C:\WINDOWS\system32\rtutils.dll
2021-10-13 04:04:32 ----A---- C:\WINDOWS\system32\rasmontr.dll
2021-10-13 04:04:32 ----A---- C:\WINDOWS\system32\rasdial.exe
2021-10-13 04:04:32 ----A---- C:\WINDOWS\system32\rasapi32.dll
2021-10-13 04:04:32 ----A---- C:\WINDOWS\system32\pku2u.dll
2021-10-13 04:04:32 ----A---- C:\WINDOWS\system32\ntprint.exe
2021-10-13 04:04:32 ----A---- C:\WINDOWS\system32\ntprint.dll
2021-10-13 04:04:32 ----A---- C:\WINDOWS\system32\ngctasks.dll
2021-10-13 04:04:32 ----A---- C:\WINDOWS\system32\mprmsg.dll
2021-10-13 04:04:32 ----A---- C:\WINDOWS\system32\LsaIso.exe
2021-10-13 04:04:32 ----A---- C:\WINDOWS\system32\iumcrypt.dll
2021-10-13 04:04:32 ----A---- C:\WINDOWS\system32\cmdial32.dll
2021-10-13 04:04:31 ----A---- C:\WINDOWS\system32\uxtheme.dll
2021-10-13 04:04:31 ----A---- C:\WINDOWS\system32\UXInit.dll
2021-10-13 04:04:31 ----A---- C:\WINDOWS\system32\ubpm.dll
2021-10-13 04:04:31 ----A---- C:\WINDOWS\system32\TokenBrokerUI.dll
2021-10-13 04:04:31 ----A---- C:\WINDOWS\system32\taskschd.dll
2021-10-13 04:04:31 ----A---- C:\WINDOWS\system32\sppsvc.exe
2021-10-13 04:04:31 ----A---- C:\WINDOWS\system32\sppobjs.dll
2021-10-13 04:04:31 ----A---- C:\WINDOWS\system32\sppcext.dll
2021-10-13 04:04:31 ----A---- C:\WINDOWS\system32\schedsvc.dll
2021-10-13 04:04:31 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2021-10-13 04:04:31 ----A---- C:\WINDOWS\system32\SettingsHandlers_IME.dll
2021-10-13 04:04:31 ----A---- C:\WINDOWS\system32\SDDS.dll
2021-10-13 04:04:31 ----A---- C:\WINDOWS\system32\netshell.dll
2021-10-13 04:04:31 ----A---- C:\WINDOWS\system32\JpnServiceDS.dll
2021-10-13 04:04:31 ----A---- C:\WINDOWS\system32\FilterDS.dll
2021-10-13 04:04:31 ----A---- C:\WINDOWS\system32\edgeIso.dll
2021-10-13 04:04:31 ----A---- C:\WINDOWS\system32\drivers\scsiport.sys
2021-10-13 04:04:31 ----A---- C:\WINDOWS\system32\DDDS.dll
2021-10-13 04:04:31 ----A---- C:\WINDOWS\system32\BingFilterDS.dll
2021-10-13 04:04:31 ----A---- C:\WINDOWS\system32\BingASDS.dll
2021-10-13 04:04:29 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2021-10-13 04:04:29 ----A---- C:\WINDOWS\system32\wuuhext.dll
2021-10-13 04:04:29 ----A---- C:\WINDOWS\system32\winlogon.exe
2021-10-13 04:04:29 ----A---- C:\WINDOWS\system32\sspisrv.dll
2021-10-13 04:04:29 ----A---- C:\WINDOWS\system32\sspicli.dll
2021-10-13 04:04:29 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2021-10-13 04:04:29 ----A---- C:\WINDOWS\system32\policymanager.dll
2021-10-13 04:04:29 ----A---- C:\WINDOWS\system32\netlogon.dll
2021-10-13 04:04:29 ----A---- C:\WINDOWS\system32\msIso.dll
2021-10-13 04:04:29 ----A---- C:\WINDOWS\system32\mdmmigrator.dll
2021-10-13 04:04:29 ----A---- C:\WINDOWS\system32\lsass.exe
2021-10-13 04:04:29 ----A---- C:\WINDOWS\system32\LogonController.dll
2021-10-13 04:04:29 ----A---- C:\WINDOWS\system32\iertutil.dll
2021-10-13 04:04:29 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2021-10-13 04:04:29 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2021-10-13 04:04:29 ----A---- C:\WINDOWS\system32\eappcfgui.dll
2021-10-13 04:04:29 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2021-10-13 04:04:29 ----A---- C:\WINDOWS\system32\drivers\msrpc.sys
2021-10-13 04:04:29 ----A---- C:\WINDOWS\system32\drivers\ksecdd.sys
2021-10-13 04:04:29 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2021-10-13 04:04:29 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2021-10-13 04:04:29 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2021-10-13 04:04:29 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2021-10-13 04:04:29 ----A---- C:\WINDOWS\system32\dmcmnutils.dll
2021-10-13 04:04:28 ----A---- C:\WINDOWS\system32\utcutil.dll
2021-10-13 04:04:28 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2021-10-13 04:04:28 ----A---- C:\WINDOWS\system32\ntdll.dll
2021-10-13 04:04:28 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2021-10-13 04:04:28 ----A---- C:\WINDOWS\system32\diagnosticdataquery.dll
2021-10-13 04:04:28 ----A---- C:\WINDOWS\system32\DbgModel.dll
2021-10-13 04:04:28 ----A---- C:\WINDOWS\system32\dbgeng.dll
2021-10-13 04:04:27 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2021-10-13 04:04:27 ----A---- C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2021-10-13 04:04:27 ----A---- C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2021-10-13 04:04:27 ----A---- C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2021-10-13 04:04:27 ----A---- C:\WINDOWS\system32\SecurityHealthService.exe
2021-10-13 04:04:27 ----A---- C:\WINDOWS\system32\profsvc.dll
2021-10-13 04:04:27 ----A---- C:\WINDOWS\system32\offlinelsa.dll
2021-10-13 04:04:27 ----A---- C:\WINDOWS\system32\lsasrv.dll
2021-10-13 04:04:27 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2021-10-13 04:04:27 ----A---- C:\WINDOWS\system32\drivers\http.sys
2021-10-13 04:04:27 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2021-10-13 04:04:27 ----A---- C:\WINDOWS\system32\dnsapi.dll
2021-10-13 04:04:27 ----A---- C:\WINDOWS\system32\diagtrack.dll
2021-10-13 04:04:27 ----A---- C:\WINDOWS\system32\dcomp.dll
2021-10-13 04:04:27 ----A---- C:\WINDOWS\system32\conhost.exe
2021-10-13 04:04:27 ----A---- C:\WINDOWS\system32\combase.dll
2021-10-13 04:04:27 ----A---- C:\WINDOWS\system32\ci.dll
2021-10-13 04:04:26 ----A---- C:\WINDOWS\system32\winresume.exe
2021-10-13 04:04:26 ----A---- C:\WINDOWS\system32\winload.exe
2021-10-13 04:04:26 ----A---- C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2021-10-13 04:04:26 ----A---- C:\WINDOWS\system32\uDWM.dll
2021-10-13 04:04:26 ----A---- C:\WINDOWS\system32\tier2punctuations.dll
2021-10-13 04:04:26 ----A---- C:\WINDOWS\system32\SRH.dll
2021-10-13 04:04:26 ----A---- C:\WINDOWS\system32\pcasvc.dll
2021-10-13 04:04:26 ----A---- C:\WINDOWS\system32\Magnify.exe
2021-10-13 04:04:26 ----A---- C:\WINDOWS\system32\dwmredir.dll
2021-10-13 04:04:26 ----A---- C:\WINDOWS\system32\dwmcore.dll
2021-10-13 04:04:26 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2021-10-13 04:04:26 ----A---- C:\WINDOWS\system32\drivers\cldflt.sys
2021-10-13 04:04:26 ----A---- C:\WINDOWS\system32\CustomInstallExec.exe
2021-10-13 04:04:26 ----A---- C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2021-10-13 04:04:26 ----A---- C:\WINDOWS\system32\CloudExperienceHost.dll
2021-10-13 04:04:26 ----A---- C:\WINDOWS\system32\cldapi.dll
2021-10-13 04:04:26 ----A---- C:\WINDOWS\system32\autochk.exe
2021-10-13 04:04:26 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2021-10-13 04:04:26 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2021-10-13 04:04:25 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2021-10-13 04:04:25 ----A---- C:\WINDOWS\system32\wups2.dll
2021-10-13 04:04:25 ----A---- C:\WINDOWS\system32\wuauclt.exe
2021-10-13 04:04:25 ----A---- C:\WINDOWS\system32\WsmSvc.dll
2021-10-13 04:04:25 ----A---- C:\WINDOWS\system32\virtdisk.dll
2021-10-13 04:04:25 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2021-10-13 04:04:25 ----A---- C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2021-10-13 04:04:25 ----A---- C:\WINDOWS\system32\convertvhd.exe
2021-10-13 04:04:25 ----A---- C:\WINDOWS\system32\BootMenuUX.dll
2021-10-13 04:04:25 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2021-10-13 04:04:25 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2021-10-13 04:04:25 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2021-10-13 04:04:25 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2021-10-13 04:04:24 ----A---- C:\WINDOWS\system32\wups.dll
2021-10-13 04:04:24 ----A---- C:\WINDOWS\system32\wuaueng.dll
2021-10-13 04:04:24 ----A---- C:\WINDOWS\system32\wuapi.dll
2021-10-13 04:04:24 ----A---- C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2021-10-13 04:04:24 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2021-10-13 04:04:24 ----A---- C:\WINDOWS\system32\wevtapi.dll
2021-10-13 04:04:24 ----A---- C:\WINDOWS\system32\wcimage.dll
2021-10-13 04:04:24 ----A---- C:\WINDOWS\system32\usosvc.dll
2021-10-13 04:04:24 ----A---- C:\WINDOWS\system32\usocoreworker.exe
2021-10-13 04:04:24 ----A---- C:\WINDOWS\system32\UsoClient.exe
2021-10-13 04:04:24 ----A---- C:\WINDOWS\system32\usoapi.dll
2021-10-13 04:04:24 ----A---- C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2021-10-13 04:04:24 ----A---- C:\WINDOWS\system32\untfs.dll
2021-10-13 04:04:24 ----A---- C:\WINDOWS\system32\ulib.dll
2021-10-13 04:04:24 ----A---- C:\WINDOWS\system32\SHCore.dll
2021-10-13 04:04:24 ----A---- C:\WINDOWS\system32\SettingsHandlers_SpeechPrivacy.dll
2021-10-13 04:04:24 ----A---- C:\WINDOWS\system32\RasMediaManager.dll
2021-10-13 04:04:24 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2021-10-13 04:04:24 ----A---- C:\WINDOWS\system32\MusNotifyIcon.exe
2021-10-13 04:04:24 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2021-10-13 04:04:24 ----A---- C:\WINDOWS\system32\MusNotification.exe
2021-10-13 04:04:24 ----A---- C:\WINDOWS\system32\musdialoghandlers.dll
2021-10-13 04:04:24 ----A---- C:\WINDOWS\system32\MoUsoCoreWorker.exe
2021-10-13 04:04:24 ----A---- C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2021-10-13 04:04:24 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2021-10-13 04:04:24 ----A---- C:\WINDOWS\system32\LegacyNetUXHost.exe
2021-10-13 04:04:24 ----A---- C:\WINDOWS\system32\ifsutil.dll
2021-10-13 04:04:24 ----A---- C:\WINDOWS\system32\drivers\UcmCx.sys
2021-10-13 04:04:24 ----A---- C:\WINDOWS\system32\drivers\cimfs.sys
2021-10-13 04:04:24 ----A---- C:\WINDOWS\system32\drivers\bindflt.sys
2021-10-13 04:04:24 ----A---- C:\WINDOWS\system32\daxexec.dll
2021-10-13 04:04:24 ----A---- C:\WINDOWS\system32\cimfs.dll
2021-10-13 04:04:24 ----A---- C:\WINDOWS\system32\bindfltapi.dll
2021-10-13 04:04:23 ----A---- C:\WINDOWS\system32\win32kfull.sys
2021-10-13 04:04:22 ----A---- C:\WINDOWS\system32\wintrust.dll
2021-10-13 04:04:22 ----A---- C:\WINDOWS\system32\windows.storage.dll
2021-10-13 04:04:22 ----A---- C:\WINDOWS\system32\win32u.dll
2021-10-13 04:04:22 ----A---- C:\WINDOWS\system32\win32k.sys
2021-10-13 04:04:22 ----A---- C:\WINDOWS\system32\wfapigp.dll
2021-10-13 04:04:22 ----A---- C:\WINDOWS\system32\rdpserverbase.dll
2021-10-13 04:04:22 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2021-10-13 04:04:22 ----A---- C:\WINDOWS\system32\MrmCoreR.dll
2021-10-13 04:04:22 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2021-10-13 04:04:22 ----A---- C:\WINDOWS\system32\kerberos.dll
2021-10-13 04:04:22 ----A---- C:\WINDOWS\system32\KerbClientShared.dll
2021-10-13 04:04:22 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2021-10-13 04:04:22 ----A---- C:\WINDOWS\system32\icfupgd.dll
2021-10-13 04:04:22 ----A---- C:\WINDOWS\system32\FWPUCLNT.DLL
2021-10-13 04:04:22 ----A---- C:\WINDOWS\system32\fwpolicyiomgr.dll
2021-10-13 04:04:22 ----A---- C:\WINDOWS\system32\fwbase.dll
2021-10-13 04:04:22 ----A---- C:\WINDOWS\system32\FirewallAPI.dll
2021-10-13 04:04:22 ----A---- C:\WINDOWS\system32\drivers\wfplwfs.sys
2021-10-13 04:04:22 ----A---- C:\WINDOWS\system32\BFE.DLL
2021-10-13 04:04:22 ----A---- C:\WINDOWS\system32\BCP47mrm.dll
2021-10-13 04:04:22 ----A---- C:\WINDOWS\system32\BCP47Langs.dll
2021-10-13 04:04:22 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2021-10-13 04:04:21 ----A---- C:\WINDOWS\system32\wuapihost.exe
2021-10-13 04:04:21 ----A---- C:\WINDOWS\system32\WordBreakers.dll
2021-10-13 04:04:21 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2021-10-13 04:04:21 ----A---- C:\WINDOWS\system32\Windows.Internal.Graphics.Display.DisplayColorManagement.dll
2021-10-13 04:04:21 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.Preview.DOSettings.dll
2021-10-13 04:04:21 ----A---- C:\WINDOWS\system32\win32kbase.sys
2021-10-13 04:04:21 ----A---- C:\WINDOWS\system32\webauthn.dll
2021-10-13 04:04:21 ----A---- C:\WINDOWS\system32\WaaSAssessment.dll
2021-10-13 04:04:21 ----A---- C:\WINDOWS\system32\TextShaping.dll
2021-10-13 04:04:21 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2021-10-13 04:04:21 ----A---- C:\WINDOWS\system32\TDLMigration.dll
2021-10-13 04:04:21 ----A---- C:\WINDOWS\system32\storewuauth.dll
2021-10-13 04:04:21 ----A---- C:\WINDOWS\system32\ISM.dll
2021-10-13 04:04:21 ----A---- C:\WINDOWS\system32\InputService.dll
2021-10-13 04:04:21 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2021-10-13 04:04:21 ----A---- C:\WINDOWS\system32\FntCache.dll
2021-10-13 04:04:21 ----A---- C:\WINDOWS\system32\esent.dll
2021-10-13 04:04:21 ----A---- C:\WINDOWS\system32\EditBufferTestHook.dll
2021-10-13 04:04:21 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2021-10-13 04:04:21 ----A---- C:\WINDOWS\system32\dxgi.dll
2021-10-13 04:04:21 ----A---- C:\WINDOWS\system32\DWrite.dll
2021-10-13 04:04:21 ----A---- C:\WINDOWS\system32\domgmt.dll
2021-10-13 04:04:20 ----A---- C:\WINDOWS\system32\dosvc.dll
2021-10-13 04:04:15 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2021-10-13 04:04:15 ----A---- C:\WINDOWS\system32\licensingdiag.exe
2021-10-13 04:04:15 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2021-10-13 04:04:15 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2021-10-13 04:04:15 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2021-10-13 04:04:15 ----A---- C:\WINDOWS\system32\drivers\ClipSp.sys
2021-10-13 04:04:15 ----A---- C:\WINDOWS\system32\D3D12Core.dll
2021-10-13 04:04:15 ----A---- C:\WINDOWS\system32\D3D12.dll
2021-10-13 04:04:15 ----A---- C:\WINDOWS\system32\cdd.dll
2021-10-13 04:04:15 ----A---- C:\WINDOWS\system32\biwinrt.dll
2021-10-13 04:04:15 ----A---- C:\WINDOWS\system32\bisrv.dll
2021-10-13 04:04:14 ----A---- C:\WINDOWS\system32\wudriver.dll
2021-10-13 04:04:14 ----A---- C:\WINDOWS\system32\wlansvcpal.dll
2021-10-13 04:04:14 ----A---- C:\WINDOWS\system32\wlansvc.dll
2021-10-13 04:04:14 ----A---- C:\WINDOWS\system32\wlansec.dll
2021-10-13 04:04:14 ----A---- C:\WINDOWS\system32\wlanmsm.dll
2021-10-13 04:04:14 ----A---- C:\WINDOWS\system32\wlanhlp.dll
2021-10-13 04:04:14 ----A---- C:\WINDOWS\system32\wlanapi.dll
2021-10-13 04:04:14 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2021-10-13 04:04:14 ----A---- C:\WINDOWS\system32\wifidatacapabilityhandler.dll
2021-10-13 04:04:14 ----A---- C:\WINDOWS\system32\WiFiConfigSP.dll
2021-10-13 04:04:14 ----A---- C:\WINDOWS\system32\wfdprov.dll
2021-10-13 04:04:14 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2021-10-13 04:04:14 ----A---- C:\WINDOWS\system32\TokenBrokerCookies.exe
2021-10-13 04:04:14 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2021-10-13 04:04:14 ----A---- C:\WINDOWS\system32\tbauth.dll
2021-10-13 04:04:14 ----A---- C:\WINDOWS\system32\qmgr.dll
2021-10-13 04:04:14 ----A---- C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2021-10-13 04:04:14 ----A---- C:\WINDOWS\system32\msftedit.dll
2021-10-13 04:04:14 ----A---- C:\WINDOWS\system32\Microsoft-Windows-Internal-Shell-NearShareExperience.dll
2021-10-13 04:04:14 ----A---- C:\WINDOWS\system32\lsm.dll
2021-10-13 04:04:14 ----A---- C:\WINDOWS\system32\GameInput.dll
2021-10-13 04:04:14 ----A---- C:\WINDOWS\system32\dot3cfg.dll
2021-10-13 04:04:14 ----A---- C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2021-10-13 04:04:14 ----A---- C:\WINDOWS\system32\cloudAP.dll
2021-10-13 04:04:14 ----A---- C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2021-10-13 04:04:14 ----A---- C:\WINDOWS\system32\appinfo.dll
2021-10-13 04:04:14 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2021-10-13 04:04:14 ----A---- C:\WINDOWS\system32\aadauthhelper.dll
2021-10-13 04:04:14 ----A---- C:\WINDOWS\explorer.exe
2021-10-13 04:04:13 ----A---- C:\WINDOWS\system32\wcmcsp.dll
2021-10-13 04:04:12 ----A---- C:\WINDOWS\system32\WpcTok.exe
2021-10-13 04:04:12 ----A---- C:\WINDOWS\system32\WpcRefreshTask.dll
2021-10-13 04:04:12 ----A---- C:\WINDOWS\system32\WpcMon.exe
2021-10-13 04:04:12 ----A---- C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2021-10-13 04:04:12 ----A---- C:\WINDOWS\system32\win32spl.dll
2021-10-13 04:04:12 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2021-10-13 04:04:12 ----A---- C:\WINDOWS\system32\spoolsv.exe
2021-10-13 04:04:12 ----A---- C:\WINDOWS\system32\spoolss.dll
2021-10-13 04:04:12 ----A---- C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2021-10-13 04:04:12 ----A---- C:\WINDOWS\system32\PrintIsolationProxy.dll
2021-10-13 04:04:12 ----A---- C:\WINDOWS\system32\MDMAgent.exe
2021-10-13 04:04:12 ----A---- C:\WINDOWS\system32\localspl.dll
2021-10-13 04:04:12 ----A---- C:\WINDOWS\system32\kdcpw.dll
2021-10-13 04:04:12 ----A---- C:\WINDOWS\system32\FlightSettings.dll
2021-10-13 04:04:12 ----A---- C:\WINDOWS\system32\FaxPrinterInstaller.dll
2021-10-13 04:04:12 ----A---- C:\WINDOWS\system32\eapphost.dll
2021-10-13 04:04:12 ----A---- C:\WINDOWS\system32\eappgnui.dll
2021-10-13 04:04:12 ----A---- C:\WINDOWS\system32\eappcfg.dll
2021-10-13 04:04:12 ----A---- C:\WINDOWS\system32\eapp3hst.dll
2021-10-13 04:04:12 ----A---- C:\WINDOWS\system32\dsreg.dll
2021-10-13 04:04:12 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2021-10-13 04:04:12 ----A---- C:\WINDOWS\system32\drivers\PEAuth.sys
2021-10-13 04:04:12 ----A---- C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2021-10-13 04:04:12 ----A---- C:\WINDOWS\system32\audioresourceregistrar.dll
2021-10-13 04:04:12 ----A---- C:\WINDOWS\splwow64.exe
2021-10-13 04:04:11 ----A---- C:\WINDOWS\system32\XAudio2_9.dll
2021-10-13 04:04:11 ----A---- C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2021-10-13 04:04:11 ----A---- C:\WINDOWS\system32\Windows.Management.Service.dll
2021-10-13 04:04:11 ----A---- C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-10-13 04:04:11 ----A---- C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2021-10-13 04:04:11 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2021-10-13 04:04:11 ----A---- C:\WINDOWS\system32\SpatializerApo.dll
2021-10-13 04:04:11 ----A---- C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2021-10-13 04:04:11 ----A---- C:\WINDOWS\system32\RTWorkQ.dll
2021-10-13 04:04:11 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2021-10-13 04:04:11 ----A---- C:\WINDOWS\system32\HrtfApo.dll
2021-10-13 04:04:11 ----A---- C:\WINDOWS\system32\drivers\winnat.sys
2021-10-13 04:04:11 ----A---- C:\WINDOWS\system32\drivers\fastfat.sys
2021-10-13 04:04:11 ----A---- C:\WINDOWS\system32\drivers\exfat.sys
2021-10-13 04:04:11 ----A---- C:\WINDOWS\system32\autopilot.dll
2021-10-13 04:04:11 ----A---- C:\WINDOWS\system32\audiosrv.dll
2021-10-13 04:04:11 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2021-10-13 04:04:11 ----A---- C:\WINDOWS\system32\AudioEng.dll
2021-10-13 04:04:11 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2021-10-13 04:04:11 ----A---- C:\WINDOWS\system32\audiodg.exe
2021-10-13 04:04:11 ----A---- C:\WINDOWS\system32\agentactivationruntimewindows.dll
2021-10-13 04:04:11 ----A---- C:\WINDOWS\system32\agentactivationruntime.dll
2021-10-13 04:04:11 ----A---- C:\WINDOWS\system32\AarSvc.dll
2021-10-13 04:04:10 ----A---- C:\WINDOWS\system32\tellib.dll
2021-10-13 04:04:10 ----A---- C:\WINDOWS\system32\drivers\Vid.sys
2021-10-13 04:04:10 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2021-10-13 04:04:10 ----A---- C:\WINDOWS\system32\drivers\USBXHCI.SYS
2021-10-13 04:04:10 ----A---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2021-10-13 04:04:10 ----A---- C:\WINDOWS\system32\drivers\stornvme.sys
2021-10-13 04:04:10 ----A---- C:\WINDOWS\system32\drivers\storahci.sys
2021-10-13 04:04:10 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2021-10-13 04:04:10 ----A---- C:\WINDOWS\system32\drivers\spacedump.sys
2021-10-13 04:04:10 ----A---- C:\WINDOWS\system32\drivers\sdstor.sys
2021-10-13 04:04:10 ----A---- C:\WINDOWS\system32\drivers\sbp2port.sys
2021-10-13 04:04:10 ----A---- C:\WINDOWS\system32\drivers\pciidex.sys
2021-10-13 04:04:10 ----A---- C:\WINDOWS\system32\drivers\pciide.sys
2021-10-13 04:04:10 ----A---- C:\WINDOWS\system32\drivers\intelide.sys
2021-10-13 04:04:10 ----A---- C:\WINDOWS\system32\drivers\ataport.sys
2021-10-13 04:04:10 ----A---- C:\WINDOWS\system32\drivers\atapi.sys
2021-10-13 04:04:09 ----A---- C:\WINDOWS\system32\drivers\intelpep.sys
2021-10-13 04:04:09 ----A---- C:\WINDOWS\system32\drivers\cdrom.sys
2021-10-13 04:04:09 ----A---- C:\WINDOWS\system32\drivers\BthHfAud.sys
2021-10-13 03:57:46 ----HD---- C:\$WinREAgent
2021-10-13 03:48:41 ----D---- C:\WINDOWS\Panther

======List of files/folders modified in the last 1 month======

2021-11-06 07:26:46 ----D---- C:\WINDOWS\Prefetch
2021-11-06 07:26:39 ----RD---- C:\Program Files
2021-11-06 07:26:02 ----D---- C:\WINDOWS\system32\sru
2021-11-06 07:23:04 ----D---- C:\WINDOWS\Temp
2021-11-06 07:20:18 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2021-11-06 07:16:31 ----D---- C:\Users\Petr\AppData\Roaming\eM Client
2021-11-06 07:13:03 ----D---- C:\WINDOWS\system32\SleepStudy
2021-11-06 06:45:35 ----D---- C:\Program Files (x86)\Google
2021-11-05 23:05:21 ----RD---- C:\WINDOWS\Microsoft.NET
2021-11-05 19:24:42 ----RD---- C:\Program Files (x86)
2021-11-05 19:23:26 ----D---- C:\FFOutput
2021-11-05 18:21:55 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2021-11-05 10:20:10 ----D---- C:\Práce
2021-11-05 09:18:35 ----HD---- C:\Program Files\WindowsApps
2021-11-05 09:18:33 ----D---- C:\WINDOWS\AppReadiness
2021-11-05 09:10:06 ----D---- C:\WINDOWS\System32
2021-11-05 09:10:06 ----D---- C:\WINDOWS\INF
2021-11-05 09:10:06 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2021-11-05 09:05:18 ----D---- C:\WINDOWS\system32\LogFiles
2021-11-05 09:05:18 ----D---- C:\WINDOWS\ServiceState
2021-11-05 09:05:17 ----ASH---- C:\DumpStack.log.tmp
2021-11-05 09:05:10 ----D---- C:\WINDOWS\system32\drivers
2021-11-05 09:04:51 ----D---- C:\WINDOWS\system32\catroot2
2021-11-05 09:04:51 ----D---- C:\WINDOWS\system32\CatRoot
2021-11-05 09:02:45 ----RD---- C:\WINDOWS\assembly
2021-11-05 09:01:23 ----D---- C:\WINDOWS\system32\config
2021-11-05 08:46:16 ----D---- C:\WINDOWS\CbsTemp
2021-11-05 08:46:02 ----D---- C:\WINDOWS\WinSxS
2021-11-05 08:45:42 ----D---- C:\WINDOWS\SYSWOW64\MUI
2021-11-05 08:45:42 ----D---- C:\WINDOWS\SYSWOW64\en-US
2021-11-05 08:45:42 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2021-11-05 08:45:42 ----D---- C:\WINDOWS\SysWOW64
2021-11-05 08:45:42 ----D---- C:\WINDOWS\system32\MUI
2021-11-05 08:45:42 ----D---- C:\WINDOWS\system32\en-US
2021-11-05 08:45:42 ----D---- C:\WINDOWS\system32\cs-CZ
2021-11-05 08:45:39 ----RSD---- C:\WINDOWS\Fonts
2021-11-05 08:44:07 ----D---- C:\WINDOWS\Logs
2021-11-05 08:43:50 ----SHD---- C:\System Volume Information
2021-11-04 19:19:44 ----D---- C:\Users\Petr\AppData\Roaming\WhatsApp
2021-11-04 10:38:54 ----SD---- C:\Users\Petr\AppData\Roaming\Microsoft
2021-11-04 10:26:08 ----D---- C:\Windows
2021-11-04 10:07:19 ----D---- C:\WINDOWS\debug
2021-11-04 09:59:37 ----D---- C:\WINDOWS\system32\Tasks
2021-11-03 10:21:02 ----D---- C:\WINDOWS\system32\drivers\wd
2021-11-03 03:22:33 ----SHD---- C:\WINDOWS\Installer
2021-11-02 18:43:07 ----D---- C:\Program Files\Microsoft Office
2021-11-01 18:15:09 ----D---- C:\Users\Petr\AppData\Roaming\vlc
2021-10-26 16:05:44 ----D---- C:\Moje
2021-10-25 15:14:05 ----D---- C:\Program Files (x86)\Java
2021-10-25 15:14:04 ----D---- C:\Program Files (x86)\Common Files
2021-10-25 15:13:20 ----A---- C:\WINDOWS\SYSWOW64\WindowsAccessBridge-32.dll
2021-10-24 21:22:08 ----D---- C:\Users\Petr\AppData\Roaming\Kerio Connect
2021-10-19 14:56:03 ----D---- C:\WINDOWS\system32\drivers\UMDF
2021-10-13 13:53:21 ----D---- C:\Program Files (x86)\eM Client
2021-10-13 04:44:48 ----D---- C:\WINDOWS\system32\DriverStore
2021-10-13 04:44:09 ----D---- C:\WINDOWS\SYSWOW64\wbem
2021-10-13 04:44:09 ----D---- C:\WINDOWS\SYSWOW64\oobe
2021-10-13 04:44:09 ----D---- C:\WINDOWS\SystemResources
2021-10-13 04:44:08 ----SD---- C:\WINDOWS\system32\UNP
2021-10-13 04:44:08 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2021-10-13 04:44:08 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2021-10-13 04:44:08 ----D---- C:\WINDOWS\system32\wbem
2021-10-13 04:44:08 ----D---- C:\WINDOWS\system32\oobe
2021-10-13 04:44:08 ----D---- C:\WINDOWS\system32\migration
2021-10-13 04:44:08 ----D---- C:\WINDOWS\system32\Boot
2021-10-13 04:44:08 ----D---- C:\WINDOWS\PolicyDefinitions
2021-10-13 04:44:08 ----D---- C:\WINDOWS\DiagTrack
2021-10-13 04:44:08 ----D---- C:\WINDOWS\bcastdvr
2021-10-13 04:44:08 ----D---- C:\WINDOWS\apppatch
2021-10-13 04:44:08 ----D---- C:\Program Files\Windows Media Player
2021-10-13 04:44:08 ----D---- C:\Program Files\Windows Defender Advanced Threat Protection
2021-10-13 04:44:08 ----D---- C:\Program Files (x86)\Windows Media Player
2021-10-13 03:53:44 ----D---- C:\WINDOWS\system32\MRT
2021-10-13 03:50:49 ----AC---- C:\WINDOWS\system32\MRT.exe
2021-10-08 12:45:46 ----D---- C:\WINDOWS\system32\Logs
2021-10-08 12:45:46 ----D---- C:\Program Files\Microsoft Update Health Tools

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswArDisk;aswArDisk; C:\WINDOWS\system32\drivers\aswArDisk.sys [2021-02-28 35648]
R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsh.sys [2021-02-28 249304]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniv.sys [2021-02-28 98760]
R0 aswElam;aswElam; C:\WINDOWS\system32\drivers\aswElam.sys [2020-12-24 16832]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2021-02-28 83360]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2021-02-28 326976]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2021-06-10 57168]
R0 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2021-09-15 296248]
R0 pwdrvio;pwdrvio; C:\WINDOWS\system32\pwdrvio.sys [2019-11-08 19152]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2021-07-14 41984]
R1 aswArPot;aswArPot; C:\WINDOWS\system32\drivers\aswArPot.sys [2021-02-28 208024]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdriver.sys [2021-02-28 357320]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2021-02-28 41272]
R1 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2021-02-28 175248]
R1 aswNetHub;aswNetHub; C:\WINDOWS\system32\drivers\aswNetHub.sys [2021-02-28 521336]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2021-02-28 107784]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2021-02-28 850112]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2021-03-18 465160]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2019-12-07 78136]
R1 CimFS;CimFS; C:\WINDOWS\system32\drivers\CimFS.sys [2021-10-13 98304]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2019-12-07 59392]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2019-12-07 8704]
R2 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2021-10-13 148816]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2021-10-13 491008]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2021-04-18 53248]
R3 ACPIVPC;@oem95.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2020-12-20 45536]
R3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2021-09-15 1563136]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2021-09-15 110592]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2019-12-07 66576]
R3 CnxtHdAudService;@oem130.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDRT64.sys [2018-03-22 3451864]
R3 dptf_acpi;dptf_acpi; C:\WINDOWS\System32\DriverStore\FileRepository\dptf_acpi.inf_amd64_4a6ac5de2a7fb025\dptf_acpi.sys [2019-05-16 77192]
R3 dptf_cpu;dptf_cpu; C:\WINDOWS\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_7ecc5be6ca7b3b0d\dptf_cpu.sys [2019-05-16 74120]
R3 dtlitescsibus;@oem107.inf,%DisplayName%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2020-03-25 42256]
R3 dtliteusbbus;@oem6.inf,%DisplayName%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2020-03-25 59360]
R3 esif_lf;esif_lf; C:\WINDOWS\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_7ecc5be6ca7b3b0d\esif_lf.sys [2019-05-16 407944]
R3 ETD;@oem138.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\System32\drivers\ETD.sys [2019-08-07 744088]
R3 ETDHCF;@oem139.inf,%ETDHCF.SVCDESC%;ELAN HID Class Filter Service; C:\WINDOWS\System32\drivers\ETDHCF.sys [2019-08-07 30360]
R3 iaLPSS2_GPIO2;@oem145.inf,%iaLPSS2_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2_GPIO2.sys [2019-05-09 95632]
R3 iaLPSS2_I2C;@oem146.inf,%iaLPSS2_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2_I2C.sys [2019-05-09 185232]
R3 ibtusb;@oem151.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\System32\DriverStore\FileRepository\ibtusb.inf_amd64_14b787c1249f9ef0\ibtusb.sys [2019-08-09 300320]
R3 igfx;igfx; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8a8976fda8c58073\igdkmd64.sys [2020-04-07 24518496]
R3 IntcDAud;@oem83.inf,%IntcAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\System32\DriverStore\FileRepository\intcdaud.inf_amd64_10f733ce00703a6b\IntcDAud.sys [2020-04-07 350984]
R3 MEIx64;@oem123.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\DriverStore\FileRepository\heci.inf_amd64_e9ffe3f2557dd9e9\x64\TeeDriverW10x64.sys [2020-10-12 300040]
R3 MpKsl91f2a1d3;MpKsl91f2a1d3; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BA0A6A70-B529-4E3C-9F8D-2064B8D3B556}\MpKslDrv.sys [2021-11-06 130296]
R3 MsQuic;@%SystemRoot%\system32\drivers\msquic.sys,-1; C:\WINDOWS\system32\drivers\msquic.sys [2021-04-18 322376]
R3 Netwtw04;___ Ovladač adaptéru Intel(R) Wireless pro systém Windows 10 64 Bit; C:\WINDOWS\System32\drivers\Netwtw04.sys [2019-08-28 8720384]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2019-12-07 43832]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2019-12-07 319800]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2019-12-07 884752]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2019-12-07 172344]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2019-12-07 124216]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2019-12-07 135992]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2019-12-07 81720]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2019-12-07 105480]
S0 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2019-12-07 168464]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2019-12-07 58680]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2019-12-07 68408]
S0 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2019-12-07 138040]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2019-12-07 42296]
S1 ecqywhrp;ecqywhrp; \??\C:\WINDOWS\system32\drivers\ecqywhrp.sys []
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2019-12-07 23040]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2019-12-07 415232]
S3 amdgpio2;@amdgpio2.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys [2019-12-07 18432]
S3 amdi2c;@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys [2019-12-07 45568]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2021-09-15 18432]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2021-07-08 138040]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2021-07-08 174392]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2021-07-08 154936]
S3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2021-04-18 284672]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2021-09-15 113664]
S3 BthHFAud;@microsoft_bluetooth_hfp.inf,%BTHHFAUD_DISPLAY_NAME%;Microsoft Bluetooth Hands-Free Audio driver; C:\WINDOWS\System32\drivers\BthHfAud.sys [2021-10-13 65536]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2021-04-18 106496]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2021-09-15 45568]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2019-12-07 133632]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2019-12-07 44032]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys [2019-12-07 23040]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2019-12-07 55824]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2019-12-07 66560]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2021-09-15 95056]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2019-12-07 30208]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2019-12-07 1853752]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2019-12-07 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2019-12-07 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2019-12-07 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2019-12-07 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2019-12-07 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2019-12-07 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2019-12-07 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2019-12-07 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2019-12-07 177152]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2019-12-07 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2019-12-07 558904]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2021-04-18 47104]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel(R) Dynamic Device Peak Power Manager Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2019-12-07 30720]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2019-12-07 59704]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2019-12-07 537608]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2019-12-07 64016]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2021-07-08 391168]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-12-07 65024]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2019-12-07 1131320]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2019-12-07 146232]
S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys [2019-12-07 72720]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2021-09-15 208384]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2021-04-18 129872]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2019-12-07 17408]
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2019-12-07 27136]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2019-11-08 12504]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-12-07 990008]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2019-12-07 35128]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdAppMgrSvc;Autodesk Desktop App Service; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [2017-03-10 1309176]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2021-08-16 169728]
R2 AESMService;Intel® SGX AESM; C:\WINDOWS\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_69d915519e0a2ac8\aesm_service.exe [2021-04-25 2350112]
R2 AGMService;Adobe Genuine Monitor Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2021-09-07 3833088]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021-09-07 3603200]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
R2 CDPUserSvc_75e72;Uživatelská služba platformy připojených zařízení_75e72; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2021-10-12 12034464]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
R2 cplspcon;Intel(R) Content Protection HDCP Service; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8a8976fda8c58073\IntelCpHDCPSvc.exe [2020-04-07 525064]
R2 CxAudMsg;@C:\WINDOWS\system32\CxAudMsg64.exe,-100; C:\WINDOWS\system32\CxAudMsg64.exe [2015-09-16 225624]
R2 CxUtilSvc;CxUtilSvc; C:\Program Files\Conexant\SAII\CxUtilSvc.exe [2019-02-14 173136]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2021-04-18 57360]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2021-04-18 57360]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2021-04-18 57360]
R2 EpsonScanSvc;Epson Scanner Service; C:\Windows\system32\EscSvc64.exe [2016-01-13 145224]
R2 esifsvc;@oem102.inf,%ServiceDisplayName%;Intel(R) Dynamic Platform and Thermal Framework service; C:\WINDOWS\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_7ecc5be6ca7b3b0d\esif_uf.exe [2019-05-16 2140552]
R2 ETDService;ELAN Service; C:\WINDOWS\System32\ETDService.exe [2019-08-07 250008]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8a8976fda8c58073\igfxCUIService.exe [2020-04-07 399200]
R2 ImControllerService;@oem20.inf,%ImcSvcDisplayName%;System Interface Foundation Service; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2021-08-12 81896]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe [2020-08-16 629752]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\WINDOWS\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2019-03-07 553056]
R2 McAfee WebAdvisor;McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [2021-10-20 973040]
R2 OneSyncSvc_75e72;Hostitel synchronizace_75e72; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
R2 PDF24;PDF24; C:\Program Files\PDF24\pdf24.exe [2021-10-11 585464]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
R3 cbdhsvc_75e72;Uživatelská služba schránky_75e72; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
R3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8a8976fda8c58073\IntelCpHeciSvc.exe [2020-04-07 519968]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2020-03-25 4506728]
R3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2021-04-18 57360]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2019-11-08 46184]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2021-04-18 57360]
R3 Intel(R) Capability Licensing Service TCP IP Interface;@oem66.inf,%SocketHECIServiceName%;Intel(R) Capability Licensing Service TCP IP Interface; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\SocketHeciServer.exe [2020-04-22 856848]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2021-04-18 57360]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
R3 PimIndexMaintenanceSvc_75e72;Data kontaktů_75e72; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
S2 edgeupdate;Microsoft Edge Update Service (edgeupdate); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-08 224160]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2020-03-16 156968]
S2 Intel(R) TPM Provisioning Service;@oem66.inf,%TPMProvisioningServiceName%;Intel(R) TPM Provisioning Service; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\TPMProvisioningService.exe [2020-04-22 783112]
S2 LenovoVantageService;LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\LenovoVantageService.exe [2021-09-16 31248]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2021-04-18 57360]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
S3 AarSvc_75e72;Agent Activation Runtime_75e72; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
S3 AssignedAccessManagerSvc;@%SystemRoot%\system32\assignedaccessmanagersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
S3 BcastDVRUserService_75e72;Uživatelská služba pro GameDVR a vysílání her_75e72; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
S3 BluetoothUserService_75e72;Služba pro podporu uživatelů Bluetooth_75e72; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
S3 CaptureService_75e72;CaptureService_75e72; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2021-04-18 57360]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
S3 ConsentUxUserSvc_75e72;ConsentUX_75e72; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2021-09-15 382696]
S3 CredentialEnrollmentManagerUserSvc_75e72;CredentialEnrollmentManagerUserSvc_75e72; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2021-09-15 382696]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
S3 DeviceAssociationBrokerSvc_75e72;DeviceAssociationBroker_75e72; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
S3 DevicePickerUserSvc_75e72;DevicePicker_75e72; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
S3 DevicesFlowUserSvc_75e72;Tok zařízení_75e72; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2021-04-18 94208]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2021-04-18 57360]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
S3 edgeupdatem;Microsoft Edge Update Service (edgeupdatem); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-08 224160]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2021-04-18 57360]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [2020-03-25 1591264]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2021-04-18 57360]
S3 GoogleChromeElevationService;Google Chrome Elevation Service (GoogleChromeElevationService); C:\Program Files (x86)\Google\Chrome\Application\95.0.4638.69\elevation_service.exe [2021-10-28 1384280]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2021-04-18 57360]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2020-03-16 156968]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2021-04-18 57360]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
S3 MessagingService_75e72;Služba zasílání zpráv_75e72; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
S3 MicrosoftEdgeElevationService;Microsoft Edge Elevation Service (MicrosoftEdgeElevationService); C:\Program Files (x86)\Microsoft\Edge\Application\95.0.1020.40\elevation_service.exe [2021-10-29 1669024]
S3 MixedRealityOpenXRSvc;@%SystemRoot%\system32\MixedRealityRuntime.dll,-101; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2021-11-05 243128]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2021-04-18 57360]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2002-02-01 263488]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2021-04-18 106496]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
S3 PrintWorkflowUserSvc_75e72;PrintWorkflow_75e72; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2021-04-18 57360]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2021-04-18 57360]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2021-07-08 789840]
S4 DialogBlockingService;@%SystemRoot%\system32\DialogBlockingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-04-18 57360]

-----------------EOF-----------------

#2 Příspěvek od **Diallix** » 07 lis 2021 08:44

Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.

cudla11 · #3 Příspěvek od **cudla11** » 07 lis 2021 12:53

# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-10-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-07-2021
# Duration: 00:00:02
# OS: Windows 10 Pro
# Cleaned: 11
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\SOFTWARE\e265ec7b4a444a
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{993F5746-4C15-42BC-99C1-064A1764271B}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Users\Petr\AppData\Local\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2417 octets] - [07/11/2021 12:51:06]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

#4 Příspěvek od **Diallix** » 07 lis 2021 15:20

Preskenujte pocitac s FRST - navod tu: https://forum.viry.cz/viewtopic.php?f=24&t=132509, skopirujte FRST.log + Addition log sem.

cudla11 · #5 Příspěvek od **cudla11** » 07 lis 2021 18:06

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-11-2021
Ran by Petr (administrator) on LAPTOP-CVO5E9CR (LENOVO 81AX) (07-11-2021 18:02:54)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr
: Microsoft Windows 10 Pro Version 20H2 19042.1288 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Appwork GmbH -> AppWork GmbH) C:\Users\Petr\AppData\Local\JDownloader 2.0\JDownloader2.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(geek software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_7ecc5be6ca7b3b0d\esif_uf.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_69d915519e0a2ac8\aesm_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) Trust Services -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\SocketHeciServer.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\Lenovo.Vantage.AddinHost.Amd64.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\Lenovo.Vantage.AddinHost.exe <4>
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\Lenovo.Vantage.AddinHost.x86.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\LenovoVantageService.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <9>
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(SoundMixer) [File not signed] C:\Users\Petr\AppData\Roaming\Microsoft\SoundMixer\SoundMixer.exe
(WhatsApp, Inc -> WhatsApp) C:\Users\Petr\AppData\Local\WhatsApp\app-2.2142.12\WhatsApp.exe <7>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [603992 2017-06-23] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1832280 2017-06-07] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [585464 2021-10-11] (geek software GmbH -> geek software GmbH)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [704424 2017-03-10] (Autodesk, Inc -> Autodesk, Inc.)
HKLM-x32\...\Run: [Bonus.SSR.FR12] => C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe [1527960 2016-10-18] (ABBYY Production LLC -> ABBYY Production LLC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-09-27] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3231952856-1019465751-811631384-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [365160 2020-03-25] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-3231952856-1019465751-811631384-1001\...\Run: [EPSDNMON] => C:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNMON.EXE [346712 2020-07-27] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-3231952856-1019465751-811631384-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35116160 2021-10-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3231952856-1019465751-811631384-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Petr\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3231952856-1019465751-811631384-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Petr\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3231952856-1019465751-811631384-1001\...\RunOnce: [Uninstall 21.205.1003.0003] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Petr\AppData\Local\Microsoft\OneDrive\21.205.1003.0003" (No File)
HKU\S-1-5-21-3231952856-1019465751-811631384-1001\...\Policies\Explorer: []
HKU\S-1-5-21-3231952856-1019465751-811631384-1001\...\MountPoints2: {44e139bf-6e57-11ea-90ba-482ae369c4f1} - "F:\Setup.exe"
HKU\S-1-5-21-3231952856-1019465751-811631384-1001\...\Winlogon: [Shell] %comspec% <==== ATTENTION
HKU\S-1-5-21-3231952856-1019465751-811631384-1001\...\Command Processor: @mode 20,5 & tasklist /FI "IMAGENAME eq SoundMixer.exe" 2>NUL | find /I /N "SoundMixer.exe">NUL && exit & if exist "C:\Users\Petr\AppData\Roaming\Microsoft\SoundMixer\SoundMixer.exe" ( start /MIN "" "C:\Users\Petr\AppData\Roaming\Microsoft\SoundMixer\SoundMixer.exe" & tasklist /FI "IMAGENAME eq explorer.exe" 2>NUL | find /I /N "explorer.exe">NUL && exit & explorer.exe & exit ) else ( tasklist /FI "IMAGENAME eq explorer.exe" 2>NUL | find /I /N "explorer.exe">NUL && exit & explorer.exe & exit ) <==== ATTENTION
HKLM\...\Windows x64\Print Processors\Canon MP250 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9W.DLL [28672 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP250 series: C:\WINDOWS\system32\CNMLM9W.DLL [336896 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\EPSON WF-7525 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMHDE.DLL [120320 2011-04-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EPSON XP-900 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBRGE.DLL [187392 2018-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\PDF-XChange Lite Port Monitor: C:\Windows\system32\pxcpmL.dll [2044248 2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\95.0.4638.69\Installer\chrmstp.exe [2021-11-02] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {035626BA-DDB6-44EA-983F-C52E361E5E71} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {1114ECD3-C2DC-47F5-B906-A4878371B383} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {12B72A46-EE80-404A-93B5-2DB018111AD7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1D1E8270-568C-424E-AF6E-573E220722F2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2020-03-16] (Google Inc -> Google Inc.)
Task: {234AA176-3261-4615-91AA-E8E6BAC6AB6F} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe lenovo-utility://
Task: {2A641832-082C-4A81-BCBC-5AE235A705E9} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {2B3208FF-CB6F-4377-A200-305DD4EE8BEF} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Avast Software\Avast\setup\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software)
Task: {2E6C5236-F8DD-4C24-82D8-B0E285608529} - System32\Tasks\CCleanerSkipUAC - Petr => C:\Program Files\CCleaner\CCleaner.exe [29200512 2021-10-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3721E6FB-2B84-418C-93C7-475B15C3C9A1} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {38160384-2101-4AC1-9A6B-EF6D21CD5B1F} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {55AAF1DD-DEA6-4987-9298-6ACFA630CD11} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5E002965-0B4E-4103-8D05-F916DE83C85A} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (No File)
Task: {5FB4FC86-94F6-433B-BBAA-DBFE5814D89E} - \Lenovo\ImController\TimeBasedEvents\cc8204f8-1cc9-48cc-8267-a2e231e3e686 -> No File <==== ATTENTION
Task: {62DAF29D-79A5-4B7F-9D02-28C2C7AC9872} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22655904 2021-10-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {67732AEF-559D-4B06-A3C2-B8EBBAF03366} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [682936 2021-11-05] (Mozilla Corporation -> Mozilla Foundation)
Task: {6B8C8464-9C17-4C46-958E-427A498057D3} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {704BC693-9043-451E-8659-B3B847DCD0E0} - \Lenovo\ImController\TimeBasedEvents\5c6403db-d6bb-4940-8b59-260e6ccf0f02 -> No File <==== ATTENTION
Task: {76169FEC-E762-4F57-9CAC-B93B9C4B2BBA} - \Lenovo\ImController\TimeBasedEvents\6fd26c46-2f3b-4600-8dfa-c086bc523259 -> No File <==== ATTENTION
Task: {8425DCA1-DA42-4F1F-B757-C00101DDB0C9} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe
Task: {A01FF9E2-356D-457F-BF45-EC271656AFDD} - \Lenovo\ImController\TimeBasedEvents\f5987ff6-3fcb-4634-85a8-d59f18d78cef -> No File <==== ATTENTION
Task: {AA3FE7E9-D08E-4A2D-9153-1B09CDC09D02} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22655904 2021-10-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {BD3372F3-02E8-4230-97E9-6EBDDA65E14F} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {C834CF97-82B4-4E40-A665-7165EF56F751} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1600408 2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {CE8CCA4E-F41C-44E1-B02E-699F4B0F27BF} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\ScheduleEventAction.exe [26656 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
Task: {D355DA9E-C096-49D6-8E34-421CACCA3E19} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\ScheduleEventAction.exe [26656 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
Task: {D7712497-51FD-40AE-A68C-238339771D3C} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {DB3A7D27-A44B-47ED-9C80-EE4A25A57879} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-10-19] (Piriform Software Ltd -> Piriform)
Task: {DD8346A8-C2C7-4E86-95DA-B43E0AAB7C2E} - System32\Tasks\EPSON XP-900 Series Update {1D34E24D-3602-4463-BC8C-53017AC68CA0} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSRGE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {E19330AB-9132-4E47-BA78-FDFB49472627} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E1D072A6-7F3D-4AA3-95B9-15661285EB04} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4682976 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
Task: {E8D61772-4C67-4DDE-9036-4DE076C0B70E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EE5A094B-D9FB-41C5-9515-6AEB0F05A531} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2020-03-16] (Google Inc -> Google Inc.)
Task: {F3C24662-D61E-4B52-BF8A-C50C76D21B10} - \Lenovo\ImController\TimeBasedEvents\68175150-dd36-4303-8d1e-16792d6bb5cc -> No File <==== ATTENTION
Task: {F9B6558A-5F57-4AEB-A640-5ED452ECB71E} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\ScheduleEventAction.exe [26656 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
Task: {FECDDD7A-4D11-4297-95FE-A2009051C85A} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\EPSON XP-900 Series Update {1D34E24D-3602-4463-BC8C-53017AC68CA0}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSRGE.EXE:/EXE:{1D34E24D-3602-4463-BC8C-53017AC68CA0} /F:UpdateWORKGROUP\LAPTOP-CVO5E9CR$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8a670c43-512b-4f21-b0c0-e69d33b5050c}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{cc70d8dd-3c19-47ad-9ce9-6e0aeba5712b}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Petr\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-04]

FireFox:
========
FF DefaultProfile: gc13wse2.default
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\gc13wse2.default [2020-09-25]
FF NewTab: Mozilla\Firefox\Profiles\gc13wse2.default -> hxxps://securesearch.org/homepage?hp=2&pId=BT170603&iDate=2020-09-25 10:30:14&bName=
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\h0hpy4yt.default-release [2021-11-07]
FF Homepage: Mozilla\Firefox\Profiles\h0hpy4yt.default-release -> www.seznam.cz
FF NewTab: Mozilla\Firefox\Profiles\h0hpy4yt.default-release -> hxxps://securesearch.org/homepage?hp=2&pId=BT170603&iDate=2020-09-25 10:30:14&bName=
FF NewTabOverride: Mozilla\Firefox\Profiles\h0hpy4yt.default-release -> Enabled: {ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\h0hpy4yt.default-release\Extensions\sp@avast.com.xpi [2021-10-29]
FF Extension: (Avast Online Security & Privacy) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\h0hpy4yt.default-release\Extensions\wrc@avast.com.xpi [2021-10-29]
FF Extension: (Hlídač Shopů) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\h0hpy4yt.default-release\Extensions\{d6f0f975-91a3-4d78-96f7-5f1859ad18b6}.xpi [2020-12-13]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.311.2 -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\dtplugin\npDeployJava1.dll [2021-10-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.311.2 -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\plugin2\npjp2.dll [2021-10-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3231952856-1019465751-811631384-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3231952856-1019465751-811631384-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3231952856-1019465751-811631384-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)

Chrome:
=======
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2021-11-05]
CHR Extension: (Prezentace) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-16]
CHR Extension: (Dokumenty) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-16]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-04-13]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-16]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2021-04-13]
CHR Extension: (Tabulky) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-16]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-04-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-13]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-04-13]
CHR Extension: (Chrome Media Router) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-13]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1309176 2017-03-10] (Autodesk, Inc -> Autodesk Inc.)
S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3833088 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3603200 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12034464 2021-10-12] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4506728 2020-03-25] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [145224 2016-01-13] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\LenovoVantageService.exe [31248 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [973040 2021-10-20] (McAfee, LLC -> McAfee, LLC)
R2 PDF24; C:\Program Files\PDF24\pdf24.exe [585464 2021-10-11] (geek software GmbH -> geek software GmbH)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5414976 2021-10-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 ImControllerService; %SystemRoot%\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35648 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208024 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [357320 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [249304 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [98760 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-24] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41272 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175248 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [521336 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107784 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83360 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [850112 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [465160 2021-03-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326976 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [284672 2021-04-18] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-03-25] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-03-25] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2019-11-08] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435424 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
S1 ecqywhrp; \??\C:\WINDOWS\system32\drivers\ecqywhrp.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-11-07 18:02 - 2021-11-07 18:03 - 000030165 _____ C:\Users\Petr\Desktop\FRST.txt
2021-11-07 18:02 - 2021-11-07 18:03 - 000000000 ____D C:\FRST
2021-11-07 18:01 - 2021-11-07 18:01 - 002312192 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2021-11-07 17:31 - 2021-11-07 17:34 - 000000000 ____D C:\Users\Petr\Downloads\Vysoká hra (2020) 1 část ,1080p
2021-11-07 17:13 - 2021-11-07 17:31 - 000000000 ____D C:\Users\Petr\Downloads\Bábovky 2020 Český film 1080p FullHD
2021-11-07 16:53 - 2021-11-07 17:13 - 000000000 ____D C:\Users\Petr\Downloads\Divoky Spirit - Spirit Untamed 2021 1080p BluRay CZ-SK dabing
2021-11-07 15:48 - 2021-11-07 16:53 - 000000000 ____D C:\Users\Petr\Downloads\Spectre 2015 1080p BluRay
2021-11-07 15:08 - 2021-11-07 15:48 - 000000000 ____D C:\Users\Petr\Downloads\Skyfall, CZ dabing (2012) Full HD 1080p
2021-11-07 14:24 - 2021-11-07 14:24 - 000000000 ____D C:\Users\Petr\Downloads\Spectre (film, 2015)
2021-11-07 14:23 - 2021-11-07 15:08 - 000000000 ____D C:\Users\Petr\Downloads\James Bond-22-Quantum-of-Solace-2008-micro-HD-CZ
2021-11-07 13:59 - 2021-11-07 14:23 - 000000000 ____D C:\Users\Petr\Downloads\James Bond 20 Dnes neumírej ~ (2002) HD cz
2021-11-07 13:43 - 2021-11-07 16:18 - 000000000 ____D C:\Users\Petr\Downloads\Casino Royale - James Bond (2006) GB Akčni Cz dab 1920x800p
2021-11-07 13:38 - 2021-11-07 13:59 - 000000000 ____D C:\Users\Petr\Downloads\James Bond 007 - 1999 - Jeden svet nestačí (r 1999 - 1920x816)
2021-11-07 12:50 - 2021-11-07 12:51 - 000000000 ____D C:\AdwCleaner
2021-11-07 12:48 - 2021-11-07 12:48 - 008553680 _____ (Malwarebytes) C:\Users\Petr\Desktop\adwcleaner_8.3.0.exe
2021-11-07 12:47 - 2021-11-07 12:47 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC
2021-11-06 18:25 - 2021-11-06 20:34 - 000000000 ____D C:\Users\Petr\Downloads\James Bond--3 Zítřek nikdy neumírá
2021-11-06 18:21 - 2021-11-06 20:54 - 000000000 ____D C:\Users\Petr\Downloads\James Bond 007 - 1995 - Zlaté oko (r 1995 - 1920x820)
2021-11-06 18:21 - 2021-11-06 18:22 - 009404102 _____ C:\Users\Petr\Downloads\FIFA 19 - CPY.iso.part
2021-11-06 12:02 - 2021-11-06 12:02 - 000001273 _____ C:\Users\Public\Desktop\Call of Duty Modern Warfare 2 SP.lnk
2021-11-06 12:02 - 2021-11-06 12:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
2021-11-06 11:35 - 2021-11-06 11:35 - 000000000 ____D C:\Program Files (x86)\Activision
2021-11-06 11:26 - 2021-11-06 16:04 - 000000000 ____D C:\Users\Petr\Downloads\Bezva ženská na krku
2021-11-06 11:18 - 2021-11-06 11:22 - 000000000 ____D C:\Users\Petr\Downloads\FormatFactory2021_11_06
2021-11-06 11:17 - 2013-05-26 15:39 - 848208443 _____ C:\Users\Petr\Downloads\Need.for.Speed.Underground.2.CD1-RELOADED_Nazghul.of.UCU.rar
2021-11-06 11:17 - 2013-05-26 15:03 - 811980496 _____ C:\Users\Petr\Downloads\Need.for.Speed.Underground.2.CD2-RELOADED_Nazghul.of.UCU.rar
2021-11-06 11:15 - 2021-11-06 11:16 - 000000000 ____D C:\Users\Petr\Downloads\Call.of.Duty.Modern.Warfare.2.PROPER-SKIDROW
2021-11-06 07:26 - 2021-11-06 07:26 - 000000000 ____D C:\rsit
2021-11-06 07:26 - 2021-11-06 07:26 - 000000000 ____D C:\Program Files\trend micro
2021-11-06 07:25 - 2021-11-06 07:25 - 001222144 _____ C:\Users\Petr\Desktop\RSITx64.exe
2021-11-05 11:30 - 2021-11-05 11:30 - 001972053 _____ C:\Users\Petr\Desktop\Dodák Molo Lipno.pdf
2021-11-05 09:32 - 2021-11-05 18:21 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-11-05 08:50 - 2021-11-05 08:50 - 001862144 _____ (Microsoft) C:\Users\Petr\AppData\Roaming\xxcv.dll
2021-11-05 08:50 - 2021-11-05 08:50 - 000136536 _____ C:\Users\Petr\AppData\Roaming\rony.txt
2021-11-05 08:49 - 2021-11-05 08:49 - 000420864 _____ (A310 Logger) C:\Users\Petr\AppData\Roaming\all cookies.exe
2021-11-05 08:49 - 2021-11-05 08:49 - 000188416 _____ (NirSoft) C:\Users\Petr\AppData\Roaming\1.exe
2021-11-05 08:49 - 2021-11-05 08:49 - 000005120 _____ (Microsoft) C:\Users\Petr\AppData\Roaming\0.exe
2021-11-05 08:49 - 2021-11-05 08:49 - 000000032 _____ C:\Users\Petr\AppData\Roaming\++.bat
2021-11-05 08:45 - 2021-11-05 08:45 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2021-11-05 08:45 - 2021-11-05 08:45 - 000000000 ____D C:\Program Files\Reference Assemblies
2021-11-05 08:45 - 2021-11-05 08:45 - 000000000 ____D C:\Program Files\MSBuild
2021-11-05 08:45 - 2021-11-05 08:45 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2021-11-05 08:45 - 2021-11-05 08:45 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-11-04 13:41 - 2021-11-04 13:41 - 000000000 ____D C:\Program Files (x86)\Microsoft Games
2021-11-04 13:30 - 2021-11-04 13:30 - 012348068 _____ C:\Users\Petr\AppData\Roaming\fffffffffffffffffffffffffdsds.txt
2021-11-04 13:30 - 2021-11-04 13:30 - 000172032 _____ C:\Users\Petr\AppData\Roaming\fffffffffffffffffffffffffdsds3.txt
2021-11-04 13:30 - 2021-11-04 13:30 - 000021164 _____ C:\Users\Petr\AppData\Roaming\fffffffffffffffffffffffffdsds1.txt
2021-11-04 13:30 - 2021-11-04 13:30 - 000015872 _____ (Microsoft) C:\Users\Petr\AppData\Roaming\specific.exe
2021-11-04 13:30 - 2021-11-04 13:30 - 000000003 _____ C:\Users\Petr\AppData\Roaming\cvcv.txt
2021-11-04 09:59 - 2021-11-07 12:47 - 000000000 ____D C:\Program Files\CCleaner
2021-11-04 09:59 - 2021-11-04 09:59 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-11-04 09:59 - 2021-11-04 09:59 - 000002900 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Petr
2021-11-04 09:59 - 2021-11-04 09:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-11-03 18:57 - 2021-11-03 18:57 - 003313713 _____ C:\Users\Petr\Desktop\Roubal Petr-propouštěcí zpráva.pdf
2021-11-03 03:22 - 2021-11-03 03:22 - 000001157 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-11-03 03:22 - 2021-11-03 03:22 - 000000000 ____D C:\Program Files\PCHealthCheck
2021-10-29 12:46 - 2021-10-29 13:34 - 876149020 _____ C:\Users\Petr\Downloads\Tlapkova.patrola.ve.filmu.PAW.Patrol.The.Movie.2021.480p.WEBRip.x264.CZ.mkv
2021-10-26 09:33 - 2021-10-26 11:50 - 2490996114 _____ C:\Users\Petr\Downloads\Potulny samuraj Kenšin-Pocatek-2021-CZ-TIT).mkv
2021-10-25 17:30 - 2021-10-25 18:38 - 000000000 ____D C:\Users\Petr\Downloads\Tenet (2020) CZ dabing
2021-10-25 15:51 - 2021-10-25 17:25 - 2769839561 _____ C:\Users\Petr\Downloads\Severní Marseilles -The.Stronghold.2021.1080p.WEB-DL.DDP5.1.x264 titulky CZ.mkv
2021-10-25 07:31 - 2021-10-25 07:31 - 000836817 _____ C:\Users\Petr\Desktop\OP Roubalovi.zip
2021-10-22 13:02 - 2021-10-22 13:54 - 000000000 ____D C:\Users\Petr\Downloads\Born a Champion
2021-10-22 11:38 - 2021-10-22 13:02 - 2500415411 _____ C:\Users\Petr\Downloads\Free Guy. Free Guy. Free Guy. Free Guy.2021.CZ Dabing.Full HD.1080p.BluRay.5.1.mkv
2021-10-20 18:24 - 2021-10-20 18:24 - 002265120 _____ C:\Users\Petr\Desktop\SmlouvaVop_SmlouvaPMO_1000069896_0001.pdf
2021-10-20 07:45 - 2021-10-20 07:45 - 000456431 _____ C:\Users\Petr\Desktop\Petr Roubal_Žádost_o_uzavření_smlouvy.pdf
2021-10-18 18:51 - 2021-11-04 18:06 - 000000000 ____D C:\Users\Petr\AppData\Local\WhatsApp
2021-10-18 13:59 - 2021-10-18 13:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2021-10-18 13:58 - 2021-10-18 13:59 - 000000000 ____D C:\Program Files\PDF24
2021-10-18 11:31 - 2021-10-18 13:11 - 2943872007 _____ C:\Users\Petr\Downloads\Dune.2021.1080p.WEBRip.x264.AAC5.1-titulky CZ.mkv
2021-10-13 04:04 - 2021-10-13 04:04 - 000706536 _____ C:\WINDOWS\system32\TextShaping.dll
2021-10-13 04:04 - 2021-10-13 04:04 - 000611960 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-10-13 04:04 - 2021-10-13 04:04 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-10-13 04:04 - 2021-10-13 04:04 - 000203264 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
2021-10-13 04:04 - 2021-10-13 04:04 - 000158208 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-10-13 04:04 - 2021-10-13 04:04 - 000098304 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-10-13 04:04 - 2021-10-13 04:04 - 000040960 _____ C:\WINDOWS\system32\uwfservicingapi.dll
2021-10-13 04:04 - 2021-10-13 04:04 - 000011495 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-10-13 03:57 - 2021-10-13 03:58 - 000000000 ___HD C:\$WinREAgent
2021-10-13 03:48 - 2021-10-13 03:48 - 000000000 ____D C:\WINDOWS\Panther
2021-10-11 17:05 - 2021-11-05 18:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-11-07 18:03 - 2020-03-31 08:13 - 000000000 ____D C:\Users\Petr\AppData\Roaming\WhatsApp
2021-11-07 18:00 - 2020-03-24 20:45 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\Mozilla
2021-11-07 17:59 - 2021-04-18 21:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-11-07 17:50 - 2020-03-16 11:39 - 000000000 ____D C:\Program Files (x86)\Google
2021-11-07 17:36 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-11-07 14:25 - 2020-03-30 18:32 - 000000000 ____D C:\Users\Petr\AppData\Roaming\vlc
2021-11-07 13:54 - 2020-03-30 09:07 - 000000000 ____D C:\Users\Petr\AppData\Roaming\eM Client
2021-11-07 13:35 - 2020-03-24 21:45 - 000000000 ____D C:\Users\Petr\AppData\Local\JDownloader 2.0
2021-11-07 12:51 - 2021-04-18 21:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2021-11-07 12:51 - 2020-03-16 11:48 - 000000000 ____D C:\WINDOWS\Lenovo
2021-11-07 12:51 - 2020-03-16 11:39 - 000000000 ____D C:\Users\Petr\AppData\Local\Lenovo
2021-11-07 12:51 - 2019-11-29 23:00 - 000000000 ____D C:\ProgramData\Lenovo
2021-11-07 12:50 - 2021-04-18 21:49 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3231952856-1019465751-811631384-1001
2021-11-07 12:50 - 2021-04-18 21:44 - 000002385 _____ C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-11-07 12:47 - 2020-06-08 18:44 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-11-07 12:47 - 2020-03-16 11:34 - 000000000 __SHD C:\Users\Petr\IntelGraphicsProfiles
2021-11-07 12:47 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-11-07 12:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-11-06 16:38 - 2021-01-13 22:49 - 001103144 _____ C:\Users\Petr\Desktop\RD Roubalovi Drásov.fdb
2021-11-06 13:01 - 2020-03-16 11:34 - 000000000 ____D C:\Users\Petr\AppData\Local\VirtualStore
2021-11-06 11:19 - 2020-11-02 22:18 - 000000000 ____D C:\FFOutput
2021-11-06 05:19 - 2021-02-09 18:03 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-11-06 00:32 - 2021-04-18 21:49 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-11-05 18:21 - 2020-03-24 11:41 - 000001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-11-05 18:21 - 2020-03-24 11:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-11-05 10:20 - 2020-03-25 06:20 - 000000000 ____D C:\Práce
2021-11-05 09:10 - 2021-04-18 21:52 - 001693864 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-11-05 09:10 - 2019-12-07 15:43 - 000719668 _____ C:\WINDOWS\system32\perfh005.dat
2021-11-05 09:10 - 2019-12-07 15:43 - 000145794 _____ C:\WINDOWS\system32\perfc005.dat
2021-11-05 09:10 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-11-05 09:05 - 2021-04-18 21:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-11-05 09:05 - 2021-04-18 21:42 - 000008192 ___SH C:\DumpStack.log.tmp
2021-11-05 09:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-11-05 09:04 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-11-05 09:01 - 2021-04-19 13:59 - 000000000 ____D C:\Users\Petr\AppData\Local\D3DSCache
2021-11-05 08:46 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-11-05 08:45 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2021-11-05 08:45 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\MUI
2021-11-04 10:07 - 2020-07-16 14:49 - 000000000 ____D C:\Users\Petr\AppData\Local\CrashDumps
2021-11-03 10:21 - 2019-04-19 06:00 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-11-02 18:43 - 2019-11-29 23:01 - 000000000 ____D C:\Program Files\Microsoft Office
2021-11-02 14:35 - 2020-03-16 11:44 - 000002312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-10-29 16:43 - 2020-03-16 11:34 - 000000000 ____D C:\Users\Petr\AppData\Local\Packages
2021-10-26 16:05 - 2020-12-23 19:56 - 000000000 ____D C:\Moje
2021-10-25 15:14 - 2020-03-16 11:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2021-10-25 15:14 - 2020-03-16 11:59 - 000000000 ____D C:\Program Files (x86)\Java
2021-10-25 15:13 - 2020-03-16 11:59 - 000164696 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2021-10-24 21:22 - 2020-03-16 11:51 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Kerio Connect
2021-10-18 18:51 - 2020-03-31 08:13 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2021-10-18 18:51 - 2020-03-16 11:51 - 000000000 ____D C:\Users\Petr\AppData\Local\SquirrelTemp
2021-10-14 15:56 - 2020-12-23 19:42 - 000000000 ____D C:\Users\Petr\Desktop\Nová složka
2021-10-14 15:41 - 2020-11-15 12:41 - 000007725 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2021-10-14 05:58 - 2020-03-16 11:39 - 000002147 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-10-13 14:11 - 2021-04-18 21:49 - 000003522 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2021-10-13 13:53 - 2020-07-16 14:50 - 000001115 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eM Client.lnk
2021-10-13 13:53 - 2020-03-30 09:07 - 000000000 ____D C:\Program Files (x86)\eM Client
2021-10-13 04:44 - 2021-04-18 21:42 - 000531768 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-10-13 04:44 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-10-13 04:44 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-10-13 04:44 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-10-13 04:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-10-13 04:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-10-13 04:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-10-13 04:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-10-13 04:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-10-13 04:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-10-13 04:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-10-13 03:53 - 2020-03-16 11:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-10-13 03:50 - 2020-03-16 11:44 - 139806512 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-10-10 19:06 - 2021-04-26 09:22 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d73493d84a012d
2021-10-10 19:06 - 2021-04-18 21:49 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-08 12:45 - 2020-10-03 19:38 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools

==================== Files in the root of some directories ========

2021-11-05 08:49 - 2021-11-05 08:49 - 000000032 _____ () C:\Users\Petr\AppData\Roaming\++.bat
2021-11-05 08:49 - 2021-11-05 08:49 - 000005120 _____ (Microsoft) C:\Users\Petr\AppData\Roaming\0.exe
2021-11-05 08:49 - 2021-11-05 08:49 - 000188416 _____ (NirSoft) C:\Users\Petr\AppData\Roaming\1.exe
2021-11-05 08:49 - 2021-11-05 08:49 - 000420864 _____ (A310 Logger) C:\Users\Petr\AppData\Roaming\all cookies.exe
2021-11-04 13:30 - 2021-11-04 13:30 - 000000003 _____ () C:\Users\Petr\AppData\Roaming\cvcv.txt
2021-11-04 13:30 - 2021-11-04 13:30 - 012348068 _____ () C:\Users\Petr\AppData\Roaming\fffffffffffffffffffffffffdsds.txt
2021-11-04 13:30 - 2021-11-04 13:30 - 000021164 _____ () C:\Users\Petr\AppData\Roaming\fffffffffffffffffffffffffdsds1.txt
2021-11-04 13:30 - 2021-11-04 13:30 - 000172032 _____ () C:\Users\Petr\AppData\Roaming\fffffffffffffffffffffffffdsds3.txt
2021-11-05 08:50 - 2021-11-05 08:50 - 000136536 _____ () C:\Users\Petr\AppData\Roaming\rony.txt
2021-11-04 13:30 - 2021-11-04 13:30 - 000015872 _____ (Microsoft) C:\Users\Petr\AppData\Roaming\specific.exe
2021-11-05 08:50 - 2021-11-05 08:50 - 001862144 _____ (Microsoft) C:\Users\Petr\AppData\Roaming\xxcv.dll
2021-02-10 16:21 - 2021-02-10 16:21 - 000000000 _____ () C:\Users\Petr\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

ATTENTION: ==> Could not access BCD. ->
==================== End of FRST.txt ========================

cudla11 · #6 Příspěvek od **cudla11** » 07 lis 2021 18:06

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-11-2021
Ran by Petr (07-11-2021 18:04:25)
Running from C:\Users\Petr\Desktop
Microsoft Windows 10 Pro Version 20H2 19042.1288 (X64) (2021-04-18 20:49:44)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3231952856-1019465751-811631384-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3231952856-1019465751-811631384-503 - Limited - Disabled)
Guest (S-1-5-21-3231952856-1019465751-811631384-501 - Limited - Disabled)
Petr (S-1-5-21-3231952856-1019465751-811631384-1001 - Administrator - Enabled) => C:\Users\Petr
WDAGUtilityAccount (S-1-5-21-3231952856-1019465751-811631384-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ABBYY FineReader 12 Professional (HKLM-x32\...\{F12000FE-0001-0000-0000-074957833700}) (Version: 12.1.625 - ABBYY Production LLC)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.007.20099 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe)
AutoCAD 2018 – Čeština (Czech) (HKLM\...\{28B89EEF-1001-0405-2102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
AutoCAD 2018 - English (HKLM\...\{28B89EEF-1001-0409-2102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
AutoCAD 2018 VBA Enabler (HKLM\...\{C33F3BA8-CA07-4449-012D-B043FE6029AA}) (Version: 22.0.49.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2018 (HKLM-x32\...\{177AD7F6-9C77-4E50-BA53-B7259C5F282D}) (Version: 16.11.1.0 - Autodesk)
Autodesk App Manager 2016-2018 (HKLM-x32\...\{20EC0CA2-346E-4660-9903-51B278DF15F6}) (Version: 2.4.0 - Autodesk)
Autodesk AutoCAD 2018 - English (HKLM\...\AutoCAD 2018 - English) (Version: 22.0.49.0 - Autodesk)
Autodesk AutoCAD 2018 Language Pack – Čeština (Czech) (HKLM\...\AutoCAD 2018 – Čeština (Czech)) (Version: 22.0.49.0 - Autodesk)
Autodesk AutoCAD 2018 VBA Enabler (HKLM\...\AutoCAD 2018 VBA Enabler) (Version: 22.0.49.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.8 (HKLM-x32\...\{214D3370-746E-4886-8EAA-5769EB87D044}) (Version: 1.2.8.0 - Autodesk)
Autodesk Material Library 2018 (HKLM-x32\...\{7847611E-92E9-4917-B395-71C91D523104}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2018 (HKLM-x32\...\{FCDED119-A969-4E48-8A32-D21AD6B03253}) (Version: 16.11.1.0 - Autodesk)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 21.1.2449 - Avast Software)
Call of Duty Modern Warfare 2 (HKLM-x32\...\Call of Duty Modern Warfare 2_is1) (Version: - Activision)
Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.86 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.12.0.1152 - Disc Soft Ltd)
Dynamic Application Loader Host Interface Service (HKLM\...\{C1FFE6F8-BB6C-40B3-9C65-A1CC0962896A}) (Version: 1.0.0.0 - Intel Corporation) Hidden
eM Client (HKLM-x32\...\{DCA2551A-C6C8-413E-85B5-5FECAAE001AF}) (Version: 8.2.1659.0 - eM Client Inc.)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{28C66F35-69BF-4376-BC80-4D5F4808FF3C}) (Version: 4.6.1 - Seiko Epson Corporation)
EPSON WF-7525 Series Printer Uninstall (HKLM\...\EPSON WF-7525 Series) (Version: - SEIKO EPSON Corporation)
FormatFactory 5.8.1.0 (HKLM-x32\...\FormatFactory) (Version: 5.8.1.0 - Free Time)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 95.0.4638.69 - Google LLC)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1910.12.0.1239 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.7812 - Intel Corporation)
Java 8 Update 311 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180311F0}) (Version: 8.0.3110.11 - Oracle Corporation)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
J-Link 2.3.1.1182 (HKLM-x32\...\J-Link 2.3.1.1182_is1) (Version: J-Link 2.3.1.1182 - Jablotron Alarms a.s.)
Kerio Connect (HKU\S-1-5-21-3231952856-1019465751-811631384-1001\...\KerioConnect) (Version: 9.3.1.16367 - Kerio Technologies Inc.)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Lenovo Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.82.00.18 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.9.23.0 - Lenovo Group Ltd.)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.14527.20234 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 95.0.1020.44 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 95.0.1020.44 - Microsoft Corporation)
Microsoft Office 2016 pro podnikatele - cs-cz (HKLM\...\HomeBusinessRetail - cs-cz) (Version: 16.0.14527.20234 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3231952856-1019465751-811631384-1001\...\OneDriveSetup.exe) (Version: 21.205.1003.0005 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3231952856-1019465751-811631384-1001\...\Teams) (Version: 1.4.00.11161 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
MiniTool Partition Wizard (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: 12 - MiniTool Software Limited)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 94.0.1 (x64 cs)) (Version: 94.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 74.0 - Mozilla)
Odinstalace tiskárny EPSON XP-900 Series (HKLM\...\EPSON XP-900 Series) (Version: - Seiko Epson Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20234 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20234 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
PDF24 Creator 10.6.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 10.6.0 - PDF24.org)
PDF-XChange Editor (HKLM\...\{D7DBC941-C042-4276-93C9-A91B373AF0D8}) (Version: 9.0.351.0 - Tracker Software Products (Canada) Ltd.) Hidden
PDF-XChange Editor (HKLM-x32\...\{604944cd-f303-4436-bc7b-7a538b64c872}) (Version: 9.0.351.0 - Tracker Software Products (Canada) Ltd.)
Počítačová aplikace Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.5.154 - Autodesk)
Speciální aplikace Autodesk 2016-2018 (HKLM-x32\...\{384C4B74-B749-4AB6-9367-4D51A6AA9CB8}) (Version: 2.4.0 - Autodesk)
Teretron (HKLM\...\Teretron) (Version: - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.50 - Ghisler Software GmbH)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.12 - VideoLAN)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.641 - McAfee, LLC)
WhatsApp (HKU\S-1-5-21-3231952856-1019465751-811631384-1001\...\WhatsApp) (Version: 2.2142.12 - WhatsApp)
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)

Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.10.20.0_x86__kgqvnymyfvs32 [2021-10-13] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.68.2.0_x86__kgqvnymyfvs32 [2021-11-05] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-10-31] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_132.1.257.0_x64__v10z8vjag6ke6 [2021-11-02] (HP Inc.)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.1.32.0_x64__5grkq8ppsgwt4 [2021-11-05] (LENOVO INC) [Startup Task]
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2110.15.0_x64__k1h2ywk1493x8 [2021-11-03] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-04-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-04-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.10270.0_x64__8wekyb3d8bbwe [2021-11-03] (Microsoft Studios) [MS Ad]
Power2Go for Lenovo -> C:\Program Files\WindowsApps\CyberLinkCorp.th.Power2GoforLenovo_8.0.12518.0_x86__m916jedk64snt [2021-06-20] (CYBERLINKCOM CORPORATION) [Startup Task]
PowerDVD for Lenovo -> C:\Program Files\WindowsApps\CyberLinkCorp.th.PowerDVDforLenovo_14.2.2520.0_x86__m916jedk64snt [2020-07-23] (CYBERLINKCOM CORPORATION)
Raw Image Extension -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_1.0.41311.0_x64__8wekyb3d8bbwe [2021-11-03] (Microsoft Corporation)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-26] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0 [2021-11-01] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3231952856-1019465751-811631384-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-3231952856-1019465751-811631384-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21063.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3231952856-1019465751-811631384-1001_Classes\CLSID\{9AAF0EB6-42D8-46C1-A2EF-679511B37A0D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3231952856-1019465751-811631384-1001_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3231952856-1019465751-811631384-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
CustomCLSID: HKU\S-1-5-21-3231952856-1019465751-811631384-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2018\en-US\acadficn.dll (Autodesk, Inc -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll -> No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2017-02-03] (Autodesk, Inc -> Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll -> No File
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2017-02-03] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll -> No File
ContextMenuHandlers1: [FineReader12ContextMenu] -> {55344AC6-630B-430C-B292-C7BE21F90061} => C:\Program Files (x86)\ABBYY FineReader 12\FRIntegration.x64.dll [2016-10-18] (ABBYY Production LLC -> ABBYY Production LLC.)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx_108.dll [2020-08-04] (Free Time) [File not signed]
ContextMenuHandlers1: [PDFXChange Editor Context menu] -> {2ACD35AB-F74A-4C20-AA9B-2DE80081626D} => C:\Program Files\Tracker Software\Shell Extensions\XCShellMenu.x64.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-03-25] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll -> No File
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-03-25] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx_108.dll [2020-08-04] (Free Time) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8a8976fda8c58073\igfxDTCM.dll [2020-04-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll -> No File
ContextMenuHandlers6: [FineReader12ContextMenu] -> {55344AC6-630B-430C-B292-C7BE21F90061} => C:\Program Files (x86)\ABBYY FineReader 12\FRIntegration.x64.dll [2016-10-18] (ABBYY Production LLC -> ABBYY Production LLC.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-03-24 21:45 - 2018-05-09 08:45 - 000142336 _____ () [File not signed] C:\Users\Petr\AppData\Local\JDownloader 2.0\.install4j\i4jinst.dll
2021-11-07 13:35 - 2021-11-07 13:35 - 004193064 _____ () [File not signed] C:\Users\Petr\AppData\Local\JDownloader 2.0\tmp\7zip\SevenZipJBinding-Do9iQmsMdyfO\lib7-Zip-JBinding.dll
2020-08-04 10:46 - 2020-08-04 10:46 - 000341504 _____ (Free Time) [File not signed] C:\Program Files (x86)\FormatFactory\ShellEx_108.dll
2021-11-07 13:35 - 2021-11-07 13:35 - 000216576 ____N (Java(TM) Native Access (JNA)) [File not signed] C:\Users\Petr\AppData\Local\JDownloader 2.0\tmp\jna\jna6840121276130420192.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-3231952856-1019465751-811631384-1001\Software\Classes\.scr: AutoCADScriptFile =>

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3231952856-1019465751-811631384-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=BT170603&iDate=2020-09-25 10:30:14&bName=
HKU\S-1-5-21-3231952856-1019465751-811631384-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-3231952856-1019465751-811631384-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-3231952856-1019465751-811631384-1001 -> DefaultScope {71D49EE1-5299-4D9B-8BE9-D1F791C7DE0F} URL =
SearchScopes: HKU\S-1-5-21-3231952856-1019465751-811631384-1001 -> {71D49EE1-5299-4D9B-8BE9-D1F791C7DE0F} URL =
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-10-20] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\ssv.dll [2021-10-25] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-10-20] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\jp2ssv.dll [2021-10-25] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3231952856-1019465751-811631384-1001\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3231952856-1019465751-811631384-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKLM\...\StartupApproved\Run32: => "Bonus.SSR.FR12"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{1B9EE180-98B7-48B5-BCC1-4BFC86C7B852}C:\users\petr\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\petr\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{9B4C9D2F-6DE9-4E35-B216-C666F4244AB8}C:\users\petr\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\petr\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{AF7046A1-0BF8-41EF-9B31-FCE28313FDA0}C:\totalcmd\totalcmd64.exe] => (Block) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [TCP Query User{F7144D2C-DDE6-40F2-A28C-6FF9FE556052}C:\totalcmd\totalcmd64.exe] => (Block) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{29DB4E00-DA47-4C8D-8968-E71C8B5B2F6D}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe => No File
FirewallRules: [UDP Query User{31382625-C62D-4B6E-95D6-3E4F6894EE36}C:\users\petr\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\petr\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{10761921-3FED-4E95-8B9B-9222C36F74E8}C:\users\petr\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\petr\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5E2BEFB0-B1A0-4B07-BB94-DBF67F2045FE}] => (Allow) C:\Program Files (x86)\eM Client\MailClient.exe (eM Client, s.r.o. -> eM Client s.r.o.)
FirewallRules: [{A2F751BE-2D05-405B-9C3D-2C05A2CE6448}] => (Allow) C:\Program Files (x86)\eM Client\MailClient.exe (eM Client, s.r.o. -> eM Client s.r.o.)
FirewallRules: [{85461371-7BEB-4380-9E99-5000B7E6A39E}] => (Allow) C:\Program Files (x86)\eM Client\MailClient.exe (eM Client, s.r.o. -> eM Client s.r.o.)
FirewallRules: [{3B2A912D-FDA3-4AE7-BAC1-9076F68FD9BD}] => (Allow) C:\Program Files (x86)\eM Client\MailClient.exe (eM Client, s.r.o. -> eM Client s.r.o.)
FirewallRules: [UDP Query User{316B2FCA-EF86-47C7-8755-BD1DF851F527}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{BBD1A384-7934-462A-8ADB-8E5E86FBF634}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{52344EB8-2CF9-4F55-98E0-E77B079DDD6E}C:\program files (x86)\fifa19\fifa19.exe] => (Block) C:\program files (x86)\fifa19\fifa19.exe => No File
FirewallRules: [TCP Query User{83FAB628-FC4D-49A0-BA64-02A66D9F1A46}C:\program files (x86)\fifa19\fifa19.exe] => (Block) C:\program files (x86)\fifa19\fifa19.exe => No File
FirewallRules: [{347C3811-0109-43BB-B34C-C45047BC13DF}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{C267C6E7-F616-4E26-AC97-13AF4671B0FA}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{35F519DA-BB7B-4286-8229-3C4410219830}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe => No File
FirewallRules: [{8F24FCDA-3FEC-4CAF-A383-EDF91CA1B2AB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{095E8528-0149-4A50-A838-9247A041FC00}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{05AC3A0F-5C9D-4148-9158-A7E4440ABE11}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技（上海）有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{D846A304-824E-4176-9CB0-2C4BDDBC626D}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技（上海）有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{2F78084C-F2A2-45CB-B959-5D9FA0E4162A}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技（上海）有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{1FD9EC2D-7156-4237-A853-D5F0639D38A2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E89A69ED-B35F-4EB2-A5E9-A8FE7E265B2D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{52E39CC4-FE04-4EE2-9887-BD39C07DD728}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A7E67FC2-99AA-494E-8442-01A98C46D5A7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DDC8D16B-83C5-4766-BC38-3C60D0224363}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{156FC42E-F86A-4247-8D6A-8D0609657C67}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4A884F77-2B0C-406C-9B2A-B72A26D4BD48}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{998A0890-12D3-4FCC-A6AC-BB247AAB847B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{66B4CE54-4890-44F4-8A26-854C827A9F07}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A9CA6E50-F419-4205-9F76-87AF093804E0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{1291E208-20B2-45C7-B576-6371FFCD7CB3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{005AD630-8E1F-40BB-A649-3D5E334F058F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C5DEF250-AF99-4760-8FF1-3ED6D668D49E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4701E985-0975-4038-AF69-5B83E15ABB47}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6F1D9DA7-5C2F-489E-A6FB-2B1E10761B9E}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\95.0.1020.44\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

05-11-2021 08:43:43 Instalační služba modulů systému Windows
06-11-2021 12:27:32 Nainstalováno rozhraní DirectX
06-11-2021 13:00:35 Nainstalováno: Microsoft Visual C++ 2005 Redistributable
07-11-2021 12:51:43 AdwCleaner_BeforeCleaning_07/11/2021_12:51:42

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (11/05/2021 09:04:51 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (11/05/2021 09:04:51 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (11/05/2021 08:33:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SETUP.exe_AFRICANO, verze: 1.0.0.0, časové razítko: 0x5fdb0148
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1288, časové razítko: 0x3e55bd0b
Kód výjimky: 0xe0434352
Posun chyby: 0x0012b5b2
ID chybujícího procesu: 0x2268
Čas spuštění chybující aplikace: 0x01d7d21769d0af25
Cesta k chybující aplikaci: C:\Users\Petr\Downloads\a\SETUP.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 5f310951-2ec6-465c-8cb7-a8ecae3415cb
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/05/2021 08:33:24 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: SETUP.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.BadImageFormatException

Informace o výjimce: System.BadImageFormatException
na System.Reflection.RuntimeAssembly.nLoadImage(Byte[], Byte[], System.Security.Policy.Evidence, System.Threading.StackCrawlMark ByRef, Boolean, Boolean, System.Security.SecurityContextSource)
na System.AppDomain.Load(Byte[])
na tAPPiYMapBUWcgPmGB.HjITaG5ovMjgtj5aUT.GlkiSLJlmt()

Error: (11/04/2021 01:30:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: fifa 20.exe, verze: 1.0.0.0, časové razítko: 0x5ff502ba
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1288, časové razítko: 0x3e55bd0b
Kód výjimky: 0xe0434352
Posun chyby: 0x0012b5b2
ID chybujícího procesu: 0x934
Čas spuštění chybující aplikace: 0x01d7d177ae6b7096
Cesta k chybující aplikaci: C:\Program Files (x86)\FIFA20\fifa 20.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 1baa2dd2-9a5c-4277-b49a-ff562829c919
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/04/2021 01:30:34 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: fifa 20.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.ComponentModel.Win32Exception
na System.Diagnostics.Process.StartWithShellExecuteEx(System.Diagnostics.ProcessStartInfo)
na System.Diagnostics.Process.Start()
na System.Diagnostics.Process.Start(System.Diagnostics.ProcessStartInfo)
na mmmmmmmmmmmmm3.fffffffffffffffffffffffffdsds(System.String)
na wafaa.meral()
na WindowsFormsApplication1.Form1..ctor()
na WindowsFormsApplication1.Program.Main()

Error: (10/13/2021 03:50:48 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-CVO5E9CR$ přes https://INTC-KeyId-6ca9df62a1aae23e0feb ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Gateway timeout.
HTTP/1.1 504 Gateway timeout.
Date: Wed, 13 Oct 2021 14:50:47 GMT
Content-Length: 0

Metoda: GET(20172ms)
Fáze: GetCACaps
Časový limit brány (504) 0x801901f8 (-2145844744 HTTP_E_STATUS_GATEWAY_TIMEOUT)

Error: (10/13/2021 01:50:28 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-CVO5E9CR$ přes https://INTC-KeyId-6ca9df62a1aae23e0feb ... s/Aik/scep se nepovedla:

GetCACaps

Metoda: GET(47ms)
Fáze: GetCACaps
Nelze rozpoznat název nebo adresu serveru. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

System errors:
=============
Error: (11/07/2021 01:02:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (11/07/2021 12:51:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba System Interface Foundation Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/07/2021 12:51:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba LenovoVantageService byla neočekávaně ukončena. Tento stav nastal již 2krát.

Error: (11/07/2021 12:51:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba McAfee WebAdvisor byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1 milisekund: Restartovat službu.

Error: (11/07/2021 12:51:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Conexant SmartAudio service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/07/2021 12:51:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba PDF24 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (11/07/2021 12:51:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (11/07/2021 12:51:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Disc Soft Lite Bus Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

==================== Memory info ===========================

BIOS: LENOVO 6SCN54WW 05/17/2021
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz
Percentage of memory in use: 62%
Total physical RAM: 7613.43 MB
Available physical RAM: 2861.38 MB
Total Virtual: 16567.51 MB
Available Virtual: 10908.39 MB

==================== Drives ================================

Drive c: (Windows-SSD) (Fixed) (Total:237.23 GB) (Free:21.08 GB) NTFS

\\?\Volume{3944c868-d993-4fad-89d1-4a62e0d8abf9}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.49 GB) NTFS
\\?\Volume{65b7ba2c-048c-4020-b359-4c7f8094bba3}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: C27D31B5)

Partition: GPT.

==================== End of Addition.txt =======================

cudla11 · #7 Příspěvek od **cudla11** » 14 lis 2021 14:43

Je vše v pořádku??
Děkuji

#8 Příspěvek od **Diallix** » 28 lis 2021 17:08

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-09-27] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3231952856-1019465751-811631384-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Petr\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3231952856-1019465751-811631384-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Petr\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3231952856-1019465751-811631384-1001\...\RunOnce: [Uninstall 21.205.1003.0003] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Petr\AppData\Local\Microsoft\OneDrive\21.205.1003.0003" (No File)
HKU\S-1-5-21-3231952856-1019465751-811631384-1001\...\Policies\Explorer: []
HKU\S-1-5-21-3231952856-1019465751-811631384-1001\...\MountPoints2: {44e139bf-6e57-11ea-90ba-482ae369c4f1} - "F:\Setup.exe"
HKU\S-1-5-21-3231952856-1019465751-811631384-1001\...\Winlogon: [Shell] %comspec% <==== ATTENTION
HKU\S-1-5-21-3231952856-1019465751-811631384-1001\...\Command Processor: @mode 20,5 & tasklist /FI "IMAGENAME eq SoundMixer.exe" 2>NUL | find /I /N "SoundMixer.exe">NUL && exit & if exist "C:\Users\Petr\AppData\Roaming\Microsoft\SoundMixer\SoundMixer.exe" ( start /MIN "" "C:\Users\Petr\AppData\Roaming\Microsoft\SoundMixer\SoundMixer.exe" & tasklist /FI "IMAGENAME eq explorer.exe" 2>NUL | find /I /N "explorer.exe">NUL && exit & explorer.exe & exit ) else ( tasklist /FI "IMAGENAME eq explorer.exe" 2>NUL | find /I /N "explorer.exe">NUL && exit & explorer.exe & exit ) <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {035626BA-DDB6-44EA-983F-C52E361E5E71} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {1114ECD3-C2DC-47F5-B906-A4878371B383} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {1D1E8270-568C-424E-AF6E-573E220722F2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2020-03-16] (Google Inc -> Google Inc.)
Task: {38160384-2101-4AC1-9A6B-EF6D21CD5B1F} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {5E002965-0B4E-4103-8D05-F916DE83C85A} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (No File)
Task: {5FB4FC86-94F6-433B-BBAA-DBFE5814D89E} - \Lenovo\ImController\TimeBasedEvents\cc8204f8-1cc9-48cc-8267-a2e231e3e686 -> No File <==== ATTENTION
Task: {704BC693-9043-451E-8659-B3B847DCD0E0} - \Lenovo\ImController\TimeBasedEvents\5c6403db-d6bb-4940-8b59-260e6ccf0f02 -> No File <==== ATTENTION
Task: {76169FEC-E762-4F57-9CAC-B93B9C4B2BBA} - \Lenovo\ImController\TimeBasedEvents\6fd26c46-2f3b-4600-8dfa-c086bc523259 -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\EPSON XP-900 Series Update {1D34E24D-3602-4463-BC8C-53017AC68CA0}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSRGE.EXE:/EXE:{1D34E24D-3602-4463-BC8C-53017AC68CA0} 
Task: {F3C24662-D61E-4B52-BF8A-C50C76D21B10} - \Lenovo\ImController\TimeBasedEvents\68175150-dd36-4303-8d1e-16792d6bb5cc -> No File <==== ATTENTION
Task: {A01FF9E2-356D-457F-BF45-EC271656AFDD} - \Lenovo\ImController\TimeBasedEvents\f5987ff6-3fcb-4634-85a8-d59f18d78cef -> No File <==== ATTENTION
Task: {BD3372F3-02E8-4230-97E9-6EBDDA65E14F} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
FF NewTab: Mozilla\Firefox\Profiles\gc13wse2.default -> hxxps://securesearch.org/homepage?hp=2&pId=BT170603&iDate=2020-09-25 10:30:14&bName=
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\h0hpy4yt.default-release [2021-11-07]
FF Homepage: Mozilla\Firefox\Profiles\h0hpy4yt.default-release -> www.seznam.cz
FF NewTab: Mozilla\Firefox\Profiles\h0hpy4yt.default-release -> hxxps://securesearch.org/homepage?hp=2&pId=BT170603&iDate=2020-09-25 10:30:14&bName=
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
S2 ImControllerService; %SystemRoot%\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [X]
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
S1 ecqywhrp; \??\C:\WINDOWS\system32\drivers\ecqywhrp.sys [X]
CustomCLSID: HKU\S-1-5-21-3231952856-1019465751-811631384-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll -> No File
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll -> No File
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-03-25] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx_108.dll [2020-08-04] (Free Time) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll -> No File
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3231952856-1019465751-811631384-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=BT170603&iDate=2020-09-25 10:30:14&bName=
HKU\S-1-5-21-3231952856-1019465751-811631384-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-3231952856-1019465751-811631384-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-3231952856-1019465751-811631384-1001 -> DefaultScope {71D49EE1-5299-4D9B-8BE9-D1F791C7DE0F} URL =
SearchScopes: HKU\S-1-5-21-3231952856-1019465751-811631384-1001 -> {71D49EE1-5299-4D9B-8BE9-D1F791C7DE0F} URL =
FirewallRules: [{35F519DA-BB7B-4286-8229-3C4410219830}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe => No File

EmptyTemp:

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.

Adamkek343 · #9 Příspěvek od **Adamkek343** » 05 pro 2021 13:38

Problém je vyřešen :?

#10 Příspěvek od **Rudy** » 05 pro 2021 15:25

Omluva za vstup. Adamkek343: proč přispíváte do cizího vlákna?

cudla11 · #11 Příspěvek od **cudla11** » 14 led 2022 13:17

Fix result of Farbar Recovery Scan Tool (x64) Version: 10-01-2022 01
Ran by Petr (14-01-2022 13:07:00) Run:1
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-09-27] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3231952856-1019465751-811631384-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Petr\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3231952856-1019465751-811631384-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Petr\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3231952856-1019465751-811631384-1001\...\RunOnce: [Uninstall 21.205.1003.0003] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Petr\AppData\Local\Microsoft\OneDrive\21.205.1003.0003" (No File)
HKU\S-1-5-21-3231952856-1019465751-811631384-1001\...\Policies\Explorer: []
HKU\S-1-5-21-3231952856-1019465751-811631384-1001\...\MountPoints2: {44e139bf-6e57-11ea-90ba-482ae369c4f1} - "F:\Setup.exe"
HKU\S-1-5-21-3231952856-1019465751-811631384-1001\...\Winlogon: [Shell] %comspec% <==== ATTENTION
HKU\S-1-5-21-3231952856-1019465751-811631384-1001\...\Command Processor: @mode 20,5 & tasklist /FI "IMAGENAME eq SoundMixer.exe" 2>NUL | find /I /N "SoundMixer.exe">NUL && exit & if exist "C:\Users\Petr\AppData\Roaming\Microsoft\SoundMixer\SoundMixer.exe" ( start /MIN "" "C:\Users\Petr\AppData\Roaming\Microsoft\SoundMixer\SoundMixer.exe" & tasklist /FI "IMAGENAME eq explorer.exe" 2>NUL | find /I /N "explorer.exe">NUL && exit & explorer.exe & exit ) else ( tasklist /FI "IMAGENAME eq explorer.exe" 2>NUL | find /I /N "explorer.exe">NUL && exit & explorer.exe & exit ) <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {035626BA-DDB6-44EA-983F-C52E361E5E71} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {1114ECD3-C2DC-47F5-B906-A4878371B383} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {1D1E8270-568C-424E-AF6E-573E220722F2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2020-03-16] (Google Inc -> Google Inc.)
Task: {38160384-2101-4AC1-9A6B-EF6D21CD5B1F} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {5E002965-0B4E-4103-8D05-F916DE83C85A} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (No File)
Task: {5FB4FC86-94F6-433B-BBAA-DBFE5814D89E} - \Lenovo\ImController\TimeBasedEvents\cc8204f8-1cc9-48cc-8267-a2e231e3e686 -> No File <==== ATTENTION
Task: {704BC693-9043-451E-8659-B3B847DCD0E0} - \Lenovo\ImController\TimeBasedEvents\5c6403db-d6bb-4940-8b59-260e6ccf0f02 -> No File <==== ATTENTION
Task: {76169FEC-E762-4F57-9CAC-B93B9C4B2BBA} - \Lenovo\ImController\TimeBasedEvents\6fd26c46-2f3b-4600-8dfa-c086bc523259 -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\EPSON XP-900 Series Update {1D34E24D-3602-4463-BC8C-53017AC68CA0}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSRGE.EXE:/EXE:{1D34E24D-3602-4463-BC8C-53017AC68CA0}
Task: {F3C24662-D61E-4B52-BF8A-C50C76D21B10} - \Lenovo\ImController\TimeBasedEvents\68175150-dd36-4303-8d1e-16792d6bb5cc -> No File <==== ATTENTION
Task: {A01FF9E2-356D-457F-BF45-EC271656AFDD} - \Lenovo\ImController\TimeBasedEvents\f5987ff6-3fcb-4634-85a8-d59f18d78cef -> No File <==== ATTENTION
Task: {BD3372F3-02E8-4230-97E9-6EBDDA65E14F} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
FF NewTab: Mozilla\Firefox\Profiles\gc13wse2.default -> hxxps://securesearch.org/homepage?hp=2&pId=BT170603&iDate=2020-09-25 10:30:14&bName=
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\h0hpy4yt.default-release [2021-11-07]
FF Homepage: Mozilla\Firefox\Profiles\h0hpy4yt.default-release -> www.seznam.cz
FF NewTab: Mozilla\Firefox\Profiles\h0hpy4yt.default-release -> hxxps://securesearch.org/homepage?hp=2&pId=BT170603&iDate=2020-09-25 10:30:14&bName=
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
S2 ImControllerService; %SystemRoot%\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [X]
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
S1 ecqywhrp; \??\C:\WINDOWS\system32\drivers\ecqywhrp.sys [X]
CustomCLSID: HKU\S-1-5-21-3231952856-1019465751-811631384-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll -> No File
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll -> No File
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-03-25] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx_108.dll [2020-08-04] (Free Time) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll -> No File
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3231952856-1019465751-811631384-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=BT170603&iDate=2020-09-25 10:30:14&bName=
HKU\S-1-5-21-3231952856-1019465751-811631384-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-3231952856-1019465751-811631384-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-3231952856-1019465751-811631384-1001 -> DefaultScope {71D49EE1-5299-4D9B-8BE9-D1F791C7DE0F} URL =
SearchScopes: HKU\S-1-5-21-3231952856-1019465751-811631384-1001 -> {71D49EE1-5299-4D9B-8BE9-D1F791C7DE0F} URL =
FirewallRules: [{35F519DA-BB7B-4286-8229-3C4410219830}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe => No File

EmptyTemp:

*****************

Processes closed successfully.
Restore point was successfully created.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
"HKU\S-1-5-21-3231952856-1019465751-811631384-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Delete Cached Update Binary" => not found
"HKU\S-1-5-21-3231952856-1019465751-811631384-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Delete Cached Standalone Update Binary" => not found
"HKU\S-1-5-21-3231952856-1019465751-811631384-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall 21.205.1003.0003" => not found
"HKU\S-1-5-21-3231952856-1019465751-811631384-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => removed successfully
HKU\S-1-5-21-3231952856-1019465751-811631384-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{44e139bf-6e57-11ea-90ba-482ae369c4f1} => removed successfully
"HKU\S-1-5-21-3231952856-1019465751-811631384-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell" => removed successfully
"HKU\S-1-5-21-3231952856-1019465751-811631384-1001\Software\Microsoft\Command Processor\\AutoRun" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{035626BA-DDB6-44EA-983F-C52E361E5E71}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{035626BA-DDB6-44EA-983F-C52E361E5E71}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1114ECD3-C2DC-47F5-B906-A4878371B383}" => not found
C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1D1E8270-568C-424E-AF6E-573E220722F2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1D1E8270-568C-424E-AF6E-573E220722F2}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{38160384-2101-4AC1-9A6B-EF6D21CD5B1F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{38160384-2101-4AC1-9A6B-EF6D21CD5B1F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Monitor" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5E002965-0B4E-4103-8D05-F916DE83C85A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5E002965-0B4E-4103-8D05-F916DE83C85A}" => removed successfully
C:\WINDOWS\System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5FB4FC86-94F6-433B-BBAA-DBFE5814D89E}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\cc8204f8-1cc9-48cc-8267-a2e231e3e686" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{704BC693-9043-451E-8659-B3B847DCD0E0}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\5c6403db-d6bb-4940-8b59-260e6ccf0f02" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{76169FEC-E762-4F57-9CAC-B93B9C4B2BBA}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\6fd26c46-2f3b-4600-8dfa-c086bc523259" => not found
C:\WINDOWS\Tasks\EPSON XP-900 Series Update {1D34E24D-3602-4463-BC8C-53017AC68CA0}.job => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3C24662-D61E-4B52-BF8A-C50C76D21B10}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\68175150-dd36-4303-8d1e-16792d6bb5cc" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A01FF9E2-356D-457F-BF45-EC271656AFDD}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\f5987ff6-3fcb-4634-85a8-d59f18d78cef" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BD3372F3-02E8-4230-97E9-6EBDDA65E14F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BD3372F3-02E8-4230-97E9-6EBDDA65E14F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance" => removed successfully
"Firefox newtab" => removed successfully
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\h0hpy4yt.default-release => moved successfully
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\h0hpy4yt.default-release => path removed successfully
"FF Homepage: Mozilla\Firefox\Profiles\h0hpy4yt.default-release -> www.seznam.cz" => not found
"FF NewTab: Mozilla\Firefox\Profiles\h0hpy4yt.default-release -> hxxps://securesearch.org/homepage?hp=2&pId=BT170603&iDate=2020-09-25 10:30:14&bName=" => not found
HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect => removed successfully
HKLM\System\CurrentControlSet\Services\ImControllerService => removed successfully
ImControllerService => service removed successfully
WdNisDrv => Unable to stop service.
HKLM\System\CurrentControlSet\Services\WdNisDrv => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\ecqywhrp => removed successfully
ecqywhrp => service removed successfully
HKU\S-1-5-21-3231952856-1019465751-811631384-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => could not remove, key could be protected
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\avast => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => could not remove, key could be protected
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00asw => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => could not remove, key could be protected
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\DaemonShellExtImageLite => removed successfully
HKLM\Software\Classes\CLSID\{1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\FormatFactoryShell => removed successfully
HKLM\Software\Classes\CLSID\{A3888923-CFD3-4A6B-89BF-08E6B95716E8} => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\avast => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => could not remove, key could be protected
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKU\S-1-5-21-3231952856-1019465751-811631384-1001\Software\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKU\S-1-5-21-3231952856-1019465751-811631384-1001\Software\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
"HKU\S-1-5-21-3231952856-1019465751-811631384-1001\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages" => removed successfully
"HKU\S-1-5-21-3231952856-1019465751-811631384-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-3231952856-1019465751-811631384-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{71D49EE1-5299-4D9B-8BE9-D1F791C7DE0F} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{35F519DA-BB7B-4286-8229-3C4410219830}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 172978438 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 9825680 B
Edge => 8192 B
Chrome => 815719 B
Firefox => 1084689658 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 151368 B
Petr => 197842351 B

RecycleBin => 0 B
EmptyTemp: => 1.4 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 14-01-2022 13:09:12)

Result of scheduled keys to remove after reboot:

HKLM\System\CurrentControlSet\Services\WdNisDrv => could not remove, key could be protected
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => could not remove, key could be protected
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => could not remove, key could be protected
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => could not remove, key could be protected
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => could not remove, key could be protected

==== End of Fixlog 13:09:12 ====

#12 Příspěvek od **Diallix** » 18 led 2022 06:18

Poprosím o nové lohy FRST + ADDITION.

VIRY.CZ

Prosím kontrolu logu

Prosím kontrolu logu

Re: Prosím kontrolu logu

Re: Prosím kontrolu logu

Re: Prosím kontrolu logu

Re: Prosím kontrolu logu

Re: Prosím kontrolu logu

Re: Prosím kontrolu logu

Re: Prosím kontrolu logu

Re: Prosím kontrolu logu

Re: Prosím kontrolu logu

Re: Prosím kontrolu logu

Re: Prosím kontrolu logu