Můj Lenovo Legion notebook se začal chovat divně a prosím tedy o kontrolu logů, zda nenarazíte na nějaký problém. Po spuštění se naplno roztočí ventilátor, jako by byl notebook vytížen, nicméně jsou (alespoň na první pohled) spuštěné pouze Windows a pár základních utilit. Velmi zvláštní je, že se ventilátor (a tím asi i zatížení) uklidní poté, co spustím Správce úloh.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-12-2022
Ran by MARRA (administrator) on MARRA-LEGION (LENOVO 81Y6) (13-12-2022 13:29:05)
Running from C:\Users\MARRA\Downloads
Loaded Profiles: MARRA
Platform: Microsoft Windows 11 Pro Version 22H2 22623.1028 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(DeviceSettingsSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(LenovoGamingSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(LenovoServiceBridgeAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(MultimediaAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files (x86)\Stardock\Start11\Start11Srv.exe ->) (STARDOCK SYSTEMS, INC. -> Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start11\Start11_64.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe <2>
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <3>
(DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxEM.exe
(DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_925ded1d9428eaee\DAX3API.exe ->) (Dolby Laboratories, Inc. -> ) C:\ProgramData\Dolby\DAX3\RADARHOST\DSRHost.exe
(DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_925ded1d9428eaee\DAX3API.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~1.INF\DAX3API.exe
(DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_da914fb427b10059\LenovoUtilityService.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_da914fb427b10059\FnHotkeyUtility.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\68.0.2.0\crashpad_handler.exe <2>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <27>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_925ded1d9428eaee\DAX3API.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_3de4831720bb2934\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_9cf4db1a1fd1b22d\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a953cebc2f0daf9c\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a953cebc2f0daf9c\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_0b214be229a13e84\jhi_service.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_da914fb427b10059\LenovoUtilityService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\Sgrm\SgrmBroker.exe
(services.exe ->) (Native Instruments GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvltig.inf_amd64_03e937c3da958a25\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgc.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(services.exe ->) (SIA AVB Disc Soft -> Disc Soft Ltd) C:\Program Files\reWASD\reWASDService.exe
(services.exe ->) (Software602 a.s. -> Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(services.exe ->) (STARDOCK SYSTEMS, INC. -> Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start11\Start11Srv.exe
(svchost.exe ->) (Infatica pte ltd -> ) C:\Program Files (x86)\Infatica P2B\infatica-service-app.exe
(svchost.exe ->) (IObit CO., LTD -> IObit) C:\Program Files (x86)\Driver Booster\Scheduler.exe
(svchost.exe ->) (Microsoft Corporation) [File not signed] C:\Users\MARRA\AppData\Roaming\Spotify\Apps\AXKTTYFUADTDRMOT.exe <4>
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22102.213.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_422.33900.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
(svchost.exe ->) (OORT Inc. -> oh!soft) C:\Program Files (x86)\oCam\oCamTask.exe
(svchost.exe ->) (WhatsApp Inc.) C:\Program Files\WindowsApps\5319275A.51895FA4EA97F_2.2249.2.0_x64__cv1g1gvanyjgm\WhatsApp.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1084704 2020-05-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3183328 2021-11-30] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [MFNetworkScannerSelector] => C:\Program Files\Canon\Canon MF Network Scanner Selector\CMFNSS6.EXE [459904 2018-01-30] (CANON INC. -> CANON INC.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2022-12-12] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2022-12-12] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\MARRA\AppData\Local\WebEx\WebexHost.exe [7803680 2022-07-14] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2022-12-12] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [7223248 2022-11-14] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2022-12-12] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\CnXP0PP: C:\Windows\System32\spool\prtprocs\x64\CnXP0PP.DLL [655360 2021-04-13] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon MFNP Port: C:\Windows\system32\CNCENPM6.dll [153088 2018-01-29] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\CPCA Language Monitor3b: C:\Windows\system32\CNAS0MOK.DLL [1282048 2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\CPCA Language Monitor4: C:\Windows\system32\CNAS0MPK.DLL [1784320 2021-04-07] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Software602 XPS port monitor: C:\Windows\system32\602localmon.dll [47896 2021-09-23] (Software602 a.s. -> Windows (R) Win 7 DDK provider)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\108.0.5359.99\Installer\chrmstp.exe [2022-12-09] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\Users\MARRA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RuntimeBroker.lnk [2021-11-07]
ShortcutTarget: RuntimeBroker.lnk -> C:\Users\MARRA\AppData\Roaming\Corel User Preferences\Backup files\CorelDRAW Graphics Suite 2021.exe (No File)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0600DD45-FAF2-4131-A006-0B17509B9F78} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\sc.exe start InventorySvc
Task: {063E2175-10DE-480B-B453-7E1F7268A2F9} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {0640839D-ED74-496F-89A9-36EE7AEB2C00} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\8d221ea5-137e-4eea-8a8b-ae1eb2a37bd7 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {07C81256-313A-4394-8180-E802400F0B33} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {0A16CAE1-7947-4C09-90F4-61955828B3A3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26308528 2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {0A4DD3DB-0FF4-4502-AA0B-93E1E65BDE7F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26308528 2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {0DBE9974-68F4-405B-8F6C-A7774AEA1E25} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [64256 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {1AE598B5-7473-4E74-9056-68B4C6A01DA8} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\f36d665d-bb0f-427d-a907-ab34480f66be => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {1D5B83E5-9322-456C-B634-5BB0F00FA801} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {22D10638-6750-4BB5-A974-C355D4D1277A} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2113024 2022-11-12] () [File not signed]
Task: {2D239381-326E-456A-8C90-0266F86845A9} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908856 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {368B8E03-73E8-4971-8D80-980648A604C5} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {39D76B9C-1E4F-4101-AAAB-A2F09167DD5F} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {4972FFD7-36DB-4F9B-B365-8EE70D43285F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4D3144BA-EF72-4CE3-857D-85B3B142C07D} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\3d19a378-329a-4d71-a5ac-95067ac458db => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {50044330-C124-441B-8E96-E221B503A05E} - System32\Tasks\Driver Booster SkipUAC (MARRA) => C:\Program Files (x86)\Driver Booster\DriverBooster.exe [8645120 2022-02-22] (IObit) [File not signed]
Task: {511911D9-79C4-4CB8-92D5-BFE611C9BB9D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144256 2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {54A5869E-13BB-4FA2-BA99-4AC65BDA6A87} - System32\Tasks\Canon\OIPPESP\Canon OIP Product Extended Survey Program => C:\Program Files\Canon\OIPPESP\Cnpspcnt.exe [1826264 2020-07-29] (CANON INC. -> CANON INC.) -> /Config:"C:\Program Files\Canon\OIPPESP\CnpspCfg.xml"
Task: {65A08212-014C-4BFA-9DA8-878A11D28169} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {7389EAC4-87D2-4DE7-B2E5-99216CC425EC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8509392 2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {74A0949D-CFF2-43E9-94DC-0487FB28B188} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {74F497D4-26F7-4076-B163-6795D5628A1B} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {7748CAAC-9D70-4BCC-BD8E-49F1AFBB849C} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {7A97D391-7842-4D68-B1CC-A754C7376E53} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {7EA41311-35A4-412A-B5B8-8F7FA6D0BC50} - System32\Tasks\infatica_p2b => C:\Program Files (x86)\Infatica P2B\infatica-service-app.exe [20072 2021-12-04] (Infatica pte ltd -> )
Task: {817EEC8F-623C-49CC-AEBD-0A2A50FA63E4} - System32\Tasks\infatica_p2b_expire => C:\Program Files (x86)\Infatica P2B\unins000.exe [1202329 2022-11-28] () [File not signed]
Task: {85E021BD-E504-4271-B13C-ADDEEA47F2FD} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => C:\WINDOWS\system32\MusNotification.exe /RunOnBattery ReadyToReboot (No File)
Task: {87ED0DB6-478D-4570-AD26-84887995336D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-11-07] (Google LLC -> Google LLC)
Task: {895ED478-B315-48BC-9D08-CC55568B9B93} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [149280 2022-09-23] (Lenovo -> Lenovo Group Ltd.)
Task: {8C82D4DB-625C-4DB9-955C-8DCC6E0587F6} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908856 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {8F7690D6-5913-47A0-91B4-02436CA82158} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\Driver Booster\AutoUpdate.exe [135704 2022-01-06] (IObit CO., LTD -> IObit)
Task: {9191F6E0-C833-4647-A738-73020A5F4819} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {925B9440-0D9A-4ED2-9AD6-2BB63FEA6635} - System32\Tasks\oCamTask => C:\Program Files (x86)\oCam\oCamTask.exe [156344 2021-06-17] (OORT Inc. -> oh!soft)
Task: {95FF1379-1F33-482C-945C-6E9155CA0085} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9C9BD1A4-013B-47E5-9CE0-B25A2C7273D7} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {9CD4822C-3D07-4C2E-8E43-AE5B5CACEF9F} - System32\Tasks\Lenovo\Vantage\Schedule\SettingsWidgetAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {A5E090A5-D0D0-4CA8-91C1-8BC48EAE063A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A9F95339-4BFB-4589-B85B-127D741446CF} - System32\Tasks\Microsoft\Windows\PI\SecureBootEncodeUEFI => C:\WINDOWS\system32\SecureBootEncodeUEFI.exe [94208 2022-10-03] (Microsoft Windows -> )
Task: {B0332532-9FE3-41F6-B23A-819CEBC0C864} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {C07A0098-27B0-443A-AE63-A48D6211BCD2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8509392 2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {C4C3A925-208D-41C0-8EB9-771D8579E073} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {C7F6C0A1-251E-4776-8220-A07CF1A26241} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [146816 2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {D274D3C0-AE7D-4306-BD23-BFD529F04220} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [28048 2022-05-19] (Garmin International, Inc. -> )
Task: {D3F771E7-01D7-4A4E-9637-A8F4DFDC771E} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\WINDOWS\system32\MusNotification.exe /RunOnAC ReadyToReboot (No File)
Task: {D51E7714-9273-41B0-82E3-40D5DE26F0BD} - System32\Tasks\CorelUpdateHelperTaskCore => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3573024 2020-01-14] (Corel Corporation -> Corel Corporation)
Task: {DF828C33-5812-45FD-B6DC-B726522D1D3F} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\f1c9a118-531f-4d6b-8958-57b544692779 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File)
Task: {E3E2803A-7FCB-42A7-85B4-6B19ED9A9739} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\Driver Booster\Scheduler.exe [156696 2022-01-20] (IObit CO., LTD -> IObit)
Task: {E52759F0-C04F-4A23-8379-2889D71A5BFD} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NoUACCheck
Task: {EA224208-6F03-4B8D-B5B4-8B153DB2681B} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {EAA1E4D0-5B95-4582-A6B0-DFCFC5DF7E68} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-08-30] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {EDA87CBC-EE19-44FC-A100-1FF430958E1A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {EDDBCE98-036E-4C37-9D2C-0B6C32420398} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\0cc6debf-8004-480a-8700-252bd030c133 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {F4FB9E57-8D1F-4248-8B9A-C2D547461A9D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-11-07] (Google LLC -> Google LLC)
Task: {F5D796D2-A32D-4ED0-8F79-461A806C0856} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2022-10-17] (Nvidia Corporation -> NVIDIA Corporation)
Task: {F5FE27CF-8412-4EAD-82D4-5112A1931EDE} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {FA6A80FA-AAB1-48B0-9498-0A9776CE4ACF} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144256 2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {FB477F27-EF83-42A7-A3BF-E62D4AFAF9ED} - System32\Tasks\AXKTTYFUADTDRMOT_run => C:\Users\MARRA\AppData\Roaming\Spotify\Apps\AXKTTYFUADTDRMOT.exe [69632 2022-04-14] (Microsoft Corporation) [File not signed]
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.37.37
Tcpip\..\Interfaces\{4fbf3329-0b7b-4878-b3eb-5f32f3d9d09e}: [DhcpNameServer] 192.168.37.37
Tcpip\..\Interfaces\{9aa5d1b5-8a72-42db-8483-00b8aeaa47ad}: [DhcpNameServer] 192.168.37.37
Edge:
=======
Edge Profile: C:\Users\MARRA\AppData\Local\Microsoft\Edge\User Data\Default [2022-08-01]
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2018-01-08] (Software602 a.s. -> Software602 a.s.)
Chrome:
=======
CHR Profile: C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default [2022-12-13]
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://meet.google.com; hxxps://svetzitrka.eu.teamwork.com
CHR Extension: (Dark Theme for Google Chrome) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\annfbnbieaamhaimclajlajpijgkdblo [2022-02-09]
CHR Extension: (Tampermonkey) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2022-11-29]
CHR Extension: (Copyfish
Free OCR Software) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\eenjdnjldapjajjofmldgmkjaienebbj [2022-08-17]CHR Extension: (Samsung Internet) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\epejdmjgfibjaffbmojllapapjejipkh [2022-11-16]
CHR Extension: (Surfer) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\faapilcgnafanfcdhlkjijhoimmlhmjn [2022-09-07]
CHR Extension: (Weebly Dashboard Extension) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkhpeihpgdipchpfmddkfcigllaaiaki [2021-11-07]
CHR Extension: (Chain Reaction) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gemgfpodpjapjhfohdlibagceiknakpa [2021-11-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-30]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-12-01]
CHR Extension: (Bitly | Short links and QR Codes) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\iabeihobmhlgpkcgjiloemdbofjbdcic [2022-12-07]
CHR Extension: (Apex Screen Recorder & Screenshot Master) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkkmokkmlbkkgdnkkancbonkbbmkioc [2022-10-07]
CHR Extension: (WhatFont) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2021-11-07]
CHR Extension: (Cisco Webex Extension) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2022-07-23]
CHR Extension: (View image) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpcmhcelnjdmblfmjabdeclccemkghjk [2022-06-15]
CHR Extension: (Chrome Audio Capture) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfokdmfpdnokpmpbjhjbcabgligoelgp [2022-01-08]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2022-02-23]
CHR Extension: (Kontrola e-mailu Google) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2021-11-07]
CHR Extension: (Clipt) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpicahlgepngcpigiiebnheihgbaenh [2022-06-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-07]
CHR Extension: (Hlídač Shopů) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlonggbfebcjelncogcnclagkmkikk [2022-11-25]
CHR Profile: C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-03-04]
CHR Profile: C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\System Profile [2022-03-04]
CHR HKU\S-1-5-21-590153330-3484553050-3099931381-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s. -> Software602 a.s.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12544456 2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
R2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_925ded1d9428eaee\DAX3API.exe [2205144 2020-12-22] (Dolby Laboratories, Inc. -> Dolby Laboratories)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2021-10-01] (Epic Games Inc. -> Epic Games, Inc.)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [390400 2020-05-22] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
S2 IntelAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_5a9d4e2af428d38d\\AS\\IAS\\IntelAudioService.exe [412160 ] (Intel Corporation -> Intel)
S3 InventorySvc; C:\WINDOWS\system32\inventorysvc.dll [304480 2022-07-20] (Microsoft Windows -> Microsoft Corporation)
R2 LenovoFnAndFunctionKeys; C:\WINDOWS\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_da914fb427b10059\LenovoUtilityService.exe [245968 2022-11-13] (Lenovo -> Lenovo(beijing) Limited)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\\3.13.43.0\LenovoVantageService.exe [32464 ] (Lenovo -> Lenovo Group Ltd.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2563288 2022-02-22] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3481824 2022-02-22] (Electronic Arts, Inc. -> Electronic Arts)
R2 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 reWASDService; C:\Program Files\reWASD\reWASDService.exe [2676472 2021-12-15] (SIA AVB Disc Soft -> Disc Soft Ltd)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [249344 2022-11-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SgrmBroker; C:\WINDOWS\system32\Sgrm\SgrmBroker.exe [414632 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2021-06-23] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [920768 2021-06-23] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 Start11; C:\Program Files (x86)\Stardock\Start11\Start11Srv.exe [251240 2022-10-18] (STARDOCK SYSTEMS, INC. -> Stardock Software, Inc)
R2 TextInputManagementService; C:\WINDOWS\System32\TabSvc.dll [266240 2022-07-20] (Microsoft Windows -> Microsoft Corporation)
R2 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10429808 2021-11-30] (Riot Games, Inc. -> Riot Games, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WsaService; C:\Program Files\WindowsApps\MicrosoftCorporationII.WindowsSubsystemForAndroid_2211.40000.7.0_x64__8wekyb3d8bbwe\WsaService\WsaService.exe [273408 2022-12-08] () [File not signed]
R3 wuauserv; C:\WINDOWS\system32\wuauserv.dll [137560 2022-11-29] (Microsoft Windows -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvltig.inf_amd64_03e937c3da958a25\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvltig.inf_amd64_03e937c3da958a25\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ApkbfiltrService; C:\WINDOWS\System32\drivers\Apkbfiltr.sys [39760 2022-05-11] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
R2 bfs; C:\WINDOWS\system32\drivers\bfs.sys [91504 2022-07-20] (Microsoft Windows -> Microsoft Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 FFUsbAudio; C:\WINDOWS\System32\drivers\ffusbaudio.sys [53080 2011-10-31] (Focusrite Audio Engineering Limited -> Focusrite Audio Engineering Ltd.)
R0 fse; C:\WINDOWS\System32\drivers\fse.sys [218456 2022-10-11] (Microsoft Windows -> Microsoft Corporation)
S0 GenPass; C:\WINDOWS\System32\DriverStore\FileRepository\genpass.inf_amd64_bef88a423225ecdc\genpass.sys [62800 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R0 hidgamemap; C:\WINDOWS\System32\drivers\hidgamemap.sys [344784 2021-12-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 ITEHIDfilter; C:\WINDOWS\System32\drivers\ITEHIDfilter.sys [28104 2022-05-11] (ITE Tech. Inc. -> ITE Tech. Inc.)
S3 kf1avs; C:\WINDOWS\System32\Drivers\kf1avs.sys [357968 2011-09-15] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH)
S3 kf1usb_svc; C:\WINDOWS\System32\Drivers\kf1usb.sys [47696 2011-09-15] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH)
R3 MpKsl02528c0b; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0864BB94-9874-421D-807D-EA7FDF303831}\MpKslDrv.sys [214280 2022-12-13] (Microsoft Windows -> Microsoft Corporation)
S3 niks4m3audio; C:\WINDOWS\System32\Drivers\niks4m3audio.sys [354248 2018-06-28] (Native Instruments GmbH -> Native Instruments GmbH)
S3 niks4m3bd; C:\WINDOWS\System32\drivers\niks4m3bd.sys [35712 2018-10-22] (Native Instruments GmbH -> Native Instruments GmbH)
S3 niks4m3dfu; C:\WINDOWS\System32\drivers\niks4m3dfu.sys [39840 2018-10-22] (Native Instruments GmbH -> Native Instruments GmbH)
S3 niks4m3usb; C:\WINDOWS\System32\drivers\niks4m3usb.sys [75160 2018-06-28] (Native Instruments GmbH -> Native Instruments GmbH)
S3 nita6audio; C:\WINDOWS\System32\Drivers\nita6audio.sys [372608 2015-09-04] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH)
S3 nita6usb; C:\WINDOWS\system32\DRIVERS\nita6usb.sys [95592 2015-09-04] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
S0 pvscsi; C:\WINDOWS\System32\drivers\pvscsii.sys [45408 2022-05-07] (Microsoft Windows -> VMware, Inc.)
S3 RoutePolicy; C:\WINDOWS\System32\drivers\RoutePolicy.sys [98304 2022-05-07] (Microsoft Windows -> )
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [27744 2021-03-09] (Daniel Terhell -> Resplendence Software Projects Sp.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8480608 2021-11-29] (Riot Games, Inc. -> Riot Games, Inc.)
S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [94208 2022-05-07] (Microsoft Windows -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2022-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [473376 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99616 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
R2 wtd; C:\WINDOWS\System32\drivers\wtd.sys [118784 2022-11-08] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-12-13 13:29 - 2022-12-13 13:29 - 000728484 _____ C:\WINDOWS\system32\perfh005.dat
2022-12-13 13:29 - 2022-12-13 13:29 - 000151700 _____ C:\WINDOWS\system32\perfc005.dat
2022-12-13 13:29 - 2022-12-13 13:29 - 000042865 _____ C:\Users\MARRA\Downloads\FRST.txt
2022-12-13 13:28 - 2022-12-13 13:29 - 000000000 ____D C:\FRST
2022-12-13 13:27 - 2022-12-13 13:27 - 002375680 _____ (Farbar) C:\Users\MARRA\Downloads\FRST64.exe
2022-12-13 13:27 - 2022-12-13 13:27 - 002375680 _____ (Farbar) C:\Users\MARRA\Downloads\FRST64 (1).exe
2022-12-13 13:16 - 2022-12-13 13:16 - 008753904 _____ (Lenovo Group Limited ) C:\Users\MARRA\Downloads\efcn57ww.exe
2022-12-13 12:48 - 2022-12-13 12:48 - 000620355 _____ C:\Users\MARRA\Downloads\DrazebnivyhlaskaNVelektronickadrazba(1.kolo)20221026104244.pdf
2022-12-13 12:48 - 2022-12-13 12:48 - 000170903 _____ C:\Users\MARRA\Downloads\0900533208.pdf
2022-12-13 12:47 - 2022-12-13 12:47 - 000489871 _____ C:\Users\MARRA\Downloads\Drazebnivyhlaskaelektronicka2013[signed][signed].pdf
2022-12-10 03:22 - 2022-12-10 03:22 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_nita6usb_01011.Wdf
2022-12-08 09:49 - 2022-12-08 09:49 - 012453928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 010220584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 006514440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 005891112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 005856792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 005816296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 003334696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 002237000 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-12-08 09:49 - 2022-12-08 09:49 - 002237000 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-12-08 09:49 - 2022-12-08 09:49 - 002163752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 001642600 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-12-08 09:49 - 2022-12-08 09:49 - 001642600 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-12-08 09:49 - 2022-12-08 09:49 - 001619984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 001531896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 001444424 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 001444424 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 001227304 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 001191960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 001168992 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 001168992 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 000949736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 000853544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-12-08 09:49 - 2022-12-08 09:49 - 000851984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 000737784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-12-08 09:49 - 2022-12-08 09:49 - 000734720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 000673320 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 000506872 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 000457752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-12-08 09:49 - 2022-12-08 09:49 - 000100741 _____ C:\WINDOWS\system32\nvinfo.pb
2022-12-08 09:47 - 2022-12-08 09:47 - 017388440 _____ C:\WINDOWS\system32\RsEyeContactCorrection_Assets.dll
2022-12-08 09:47 - 2022-12-08 09:47 - 015824792 _____ C:\WINDOWS\system32\RsDMFT_Assets.dll
2022-12-08 09:47 - 2022-12-08 09:47 - 013414320 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RsDMFT64.dll
2022-12-08 09:47 - 2022-12-08 09:47 - 001185640 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2022-12-07 15:28 - 2022-12-07 15:28 - 000016533 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-12-07 15:27 - 2022-12-07 15:27 - 000000000 ___HD C:\$WinREAgent
2022-12-05 23:20 - 2022-12-05 23:27 - 009959556 _____ C:\Users\MARRA\Downloads\dj-profilovka_VRSTVY.psd
2022-12-05 23:05 - 2022-12-05 23:07 - 112431604 _____ C:\Users\MARRA\Downloads\A3_plakat_zijuhudbou.psd
2022-12-05 01:11 - 2022-12-05 01:13 - 000897445 _____ C:\Users\MARRA\Downloads\Stanoveni Usekove mereni (1).pdf
2022-12-04 21:53 - 2022-12-04 21:53 - 000365566 _____ C:\Users\MARRA\Downloads\CJUZSVM_BUH_5637_2022BUHM(1).pdf
2022-12-04 21:52 - 2022-12-04 21:52 - 000105623 _____ C:\Users\MARRA\Downloads\Stanoveni minimalniho poctu clenu okrskove volebni komise.pdf
2022-12-04 21:51 - 2022-12-04 21:51 - 000897445 _____ C:\Users\MARRA\Downloads\Stanoveni Usekove mereni.pdf
2022-12-04 21:50 - 2022-12-04 21:50 - 000100444 _____ C:\Users\MARRA\Downloads\Informace o poctu a sidle volebnich okrsku.pdf
2022-12-04 21:49 - 2022-12-04 21:50 - 001901798 _____ C:\Users\MARRA\Downloads\Zamer mesta na najem v k.u. Uhersky Brod.pdf
2022-12-04 00:55 - 2022-12-04 00:55 - 000000000 ____D C:\Users\MARRA\Documents\Špajza
2022-12-04 00:51 - 2022-12-04 00:51 - 000496110 _____ C:\Users\MARRA\Downloads\20220310102156.pdf
2022-11-28 23:27 - 2022-11-28 23:27 - 000003390 _____ C:\WINDOWS\system32\Tasks\infatica_p2b_expire
2022-11-28 23:27 - 2022-11-28 23:27 - 000003300 _____ C:\WINDOWS\system32\Tasks\klcp_update
2022-11-28 23:27 - 2022-11-28 23:27 - 000003292 _____ C:\WINDOWS\system32\Tasks\infatica_p2b
2022-11-28 23:27 - 2022-11-28 23:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2022-11-28 23:27 - 2022-11-28 23:27 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2022-11-28 23:27 - 2022-11-28 23:27 - 000000000 ____D C:\Program Files (x86)\Infatica P2B
2022-11-28 23:27 - 2019-12-28 11:00 - 000784384 _____ C:\WINDOWS\system32\xvidcore.dll
2022-11-28 23:27 - 2019-12-28 11:00 - 000681984 _____ C:\WINDOWS\SysWOW64\xvidcore.dll
2022-11-28 23:27 - 2019-12-28 11:00 - 000310784 _____ C:\WINDOWS\system32\xvidvfw.dll
2022-11-28 23:27 - 2019-12-28 11:00 - 000284160 _____ C:\WINDOWS\SysWOW64\xvidvfw.dll
2022-11-28 23:27 - 2017-07-30 12:50 - 003850240 _____ (x264vfw project) C:\WINDOWS\SysWOW64\x264vfw.dll
2022-11-28 23:27 - 2017-07-30 12:50 - 003799552 _____ (x264vfw project) C:\WINDOWS\system32\x264vfw64.dll
2022-11-28 23:27 - 2012-07-21 12:55 - 000180736 _____ (fccHandler) C:\WINDOWS\system32\ac3acm.acm
2022-11-28 23:27 - 2012-07-21 12:54 - 000122880 _____ (fccHandler) C:\WINDOWS\SysWOW64\ac3acm.acm
2022-11-28 23:27 - 2011-12-07 19:37 - 000148992 _____ ( ) C:\WINDOWS\system32\lagarith.dll
2022-11-28 23:27 - 2011-12-07 19:32 - 000216064 _____ ( ) C:\WINDOWS\SysWOW64\lagarith.dll
2022-11-28 23:26 - 2022-11-28 23:26 - 061945139 _____ (KLCP ) C:\Users\MARRA\Downloads\K-Lite_Codec_Pack_1730_Mega.exe
2022-11-28 23:23 - 2022-11-28 23:23 - 002379422 _____ C:\Users\MARRA\Downloads\x264vfw_full_44_2851bm_44825.exe
2022-11-25 16:10 - 2022-11-25 16:10 - 002109145 _____ C:\Users\MARRA\Downloads\chytrej výčep prezentace.pdf
2022-11-24 15:59 - 2022-11-24 15:59 - 037433304 _____ C:\WINDOWS\system32\Drivers\Netwfw10.dat
2022-11-24 15:59 - 2022-11-24 15:59 - 005100608 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\Netwtw10.sys
2022-11-24 15:59 - 2022-11-24 15:59 - 001470528 _____ (Intel Corporation) C:\WINDOWS\system32\IntelIHVRouter10.dll
2022-11-23 00:17 - 2022-11-23 00:17 - 000224766 _____ C:\Users\MARRA\Downloads\Koaliční smlouva Napajedla _11.11.2022.pdf
2022-11-20 12:22 - 2022-11-20 12:23 - 060681665 _____ (WarmUpTill ) C:\Users\MARRA\Downloads\advanced-scene-switcher-windows-x64-Installer.exe
2022-11-15 03:23 - 2022-11-15 03:23 - 000017051 _____ C:\Users\MARRA\Downloads\[SkT]Lucky_Louie_(2006)(CZ)_=_CSFD_86%.torrent
2022-11-14 16:49 - 2022-11-14 16:49 - 000000000 ____D C:\Users\MARRA\Documents\Chata
2022-11-14 02:27 - 2022-11-14 02:27 - 000032402 _____ C:\Users\MARRA\Downloads\[SkT]Peaky_Blinders_-_Gangy_z_Birminghamu___Peaky_Blinders_-_1._Serie_(CZ_EN)[1080p]_=_CSFD_91%.torrent
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-12-13 13:29 - 2022-05-14 20:48 - 001718028 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-12-13 13:29 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2022-12-13 13:27 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-12-13 13:24 - 2022-01-19 11:41 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2022-12-13 13:23 - 2021-11-07 02:22 - 000000000 ____D C:\Program Files (x86)\Google
2022-12-13 13:22 - 2021-11-07 02:13 - 000000000 ____D C:\ProgramData\NVIDIA
2022-12-13 13:21 - 2022-05-14 20:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-12-13 13:21 - 2022-05-14 20:34 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2022-12-13 13:21 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState
2022-12-13 13:21 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-12-13 13:21 - 2021-11-07 09:05 - 000012288 ___SH C:\DumpStack.log.tmp
2022-12-13 13:21 - 2021-11-07 02:17 - 000000000 __SHD C:\Users\MARRA\IntelGraphicsProfiles
2022-12-13 13:21 - 2021-11-07 02:16 - 000000000 ____D C:\Intel
2022-12-13 13:17 - 2022-05-07 06:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-12-13 13:16 - 2022-08-03 10:21 - 000000000 ____D C:\WINDOWS\TempInst
2022-12-13 12:02 - 2021-11-08 11:09 - 000000000 ____D C:\Users\MARRA\Documents\1SA
2022-12-13 11:15 - 2022-05-14 20:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-12-13 04:23 - 2021-11-07 14:58 - 000000000 ____D C:\Users\MARRA\AppData\Roaming\AIMP
2022-12-13 01:36 - 2021-12-19 21:00 - 000000000 ____D C:\Users\MARRA\AppData\Roaming\audacity
2022-12-13 01:34 - 2021-11-07 17:44 - 000000871 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2022-12-13 01:34 - 2021-11-07 17:44 - 000000000 ____D C:\Program Files\Audacity
2022-12-12 21:51 - 2021-11-07 18:27 - 000000000 ____D C:\Users\MARRA\AppData\Local\CrashDumps
2022-12-12 17:44 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2022-12-12 17:44 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-12-12 17:39 - 2022-02-23 20:54 - 000002063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2022-12-12 02:03 - 2021-11-08 18:32 - 000000000 ____D C:\Users\MARRA\AppData\Roaming\uTorrent
2022-12-12 02:03 - 2021-11-07 14:52 - 000000000 ____D C:\Users\MARRA\AppData\Roaming\discord
2022-12-12 01:18 - 2021-11-07 14:52 - 000000000 ____D C:\Users\MARRA\AppData\Local\Discord
2022-12-11 00:04 - 2021-11-07 18:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2022-12-11 00:04 - 2021-11-07 18:13 - 000000000 ____D C:\Program Files\Microsoft Office
2022-12-10 16:37 - 2021-11-07 09:05 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-12-09 11:56 - 2021-11-07 09:05 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-12-09 11:54 - 2021-11-09 02:13 - 000000000 ____D C:\Users\MARRA\Documents\FMK
2022-12-09 04:39 - 2021-11-07 02:23 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-12-08 09:49 - 2022-09-17 10:58 - 001487912 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-12-08 09:49 - 2022-05-11 13:08 - 007645912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2022-12-08 08:31 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2022-12-08 02:58 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-12-08 02:03 - 2021-11-07 02:17 - 000000000 ____D C:\Users\MARRA\AppData\Local\Packages
2022-12-07 15:29 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-12-07 15:27 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2022-12-05 23:21 - 2021-11-09 12:57 - 000000000 ____D C:\Users\MARRA\AppData\Local\Adobe
2022-12-04 17:43 - 2021-11-08 00:48 - 000000000 ____D C:\ProgramData\Trackmania
2022-12-04 17:43 - 2021-11-08 00:47 - 000000000 ____D C:\Users\MARRA\Documents\Trackmania
2022-12-04 17:17 - 2021-11-07 23:00 - 000000000 ____D C:\Users\MARRA\AppData\Local\Ubisoft Game Launcher
2022-12-04 16:54 - 2021-11-07 22:40 - 000000000 ____D C:\Users\MARRA\AppData\Roaming\obs-studio
2022-12-04 14:45 - 2021-11-07 14:58 - 000000000 ____D C:\Program Files (x86)\AIMP
2022-12-04 14:16 - 2022-05-11 12:44 - 000018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2022-12-03 22:43 - 2022-09-19 01:15 - 000000440 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2022-11-29 11:44 - 2022-05-14 20:34 - 000408624 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-11-29 04:14 - 2022-05-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-11-29 04:14 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-11-29 04:14 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\UUS
2022-11-29 04:14 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources
2022-11-29 04:14 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemApps
2022-11-29 04:14 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-11-29 04:14 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-11-29 04:14 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\Provisioning
2022-11-29 04:14 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-11-29 02:58 - 2022-05-14 20:34 - 003212288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-11-28 23:27 - 2021-11-30 14:09 - 000000000 ____D C:\Users\MARRA\Documents\Vegas
2022-11-26 22:05 - 2021-11-07 02:17 - 000000000 ____D C:\Users\MARRA\AppData\Local\D3DSCache
2022-11-25 05:17 - 2021-11-07 22:53 - 000000000 ____D C:\Program Files (x86)\Steam
2022-11-24 21:08 - 2021-11-22 17:34 - 000000000 ____D C:\Users\MARRA\Documents\oCam
2022-11-20 12:25 - 2022-10-01 11:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\advanced-scene-switcher
2022-11-20 12:25 - 2021-11-07 22:40 - 000000000 ____D C:\Program Files\obs-studio
2022-11-18 15:10 - 2022-09-12 10:45 - 000000000 ____D C:\Users\MARRA\AppData\Roaming\com.adobe.dunamis
2022-11-18 14:43 - 2022-10-13 12:43 - 000002079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2022-11-18 14:43 - 2022-05-14 20:42 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-11-15 00:37 - 2022-05-14 20:42 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-11-15 00:37 - 2022-05-14 20:42 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
==================== Files in the root of some directories ========
2021-12-15 18:33 - 2022-10-01 10:39 - 000000015 _____ () C:\Users\MARRA\AppData\Roaming\obs-virtualcam.txt
==================== FCheck ================================
(If an entry is included in the fixlist, the file/folder will be moved.)
FCheck: C:\WINDOWS\SysWOW64\version_IObitDel.dll [2022-05-11] <==== ATTENTION (zero byte File/Folder)
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-12-2022
Ran by MARRA (13-12-2022 13:30:33)
Running from C:\Users\MARRA\Downloads
Microsoft Windows 11 Pro Version 22H2 22623.1028 (X64) (2022-05-14 19:42:12)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-590153330-3484553050-3099931381-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-590153330-3484553050-3099931381-503 - Limited - Disabled)
Guest (S-1-5-21-590153330-3484553050-3099931381-501 - Limited - Disabled)
MARRA (S-1-5-21-590153330-3484553050-3099931381-1001 - Administrator - Enabled) => C:\Users\MARRA
WDAGUtilityAccount (S-1-5-21-590153330-3484553050-3099931381-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
8 Ball Pool (HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\com.miniclip.eightballpoolamazon) (Version: 5.9.0 - miniclip.com)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.003.20282 - Adobe)
Adobe Photoshop 2022 (HKLM-x32\...\PHSP_23_2_2) (Version: 23.2.2.325 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Advanced Scene Switcher version 95537f39e44353151b78dde8bf08bc1613fa8772 (HKLM\...\{A4ADDF26-4426-4D2E-B26A-C7C878DA8FC9}_is1) (Version: 95537f39e44353151b78dde8bf08bc1613fa8772 - )
advanced-scene-switcher version 1.19.2 (32-bit) (HKLM-x32\...\{A4ADDF26-4426-4D2E-B26A-C7C878DA8FC9}_is1) (Version: 1.19.2 - WarmUpTill)
AIMP (HKLM-x32\...\AIMP) (Version: 5.10.2414 - Artem Izmaylov)
Amazon Appstore (HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\com.amazon.venezia) (Version: release-60.13.1.0.207502.0_259610 - amazon.com)
ANT Drivers Installer x64 (HKLM\...\{209ECC4B-2A73-48FD-80C9-CDFFA9CA528D}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Atom (HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\atom) (Version: 1.58.0 - GitHub Inc.)
Audacity 3.2.2 (HKLM\...\Audacity_is1) (Version: 3.2.2 - Audacity Team)
Aurora Store (HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\com.aurora.store) (Version: 4.1.1 - aurora.com)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon Laser Printer/Scanner/Fax Extended Survey Program (HKLM\...\{8A16FF47-A5FC-49A8-96B5-31180D317059}) (Version: 3.0.4 - CANON INC.) Hidden
Canon Laser Printer/Scanner/Fax Extended Survey Program (HKLM\...\Canon Laser Printer/Scanner/Fax Extended Survey Program) (Version: 3.0.4.40070 - CANON INC.)
Canon MF645C (HKLM\...\{9651393F-E287-454c-A4D7-E657DF3AE3BE}) (Version: 6.4.0.4 - CANON INC.)
Cisco Webex Meetings (HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\ActiveTouchMeetingClient) (Version: 42.6.0 - Cisco Webex LLC)
Corel Graphics - Windows Shell Extension (HKLM\...\_{4F36AC9B-954C-4C49-8573-D2A9EF8079B4}) (Version: 22.0.0.411 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{4F36AC9B-954C-4C49-8573-D2A9EF8079B4}) (Version: 22.0.411 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (HKLM\...\{C28C908E-0E70-470C-B556-DFDDE9973766}) (Version: 22.0.411 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM (x64) (HKLM\...\{0E0F6EBF-E2BA-4B1A-ADEC-CAF4612B2AC7}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content BR (x64) (HKLM\...\{AE21B6DA-78D3-4772-81EF-9A0163BDB0C6}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content CS (x64) (HKLM\...\{EFAB3BB7-4DD2-428F-B895-F915A689B46B}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content CT (x64) (HKLM\...\{54DADE81-4911-41B9-9FA6-76C57647FB34}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content CZ (x64) (HKLM\...\{2573B4F8-4C8F-4028-A1A9-500EE2ADE30A}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content DE (x64) (HKLM\...\{9A7ABF9B-1CF1-452F-B6A9-1FD425AD12D9}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content EN (x64) (HKLM\...\{C796DB48-473A-4F12-998D-0D690570D633}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content ES (x64) (HKLM\...\{38B83748-7D9B-48DB-94EE-004D49E84BD3}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content FR (x64) (HKLM\...\{E2E7B6E9-3A6F-4421-8D1F-24ED7647B00A}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content IT (x64) (HKLM\...\{EEC60482-484C-4B29-BB56-0C04F086B372}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content JP (x64) (HKLM\...\{7AB150FE-BF0D-44F9-934A-7BC87CB9FB01}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content NL (x64) (HKLM\...\{0A404310-BE95-47B5-BE1C-5C664490EE17}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content PL (x64) (HKLM\...\{5FC18E59-85FC-478D-93C8-266AB375FF1F}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content RU (x64) (HKLM\...\{F015285B-E950-48BF-A4C6-0A1DD2C9739E}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content TR (x64) (HKLM\...\{034009FF-1AB3-4340-A66D-CBF594C1A0F2}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - Writing Tools (x64) (HKLM\...\{F404C086-454C-4485-B5F1-F3C11B8DF452}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 (64-Bit) (HKLM\...\_{7FA269F4-59E4-4399-A239-E9A134D40BED}) (Version: 22.0.0.412 - Corel Corporation)
Cross DJ Free 3.4.0 (HKLM-x32\...\MixVibes Cross DJ Free 3.4.0) (Version: 3.4.0 - MixVibes)
Discord (HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\Discord) (Version: 1.0.9003 - Discord Inc.)
Driver Booster (HKLM-x32\...\IObit Driver Booster Pro 9.2.0.178) (Version: - )
Elevated Installer (HKLM-x32\...\{3213DBEF-7413-4CC2-A3EA-2FB78177482B}) (Version: 7.13.1.0 - Garmin Ltd or its subsidiaries) Hidden
Epic Games Launcher (HKLM-x32\...\{209F4B4B-3DF2-4825-9906-D4D6A80EC09E}) (Version: 1.3.0.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
Equalizer APO (HKLM\...\EqualizerAPO) (Version: 1.2.1 - )
FFmpeg v2.2.2 for Audacity - 64bit (HKLM\...\FFmpeg for Audacity_is1) (Version: - )
FIFA 19 v.1.0-u7 (HKLM-x32\...\FIFA 19_is1) (Version: - )
FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Focusrite USB Audio Driver 1.10 (HKLM\...\Focusrite USB Audio Driver_is1) (Version: 1.10 - Focusrite Audio Engineering Ltd.)
Garmin Express (HKLM-x32\...\{dfe973c2-d1c7-4563-8c84-595f13f8792d}) (Version: 7.13.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{FDE5F9F5-0C9B-4A7A-811B-C7E32195CC2B}) (Version: 7.13.1.0 - Garmin Ltd or its subsidiaries) Hidden
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
GitHub Desktop (HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\GitHubDesktop) (Version: 2.9.4 - GitHub, Inc.)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 68.0.2.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 108.0.5359.99 - Google LLC)
Infatica P2B Network (HKLM-x32\...\{043C71DF-992B-4A8C-B584-DE65480802F8}_is1) (Version: 1.0.6.1 - )
Jpeg Resampler XE (HKLM-x32\...\JpegResamplerXE_is1) (Version: - Jpeg Resampler)
K-Lite Mega Codec Pack 17.3.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 17.3.0 - KLCP)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
LatencyMon 7.20 (HKLM\...\LatencyMon_is1) (Version: 7.20 - Resplendence Software Projects Sp.)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Ledger Live 2.45.1 (HKLM\...\c62032b2-0bca-5abc-b458-fd67cfc9e49b) (Version: 2.45.1 - Ledger Live Team)
Legion Arena (HKLM-x32\...\Legion Arena_is1) (Version: 1.3.1.1 - Lenovo Group Ltd.)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.43.0 - Lenovo Group Ltd.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 108.0.1462.46 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 108.0.1462.46 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Volume - cs-cz) (Version: 16.0.15831.20190 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\Teams) (Version: 1.5.00.11163 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{4812E2CC-BAA9-49AE-B310-DA845882322B}) (Version: 4.66.0.0 - Microsoft Corporation)
Microsoft Visual Basic for Applications 7.1 (x64) (HKLM\...\{90120064-0070-0000-0000-4000000FF1CE}) (Version: 7.1.00.00 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) English (HKLM\...\{90F60409-7000-11D3-8CFE-0150048383C9}) (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31332 (HKLM-x32\...\{3746f21b-c990-4045-bb33-1cf98cff7a68}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31332 (HKLM\...\{F4499EE3-A166-496C-81BB-51D1BCDC70A9}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31332 (HKLM\...\{3407B900-37F5-4CC2-B612-5CD5D580A163}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2019 (HKLM-x32\...\{1edcd8d2-905a-4e93-bfdf-92ed5601528a}) (Version: 16.0.28801 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2019 x64 Hosting Support (HKLM\...\{9D6CE289-E12C-38BB-9999-E2377EC118B7}) (Version: 16.0.28801 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2019 x86 Hosting Support (HKLM-x32\...\{7C931D41-F302-3494-868C-320A4F4DD9F9}) (Version: 16.0.28801 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minimal ADB and Fastboot version 1.4.3 (HKLM-x32\...\{B561660D-8B3C-491D-9E3E-293F14FCAADA}_is1) (Version: 1.4.3 - Samuel Rodberg)
MSVCRT Redists (HKLM\...\{24DB3A5E-0BC8-11E5-9A27-F04DA23A5C58}) (Version: 1.0 - Sony Creative Software Inc.) Hidden
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 2.6.2.547 - Native Instruments)
Native Instruments Native Access (HKLM-x32\...\Native Instruments Native Access) (Version: 1.14.1.156 - Native Instruments)
Native Instruments Traktor Audio 10 Driver (HKLM-x32\...\Native Instruments Traktor Audio 10 Driver) (Version: - Native Instruments)
Native Instruments Traktor Audio 2 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Audio 2 MK2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Audio 6 Driver (HKLM-x32\...\Native Instruments Traktor Audio 6 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol D2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol D2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol F1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol F1 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol S2 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S2 MK2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol S4 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S4 MK2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol S4 MK3 ASIO Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S4 MK3 ASIO Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol S5 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S5 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol S8 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S8 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol X1 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol X1 MK2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol Z1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol Z1 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol Z2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol Z2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Pro 3 (HKLM-x32\...\Native Instruments Traktor Pro 3) (Version: 3.5.2.299 - Native Instruments)
Need For Speed Most Wanted Remaster Edition (HKLM-x32\...\Need For Speed Most Wanted Remaster Edition_is1) (Version: 0.0.0 - DODI-Repacks)
NFS: Most Wanted CZ (HKLM-x32\...\NFS: Most Wanted) (Version: CZ - Sub - Zero)
NVIDIA FrameView SDK 1.3.8107.31782123 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8107.31782123 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.26.0.154 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.26.0.154 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.39.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.16 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 522.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 522.25 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 27.1.3 - OBS Project)
oCam 버전 520.0 (HKLM-x32\...\oCam_is1) (Version: 520.0 - hxxp://ohsoft.net/)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15831.20184 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.11929.20376 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Openplanet for Trackmania (HKLM-x32\...\OpenplanetNext) (Version: - Melissa Geels)
Origin (HKLM-x32\...\Origin) (Version: 10.5.111.50299 - Electronic Arts, Inc.)
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 221102 - Kakao Corp.)
reWASD (HKLM\...\reWASD) (Version: 5.8.1.4765 - Disc Soft Ltd)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
Samsung DeX (HKLM-x32\...\{43409A91-7C1A-4D28-B628-AD78F09DA3F0}) (Version: 2.4.0.27 - Samsung Electronics Co., Ltd.) Hidden
Samsung DeX (HKLM-x32\...\{a306c372-6ec4-43f0-b372-b1de15b0e935}) (Version: 2.4.0.27 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.46.0 - Samsung Electronics Co., Ltd.)
Skype verze 8.78 (HKLM-x32\...\Skype_is1) (Version: 8.78 - Skype Technologies S.A.)
Software602 Form Filler (HKLM-x32\...\{EF8155B1-A395-4AF9-ABB4-88F09FA54DB1}) (Version: 4.80 - Software602 a.s.)
Spotify (HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\Spotify) (Version: 1.1.93.896.g3ae3b4f3 - Spotify AB)
Stardock Start11 (HKLM-x32\...\Stardock Start11) (Version: 1.31 - Stardock Software, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Trackmania (HKLM-x32\...\Uplay Install 5595) (Version: - Ubisoft)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 127.1.10616 - Ubisoft)
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
VALORANT (HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
Vegas Pro 13.0 (64-bit) (HKLM\...\{1EEE0BEE-0BC8-11E5-A19E-F04DA23A5C58}) (Version: 13.0.453 - Sony)
VMS (HKLM-x32\...\VMS1.0.3.1) (Version: 1.0.3.1 - 1.0.3.1)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
Packages:
=========
Canon Office Printer Utility -> C:\Program Files\WindowsApps\34791E63.CanonOfficePrinterUtility_12.7.0.0_x64__6e5tt8cgb93ep [2022-12-01] (Canon Inc.)
Clipchamp -> C:\Program Files\WindowsApps\Clipchamp.Clipchamp_2.5.13.0_neutral__yxz26nhyzhsrt [2022-12-12] (Microsoft Corp.)
Dolby Atmos for Gaming -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAtmosforGaming_3.20800.804.0_x64__rz1tebttyb220 [2022-10-03] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-10-03] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_141.2.441.0_x64__v10z8vjag6ke6 [2022-12-02] (HP Inc.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2209.2.0_x64__k1h2ywk1493x8 [2022-12-11] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-10-03] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-10-03] (Microsoft Corporation) [MS Ad]
ms-resource:APP_WINDOW_NAME -> C:\Program Files\WindowsApps\MicrosoftCorporationII.QuickAssist_2.0.9.0_x64__8wekyb3d8bbwe [2022-10-03] (Microsoft Corp.)
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.1.32791.0_x64__8wekyb3d8bbwe [2022-10-11] (Microsoft Corporation)
ms-resource:AppxManifest_DisplayName -> C:\Windows\SystemApps\Microsoft.Windows.PrintQueueActionCenter_cw5n1h2txyewy [2022-10-03] (Microsoft Corporation)
ms-resource:ProductPkgDisplayName -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.Core_cw5n1h2txyewy [2022-12-08] (ms-resource:ProductPublisherDisplayName)
ms-resource:System_Item_Title_IntelGraphicsControlPanel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt [2022-10-03] (INTEL CORP) [Startup Task]
ms-resource:WsaDisplayName -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WindowsSubsystemForAndroid_2211.40000.7.0_x64__8wekyb3d8bbwe [2022-12-08] (Microsoft Corp.) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-10-16] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.12.219.0_x64__dt26b99r8h8gj [2022-10-03] (Realtek Semiconductor Corp)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.11210.0_x64__8wekyb3d8bbwe [2022-12-11] (Microsoft Studios) [MS Ad]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2248.9.0_x64__cv1g1gvanyjgm [2022-12-12] (WhatsApp Inc.) [Startup Task]
WhatsApp Beta -> C:\Program Files\WindowsApps\5319275A.51895FA4EA97F_2.2249.2.0_x64__cv1g1gvanyjgm [2022-12-11] (WhatsApp Inc.) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-590153330-3484553050-3099931381-1001_Classes\CLSID\{1019ADC7-17CB-4489-AFD5-6642C7400ACE}\localserver32 -> C:\Users\MARRA\AppData\Local\Webex\Webex\Applications\ptOIEx64.exe (Cisco WebEx LLC -> Cisco WebEx LLC)
CustomCLSID: HKU\S-1-5-21-590153330-3484553050-3099931381-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\MARRA\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.22062.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-590153330-3484553050-3099931381-1001_Classes\CLSID\{32E26FD9-F435-4A20-A561-35D4B987CFDC}\InprocServer32 -> C:\Users\MARRA\AppData\Local\WebEx\WebEx64\Meetings\atucfobj.dll (Cisco WebEx LLC -> Cisco WebEx LLC)
CustomCLSID: HKU\S-1-5-21-590153330-3484553050-3099931381-1001_Classes\CLSID\{86ca1aa0-34aa-4e8b-a509-50c905bae2a2}\InprocServer32 -> => No File
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2022-12-12] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2022-12-12] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2022-12-12] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2022-12-12] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> )
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2022-12-04] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2022-12-12] (Google LLC -> Google, Inc.)
ContextMenuHandlers1-x32: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => C:\Program Files (x86)\JpegResamplerXE\JRcm.dll [2010-08-18] () [File not signed]
ContextMenuHandlers1: [JRcm64] -> {013BF2A8-A4B1-11DF-A865-F509E0D72085} => C:\Program Files (x86)\JpegResamplerXE\JRcm64.dll [2010-09-06] () [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2022-12-04] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2022-12-12] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2022-12-12] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvltig.inf_amd64_03e937c3da958a25\nvshext.dll [2022-12-08] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> )
ContextMenuHandlers6-x32: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => C:\Program Files (x86)\JpegResamplerXE\JRcm.dll [2010-08-18] () [File not signed]
ContextMenuHandlers6: [JRcm64] -> {013BF2A8-A4B1-11DF-A865-F509E0D72085} => C:\Program Files (x86)\JpegResamplerXE\JRcm64.dll [2010-09-06] () [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [310784 2019-12-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284160 2019-12-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\MARRA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VMS\Copy.lnk -> C:\Program Files (x86)\VMS\vms\bin\Copy.bat ()
Shortcut: C:\Users\MARRA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VMS\CopyJW.lnk -> C:\Program Files (x86)\VMS\vms\bin\CopyJW.bat ()
==================== Loaded Modules (Whitelisted) =============
2022-02-22 16:48 - 2022-02-22 16:48 - 000429056 _____ () [File not signed] C:\Program Files (x86)\Driver Booster\madExcept_.bpl
2021-11-07 22:49 - 2010-09-06 18:21 - 000538435 _____ () [File not signed] C:\Program Files (x86)\JpegResamplerXE\JRcm64.dll
2022-12-11 04:09 - 2022-12-11 04:09 - 101119488 _____ () [File not signed] C:\Program Files\WindowsApps\5319275A.51895FA4EA97F_2.2249.2.0_x64__cv1g1gvanyjgm\WhatsApp.dll
2022-12-11 04:09 - 2022-12-11 04:09 - 008540160 _____ () [File not signed] C:\Program Files\WindowsApps\5319275A.51895FA4EA97F_2.2249.2.0_x64__cv1g1gvanyjgm\WhatsAppNative.dll
2022-05-11 13:00 - 2007-04-23 06:00 - 005563392 _____ (ActVer©®™) [File not signed] C:\Program Files (x86)\Driver Booster\version.dll
2022-07-07 21:00 - 2018-01-29 18:26 - 000153088 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNCENPM6.dll
2017-03-02 15:19 - 2017-03-02 15:19 - 000310272 ____N (easyhook.codeplex.com) [File not signed] C:\ProgramData\Dolby\DAX3\RADARHOST\EasyHook64.dll
2022-02-22 16:48 - 2022-02-22 16:48 - 001055232 _____ (IObit.) [File not signed] C:\Program Files (x86)\Driver Booster\Register.dll
2021-11-07 23:09 - 2021-11-07 23:09 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2021-11-07 23:09 - 2021-11-07 23:09 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2021-11-07 23:09 - 2021-11-07 23:09 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2022-03-18 02:22 - 2021-11-07 23:09 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2022-03-18 02:22 - 2021-11-07 23:09 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2022-03-18 02:22 - 2021-11-07 23:09 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2022-03-18 02:22 - 2021-11-07 23:09 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2022-03-18 02:22 - 2021-11-07 23:09 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2022-03-18 02:22 - 2021-11-07 23:09 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk:F20EF51E1F [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk:1DC1525F34 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung DeX.lnk:04BD1844E0 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk:7AD7FA8AB1 [10]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TextInputManagementService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => ""="Memory"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TextInputManagementService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\sharepoint.com -> hxxps://utbcz-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 10:14 - 2022-05-12 09:44 - 000000997 _____ C:\WINDOWS\system32\drivers\etc\hosts
2022-09-19 01:15 - 2022-12-03 22:43 - 000000440 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
172.25.80.1 MARRA-LEGION.mshome.net # 2027 12 4 2 21 43 21 58
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-590153330-3484553050-3099931381-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\MARRA\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.37.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "MFNetworkScannerSelector"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\StartupApproved\Run: => "CiscoMeetingDaemon"
HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\StartupApproved\Run: => "GarminExpress"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{39CD9027-D1DE-4F49-9142-F4E711D3DBF5}] => (Allow) D:\Games\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{963E6E87-2583-434C-B7DB-8BE5B4DC3B47}] => (Allow) D:\Games\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [UDP Query User{E5F6999E-593F-428D-9036-21243FE34B7D}C:\program files (x86)\ipctool\ipctool.exe] => (Allow) C:\program files (x86)\ipctool\ipctool.exe => No File
FirewallRules: [TCP Query User{AAE8F00E-F278-4F58-B66D-CA90F1244B8D}C:\program files (x86)\ipctool\ipctool.exe] => (Allow) C:\program files (x86)\ipctool\ipctool.exe => No File
FirewallRules: [UDP Query User{E4650F95-801B-4A98-ABE5-721760A2C903}C:\program files (x86)\vms\vms\bin\vms.exe] => (Allow) C:\program files (x86)\vms\vms\bin\vms.exe () [File not signed]
FirewallRules: [TCP Query User{4B29C66C-FA61-4379-9868-709774E31A3E}C:\program files (x86)\vms\vms\bin\vms.exe] => (Allow) C:\program files (x86)\vms\vms\bin\vms.exe () [File not signed]
FirewallRules: [UDP Query User{9C12C018-8B8E-4999-9479-B381F56EA1B5}D:\games\cs1.6\hl.exe] => (Allow) D:\games\cs1.6\hl.exe => No File
FirewallRules: [TCP Query User{C67D4C2F-87A6-4AEC-874C-5BEFA3FB323B}D:\games\cs1.6\hl.exe] => (Allow) D:\games\cs1.6\hl.exe => No File
FirewallRules: [UDP Query User{07441542-A9B0-423E-ADA9-5582AB9A4EA2}D:\games\crysisremastered\bin64\crysisremastered.exe] => (Allow) D:\games\crysisremastered\bin64\crysisremastered.exe (Crytek GmbH) [File not signed]
FirewallRules: [TCP Query User{4396677B-F35F-4290-AF12-19202A2CBA0D}D:\games\crysisremastered\bin64\crysisremastered.exe] => (Allow) D:\games\crysisremastered\bin64\crysisremastered.exe (Crytek GmbH) [File not signed]
FirewallRules: [UDP Query User{71E47EFF-9D1C-4ECE-8AE7-AE3AD8B2A304}D:\games\cyberpunk.2077.gog.rip-insaneramzes\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\games\cyberpunk.2077.gog.rip-insaneramzes\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [TCP Query User{74E56D16-DF70-41BF-96AA-2D9A7B2691DD}D:\games\cyberpunk.2077.gog.rip-insaneramzes\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\games\cyberpunk.2077.gog.rip-insaneramzes\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [UDP Query User{72562381-6D49-4E2F-8181-67B947AEAEAC}C:\users\marra\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\marra\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{5A7A9E5D-146E-41C4-A12E-542D2683A75A}C:\users\marra\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\marra\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{CE839D0B-0E61-4F2E-8CE3-2BA07F05D6C8}] => (Allow) C:\Program Files\uTorrent\utorrent.exe => No File
FirewallRules: [{767FB015-96F1-4361-A4C4-18776F34C752}] => (Allow) C:\Program Files\uTorrent\utorrent.exe => No File
FirewallRules: [{88F25B2F-752B-483D-AC16-701BBE5E6E82}] => (Allow) D:\Games\steamapps\common\Unreal Tournament 3\Binaries\UT3.exe (Epic Games Inc. -> ) [File not signed]
FirewallRules: [{A09C9F8F-8DE3-413C-8290-3F3803C4819F}] => (Allow) D:\Games\steamapps\common\Unreal Tournament 3\Binaries\UT3.exe (Epic Games Inc. -> ) [File not signed]
FirewallRules: [{B9396FC7-167E-4CFA-88C0-D2FA696A0FF5}] => (Allow) D:\Games\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe () [File not signed]
FirewallRules: [{B8652551-E4CA-432B-8F2E-0346C0D4A6F3}] => (Allow) D:\Games\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe () [File not signed]
FirewallRules: [{9930E664-4CAB-483A-B0B1-9B53C8E04D05}] => (Allow) D:\Games\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe (CD Projekt RED Sp. z o.o. -> CD Projekt Red)
FirewallRules: [{5516B6F5-A568-4CF1-8859-65BC63C1E554}] => (Allow) D:\Games\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe (CD Projekt RED Sp. z o.o. -> CD Projekt Red)
FirewallRules: [{88F53FFC-3158-4C69-9B11-4F071D69C5D8}] => (Allow) D:\Games\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe (CD Projekt Red) [File not signed]
FirewallRules: [{BCC5263E-FAE6-438A-BEDE-A65E0CACE860}] => (Allow) D:\Games\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe (CD Projekt Red) [File not signed]
FirewallRules: [{42180D00-EB28-4257-BEB4-0271FA640892}] => (Allow) D:\Games\Trackmania\trackmania.exe (NADEO SAS -> Nadeo)
FirewallRules: [{4BD03348-B254-4291-9A05-05AB2276EEF2}] => (Allow) D:\Games\Trackmania\trackmania.exe (NADEO SAS -> Nadeo)
FirewallRules: [{9642C2F2-D143-43B3-86F7-D7E889595AA3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{823DE92B-1696-4FDE-AC43-7F1FD55D2875}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E724E9E9-0304-45E8-A783-42B347332936}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{38B1FF4C-61A4-48A2-A02B-0F65F4A0654D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1D89C447-5157-4E96-B1EA-E3C45AEFB95B}] => (Block) C:\Program Files\Corel\CorelDRAW Graphics Suite 2020\Programs64\CorelPP.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{4E0FB215-5BBB-418D-8E8D-A49ACBF412B2}] => (Block) C:\Program Files\Corel\CorelDRAW Graphics Suite 2020\Programs64\CorelDrw.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [UDP Query User{8B667069-70F5-4C41-A804-E876B330EA11}C:\users\marra\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\marra\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{6BBB1161-E65E-4062-988D-344B9AAF49B7}C:\users\marra\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\marra\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{112E1AC2-34D5-4832-A186-FBE4DE05491D}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5E4934E9-3295-4619-8B19-8E818980FC5D}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DC16197A-54B6-44CB-9A54-4140F1404228}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{3A263379-F133-4EBC-BD28-58B88E25CA8B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{77C0E4CA-7543-4C4F-B4DD-C54273DF6165}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_21302.202.1065.6968_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D903AB93-2608-4F75-A72C-38FAFB9BD99D}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_21302.202.1065.6968_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{1D983511-9620-4479-AE8B-F7E700003E01}C:\users\marra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\marra\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{8A7CAF9E-BC67-4597-8D44-3017CAE15F41}C:\users\marra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\marra\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4E554741-DB92-4AC1-91A5-9E0ED0EA824A}] => (Allow) C:\Program Files\reWASD\reWASDEngine.exe (SIA AVB Disc Soft -> Disc Soft Ltd)
FirewallRules: [{913230A5-BD8C-4ED9-934D-5C5A2333242F}] => (Allow) C:\Program Files\reWASD\reWASDEngine.exe (SIA AVB Disc Soft -> Disc Soft Ltd)
FirewallRules: [{F08FE8CE-3302-44B1-9A72-273182D64C12}] => (Allow) LPort=35474
FirewallRules: [{D1A26F11-4D8E-432A-9F36-007DF7190D92}] => (Allow) LPort=35474
FirewallRules: [{F44C1DD3-2C04-4FE9-89B1-0B502192CF74}] => (Allow) LPort=35475
FirewallRules: [{3940D517-C618-4CFA-8993-17AE8A733CE9}] => (Allow) LPort=35475
FirewallRules: [{5B6EAE54-DAC8-41D2-A128-26A418AB19F4}] => (Allow) LPort=35476
FirewallRules: [{AB3C7D97-DEB8-46CA-BEBB-D2EE07524054}] => (Allow) LPort=35476
FirewallRules: [{8A240337-B96D-4884-91C7-F033E8C2EED0}] => (Allow) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{094DE1D3-A097-467E-886A-054139371914}] => (Allow) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [TCP Query User{17EB4F5B-158C-437D-8F1F-DF9283169623}D:\games\riot games\riot client\riotclientservices.exe] => (Allow) D:\games\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{CCCE83E4-6C99-486E-9C0D-82521E885ECB}D:\games\riot games\riot client\riotclientservices.exe] => (Allow) D:\games\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{BE73EE6D-929F-49CB-9787-E266CF3AF3CD}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [{883ACB19-4304-4098-B596-E51DA4D1E3B3}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [TCP Query User{C3AA0BD9-A41A-4036-8579-9336609899A1}C:\program files\ledger live\ledger live.exe] => (Allow) C:\program files\ledger live\ledger live.exe (LEDGER SAS -> Ledger Live Team)
FirewallRules: [UDP Query User{3B8A81A2-8B38-438A-8CE5-78C2B4A59592}C:\program files\ledger live\ledger live.exe] => (Allow) C:\program files\ledger live\ledger live.exe (LEDGER SAS -> Ledger Live Team)
FirewallRules: [{988C6A73-CC5B-4D9D-A15A-F4F808884B36}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1FB67AE8-25D0-4173-B007-E791D5D6D2A3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8EB4439E-4BB5-4CC3-8244-38E5A5BDC325}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7FD245C6-58F4-4A58-98B7-85A203FCCCDB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{95BC7ED3-110D-4678-870E-AAEFA157CB03}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{826D7578-11DA-46CC-B945-A64B21C3017A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{24B950D9-1C19-4CAA-88A8-52458325AF6F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{9FA978C2-A74B-4A25-8663-89F70084D783}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{801F9544-5DF9-468C-B890-2F8A989D085F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F2086651-4D9F-48CE-AFB4-1BC267B4683F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{61F42AEB-D68B-40C7-9284-00BFFA64C19F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2B55B6DB-97A6-44F8-8D2B-E7F96FC7A78C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C64D011B-8E8A-41CD-A038-2C611FDB3E31}] => (Allow) C:\Program Files\WindowsApps\MicrosoftCorporationII.WindowsSubsystemForAndroid_2211.40000.7.0_x64__8wekyb3d8bbwe\WsaClient\WsaClient.exe () [File not signed]
FirewallRules: [{676C039B-AC55-40AF-B339-D862EF28CE3E}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{0C18FDFD-8BC1-45CC-BC7E-4AF9D430A248}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\108.0.1462.46\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
05-12-2022 22:10:04 Windows Update
08-12-2022 09:47:06 Driver Booster : Auto Update
12-12-2022 17:44:22 Windows Update
12-12-2022 17:44:23 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/13/2022 01:21:47 PM) (Source: NIHardwareService) (EventID: 259) (User: )
Description: MIDIDevice: Unable to unlock BMIDI DLL/driver
Error: (12/12/2022 09:51:01 PM) (Source: Application Error) (EventID: 1000) (User: MARRA-LEGION)
Description: Název chybující aplikace: AXKTTYFUADTDRMOT.exe, verze: 10.0.22593.1, časové razítko: 0xd64c5a80
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000140003be2
ID chybujícího procesu: 0x0x39b0
Čas spuštění chybující aplikace: 0x0x1d90e630d7dc827
Cesta k chybující aplikaci: C:\Users\MARRA\AppData\Roaming\Spotify\Apps\AXKTTYFUADTDRMOT.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 79cf12b9-a7a1-4c94-a6e6-7b1982391098
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/12/2022 08:50:55 PM) (Source: Application Error) (EventID: 1000) (User: MARRA-LEGION)
Description: Název chybující aplikace: AXKTTYFUADTDRMOT.exe, verze: 10.0.22593.1, časové razítko: 0xd64c5a80
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000140003be2
ID chybujícího procesu: 0x0x49f8
Čas spuštění chybující aplikace: 0x0x1d90e524629c92b
Cesta k chybující aplikaci: C:\Users\MARRA\AppData\Roaming\Spotify\Apps\AXKTTYFUADTDRMOT.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 26ec7cbb-44f2-4813-aa66-670344a61d9f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/12/2022 06:50:49 PM) (Source: Application Error) (EventID: 1000) (User: MARRA-LEGION)
Description: Název chybující aplikace: AXKTTYFUADTDRMOT.exe, verze: 10.0.22593.1, časové razítko: 0xd64c5a80
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000140003be2
ID chybujícího procesu: 0x0x2d48
Čas spuštění chybující aplikace: 0x0x1d90e49e0a9cc4b
Cesta k chybující aplikaci: C:\Users\MARRA\AppData\Roaming\Spotify\Apps\AXKTTYFUADTDRMOT.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 73f41fd3-ea37-42cb-ae1d-29a353f53ec6
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/12/2022 05:50:42 PM) (Source: Application Error) (EventID: 1000) (User: MARRA-LEGION)
Description: Název chybující aplikace: AXKTTYFUADTDRMOT.exe, verze: 10.0.22593.1, časové razítko: 0xd64c5a80
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000140003be2
ID chybujícího procesu: 0x0xfe4
Čas spuštění chybující aplikace: 0x0x1d90e3919226655
Cesta k chybující aplikaci: C:\Users\MARRA\AppData\Roaming\Spotify\Apps\AXKTTYFUADTDRMOT.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 09b21f9f-16ca-4b69-9e48-f9f7f9b6d6e0
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/12/2022 03:50:36 PM) (Source: Application Error) (EventID: 1000) (User: MARRA-LEGION)
Description: Název chybující aplikace: AXKTTYFUADTDRMOT.exe, verze: 10.0.22593.1, časové razítko: 0xd64c5a80
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000140003be2
ID chybujícího procesu: 0x0x3f4c
Čas spuštění chybující aplikace: 0x0x1d90e30b36cbbf8
Cesta k chybující aplikaci: C:\Users\MARRA\AppData\Roaming\Spotify\Apps\AXKTTYFUADTDRMOT.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: b2c82826-6597-4c35-a312-14af2f90c506
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/12/2022 02:50:29 PM) (Source: Application Error) (EventID: 1000) (User: MARRA-LEGION)
Description: Název chybující aplikace: AXKTTYFUADTDRMOT.exe, verze: 10.0.22593.1, časové razítko: 0xd64c5a80
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000140003be2
ID chybujícího procesu: 0x0x4704
Čas spuštění chybující aplikace: 0x0x1d90e284def5492
Cesta k chybující aplikaci: C:\Users\MARRA\AppData\Roaming\Spotify\Apps\AXKTTYFUADTDRMOT.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: b011a4cf-8a57-48ae-812f-4e1d106e58c9
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/12/2022 01:50:23 PM) (Source: Application Error) (EventID: 1000) (User: MARRA-LEGION)
Description: Název chybující aplikace: AXKTTYFUADTDRMOT.exe, verze: 10.0.22593.1, časové razítko: 0xd64c5a80
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000140003be2
ID chybujícího procesu: 0x0xd08
Čas spuštění chybující aplikace: 0x0x1d90e1784c35879
Cesta k chybující aplikaci: C:\Users\MARRA\AppData\Roaming\Spotify\Apps\AXKTTYFUADTDRMOT.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 1905fb2d-6b62-456e-bf1a-58301d2f7a85
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (12/11/2022 04:19:58 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba cplspcon byla ukončena s následující chybou:
Nespecifikovaná chyba
Error: (12/11/2022 04:09:38 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NBDXK71NK08-5319275A.51895FA4EA97F.
Error: (12/11/2022 04:02:29 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.
Error: (12/08/2022 09:51:07 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Intel(R) Content Protection HDCP Service byla ukončena s následující chybou:
Nespecifikovaná chyba
Error: (12/08/2022 09:50:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (12/08/2022 09:50:53 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba NVIDIA LocalSystem Container byla ukončena s následující chybou:
Obecný spustitelný příkaz vrátil výsledek označující selhání.
Error: (12/08/2022 08:15:40 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba cplspcon byla ukončena s následující chybou:
Nespecifikovaná chyba
Error: (12/06/2022 11:24:34 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9MSSGKG348SP-MicrosoftWindows.Client.WebExperience.
Windows Defender:
================
Date: 2022-12-13 12:54:49
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5D236452-20EE-4363-944A-D817597CCB8A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-12-12 13:05:49
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {7EB21E76-A09C-4CB5-A2F8-4B6E25AC19C0}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-12-11 04:00:21
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {9890E01C-5D3D-465F-8196-A11B5258A54E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-12-07 15:27:05
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {DE970729-1524-4954-81D5-B6EB9131C796}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-12-06 14:33:34
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {DD827D5B-4526-4CF9-B906-24C741AE08C7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
CodeIntegrity:
===============
Date: 2022-12-13 13:32:09
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2022-12-13 13:22:21
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO EFCN57WW 09/05/2022
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i5-10300H CPU @ 2.50GHz
Percentage of memory in use: 46%
Total physical RAM: 16251.8 MB
Available physical RAM: 8637.39 MB
Total Virtual: 18683.8 MB
Available Virtual: 6008.22 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:475.76 GB) (Free:141.22 GB) (Model: SKHynix_HFS512GD9TNI-L2A0B) NTFS
Drive d: (Data) (Fixed) (Total:931.5 GB) (Free:410.08 GB) (Model: KINGSTON SA2000M81000G) NTFS
Drive g: (m...@gmail.com - Googl...) (Fixed) (Total:200 GB) (Free:125.79 GB) (Model: KINGSTON SA2000M81000G) FAT32
Drive h: (f...@gmail.com - G...) (Fixed) (Total:15 GB) (Free:14.84 GB) (Model: KINGSTON SA2000M81000G) FAT32
\\?\Volume{e5506172-f637-4348-b35e-771ae04cbe0e}\ () (Fixed) (Total:1.06 GB) (Free:0.08 GB) NTFS
\\?\Volume{1ed93b7f-5be7-4a70-beef-f270ca27c456}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Size: 476.9 GB) (Disk ID: 01F9E3F6)
Partition: GPT.
==================== End of Addition.txt =======================
Přispějete na provoz fóra?