Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Ukradnuté hesla, prosím o kontrolu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Lacko12345
Návštěvník
Návštěvník
Příspěvky: 3
Registrován: 20 bře 2023 17:02

Ukradnuté hesla, prosím o kontrolu

#1 Příspěvek od Lacko12345 »

Dobrý den, minulý týden se mi někdo naboural do emailu a dnes manželce. Oba emaily měli uložené hesla na PC (win11). Prosím o kontrolu logu, nevím zda máme v PC nějakou havěť nebo nám někde unikly hesla. Mockrát díky

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118194
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Ukradnuté hesla, prosím o kontrolu

#2 Příspěvek od Rudy »

Zdravím!
Dejte lpgy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Lacko12345
Návštěvník
Návštěvník
Příspěvky: 3
Registrován: 20 bře 2023 17:02

Re: Ukradnuté hesla, prosím o kontrolu

#3 Příspěvek od Lacko12345 »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-03-2023
Ran by urban (administrator) on LACKŢVPC (Micro-Star International Co., Ltd MS-7C02) (20-03-2023 16:56:08)
Running from C:\Users\urban\Desktop
Loaded Profiles: urban
Platform: Microsoft Windows 11 Pro Version 22H2 22621.1413 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Autodesk, Inc. -> Autodesk, Inc.) C:\Users\urban\AppData\Roaming\Autodesk\ADPSDK\bin\ADPClientService.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\12.1.0.7121\AdskLicensingService\AdskLicensingService.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessServiceHost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_10.75.13001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_10.75.13001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\Sgrm\SgrmBroker.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_1c0a31316508effa\RtkAudUService64.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_1c0a31316508effa\RtkAudUService64.exe [1596776 2022-09-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [26327864 2021-04-08] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [MSIRegister] => C:\Program Files (x86)\MSI\MSIRegister\MSIRegister.exe [1266864 2019-08-28] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2022-12-20] (Adobe Inc. -> )
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [589840 2022-07-13] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\Program Files\Autodesk\Genuine Service\x64\GenuineService.exe [3741704 2022-09-27] (Autodesk, Inc. -> Autodesk)
HKLM-x32\...\Run: [M17A] => C:\Windows\twain_32\Brimm17a\Common\TwDsUiLaunch.exe [85912 2021-09-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2017-04-05] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3146752 2022-02-07] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrotherSoftwareUpdateNotification] => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3588608 2021-04-02] (Brother Industries, Ltd.) [File not signed]
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-894658081-3701612317-1664743181-1001\...\Run: [MicrosoftEdgeAutoLaunch_71ACF99E3915FFAEC8629BFDDF63CDF0] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4056016 2023-03-16] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-894658081-3701612317-1664743181-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4361576 2023-03-17] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-894658081-3701612317-1664743181-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2148016 2022-11-23] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-894658081-3701612317-1664743181-1001\...\Run: [f.lux] => C:\Users\urban\AppData\Local\FluxSoftware\Flux\flux.exe [1515848 2021-06-18] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-894658081-3701612317-1664743181-1001\...\Run: [AMDNoiseSuppression] => C:\Windows\system32\AMD\ANR\AMDNoiseSuppression.exe [155544 2022-08-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\111.0.5563.65\Installer\chrmstp.exe [2023-03-14] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RocketDock.lnk [2023-02-17]
ShortcutTarget: RocketDock.lnk -> C:\Program Files (x86)\RocketDock\RocketDock.exe () [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0600DD45-FAF2-4131-A006-0B17509B9F78} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\sc.exe start InventorySvc
Task: {167EBFDA-959A-4E98-BABB-A5C4609476F2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {226A6FB3-82E2-4364-BF72-0F84B5B813F6} - System32\Tasks\MSI Task Host - LEDKeeper2_Host => C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe [2446456 2023-02-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {3C48A60F-68B6-4438-934A-D4FBA0440721} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [183736 2023-03-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {58A5CD92-3F37-475B-AD8C-4E06D78ACCF6} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1024440 2023-03-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {6686483B-1307-459A-9729-F4F333E6CDB4} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [804312 2022-11-17] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {86AB15BA-01C0-426E-B791-BF82760E3FD0} - System32\Tasks\MSI_Toast_Server => C:\Program Files (x86)\MSI\MSI Toast Server\MSIToastServer.exe [31904 2019-03-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
Task: {8E06041E-22D6-4760-8DEC-874F2A9A4496} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1024440 2023-03-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {AC804391-F858-4A34-B2A8-8404CA219953} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C288EBBF-503A-4EA1-9518-3F40CF87B5DE} - System32\Tasks\GoogleUpdateTaskMachineCore{0D7563E2-44E9-4EB7-8A1B-4267BDDC23A6} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-11-25] (Google LLC -> Google LLC)
Task: {DB23F17A-46EA-464A-9860-AD8BBE9F35B9} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1024440 2023-03-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\Windows\system32\MusNotification.exe (No File)
Task: {F22BE561-248F-48A6-A6B1-2FE4BC043DF5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F34D8F95-35C1-42AA-8D00-24576437315D} - System32\Tasks\GoogleUpdateTaskMachineUA{0B175071-EF0B-4CCB-93C5-9E7F917212A2} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-11-25] (Google LLC -> Google LLC)
Task: {F7FCD57F-CDA3-4C68-AC58-46EBC6900A5E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{5d5d3228-8ef8-41bd-bfa7-a08deaba790f}: [DhcpNameServer] 62.129.50.20 85.135.32.100

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\urban\AppData\Local\Microsoft\Edge\User Data\Default [2023-03-20]
Edge HomePage: Default -> hxxps://securesearch.org/homepage?hp=2&pId=BT170902&iDate=2021-11-04 05:57:11&iid=8e6001bc-0285-45f3-90b0-14b924c3d8dd&bName=
Edge Extension: (Překladač Google) - C:\Users\urban\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-03-15]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\urban\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2023-03-15]
Edge Extension: (Adblock Plus - free ad blocker) - C:\Users\urban\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2023-03-15]
Edge Extension: (Hlídač Shopů) - C:\Users\urban\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\plmlonggbfebcjelncogcnclagkmkikk [2023-03-15]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\urban\AppData\Local\Google\Chrome\User Data\Default [2023-03-20]
CHR Notifications: Default -> hxxps://drive.google.com; hxxps://fixgroupfactor.com; hxxps://www25.davisonbarker.pro; hxxps://www58.davisonbarker.pro
CHR Session Restore: Default -> is enabled.
CHR Extension: (Překladač Google) - C:\Users\urban\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-11-25]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\urban\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2023-03-09]
CHR Extension: (Dark Reader) - C:\Users\urban\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2023-01-09]
CHR Extension: (I don't care about cookies) - C:\Users\urban\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2023-02-15]
CHR Extension: (Word Online) - C:\Users\urban\AppData\Local\Google\Chrome\User Data\Default\Extensions\fiombgjlkfpdpkbhfioofeeinbehmajg [2022-11-25]
CHR Extension: (Hamty.cz doplněk) - C:\Users\urban\AppData\Local\Google\Chrome\User Data\Default\Extensions\gccfnphpieojibjmnodiiobdapckkkfb [2022-11-29]
CHR Extension: (Return YouTube Dislike) - C:\Users\urban\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebbhagfogifgggkldgodflihgfeippi [2023-02-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\urban\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-02-14]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\urban\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-03-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\urban\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-11-25]
CHR Extension: (Hlídač Shopů) - C:\Users\urban\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlonggbfebcjelncogcnclagkmkikk [2023-02-24]
CHR Profile: C:\Users\urban\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-03-20]
CHR Profile: C:\Users\urban\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-03-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\urban\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-02-14]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\urban\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-02-23]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\urban\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-03-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\urban\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-12-20]
CHR Profile: C:\Users\urban\AppData\Local\Google\Chrome\User Data\System Profile [2023-03-20]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1166352 2022-07-13] (Autodesk, Inc. -> Autodesk Inc.)
R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [13915208 2022-03-24] (Autodesk, Inc. -> Autodesk)
R2 Autodesk Access Service Host; C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessServiceHost.exe [8895776 2023-03-08] (Autodesk, Inc. -> Autodesk, Inc.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [321536 2022-01-26] (Brother Industries, Ltd.) [File not signed]
R3 InventorySvc; C:\Windows\system32\inventorysvc.dll [304480 2022-11-25] (Microsoft Windows -> Microsoft Corporation)
S2 LightKeeperService; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LightKeeperService.exe [86776 2020-12-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9084512 2023-03-15] (Malwarebytes Inc. -> Malwarebytes)
S2 MSIREGISTER_MR; C:\Program Files (x86)\MSI\MSIRegister\MSIRegisterService.exe [2019504 2019-08-28] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
S2 MSI_Case_Service; C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe [69240 2023-01-16] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
S2 MSI_Center_Service; C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe [150176 2022-08-04] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
S2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2210104 2021-04-08] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
S2 MSI_VoiceControl_Service; C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe [34032 2022-05-12] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
S2 Mystic_Light_Service; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Mystic_Light_Service.exe [37616 2022-04-28] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [252176 2023-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SgrmBroker; C:\Windows\system32\Sgrm\SgrmBroker.exe [414632 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TextInputManagementService; C:\Windows\System32\TabSvc.dll [266240 2023-03-15] (Microsoft Windows -> Microsoft Corporation)
S2 tmInstall; C:\Program Files\Thrustmaster\FFB Racing wheel\drivers\amd64\tmInstall.EXE [281160 2022-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Thrustmaster®)
S2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [12288 2022-11-10] () [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe [3191256 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe [133576 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [19456 2022-11-10] () [File not signed]
R3 wuauserv; C:\Windows\system32\wuauserv.dll [140376 2023-03-15] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\Windows\System32\drivers\amdfendrmgr.sys [36248 2022-10-14] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R2 AMDRyzenMasterDriverV20; C:\Windows\system32\AMDRyzenMasterDriver.sys [48328 2023-03-01] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 AMDSAFD; C:\Windows\System32\DriverStore\FileRepository\amdsafd.inf_amd64_1a1a381a2c0e293c\amdsafd.sys [113056 2022-08-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 amdwddmg; C:\Windows\System32\DriverStore\FileRepository\u0389089.inf_amd64_707d4e7f9968e2d8\B389045\amdkmdag.sys [100028824 2023-03-06] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\Windows\System32\drivers\amdxe.sys [59920 2022-05-31] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R2 bfs; C:\Windows\system32\drivers\bfs.sys [91480 2022-11-25] (Microsoft Windows -> Microsoft Corporation)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [532480 2022-09-25] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [184320 2022-09-25] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
S0 GenPass; C:\Windows\System32\DriverStore\FileRepository\genpass.inf_amd64_bef88a423225ecdc\genpass.sys [62800 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S3 logi_joy_vir_hid; C:\Windows\system32\drivers\logi_joy_vir_hid.sys [32080 2022-12-24] (Logitech Inc -> Logitech)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2023-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2023-03-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 NTIOLib_CC_Clock; C:\Program Files (x86)\MSI\MSI Center\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_COMM; C:\Program Files (x86)\MSI\MSI Center\Lib\SYS\NTIOLib_X64.sys [28480 2022-04-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Lib\NTIOLib_X64.sys [14288 2017-07-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S0 pvscsi; C:\Windows\System32\drivers\pvscsii.sys [45408 2022-05-07] (Microsoft Windows -> VMware, Inc.)
S3 RoutePolicy; C:\Windows\System32\drivers\RoutePolicy.sys [98304 2022-05-07] (Microsoft Windows -> )
S3 rtcx21; C:\Windows\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
S3 tmhidusb; C:\Windows\system32\DRIVERS\tmhidusb.sys [513096 2022-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Thrustmaster)
S3 tmwbulk; C:\Windows\System32\Drivers\tmwbulk.sys [383008 2022-09-08] (Microsoft Windows Hardware Compatibility Publisher -> © Guillemot R&D, 2022. All rights reserved.)
S3 UsbNcm; C:\Windows\System32\drivers\UsbNcm.sys [167936 2022-05-07] (Microsoft Windows -> )
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49576 2023-02-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [473336 2023-02-15] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99576 2023-02-15] (Microsoft Windows -> Microsoft Corporation)
R2 wtd; C:\Windows\System32\drivers\wtd.sys [118784 2023-03-15] (Microsoft Windows -> Microsoft Corporation)
S4 AmdTools64; \SystemRoot\System32\drivers\AmdTools64.sys [X]
U3 aswbdisk; no ImagePath
S3 atillk64; \??\C:\Windows\Temp\Atiflash\atillk64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-03-20 16:56 - 2023-03-20 16:56 - 000023264 _____ C:\Users\urban\Desktop\FRST.txt
2023-03-20 16:54 - 2023-03-20 16:56 - 000000000 ____D C:\FRST
2023-03-20 16:54 - 2023-03-20 16:54 - 002378752 _____ (Farbar) C:\Users\urban\Desktop\FRST64.exe
2023-03-20 16:37 - 2023-03-20 16:37 - 008791352 _____ (Malwarebytes) C:\Users\urban\Downloads\adwcleaner.exe
2023-03-20 16:37 - 2023-03-20 16:37 - 000000000 ____D C:\AdwCleaner
2023-03-19 16:56 - 2023-03-19 16:56 - 000739302 _____ C:\Windows\system32\perfh005.dat
2023-03-19 16:56 - 2023-03-19 16:56 - 000155208 _____ C:\Windows\system32\perfc005.dat
2023-03-17 12:57 - 2023-03-17 12:57 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2023-03-17 12:57 - 2023-03-17 12:57 - 000000000 ____D C:\Program Files (x86)\Microsoft GameInput
2023-03-17 12:54 - 2023-03-17 12:54 - 108030112 _____ C:\Users\urban\Downloads\pasksladdenelmia.rar
2023-03-17 12:54 - 2023-03-17 12:54 - 050824399 _____ C:\Users\urban\Downloads\gymkhana_drift.rar
2023-03-17 12:54 - 2023-03-17 12:54 - 046381789 _____ C:\Users\urban\Downloads\gymkhana_drift (1).rar
2023-03-17 12:54 - 2023-03-17 12:54 - 033479399 _____ C:\Users\urban\Downloads\Klutmark.zip
2023-03-17 12:52 - 2023-03-17 12:52 - 000099907 _____ C:\Users\urban\Downloads\Ai-lines Meihan.zip
2023-03-17 12:52 - 2023-03-17 12:52 - 000099907 _____ C:\Users\urban\Downloads\Ai-lines Meihan (1).zip
2023-03-17 12:52 - 2023-03-17 12:52 - 000091981 _____ C:\Users\urban\Downloads\ai.zip
2023-03-17 12:51 - 2023-03-17 12:51 - 144484851 _____ C:\Users\urban\Downloads\slideBotFile.rar
2023-03-17 12:49 - 2023-03-17 12:51 - 1655423853 _____ C:\Users\urban\Downloads\Slideboizz Cars.zip
2023-03-16 17:26 - 2023-03-16 17:28 - 1032536291 _____ C:\Users\urban\Downloads\DEATH WISH GARAGE V2.0.zip
2023-03-16 17:24 - 2023-03-16 17:24 - 141987678 _____ C:\Users\urban\Downloads\acdfr23_bikernieki.rar
2023-03-16 17:24 - 2023-03-16 17:24 - 056935582 _____ C:\Users\urban\Downloads\acdfr_karpacz_2020 (1).rar
2023-03-16 17:23 - 2023-03-16 17:24 - 151886960 _____ C:\Users\urban\Downloads\acdfr_laquais_drift.rar
2023-03-16 17:23 - 2023-03-16 17:23 - 084298470 _____ C:\Users\urban\Downloads\acdfr_okuibuki_motor_park.rar
2023-03-16 17:23 - 2023-03-16 17:23 - 056935582 _____ C:\Users\urban\Downloads\acdfr_karpacz_2020.rar
2023-03-16 17:23 - 2023-03-16 17:23 - 040592598 _____ C:\Users\urban\Downloads\acdfr_deriphill_2023 .rar
2023-03-16 17:22 - 2023-03-16 17:22 - 081525256 _____ C:\Users\urban\Downloads\acdfr_road_atlanta_2021.rar
2023-03-16 17:22 - 2023-03-16 17:22 - 023615842 _____ C:\Users\urban\Downloads\acdfr_rockingham.rar
2023-03-16 17:17 - 2023-03-16 17:19 - 1229547175 _____ C:\Users\urban\Downloads\ACDFR_PACK_REV_2.zip
2023-03-16 14:36 - 2023-03-16 14:39 - 1385372285 _____ C:\Users\urban\Downloads\DWG S13 Pack 1.75.zip
2023-03-16 14:36 - 2023-03-16 14:37 - 615034780 _____ C:\Users\urban\Downloads\DWG 3.0 Teaser Public 2023.zip
2023-03-16 14:34 - 2023-03-16 14:34 - 191795636 _____ C:\Users\urban\Downloads\grassroots_circuit.7z
2023-03-16 14:25 - 2023-03-16 14:25 - 088437883 _____ C:\Users\urban\Downloads\asw-bmw-328i-e36-rb26.zip
2023-03-15 19:01 - 2023-03-15 19:01 - 000000000 ____D C:\Windows\Microsoft Antimalware
2023-03-15 17:53 - 2023-03-15 17:53 - 000888600 _____ (Google LLC) C:\Users\Public\Documents\gcapi.dll
2023-03-15 17:49 - 2023-03-15 17:49 - 000263008 _____ (AVAST Software) C:\Users\urban\Downloads\avast_free_antivirus_setup_online.exe
2023-03-15 14:13 - 2023-03-15 14:15 - 000000000 ___HD C:\$WinREAgent
2023-03-15 13:26 - 2023-03-15 13:26 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-03-15 13:26 - 2023-03-15 13:26 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-03-15 13:26 - 2023-03-15 13:26 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-03-14 19:30 - 2023-03-14 19:31 - 000017408 _____ C:\Users\urban\AppData\Local\WebpageIcons.db
2023-03-14 19:29 - 2023-03-17 23:39 - 000000000 ____D C:\Program Files (x86)\3uTools
2023-03-14 19:29 - 2023-03-14 19:29 - 000001222 _____ C:\Users\Public\Desktop\3uTools.lnk
2023-03-14 19:29 - 2023-03-14 19:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3uTools
2023-03-14 19:27 - 2023-03-14 19:27 - 000684984 _____ (Mozilla Foundation) C:\Users\urban\AppData\LocalLow\freebl3.dll
2023-03-14 19:27 - 2023-03-14 19:27 - 000627128 _____ (Mozilla Foundation) C:\Users\urban\AppData\LocalLow\mozglue.dll
2023-03-14 19:27 - 2023-03-14 19:27 - 000254392 _____ (Mozilla Foundation) C:\Users\urban\AppData\LocalLow\softokn3.dll
2023-03-14 19:20 - 2023-03-14 19:20 - 000000000 ____D C:\Users\urban\AppData\Roaming\Apple Computer
2023-03-14 19:19 - 2023-03-14 19:19 - 000000000 ____D C:\Users\urban\AppData\Roaming\TSMonitor
2023-03-14 19:19 - 2023-03-14 19:19 - 000000000 ____D C:\Program Files (x86)\Tenorshare
2023-03-14 17:18 - 2023-03-14 17:18 - 000000000 ____D C:\Users\urban\Apple
2023-03-09 15:49 - 2023-03-09 15:49 - 000693985 _____ C:\Users\urban\Desktop\Výpověď.pdf
2023-03-08 17:06 - 2023-03-19 16:49 - 000003128 _____ C:\Windows\system32\Tasks\MSIAfterburner
2023-03-08 16:58 - 2023-03-15 17:50 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2023-03-08 16:58 - 2023-03-08 16:59 - 000000000 ____D C:\Windows\SysWOW64\directx
2023-03-08 16:58 - 2023-03-08 16:58 - 000001155 _____ C:\Users\urban\Desktop\MSI Afterburner.lnk
2023-03-08 16:58 - 2023-03-08 16:58 - 000000000 ____D C:\Users\urban\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2023-03-08 16:58 - 2023-03-08 16:58 - 000000000 ____D C:\Users\urban\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2023-03-08 16:58 - 2023-03-08 16:58 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2023-03-08 16:35 - 2023-03-08 16:35 - 000003176 _____ C:\Windows\system32\Tasks\MSI Task Host - LEDKeeper2_Host
2023-03-08 16:35 - 2023-03-08 16:35 - 000000000 ____D C:\Program Files\WD
2023-03-08 16:35 - 2023-03-08 16:35 - 000000000 ____D C:\Program Files\Verbatim
2023-03-08 16:35 - 2023-03-08 16:35 - 000000000 ____D C:\Program Files\ENE
2023-03-08 16:18 - 2023-03-19 17:19 - 000000000 ____D C:\Users\urban\AppData\Local\D3DSCache
2023-03-08 16:18 - 2023-03-08 17:22 - 000000000 ____D C:\Users\urban\AppData\Local\AMD_Common
2023-03-08 16:16 - 2023-03-08 16:18 - 000000000 ____D C:\ProgramData\AMD
2023-03-08 16:16 - 2023-03-08 16:16 - 000002620 _____ C:\Windows\system32\Tasks\AMDRyzenMasterSDKTask
2023-03-08 16:16 - 2023-03-08 16:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Software꞉ Adrenalin Edition
2023-03-08 16:16 - 2023-03-08 16:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2023-03-08 16:14 - 2023-03-08 16:14 - 000000000 ____D C:\Users\urban\AppData\Local\AMDSoftwareInstaller
2023-03-08 16:07 - 2023-03-20 16:15 - 000003104 _____ C:\Windows\system32\Tasks\AMDInstallLauncher
2023-03-08 16:07 - 2023-03-08 16:07 - 000001292 _____ C:\Users\urban\Desktop\Display Driver Uninstaller.lnk
2023-03-08 16:07 - 2023-03-08 16:07 - 000000000 ____D C:\Users\urban\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Display Driver Uninstaller
2023-03-08 16:07 - 2023-03-08 16:07 - 000000000 ____D C:\Program Files (x86)\Display Driver Uninstaller
2023-03-08 16:04 - 2023-03-20 16:15 - 000003096 _____ C:\Windows\system32\Tasks\AMDLinkUpdate
2023-03-08 16:04 - 2023-03-08 16:16 - 000003484 _____ C:\Windows\system32\Tasks\ModifyLinkUpdate
2023-03-08 15:41 - 2023-03-08 15:42 - 000000000 ____D C:\ProgramData\MSI
2023-03-08 15:41 - 2023-03-08 15:41 - 000000000 ____D C:\Users\urban\AppData\Local\Downloaded Installations
2023-03-08 14:40 - 2023-03-08 16:26 - 4020033382 _____ C:\Users\urban\Desktop\GX014256_stabilized.mp4
2023-03-08 14:39 - 2022-10-08 07:35 - 4007278847 _____ C:\Users\urban\Desktop\GX014256.MP4
2023-03-07 18:32 - 2023-03-07 18:32 - 000000000 ____D C:\Users\urban\Downloads\Gyroflow-windows64
2023-03-06 19:46 - 2023-03-06 19:46 - 002238352 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2023-03-06 19:46 - 2023-03-06 19:46 - 002238352 _____ C:\Windows\system32\vulkaninfo.exe
2023-03-06 19:46 - 2023-03-06 19:46 - 001644944 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-03-06 19:46 - 2023-03-06 19:46 - 001644944 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2023-03-06 19:46 - 2023-03-06 19:46 - 001463272 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2023-03-06 19:46 - 2023-03-06 19:46 - 001463272 _____ C:\Windows\system32\vulkan-1.dll
2023-03-06 19:46 - 2023-03-06 19:46 - 001186648 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2023-03-06 19:46 - 2023-03-06 19:46 - 001186648 _____ C:\Windows\SysWOW64\vulkan-1.dll
2023-03-06 19:46 - 2023-03-06 19:46 - 000791488 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Rapidfire64.dll
2023-03-06 19:46 - 2023-03-06 19:46 - 000704960 _____ C:\Windows\system32\hiprt0200064.dll
2023-03-06 19:46 - 2023-03-06 19:46 - 000668560 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\Rapidfire.dll
2023-03-06 19:46 - 2023-03-06 19:46 - 000596416 _____ C:\Windows\system32\GameManager64.dll
2023-03-06 19:46 - 2023-03-06 19:46 - 000538048 _____ C:\Windows\system32\libsmi_guest.dll
2023-03-06 19:46 - 2023-03-06 19:46 - 000532368 _____ C:\Windows\system32\dgtrayicon.exe
2023-03-06 19:46 - 2023-03-06 19:46 - 000531344 _____ C:\Windows\system32\libsmi_host.dll
2023-03-06 19:46 - 2023-03-06 19:46 - 000492480 _____ C:\Windows\system32\EEURestart.exe
2023-03-06 19:46 - 2023-03-06 19:46 - 000449944 _____ C:\Windows\SysWOW64\GameManager32.dll
2023-03-06 19:46 - 2023-03-06 19:46 - 000351120 _____ C:\Windows\system32\clinfo.exe
2023-03-06 19:46 - 2023-03-06 19:46 - 000196544 _____ C:\Windows\system32\mantle64.dll
2023-03-06 19:46 - 2023-03-06 19:46 - 000176064 _____ C:\Windows\system32\mantleaxl64.dll
2023-03-06 19:46 - 2023-03-06 19:46 - 000153536 _____ C:\Windows\SysWOW64\mantle32.dll
2023-03-06 19:46 - 2023-03-06 19:46 - 000137664 _____ C:\Windows\SysWOW64\mantleaxl32.dll
2023-03-06 19:46 - 2023-03-06 19:46 - 000041360 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\RapidFireServer64.dll
2023-03-06 19:46 - 2023-03-06 19:46 - 000038296 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\RapidFireServer.dll
2023-03-06 19:44 - 2023-03-06 19:44 - 000256400 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2023-03-06 19:44 - 2023-03-06 19:44 - 000216984 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2023-03-06 19:44 - 2023-03-06 19:44 - 000186256 _____ (AMD) C:\Windows\system32\atimuixx.dll
2023-03-06 19:44 - 2023-03-06 19:44 - 000173968 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2023-03-06 19:44 - 2023-03-06 19:44 - 000137152 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2023-03-06 19:43 - 2023-03-06 19:43 - 084656576 _____ C:\Windows\SysWOW64\amd_comgr32.dll
2023-03-06 19:43 - 2023-03-06 19:43 - 002018712 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2023-03-06 19:43 - 2023-03-06 19:43 - 001537936 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2023-03-06 19:43 - 2023-03-06 19:43 - 001537936 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2023-03-06 19:43 - 2023-03-06 19:43 - 000938384 _____ (AMD) C:\Windows\system32\atieclxx.exe
2023-03-06 19:43 - 2023-03-06 19:43 - 000525712 _____ C:\Windows\system32\atieah64.exe
2023-03-06 19:43 - 2023-03-06 19:43 - 000514456 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2023-03-06 19:43 - 2023-03-06 19:43 - 000463256 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2023-03-06 19:43 - 2023-03-06 19:43 - 000394640 _____ C:\Windows\SysWOW64\atieah32.exe
2023-03-06 19:43 - 2023-03-06 19:43 - 000379840 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2023-03-06 19:43 - 2023-03-06 19:43 - 000200384 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2023-03-06 19:43 - 2023-03-06 19:43 - 000163280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2023-03-06 19:43 - 2023-03-06 19:43 - 000134552 _____ C:\Windows\system32\atidxx64.dll
2023-03-06 19:43 - 2023-03-06 19:43 - 000132544 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amfrt64.dll
2023-03-06 19:43 - 2023-03-06 19:43 - 000108480 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amfrt32.dll
2023-03-06 19:43 - 2023-03-06 19:43 - 000108432 _____ C:\Windows\SysWOW64\atidxx32.dll
2023-03-06 19:43 - 2023-03-06 19:43 - 000064912 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ati2erec.dll
2023-03-06 19:42 - 2023-03-06 19:42 - 100644800 _____ C:\Windows\system32\amd_comgr.dll
2023-03-06 19:40 - 2023-03-06 19:40 - 000128408 _____ C:\Windows\system32\amdxc64.dll
2023-03-06 19:40 - 2023-03-06 19:40 - 000103824 _____ C:\Windows\SysWOW64\amdxc32.dll
2023-03-06 19:39 - 2023-03-06 19:39 - 007190504 _____ C:\Windows\system32\amdsmi.exe
2023-03-06 19:38 - 2023-03-06 19:38 - 002256272 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdsasrv64.dll
2023-03-06 19:38 - 2023-03-06 19:38 - 001701048 _____ (AMD) C:\Windows\system32\amf-mft-mjpeg-decoder64.dll
2023-03-06 19:38 - 2023-03-06 19:38 - 001378312 _____ (AMD) C:\Windows\SysWOW64\amf-mft-mjpeg-decoder32.dll
2023-03-06 19:38 - 2023-03-06 19:38 - 001310608 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdsacli64.dll
2023-03-06 19:38 - 2023-03-06 19:38 - 001039256 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdsacli32.dll
2023-03-06 19:38 - 2023-03-06 19:38 - 000933264 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2023-03-06 19:38 - 2023-03-06 19:38 - 000761232 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2023-03-06 19:38 - 2023-03-06 19:38 - 000461200 _____ C:\Windows\system32\amdlogum.exe
2023-03-06 19:38 - 2023-03-06 19:38 - 000155936 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2023-03-06 19:38 - 2023-03-06 19:38 - 000125696 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2023-03-06 19:37 - 2023-03-06 19:37 - 000222080 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdihk64.dll
2023-03-06 19:37 - 2023-03-06 19:37 - 000177760 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdihk32.dll
2023-03-06 19:36 - 2023-03-06 19:36 - 016165824 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdhip64.dll
2023-03-06 19:36 - 2023-03-06 19:36 - 004349376 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdadlx64.dll
2023-03-06 19:36 - 2023-03-06 19:36 - 004155792 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdadlx32.dll
2023-03-06 19:36 - 2023-03-06 19:36 - 000558528 _____ C:\Windows\system32\amdgfxinfo64.dll
2023-03-06 19:36 - 2023-03-06 19:36 - 000553304 _____ C:\Windows\system32\amdmiracast.dll
2023-03-06 19:36 - 2023-03-06 19:36 - 000422336 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2023-03-06 19:36 - 2023-03-06 19:36 - 000165832 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2023-03-06 19:36 - 2023-03-06 19:36 - 000155976 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2023-03-06 19:36 - 2023-03-06 19:36 - 000140264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2023-03-06 19:36 - 2023-03-06 19:36 - 000125744 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2023-03-06 19:26 - 2023-03-09 18:25 - 114772595 _____ C:\Users\urban\Desktop\obraz.psd
2023-03-06 18:46 - 2023-03-06 18:46 - 030284712 _____ C:\Windows\system32\hiprt02000_amd.hipfb
2023-03-06 18:46 - 2023-03-06 18:46 - 022879832 _____ C:\Windows\system32\hiprt02000_nv.fatbin
2023-03-06 18:46 - 2023-03-06 18:46 - 002170168 _____ C:\Windows\system32\oro_compiled_kernels.fatbin
2023-03-06 18:46 - 2023-03-06 18:46 - 001464232 _____ C:\Windows\system32\oro_compiled_kernels.hipfb
2023-03-06 18:46 - 2023-03-06 18:46 - 000154384 _____ C:\Windows\system32\samu_krnl_ci.sbin
2023-03-06 18:46 - 2023-03-06 18:46 - 000138832 _____ C:\Windows\system32\samu_krnl_isv_ci.sbin
2023-03-06 18:46 - 2023-03-06 18:46 - 000128048 _____ C:\Windows\system32\kapp_ci.sbin
2023-03-06 18:46 - 2023-03-06 18:46 - 000121168 _____ C:\Windows\system32\kapp_si.sbin
2023-03-06 18:45 - 2023-03-06 18:45 - 094816128 _____ C:\Windows\system32\amdxc64.so
2023-03-06 17:08 - 2023-03-06 17:08 - 000074716 _____ C:\Users\urban\Desktop\59d5e8383832e-belajar-dari-kerasnya-perjuangan-steve-jobs-mendirikan-apple_1265_711.webp
2023-03-06 17:07 - 2023-03-06 17:07 - 000013004 _____ C:\Users\urban\Desktop\steve_jobs_stay_hungry.jpg.webp
2023-03-06 16:12 - 2023-03-06 16:12 - 001502201 _____ C:\Users\urban\Desktop\Scan2023-03-06_161159.pdf
2023-03-06 16:04 - 2023-03-06 16:04 - 000744897 _____ C:\Users\urban\Documents\Scan2023-03-06_160424.pdf
2023-03-05 19:11 - 2023-03-05 19:11 - 000535425 _____ C:\Users\urban\Downloads\IMG_2556.jpeg
2023-03-05 14:39 - 2023-03-05 14:39 - 000856504 _____ (Advanced Micro Devices) C:\Windows\system32\Device.dll
2023-03-05 14:39 - 2023-03-05 14:39 - 000061368 _____ (Advanced Micro Devices) C:\Windows\system32\Platform.dll
2023-03-04 11:17 - 2023-03-04 11:17 - 001487160 _____ C:\Users\urban\Documents\Scan2023-03-04_111735.pdf
2023-03-04 10:48 - 2023-03-04 10:48 - 001494259 _____ C:\Users\urban\Documents\Karta zaměstnance_Urbániková.pdf
2023-03-04 10:48 - 2023-03-04 10:48 - 001494259 _____ C:\Users\urban\Desktop\Karta zaměstnance_Urbániková.pdf
2023-03-01 18:21 - 2023-03-01 18:22 - 090069109 _____ C:\Users\urban\Desktop\GX010022.mp4
2023-03-01 18:21 - 2023-03-01 18:21 - 219753080 _____ C:\Users\urban\Desktop\GX010026.mp4
2023-03-01 18:21 - 2023-03-01 18:21 - 164569086 _____ C:\Users\urban\Desktop\GX010025.mp4
2023-03-01 18:20 - 2023-03-01 18:21 - 302046068 _____ C:\Users\urban\Desktop\GX010028.mp4
2023-03-01 18:20 - 2023-03-01 18:20 - 486034844 _____ C:\Users\urban\Desktop\GX010029.mp4
2023-03-01 18:19 - 2023-03-01 18:20 - 194743695 _____ C:\Users\urban\Desktop\GX010024.mp4
2023-03-01 04:42 - 2023-03-01 04:42 - 000048328 _____ (Advanced Micro Devices) C:\Windows\system32\AMDRyzenMasterDriver.sys
2023-02-24 19:45 - 2023-02-24 19:45 - 000000000 ____D C:\Users\urban\AppData\LocalLow\AMD
2023-02-21 19:01 - 2023-02-21 19:01 - 000507273 _____ C:\Users\urban\Downloads\2931049177 (1).pdf
2023-02-21 19:00 - 2023-02-21 19:00 - 000507270 _____ C:\Users\urban\Downloads\2931049177.pdf
2023-02-21 19:00 - 2023-02-21 19:00 - 000437053 _____ C:\Users\urban\Downloads\3230188138.pdf
2023-02-19 15:43 - 2023-02-19 15:43 - 000001341 _____ C:\Users\urban\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoshopPortable.lnk
2023-02-19 15:16 - 2023-02-19 15:16 - 000057721 _____ C:\Users\urban\Downloads\[SkT]Adobe_Photoshop_2023_v24.1.1.238_(x64)_Multilingual_CZ_(portable).torrent
2023-02-19 15:14 - 2023-02-19 15:14 - 000079113 _____ C:\Users\urban\Downloads\[SkT]Adobe_Photoshop_2023_24.1.1.238_(x64) (1).torrent
2023-02-19 15:13 - 2023-02-19 15:13 - 002410256 _____ (PortableApps.com) C:\Users\urban\Downloads\uTorrentPortable_3.5.5.46348_online.paf.exe
2023-02-19 15:11 - 2023-02-19 15:11 - 000079113 _____ C:\Users\urban\Downloads\[SkT]Adobe_Photoshop_2023_24.1.1.238_(x64).torrent
2023-02-19 15:06 - 2023-02-19 15:48 - 000000000 ____D C:\Users\urban\Desktop\Kryty foto

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-03-20 16:54 - 2022-11-25 12:17 - 000000000 ____D C:\Program Files (x86)\Google
2023-03-20 16:38 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SystemTemp
2023-03-20 16:38 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-03-20 16:29 - 2022-11-25 12:18 - 000000000 ____D C:\Program Files (x86)\Steam
2023-03-20 16:15 - 2022-11-25 11:58 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-03-19 19:40 - 2022-12-29 12:38 - 000000000 ____D C:\Users\urban\AppData\Local\AcTools Content Manager
2023-03-19 16:56 - 2022-11-25 12:05 - 001744746 _____ C:\Windows\system32\PerfStringBackup.INI
2023-03-19 16:56 - 2022-05-07 06:22 - 000000000 ____D C:\Windows\INF
2023-03-19 16:49 - 2022-11-26 10:52 - 000000000 ____D C:\MSI
2023-03-19 16:49 - 2022-11-25 11:58 - 000012288 ___SH C:\DumpStack.log.tmp
2023-03-19 16:49 - 2022-11-25 11:58 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-03-19 12:02 - 2022-05-07 06:17 - 000524288 _____ C:\Windows\system32\config\BBI
2023-03-19 11:02 - 2022-12-27 18:48 - 000000000 ____D C:\Users\urban\AppData\Local\CrashDumps
2023-03-19 08:24 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-03-19 08:24 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\AppReadiness
2023-03-19 08:09 - 2022-11-25 11:58 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-03-19 08:09 - 2022-11-25 11:58 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-03-17 21:25 - 2022-11-25 12:16 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-894658081-3701612317-1664743181-1001
2023-03-17 21:25 - 2022-11-25 12:16 - 000003364 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-894658081-3701612317-1664743181-1001
2023-03-17 21:25 - 2022-11-25 12:16 - 000002377 _____ C:\Users\urban\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-03-17 12:56 - 2022-11-27 10:32 - 002786768 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll
2023-03-17 12:56 - 2022-11-27 10:32 - 000476624 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll
2023-03-17 12:56 - 2022-11-27 10:32 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\gamingservicesproxy.dll
2023-03-17 12:56 - 2022-11-27 10:32 - 000202192 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll
2023-03-17 12:56 - 2022-11-27 10:32 - 000165328 _____ (Microsoft Corporation) C:\Windows\system32\gamelaunchhelper.dll
2023-03-17 12:56 - 2022-11-27 10:32 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
2023-03-17 12:56 - 2022-11-27 10:32 - 000079352 _____ (Microsoft Corporation) C:\Windows\system32\xgamehelper.exe
2023-03-17 12:56 - 2022-11-27 10:32 - 000062928 _____ (Microsoft Corporation) C:\Windows\system32\xgamecontrol.exe
2023-03-16 17:38 - 2022-11-25 12:14 - 000000000 ____D C:\Users\urban\AppData\Roaming\Adobe
2023-03-16 16:00 - 2022-11-25 12:14 - 000000000 ____D C:\Users\urban\AppData\Local\Packages
2023-03-16 16:00 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\SecurityHealth
2023-03-15 18:25 - 2023-01-22 11:02 - 000000000 ____D C:\ProgramData\Avast Software
2023-03-15 18:25 - 2022-11-25 11:58 - 000432960 _____ C:\Windows\system32\FNTCACHE.DAT
2023-03-15 18:25 - 2022-05-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-03-15 18:25 - 2022-05-07 06:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-03-15 18:25 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\UUS
2023-03-15 18:25 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\Dism
2023-03-15 18:25 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SystemResources
2023-03-15 18:25 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\oobe
2023-03-15 18:25 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\es-MX
2023-03-15 18:25 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\Dism
2023-03-15 18:25 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\appraiser
2023-03-15 18:25 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ShellExperiences
2023-03-15 18:25 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ShellComponents
2023-03-15 18:25 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\Provisioning
2023-03-15 18:25 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-03-15 18:25 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\bcastdvr
2023-03-15 18:20 - 2022-05-07 06:17 - 000032768 _____ C:\Windows\system32\config\ELAM
2023-03-15 18:11 - 2022-11-25 12:45 - 000000000 ____D C:\Windows\system32\MRT
2023-03-15 18:09 - 2022-11-25 12:44 - 153620824 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-03-15 17:54 - 2022-05-07 06:24 - 000000000 ___HD C:\Windows\ELAMBKUP
2023-03-15 14:19 - 2022-05-07 06:17 - 000000000 ____D C:\Windows\CbsTemp
2023-03-15 14:17 - 2022-11-25 12:01 - 003211264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-03-15 13:26 - 2023-01-21 20:32 - 000000000 ____D C:\Program Files\Malwarebytes
2023-03-15 13:11 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ServiceState
2023-03-14 17:18 - 2022-11-25 12:10 - 000000000 ____D C:\Users\urban
2023-03-14 14:43 - 2022-11-25 12:18 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-03-14 14:43 - 2022-11-25 12:18 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-03-11 19:37 - 2023-01-07 21:38 - 000000000 ____D C:\Users\urban\AppData\Local\ImageMagick
2023-03-08 20:04 - 2022-12-29 18:57 - 000000000 ____D C:\Users\urban\Documents\Euro Truck Simulator 2
2023-03-08 16:35 - 2022-11-25 12:56 - 000000000 ____D C:\ProgramData\Package Cache
2023-03-08 16:32 - 2022-11-25 12:11 - 000000000 ____D C:\Program Files\AMD
2023-03-08 16:31 - 2022-11-26 10:52 - 000000000 ____D C:\Program Files (x86)\MSI
2023-03-08 16:31 - 2022-11-25 12:01 - 000000000 ____D C:\ProgramData\Packages
2023-03-08 16:26 - 2022-11-25 12:14 - 000000000 ____D C:\Users\urban\AppData\Local\AMD
2023-03-08 16:15 - 2022-11-25 12:11 - 000000000 ____D C:\Windows\system32\AMD
2023-03-08 16:13 - 2022-11-25 13:23 - 000000000 ____D C:\AMD
2023-03-08 15:55 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\OCR
2023-03-08 15:50 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\Globalization
2023-03-08 14:57 - 2022-11-25 12:11 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2023-03-07 05:33 - 2022-11-26 10:58 - 000000000 ____D C:\Windows\Minidump
2023-03-07 05:33 - 2022-11-25 11:58 - 000376894 ____N C:\Windows\Minidump\030723-10109-01.dmp
2023-03-05 20:52 - 2022-11-25 13:35 - 003034248 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\AMDBugReportTool.exe
2023-03-05 18:25 - 2022-11-25 11:58 - 000568760 ____N C:\Windows\Minidump\030523-12453-01.dmp
2023-03-05 18:25 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\LiveKernelReports
2023-03-03 07:32 - 2022-11-25 11:58 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-03-03 07:32 - 2022-11-25 11:58 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-02-28 17:26 - 2023-01-13 19:47 - 000000000 ____D C:\Users\urban\AppData\Roaming\substancelinkopentcp
2023-02-28 17:26 - 2023-01-13 19:45 - 000000000 ____D C:\Users\urban\Documents\3ds Max 2023
2023-02-26 04:39 - 2022-11-27 10:32 - 000370176 _____ (Microsoft Corporation) C:\Windows\system32\GameInputRedist.dll
2023-02-26 03:11 - 2022-11-27 10:32 - 000242168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GameInputRedist.dll
2023-02-19 15:13 - 2023-01-13 18:59 - 000000000 ____D C:\Users\urban\Downloads\uTorrentPortable
2023-02-18 11:30 - 2023-02-14 15:31 - 000000000 ____D C:\ProgramData\Epic
2023-02-18 11:30 - 2023-02-14 15:31 - 000000000 ____D C:\Program Files (x86)\Epic Games

==================== Files in the root of some directories ========

2023-03-14 19:30 - 2023-03-14 19:31 - 000017408 _____ () C:\Users\urban\AppData\Local\WebpageIcons.db

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Lacko12345
Návštěvník
Návštěvník
Příspěvky: 3
Registrován: 20 bře 2023 17:02

Re: Ukradnuté hesla, prosím o kontrolu

#4 Příspěvek od Lacko12345 »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-03-2023
Ran by urban (20-03-2023 16:57:29)
Running from C:\Users\urban\Desktop
Microsoft Windows 11 Pro Version 22H2 22621.1413 (X64) (2022-11-25 11:01:17)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-894658081-3701612317-1664743181-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-894658081-3701612317-1664743181-503 - Limited - Disabled)
Guest (S-1-5-21-894658081-3701612317-1664743181-501 - Limited - Disabled)
urban (S-1-5-21-894658081-3701612317-1664743181-1001 - Administrator - Enabled) => C:\Users\urban
WDAGUtilityAccount (S-1-5-21-894658081-3701612317-1664743181-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-894658081-3701612317-1664743181-1001\...\uTorrent) (Version: 3.5.5.46348 - BitTorrent Inc.)
3uTools (HKLM-x32\...\3uTools) (Version: 2.65.003 - ShangHai ZhangZheng Network Technology Co., Ltd.)
Adobe Premiere Pro 2022 (HKLM-x32\...\PPRO_22_5) (Version: 22.5 - Adobe Inc.)
Adobe Substance 3D for 3ds Max 2023 (HKLM\...\{674EBC7E-7B64-4959-9EBC-5CFBBF664242}) (Version: 2.4.6 - Adobe)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 3.10.22.706 - Advanced Micro Devices, Inc.)
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.83 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.17.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 7.0.4.4 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Master SDK (HKLM\...\{DBD50508-5F75-416B-995D-C42433A00944}) (Version: 2.10.0.2198 - Advanced Micro Devices, Inc.)
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 23.3.1 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{cf77cf6b-71ff-4a71-802d-43adb9b271b7}) (Version: 3.10.22.706 - Advanced Micro Devices, Inc.) Hidden
AppLogLibSetup (HKLM-x32\...\{52FB0C8F-DF05-4C61-AEB6-18C55F8C385F}) (Version: 1.0.3.0 - Brother Industries Ltd.) Hidden
Autodesk 3ds Max 2023 (HKLM\...\{6989C3C4-EF95-49D2-9650-1E700097D9FD}) (Version: 25.0.0.997 - Autodesk) Hidden
Autodesk 3ds Max 2023 (HKLM\...\{96DD678F-C87E-3029-9ACE-7176F9175685}) (Version: 25.0.0.997 - Autodesk, Inc.)
Autodesk 3ds Max 2023 CivilView 1.2.0.0 (HKLM\...\{DF6B8562-ACB4-4D7D-99E5-36B5C8567440}) (Version: 1.2.0.0 - Autodesk) Hidden
Autodesk Advanced Material Library Base Resolution Image Library 2023 (HKLM-x32\...\{C90A4CC0-0862-4FC3-A07F-31F903659946}) (Version: 21.0.1.1 - Autodesk)
Autodesk Advanced Material Library Low Resolution Image Library 2023 (HKLM-x32\...\{93A8D797-F224-4238-8E87-EE673E0BAC8A}) (Version: 21.0.1.1 - Autodesk)
Autodesk Advanced Material Library Medium Resolution Image Library 2023 (HKLM-x32\...\{489B5559-69A0-4165-A044-CEB510C6CBBF}) (Version: 21.0.1.1 - Autodesk)
Autodesk Genuine Service (HKLM\...\{F8C64551-A826-4185-9699-FAC37661A7EB}) (Version: 5.1.0.135 - Autodesk)
Autodesk Interoperability Engine Manager (HKLM\...\{C4EFAB73-D98A-3676-A3F8-142FC78E0EF3}) (Version: 1.0.0.11 - Autodesk.com) Hidden
Autodesk Inventor Interoperability 2023 (HKLM\...\{E2B54F9E-FF26-47AE-9AE1-D7AFBC32DE0C}) (Version: 27.0.13400.0000 - Autodesk) Hidden
Autodesk Material Library 2023 (HKLM-x32\...\{8E133591-B0FD-4DB0-B60E-FB593CAF72B0}) (Version: 21.0.1.1 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2023 (HKLM-x32\...\{3B564A94-BA47-4E42-ACD6-B5C35291210B}) (Version: 21.0.1.1 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2023 (HKLM-x32\...\{2ED470F3-3989-458D-AF24-8B2C4364A8CC}) (Version: 21.0.1.1 - Autodesk)
Autodesk Revit Engine 2023 (HKLM\...\{DA6E3B72-3088-2023-9993-45D9FF1AD8D0}) (Version: 23.0.0.296 - Autodesk, Inc.)
Autodesk Revit Unit Schemas 2023 (HKLM\...\{CDCC6F31-2023-4900-8E9B-D562B70697B6}) (Version: 23.0.0.296 - Autodesk, Inc.)
Autodesk Single Sign On Component (HKLM\...\{278F16D8-5131-4663-9D5A-630806286A98}) (Version: 13.4.4.1804 - Autodesk)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
blender (HKLM\...\{447524DE-DB18-4E94-8D90-4FD62C00212F}) (Version: 3.4.1 - Blender Foundation)
Branding64 (HKLM\...\{0DB6E0DC-607A-42C1-A3CE-7567A9F85AF4}) (Version: 1.00.0008 - Advanced Micro Devices, Inc.) Hidden
BrLauncher (HKLM-x32\...\{42D26B47-887C-45FC-BCAE-0BE485C5C0BB}) (Version: 2.0.11.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{3DEA56AB-0899-41DF-8C4F-0A608FD36904}) (Version: 10.5.0.74 - Brother Industries, Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{d0c84829-3b3f-46d1-b292-e3fb77d972c2}) (Version: 10.5.0.74 - Brother Industries, Ltd.)
Brother Printer Driver (HKLM-x32\...\{D9164C2E-91BA-4D5D-B49A-604BB0A127FE}) (Version: 1.9.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{45E4523F-2842-410D-90C6-6D19974B8E57}) (Version: 1.0.28.1 - Brother Industries Ltd.) Hidden
BrSupportTools (HKLM-x32\...\{32F47565-84B1-42CC-B09A-4CDDD9A32F94}) (Version: 1.0.20.0 - Brother Industries Ltd.) Hidden
ControlCenter4 (HKLM-x32\...\{9091B952-8719-49C3-9CC7-6E20EC61081F}) (Version: 4.6.6.1 - Brother Industries, Ltd.) Hidden
ControlCenter4 CSDK (HKLM-x32\...\{FD8A9511-BFC9-43B5-BB75-9CEC0EA03CF0}) (Version: 4.6.1.1 - Brother Industries, Ltd.) Hidden
Display Driver Uninstaller 18.0.6.1 (HKLM-x32\...\Display Driver Uninstaller) (Version: 18.0.6.1 - Wagnardsoft)
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.10.1 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{6b617af3-c8f4-45a8-bf47-b32ffb4da1cc}) (Version: 1.0.10.1 - ENE TECHNOLOGY INC.) Hidden
ENE_External_Device_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.10.4 - ENE Tech) Hidden
ENE_External_Device_HAL (HKLM-x32\...\{38581c7d-8a6c-4129-9046-8f5df621478b}) (Version: 1.0.10.4 - ENE Tech) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{c2c794a4-7986-4c45-884d-d4ca43b88df9}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
f.lux (HKU\S-1-5-21-894658081-3701612317-1664743181-1001\...\Flux) (Version: - f.lux Software LLC)
FFB Racing Wheel drivers (HKLM-x32\...\{28B758EA-5C83-48B1-B352-C70F12C73F5A}) (Version: 2.TTRS.2022 - Thrustmaster)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 111.0.5563.65 - Google LLC)
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
HttpToUsbBridge (HKLM-x32\...\{E2D35939-25BF-4EC8-BF6D-F9C0AF8ECC11}) (Version: 2.0.30.1 - Brother Industries Ltd.)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.5.24.248 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.24.248 - Malwarebytes)
MAXtoA for 3ds Max 2023 (HKLM\...\{E570E1E6-4982-488F-8D20-F6DD5E306E6F}) (Version: 5.1.0.41 - Autodesk)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 111.0.1661.44 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 111.0.1661.44 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-894658081-3701612317-1664743181-1001\...\OneDriveSetup.exe) (Version: 23.043.0226.0001 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{BAF67399-85CD-4555-9B49-1F80EB921C35}) (Version: 12.3.6024.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{EF9EBC42-6969-45CE-A8D2-B9249B00C838}) (Version: 5.69.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133 (HKLM-x32\...\{295d1583-fdb9-414b-a4c8-da539362a26b}) (Version: 14.29.30133.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30133 (HKLM-x32\...\{38b2c744-ad08-4d5b-91a2-3fb6f739ff3e}) (Version: 14.29.30133.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.31.31103 (HKLM-x32\...\{2aaf1df0-eb13-4099-9992-962bb4e596d1}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.31.31103 (HKLM-x32\...\{41d7b770-418a-43b7-95a5-f925fff05789}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.31.31103 (HKLM\...\{A977984B-9244-49E3-BD24-43F0A8009667}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.31.31103 (HKLM\...\{A181A302-3F6D-4BAD-97A8-A426A6499D78}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.31.31103 (HKLM-x32\...\{5720EC03-F26F-40B7-980C-50B5D420B5DE}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.31.31103 (HKLM-x32\...\{799E3FFF-705C-461F-B400-6DE27398B3E5}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
MSI Afterburner 4.6.5 Beta 4 (HKLM-x32\...\Afterburner) (Version: 4.6.5 Beta 4 - MSI Co., LTD)
MSI Center SDK (HKLM-x32\...\{15289038-41BE-48F8-B8B9-0B1021D3089E}}_is1) (Version: 3.2023.0208.01 - MSI)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.74 - MSI)
MSIRegister (HKLM-x32\...\{80B995A4-3A86-4690-98A6-563F1A788835}_is1) (Version: 2.0.0.21 - MSI)
NetworkRepairTool (HKLM-x32\...\{86E68F57-FAFE-4052-BDD4-3B90C38236AE}) (Version: 1.2.16.0 - Brother Industries, Ltd.) Hidden
Počítačová aplikace Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 8.5.0.17 - Autodesk)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 2.0.1.0 - Advanced Micro Devices, Inc.) Hidden
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9414.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.053.1001.2021 - Realtek)
Retopology Tools for 3ds Max 2023 (HKLM\...\{8B64FC5A-8A21-4A4B-8D1C-5A3BE7D13660}) (Version: 1.2.0.589 - Autodesk, Inc.)
RivaTuner Statistics Server 7.3.4 Beta 6 (HKLM-x32\...\RTSS) (Version: 7.3.4 Beta 6 - Unwinder)
RyzenMasterSDK (HKLM\...\{1402BEE2-FF5A-419E-988E-253BE2F5BAC0}) (Version: 1.2.3.5 - Advanced Micro Devices, Inc.) Hidden
ScannerUtilityInstaller (HKLM-x32\...\{D94DD953-F38C-4220-A17C-9217106510A6}) (Version: 1.20.0.1 - Brother) Hidden
ScreenStyler 0.2.3 (HKLM\...\ca7cbbf8-0d6f-5c45-8df4-959cbc5a6e63) (Version: 0.2.3 - Blumont Interactive)
SoftwareUpdateNotification (HKLM-x32\...\{E28A6F15-BFBE-4D20-8B5F-6EABAA1E545E}) (Version: 1.0.14.0 - Brother Industries, Ltd.) Hidden
StatusMonitor (HKLM-x32\...\{EBAC9324-2CBC-4DFC-BD9F-6CDC01DCADB4}) (Version: 1.32.1.0 - Brother Industries, Ltd.) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
UE Prerequisites (x64) (HKLM\...\{E171B21A-DA58-432D-A74B-D13B204BA477}) (Version: 1.0.16.0 - Epic Games, Inc.) Hidden
UE Prerequisites (x64) (HKLM-x32\...\{aad8a4b2-74da-409d-abb6-79a299008692}) (Version: 1.0.16.0 - Epic Games, Inc.) Hidden
UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
Verbatim_SureFireGaming_Product (HKLM\...\{35CB65C6-A7E3-4EE7-AD40-738D70A72164}) (Version: 1.0.3.11 - Verbatim) Hidden
Verbatim_SureFireGaming_Product (HKLM-x32\...\{d601832a-0d94-46ce-9b19-78e8a5887313}) (Version: 1.0.3.11 - Verbatim) Hidden
Wargaming.net Game Center (HKU\S-1-5-21-894658081-3701612317-1664743181-1001\...\Wargaming.net Game Center) (Version: 22.5.0.733 - Wargaming.net)
WD P40 Game Drive (HKLM\...\{EE55DBAE-ECDD-4ADD-AAB5-23DE848B0996}) (Version: 1.0.2.18 - Western Digital Corporation) Hidden
WD P40 Game Drive (HKLM-x32\...\{72b1a866-fc31-4381-bff3-fa6cd8823777}) (Version: 1.0.2.18 - Western Digital Corporation) Hidden
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{9c94735f-73fd-4b0f-9ddb-8be7b3cc4681}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM-x32\...\{a1d1ba00-92b7-4a99-8ebd-65b25c0e9e44}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WinRAR 6.10 beta 3 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.10.3 - win.rar GmbH)
World of Tanks EU (HKU\S-1-5-21-894658081-3701612317-1664743181-1001\...\WOT.EU.PRODUCTION) (Version: - Wargaming.net)

Packages:
=========
AMD Radeon Software -> C:\Program Files\AMD\CNext\CNext [2023-03-08] (0)
Forza Horizon 5 -> C:\Program Files\WindowsApps\Microsoft.624F8B84B80_3.567.563.0_x64__8wekyb3d8bbwe [2023-03-09] (Microsoft Studios)
Forza Horizon 5 Expansion 2 -> C:\Program Files\WindowsApps\Microsoft.Expansion2FH5_1.0.0.0_x64__8wekyb3d8bbwe [2022-11-28] (Microsoft Studios)
Forza Horizon 5: Hot Wheels -> C:\Program Files\WindowsApps\Microsoft.Expansion1FH5_3.484.939.0_x64__8wekyb3d8bbwe [2022-11-28] (Microsoft Studios)
GoPro Player -> C:\Program Files\WindowsApps\GoPro.GoProPlayer_2.1.16.0_x64__1h9vz9xjm6b8c [2023-02-17] (GoPro)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa [2022-12-16] (Apple Inc.) [Startup Task]
Lively Wallpaper -> C:\Program Files\WindowsApps\12030rocksdanister.LivelyWallpaper_1.0.131.0_x86__97hta09mmv6hy [2023-03-18] (rocksdanister) [Startup Task]
MSI Center -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICenter_2.0.10.0_x64__kzh8wxbdkxb8p [2023-03-08] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
ms-resource://MicrosoftCorporationII.QuickAssist/resources/APP_WINDOW_NAME -> C:\Program Files\WindowsApps\MicrosoftCorporationII.QuickAssist_2.0.19.0_x64__8wekyb3d8bbwe [2023-02-28] (Microsoft Corp.)
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.1.40041.0_x64__8wekyb3d8bbwe [2023-01-20] (Microsoft Corporation)
ms-resource:AppxManifest_DisplayName -> C:\Windows\SystemApps\Microsoft.Windows.PrintQueueActionCenter_cw5n1h2txyewy [2022-11-25] (Microsoft Corporation)
ms-resource:ProductPkgDisplayName -> C:\Windows\SystemApps\MicrosoftWindows.Client.Core_cw5n1h2txyewy [2023-03-15] (ms-resource:ProductPublisherDisplayName)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.39.279.0_x64__dt26b99r8h8gj [2022-11-26] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.207.1277.0_x86__zpdnekdrzrea0 [2023-03-18] (Spotify AB) [Startup Task]
TranslucentTB -> C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_2022.1.0.0_x64__v826wp6bftszj [2023-02-17] (Charles Milette) [Startup Task]
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.747.1945.0_x86__8wekyb3d8bbwe [2023-02-05] (Microsoft Corporation)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x86__8wekyb3d8bbwe [2023-02-24] (Microsoft Corporation)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.802.31.0_x64__8wekyb3d8bbwe [2023-03-17] (Microsoft Corporation)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.802.31.0_x86__8wekyb3d8bbwe [2023-03-17] (Microsoft Corporation)
WinRAR -> C:\Program Files\WinRAR [2022-12-27] (0)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-894658081-3701612317-1664743181-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Common Files\Autodesk Shared\Inventor Interoperability 2023\Bin\TestServer.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-894658081-3701612317-1664743181-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Common Files\Autodesk Shared\Inventor Interoperability 2023\Bin\TestServer.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-894658081-3701612317-1664743181-1001_Classes\CLSID\{D3E34B21-9D75-101A-8C3D-00AA001A1652}\localserver32 -> C:\Program Files\WindowsApps\Microsoft.Paint_11.2301.22.0_x64__8wekyb3d8bbwe\PaintApp\mspaint.exe () [File not signed]
CustomCLSID: HKU\S-1-5-21-894658081-3701612317-1664743181-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Common Files\Autodesk Shared\Inventor Interoperability 2023\Bin\TestServer.dll (Autodesk, Inc. -> Autodesk, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-15] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-15] (Malwarebytes Inc. -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\urban\Desktop\Ladislav (Lacko) - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"

==================== Loaded Modules (Whitelisted) =============

2023-02-09 11:33 - 2005-04-22 13:36 - 000143360 _____ () [File not signed] C:\Windows\system32\BrSNMP64.dll
2023-02-09 11:33 - 2016-11-01 11:27 - 000090112 _____ (Brother Industries, Ltd.) [File not signed] C:\Windows\system32\BrNetSti.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TextInputManagementService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => ""="Memory"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TextInputManagementService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2022-05-07 06:24 - 2022-05-07 06:22 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-894658081-3701612317-1664743181-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\urban\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\pier-in-starry-night_3840x2160_xtrafondos.com.jpg
DNS Servers: 62.129.50.20 - 85.135.32.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "RocketDock.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKLM\...\StartupApproved\Run32: => "MSIRegister"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKLM\...\StartupApproved\Run32: => "Autodesk Genuine Service "
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "BrotherSoftwareUpdateNotification"
HKLM\...\StartupApproved\Run32: => "M17A"
HKU\S-1-5-21-894658081-3701612317-1664743181-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_71ACF99E3915FFAEC8629BFDDF63CDF0"
HKU\S-1-5-21-894658081-3701612317-1664743181-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-894658081-3701612317-1664743181-1001\...\StartupApproved\Run: => "Wargaming.net Game Center"
HKU\S-1-5-21-894658081-3701612317-1664743181-1001\...\StartupApproved\Run: => "AMDNoiseSuppression"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A55BA846-46EC-428C-9267-CDFB6B547D76}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{D9DBE3B6-F7C3-4EF6-AB11-FE1F0DA0543A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{684F9A5C-9CA4-4772-B7D4-3202ADDA3FEF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1EE4A7A5-3551-409E-B13F-87CBFBCF354D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{AC58EB07-BEE8-4C94-B7DE-24C1D3ECBCA6}] => (Allow) D:1\SteamLibrary\steamapps\common\CarX Drift Racing Online\Drift Racing Online.exe => No File
FirewallRules: [{D51E5E55-E4A2-4455-9562-D95A70F67592}] => (Allow) D:1\SteamLibrary\steamapps\common\CarX Drift Racing Online\Drift Racing Online.exe => No File
FirewallRules: [TCP Query User{99C149A8-307C-414A-AD2C-58FBC45EBF95}C:\xboxgames\forza horizon 5\content\forzahorizon5.exe] => (Allow) C:\xboxgames\forza horizon 5\content\forzahorizon5.exe => No File
FirewallRules: [UDP Query User{18633D69-C8ED-4FF9-847E-79A280395513}C:\xboxgames\forza horizon 5\content\forzahorizon5.exe] => (Allow) C:\xboxgames\forza horizon 5\content\forzahorizon5.exe => No File
FirewallRules: [TCP Query User{C79DAB1E-AD39-4192-B2BC-FA877C6835D5}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{B346E5EE-EDC4-4AA8-926B-6267A82067F5}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{9A26BBD8-A7FA-4278-81AF-66BF34268897}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0FC7177A-0830-4836-A7FB-BFC7AE3BF670}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9A2E94DF-39C2-4D6F-8ED0-9DFA299B2549}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{089694BF-0D86-421C-A86A-7E76B2A864D4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9F97AB07-4722-41CE-8BC1-BECF50DB87FF}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BE45D94A-8277-489E-961C-CEF431DF683B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{49FA4965-D622-43C6-B92A-6B3C166EFBEB}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{787A000E-B1D5-43DD-8915-C61C6BD41830}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{F551B5A0-E80A-4F33-B8C6-6983847D0EDC}E:\battle.net\call of duty\_retail_\cod.exe] => (Allow) E:\battle.net\call of duty\_retail_\cod.exe => No File
FirewallRules: [UDP Query User{E0FB1F0B-9B9F-4387-B348-F011CA29ED81}E:\battle.net\call of duty\_retail_\cod.exe] => (Allow) E:\battle.net\call of duty\_retail_\cod.exe => No File
FirewallRules: [TCP Query User{723E31A7-B043-41CE-969B-AEDF3426197E}C:\users\urban\downloads\utorrentportable\app\utorrent\utorrent.exe] => (Allow) C:\users\urban\downloads\utorrentportable\app\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{059327CB-7DB7-46FA-A7D5-A98BA879A94C}C:\users\urban\downloads\utorrentportable\app\utorrent\utorrent.exe] => (Allow) C:\users\urban\downloads\utorrentportable\app\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{23045D91-5B7D-4D3F-A8AC-2F79E23023CF}] => (Block) E:\Games\Detroit Become Human\DetroitBecomeHuman.exe => No File
FirewallRules: [{26BD5E59-961F-4A7F-AB80-23CCFFCF1802}] => (Block) E:\Games\Detroit Become Human\DetroitBecomeHuman.exe => No File
FirewallRules: [{327D1B77-E106-4BC3-B8E5-1E823911EEFF}] => (Allow) E:\SteamLibrary\steamapps\common\assettocorsa\AssettoCorsa.exe => No File
FirewallRules: [{21E6F172-534C-49C7-AB8C-B1AFA8CC0EC9}] => (Allow) E:\SteamLibrary\steamapps\common\assettocorsa\AssettoCorsa.exe => No File
FirewallRules: [TCP Query User{D09BCAB4-637E-4710-BE90-5A40B1F791FF}E:\steamlibrary\steamapps\common\assettocorsa\acs.exe] => (Allow) E:\steamlibrary\steamapps\common\assettocorsa\acs.exe => No File
FirewallRules: [UDP Query User{83324A54-331B-4AFE-950E-B4D906292306}E:\steamlibrary\steamapps\common\assettocorsa\acs.exe] => (Allow) E:\steamlibrary\steamapps\common\assettocorsa\acs.exe => No File
FirewallRules: [{9C581100-25FF-4BE3-9263-461F951474BA}] => (Allow) F:\SteamLibrary\steamapps\common\Euro Truck Simulator 2 Demo\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{4D5D7359-9FF9-4806-BE49-0449B1AE77E4}] => (Allow) F:\SteamLibrary\steamapps\common\Euro Truck Simulator 2 Demo\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{07340726-55D7-41EE-A1B4-42D24128AA29}] => (Allow) F:\SteamLibrary\steamapps\common\CarX Drift Racing Online\Drift Racing Online.exe () [File not signed]
FirewallRules: [{3BC2E1F4-379E-426F-B461-46A7BB6FC9A5}] => (Allow) F:\SteamLibrary\steamapps\common\CarX Drift Racing Online\Drift Racing Online.exe () [File not signed]
FirewallRules: [{841A7F00-F234-4BAF-B0FC-4C64512DEFA1}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23002.403.1788.1930_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{055A5640-8B07-42B0-A0AD-91BC6C7BD0B5}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23002.403.1788.1930_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{8018AFFB-6E07-473B-8A73-4AF777E80705}F:\xboxgames\forza horizon 5\content\forzahorizon5.exe] => (Allow) F:\xboxgames\forza horizon 5\content\forzahorizon5.exe (Access Denied) [File not signed]
FirewallRules: [UDP Query User{1CE2C330-24EE-4A5D-BCD1-D24E9ECC79F1}F:\xboxgames\forza horizon 5\content\forzahorizon5.exe] => (Allow) F:\xboxgames\forza horizon 5\content\forzahorizon5.exe (Access Denied) [File not signed]
FirewallRules: [{111F8EDA-5BCB-4AB5-ADC0-EE8F1D3AFF20}] => (Allow) LPort=54925
FirewallRules: [{FFB08117-C946-43E0-BE88-81B7080D5D71}] => (Allow) LPort=54950
FirewallRules: [{A65FE5F1-2BDC-40DD-85F1-F841544ACC6B}] => (Allow) LPort=54955
FirewallRules: [{202F6875-083B-49DC-8005-CD9E61A9F679}] => (Allow) C:\Program Files (x86)\Browny02\Brother\BrPrintFinishNotice\BrPrintFinishNotice.exe (Brother Industries, Ltd. -> )
FirewallRules: [{A4BEF2FE-0B9C-4356-94AB-C2B987DFD17E}] => (Allow) C:\Program Files (x86)\Browny02\Brother\BrPrintFinishNotice\BrPrintFinishNotice.exe (Brother Industries, Ltd. -> )
FirewallRules: [TCP Query User{5198903F-79B0-4A80-93B8-6DAC104BB4DD}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe => No File
FirewallRules: [UDP Query User{296386AB-FE0E-48C2-9342-DF5637940BD3}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe => No File
FirewallRules: [TCP Query User{DA012848-AD3C-4791-9F6B-D65DA3AC924C}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe => No File
FirewallRules: [UDP Query User{6A8D1B3E-2E76-4AF0-8500-C01D371EB9C0}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe => No File
FirewallRules: [TCP Query User{C73AEB56-D9C3-4A68-A716-A331815152A0}C:\users\urban\appdata\local\unrealengine\common\unrealtrace\bin\0001000c\unrealtraceserver.exe] => (Allow) C:\users\urban\appdata\local\unrealengine\common\unrealtrace\bin\0001000c\unrealtraceserver.exe (Epic Games Inc. -> Epic Games)
FirewallRules: [UDP Query User{B05A192F-0F5C-42C9-B2DC-83550BEB1DD2}C:\users\urban\appdata\local\unrealengine\common\unrealtrace\bin\0001000c\unrealtraceserver.exe] => (Allow) C:\users\urban\appdata\local\unrealengine\common\unrealtrace\bin\0001000c\unrealtraceserver.exe (Epic Games Inc. -> Epic Games)
FirewallRules: [TCP Query User{C9E5AA40-BCF8-4C3B-928D-E1FA318458FC}C:\program files\epic games\ue_5.1\engine\binaries\win64\unrealeditor.exe] => (Allow) C:\program files\epic games\ue_5.1\engine\binaries\win64\unrealeditor.exe => No File
FirewallRules: [UDP Query User{97B3633F-A51C-4E6B-81A5-394C79E8286A}C:\program files\epic games\ue_5.1\engine\binaries\win64\unrealeditor.exe] => (Allow) C:\program files\epic games\ue_5.1\engine\binaries\win64\unrealeditor.exe => No File
FirewallRules: [TCP Query User{476B30FD-F091-4B69-AE2B-5C75D18BDAE4}C:\program files\amd\cnext\cnext\radeonsoftware.exe] => (Allow) C:\program files\amd\cnext\cnext\radeonsoftware.exe (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [UDP Query User{1240EE47-6633-42CE-8778-70436F82D6E6}C:\program files\amd\cnext\cnext\radeonsoftware.exe] => (Allow) C:\program files\amd\cnext\cnext\radeonsoftware.exe (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [{BDB76FA6-4714-4F79-A393-F454774E14CC}] => (Allow) C:\Program Files\AMD\CNext\CNext\amddvr.exe => No File
FirewallRules: [{892651D3-3265-4362-92F1-40D591A851F0}] => (Allow) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [{2C2978ED-15C8-4CA6-A81D-CA608AB863D9}] => (Allow) C:\Program Files\AMD\CNext\CNext\Radeonsoftware.exe (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [{AF417983-17BC-4DB8-9BF0-23EF673B2757}] => (Allow) C:\Program Files\AMD\CNext\CNext\AMDLink.exe => No File
FirewallRules: [{0974A1E0-0D3F-4B2C-8735-A622097C8073}] => (Allow) F:\SteamLibrary\steamapps\common\assettocorsa\AssettoCorsa.exe (Kunos Simulazioni) [File not signed]
FirewallRules: [{687DB401-0643-481F-9D5A-1F93EC5DC0DB}] => (Allow) F:\SteamLibrary\steamapps\common\assettocorsa\AssettoCorsa.exe (Kunos Simulazioni) [File not signed]
FirewallRules: [TCP Query User{9FB3A9C5-9A01-4299-8B57-55D0CBDA0E47}F:\steamlibrary\steamapps\common\assettocorsa\acs.exe] => (Allow) F:\steamlibrary\steamapps\common\assettocorsa\acs.exe () [File not signed]
FirewallRules: [UDP Query User{9CAF4407-5DB4-4C9B-BA7F-43479EBCDCF8}F:\steamlibrary\steamapps\common\assettocorsa\acs.exe] => (Allow) F:\steamlibrary\steamapps\common\assettocorsa\acs.exe () [File not signed]
FirewallRules: [{B96C6E51-1C8A-46E4-B901-BADCA6B568F6}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{B5563737-9BB3-4465-B553-03B5D92D3948}] => (Allow) C:\Users\urban\Downloads\reiboot.exe => No File
FirewallRules: [{D496C090-C3BD-4CF1-B399-95E20641AFD2}] => (Allow) C:\Users\urban\Downloads\reiboot.exe => No File
FirewallRules: [{02CD3FF6-C1B1-4749-8801-0406B180D509}] => (Allow) C:\Program Files (x86)\3uTools\libXunlei\Download\MiniThunderPlatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [{755DCBD9-FE2B-4EE8-A2B5-47390FDB67D0}] => (Allow) C:\Program Files (x86)\3uTools\libXunlei\Download\MiniThunderPlatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [{A350A27E-AE46-41E3-BFC2-31D9794E98E8}] => (Allow) LPort=80
FirewallRules: [TCP Query User{B59CCFF5-B7AC-4CFC-8FAC-B9476688DDFD}F:\steamlibrary\steamapps\common\assettocorsa\acs.exe] => (Allow) F:\steamlibrary\steamapps\common\assettocorsa\acs.exe () [File not signed]
FirewallRules: [UDP Query User{12A69DB2-1E36-4C32-9E03-AEF3FEB51779}F:\steamlibrary\steamapps\common\assettocorsa\acs.exe] => (Allow) F:\steamlibrary\steamapps\common\assettocorsa\acs.exe () [File not signed]
FirewallRules: [{0D4726DD-6D37-40C4-96B0-93920079AC11}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.207.1277.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9FA609BC-DEAA-443E-8841-AE3C8862ED26}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.207.1277.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4A6728D5-142A-421D-A9AF-91B2237636EB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.207.1277.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6052F9CA-6AF5-4293-905B-A6A51E17C554}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.207.1277.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{98C906F2-A4AC-4B58-8FBD-22BC5FE3AD95}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.207.1277.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{506C7C91-34DF-42B3-BCBF-5248CC6D7AF3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.207.1277.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E2794FC4-AE80-42CF-94C8-4A94F2A9599F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.207.1277.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8B59D511-01CD-404C-91E6-8000C702E0FE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.207.1277.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{85E49D38-9445-4C06-BFF5-FF5C2B9B95ED}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\111.0.1661.44\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EA97ED2D-A743-4385-956D-CE57F9DEDC3D}] => (Allow) LPort=32683
FirewallRules: [{B0D5358F-55F7-407E-A55E-0EBF980BBDE5}] => (Allow) LPort=26822

==================== Restore Points =========================

13-03-2023 15:52:07 Naplánovaný kontrolní bod
15-03-2023 14:15:37 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/19/2023 04:49:15 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LACKŢVPC$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sun, 19 Mar 2023 15:49:14 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: ffe32077-e6bd-41e8-8153-45c54885e243

Metoda: GET(219ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (03/19/2023 04:49:15 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro Místní systém přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sun, 19 Mar 2023 15:49:13 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 268db5d5-5a27-4402-bf05-34a9917bb19c

Metoda: GET(328ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (03/19/2023 04:49:07 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Wait Workflow Commands request from device.

Error: (03/19/2023 04:49:07 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Broadcast Receiver Server...

Error: (03/19/2023 04:49:07 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...

Error: (03/19/2023 04:49:07 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...

Error: (03/19/2023 04:49:07 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[3]: 192.168.100.7

Error: (03/19/2023 04:49:07 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[2]: 2a00:ca8:a17:1fe:dbe1:5b97:7f40:ef4e


System errors:
=============
Error: (03/20/2023 04:38:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Steam Client Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/20/2023 04:38:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Autodesk Desktop App Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/20/2023 04:38:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba MSI Live Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/20/2023 04:38:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba MSI Center Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/20/2023 04:38:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba FlexNet Licensing Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/20/2023 04:38:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba MSI_Case_Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/20/2023 04:38:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba MSIREGISTER_MR byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/20/2023 04:38:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Brother Workflow Application Controller byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
================
Date: 2023-03-19 18:37:58
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F714512C-F545-49C8-8640-8CCB8D1B33D7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-03-17 21:05:17
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {4198FF6A-950E-4BDE-93F3-903B55C3076C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-03-15 20:33:41
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\urban\Downloads\Slideboizz_car_pack_v1.1.rar
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: LACKŢVPC\urban
Název procesu: C:\Users\urban\AppData\Local\AcTools Content Manager\Plugins\7Zip\7z.exe
Verze bezpečnostních informací: AV: 1.385.98.0, AS: 1.385.98.0, NIS: 1.385.98.0
Verze modulu: AM: 1.1.20100.6, NIS: 1.1.20100.6

Date: 2023-03-15 18:39:57
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {16414281-2B13-4230-8A6A-5F09CD329428}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-03-15 14:12:16
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {74AE5B35-35E8-4CCB-B6FB-E7C4FA62FB0F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2023-03-19 16:49:08
Description:
Code Integrity determined that a process (System) attempted to load \Device\HarddiskVolume7\Windows\Temp\Atiflash\atillk64.sys that did not meet the Authenticode signing level requirements or violated code integrity policy (Policy ID:{d2bda982-ccf6-4344-ac5b-0b44427b6816}).

Date: 2023-03-19 16:49:08
Description:
The driver \Device\HarddiskVolume7\Windows\Temp\Atiflash\atillk64.sys is blocked from loading as the driver has been revoked by Microsoft.


==================== Memory info ===========================

BIOS: American Megatrends International, LLC. 1.H6 09/30/2021
Motherboard: Micro-Star International Co., Ltd B450 TOMAHAWK (MS-7C02)
Processor: AMD Ryzen 5 2600 Six-Core Processor
Percentage of memory in use: 12%
Total physical RAM: 32693.61 MB
Available physical RAM: 28503.62 MB
Total Virtual: 34741.61 MB
Available Virtual: 30006.58 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.87 GB) (Free:109.98 GB) (Model: CT250MX500SSD4) NTFS
Drive d: (Data) (Fixed) (Total:1863.01 GB) (Free:773.6 GB) (Model: WDC WD20EZBX-00AYRA0) NTFS
Drive e: (Nový svazek) (Fixed) (Total:223.47 GB) (Free:180.57 GB) (Model: WDC WDS240G1G0A-00SS50) NTFS
Drive f: (DAtat) (Fixed) (Total:1863 GB) (Free:354.5 GB) (Model: WDC WD20EZBX-00AYRA0) NTFS

\\?\Volume{9fc23b3e-641b-4db7-bde2-9ac78b688d6d}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: CA0A544B)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Size: 223.6 GB) (Disk ID: 38931AB8)

Partition: GPT.

==========================================================
Disk: 2 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 3 (Size: 232.9 GB) (Disk ID: 7DE976B0)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118194
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Ukradnuté hesla, prosím o kontrolu

#5 Příspěvek od Rudy »

Teď spusťte tuto utilit:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět