Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu, děkuji
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Prosím o kontrolu logu, děkuji
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-09-2024
Ran by vondr (administrator) on ACER (Acer Aspire A515-54) (30-09-2024 20:04:18)
Running from C:\Users\vondr\Downloads\FRST64.exe
Loaded Profiles: vondr
Platform: Microsoft Windows 11 Home Version 23H2 22631.4169 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\explorerwi\explorer.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(C:\explorerwi\explorer.exe ->) (Python Software Foundation -> Python Software Foundation) C:\explorerwin\python.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe
(C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\1.3.911.1\DropboxCrashHandler.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Creative Cloud UI Helper.exe <5>
(C:\Program Files\CCleaner\CCleaner64.exe ->) (Avast Software s.r.o. -> OPSWAT, Inc.) C:\Program Files\CCleaner\wa_3rd_party_host_32.exe
(C:\Program Files\CCleaner\CCleaner64.exe ->) (Avast Software s.r.o. -> OPSWAT, Inc.) C:\Program Files\CCleaner\wa_3rd_party_host_64.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.18025.20104\OfficeClickToRun.exe
(C:\Program Files\Google\Drive File Stream\97.0.1.0\GoogleDriveFS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\97.0.1.0\crashpad_handler.exe
(C:\Users\vondr\Downloads\FRST64.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_11.2407.9.0_x64__8wekyb3d8bbwe\Notepad\Notepad.exe <3>
(DriverStore\FileRepository\cui_dch.inf_amd64_92cf9d9d84f1d3db\igfxCUIService.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_92cf9d9d84f1d3db\igfxEM.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <8>
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\97.0.1.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Mega Limited -> Mega Limited) C:\Users\vondr\AppData\Local\MEGAsync\MEGAsync.exe
(Gen Digital Inc. -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe <2>
(Power Software Limited -> Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ELANFPService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_3cbddcc68b1c0da2\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_a55aa2cd52a3429d\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_581d7e91d349facc\AS\IAS\IntelAudioService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_31a8dbbf39dcdc3b\jhi_service.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_92cf9d9d84f1d3db\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_0f76d7f335b833dc\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_0f76d7f335b833dc\IntelCpHeciSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\24.171.0825.0002\FileSyncHelper.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\NisSrv.exe
(services.exe ->) (Musecy SM Ltd. -> Muse.Service) C:\Program Files\WindowsApps\Muse.MuseHub_1.0.1.693_x64__rb9pth70m6nz6\Muse.Service.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(services.exe ->) (SMART Technologies ULC -> SMART Technologies) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTHelperService.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24082.53.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WidgetsPlatformRuntime_1.4.0.0_x64__8wekyb3d8bbwe\WidgetService\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [953120 2019-12-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SMARTNotification] => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTNotification.exe [209856 2019-12-10] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [SMART Board Service] => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTBoardService.exe [2772416 2019-12-10] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [SMART Tray Tools] => C:\Program Files (x86)\Common Files\SMART Technologies\SystemMenu\SMARTSystemMenu.exe [654272 2019-12-01] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [sbsdk-server] => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\sbsdk-server\NodeLauncher.exe [68544 2019-11-08] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [SMART Ink] => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTInk.exe [287680 2019-12-11] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [Family Tree Builder Update] => C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [17935752 2021-03-21] (MyHeritage (USA) Inc. -> MyHeritage)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [9235344 2024-09-17] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [460944 2022-09-01] (Power Software Limited -> Power Software Ltd)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [st_global] => C:\Program Files (x86)\FunPlus\StormShot\Launcher.exe (No File)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [1130416 2024-09-20] (Adobe Inc. -> Adobe Inc.)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\97.0.1.0\GoogleDriveFS.exe [61368936 2024-09-16] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\97.0.1.0\GoogleDriveFS.exe [61368936 2024-09-16] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4919200 2024-09-19] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45125936 2024-09-18] (Gen Digital Inc. -> Piriform Software Ltd)
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\Run: [Discord] => C:\Users\vondr\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\97.0.1.0\GoogleDriveFS.exe [61368936 2024-09-16] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [482128 2022-11-05] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\Run: [AVGBrowserAutoLaunch_7EE2BFE1B3B8A803197E356BCB586469] => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [3174568 2024-09-11] (AVG Technologies USA, LLC -> Gen Digital Inc.)
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\MountPoints2: {3e27dab4-5d29-11ed-a894-b4a9fc4636cb} - "D:\OInstall.exe"
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\97.0.1.0\GoogleDriveFS.exe [61368936 2024-09-16] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\SMART Local Port: C:\Windows\system32\smrtlocalmon.dll [38336 2019-12-11] (SMART Technologies ULC -> SMART Technologies ULC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{48F69C39-1356-4A7B-A899-70E3539D4982}] -> C:\Program Files (x86)\AVG\Browser\Application\128.0.26382.138\Installer\chrmstp.exe [2024-09-19] (AVG Technologies USA, LLC -> Gen Digital Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\129.0.6668.60\Installer\chrmstp.exe [2024-09-26] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\Users\vondr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Explorer.lnk [2024-09-28]
ShortcutTarget: Explorer.lnk -> C:\explorerwi\pdfx.exe () [File not signed]
Startup: C:\Users\vondr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2022-02-06]
ShortcutTarget: MEGAsync.lnk -> C:\Users\vondr\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {73136951-D3EA-421A-8B36-39C07D0E4620} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe -> C:\Program Files (x86)\Acer\Care Center\-auto
Task: {ED036599-25D7-4C26-80B1-92B38836DE1E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1563080 2024-07-31] (Adobe Inc. -> Adobe Inc.)
Task: {3A63133B-6693-4CB2-B7A7-FCC88C32D7BE} - System32\Tasks\AVG Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [3174568 2024-09-11] (AVG Technologies USA, LLC -> Gen Digital Inc.)
Task: {2051A499-55AF-40E9-A3B3-8D20AD3BB528} - System32\Tasks\AVG Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [3174568 2024-09-11] (AVG Technologies USA, LLC -> Gen Digital Inc.)
Task: {C5720183-AAC2-407E-A929-563A52583F12} - System32\Tasks\AVGBrowserProtectS-1-5-21-3501418858-3935017464-633493477-1001 => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowserProtect.exe [1690040 2024-04-23] (AVG Technologies USA, LLC -> Gen Digital Inc.)
Task: {8DE0C78B-7DCE-45AA-9BF5-7EE547BF8A77} - System32\Tasks\AVGUpdateTaskMachineCore => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [209224 2022-12-13] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {D024C990-8584-4BE7-A555-0A4FAE095D04} - System32\Tasks\AVGUpdateTaskMachineUA => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [209224 2022-12-13] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {1CC399E4-A613-4C86-825E-506CF2EC7796} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [829408 2024-09-18] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {AC3EEF36-3C8F-47A4-BAB2-2F566D9C5ADC} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5937456 2024-09-18] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "72f88dc7-1a5a-4773-a687-e6ea72779fdd" --version "6.28.11297" --silent
Task: {56FCD6C3-AD0E-45D3-8B1E-386BC75ECDA7} - System32\Tasks\CCleanerSkipUAC - vondr => C:\Program Files\CCleaner\CCleaner.exe [39012144 2024-09-18] (Gen Digital Inc. -> Piriform Software Ltd)
Task: {76207EF4-D7A4-476C-AAF1-D17A3C9F2BB7} - System32\Tasks\CorelUpdateHelperTaskCore => C:\Program Files (x86)\Corel\CUH\v2\CUH.EXE [1589696 2016-08-25] (Corel Corporation -> Corel Corporation)
Task: {063E0D4F-A169-42D1-B0D0-6D23A17987C4} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {F5D9ED7C-22FB-406A-AEB1-B54A25166D3B} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {C938C892-9D4E-4E5D-847A-7D2346394EB9} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{796DF830-26B5-4C96-8720-2ABD1B9CD1F7} => C:\Program Files (x86)\Google\GoogleUpdater\130.0.6679.0\updater.exe [4884584 2024-08-26] (Google LLC -> Google LLC)
Task: {259B4B62-25EA-4089-A510-0B87DE93A06F} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-3501418858-3935017464-633493477-1001 => C:\Users\vondr\AppData\Local\MEGAsync\MEGAupdater.exe [2531592 2024-06-11] (Mega Limited -> )
Task: {894D1842-A153-44D1-9CFD-B4DB8E4AD33D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28605656 2024-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {5EF9548C-0571-4E96-9513-A874AE610F1A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28605656 2024-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {70D2E82B-907D-4D22-A1B3-AB89955C1503} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312472 2024-09-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {EB072E44-9B27-47DF-952D-A708602E4701} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312472 2024-09-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {901FB079-39A1-47C6-91CC-3F3BF993C30B} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [187024 2024-08-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {AA11E31D-FB1D-4214-9E59-64592C4E120F} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {D7BE0AEA-7374-48B0-A496-75906B690A0A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (No File)
Task: {B471091F-5D76-42BD-8ED1-CB76069E67C2} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval => %systemroot%\system32\MusNotification.exe Display (No File)
Task: {6E49949C-C062-484D-A1FD-D886E90C93DD} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC ReadyToReboot (No File)
Task: {2CB04670-A778-4203-A8F6-66E5CFA231A7} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery ReadyToReboot (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {4840903A-1C13-4994-947A-81DCC73D977C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0F798F35-1E9A-46B3-96DB-77F73DADABC6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1001672E-F6A5-4F1A-8398-F55EEB4FE8FE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {89FBC2B4-3910-4245-94FC-A2E4264ED644} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {13B73793-F79F-4441-B4EB-10AEC3E79241} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [31816 2024-09-18] (Mozilla Corporation -> Mozilla Foundation)
Task: {C7540E9F-992B-49BA-BD6F-B49A96C035A3} - System32\Tasks\Oem\AcerJumpstartTask => "C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe" /default (No File)
Task: {082A6EFC-488C-4368-8DCF-7C3C6E0C2DEE} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209192 2024-09-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {A81E7F78-A7EF-4EB0-A6A6-042936461029} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3501418858-3935017464-633493477-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209192 2024-09-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {A61B21F7-B383-4510-85C0-F7B4D3E6D237} - System32\Tasks\S-1-5-21-3501418858-3935017464-633493477-1001\DataSenseLiveTileTask => %SystemRoot%\System32\DataUsageLiveTileTask.exe (No File)
Task: {096D3188-360A-44AE-AD0E-A8B12CA94972} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473880 2020-07-16] (Acer Incorporated -> Acer Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 93.93.32.32 93.93.33.33 192.168.22.1
Tcpip\..\Interfaces\{4e8c78d5-12f3-471b-bd12-26482e625aea}: [DhcpNameServer] 93.93.32.32 93.93.33.33 192.168.22.1
Tcpip\..\Interfaces\{774ed856-bf70-462c-ac71-60ea5fe1934c}: [DhcpNameServer] 40.33.1.66
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\vondr\AppData\Local\Microsoft\Edge\User Data\Default [2024-09-18]
Edge Extension: (Dokumenty Google offline) - C:\Users\vondr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-07-07]
Edge Extension: (Edge relevant text changes) - C:\Users\vondr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
FireFox:
========
FF DefaultProfile: gteda8g8.default
FF ProfilePath: C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Profiles\ob9ytkzq.default-release-1 [2024-09-30]
FF Notifications: Mozilla\Firefox\Profiles\ob9ytkzq.default-release-1 -> hxxps://www.svetviry.cz; hxxps://calendar.google.com
FF Extension: (AdBlocker Ultimate) - C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Profiles\ob9ytkzq.default-release-1\Extensions\adblockultimate@adblockultimate.net.xpi [2024-07-18]
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Profiles\ob9ytkzq.default-release-1\Extensions\cs@dictionaries.addons.mozilla.org.xpi [2021-06-19]
FF Extension: (Language: Čeština (Czech)) - C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Profiles\ob9ytkzq.default-release-1\Extensions\langpack-cs@firefox.mozilla.org.xpi [2024-09-16]
FF Extension: (TWP - Translate Web Pages) - C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Profiles\ob9ytkzq.default-release-1\Extensions\{036a55b4-5e72-4d05-a06c-cba2dfcc134a}.xpi [2024-03-11]
FF Extension: (Adblock na Youtube™) - C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Profiles\ob9ytkzq.default-release-1\Extensions\{0ac04bdb-d698-452f-8048-bcef1a3f4b0d}.xpi [2022-02-21]
FF ProfilePath: C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Profiles\gteda8g8.default [2021-01-24]
FF NewTab: Mozilla\Firefox\Profiles\gteda8g8.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10378__200606
FF ProfilePath: C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Profiles\shkk2f8c.default-release-1621189060132 [2024-09-30]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-06-08] (Unity Technologies ApS -> Unity Technologies ApS)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2024-09-20] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avgbrowser.com/AVG Browser;version=3 -> C:\Program Files (x86)\AVG\Browser\Update\1.8.1582.3\npAvgBrowserUpdate3.dll [2022-12-13] (AVG Technologies USA, LLC -> AVG Technologies)
FF Plugin-x32: @update.avgbrowser.com/AVG Browser;version=9 -> C:\Program Files (x86)\AVG\Browser\Update\1.8.1582.3\npAvgBrowserUpdate3.dll [2022-12-13] (AVG Technologies USA, LLC -> AVG Technologies)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2024-09-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2024-09-20] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Profile 3
CHR Profile: C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Default [2024-09-30]
CHR Extension: (Tampermonkey) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2024-05-19]
CHR Extension: (Dokumenty Google offline) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-13]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-08-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Profile: C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-09-26]
CHR Profile: C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 3 [2024-09-30]
CHR Notifications: Profile 3 -> hxxps://calendar.google.com
CHR Extension: (Dokumenty Google offline) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-06]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-09-20]
CHR Extension: (Komponenta pro aplikaci BUSINESS 24) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\iaihapeddbkncmmikkpmeggfecohnahg [2023-07-17]
CHR Extension: (Violentmonkey) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\jinjaccalgkegednnccohejagnlnfdag [2024-09-25]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-08-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-06-07]
CHR Extension: (Crypto Web Extension) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjohlogcennenjhkfclfgaganagadkkm [2024-05-13]
CHR Profile: C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 4 [2024-09-19]
CHR Extension: (Dokumenty Google offline) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-18]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-10-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-09-20]
CHR Profile: C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 5 [2024-09-26]
CHR Notifications: Profile 5 -> hxxps://meet.google.com
CHR Extension: (Dokumenty Google offline) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-10]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-09-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-05-21]
CHR Profile: C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 6 [2024-06-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-25]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-09-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-09-27]
CHR Profile: C:\Users\vondr\AppData\Local\Google\Chrome\User Data\System Profile [2024-09-30]
CHR HKU\S-1-5-21-3501418858-3935017464-633493477-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-07-31] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [944048 2024-09-20] (Adobe Inc. -> Adobe Inc.)
S2 avg; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [209224 2022-12-13] (AVG Technologies USA, LLC -> AVG Technologies)
S3 avgm; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [209224 2022-12-13] (AVG Technologies USA, LLC -> AVG Technologies)
S3 AVGSecureBrowserElevationService; C:\Program Files (x86)\AVG\Browser\Application\128.0.26382.138\elevation_service.exe [1722592 2024-09-11] (AVG Technologies USA, LLC -> Gen Digital Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1087792 2024-09-18] (Gen Digital Inc. -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14042808 2024-09-08] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2024-09-17] (Dropbox, Inc -> Dropbox, Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4976976 2022-11-05] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 DropboxElevationService; C:\Program Files (x86)\Dropbox\Client\208.4.5824\DropboxElevationService.exe [1659288 2024-09-17] (Dropbox, Inc -> Dropbox, Inc.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [145224 2017-02-27] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.171.0825.0002\FileSyncHelper.exe [3523112 2024-09-19] (Microsoft Corporation -> Microsoft Corporation)
R2 IntelAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_581d7e91d349facc\AS\IAS\IntelAudioService.exe [412120 2023-09-17] (Intel Corporation -> Intel)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpDefenderCoreService.exe [1431160 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Muse Hub Background Service; C:\Program Files\WindowsApps\Muse.MuseHub_1.0.1.693_x64__rb9pth70m6nz6\Muse.Service.exe [169472 2023-01-08] (Musecy SM Ltd. -> Muse.Service)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.171.0825.0002\OneDriveUpdaterService.exe [3863592 2024-09-19] (Microsoft Corporation -> Microsoft Corporation)
R2 SMARTHelperService; C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTHelperService.exe [635328 2019-12-10] (SMART Technologies ULC -> SMART Technologies)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\NisSrv.exe [3199656 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MsMpEng.exe [133704 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [36800 2022-06-02] (Acer Incorporated -> Acer Incorporated)
R1 Amfilter; C:\WINDOWS\system32\DRIVERS\Amfltx64.sys [12288 2023-09-17] (Microsoft Windows Hardware Compatibility Publisher -> (Standard mouse types))
R3 Amusbprt; C:\WINDOWS\system32\DRIVERS\Amusbx64.sys [17920 2023-09-17] (Microsoft Windows Hardware Compatibility Publisher -> A4Tech Co.,Ltd.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [544768 2023-12-12] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [188416 2024-03-13] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2022-11-05] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [63696 2022-11-05] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 googledrivefs31626; C:\Program Files\Google\Drive File Stream\Drivers\31626\googledrivefs31626.sys [384096 2024-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 MpKsl59bee4c4; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1AE37338-2EA8-47EB-BFA4-8D8A2F357381}\MpKslDrv.sys [267552 2024-09-30] (Microsoft Windows -> Microsoft Corporation)
R3 rt68cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_0f3a2b5f72186666\rt68cx21x64.sys [717160 2023-09-14] (Realtek Semiconductor Corp. -> Realtek)
R3 SMARTMouseFilterx64; C:\WINDOWS\System32\drivers\SMARTMouseFilterx64.sys [18952 2019-12-10] (Microsoft Windows Hardware Compatibility Publisher -> SMART Technologies)
R3 SMARTVHidMiniVistaAmd64; C:\WINDOWS\System32\drivers\SMARTVHidMiniVistaAmd64.sys [28168 2019-12-10] (Microsoft Windows Hardware Compatibility Publisher -> SMART Technologies)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22080 2024-09-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [602392 2024-09-17] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2024-09-17] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Ran by vondr (administrator) on ACER (Acer Aspire A515-54) (30-09-2024 20:04:18)
Running from C:\Users\vondr\Downloads\FRST64.exe
Loaded Profiles: vondr
Platform: Microsoft Windows 11 Home Version 23H2 22631.4169 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\explorerwi\explorer.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(C:\explorerwi\explorer.exe ->) (Python Software Foundation -> Python Software Foundation) C:\explorerwin\python.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe
(C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\1.3.911.1\DropboxCrashHandler.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Creative Cloud UI Helper.exe <5>
(C:\Program Files\CCleaner\CCleaner64.exe ->) (Avast Software s.r.o. -> OPSWAT, Inc.) C:\Program Files\CCleaner\wa_3rd_party_host_32.exe
(C:\Program Files\CCleaner\CCleaner64.exe ->) (Avast Software s.r.o. -> OPSWAT, Inc.) C:\Program Files\CCleaner\wa_3rd_party_host_64.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.18025.20104\OfficeClickToRun.exe
(C:\Program Files\Google\Drive File Stream\97.0.1.0\GoogleDriveFS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\97.0.1.0\crashpad_handler.exe
(C:\Users\vondr\Downloads\FRST64.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_11.2407.9.0_x64__8wekyb3d8bbwe\Notepad\Notepad.exe <3>
(DriverStore\FileRepository\cui_dch.inf_amd64_92cf9d9d84f1d3db\igfxCUIService.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_92cf9d9d84f1d3db\igfxEM.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <8>
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\97.0.1.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Mega Limited -> Mega Limited) C:\Users\vondr\AppData\Local\MEGAsync\MEGAsync.exe
(Gen Digital Inc. -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe <2>
(Power Software Limited -> Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ELANFPService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_3cbddcc68b1c0da2\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_a55aa2cd52a3429d\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_581d7e91d349facc\AS\IAS\IntelAudioService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_31a8dbbf39dcdc3b\jhi_service.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_92cf9d9d84f1d3db\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_0f76d7f335b833dc\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_0f76d7f335b833dc\IntelCpHeciSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\24.171.0825.0002\FileSyncHelper.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\NisSrv.exe
(services.exe ->) (Musecy SM Ltd. -> Muse.Service) C:\Program Files\WindowsApps\Muse.MuseHub_1.0.1.693_x64__rb9pth70m6nz6\Muse.Service.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(services.exe ->) (SMART Technologies ULC -> SMART Technologies) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTHelperService.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24082.53.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WidgetsPlatformRuntime_1.4.0.0_x64__8wekyb3d8bbwe\WidgetService\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [953120 2019-12-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SMARTNotification] => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTNotification.exe [209856 2019-12-10] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [SMART Board Service] => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTBoardService.exe [2772416 2019-12-10] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [SMART Tray Tools] => C:\Program Files (x86)\Common Files\SMART Technologies\SystemMenu\SMARTSystemMenu.exe [654272 2019-12-01] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [sbsdk-server] => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\sbsdk-server\NodeLauncher.exe [68544 2019-11-08] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [SMART Ink] => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTInk.exe [287680 2019-12-11] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [Family Tree Builder Update] => C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [17935752 2021-03-21] (MyHeritage (USA) Inc. -> MyHeritage)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [9235344 2024-09-17] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [460944 2022-09-01] (Power Software Limited -> Power Software Ltd)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [st_global] => C:\Program Files (x86)\FunPlus\StormShot\Launcher.exe (No File)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [1130416 2024-09-20] (Adobe Inc. -> Adobe Inc.)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\97.0.1.0\GoogleDriveFS.exe [61368936 2024-09-16] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\97.0.1.0\GoogleDriveFS.exe [61368936 2024-09-16] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4919200 2024-09-19] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45125936 2024-09-18] (Gen Digital Inc. -> Piriform Software Ltd)
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\Run: [Discord] => C:\Users\vondr\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\97.0.1.0\GoogleDriveFS.exe [61368936 2024-09-16] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [482128 2022-11-05] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\Run: [AVGBrowserAutoLaunch_7EE2BFE1B3B8A803197E356BCB586469] => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [3174568 2024-09-11] (AVG Technologies USA, LLC -> Gen Digital Inc.)
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\MountPoints2: {3e27dab4-5d29-11ed-a894-b4a9fc4636cb} - "D:\OInstall.exe"
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\97.0.1.0\GoogleDriveFS.exe [61368936 2024-09-16] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\SMART Local Port: C:\Windows\system32\smrtlocalmon.dll [38336 2019-12-11] (SMART Technologies ULC -> SMART Technologies ULC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{48F69C39-1356-4A7B-A899-70E3539D4982}] -> C:\Program Files (x86)\AVG\Browser\Application\128.0.26382.138\Installer\chrmstp.exe [2024-09-19] (AVG Technologies USA, LLC -> Gen Digital Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\129.0.6668.60\Installer\chrmstp.exe [2024-09-26] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\Users\vondr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Explorer.lnk [2024-09-28]
ShortcutTarget: Explorer.lnk -> C:\explorerwi\pdfx.exe () [File not signed]
Startup: C:\Users\vondr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2022-02-06]
ShortcutTarget: MEGAsync.lnk -> C:\Users\vondr\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {73136951-D3EA-421A-8B36-39C07D0E4620} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe -> C:\Program Files (x86)\Acer\Care Center\-auto
Task: {ED036599-25D7-4C26-80B1-92B38836DE1E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1563080 2024-07-31] (Adobe Inc. -> Adobe Inc.)
Task: {3A63133B-6693-4CB2-B7A7-FCC88C32D7BE} - System32\Tasks\AVG Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [3174568 2024-09-11] (AVG Technologies USA, LLC -> Gen Digital Inc.)
Task: {2051A499-55AF-40E9-A3B3-8D20AD3BB528} - System32\Tasks\AVG Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [3174568 2024-09-11] (AVG Technologies USA, LLC -> Gen Digital Inc.)
Task: {C5720183-AAC2-407E-A929-563A52583F12} - System32\Tasks\AVGBrowserProtectS-1-5-21-3501418858-3935017464-633493477-1001 => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowserProtect.exe [1690040 2024-04-23] (AVG Technologies USA, LLC -> Gen Digital Inc.)
Task: {8DE0C78B-7DCE-45AA-9BF5-7EE547BF8A77} - System32\Tasks\AVGUpdateTaskMachineCore => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [209224 2022-12-13] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {D024C990-8584-4BE7-A555-0A4FAE095D04} - System32\Tasks\AVGUpdateTaskMachineUA => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [209224 2022-12-13] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {1CC399E4-A613-4C86-825E-506CF2EC7796} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [829408 2024-09-18] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {AC3EEF36-3C8F-47A4-BAB2-2F566D9C5ADC} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5937456 2024-09-18] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "72f88dc7-1a5a-4773-a687-e6ea72779fdd" --version "6.28.11297" --silent
Task: {56FCD6C3-AD0E-45D3-8B1E-386BC75ECDA7} - System32\Tasks\CCleanerSkipUAC - vondr => C:\Program Files\CCleaner\CCleaner.exe [39012144 2024-09-18] (Gen Digital Inc. -> Piriform Software Ltd)
Task: {76207EF4-D7A4-476C-AAF1-D17A3C9F2BB7} - System32\Tasks\CorelUpdateHelperTaskCore => C:\Program Files (x86)\Corel\CUH\v2\CUH.EXE [1589696 2016-08-25] (Corel Corporation -> Corel Corporation)
Task: {063E0D4F-A169-42D1-B0D0-6D23A17987C4} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {F5D9ED7C-22FB-406A-AEB1-B54A25166D3B} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {C938C892-9D4E-4E5D-847A-7D2346394EB9} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{796DF830-26B5-4C96-8720-2ABD1B9CD1F7} => C:\Program Files (x86)\Google\GoogleUpdater\130.0.6679.0\updater.exe [4884584 2024-08-26] (Google LLC -> Google LLC)
Task: {259B4B62-25EA-4089-A510-0B87DE93A06F} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-3501418858-3935017464-633493477-1001 => C:\Users\vondr\AppData\Local\MEGAsync\MEGAupdater.exe [2531592 2024-06-11] (Mega Limited -> )
Task: {894D1842-A153-44D1-9CFD-B4DB8E4AD33D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28605656 2024-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {5EF9548C-0571-4E96-9513-A874AE610F1A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28605656 2024-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {70D2E82B-907D-4D22-A1B3-AB89955C1503} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312472 2024-09-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {EB072E44-9B27-47DF-952D-A708602E4701} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312472 2024-09-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {901FB079-39A1-47C6-91CC-3F3BF993C30B} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [187024 2024-08-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {AA11E31D-FB1D-4214-9E59-64592C4E120F} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {D7BE0AEA-7374-48B0-A496-75906B690A0A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (No File)
Task: {B471091F-5D76-42BD-8ED1-CB76069E67C2} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval => %systemroot%\system32\MusNotification.exe Display (No File)
Task: {6E49949C-C062-484D-A1FD-D886E90C93DD} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC ReadyToReboot (No File)
Task: {2CB04670-A778-4203-A8F6-66E5CFA231A7} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery ReadyToReboot (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {4840903A-1C13-4994-947A-81DCC73D977C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0F798F35-1E9A-46B3-96DB-77F73DADABC6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1001672E-F6A5-4F1A-8398-F55EEB4FE8FE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {89FBC2B4-3910-4245-94FC-A2E4264ED644} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {13B73793-F79F-4441-B4EB-10AEC3E79241} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [31816 2024-09-18] (Mozilla Corporation -> Mozilla Foundation)
Task: {C7540E9F-992B-49BA-BD6F-B49A96C035A3} - System32\Tasks\Oem\AcerJumpstartTask => "C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe" /default (No File)
Task: {082A6EFC-488C-4368-8DCF-7C3C6E0C2DEE} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209192 2024-09-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {A81E7F78-A7EF-4EB0-A6A6-042936461029} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3501418858-3935017464-633493477-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209192 2024-09-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {A61B21F7-B383-4510-85C0-F7B4D3E6D237} - System32\Tasks\S-1-5-21-3501418858-3935017464-633493477-1001\DataSenseLiveTileTask => %SystemRoot%\System32\DataUsageLiveTileTask.exe (No File)
Task: {096D3188-360A-44AE-AD0E-A8B12CA94972} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473880 2020-07-16] (Acer Incorporated -> Acer Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 93.93.32.32 93.93.33.33 192.168.22.1
Tcpip\..\Interfaces\{4e8c78d5-12f3-471b-bd12-26482e625aea}: [DhcpNameServer] 93.93.32.32 93.93.33.33 192.168.22.1
Tcpip\..\Interfaces\{774ed856-bf70-462c-ac71-60ea5fe1934c}: [DhcpNameServer] 40.33.1.66
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\vondr\AppData\Local\Microsoft\Edge\User Data\Default [2024-09-18]
Edge Extension: (Dokumenty Google offline) - C:\Users\vondr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-07-07]
Edge Extension: (Edge relevant text changes) - C:\Users\vondr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
FireFox:
========
FF DefaultProfile: gteda8g8.default
FF ProfilePath: C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Profiles\ob9ytkzq.default-release-1 [2024-09-30]
FF Notifications: Mozilla\Firefox\Profiles\ob9ytkzq.default-release-1 -> hxxps://www.svetviry.cz; hxxps://calendar.google.com
FF Extension: (AdBlocker Ultimate) - C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Profiles\ob9ytkzq.default-release-1\Extensions\adblockultimate@adblockultimate.net.xpi [2024-07-18]
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Profiles\ob9ytkzq.default-release-1\Extensions\cs@dictionaries.addons.mozilla.org.xpi [2021-06-19]
FF Extension: (Language: Čeština (Czech)) - C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Profiles\ob9ytkzq.default-release-1\Extensions\langpack-cs@firefox.mozilla.org.xpi [2024-09-16]
FF Extension: (TWP - Translate Web Pages) - C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Profiles\ob9ytkzq.default-release-1\Extensions\{036a55b4-5e72-4d05-a06c-cba2dfcc134a}.xpi [2024-03-11]
FF Extension: (Adblock na Youtube™) - C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Profiles\ob9ytkzq.default-release-1\Extensions\{0ac04bdb-d698-452f-8048-bcef1a3f4b0d}.xpi [2022-02-21]
FF ProfilePath: C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Profiles\gteda8g8.default [2021-01-24]
FF NewTab: Mozilla\Firefox\Profiles\gteda8g8.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10378__200606
FF ProfilePath: C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Profiles\shkk2f8c.default-release-1621189060132 [2024-09-30]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-06-08] (Unity Technologies ApS -> Unity Technologies ApS)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2024-09-20] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avgbrowser.com/AVG Browser;version=3 -> C:\Program Files (x86)\AVG\Browser\Update\1.8.1582.3\npAvgBrowserUpdate3.dll [2022-12-13] (AVG Technologies USA, LLC -> AVG Technologies)
FF Plugin-x32: @update.avgbrowser.com/AVG Browser;version=9 -> C:\Program Files (x86)\AVG\Browser\Update\1.8.1582.3\npAvgBrowserUpdate3.dll [2022-12-13] (AVG Technologies USA, LLC -> AVG Technologies)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2024-09-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2024-09-20] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Profile 3
CHR Profile: C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Default [2024-09-30]
CHR Extension: (Tampermonkey) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2024-05-19]
CHR Extension: (Dokumenty Google offline) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-13]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-08-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Profile: C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-09-26]
CHR Profile: C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 3 [2024-09-30]
CHR Notifications: Profile 3 -> hxxps://calendar.google.com
CHR Extension: (Dokumenty Google offline) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-06]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-09-20]
CHR Extension: (Komponenta pro aplikaci BUSINESS 24) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\iaihapeddbkncmmikkpmeggfecohnahg [2023-07-17]
CHR Extension: (Violentmonkey) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\jinjaccalgkegednnccohejagnlnfdag [2024-09-25]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-08-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-06-07]
CHR Extension: (Crypto Web Extension) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjohlogcennenjhkfclfgaganagadkkm [2024-05-13]
CHR Profile: C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 4 [2024-09-19]
CHR Extension: (Dokumenty Google offline) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-18]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-10-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-09-20]
CHR Profile: C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 5 [2024-09-26]
CHR Notifications: Profile 5 -> hxxps://meet.google.com
CHR Extension: (Dokumenty Google offline) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-10]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-09-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-05-21]
CHR Profile: C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 6 [2024-06-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-25]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-09-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-09-27]
CHR Profile: C:\Users\vondr\AppData\Local\Google\Chrome\User Data\System Profile [2024-09-30]
CHR HKU\S-1-5-21-3501418858-3935017464-633493477-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-07-31] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [944048 2024-09-20] (Adobe Inc. -> Adobe Inc.)
S2 avg; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [209224 2022-12-13] (AVG Technologies USA, LLC -> AVG Technologies)
S3 avgm; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [209224 2022-12-13] (AVG Technologies USA, LLC -> AVG Technologies)
S3 AVGSecureBrowserElevationService; C:\Program Files (x86)\AVG\Browser\Application\128.0.26382.138\elevation_service.exe [1722592 2024-09-11] (AVG Technologies USA, LLC -> Gen Digital Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1087792 2024-09-18] (Gen Digital Inc. -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14042808 2024-09-08] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2024-09-17] (Dropbox, Inc -> Dropbox, Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4976976 2022-11-05] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 DropboxElevationService; C:\Program Files (x86)\Dropbox\Client\208.4.5824\DropboxElevationService.exe [1659288 2024-09-17] (Dropbox, Inc -> Dropbox, Inc.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [145224 2017-02-27] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.171.0825.0002\FileSyncHelper.exe [3523112 2024-09-19] (Microsoft Corporation -> Microsoft Corporation)
R2 IntelAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_581d7e91d349facc\AS\IAS\IntelAudioService.exe [412120 2023-09-17] (Intel Corporation -> Intel)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpDefenderCoreService.exe [1431160 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Muse Hub Background Service; C:\Program Files\WindowsApps\Muse.MuseHub_1.0.1.693_x64__rb9pth70m6nz6\Muse.Service.exe [169472 2023-01-08] (Musecy SM Ltd. -> Muse.Service)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.171.0825.0002\OneDriveUpdaterService.exe [3863592 2024-09-19] (Microsoft Corporation -> Microsoft Corporation)
R2 SMARTHelperService; C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTHelperService.exe [635328 2019-12-10] (SMART Technologies ULC -> SMART Technologies)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\NisSrv.exe [3199656 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MsMpEng.exe [133704 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [36800 2022-06-02] (Acer Incorporated -> Acer Incorporated)
R1 Amfilter; C:\WINDOWS\system32\DRIVERS\Amfltx64.sys [12288 2023-09-17] (Microsoft Windows Hardware Compatibility Publisher -> (Standard mouse types))
R3 Amusbprt; C:\WINDOWS\system32\DRIVERS\Amusbx64.sys [17920 2023-09-17] (Microsoft Windows Hardware Compatibility Publisher -> A4Tech Co.,Ltd.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [544768 2023-12-12] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [188416 2024-03-13] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2022-11-05] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [63696 2022-11-05] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 googledrivefs31626; C:\Program Files\Google\Drive File Stream\Drivers\31626\googledrivefs31626.sys [384096 2024-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 MpKsl59bee4c4; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1AE37338-2EA8-47EB-BFA4-8D8A2F357381}\MpKslDrv.sys [267552 2024-09-30] (Microsoft Windows -> Microsoft Corporation)
R3 rt68cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_0f3a2b5f72186666\rt68cx21x64.sys [717160 2023-09-14] (Realtek Semiconductor Corp. -> Realtek)
R3 SMARTMouseFilterx64; C:\WINDOWS\System32\drivers\SMARTMouseFilterx64.sys [18952 2019-12-10] (Microsoft Windows Hardware Compatibility Publisher -> SMART Technologies)
R3 SMARTVHidMiniVistaAmd64; C:\WINDOWS\System32\drivers\SMARTVHidMiniVistaAmd64.sys [28168 2019-12-10] (Microsoft Windows Hardware Compatibility Publisher -> SMART Technologies)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22080 2024-09-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [602392 2024-09-17] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2024-09-17] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Re: Prosím o kontrolu logu, děkuji
Ahoj,
poznas toto?
C:\explorerwi\explorer.exe
Otestuj na www.virustotal.com
+
Prescanuj PC s MBAM - vysledky sem
poznas toto?
C:\explorerwi\explorer.exe
Otestuj na www.virustotal.com
+
Prescanuj PC s MBAM - vysledky sem
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kontrolu logu, děkuji
Děkuji.
Uvedená složka ani soubor mi nic neříkají.
Kontrolu přes virustotal jsem neudělal, protože složka není vidět.
Udělal jsem sken pomocí Malwarebytes. Report vložit celý nemůžu, je moc dlouhý, přesahuje povolenou délku příspěvku asi 40x.
Vkládám aspon část:
-Scan Details-
Process: 1
Backdoor.XWorm, C:\explorerwi\explorer.exe, No Action By User, 7804, 1269865, 1.0.89911, , ame, , ,
Module: 4
Backdoor.XWorm, C:\explorerwi\explorer.exe, No Action By User, 7804, 1269865, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\EXPLORERWIN\mewobf.dll, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat\bindings\_rust.pyd, No Action By User, 7804, 1269880, 1.0.89911, , ame, , F918173FBDC6E75C93F64784F2C17050, 2C7A31DEC06DF4EEC6B068A0B4B009C8F52EF34ACE785C8B584408CB29CE28FD
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\_cffi_backend.cp311-win_amd64.pyd, No Action By User, 7804, 1269880, 1.0.89911, , ame, , 210DEF84BB2C35115A2B2AC25E3FFD8F, 59767B0918859BEDDF28A7D66A50431411FFD940C32B3E8347E6D938B60FACDF
Registry Key: 0
(No malicious items detected)
Registry Value: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 738
Backdoor.XWorm, C:\EXPLORERWI, No Action By User, 7804, 1269865, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\EXPLORERWIN, whitelisted, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\installation_store\sqlalchemy\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat\primitives\serialization\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\namespace_pkgs\module_and_namespace_package\a_test, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\installation_store\amazon_s3\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\urllib3\contrib\_securetransport\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\redirect_uri_page_renderer\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\installation_store\sqlite3\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\installation_store\models\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat\primitives\asymmetric\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pkg_resources\_vendor\importlib_resources\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat\primitives\twofactor\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\installation_store\file\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\authorize_url_generator\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pkg_resources\_vendor\pyparsing\diagram\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\urllib3\packages\backports\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat\primitives\ciphers\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\state_store\sqlalchemy\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\_vendor\importlib_resources\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\framework\editor\color\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\socket_mode\websocket_client\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\state_store\amazon_s3\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\_vendor\importlib_metadata\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\config\_validate_pyproject\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\namespace_pkgs\module_and_namespace_package, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pkg_resources\_vendor\more_itertools\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat\backends\openssl\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\_vendor\pyparsing\diagram\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat\bindings\openssl\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\resolution\resolvelib\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\axscript\Demos\client\asp\interrupt, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\state_store\sqlite3\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\requests_oauthlib\compliance_fixes\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\installation_store\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat\primitives\kdf\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\installation_store\sqlalchemy, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\_vendor\more_itertools\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pkg_resources\_vendor\jaraco\text\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\state_store\file\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\socket_mode\websockets\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\metadata\importlib\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat\primitives\serialization, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\namespace_pkgs\not_a_namespace_pkg\foo, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\urllib3\contrib\_securetransport, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\framework\editor\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\installation_store\amazon_s3, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\operations\install\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\authorization\demos\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pkg_resources\_vendor\pyparsing\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\shell\demos\servers\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\cachecontrol\caches\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\resolution\legacy\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\pygments\formatters\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pkg_resources\_vendor\packaging\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\operations\build\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\namespace_pkgs\project3\parent\child, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\installation_store\sqlite3, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat\primitives\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\token_rotation\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\namespace_pkgs\project2\parent\child, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\taskscheduler\test\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\namespace_pkgs\project1\parent\child, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\_vendor\jaraco\text\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\redirect_uri_page_renderer, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat\bindings\_rust\openssl, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\installation_store\models, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\socket_mode\aiohttp\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\socket_mode\builtin\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\_distutils\command\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\resolvelib\compat\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\pyparsing\diagram\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\pep517\in_process\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pkg_resources\_vendor\importlib_resources, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat\primitives\asymmetric, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\models\attachments\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pkg_resources\_vendor\jaraco\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\_vendor\packaging\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\directsound\test\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\_vendor\pyparsing\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat\primitives\twofactor, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\namespace_pkgs\not_a_namespace_pkg, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\pygments\filters\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\urllib3\packages\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat\backends\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\chardet\metadata\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat\bindings\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\state_utils\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\pygments\styles\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\axscript\server\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\pygments\lexers\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\installation_store\file, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\authorize_url_generator, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pkg_resources\_vendor\pyparsing\diagram, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_import\data\circular_imports\subpkg2\parent, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\distributions\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\urllib3\contrib\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\state_store\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\axscript\client\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\namespace_pkgs\both_portions\foo, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_tomllib\data\invalid\multiline-literal-str, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\socket_mode\websocket_client, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\state_store\sqlalchemy, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\urllib3\contrib\emscripten\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\scripts\VersionStamp\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\_vendor\importlib_resources, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\framework\editor\color, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\urllib3\packages\backports, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat\primitives\ciphers, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\state_store\amazon_s3, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\framework\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\Demos\security\sspi\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\models\metadata\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\pkg_resources\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\Demos\ocx\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\taskscheduler\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\SelfTest\PublicKey\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\models\messages\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\_vendor\jaraco\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\axscript\Demos\client\asp, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\SelfTest\Signature\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\Demos\app\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\axscript\Demos\client\wsh, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\config\_validate_pyproject, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\authorization\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\scintilla\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\axscript\test\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\_vendor\importlib_metadata, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\cachecontrol\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\platformdirs\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\urllib3\util\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\webencodings\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pkg_resources\_vendor\more_itertools, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\debugger\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\models\dialogs\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\_vendor\tomli\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\_vendor\pyparsing\diagram, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_tomllib\data\invalid\multiline-basic-str, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\namespace_pkgs\project3\parent, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\SelfTest\Protocol\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\namespace_pkgs\project2\parent, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\namespace_pkgs\project1\parent, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat\backends\openssl, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat\bindings\openssl, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\resolution\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\propsys\test\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\ifilter\demo\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\operations\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\axscript\Demos\client\ie, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\state_store\sqlite3, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\models\blocks\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\dialogs\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\locations\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\resolution\resolvelib, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\audit_logs\v1\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\docking\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\chardet\cli\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\directsound\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\Demos\c_extension\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\shell\demos\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\SelfTest\Cipher\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\charset_normalizer-3.3.2.dist-info, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\models\views\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat\bindings\_rust, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\SelfTest\Random\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\namespace_pkgs\both_portions, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\charset_normalizer\cli\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_tomllib\data\valid\multiline-basic-str, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\commands\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\mapi\demos\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\adsi\demos\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\shell\test\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\requests_oauthlib\compliance_fixes, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\metadata\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\resolvelib\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat\primitives\kdf, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\installation_store, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\requests_oauthlib-1.3.1.dist-info, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\axcontrol\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\Demos\win32wnet\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\network\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\socket_mode\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\namespace_pkgs\portion1\foo, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\packaging\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\bits\test\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\namespace_pkgs\portion2\foo, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\axscript\Demos\client, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\pyparsing\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\tools\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pkg_resources\_vendor\jaraco\text, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\Demos\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pkg_resources\_vendor\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\_vendor\more_itertools, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\_distutils\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\operations\install, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\Demos\security\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\pygments\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\tenacity\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_tomllib\data\invalid\dates-and-times, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\SelfTest\Math\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\models\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\colorama\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\metadata\importlib, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\idle\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\internet\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\audit_logs\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\framework\editor, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pkg_resources\extern\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\http_retry\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_tomllib\data\invalid\array-of-tables, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_import\data\circular_imports\subpkg2, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\socket_mode\websockets, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\axscript\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\requests\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\state_store\file, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\SelfTest\Util\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\SelfTest\Hash\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\urllib3-2.2.2.dist-info\licenses, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\Demos\service\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\data03\namespace\portion2, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\pygments\formatters, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pkg_resources\_vendor\pyparsing, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\mfc\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\shell\demos\servers, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\urllib3\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\propsys\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\index\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\ifilter\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\signature\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\data03\namespace\portion1, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_import\data\circular_imports\subpkg, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\resolution\legacy, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\utils\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\cachecontrol\caches, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\certifi\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\axdebug\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\chardet\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\distlib\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\authorization\demos, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\msgpack\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pkg_resources\_vendor\packaging, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pyasn1\codec\native\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat\primitives, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\distro\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\_vendor\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\operations\build, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\requests_html-0.10.0.dist-info, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_tomllib\data\invalid\keys-and-vals, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\charset_normalizer\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\command\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_tomllib\data\valid\dates-and-times, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\token_rotation, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\pep517\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\SelfTest\IO\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\taskscheduler\test, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\_vendor\jaraco\text, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\namespace_pkgs\project3, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack\web\classes\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\adodbapi\examples\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_tomllib\data\invalid\inline-table, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\shell\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\socket_mode\builtin, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\pep517\in_process, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\resolvelib\compat, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\socket_mode\aiohttp, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\extern\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\req\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\scim\v1\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\namespace_pkgs\portion1, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\x509\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\config\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\Demos\pipes\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\HttpAntiDebug-1.0.4.dist-info, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\namespace_pkgs\project2, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\cli\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\namespace_pkgs\project1, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\_distutils\command, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pycryptodome-3.20.0.dist-info, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\pyparsing\diagram, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography-42.0.8.dist-info, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\requests_oauthlib\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\vcs\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\webhook\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\namespace_pkgs\portion2, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\tomli\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pkg_resources\_vendor\jaraco, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\_vendor\packaging, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\_vendor\pyparsing, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\errors\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\models\attachments, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\models\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\rtm\v2\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\rtm_v2\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\scripts\ce\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32com\servers\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\adsi\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\bits\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\directsound\test, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\mapi\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_tomllib\data\invalid\dotted-keys, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_tomllib\data\invalid\literal-str, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\PublicKey\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\Signature\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat\backends, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat\bindings, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\chardet\metadata, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\idna\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\pygments\filters, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\rich\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\urllib3\packages, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pyasn1\codec\ber\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pyasn1\codec\cer\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pyasn1\codec\der\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\urllib3\contrib\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\distributions, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\axscript\server, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\axscript\client, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32com\client\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack\signature\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\SelfTest\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools-65.5.0.dist-info, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\_distutils_hack\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\pygments\styles, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\state_utils, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32com\server\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\Protocol\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\state_store, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\pygments\lexers, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\urllib3\contrib, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\Demos\dde\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32com\makegw\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\urllib3\contrib\emscripten, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\scim\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk-3.29.0.dist-info, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\axscript\Demos, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\certifi-2024.6.2.dist-info, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32com\demos\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\scripts\VersionStamp, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\pkg_resources, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\models\metadata, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\Demos\security\sspi, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\framework, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pkg_resources\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\requests-2.31.0.dist-info, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\rtm\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\scintilla, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\authorization, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\_vendor\jaraco, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\Cipher\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\Random\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\Demos\app, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32com\test\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\Demos\ocx, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\scripts\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\SelfTest\PublicKey, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\SelfTest\Signature, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack\webhook\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\models\messages, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\HttpAntiDebug\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\data01\subdirectory, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\adodbapi\test\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\taskscheduler, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\isapi\samples\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\axscript\test, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pycparser\ply\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pyasn1\compat\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\web\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pycparser-2.22.dist-info, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\cachecontrol, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\_vendor\tomli, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\psutil\tests\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\webencodings, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\debugger, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\operations, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_import\data\circular_imports, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\platformdirs, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\urllib3\util, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\models\dialogs, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\resolution, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\ifilter\demo, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_tomllib\data\invalid\boolean, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\SelfTest\Protocol, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\urllib3\util\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\test\win32rcparser, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pyasn1\codec\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\propsys\test, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\models\blocks, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\directsound, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\Hash\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\audit_logs\v1, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pyasn1\type\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\Demos\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\shell\demos, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\Demos\c_extension, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\Math\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\docking, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\urllib3-2.2.2.dist-info, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\locations, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\dialogs, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\Util\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\chardet\cli, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\mapi\demos, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\psutil-6.0.0.dist-info, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\metadata, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\commands, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\models\views, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\resolvelib, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\test\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_tomllib\data\invalid\table, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\adsi\demos, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\SelfTest\Cipher, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pyasn1-0.6.0.dist-info, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\data03\namespace, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_tomllib\data\invalid\array, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\shell\test, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\charset_normalizer\cli, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\isapi\test\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\SelfTest\Random, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\network, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\IO\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cffi-1.16.0.dist-info, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pycparser\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\_distutils, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\bits\test, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack\web\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pkg_resources\_vendor, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\namespacedata01, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\lib\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\tools, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\socket_mode, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pywin32-306.dist-info, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\Demos\win32wnet, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\Demos, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\axcontrol, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\packaging, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\pyparsing, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack\rtm\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\internet, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\tenacity, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\requests, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\models, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\idle, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\SelfTest\Util, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\Demos\security, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\adodbapi\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\audit_logs, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\SelfTest\Hash, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\requests\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\namespace_pkgs, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32com\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\colorama, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_tomllib\data\valid\array, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\pygments, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\http_retry, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\SelfTest\Math, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pkg_resources\extern, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\axscript, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\ifilter, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\index, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\propsys, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\WMI-1.5.1.dist-info, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\certifi, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\msgpack, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\axdebug, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\chardet, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\distlib, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32com\HTML\image, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\certifi\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\mfc, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pyasn1\codec\native, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\signature, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\lib2to3\tests\data\fixers\myfixes, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\urllib3\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\Demos\service, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\utils, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\urllib3, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\psutil\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\charset_normalizer, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pyasn1\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\_vendor, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip-22.3.dist-info, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\Demos\images, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_import\data\unwritable, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\distro, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\command, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\pep517, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\SelfTest\IO, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\idna-3.7.dist-info, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\x509, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\adodbapi\examples, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\shell, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\isapi\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\vcs, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\tomli, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\scim\v1, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\webhook, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\cli, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\config, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\req, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\requests_oauthlib, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\Demos\pipes, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack\web\classes, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\extern, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\importlib\resources\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cffi\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\concurrent\futures\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\scripts\ce, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32com\include, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\rtm_v2, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\idna\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\Signature, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\idna, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\rich, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\importlib\metadata\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\rtm\v2, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32com\servers, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\PublicKey, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pywin32_system32, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_tomllib\data\invalid, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\adsi, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pyasn1\codec\ber, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pyasn1\codec\cer, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\data02\two, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\models, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\errors, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\bits, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pyasn1\codec\der, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_import\data\package2, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\data02\one, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\mapi, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack\signature, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\urllib3\contrib, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\SelfTest, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_import\data\package, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\_distutils_hack, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\Protocol, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\Demos\dde, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32com\server, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32com\client, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32com\makegw, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\extension, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\resources, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\zipdata01, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\zipdata02, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\scim, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_tomllib\data\valid, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32com\demos, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\isapi\samples, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\adodbapi\test, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\include, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pyasn1\compat, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pkg_resources, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack\webhook, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32com\libs, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\import_, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\builtin, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32com\test, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\rtm, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32com\HTML, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\HttpAntiDebug, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\Random, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\scripts, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\web, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\Cipher, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pycparser\ply, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\partial, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\psutil\tests, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\data01, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pyasn1\codec, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\data03, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\data02, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\source, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\urllib3\util, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\frozen, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\Demos, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pyasn1\type, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\Math, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\Util, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\Hash, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\lib2to3\tests\data\fixers, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\tkinter\test\test_tkinter, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\libs, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\isapi\test, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\xmltestdata\c14n-20, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\data, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\test, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\isapi\doc, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_peg_generator, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\lib, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pycparser, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\xml\parsers\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\collections\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_warnings\data, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\IO, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack\rtm, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_zoneinfo\data, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack\web, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32com, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\adodbapi, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_tomllib\data, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\unittest\test\testmock, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\concurrent\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\requests, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\certifi, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\encodings\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\multiprocessing\dummy, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\urllib3, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_import\data, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\importlib\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\tkinter\test\test_ttk, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\ensurepip\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\decimaltestdata, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\encoded_modules, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_email\data, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\psutil, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pyasn1, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\subprocessdata, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\logging\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\asyncio\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\importlib\resources, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\isapi, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\sqlite3\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\ctypes\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_warnings, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\ensurepip\_bundled, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_zoneinfo, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\tracedmodules, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\importlib\metadata, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\lib2to3\tests\data, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cffi, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\idna, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\urllib\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\venv\scripts\posix, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\concurrent\futures, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\xmlrpc\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\distutils\command, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_tomllib, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\cjkencodings, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\idlelib\idle_test, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_asyncio, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_sqlite3, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\email\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\json\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\libregrtest, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\http\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\html\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\ziptestdata, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\xmltestdata, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_import, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_tools, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\sndhdrdata, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\xml\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\dtracedata, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\imghdrdata, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_email, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\multiprocessing, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\ctypes\macholib, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\distutils\tests, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\__phello__\ham, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\audiodata, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_json, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\re\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\lib2to3\fixes, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\unittest\test, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\lib2to3\pgen2, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\crashers, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\idlelib\Icons, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\lib2to3\tests, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\leakers, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\support, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\tkinter\test, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\capath, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\xml\parsers, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\ctypes\test, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\collections, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\concurrent, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\email\mime, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\turtledemo, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\pydoc_data, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\__phello__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\distutils, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\encodings, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\ensurepip, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\xml\etree, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\data, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\importlib, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\unittest, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\zoneinfo, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\logging, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\asyncio, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\tkinter, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\tomllib, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\lib2to3, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\wsgiref, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\xml\dom, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\xml\sax, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\idlelib, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\sqlite3, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\curses, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\msilib, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\urllib, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\ctypes, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\xmlrpc, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\email, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\http, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\json, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\html, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\xml, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\dbm, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\re, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Uvedená složka ani soubor mi nic neříkají.
Kontrolu přes virustotal jsem neudělal, protože složka není vidět.
Udělal jsem sken pomocí Malwarebytes. Report vložit celý nemůžu, je moc dlouhý, přesahuje povolenou délku příspěvku asi 40x.
Vkládám aspon část:
-Scan Details-
Process: 1
Backdoor.XWorm, C:\explorerwi\explorer.exe, No Action By User, 7804, 1269865, 1.0.89911, , ame, , ,
Module: 4
Backdoor.XWorm, C:\explorerwi\explorer.exe, No Action By User, 7804, 1269865, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\EXPLORERWIN\mewobf.dll, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat\bindings\_rust.pyd, No Action By User, 7804, 1269880, 1.0.89911, , ame, , F918173FBDC6E75C93F64784F2C17050, 2C7A31DEC06DF4EEC6B068A0B4B009C8F52EF34ACE785C8B584408CB29CE28FD
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\_cffi_backend.cp311-win_amd64.pyd, No Action By User, 7804, 1269880, 1.0.89911, , ame, , 210DEF84BB2C35115A2B2AC25E3FFD8F, 59767B0918859BEDDF28A7D66A50431411FFD940C32B3E8347E6D938B60FACDF
Registry Key: 0
(No malicious items detected)
Registry Value: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 738
Backdoor.XWorm, C:\EXPLORERWI, No Action By User, 7804, 1269865, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\EXPLORERWIN, whitelisted, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\installation_store\sqlalchemy\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat\primitives\serialization\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\namespace_pkgs\module_and_namespace_package\a_test, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\installation_store\amazon_s3\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\urllib3\contrib\_securetransport\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\redirect_uri_page_renderer\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\installation_store\sqlite3\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\installation_store\models\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat\primitives\asymmetric\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pkg_resources\_vendor\importlib_resources\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat\primitives\twofactor\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\installation_store\file\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\authorize_url_generator\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pkg_resources\_vendor\pyparsing\diagram\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\urllib3\packages\backports\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat\primitives\ciphers\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\state_store\sqlalchemy\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\_vendor\importlib_resources\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\framework\editor\color\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\socket_mode\websocket_client\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\state_store\amazon_s3\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\_vendor\importlib_metadata\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\config\_validate_pyproject\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\namespace_pkgs\module_and_namespace_package, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pkg_resources\_vendor\more_itertools\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat\backends\openssl\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\_vendor\pyparsing\diagram\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat\bindings\openssl\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\resolution\resolvelib\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\axscript\Demos\client\asp\interrupt, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\state_store\sqlite3\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\requests_oauthlib\compliance_fixes\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\installation_store\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat\primitives\kdf\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\installation_store\sqlalchemy, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\_vendor\more_itertools\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pkg_resources\_vendor\jaraco\text\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\state_store\file\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\socket_mode\websockets\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\metadata\importlib\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat\primitives\serialization, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\namespace_pkgs\not_a_namespace_pkg\foo, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\urllib3\contrib\_securetransport, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\framework\editor\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\installation_store\amazon_s3, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\operations\install\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\authorization\demos\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pkg_resources\_vendor\pyparsing\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\shell\demos\servers\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\cachecontrol\caches\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\resolution\legacy\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\pygments\formatters\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pkg_resources\_vendor\packaging\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\operations\build\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\namespace_pkgs\project3\parent\child, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\installation_store\sqlite3, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat\primitives\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\token_rotation\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\namespace_pkgs\project2\parent\child, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\taskscheduler\test\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\namespace_pkgs\project1\parent\child, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\_vendor\jaraco\text\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\redirect_uri_page_renderer, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat\bindings\_rust\openssl, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\installation_store\models, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\socket_mode\aiohttp\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\socket_mode\builtin\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\_distutils\command\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\resolvelib\compat\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\pyparsing\diagram\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\pep517\in_process\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pkg_resources\_vendor\importlib_resources, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat\primitives\asymmetric, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\models\attachments\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pkg_resources\_vendor\jaraco\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\_vendor\packaging\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\directsound\test\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\_vendor\pyparsing\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat\primitives\twofactor, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\namespace_pkgs\not_a_namespace_pkg, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\pygments\filters\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\urllib3\packages\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat\backends\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\chardet\metadata\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat\bindings\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\state_utils\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\pygments\styles\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\axscript\server\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\pygments\lexers\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\installation_store\file, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\authorize_url_generator, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pkg_resources\_vendor\pyparsing\diagram, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_import\data\circular_imports\subpkg2\parent, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\distributions\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\urllib3\contrib\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\state_store\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\axscript\client\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\namespace_pkgs\both_portions\foo, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_tomllib\data\invalid\multiline-literal-str, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\socket_mode\websocket_client, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\state_store\sqlalchemy, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\urllib3\contrib\emscripten\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\scripts\VersionStamp\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\_vendor\importlib_resources, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\framework\editor\color, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\urllib3\packages\backports, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat\primitives\ciphers, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\state_store\amazon_s3, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\framework\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\Demos\security\sspi\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\models\metadata\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\pkg_resources\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\Demos\ocx\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\taskscheduler\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\SelfTest\PublicKey\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\models\messages\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\_vendor\jaraco\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\axscript\Demos\client\asp, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\SelfTest\Signature\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\Demos\app\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\axscript\Demos\client\wsh, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\config\_validate_pyproject, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\authorization\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\scintilla\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\axscript\test\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\_vendor\importlib_metadata, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\cachecontrol\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\platformdirs\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\urllib3\util\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\webencodings\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pkg_resources\_vendor\more_itertools, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\debugger\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\models\dialogs\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\_vendor\tomli\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\_vendor\pyparsing\diagram, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_tomllib\data\invalid\multiline-basic-str, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\namespace_pkgs\project3\parent, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\SelfTest\Protocol\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\namespace_pkgs\project2\parent, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\namespace_pkgs\project1\parent, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat\backends\openssl, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat\bindings\openssl, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\resolution\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\propsys\test\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\ifilter\demo\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\operations\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\axscript\Demos\client\ie, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\state_store\sqlite3, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\models\blocks\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\dialogs\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\locations\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\resolution\resolvelib, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\audit_logs\v1\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\docking\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\chardet\cli\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\directsound\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\Demos\c_extension\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\shell\demos\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\SelfTest\Cipher\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\charset_normalizer-3.3.2.dist-info, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\models\views\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat\bindings\_rust, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\SelfTest\Random\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\namespace_pkgs\both_portions, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\charset_normalizer\cli\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_tomllib\data\valid\multiline-basic-str, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\commands\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\mapi\demos\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\adsi\demos\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\shell\test\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\requests_oauthlib\compliance_fixes, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\metadata\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\resolvelib\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat\primitives\kdf, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\installation_store, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\requests_oauthlib-1.3.1.dist-info, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\axcontrol\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\Demos\win32wnet\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\network\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\socket_mode\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\namespace_pkgs\portion1\foo, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\packaging\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\bits\test\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\namespace_pkgs\portion2\foo, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\axscript\Demos\client, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\pyparsing\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\tools\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pkg_resources\_vendor\jaraco\text, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\Demos\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pkg_resources\_vendor\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\_vendor\more_itertools, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\_distutils\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\operations\install, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\Demos\security\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\pygments\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\tenacity\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_tomllib\data\invalid\dates-and-times, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\SelfTest\Math\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\models\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\colorama\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\metadata\importlib, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\idle\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\internet\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\audit_logs\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\framework\editor, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pkg_resources\extern\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\http_retry\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_tomllib\data\invalid\array-of-tables, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_import\data\circular_imports\subpkg2, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\socket_mode\websockets, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\axscript\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\requests\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\state_store\file, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\SelfTest\Util\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\SelfTest\Hash\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\urllib3-2.2.2.dist-info\licenses, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\Demos\service\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\data03\namespace\portion2, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\pygments\formatters, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pkg_resources\_vendor\pyparsing, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\mfc\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\shell\demos\servers, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\urllib3\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\propsys\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\index\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\ifilter\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\signature\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\data03\namespace\portion1, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_import\data\circular_imports\subpkg, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\resolution\legacy, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\utils\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\cachecontrol\caches, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\certifi\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\axdebug\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\chardet\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\distlib\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\authorization\demos, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\msgpack\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pkg_resources\_vendor\packaging, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pyasn1\codec\native\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat\primitives, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\distro\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\_vendor\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\operations\build, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\requests_html-0.10.0.dist-info, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_tomllib\data\invalid\keys-and-vals, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\charset_normalizer\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\command\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_tomllib\data\valid\dates-and-times, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\token_rotation, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\pep517\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\SelfTest\IO\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\taskscheduler\test, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\_vendor\jaraco\text, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\namespace_pkgs\project3, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack\web\classes\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\adodbapi\examples\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_tomllib\data\invalid\inline-table, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\shell\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\socket_mode\builtin, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\pep517\in_process, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\resolvelib\compat, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\socket_mode\aiohttp, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\extern\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\req\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\scim\v1\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\namespace_pkgs\portion1, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\x509\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\config\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\Demos\pipes\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\HttpAntiDebug-1.0.4.dist-info, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\namespace_pkgs\project2, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\cli\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\namespace_pkgs\project1, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\_distutils\command, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pycryptodome-3.20.0.dist-info, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\pyparsing\diagram, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography-42.0.8.dist-info, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\requests_oauthlib\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\vcs\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\webhook\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\namespace_pkgs\portion2, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\tomli\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pkg_resources\_vendor\jaraco, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\_vendor\packaging, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\_vendor\pyparsing, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\errors\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\models\attachments, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\models\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\rtm\v2\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\rtm_v2\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\scripts\ce\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32com\servers\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\adsi\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\bits\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\directsound\test, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\mapi\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_tomllib\data\invalid\dotted-keys, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_tomllib\data\invalid\literal-str, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\PublicKey\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\Signature\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat\backends, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat\bindings, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\chardet\metadata, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\idna\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\pygments\filters, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\rich\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\urllib3\packages, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pyasn1\codec\ber\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pyasn1\codec\cer\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pyasn1\codec\der\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\urllib3\contrib\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\distributions, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\axscript\server, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\axscript\client, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32com\client\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack\signature\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\SelfTest\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools-65.5.0.dist-info, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\_distutils_hack\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\pygments\styles, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\state_utils, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32com\server\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\Protocol\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth\state_store, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\pygments\lexers, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\urllib3\contrib, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\Demos\dde\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32com\makegw\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\urllib3\contrib\emscripten, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\scim\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk-3.29.0.dist-info, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\axscript\Demos, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\certifi-2024.6.2.dist-info, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32com\demos\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\scripts\VersionStamp, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\pkg_resources, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\models\metadata, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\Demos\security\sspi, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\framework, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pkg_resources\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\requests-2.31.0.dist-info, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\rtm\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\scintilla, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\authorization, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\_vendor\jaraco, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\Cipher\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\Random\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\Demos\app, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32com\test\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\Demos\ocx, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\scripts\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\SelfTest\PublicKey, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\SelfTest\Signature, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack\webhook\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\models\messages, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\HttpAntiDebug\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\data01\subdirectory, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\adodbapi\test\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\taskscheduler, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\isapi\samples\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\axscript\test, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pycparser\ply\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pyasn1\compat\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\web\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pycparser-2.22.dist-info, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\cachecontrol, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\_vendor\tomli, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\psutil\tests\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\webencodings, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\debugger, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\operations, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_import\data\circular_imports, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\platformdirs, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\urllib3\util, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\models\dialogs, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\resolution, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\ifilter\demo, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_tomllib\data\invalid\boolean, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\SelfTest\Protocol, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\urllib3\util\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\test\win32rcparser, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pyasn1\codec\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\propsys\test, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\models\blocks, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\directsound, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\Hash\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\audit_logs\v1, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pyasn1\type\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\Demos\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\shell\demos, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\Demos\c_extension, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\Math\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\docking, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\urllib3-2.2.2.dist-info, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\locations, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\dialogs, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\Util\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\chardet\cli, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\mapi\demos, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\psutil-6.0.0.dist-info, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\metadata, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\commands, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\models\views, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\resolvelib, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\test\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_tomllib\data\invalid\table, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\adsi\demos, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\SelfTest\Cipher, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pyasn1-0.6.0.dist-info, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\data03\namespace, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_tomllib\data\invalid\array, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\shell\test, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\charset_normalizer\cli, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\isapi\test\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\SelfTest\Random, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\network, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\IO\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cffi-1.16.0.dist-info, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pycparser\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\_distutils, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\bits\test, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack\web\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pkg_resources\_vendor, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\namespacedata01, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\lib\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\tools, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\socket_mode, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pywin32-306.dist-info, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\Demos\win32wnet, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\Demos, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\axcontrol, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\packaging, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\pyparsing, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack\rtm\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\internet, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\tenacity, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\requests, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\models, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\idle, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\SelfTest\Util, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\Demos\security, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\adodbapi\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\audit_logs, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\SelfTest\Hash, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\requests\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\namespace_pkgs, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32com\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\colorama, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_tomllib\data\valid\array, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\pygments, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\http_retry, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\SelfTest\Math, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pkg_resources\extern, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\axscript, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\ifilter, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\index, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\propsys, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\WMI-1.5.1.dist-info, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\hazmat, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\certifi, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\msgpack, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\axdebug, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\chardet, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\distlib, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32com\HTML\image, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\certifi\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin\mfc, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pyasn1\codec\native, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\signature, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\lib2to3\tests\data\fixers\myfixes, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\urllib3\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\Demos\service, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\utils, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\urllib3, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\psutil\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\charset_normalizer, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pyasn1\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\_vendor, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip-22.3.dist-info, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\Demos\images, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_import\data\unwritable, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\distro, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\command, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\pep517, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\SelfTest\IO, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\idna-3.7.dist-info, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography\x509, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\adodbapi\examples, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\shell, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\isapi\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\vcs, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\tomli, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\scim\v1, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\webhook, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\cli, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\config, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal\req, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\requests_oauthlib, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\Demos\pipes, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack\web\classes, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools\extern, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\importlib\resources\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cffi\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\concurrent\futures\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\scripts\ce, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32com\include, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\rtm_v2, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\idna\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\Signature, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\idna, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor\rich, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\importlib\metadata\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\rtm\v2, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32com\servers, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\PublicKey, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pywin32_system32, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_tomllib\data\invalid, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\adsi, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pyasn1\codec\ber, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pyasn1\codec\cer, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\data02\two, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\models, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\errors, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\bits, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pyasn1\codec\der, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_import\data\package2, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\data02\one, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext\mapi, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack\signature, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\urllib3\contrib, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\SelfTest, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_import\data\package, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\_distutils_hack, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\oauth, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\Protocol, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\Demos\dde, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32com\server, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pythonwin\pywin, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32com\client, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32com\makegw, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\extension, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\resources, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\zipdata01, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\zipdata02, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\scim, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_tomllib\data\valid, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32com\demos, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\isapi\samples, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\adodbapi\test, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\include, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pyasn1\compat, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pkg_resources, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack\webhook, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32com\libs, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\import_, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\builtin, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32com\test, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_internal, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\rtm, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32com\HTML, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\HttpAntiDebug, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\Random, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\scripts, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk\web, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\Cipher, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pycparser\ply, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\partial, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\psutil\tests, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\data01, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pyasn1\codec, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\data03, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\data02, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\source, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\urllib3\util, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\frozen, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cryptography, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32comext, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\Demos, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pyasn1\type, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\Math, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip\_vendor, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\Util, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\Hash, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\lib2to3\tests\data\fixers, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\tkinter\test\test_tkinter, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\libs, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\isapi\test, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\xmltestdata\c14n-20, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\setuptools, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib\data, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\test, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\isapi\doc, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_peg_generator, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32\lib, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pycparser, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\xml\parsers\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\collections\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_warnings\data, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto\IO, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack\rtm, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack_sdk, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_zoneinfo\data, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack\web, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32com, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\adodbapi, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_tomllib\data, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\unittest\test\testmock, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\concurrent\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\requests, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\certifi, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\encodings\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\multiprocessing\dummy, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\urllib3, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_import\data, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\importlib\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\tkinter\test\test_ttk, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\ensurepip\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\decimaltestdata, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\encoded_modules, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_email\data, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\psutil, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pyasn1, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\Crypto, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\subprocessdata, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\logging\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\asyncio\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\win32, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\importlib\resources, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_importlib, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\isapi, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\sqlite3\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\slack, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\ctypes\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_warnings, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\ensurepip\_bundled, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_zoneinfo, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\tracedmodules, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\importlib\metadata, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\lib2to3\tests\data, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\cffi, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\idna, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\urllib\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\venv\scripts\posix, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\concurrent\futures, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\xmlrpc\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\distutils\command, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_tomllib, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\cjkencodings, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\idlelib\idle_test, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_asyncio, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_sqlite3, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\email\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\site-packages\pip, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\json\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\libregrtest, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\http\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\html\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\ziptestdata, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\xmltestdata, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_import, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_tools, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\sndhdrdata, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\xml\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\dtracedata, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\imghdrdata, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_email, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\multiprocessing, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\ctypes\macholib, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\distutils\tests, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\__phello__\ham, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\audiodata, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\test_json, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\re\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\lib2to3\fixes, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\unittest\test, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\lib2to3\pgen2, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\crashers, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\idlelib\Icons, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\lib2to3\tests, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\leakers, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\support, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\tkinter\test, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\__pycache__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\capath, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\xml\parsers, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\ctypes\test, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\collections, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\concurrent, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\email\mime, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\turtledemo, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\pydoc_data, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\__phello__, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\distutils, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\encodings, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\ensurepip, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\xml\etree, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test\data, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\importlib, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\unittest, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\zoneinfo, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\logging, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\asyncio, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\tkinter, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\tomllib, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\lib2to3, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\wsgiref, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\xml\dom, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\xml\sax, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\idlelib, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\sqlite3, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\curses, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\msilib, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\urllib, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\ctypes, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\xmlrpc, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\email, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\http, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\json, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\test, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\html, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\xml, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\dbm, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Backdoor.XWorm, C:\explorerwin\Lib\re, No Action By User, 7804, 1269880, 1.0.89911, , ame, , ,
Re: Prosím o kontrolu logu, děkuji
Malwarebytes:
Bylo tam přes 7000 threats. Použil jsem na ně karanténu.
Po dalším skenu to již žádný threat nehlásí.
Bylo tam přes 7000 threats. Použil jsem na ně karanténu.
Po dalším skenu to již žádný threat nehlásí.
Re: Prosím o kontrolu logu, děkuji
Tak to vidis, zavirenie jak svina
Vloz oba aktualne logy frst na kontrolu
Vloz oba aktualne logy frst na kontrolu
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kontrolu logu, děkuji
Vkládám nové logy:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-09-2024
Ran by vondr (administrator) on ACER (Acer Aspire A515-54) (02-10-2024 18:34:19)
Running from C:\Users\vondr\Downloads\FRST64.exe
Loaded Profiles: vondr
Platform: Microsoft Windows 11 Home Version 23H2 22631.4169 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\1.3.911.1\DropboxCrashHandler.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\WerFaultSecure.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_92cf9d9d84f1d3db\igfxCUIService.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_92cf9d9d84f1d3db\igfxEM.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ELANFPService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_3cbddcc68b1c0da2\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_a55aa2cd52a3429d\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_581d7e91d349facc\AS\IAS\IntelAudioService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_31a8dbbf39dcdc3b\jhi_service.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_92cf9d9d84f1d3db\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_0f76d7f335b833dc\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_0f76d7f335b833dc\IntelCpHeciSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Musecy SM Ltd. -> Muse.Service) C:\Program Files\WindowsApps\Muse.MuseHub_1.0.1.693_x64__rb9pth70m6nz6\Muse.Service.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(services.exe ->) (SMART Technologies ULC -> SMART Technologies) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTHelperService.exe
(svchost.exe ->) (AVG Technologies USA, LLC -> AVG Technologies) C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WidgetsPlatformRuntime_1.4.0.0_x64__8wekyb3d8bbwe\WidgetService\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [953120 2019-12-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SMARTNotification] => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTNotification.exe [209856 2019-12-10] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [SMART Board Service] => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTBoardService.exe [2772416 2019-12-10] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [SMART Tray Tools] => C:\Program Files (x86)\Common Files\SMART Technologies\SystemMenu\SMARTSystemMenu.exe [654272 2019-12-01] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [sbsdk-server] => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\sbsdk-server\NodeLauncher.exe [68544 2019-11-08] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [SMART Ink] => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTInk.exe [287680 2019-12-11] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [Family Tree Builder Update] => C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [17935752 2021-03-21] (MyHeritage (USA) Inc. -> MyHeritage)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [9235344 2024-09-17] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [460944 2022-09-01] (Power Software Limited -> Power Software Ltd)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [1130416 2024-09-20] (Adobe Inc. -> Adobe Inc.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\97.0.1.0\GoogleDriveFS.exe [61368936 2024-09-16] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\97.0.1.0\GoogleDriveFS.exe [61368936 2024-09-16] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4919200 2024-09-19] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45125936 2024-09-18] (Gen Digital Inc. -> Piriform Software Ltd)
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\Run: [Discord] => C:\Users\vondr\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\97.0.1.0\GoogleDriveFS.exe [61368936 2024-09-16] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [482128 2022-11-05] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\Run: [AVGBrowserAutoLaunch_7EE2BFE1B3B8A803197E356BCB586469] => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [3174568 2024-09-11] (AVG Technologies USA, LLC -> Gen Digital Inc.)
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\MountPoints2: {3e27dab4-5d29-11ed-a894-b4a9fc4636cb} - "D:\OInstall.exe"
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\97.0.1.0\GoogleDriveFS.exe [61368936 2024-09-16] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\SMART Local Port: C:\Windows\system32\smrtlocalmon.dll [38336 2019-12-11] (SMART Technologies ULC -> SMART Technologies ULC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{48F69C39-1356-4A7B-A899-70E3539D4982}] -> C:\Program Files (x86)\AVG\Browser\Application\128.0.26382.138\Installer\chrmstp.exe [2024-09-19] (AVG Technologies USA, LLC -> Gen Digital Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\129.0.6668.71\Installer\chrmstp.exe [2024-10-02] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\Users\vondr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2022-02-06]
ShortcutTarget: MEGAsync.lnk -> C:\Users\vondr\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {73136951-D3EA-421A-8B36-39C07D0E4620} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe -> C:\Program Files (x86)\Acer\Care Center\-auto
Task: {ED036599-25D7-4C26-80B1-92B38836DE1E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1563080 2024-07-31] (Adobe Inc. -> Adobe Inc.)
Task: {3A63133B-6693-4CB2-B7A7-FCC88C32D7BE} - System32\Tasks\AVG Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [3174568 2024-09-11] (AVG Technologies USA, LLC -> Gen Digital Inc.)
Task: {2051A499-55AF-40E9-A3B3-8D20AD3BB528} - System32\Tasks\AVG Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [3174568 2024-09-11] (AVG Technologies USA, LLC -> Gen Digital Inc.)
Task: {C5720183-AAC2-407E-A929-563A52583F12} - System32\Tasks\AVGBrowserProtectS-1-5-21-3501418858-3935017464-633493477-1001 => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowserProtect.exe [1690040 2024-04-23] (AVG Technologies USA, LLC -> Gen Digital Inc.)
Task: {8DE0C78B-7DCE-45AA-9BF5-7EE547BF8A77} - System32\Tasks\AVGUpdateTaskMachineCore => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [209224 2022-12-13] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {D024C990-8584-4BE7-A555-0A4FAE095D04} - System32\Tasks\AVGUpdateTaskMachineUA => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [209224 2022-12-13] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {1CC399E4-A613-4C86-825E-506CF2EC7796} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [829408 2024-09-18] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {AC3EEF36-3C8F-47A4-BAB2-2F566D9C5ADC} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5937456 2024-09-18] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "72f88dc7-1a5a-4773-a687-e6ea72779fdd" --version "6.28.11297" --silent
Task: {56FCD6C3-AD0E-45D3-8B1E-386BC75ECDA7} - System32\Tasks\CCleanerSkipUAC - vondr => C:\Program Files\CCleaner\CCleaner.exe [39012144 2024-09-18] (Gen Digital Inc. -> Piriform Software Ltd)
Task: {76207EF4-D7A4-476C-AAF1-D17A3C9F2BB7} - System32\Tasks\CorelUpdateHelperTaskCore => C:\Program Files (x86)\Corel\CUH\v2\CUH.EXE [1589696 2016-08-25] (Corel Corporation -> Corel Corporation)
Task: {063E0D4F-A169-42D1-B0D0-6D23A17987C4} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {F5D9ED7C-22FB-406A-AEB1-B54A25166D3B} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {C938C892-9D4E-4E5D-847A-7D2346394EB9} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{796DF830-26B5-4C96-8720-2ABD1B9CD1F7} => C:\Program Files (x86)\Google\GoogleUpdater\130.0.6679.0\updater.exe [4884584 2024-08-26] (Google LLC -> Google LLC)
Task: {259B4B62-25EA-4089-A510-0B87DE93A06F} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-3501418858-3935017464-633493477-1001 => C:\Users\vondr\AppData\Local\MEGAsync\MEGAupdater.exe [2531592 2024-06-11] (Mega Limited -> )
Task: {7C7864B9-673B-49E2-9BD4-1E674A6D0FDE} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28617448 2024-09-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {8755CF8A-EF60-4A43-B188-BC733E2853FF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28617448 2024-09-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {18A7EDBC-D773-4E0A-9232-AE6E82242304} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312472 2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {45CCF10F-8CD3-45A0-991D-EE16792DA1FC} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312472 2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {A8C8B8F1-6EA1-4D8C-BD10-3BAA55B9A83D} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [187328 2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {AA11E31D-FB1D-4214-9E59-64592C4E120F} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {D7BE0AEA-7374-48B0-A496-75906B690A0A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (No File)
Task: {B471091F-5D76-42BD-8ED1-CB76069E67C2} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval => %systemroot%\system32\MusNotification.exe Display (No File)
Task: {6E49949C-C062-484D-A1FD-D886E90C93DD} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC ReadyToReboot (No File)
Task: {2CB04670-A778-4203-A8F6-66E5CFA231A7} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery ReadyToReboot (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {13B73793-F79F-4441-B4EB-10AEC3E79241} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [31816 2024-09-18] (Mozilla Corporation -> Mozilla Foundation)
Task: {C7540E9F-992B-49BA-BD6F-B49A96C035A3} - System32\Tasks\Oem\AcerJumpstartTask => "C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe" /default (No File)
Task: {082A6EFC-488C-4368-8DCF-7C3C6E0C2DEE} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209192 2024-09-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {A81E7F78-A7EF-4EB0-A6A6-042936461029} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3501418858-3935017464-633493477-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209192 2024-09-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {A61B21F7-B383-4510-85C0-F7B4D3E6D237} - System32\Tasks\S-1-5-21-3501418858-3935017464-633493477-1001\DataSenseLiveTileTask => %SystemRoot%\System32\DataUsageLiveTileTask.exe (No File)
Task: {096D3188-360A-44AE-AD0E-A8B12CA94972} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473880 2020-07-16] (Acer Incorporated -> Acer Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 93.93.32.32 93.93.33.33 192.168.22.1
Tcpip\..\Interfaces\{4e8c78d5-12f3-471b-bd12-26482e625aea}: [DhcpNameServer] 93.93.32.32 93.93.33.33 192.168.22.1
Tcpip\..\Interfaces\{774ed856-bf70-462c-ac71-60ea5fe1934c}: [DhcpNameServer] 40.33.1.66
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\vondr\AppData\Local\Microsoft\Edge\User Data\Default [2024-09-30]
Edge Extension: (Dokumenty Google offline) - C:\Users\vondr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-07-07]
Edge Extension: (Edge relevant text changes) - C:\Users\vondr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
FireFox:
========
FF DefaultProfile: gteda8g8.default
FF ProfilePath: C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Profiles\ob9ytkzq.default-release-1 [2024-10-01]
FF Notifications: Mozilla\Firefox\Profiles\ob9ytkzq.default-release-1 -> hxxps://www.svetviry.cz; hxxps://calendar.google.com
FF Extension: (AdBlocker Ultimate) - C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Profiles\ob9ytkzq.default-release-1\Extensions\adblockultimate@adblockultimate.net.xpi [2024-07-18]
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Profiles\ob9ytkzq.default-release-1\Extensions\cs@dictionaries.addons.mozilla.org.xpi [2021-06-19]
FF Extension: (Language: Čeština (Czech)) - C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Profiles\ob9ytkzq.default-release-1\Extensions\langpack-cs@firefox.mozilla.org.xpi [2024-09-16]
FF Extension: (TWP - Translate Web Pages) - C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Profiles\ob9ytkzq.default-release-1\Extensions\{036a55b4-5e72-4d05-a06c-cba2dfcc134a}.xpi [2024-03-11]
FF Extension: (Adblock na Youtube™) - C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Profiles\ob9ytkzq.default-release-1\Extensions\{0ac04bdb-d698-452f-8048-bcef1a3f4b0d}.xpi [2022-02-21]
FF ProfilePath: C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Profiles\gteda8g8.default [2021-01-24]
FF NewTab: Mozilla\Firefox\Profiles\gteda8g8.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10378__200606
FF ProfilePath: C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Profiles\shkk2f8c.default-release-1621189060132 [2024-10-01]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-06-08] (Unity Technologies ApS -> Unity Technologies ApS)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2024-09-20] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avgbrowser.com/AVG Browser;version=3 -> C:\Program Files (x86)\AVG\Browser\Update\1.8.1582.3\npAvgBrowserUpdate3.dll [2022-12-13] (AVG Technologies USA, LLC -> AVG Technologies)
FF Plugin-x32: @update.avgbrowser.com/AVG Browser;version=9 -> C:\Program Files (x86)\AVG\Browser\Update\1.8.1582.3\npAvgBrowserUpdate3.dll [2022-12-13] (AVG Technologies USA, LLC -> AVG Technologies)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2024-09-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2024-09-20] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Profile 3
CHR Profile: C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Default [2024-10-01]
CHR Extension: (Tampermonkey) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2024-05-19]
CHR Extension: (Dokumenty Google offline) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-13]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-08-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Profile: C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-09-30]
CHR Profile: C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 3 [2024-10-01]
CHR Notifications: Profile 3 -> hxxps://calendar.google.com
CHR Extension: (Dokumenty Google offline) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-06]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-09-20]
CHR Extension: (Komponenta pro aplikaci BUSINESS 24) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\iaihapeddbkncmmikkpmeggfecohnahg [2023-07-17]
CHR Extension: (Violentmonkey) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\jinjaccalgkegednnccohejagnlnfdag [2024-09-25]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-08-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-06-07]
CHR Extension: (Crypto Web Extension) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjohlogcennenjhkfclfgaganagadkkm [2024-05-13]
CHR Profile: C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 4 [2024-09-30]
CHR Extension: (Google Docs Offline) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-18]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-10-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-09-20]
CHR Profile: C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 5 [2024-09-30]
CHR Extension: (Google Docs Offline) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-10]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-09-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-05-21]
CHR Profile: C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 6 [2024-09-30]
CHR Extension: (Google Docs Offline) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-25]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-09-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-09-27]
CHR Profile: C:\Users\vondr\AppData\Local\Google\Chrome\User Data\System Profile [2024-10-01]
CHR HKU\S-1-5-21-3501418858-3935017464-633493477-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-07-31] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [944048 2024-09-20] (Adobe Inc. -> Adobe Inc.)
S2 avg; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [209224 2022-12-13] (AVG Technologies USA, LLC -> AVG Technologies)
S3 avgm; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [209224 2022-12-13] (AVG Technologies USA, LLC -> AVG Technologies)
S3 AVGSecureBrowserElevationService; C:\Program Files (x86)\AVG\Browser\Application\128.0.26382.138\elevation_service.exe [1722592 2024-09-11] (AVG Technologies USA, LLC -> Gen Digital Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1087792 2024-09-18] (Gen Digital Inc. -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13861048 2024-09-22] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2024-09-17] (Dropbox, Inc -> Dropbox, Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4976976 2022-11-05] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 DropboxElevationService; C:\Program Files (x86)\Dropbox\Client\208.4.5824\DropboxElevationService.exe [1659288 2024-09-17] (Dropbox, Inc -> Dropbox, Inc.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [145224 2017-02-27] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.171.0825.0002\FileSyncHelper.exe [3523112 2024-09-19] (Microsoft Corporation -> Microsoft Corporation)
R2 IntelAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_581d7e91d349facc\AS\IAS\IntelAudioService.exe [412120 2023-09-17] (Intel Corporation -> Intel)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8965728 2024-10-01] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-10-01] (Malwarebytes Inc. -> Malwarebytes)
S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpDefenderCoreService.exe [1431160 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Muse Hub Background Service; C:\Program Files\WindowsApps\Muse.MuseHub_1.0.1.693_x64__rb9pth70m6nz6\Muse.Service.exe [169472 2023-01-08] (Musecy SM Ltd. -> Muse.Service)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.171.0825.0002\OneDriveUpdaterService.exe [3863592 2024-09-19] (Microsoft Corporation -> Microsoft Corporation)
R2 SMARTHelperService; C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTHelperService.exe [635328 2019-12-10] (SMART Technologies ULC -> SMART Technologies)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\NisSrv.exe [3199656 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MsMpEng.exe [133704 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [36800 2022-06-02] (Acer Incorporated -> Acer Incorporated)
R1 Amfilter; C:\WINDOWS\system32\DRIVERS\Amfltx64.sys [12288 2023-09-17] (Microsoft Windows Hardware Compatibility Publisher -> (Standard mouse types))
R3 Amusbprt; C:\WINDOWS\system32\DRIVERS\Amusbx64.sys [17920 2023-09-17] (Microsoft Windows Hardware Compatibility Publisher -> A4Tech Co.,Ltd.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [544768 2023-12-12] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [188416 2024-03-13] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2022-11-05] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [63696 2022-11-05] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2024-10-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 googledrivefs31626; C:\Program Files\Google\Drive File Stream\Drivers\31626\googledrivefs31626.sys [384096 2024-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [231504 2024-10-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-10-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt11.sys [234168 2024-10-01] (Malwarebytes Inc. -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [78928 2024-10-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239568 2024-10-02] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [189776 2024-10-01] (Malwarebytes Inc. -> Malwarebytes)
R3 rt68cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_0f3a2b5f72186666\rt68cx21x64.sys [717160 2023-09-14] (Realtek Semiconductor Corp. -> Realtek)
R3 SMARTMouseFilterx64; C:\WINDOWS\System32\drivers\SMARTMouseFilterx64.sys [18952 2019-12-10] (Microsoft Windows Hardware Compatibility Publisher -> SMART Technologies)
R3 SMARTVHidMiniVistaAmd64; C:\WINDOWS\System32\drivers\SMARTVHidMiniVistaAmd64.sys [28168 2019-12-10] (Microsoft Windows Hardware Compatibility Publisher -> SMART Technologies)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [22080 2024-09-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [602392 2024-09-17] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2024-09-17] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-10-02 18:34 - 2024-10-02 18:34 - 000000000 ____D C:\Users\vondr\AppData\LocalLow\IGDump
2024-10-02 18:26 - 2024-10-02 18:26 - 000727012 _____ C:\WINDOWS\system32\perfh005.dat
2024-10-02 18:26 - 2024-10-02 18:26 - 000151244 _____ C:\WINDOWS\system32\perfc005.dat
2024-10-01 21:57 - 2024-10-01 21:57 - 000011687 _____ C:\Users\vondr\Downloads\Nový Microsoft Excel Worksheet_2024.xlsx
2024-10-01 21:06 - 2024-10-01 21:06 - 000001225 _____ C:\Users\vondr\Desktop\Malwarebytes Scan Report 2024-10-01 190507.txt
2024-10-01 21:03 - 2024-10-01 21:03 - 000234168 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt11.sys
2024-10-01 21:03 - 2024-10-01 21:03 - 000189776 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2024-10-01 20:52 - 2024-10-01 20:52 - 001642925 _____ C:\Users\vondr\Desktop\Malwarebytes Scan Report 2024-10-01 183251.txt
2024-10-01 20:12 - 2024-10-01 21:58 - 000000000 ____D C:\Users\vondr\AppData\Local\Malwarebytes
2024-10-01 20:11 - 2024-10-01 20:11 - 000002097 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-10-01 20:11 - 2024-10-01 20:11 - 000002085 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2024-10-01 20:11 - 2024-10-01 20:11 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-10-01 20:11 - 2024-10-01 20:11 - 000000000 ____D C:\Program Files\Malwarebytes
2024-10-01 20:06 - 2024-10-01 20:10 - 279713832 _____ (Malwarebytes) C:\Users\vondr\Downloads\MBSetup-076981.076981-5.1.9.124.exe
2024-09-30 20:12 - 2024-09-30 20:12 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-09-30 20:00 - 2024-09-30 20:11 - 000081223 _____ C:\Users\vondr\Downloads\Addition.txt
2024-09-30 19:56 - 2024-10-02 18:35 - 000034563 _____ C:\Users\vondr\Downloads\FRST.txt
2024-09-30 19:56 - 2024-10-02 18:34 - 000000000 ____D C:\FRST
2024-09-30 19:26 - 2024-09-30 19:26 - 002397696 _____ (Farbar) C:\Users\vondr\Downloads\FRST64.exe
2024-09-30 18:42 - 2024-09-30 18:42 - 000000000 ____D C:\Users\vondr\Downloads\Photos-001 (1)
2024-09-30 16:56 - 2024-09-30 16:59 - 045745463 _____ C:\Users\vondr\Downloads\Photos-001 (1).zip
2024-09-30 16:17 - 2024-09-30 18:17 - 2477729943 _____ C:\Users\vondr\Downloads\INSIDE.OUT.2 -2024. ENG. FullHD.mp4
2024-09-28 21:34 - 2024-09-28 22:04 - 000000002 _____ C:\Users\vondr\count.vip
2024-09-28 21:32 - 2024-10-01 20:57 - 000000000 __SHD C:\explorerwin
2024-09-27 15:30 - 2024-09-27 15:30 - 000049479 _____ C:\Users\vondr\Downloads\priloha_1418121780_0_Pospisil_Schneider.pdf
2024-09-25 21:05 - 2024-09-25 21:05 - 075339115 _____ C:\Users\vondr\Downloads\Fyzika 8 _ ZŠ a gymnázia _ FRAUS.pdf
2024-09-25 21:03 - 2024-09-25 21:04 - 066621790 _____ C:\Users\vondr\Downloads\Chemie 9 3D _ 9. ročník ZŠ a gymnázia _ FRAUS.pdf
2024-09-25 21:03 - 2024-09-25 21:03 - 068933978 _____ C:\Users\vondr\Downloads\Chemie 8 3D _ 8. ročník ZŠ a gymnázia _ FRAUS.pdf
2024-09-25 20:44 - 2024-09-25 20:44 - 046739903 _____ C:\Users\vondr\Downloads\SLABIKÁŘ 1 do světa slov _ ZŠ _ FRAUS.pdf
2024-09-24 19:20 - 2024-09-24 19:20 - 000012823 _____ C:\Users\vondr\Downloads\Rozpočet do konce roku 2024.xlsx
2024-09-22 18:44 - 2024-09-22 18:44 - 000115647 _____ C:\Users\vondr\Downloads\Literární věda 4.pdf
2024-09-22 18:40 - 2024-09-22 18:40 - 000269840 _____ C:\Users\vondr\Downloads\Literární věda 3.pdf
2024-09-22 18:38 - 2024-09-22 18:38 - 000288952 _____ C:\Users\vondr\Downloads\Literání věda 2.pdf
2024-09-22 16:36 - 2024-09-22 16:36 - 000933277 _____ C:\Users\vondr\Downloads\Sablony_Klice-k-rozvoji-skoly.pdf
2024-09-19 13:27 - 2024-09-19 13:27 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2024-09-19 10:36 - 2024-09-19 10:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2024-09-18 20:09 - 2024-09-28 22:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2024-09-17 16:18 - 2024-09-17 16:18 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2024-09-17 13:34 - 2024-09-17 13:34 - 000656787 _____ C:\Users\vondr\Downloads\1. pracovní list - obory biologie.pdf
2024-09-15 15:07 - 2024-09-15 15:07 - 000204195 _____ C:\Users\vondr\Downloads\Pravopisná cvičení.pdf
2024-09-15 08:20 - 2024-09-15 08:20 - 000446761 _____ C:\Users\vondr\Downloads\Metodické doporuÄ_enÃ_ k průbÄ›hu individuálnÃ_ho vzdÄ›lávánÃ_ dÄ›tÃ_ v mateÅ™ských Å¡kolách a ověřenÃ_ dosahovánÃ_ oÄ_ekávaných výstupů-3.pdf
2024-09-13 21:15 - 2024-09-13 21:16 - 000000000 ____D C:\Users\vondr\Downloads\Photos-001
2024-09-13 20:50 - 2024-09-13 20:50 - 005213768 _____ C:\Users\vondr\Downloads\Photos-001.zip
2024-09-11 19:29 - 2024-09-11 19:29 - 000161781 _____ C:\Users\vondr\Downloads\Potvrzeni-o-studiu-David Vraj.pdf
2024-09-10 19:38 - 2024-09-10 19:38 - 001594446 _____ C:\Users\vondr\Downloads\Babice - pers.zip
2024-09-10 19:38 - 2024-09-10 19:38 - 000000000 ____D C:\Users\vondr\Downloads\Babice - pers
2024-09-09 19:33 - 2024-09-09 19:33 - 000365485 _____ C:\Users\vondr\Downloads\1-Hynková zápočtový list.pdf
2024-09-07 20:09 - 2024-09-07 20:09 - 000000000 ____D C:\Users\vondr\AppData\Roaming\openlp
2024-09-07 20:08 - 2024-09-07 20:08 - 000000000 ____D C:\Users\vondr\Downloads\ez21--openlp-2022-01-25
2024-09-07 20:07 - 2024-09-07 20:07 - 000000000 ____D C:\Users\vondr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenLP
2024-09-07 20:07 - 2024-09-07 20:07 - 000000000 ____D C:\Program Files\OpenLP
2024-09-07 20:06 - 2024-09-07 20:06 - 000710738 _____ C:\Users\vondr\Downloads\ez21--openlp-2022-01-25.zip
2024-09-07 19:59 - 2024-09-07 20:01 - 205410875 _____ C:\Users\vondr\Downloads\OpenLP-3.1.3-x64.msi
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-10-02 18:35 - 2020-06-14 21:47 - 000000000 ____D C:\Users\vondr\AppData\Roaming\Dropbox
2024-10-02 18:35 - 2020-06-14 21:46 - 000000000 ___HD C:\Users\vondr\AppData\Local\Dropbox
2024-10-02 18:34 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-10-02 18:34 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-10-02 18:34 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-10-02 18:34 - 2020-03-22 09:07 - 000000000 ___HD C:\Users\vondr\AppData\Local\CrashDumps
2024-10-02 18:34 - 2020-03-21 06:35 - 000000000 ___RD C:\Users\vondr\OneDrive
2024-10-02 18:34 - 2020-03-21 06:21 - 000000000 ___SD C:\Users\vondr\AppData\Roaming\Microsoft\Credentials
2024-10-02 18:34 - 2020-03-20 16:01 - 000000000 ____D C:\Program Files\CCleaner
2024-10-02 18:33 - 2020-03-21 06:33 - 000000000 __SHD C:\Users\vondr\IntelGraphicsProfiles
2024-10-02 18:31 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-10-02 18:29 - 2023-03-21 23:05 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-10-02 18:26 - 2023-03-21 23:12 - 001718028 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-10-02 18:26 - 2022-05-07 07:22 - 000000000 ____D C:\WINDOWS\INF
2024-10-02 18:19 - 2020-03-20 15:55 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-10-02 18:18 - 2023-03-21 23:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-10-02 18:18 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ServiceState
2024-10-02 18:18 - 2021-03-12 23:12 - 000012288 ___SH C:\DumpStack.log.tmp
2024-10-01 21:58 - 2020-03-21 06:33 - 000000000 ___HD C:\Users\vondr\AppData\Local\Packages
2024-10-01 21:57 - 2023-03-23 20:09 - 000000000 ____D C:\Users\vondr\AppData\Local\Deployment
2024-10-01 21:57 - 2020-03-20 20:36 - 000000000 ____D C:\Users\vondr\AppData\Roaming\Microsoft\Excel
2024-10-01 21:52 - 2020-03-20 16:35 - 000000000 ____D C:\Users\vondr\AppData\Roaming\Microsoft\Word
2024-10-01 21:08 - 2022-02-11 14:56 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-10-01 21:02 - 2022-05-07 07:17 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-10-01 20:11 - 2022-05-07 07:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-10-01 09:43 - 2023-03-21 23:05 - 000656952 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-09-30 20:12 - 2023-03-21 12:53 - 000000000 ___DC C:\WINDOWS\Panther
2024-09-30 20:12 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-09-30 20:12 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-09-30 20:12 - 2019-10-26 21:30 - 000000000 ____D C:\Program Files\Microsoft Office
2024-09-30 18:44 - 2020-03-28 09:23 - 000000000 ____D C:\Users\vondr\AppData\Roaming\vlc
2024-09-30 16:54 - 2022-02-06 21:58 - 000000000 ___RD C:\Users\vondr\Documents\Mega
2024-09-28 22:05 - 2022-09-21 09:34 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-09-28 22:05 - 2021-05-16 20:56 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-09-28 21:34 - 2023-03-21 23:06 - 000000000 ____D C:\Users\vondr
2024-09-28 07:46 - 2020-06-09 19:13 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-09-24 21:54 - 2020-03-22 15:21 - 000000000 ____D C:\Users\vondr\AppData\Roaming\MuseScore
2024-09-20 13:39 - 2023-03-21 23:13 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-09-20 13:39 - 2023-03-21 23:13 - 000003380 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2024-09-20 13:26 - 2020-03-22 08:35 - 000000000 ___HD C:\Users\vondr\AppData\Local\Adobe
2024-09-20 13:25 - 2023-03-03 21:57 - 000001386 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2024-09-20 13:25 - 2021-10-04 21:20 - 000000000 ____D C:\Program Files\Common Files\Adobe
2024-09-20 13:25 - 2021-10-04 21:20 - 000000000 ____D C:\Program Files\Adobe
2024-09-20 13:25 - 2020-03-20 19:19 - 000000000 ____D C:\Program Files (x86)\Adobe
2024-09-19 20:48 - 2020-10-17 06:51 - 000002379 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Secure Browser.lnk
2024-09-19 20:27 - 2020-05-08 08:25 - 000000000 ____D C:\Users\vondr\Desktop\Lydinka
2024-09-19 13:27 - 2021-05-16 20:56 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-09-19 10:56 - 2021-09-04 20:23 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-09-19 10:55 - 2023-03-21 23:13 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3501418858-3935017464-633493477-1001
2024-09-19 10:55 - 2023-03-21 23:13 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-09-19 10:55 - 2020-05-25 16:32 - 000002134 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-09-19 10:41 - 2020-03-21 06:17 - 000000000 ____D C:\ProgramData\Packages
2024-09-19 10:40 - 2020-03-21 06:35 - 000000000 ___HD C:\Users\vondr\AppData\Local\PlaceholderTileLogoFolder
2024-09-19 10:36 - 2020-06-14 21:46 - 000000000 ____D C:\Program Files (x86)\Dropbox
2024-09-18 19:24 - 2020-03-21 11:21 - 000000000 ____D C:\Users\vondr\Documents\Angličtina
2024-09-17 21:08 - 2019-10-26 20:40 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-09-17 13:29 - 2021-11-28 19:26 - 000000000 ____D C:\Users\vondr\AppData\Roaming\com.adobe.dunamis
2024-09-16 20:58 - 2022-10-14 08:03 - 000002140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2024-09-16 19:44 - 2021-09-10 18:39 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2024-09-16 19:44 - 2021-09-10 18:39 - 000002012 _____ C:\Users\Default\Desktop\Google Slides.lnk
2024-09-16 19:44 - 2021-09-10 18:39 - 000002012 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2024-09-16 19:44 - 2021-09-10 18:39 - 000002000 _____ C:\Users\Default\Desktop\Google Docs.lnk
2024-09-11 21:35 - 2023-10-11 21:41 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-09-11 21:35 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2024-09-11 21:35 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\F12
2024-09-11 21:35 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-09-11 21:35 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\WUModels
2024-09-11 21:35 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-09-11 21:35 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-09-11 21:35 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-09-11 21:35 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2024-09-11 21:35 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-09-11 21:35 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-09-11 21:35 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\Provisioning
2024-09-11 21:35 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-09-11 13:16 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-09-11 13:09 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-09-11 13:05 - 2023-03-21 23:06 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-09-11 12:56 - 2020-03-21 08:36 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-09-11 12:50 - 2020-03-21 08:36 - 199688632 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-09-09 13:09 - 2023-03-21 23:13 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-09-09 13:09 - 2023-03-21 23:13 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-09-07 20:27 - 2020-03-20 16:35 - 000000000 ____D C:\Users\vondr\AppData\Roaming\Microsoft\Office
2024-09-04 18:45 - 2020-06-26 20:30 - 000000000 ___HD C:\Users\vondr\AppData\Local\D3DSCache
==================== Files in the root of some directories ========
2020-03-24 15:38 - 2021-01-11 21:59 - 000000806 _____ () C:\Users\vondr\AppData\Roaming\ACER.MTBF.txt
2020-03-24 15:38 - 2020-03-24 15:49 - 000000678 _____ () C:\Users\vondr\AppData\Roaming\__AvidCloudManager.log
2020-03-24 15:38 - 2020-03-24 15:47 - 000000647 _____ () C:\Users\vondr\AppData\Roaming\__AvidCloudManagerPrevious.log
2020-05-18 22:12 - 2020-05-18 22:15 - 000000716 _____ () C:\Users\vondr\AppData\Roaming\{E4A5EDDB-14CF-DFF1-5402-0DB91944F0C4}
2020-03-24 15:39 - 2020-06-04 20:42 - 000003584 ____H () C:\Users\vondr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-09-2024
Ran by vondr (02-10-2024 18:36:25)
Running from C:\Users\vondr\Downloads
Microsoft Windows 11 Home Version 23H2 22631.4169 (X64) (2023-03-22 06:23:30)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3501418858-3935017464-633493477-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3501418858-3935017464-633493477-503 - Limited - Disabled)
evraj (S-1-5-21-3501418858-3935017464-633493477-1002 - Limited - Disabled)
Guest (S-1-5-21-3501418858-3935017464-633493477-501 - Limited - Disabled)
vondr (S-1-5-21-3501418858-3935017464-633493477-1001 - Administrator - Enabled) => C:\Users\vondr
WDAGUtilityAccount (S-1-5-21-3501418858-3935017464-633493477-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton Security Ultra (Disabled - Out of date) {A2708B76-6835-6565-CB96-694212954A75}
AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acer Jumpstart (HKLM-x32\...\{4335EAF1-21F1-43D3-8F6F-D7E481E6959A}) (Version: 3.3.19180.60 - Acer)
Adobe Acrobat Reader - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 24.003.20112 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 6.4.0.361 - Adobe Inc.)
Adobe Character Animator 2022 (HKLM-x32\...\CHAR_22_5) (Version: 22.5 - Adobe Inc.)
Adobe Character Animator 2023 (HKLM-x32\...\CHAR_23_6) (Version: 23.6 - Adobe Inc.)
Adobe Character Animator 2024 (HKLM-x32\...\CHAR_24_0) (Version: 24.0 - Adobe Inc.)
Adobe Illustrator 2024 (HKLM-x32\...\ILST_28_1) (Version: 28.1 - Adobe Inc.)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_13_1) (Version: 13.1 - Adobe Inc.)
Adobe Media Encoder 2023 (HKLM-x32\...\AME_23_6_2) (Version: 23.6.2 - Adobe Inc.)
Adobe Media Encoder 2024 (HKLM-x32\...\AME_24_1_1) (Version: 24.1.1 - Adobe Inc.)
Adobe Photoshop 2022 (HKLM-x32\...\PHSP_23_5_5) (Version: 23.5.5.1103 - Adobe Inc.)
Adobe Photoshop 2023 (HKLM-x32\...\PHSP_24_7) (Version: 24.7.0.643 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601078}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Antares Autotune Evo VST RTAS v6.0.9 (HKLM-x32\...\Antares Autotune Evo VST RTAS_is1) (Version: - )
Audacity 2.3.3 (HKLM-x32\...\Audacity_is1) (Version: 2.3.3 - Audacity Team)
AVG Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1066.0 - AVG Technologies) Hidden
AVG Update Helper (HKLM-x32\...\{EDB7AEE7-E932-4836-AE50-D3B0B7766CB5}) (Version: 1.8.1582.3 - AVG Technologies) Hidden
Avidemux VC++ 64bits (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\{958c1728-e7f8-47a4-980a-8dafc359bffe}) (Version: 2.7.5 - Mean)
Bandicam (HKLM-x32\...\Bandicam) (Version: 7.0.0.2117 - Bandicam.com)
Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com)
calibre 64bit (HKLM\...\{7F97780B-9EAD-4000-BD3A-F6D0FE096D56}) (Version: 6.29.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 6.28 - Piriform)
Corel Update Manager (HKLM-x32\...\{FB8387EF-D663-4152-A13E-6B963AC1052A}) (Version: 2.3 - Corel corporation)
Crypto Native App verze 23.01.8574 (HKLM\...\{79D8049F-2978-4E91-90BD-3428C8FF2E69}_is1) (Version: 23.01.8574 - TESCO SW a.s.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 11.1.0.2037 - Disc Soft Ltd)
DaVinci Resolve (HKLM\...\{8CD009CC-08AB-4873-BA5C-DC4AEA8BACEB}) (Version: 16.2.7010 - Blackmagic Design)
Dazzle Video Capture DVC100 X64 Driver 1.06 (HKLM-x32\...\{BFF23267-1D19-444E-93E2-E5059BE805EA}) (Version: 1.06.0000 - Pinnacle)
Dazzle Video Capture DVC100 X64 Driver 1.08 (HKLM-x32\...\{FB4B9EB9-68B2-4C42-8C38-B65F8FE5A5CA}) (Version: 1.08.0000 - Pinnacle)
DidaktaCZ 1.0.0 (HKLM-x32\...\7e81f6ca-38af-5207-b03c-2ecbe5f1ce8e) (Version: 1.0.0 - SILCOM Multimedia, s.r.o.)
Discord (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
DjVu Viewer (HKLM-x32\...\{3A959BCB-643A-462F-A692-5B7FE4CE35AC}_is1) (Version: - djvuviewer.com)
Dropbox (HKLM-x32\...\Dropbox) (Version: 208.4.5824 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.911.1 - Dropbox, Inc.) Hidden
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
FFmpeg 5.0.0 for Audacity - x86_64 (HKLM\...\FFmpeg for Audacity_is1) (Version: - )
Fire Department (HKLM-x32\...\{1BE73DD5-DB8C-4068-867D-FD7D72CE049D}) (Version: - )
Flexibooks 4.6.1 (64 bit) (HKLM\...\{D36F5D15-E633-45E7-803B-4FC66F183092}) (Version: 4.6.1 - Fraus Media s.r.o. 2016)
FormApps Plug-in GPO (HKLM-x32\...\{4E6F3A31-FADD-4634-A820-3EC96877C7B9}) (Version: 1.29.0.79 - Software602 a.s.)
FormatFactory 5.12.2.0 (HKLM-x32\...\FormatFactory) (Version: 5.12.2.0 - Free Time)
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 97.0.1.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 129.0.6668.71 - Google LLC)
HandBrake 1.3.3 (HKLM-x32\...\HandBrake) (Version: 1.3.3 - )
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kontrola stavu osobního počítače s Windows (HKLM\...\{D18FE9D2-2F54-4C68-A2DE-A59D4A80A9BC}) (Version: 3.1.2109.29003 - Microsoft Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Malwarebytes version 5.1.10.127 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.1.10.127 - Malwarebytes)
Media Creator Student (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\Media Creator Student) (Version: - NOVÁ ŠKOLA, s.r.o.)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Host - 6.0.33 (x64) (HKLM\...\{8584855C-3B2B-4F95-BE1D-CCA5B6DE2815}) (Version: 48.132.18378 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.33 (x64) (HKLM\...\{62A8E894-9FD1-45A0-A4D0-BD9FA854818D}) (Version: 48.132.18378 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.33 (x64) (HKLM\...\{07BE9B02-0247-471C-B06F-A3B1A8FA9216}) (Version: 48.132.18378 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 129.0.2792.65 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 129.0.2792.65 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProplusRetail - cs-cz) (Version: 16.0.18025.20104 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.18025.20104 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Retail - cs-cz) (Version: 16.0.18025.20104 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.18025.20104 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.171.0825.0002 - Microsoft Corporation)
Microsoft Project - cs-cz (HKLM\...\ProjectPro2019Retail - cs-cz) (Version: 16.0.18025.20104 - Microsoft Corporation)
Microsoft Project - en-us (HKLM\...\ProjectPro2019Retail - en-us) (Version: 16.0.18025.20104 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\Teams) (Version: 1.6.00.11166 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visio - cs-cz (HKLM\...\VisioPro2019Retail - cs-cz) (Version: 16.0.18025.20104 - Microsoft Corporation)
Microsoft Visio - en-us (HKLM\...\VisioPro2019Retail - en-us) (Version: 16.0.18025.20104 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31326 (HKLM-x32\...\{2d507699-404c-4c8b-a54a-38e352f32cdd}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31326 (HKLM\...\{38624EB5-356D-4B08-8357-C33D89A5C0C5}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31326 (HKLM\...\{C96241EA-9900-4FE8-85B3-1E238D509DF6}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.33 (x64) (HKLM\...\{A59F43A6-AADB-42EB-883B-2FE4E3AA3A69}) (Version: 48.132.18374 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.33 (x64) (HKLM-x32\...\{ecb94bc3-963d-412a-b141-8b7c32ef103f}) (Version: 6.0.33.33916 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox (x86 en-US) (HKLM-x32\...\Mozilla Firefox 130.0.1 (x86 en-US)) (Version: 130.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 88.0 - Mozilla)
MSVCRT (HKLM-x32\...\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}) (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (HKLM-x32\...\{D0B44725-3666-492D-BEF6-587A14BD9BD9}) (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (HKLM-x32\...\{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}) (Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (HKLM\...\{E9FA781F-3E80-4399-825A-AD3E11C28C77}) (Version: 16.4.1109.0912 - Microsoft) Hidden
MuseScore 3 (HKLM\...\{FF67E071-104C-4C42-9301-184442745671}) (Version: 3.6.2.548021803 - Werner Schweer and Others)
MuseScore 4 (HKLM\...\{0146EF2D-5111-4414-8818-4D293AF5E154}) (Version: 4.0.0.223472200 - MuseScore BVBA and Others)
MuseScore 4 (HKLM\...\{85631FCF-88DD-42FD-8E2D-0A5F82CF631E}) (Version: 4.0.2.230651553 - MuseScore BVBA and Others)
MyHeritage Family Tree Builder (HKLM-x32\...\Family Tree Builder) (Version: 8.0.0.8625 - MyHeritage.com)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.18025.20104 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.18025.20104 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenLP (HKLM\...\{41C0F1DB-0AAC-42A9-8221-F2BF5524EC5C}) (Version: 3.1.3.5000 - OpenLP Developers)
Photo Common (HKLM-x32\...\{15BFD731-A10E-43E9-9D18-0F682BC0480F}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Gallery (HKLM-x32\...\{07AAB66E-4718-422D-9218-4AFB3C922A71}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Pinnacle Studio 21 (HKLM\...\{41C196DB-9ED2-449E-A056-20E67255BFC8}) (Version: 21.1.0.132 - Corel Corporation)
PowerISO (HKLM-x32\...\PowerISO) (Version: 8.3 - Power Software Ltd)
Proclaim (HKLM-x32\...\{1FC10733-55C3-4306-BCE2-FAEAB6234DB9}) (Version: 3.0.32 - Faithlife Corporation)
Python 3.12.0 (64-bit) (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\{cf9c4d97-48a7-4a27-b9fc-91b88a803c40}) (Version: 3.12.150.0 - Python Software Foundation)
Python 3.12.0 Core Interpreter (64-bit) (HKLM\...\{6B58F6F9-656A-4CC4-8BAB-22177BFFA45F}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 Development Libraries (64-bit) (HKLM\...\{225BAA2C-BDCA-4D63-9D72-D92CE5E2421D}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 Documentation (64-bit) (HKLM\...\{5DF0B8D8-4E7F-43EB-AD16-30FFA931A905}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 Executables (64-bit) (HKLM\...\{575EC8EB-A481-4CF1-BAB0-3C1DBD2E50A7}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 pip Bootstrap (64-bit) (HKLM\...\{24B8988D-E785-4124-BF77-1DC6A3E62050}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 Standard Library (64-bit) (HKLM\...\{14BBD330-AA3F-4F7A-8A39-DFB28AECFA82}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 Tcl/Tk Support (64-bit) (HKLM\...\{6EAF677E-4EE8-4A22-9781-9131C5298D26}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 Test Suite (64-bit) (HKLM\...\{0A9B38A7-D393-44A5-A94E-9FEC927DC39C}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{3182A195-B671-44A8-B0C7-7876B916BA5A}) (Version: 3.12.150.0 - Python Software Foundation)
SMART Czech Handwriting Resources (HKLM-x32\...\{65A75580-36A0-4490-8181-0967DD6C1464}) (Version: 15.1.10.0 - SMART Technologies ULC)
SMART Gallery Essentials (HKLM-x32\...\{B1BCD573-39C5-48CD-A2A7-F6525BB7072B}) (Version: 2.0.2.0 - SMART Technologies ULC)
SMART Ink (HKLM-x32\...\{431EB801-5D66-409A-B208-AEF76AD7F677}) (Version: 5.6.132.0 - SMART Technologies ULC)
SMART Lesson Activity Toolkit (HKLM-x32\...\{8AD57A09-153E-4F6D-A269-0AD8AC54B82A}) (Version: 2.0.7.0 - SMART Technologies ULC)
SMART Notebook (HKLM-x32\...\{F0215213-10A6-43DB-9BE4-3FD3DB5D8E53}) (Version: 19.1.2790.0 - SMART Technologies ULC)
SMART Ovladače produktů (HKLM-x32\...\{8F02AE90-9219-42E6-AD41-0C0055227B9B}) (Version: 12.15.139.0 - SMART Technologies ULC)
TechSmith Screen Capture Codec (HKLM-x32\...\{84FE50F5-B0F3-4D18-8BE8-A4DEEE0C37AD}) (Version: 4.1.1.0 - TechSmith Corporation) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation)
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Windows Live Communications Platform (HKLM-x32\...\{41C61308-6CFD-4D54-AB6A-7136ED08A18E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{9A470EA9-FF86-4C0E-992C-572BF2B9D6FF}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Installer (HKLM-x32\...\{659CB81C-B54E-4DF1-B618-F35777393A54}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (HKLM-x32\...\{3EE8FA69-F2A5-4BDB-9E23-3ABB2421B4FA}) (Version: 16.4.3528.0331 - společnost Microsoft Corporation) Hidden
Windows Live Mail (HKLM-x32\...\{B775C26B-EAA8-4A11-ACBF-76E52DF6B805}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Messenger (HKLM-x32\...\{88B9357F-0845-465F-96B9-50976FB9C6C2}) (Version: 16.4.3528.0331 - společnost Microsoft Corporation) Hidden
Windows Live Messenger (HKLM-x32\...\{E703613B-BDAB-433E-A66A-DE0263E3D35D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (HKLM\...\{25058321-C33E-496B-8915-6FD64D362CAF}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (HKLM-x32\...\{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (HKLM-x32\...\{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (HKLM-x32\...\{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (HKLM-x32\...\{D1893000-EA77-493C-8DDD-E262436E959B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (HKLM-x32\...\{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{E100E2B5-F2EF-4955-AB7A-C3F2125A3BCD}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (HKLM-x32\...\{04BE4035-3C8E-4B48-BFB8-1655849C0C8B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (HKLM-x32\...\{124A05DC-3C47-4EEF-85CE-56D6C1CAE62B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (HKLM-x32\...\{714E162E-CD4F-4F1B-8302-7F5179409C25}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (HKLM-x32\...\{E5807449-CA84-42F6-9CE3-A0E2BDA9E24B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\ZoomUMX) (Version: 5.6.5 (823) - Zoom Video Communications, Inc.)
Chrome apps:
============
Disk Google (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\5c5a5fb95c6ba6b72e5a904305afe613) (Version: 1.0 - Google\Chrome)
Disk Google (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\6098d7e003d8165867a035a442cd676d) (Version: 1.0 - Google\Chrome)
Dokumenty (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\23bc082de407676f4e713d80388ae829) (Version: 1.0 - Google\Chrome)
Dokumenty (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\c8af2eaa6dc805a0f1c1253e60402936) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\1ad560b38a1f57c91f39d61272f4757f) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\2823b62810c5c2b4a5fbb28a9b99c7fa) (Version: 1.0 - Google\Chrome)
Prezentace (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\cea10a33c13793d394fb086f93bc0620) (Version: 1.0 - Google\Chrome)
Prezentace (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\d9dd83a3e783c7497c347e226d52d02c) (Version: 1.0 - Google\Chrome)
Tabulky (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\1d103e078685bdc3023a7d799683ff34) (Version: 1.0 - Google\Chrome)
Tabulky (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\eb453c38b338f5fa89ad4445f7a6f9fc) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\a8c59f248bb7f46d4c07e655e19f08f0) (Version: 1.0 - Google\Chrome)
Packages:
=========
Acer Product Registration -> C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4 [2023-06-01] (Acer Incorporated)
Adobe Acrobat Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC [2024-06-15] ()
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc [2023-07-01] (Adobe Systems Incorporated)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_9.4.2.0_x64__kgqvnymyfvs32 [2024-09-24] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_4.4.1.0_x64__kgqvnymyfvs32 [2024-09-16] (king.com)
Care Center S -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCareCenterS_4.0.3019.0_x64__48frkmn4z8aw4 [2021-03-12] (Acer Incorporated)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-04-22] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation)
Dropbox -> C:\Program Files (x86)\Dropbox\Client\PackageAssets [2024-09-19] (Dropbox Inc.)
Evernote -> C:\Program Files\WindowsApps\Evernote.Evernote_10.107.3.0_x64__q4d96b2w5wcc2 [2024-09-27] (Evernote) [Startup Task]
Fotografie -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2024.11070.31001.0_x64__8wekyb3d8bbwe [2024-08-07] (Microsoft Corporation) [Startup Task]
GoTrust ID -> C:\Program Files\WindowsApps\GOTrustTechnologyInc.GO-TrustAuthenticator_3.1.21.0_x64__0r04f53sqacg6 [2024-09-17] (GoTrustID Inc.)
InspIS SETmobile -> C:\Program Files\WindowsApps\57320732D6B4D.InspISSETmobile_1.10.20098.0_x86__beccaw7yyhy3g [2020-06-06] (Itelligence-cz, a.s.)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2021-03-13] (INTEL CORP)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1041.0_x64__8j3eq9eme6ctt [2024-09-14] (INTEL CORP)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_3.0.37.0_x64__w1wdnht996qgy [2024-09-24] (LinkedIn) [Startup Task]
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_2150.23.211.0_x64__8xx8rvfyw5nnt [2024-09-11] (Meta) [Startup Task]
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x86__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation) [MS Ad]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-09-14] (Microsoft Corp.)
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_54.20907.567.0_x64__8wekyb3d8bbwe [2024-09-14] (Microsoft Corporation)
Microsoft.BingSearch -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.95.0_x64__8wekyb3d8bbwe [2024-07-23] (Microsoft Corporation)
Microsoft.StartExperiencesApp -> C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.168.0_x64__8wekyb3d8bbwe [2024-09-28] (Microsoft Corporation) [Startup Task]
MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24082.53.0_x64__cw5n1h2txyewy [2024-09-28] (Microsoft Windows) [Startup Task]
Movie & Audio Studio -> C:\Program Files\WindowsApps\MAGIXSoftwareGmbH.MovieAudioStudio_1.1.4.0_x64__awcgk3qbzve1y [2024-09-17] (MAGIX Software GmbH)
Muse Hub -> C:\Program Files\WindowsApps\Muse.MuseHub_1.0.1.693_x64__rb9pth70m6nz6 [2024-02-14] (Muse) [Startup Task]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_7.0.8.0_neutral__mcm4njqhnhss8 [2024-07-23] (Netflix, Inc.)
PhotoDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PhotoDirectorforacerDesktop_8.0.5229.0_x64__ypz87dpxkv292 [2019-10-26] (CYBERLINK COM CORP)
PowerDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PowerDirectorforacerDesktop_14.0.4304.0_x64__ypz87dpxkv292 [2019-10-26] (CYBERLINK COM CORP)
QuickAccess -> C:\Program Files\WindowsApps\AcerIncorporated.QuickAccess_3.0.3017.0_x64__48frkmn4z8aw4 [2020-09-30] (Acer Incorporated)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.9.205.0_x64__dt26b99r8h8gj [2020-04-03] (Realtek Semiconductor Corp)
Simple Mahjong -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleMahjong_6.5.16.0_x64__kx24dqmazqk8j [2024-08-20] (Random Salad Games LLC)
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.5.18.0_x64__kx24dqmazqk8j [2024-08-16] (Random Salad Games LLC)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.364.0_x64__zpdnekdrzrea0 [2024-09-27] (Spotify AB) [Startup Task]
User Experience Improvement Program -> C:\Program Files\WindowsApps\AcerIncorporated.UserExperienceImprovementProgram_4.0.3106.0_x64__48frkmn4z8aw4 [2019-10-26] (Acer Incorporated)
Widgets Platform Runtime -> C:\Program Files\WindowsApps\Microsoft.WidgetsPlatformRuntime_1.4.0.0_x64__8wekyb3d8bbwe [2024-09-19] (Microsoft Corporation)
WinAppRuntime.Main.1.2 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.2_2000.802.31.0_x64__8wekyb3d8bbwe [2023-03-17] (Microsoft Corp.)
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.214.1843.0_x64__8wekyb3d8bbwe [2024-08-14] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_6000.242.101.0_x64__8wekyb3d8bbwe [2024-09-06] (Microsoft Corp.)
Windows App Runtime DDLM 2000.684.1510.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.2000.684.1510.0-x6_2000.684.1510.0_x64__8wekyb3d8bbwe [2022-12-18] (Microsoft Corporation)
Windows App Runtime DDLM 2000.684.1510.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.2000.684.1510.0-x8_2000.684.1510.0_x86__8wekyb3d8bbwe [2022-12-18] (Microsoft Corporation)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\LKG\MicrosoftWindows.LKG.AccountsService_cw5n1h2txyewy [2024-09-11] (Microsoft Windows)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\LKG\MicrosoftWindows.LKG.DesktopSpotlight_cw5n1h2txyewy [2024-09-11] (Microsoft Windows)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\LKG\MicrosoftWindows.LKG.IrisService_cw5n1h2txyewy [2024-09-11] (Microsoft Windows)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3501418858-3935017464-633493477-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-52B34AEEE9B2} -> [Creative Cloud Files] => C:\Users\vondr\Creative Cloud Files [2021-11-28 19:19]
CustomCLSID: HKU\S-1-5-21-3501418858-3935017464-633493477-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\vondr\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.23089.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3501418858-3935017464-633493477-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-3501418858-3935017464-633493477-1001_Classes\CLSID\{BEA218D2-6950-497B-9434-61683EC065FE}\InprocServer32 -> C:\Users\vondr\AppData\Local\Programs\Python\Launcher\pyshellext.amd64.dll (Python Software Foundation -> Python Software Foundation)
CustomCLSID: HKU\S-1-5-21-3501418858-3935017464-633493477-1001_Classes\CLSID\{C40DF59F-2365-4851-99BD-249EFB7ED151} -> [Mega] => C:\Users\vondr\Documents\Mega [2022-02-06 21:58]
CustomCLSID: HKU\S-1-5-21-3501418858-3935017464-633493477-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\vondr\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3501418858-3935017464-633493477-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\vondr\Dropbox [2020-06-14 21:52]
CustomCLSID: HKU\S-1-5-21-3501418858-3935017464-633493477-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\vondr\AppData\Local\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\vondr\AppData\Local\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\vondr\AppData\Local\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-11-28] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-11-28] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-11-28] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\vondr\AppData\Local\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\vondr\AppData\Local\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\vondr\AppData\Local\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers-x32: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers-x32: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers-x32: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.171.0825.0002\FileSyncShell64.dll [2024-09-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-11-28] (Adobe Inc. -> )
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\vondr\AppData\Local\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2022-09-01] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2022-11-05] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\vondr\AppData\Local\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2022-11-05] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-10-01] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\vondr\AppData\Local\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.171.0825.0002\FileSyncShell64.dll [2024-09-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\vondr\AppData\Local\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2022-09-01] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.171.0825.0002\FileSyncShell64.dll [2024-09-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-11-28] (Adobe Inc. -> )
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-10-01] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2022-09-01] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.mjpg] => C:\WINDOWS\system32\bdmjpeg64.dll [75248 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\WINDOWS\system32\bdmpegv64.dll [75272 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\WINDOWS\system32\bdmpega64.acm [75784 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.dvsd] => C:\Windows\SysWOW64\pdvcodec.dll [265797 2010-03-12] (Matsushita Electric Industrial Co., Ltd.) [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [71176 2017-01-26] (Bandicam Company -> )
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\vondr\Desktop\Programy\Media Creator Student.lnk -> C:\Program Files (x86)\Media Creator Student\mc.bat ()
Shortcut: C:\Users\vondr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenLP\Get support for OpenLP.lnk -> hxxp://forums.openlp.org
Shortcut: C:\Users\vondr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenLP\OpenLP on the Web.lnk -> hxxp://openlp.org
Shortcut: C:\Users\vondr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Media Creator Student\Media Creator Student.lnk -> C:\Program Files (x86)\Media Creator Student\mc.bat ()
ShortcutWithArgument: C:\Users\vondr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Disk Google.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 6" --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\vondr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Dokumenty.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 6" --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
ShortcutWithArgument: C:\Users\vondr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Gmail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 6" --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\vondr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Prezentace.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 6" --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\vondr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Tabulky.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 6" --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\vondr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Ondřej (skolababice.cz) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\vondr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\371b6590bc8d800\Jakub - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 6"
ShortcutWithArgument: C:\Users\vondr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\225bb61db2f318c1\Ondřej (skolababice.cz) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 3"
==================== Loaded Modules (Whitelisted) =============
2023-03-21 23:07 - 2023-03-21 23:07 - 000649360 _____ (SMART Technologies ULC -> Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\Fusion\amd64_smarttech.ms.vc120.crt_e7e76aadd9f46776_none_c214de27ee82b5e1\1.0\1.0.19.0\MSVCP120.dll
2023-03-21 23:07 - 2023-03-21 23:07 - 000952464 _____ (SMART Technologies ULC -> Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\Fusion\amd64_smarttech.ms.vc120.crt_e7e76aadd9f46776_none_c214de27ee82b5e1\1.0\1.0.19.0\MSVCR120.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\sharepoint.com -> hxxps://sgocz-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 06:49 - 2019-03-19 06:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
DNS Servers: 93.93.32.32 - 93.93.33.33
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: Realtek PCIe GbE Family Controller -> rt68cx21x64.sys
Wi-Fi: Intel(R) Wi-Fi 6 AX201 160MHz -> Netwtw10.sys
Síťové připojení Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "SMARTNotification"
HKLM\...\StartupApproved\Run32: => "SMART Board Service"
HKLM\...\StartupApproved\Run32: => "SMART Tray Tools"
HKLM\...\StartupApproved\Run32: => "sbsdk-server"
HKLM\...\StartupApproved\Run32: => "SMART Ink"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "Family Tree Builder Update"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "st_global"
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\StartupApproved\Run: => "AVGBrowserAutoLaunch_7EE2BFE1B3B8A803197E356BCB586469"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{DD609FDA-4AD2-4EDA-B048-B78D53D0E0A0}] => (Allow) C:\Program Files\WindowsApps\Muse.MuseHub_1.0.1.693_x64__rb9pth70m6nz6\Muse.Service.exe (Musecy SM Ltd. -> Muse.Service)
FirewallRules: [{8E2E35A3-DEE7-482A-9C3F-1C686010D75B}] => (Allow) C:\Program Files\WindowsApps\Muse.MuseHub_1.0.1.693_x64__rb9pth70m6nz6\Muse.Service.exe (Musecy SM Ltd. -> Muse.Service)
FirewallRules: [{FE8B1B4E-1C73-48C8-9B32-7207AF906D4F}] => (Allow) C:\Program Files\WindowsApps\Muse.MuseHub_1.0.1.693_x64__rb9pth70m6nz6\Muse.Service.exe (Musecy SM Ltd. -> Muse.Service)
FirewallRules: [{E59C594C-FF9F-4103-BC31-4C3D4CA489CE}] => (Allow) C:\Program Files\WindowsApps\Muse.MuseHub_1.0.1.693_x64__rb9pth70m6nz6\Muse.Service.exe (Musecy SM Ltd. -> Muse.Service)
FirewallRules: [UDP Query User{57F64F83-A3BE-4347-82EC-B2193104A9CD}C:\program files\musescore 4\bin\musescore4.exe] => (Allow) C:\program files\musescore 4\bin\musescore4.exe () [File not signed]
FirewallRules: [TCP Query User{B5CDADF5-B9F5-4390-8D24-56B7CA7BEEFF}C:\program files\musescore 4\bin\musescore4.exe] => (Allow) C:\program files\musescore 4\bin\musescore4.exe () [File not signed]
FirewallRules: [{D2357B00-5E34-4342-BA6D-91947EC95CE9}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Software Technology Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{60EAA0D9-7B94-456E-BDC9-01F854FDDEDB}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{75E61BA2-C895-410F-8F12-47D1C8859697}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [UDP Query User{25EB2228-B016-4E08-B3DE-538AF74E06E7}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{762CFD4D-1CE1-43AC-9FDA-95D86C24C4D4}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{24C329C7-F839-49FC-99AD-15CB037238B8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B8B6AC2A-CA06-4F0F-A0CF-987B0D5A26FD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{AE7A16D5-790D-4A69-B7F4-2D2443FC42BF}] => (Allow) C:\Users\vondr\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{AFA40E3C-3A4B-4D65-8CA6-2F2B538ADC7C}] => (Allow) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\UCGui.exe (SMART Technologies ULC -> SMART Technologies)
FirewallRules: [{C2693F67-7F90-47E8-BAC5-D21DDCD29430}] => (Allow) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\UCGui.exe (SMART Technologies ULC -> SMART Technologies)
FirewallRules: [{625B6298-3E39-4BEC-A378-34A10B5D7E6B}] => (Allow) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\UCService.exe (SMART Technologies ULC -> SMART Technologies)
FirewallRules: [{C9FC2339-E561-4842-9402-4D5258E73E35}] => (Allow) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\UCService.exe (SMART Technologies ULC -> SMART Technologies)
FirewallRules: [{51C9519E-14B3-4F3D-A4B1-0A71D350B899}] => (Allow) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTSNMPAgent.exe (SMART Technologies ULC -> SMART Technologies)
FirewallRules: [{D72A7625-1716-4338-B3B5-95DD8614EB91}] => (Allow) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTSNMPAgent.exe (SMART Technologies ULC -> SMART Technologies)
FirewallRules: [{09D6004D-C58D-490B-92DA-528EFADFE65E}] => (Allow) C:\Program Files (x86)\SMART Technologies\Education Software\Notebook.exe (SMART Technologies ULC -> SMART Technologies ULC)
FirewallRules: [{542580BC-9B62-4D86-96A9-F3D4A9037CCA}] => (Allow) C:\Program Files (x86)\SMART Technologies\Education Software\Notebook.exe (SMART Technologies ULC -> SMART Technologies ULC)
FirewallRules: [{43EBF8B2-78A5-478F-8737-CD4E37CA9E7A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EE2BAC3B-FB30-41F8-8090-77100E129D37}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D6771A49-9327-41B2-A4D0-64947F8B8919}] => (Allow) C:\Users\vondr\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{0F000823-23F3-43F9-A139-CE3F64959B36}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\RM.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{26B391DD-70F9-469C-814E-56B10A122B9E}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\RM.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{AF476B1F-839F-46A0-A1C2-091B1864670F}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\NGStudio.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{8F9789AB-7DAC-43F0-B841-04CAF38381E2}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\NGStudio.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{3C588922-5C1D-4EE4-B940-C8C369183531}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\UMI.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{20C929A6-B975-46FB-A382-9158625F9A33}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\UMI.exe (Corel Corporation -> Pinnacle)
FirewallRules: [TCP Query User{91B19305-4BCC-4AD6-AB10-CB5D60170EEF}C:\users\vondr\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\vondr\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{7C1324A5-6FAA-43D2-AF0D-DD6C0B0A5196}C:\users\vondr\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\vondr\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1B928F4C-4ACC-4C04-92B0-186D1440FED9}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Software Technology Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{831393B5-BA13-44CE-9606-EFB19A4E36BF}] => (Allow) C:\Program Files\davinci\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{E25C9EDF-66FE-4BA1-865F-82F1837CABBF}] => (Allow) C:\Program Files\davinci\bmdpaneld.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{30D2C5AB-8965-42D6-A687-AE4AC40BA1C0}] => (Allow) C:\Program Files\davinci\DaVinciPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{C234F19C-AF58-4FE5-A281-81D84501DDE7}] => (Allow) C:\Program Files\davinci\JLCooperPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{C7226308-2E81-419B-9F35-935FDC831C1C}] => (Allow) C:\Program Files\davinci\EuphonixPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{B44025CC-6B06-43E3-BAB1-6746DE8F8B6D}] => (Allow) C:\Program Files\davinci\TangentPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{2D6BA5AB-6B51-421E-840C-B339012E5546}] => (Allow) C:\Program Files\davinci\DPDecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{97D81E44-7E64-4A4C-8A8D-BE4D0A091E53}C:\program files\davinci\fuscript.exe] => (Allow) C:\program files\davinci\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{232C1E3C-E03D-4DC7-9955-504E53AC69C4}C:\program files\davinci\fuscript.exe] => (Allow) C:\program files\davinci\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{7FE3282D-AE5E-46E4-8DCA-B4D26445E210}] => (Allow) C:\Program Files\WindowsApps\Muse.MuseHub_1.0.1.693_x64__rb9pth70m6nz6\Muse.Service.exe (Musecy SM Ltd. -> Muse.Service)
FirewallRules: [{B9C13A73-E524-4493-A376-334CCF063BE0}] => (Allow) C:\Program Files\WindowsApps\Muse.MuseHub_1.0.1.693_x64__rb9pth70m6nz6\Muse.Service.exe (Musecy SM Ltd. -> Muse.Service)
FirewallRules: [{D94B0DC5-760A-4E6C-81AC-41A472AF9D77}] => (Allow) C:\Program Files\WindowsApps\Muse.MuseHub_1.0.1.693_x64__rb9pth70m6nz6\Muse.Service.exe (Musecy SM Ltd. -> Muse.Service)
FirewallRules: [{C2046D68-0C1E-482A-89A9-CAAB3A2C7E77}] => (Allow) C:\Program Files\WindowsApps\Muse.MuseHub_1.0.1.693_x64__rb9pth70m6nz6\Muse.Service.exe (Musecy SM Ltd. -> Muse.Service)
FirewallRules: [{6F4019B5-81DA-4E55-B1F8-F6FE449BE65B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{76164BA3-842A-4BF2-BCDB-FF0CE4027D4E}] => (Allow) C:\Program Files\OpenLP\OpenLP.exe () [File not signed]
FirewallRules: [{7B03F0A6-17E8-436C-A27E-5A6919928DF5}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{AB497E21-49A1-46B5-BAFE-8688DB5544E5}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{A1269F85-3D9F-4690-9301-9E4E98C90820}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.128.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{52DFCDAD-36FC-4D92-9CE5-2010D7B17A40}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.128.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7AFD638E-BB04-478F-A915-34693D01571A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.128.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5B6469D8-2B16-4A9E-88C6-1C8AD0C282D9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.128.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EB172260-C64A-43DF-8547-1DE1FE07F5BC}] => (Allow) C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe (AVG Technologies USA, LLC -> Gen Digital Inc.)
FirewallRules: [{07ED0DF7-5E8A-4C62-AF8F-788A82272104}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24244.507.3118.4732_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{52FA9101-CBBB-4CF7-8E75-99087CF790C8}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24244.507.3118.4732_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{884112A4-BE76-4C05-8B69-6BE1AF8A02A6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.364.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EF0433D3-503B-427D-9275-A8793A247ACA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.364.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{FFF96F75-AC15-4703-ABF4-B1EFBFE3BCBD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.364.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1EA03730-6A7B-4028-9280-DA8A34127298}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.364.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{64CA2984-2B8D-42EC-86B7-49076C050A7B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.364.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{524E2B81-A9E3-45D0-945F-8228E8267D41}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.364.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{85C70B80-118B-4CA8-AC4D-6D8F90DB9704}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.364.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2A0C23F8-2C96-4FB1-B912-7D19FC8C38F9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.364.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4A9B0C6D-3307-45E4-A530-17E0C2681CE9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.364.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{202F5627-FFF7-46F7-BF62-76AE7989337A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.364.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5908A380-B51D-4BCA-8016-0840EE5632F2}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.65\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A28AEA7E-C6DA-446F-8841-2C82044034F5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{ABF4C054-224D-4B93-8738-DE6A57E8928B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{ABA47FA3-366D-4058-B71A-02093FD88B58}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{94A6B6B4-5987-493B-977A-4FA421B37FE4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{89CE1063-15B7-4A85-A302-280B0147DC77}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{30C5114B-E16F-4268-A4AB-5C7CD6E02B5C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6ADCFEE9-8F74-49FD-AF1D-1464BED61D73}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2E9B445E-38C7-4D95-95D7-BF6ADFA9F947}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2CB7E2C7-3882-4DA9-A038-2A8E163CB1C1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A57BB5CC-9DA0-4297-9EA4-47E5E9491DB3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8AFD7127-71A0-475E-A9CA-5A439A5EA7AC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5659ACB8-A156-4D0D-9D42-0BD63D9D74B7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.129.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0422F857-856E-4978-8D53-CD8E44590558}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.129.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2AF64923-3AE3-4B6C-B97B-B3B811F0C22B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.129.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EFB856F4-86E3-4498-9A01-FCBDBFB59CE2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.129.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
20-09-2024 13:44:51 Windows Update
24-09-2024 10:43:27 Windows Update
27-09-2024 15:36:37 Windows Update
01-10-2024 09:51:13 Windows Update
01-10-2024 09:51:24 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (10/02/2024 06:35:41 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Objekt nebo vlastnost nebyly nalezeny.
Error: (10/02/2024 06:35:41 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Objekt nebo vlastnost nebyly nalezeny.
Error: (10/02/2024 06:35:41 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Objekt nebo vlastnost nebyly nalezeny.
Error: (10/02/2024 06:35:40 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Objekt nebo vlastnost nebyly nalezeny.
Error: (10/02/2024 06:35:36 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Objekt nebo vlastnost nebyly nalezeny.
Error: (10/02/2024 06:34:14 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: MBAMService.exe, verze: 3.2.0.1314, časové razítko: 0x6697fdef
Název chybujícího modulu: ntdll.dll, verze: 10.0.22621.4111, časové razítko: 0x518e67bb
Kód výjimky: 0xc0000374
Posun chyby: 0x000000000010caa9
ID chybujícího procesu: 0x0x1364
Čas spuštění chybující aplikace: 0x0x1db14e6c4df3fcd
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: db2eb1e2-2ca5-4e1d-b9b1-d211a13d0a00
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/02/2024 06:34:05 PM) (Source: Application Error) (EventID: 1000) (User: ACER)
Description: Název chybující aplikace: backgroundTaskHost.exe, verze: 10.0.22621.1, časové razítko: 0x004687c2
Název chybujícího modulu: twinapi.appcore.dll, verze: 10.0.22621.4111, časové razítko: 0x8ac9d737
Kód výjimky: 0xc000027b
Posun chyby: 0x00000000000ca273
ID chybujícího procesu: 0x0x27c4
Čas spuštění chybující aplikace: 0x0x1db14e8e4b4ad1d
Cesta k chybující aplikaci: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\twinapi.appcore.dll
ID zprávy: 128f3ab8-8629-4887-8c28-9c6509b05fbb
Úplný název chybujícího balíčku: AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4
ID aplikace související s chybujícím balíčkem: Acer.AcerRegistration
Error: (10/01/2024 09:04:30 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Objekt nebo vlastnost nebyly nalezeny.
System errors:
=============
Error: (10/02/2024 06:34:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Malwarebytes Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.
Error: (10/02/2024 06:20:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (10/02/2024 06:20:55 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).
Error: (10/02/2024 06:18:51 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (21:33:06, 01.10.2024) bylo neočekávané.
Error: (10/02/2024 06:18:37 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684A fatal error occurred processing the restoration data.
Error: (10/01/2024 09:05:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (10/01/2024 09:05:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).
Error: (10/01/2024 09:45:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Windows Defender:
================
Date: 2024-09-28 21:48:49
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: containerfile:_C:\Users\vondr\Desktop\Office_2019_C2R_x86_x64_CS_EN_SK_16.0.11126.20188.ISO; file:_C:\Users\vondr\Desktop\Office_2019_C2R_x86_x64_CS_EN_SK_16.0.11126.20188.ISO->\OInstall.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Uživatel
Uživatel: ACER\vondr
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.419.254.0, AS: 1.419.254.0, NIS: 1.419.254.0
Verze modulu: AM: 1.1.24080.9, NIS: 1.1.24080.9
Date: 2024-09-28 07:56:10
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {B053DE74-6B0F-4A7D-BED9-A1A439F7B1B6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-09-27 15:40:18
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {0C94F69C-5CD8-4361-8626-DDC7540BB27E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-09-26 11:30:17
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: containerfile:_C:\Users\vondr\Desktop\Office_2019_C2R_x86_x64_CS_EN_SK_16.0.11126.20188.ISO; file:_C:\Users\vondr\Desktop\Office_2019_C2R_x86_x64_CS_EN_SK_16.0.11126.20188.ISO->\OInstall.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.419.203.0, AS: 1.419.203.0, NIS: 1.419.203.0
Verze modulu: AM: 1.1.24080.9, NIS: 1.1.24080.9
Date: 2024-09-26 10:40:53
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {70C5005E-7514-4B33-8B27-DD324B88DE26}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]
Date: 2024-10-01 21:02:40
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Zálohování
Kód chyby: 0x80004004
Popis chyby: Operace přerušena
Verze bezpečnostních informací: 1.419.281.0;1.419.281.0
Verze modulu: 1.1.24080.9
Date: 2024-10-01 21:02:39
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80501102
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Verze bezpečnostních informací: 1.419.292.0;1.419.292.0
Verze modulu: 1.1.24080.9
Date: 2024-04-06 20:54:55
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.311.1607.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16800.2
Kód chyby: 0x80072f8f
Popis chyby: Došlo k chybě zabezpečení.
Date: 2024-04-06 20:54:55
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.311.1607.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16800.2
Kód chyby: 0x80072f8f
Popis chyby: Došlo k chybě zabezpečení.
Date: 2024-04-06 20:54:55
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.311.1607.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16800.2
Kód chyby: 0x80072f8f
Popis chyby: Došlo k chybě zabezpečení.
CodeIntegrity:
===============
Date: 2024-10-02 18:36:00
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.
Date: 2024-10-02 18:35:34
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Dropbox\Client\Dropbox.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Dropbox\Client\208.4.5824\vulkan-1.dll that did not meet the Microsoft signing level requirements.
Date: 2024-10-02 18:34:48
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.
Date: 2024-10-02 18:34:21
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\fcon.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: Insyde Corp. V1.24 07/07/2021
Motherboard: CML Doc_WC
Processor: Intel(R) Core(TM) i5-10210U CPU @ 1.60GHz
Percentage of memory in use: 71%
Total physical RAM: 8013.99 MB
Available physical RAM: 2302.13 MB
Total Virtual: 23885.99 MB
Available Virtual: 18304.04 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:952.75 GB) (Free:557.25 GB) (Model: INTEL SSDPEKNW010T8) NTFS
Drive g: (Google Drive) (Fixed) (Total:952.75 GB) (Free:529.38 GB) (Model: INTEL SSDPEKNW010T8) FAT32
\\?\Volume{1d5ebf39-7363-46c2-85c5-6d21b232b7ac}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.15 GB) NTFS
\\?\Volume{c3e08722-726c-4ee4-9a79-cd22e2eab3a5}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 953.9 GB) (Disk ID: 32C3B5EB)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-09-2024
Ran by vondr (administrator) on ACER (Acer Aspire A515-54) (02-10-2024 18:34:19)
Running from C:\Users\vondr\Downloads\FRST64.exe
Loaded Profiles: vondr
Platform: Microsoft Windows 11 Home Version 23H2 22631.4169 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\1.3.911.1\DropboxCrashHandler.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\WerFaultSecure.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_92cf9d9d84f1d3db\igfxCUIService.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_92cf9d9d84f1d3db\igfxEM.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ELANFPService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_3cbddcc68b1c0da2\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_a55aa2cd52a3429d\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_581d7e91d349facc\AS\IAS\IntelAudioService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_31a8dbbf39dcdc3b\jhi_service.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_92cf9d9d84f1d3db\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_0f76d7f335b833dc\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_0f76d7f335b833dc\IntelCpHeciSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Musecy SM Ltd. -> Muse.Service) C:\Program Files\WindowsApps\Muse.MuseHub_1.0.1.693_x64__rb9pth70m6nz6\Muse.Service.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(services.exe ->) (SMART Technologies ULC -> SMART Technologies) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTHelperService.exe
(svchost.exe ->) (AVG Technologies USA, LLC -> AVG Technologies) C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WidgetsPlatformRuntime_1.4.0.0_x64__8wekyb3d8bbwe\WidgetService\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [953120 2019-12-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SMARTNotification] => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTNotification.exe [209856 2019-12-10] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [SMART Board Service] => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTBoardService.exe [2772416 2019-12-10] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [SMART Tray Tools] => C:\Program Files (x86)\Common Files\SMART Technologies\SystemMenu\SMARTSystemMenu.exe [654272 2019-12-01] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [sbsdk-server] => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\sbsdk-server\NodeLauncher.exe [68544 2019-11-08] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [SMART Ink] => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTInk.exe [287680 2019-12-11] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [Family Tree Builder Update] => C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [17935752 2021-03-21] (MyHeritage (USA) Inc. -> MyHeritage)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [9235344 2024-09-17] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [460944 2022-09-01] (Power Software Limited -> Power Software Ltd)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [1130416 2024-09-20] (Adobe Inc. -> Adobe Inc.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\97.0.1.0\GoogleDriveFS.exe [61368936 2024-09-16] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\97.0.1.0\GoogleDriveFS.exe [61368936 2024-09-16] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4919200 2024-09-19] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45125936 2024-09-18] (Gen Digital Inc. -> Piriform Software Ltd)
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\Run: [Discord] => C:\Users\vondr\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\97.0.1.0\GoogleDriveFS.exe [61368936 2024-09-16] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [482128 2022-11-05] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\Run: [AVGBrowserAutoLaunch_7EE2BFE1B3B8A803197E356BCB586469] => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [3174568 2024-09-11] (AVG Technologies USA, LLC -> Gen Digital Inc.)
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\MountPoints2: {3e27dab4-5d29-11ed-a894-b4a9fc4636cb} - "D:\OInstall.exe"
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\97.0.1.0\GoogleDriveFS.exe [61368936 2024-09-16] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\SMART Local Port: C:\Windows\system32\smrtlocalmon.dll [38336 2019-12-11] (SMART Technologies ULC -> SMART Technologies ULC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{48F69C39-1356-4A7B-A899-70E3539D4982}] -> C:\Program Files (x86)\AVG\Browser\Application\128.0.26382.138\Installer\chrmstp.exe [2024-09-19] (AVG Technologies USA, LLC -> Gen Digital Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\129.0.6668.71\Installer\chrmstp.exe [2024-10-02] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\Users\vondr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2022-02-06]
ShortcutTarget: MEGAsync.lnk -> C:\Users\vondr\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {73136951-D3EA-421A-8B36-39C07D0E4620} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe -> C:\Program Files (x86)\Acer\Care Center\-auto
Task: {ED036599-25D7-4C26-80B1-92B38836DE1E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1563080 2024-07-31] (Adobe Inc. -> Adobe Inc.)
Task: {3A63133B-6693-4CB2-B7A7-FCC88C32D7BE} - System32\Tasks\AVG Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [3174568 2024-09-11] (AVG Technologies USA, LLC -> Gen Digital Inc.)
Task: {2051A499-55AF-40E9-A3B3-8D20AD3BB528} - System32\Tasks\AVG Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [3174568 2024-09-11] (AVG Technologies USA, LLC -> Gen Digital Inc.)
Task: {C5720183-AAC2-407E-A929-563A52583F12} - System32\Tasks\AVGBrowserProtectS-1-5-21-3501418858-3935017464-633493477-1001 => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowserProtect.exe [1690040 2024-04-23] (AVG Technologies USA, LLC -> Gen Digital Inc.)
Task: {8DE0C78B-7DCE-45AA-9BF5-7EE547BF8A77} - System32\Tasks\AVGUpdateTaskMachineCore => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [209224 2022-12-13] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {D024C990-8584-4BE7-A555-0A4FAE095D04} - System32\Tasks\AVGUpdateTaskMachineUA => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [209224 2022-12-13] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {1CC399E4-A613-4C86-825E-506CF2EC7796} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [829408 2024-09-18] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {AC3EEF36-3C8F-47A4-BAB2-2F566D9C5ADC} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5937456 2024-09-18] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "72f88dc7-1a5a-4773-a687-e6ea72779fdd" --version "6.28.11297" --silent
Task: {56FCD6C3-AD0E-45D3-8B1E-386BC75ECDA7} - System32\Tasks\CCleanerSkipUAC - vondr => C:\Program Files\CCleaner\CCleaner.exe [39012144 2024-09-18] (Gen Digital Inc. -> Piriform Software Ltd)
Task: {76207EF4-D7A4-476C-AAF1-D17A3C9F2BB7} - System32\Tasks\CorelUpdateHelperTaskCore => C:\Program Files (x86)\Corel\CUH\v2\CUH.EXE [1589696 2016-08-25] (Corel Corporation -> Corel Corporation)
Task: {063E0D4F-A169-42D1-B0D0-6D23A17987C4} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {F5D9ED7C-22FB-406A-AEB1-B54A25166D3B} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {C938C892-9D4E-4E5D-847A-7D2346394EB9} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{796DF830-26B5-4C96-8720-2ABD1B9CD1F7} => C:\Program Files (x86)\Google\GoogleUpdater\130.0.6679.0\updater.exe [4884584 2024-08-26] (Google LLC -> Google LLC)
Task: {259B4B62-25EA-4089-A510-0B87DE93A06F} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-3501418858-3935017464-633493477-1001 => C:\Users\vondr\AppData\Local\MEGAsync\MEGAupdater.exe [2531592 2024-06-11] (Mega Limited -> )
Task: {7C7864B9-673B-49E2-9BD4-1E674A6D0FDE} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28617448 2024-09-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {8755CF8A-EF60-4A43-B188-BC733E2853FF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28617448 2024-09-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {18A7EDBC-D773-4E0A-9232-AE6E82242304} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312472 2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {45CCF10F-8CD3-45A0-991D-EE16792DA1FC} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312472 2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {A8C8B8F1-6EA1-4D8C-BD10-3BAA55B9A83D} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [187328 2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {AA11E31D-FB1D-4214-9E59-64592C4E120F} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {D7BE0AEA-7374-48B0-A496-75906B690A0A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (No File)
Task: {B471091F-5D76-42BD-8ED1-CB76069E67C2} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval => %systemroot%\system32\MusNotification.exe Display (No File)
Task: {6E49949C-C062-484D-A1FD-D886E90C93DD} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC ReadyToReboot (No File)
Task: {2CB04670-A778-4203-A8F6-66E5CFA231A7} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery ReadyToReboot (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {13B73793-F79F-4441-B4EB-10AEC3E79241} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [31816 2024-09-18] (Mozilla Corporation -> Mozilla Foundation)
Task: {C7540E9F-992B-49BA-BD6F-B49A96C035A3} - System32\Tasks\Oem\AcerJumpstartTask => "C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe" /default (No File)
Task: {082A6EFC-488C-4368-8DCF-7C3C6E0C2DEE} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209192 2024-09-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {A81E7F78-A7EF-4EB0-A6A6-042936461029} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3501418858-3935017464-633493477-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209192 2024-09-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {A61B21F7-B383-4510-85C0-F7B4D3E6D237} - System32\Tasks\S-1-5-21-3501418858-3935017464-633493477-1001\DataSenseLiveTileTask => %SystemRoot%\System32\DataUsageLiveTileTask.exe (No File)
Task: {096D3188-360A-44AE-AD0E-A8B12CA94972} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473880 2020-07-16] (Acer Incorporated -> Acer Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 93.93.32.32 93.93.33.33 192.168.22.1
Tcpip\..\Interfaces\{4e8c78d5-12f3-471b-bd12-26482e625aea}: [DhcpNameServer] 93.93.32.32 93.93.33.33 192.168.22.1
Tcpip\..\Interfaces\{774ed856-bf70-462c-ac71-60ea5fe1934c}: [DhcpNameServer] 40.33.1.66
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\vondr\AppData\Local\Microsoft\Edge\User Data\Default [2024-09-30]
Edge Extension: (Dokumenty Google offline) - C:\Users\vondr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-07-07]
Edge Extension: (Edge relevant text changes) - C:\Users\vondr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
FireFox:
========
FF DefaultProfile: gteda8g8.default
FF ProfilePath: C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Profiles\ob9ytkzq.default-release-1 [2024-10-01]
FF Notifications: Mozilla\Firefox\Profiles\ob9ytkzq.default-release-1 -> hxxps://www.svetviry.cz; hxxps://calendar.google.com
FF Extension: (AdBlocker Ultimate) - C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Profiles\ob9ytkzq.default-release-1\Extensions\adblockultimate@adblockultimate.net.xpi [2024-07-18]
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Profiles\ob9ytkzq.default-release-1\Extensions\cs@dictionaries.addons.mozilla.org.xpi [2021-06-19]
FF Extension: (Language: Čeština (Czech)) - C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Profiles\ob9ytkzq.default-release-1\Extensions\langpack-cs@firefox.mozilla.org.xpi [2024-09-16]
FF Extension: (TWP - Translate Web Pages) - C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Profiles\ob9ytkzq.default-release-1\Extensions\{036a55b4-5e72-4d05-a06c-cba2dfcc134a}.xpi [2024-03-11]
FF Extension: (Adblock na Youtube™) - C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Profiles\ob9ytkzq.default-release-1\Extensions\{0ac04bdb-d698-452f-8048-bcef1a3f4b0d}.xpi [2022-02-21]
FF ProfilePath: C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Profiles\gteda8g8.default [2021-01-24]
FF NewTab: Mozilla\Firefox\Profiles\gteda8g8.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10378__200606
FF ProfilePath: C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Profiles\shkk2f8c.default-release-1621189060132 [2024-10-01]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-06-08] (Unity Technologies ApS -> Unity Technologies ApS)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2024-09-20] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avgbrowser.com/AVG Browser;version=3 -> C:\Program Files (x86)\AVG\Browser\Update\1.8.1582.3\npAvgBrowserUpdate3.dll [2022-12-13] (AVG Technologies USA, LLC -> AVG Technologies)
FF Plugin-x32: @update.avgbrowser.com/AVG Browser;version=9 -> C:\Program Files (x86)\AVG\Browser\Update\1.8.1582.3\npAvgBrowserUpdate3.dll [2022-12-13] (AVG Technologies USA, LLC -> AVG Technologies)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2024-09-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2024-09-20] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Profile 3
CHR Profile: C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Default [2024-10-01]
CHR Extension: (Tampermonkey) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2024-05-19]
CHR Extension: (Dokumenty Google offline) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-13]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-08-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Profile: C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-09-30]
CHR Profile: C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 3 [2024-10-01]
CHR Notifications: Profile 3 -> hxxps://calendar.google.com
CHR Extension: (Dokumenty Google offline) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-06]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-09-20]
CHR Extension: (Komponenta pro aplikaci BUSINESS 24) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\iaihapeddbkncmmikkpmeggfecohnahg [2023-07-17]
CHR Extension: (Violentmonkey) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\jinjaccalgkegednnccohejagnlnfdag [2024-09-25]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-08-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-06-07]
CHR Extension: (Crypto Web Extension) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjohlogcennenjhkfclfgaganagadkkm [2024-05-13]
CHR Profile: C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 4 [2024-09-30]
CHR Extension: (Google Docs Offline) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-18]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-10-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-09-20]
CHR Profile: C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 5 [2024-09-30]
CHR Extension: (Google Docs Offline) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-10]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-09-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-05-21]
CHR Profile: C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 6 [2024-09-30]
CHR Extension: (Google Docs Offline) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-25]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-09-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-09-27]
CHR Profile: C:\Users\vondr\AppData\Local\Google\Chrome\User Data\System Profile [2024-10-01]
CHR HKU\S-1-5-21-3501418858-3935017464-633493477-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-07-31] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [944048 2024-09-20] (Adobe Inc. -> Adobe Inc.)
S2 avg; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [209224 2022-12-13] (AVG Technologies USA, LLC -> AVG Technologies)
S3 avgm; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [209224 2022-12-13] (AVG Technologies USA, LLC -> AVG Technologies)
S3 AVGSecureBrowserElevationService; C:\Program Files (x86)\AVG\Browser\Application\128.0.26382.138\elevation_service.exe [1722592 2024-09-11] (AVG Technologies USA, LLC -> Gen Digital Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1087792 2024-09-18] (Gen Digital Inc. -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13861048 2024-09-22] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2024-09-17] (Dropbox, Inc -> Dropbox, Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4976976 2022-11-05] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 DropboxElevationService; C:\Program Files (x86)\Dropbox\Client\208.4.5824\DropboxElevationService.exe [1659288 2024-09-17] (Dropbox, Inc -> Dropbox, Inc.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [145224 2017-02-27] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.171.0825.0002\FileSyncHelper.exe [3523112 2024-09-19] (Microsoft Corporation -> Microsoft Corporation)
R2 IntelAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_581d7e91d349facc\AS\IAS\IntelAudioService.exe [412120 2023-09-17] (Intel Corporation -> Intel)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8965728 2024-10-01] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-10-01] (Malwarebytes Inc. -> Malwarebytes)
S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpDefenderCoreService.exe [1431160 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Muse Hub Background Service; C:\Program Files\WindowsApps\Muse.MuseHub_1.0.1.693_x64__rb9pth70m6nz6\Muse.Service.exe [169472 2023-01-08] (Musecy SM Ltd. -> Muse.Service)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.171.0825.0002\OneDriveUpdaterService.exe [3863592 2024-09-19] (Microsoft Corporation -> Microsoft Corporation)
R2 SMARTHelperService; C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTHelperService.exe [635328 2019-12-10] (SMART Technologies ULC -> SMART Technologies)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\NisSrv.exe [3199656 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MsMpEng.exe [133704 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [36800 2022-06-02] (Acer Incorporated -> Acer Incorporated)
R1 Amfilter; C:\WINDOWS\system32\DRIVERS\Amfltx64.sys [12288 2023-09-17] (Microsoft Windows Hardware Compatibility Publisher -> (Standard mouse types))
R3 Amusbprt; C:\WINDOWS\system32\DRIVERS\Amusbx64.sys [17920 2023-09-17] (Microsoft Windows Hardware Compatibility Publisher -> A4Tech Co.,Ltd.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [544768 2023-12-12] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [188416 2024-03-13] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2022-11-05] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [63696 2022-11-05] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2024-10-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 googledrivefs31626; C:\Program Files\Google\Drive File Stream\Drivers\31626\googledrivefs31626.sys [384096 2024-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [231504 2024-10-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-10-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt11.sys [234168 2024-10-01] (Malwarebytes Inc. -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [78928 2024-10-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239568 2024-10-02] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [189776 2024-10-01] (Malwarebytes Inc. -> Malwarebytes)
R3 rt68cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_0f3a2b5f72186666\rt68cx21x64.sys [717160 2023-09-14] (Realtek Semiconductor Corp. -> Realtek)
R3 SMARTMouseFilterx64; C:\WINDOWS\System32\drivers\SMARTMouseFilterx64.sys [18952 2019-12-10] (Microsoft Windows Hardware Compatibility Publisher -> SMART Technologies)
R3 SMARTVHidMiniVistaAmd64; C:\WINDOWS\System32\drivers\SMARTVHidMiniVistaAmd64.sys [28168 2019-12-10] (Microsoft Windows Hardware Compatibility Publisher -> SMART Technologies)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [22080 2024-09-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [602392 2024-09-17] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2024-09-17] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-10-02 18:34 - 2024-10-02 18:34 - 000000000 ____D C:\Users\vondr\AppData\LocalLow\IGDump
2024-10-02 18:26 - 2024-10-02 18:26 - 000727012 _____ C:\WINDOWS\system32\perfh005.dat
2024-10-02 18:26 - 2024-10-02 18:26 - 000151244 _____ C:\WINDOWS\system32\perfc005.dat
2024-10-01 21:57 - 2024-10-01 21:57 - 000011687 _____ C:\Users\vondr\Downloads\Nový Microsoft Excel Worksheet_2024.xlsx
2024-10-01 21:06 - 2024-10-01 21:06 - 000001225 _____ C:\Users\vondr\Desktop\Malwarebytes Scan Report 2024-10-01 190507.txt
2024-10-01 21:03 - 2024-10-01 21:03 - 000234168 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt11.sys
2024-10-01 21:03 - 2024-10-01 21:03 - 000189776 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2024-10-01 20:52 - 2024-10-01 20:52 - 001642925 _____ C:\Users\vondr\Desktop\Malwarebytes Scan Report 2024-10-01 183251.txt
2024-10-01 20:12 - 2024-10-01 21:58 - 000000000 ____D C:\Users\vondr\AppData\Local\Malwarebytes
2024-10-01 20:11 - 2024-10-01 20:11 - 000002097 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-10-01 20:11 - 2024-10-01 20:11 - 000002085 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2024-10-01 20:11 - 2024-10-01 20:11 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-10-01 20:11 - 2024-10-01 20:11 - 000000000 ____D C:\Program Files\Malwarebytes
2024-10-01 20:06 - 2024-10-01 20:10 - 279713832 _____ (Malwarebytes) C:\Users\vondr\Downloads\MBSetup-076981.076981-5.1.9.124.exe
2024-09-30 20:12 - 2024-09-30 20:12 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-09-30 20:00 - 2024-09-30 20:11 - 000081223 _____ C:\Users\vondr\Downloads\Addition.txt
2024-09-30 19:56 - 2024-10-02 18:35 - 000034563 _____ C:\Users\vondr\Downloads\FRST.txt
2024-09-30 19:56 - 2024-10-02 18:34 - 000000000 ____D C:\FRST
2024-09-30 19:26 - 2024-09-30 19:26 - 002397696 _____ (Farbar) C:\Users\vondr\Downloads\FRST64.exe
2024-09-30 18:42 - 2024-09-30 18:42 - 000000000 ____D C:\Users\vondr\Downloads\Photos-001 (1)
2024-09-30 16:56 - 2024-09-30 16:59 - 045745463 _____ C:\Users\vondr\Downloads\Photos-001 (1).zip
2024-09-30 16:17 - 2024-09-30 18:17 - 2477729943 _____ C:\Users\vondr\Downloads\INSIDE.OUT.2 -2024. ENG. FullHD.mp4
2024-09-28 21:34 - 2024-09-28 22:04 - 000000002 _____ C:\Users\vondr\count.vip
2024-09-28 21:32 - 2024-10-01 20:57 - 000000000 __SHD C:\explorerwin
2024-09-27 15:30 - 2024-09-27 15:30 - 000049479 _____ C:\Users\vondr\Downloads\priloha_1418121780_0_Pospisil_Schneider.pdf
2024-09-25 21:05 - 2024-09-25 21:05 - 075339115 _____ C:\Users\vondr\Downloads\Fyzika 8 _ ZŠ a gymnázia _ FRAUS.pdf
2024-09-25 21:03 - 2024-09-25 21:04 - 066621790 _____ C:\Users\vondr\Downloads\Chemie 9 3D _ 9. ročník ZŠ a gymnázia _ FRAUS.pdf
2024-09-25 21:03 - 2024-09-25 21:03 - 068933978 _____ C:\Users\vondr\Downloads\Chemie 8 3D _ 8. ročník ZŠ a gymnázia _ FRAUS.pdf
2024-09-25 20:44 - 2024-09-25 20:44 - 046739903 _____ C:\Users\vondr\Downloads\SLABIKÁŘ 1 do světa slov _ ZŠ _ FRAUS.pdf
2024-09-24 19:20 - 2024-09-24 19:20 - 000012823 _____ C:\Users\vondr\Downloads\Rozpočet do konce roku 2024.xlsx
2024-09-22 18:44 - 2024-09-22 18:44 - 000115647 _____ C:\Users\vondr\Downloads\Literární věda 4.pdf
2024-09-22 18:40 - 2024-09-22 18:40 - 000269840 _____ C:\Users\vondr\Downloads\Literární věda 3.pdf
2024-09-22 18:38 - 2024-09-22 18:38 - 000288952 _____ C:\Users\vondr\Downloads\Literání věda 2.pdf
2024-09-22 16:36 - 2024-09-22 16:36 - 000933277 _____ C:\Users\vondr\Downloads\Sablony_Klice-k-rozvoji-skoly.pdf
2024-09-19 13:27 - 2024-09-19 13:27 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2024-09-19 10:36 - 2024-09-19 10:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2024-09-18 20:09 - 2024-09-28 22:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2024-09-17 16:18 - 2024-09-17 16:18 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2024-09-17 13:34 - 2024-09-17 13:34 - 000656787 _____ C:\Users\vondr\Downloads\1. pracovní list - obory biologie.pdf
2024-09-15 15:07 - 2024-09-15 15:07 - 000204195 _____ C:\Users\vondr\Downloads\Pravopisná cvičení.pdf
2024-09-15 08:20 - 2024-09-15 08:20 - 000446761 _____ C:\Users\vondr\Downloads\Metodické doporuÄ_enÃ_ k průbÄ›hu individuálnÃ_ho vzdÄ›lávánÃ_ dÄ›tÃ_ v mateÅ™ských Å¡kolách a ověřenÃ_ dosahovánÃ_ oÄ_ekávaných výstupů-3.pdf
2024-09-13 21:15 - 2024-09-13 21:16 - 000000000 ____D C:\Users\vondr\Downloads\Photos-001
2024-09-13 20:50 - 2024-09-13 20:50 - 005213768 _____ C:\Users\vondr\Downloads\Photos-001.zip
2024-09-11 19:29 - 2024-09-11 19:29 - 000161781 _____ C:\Users\vondr\Downloads\Potvrzeni-o-studiu-David Vraj.pdf
2024-09-10 19:38 - 2024-09-10 19:38 - 001594446 _____ C:\Users\vondr\Downloads\Babice - pers.zip
2024-09-10 19:38 - 2024-09-10 19:38 - 000000000 ____D C:\Users\vondr\Downloads\Babice - pers
2024-09-09 19:33 - 2024-09-09 19:33 - 000365485 _____ C:\Users\vondr\Downloads\1-Hynková zápočtový list.pdf
2024-09-07 20:09 - 2024-09-07 20:09 - 000000000 ____D C:\Users\vondr\AppData\Roaming\openlp
2024-09-07 20:08 - 2024-09-07 20:08 - 000000000 ____D C:\Users\vondr\Downloads\ez21--openlp-2022-01-25
2024-09-07 20:07 - 2024-09-07 20:07 - 000000000 ____D C:\Users\vondr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenLP
2024-09-07 20:07 - 2024-09-07 20:07 - 000000000 ____D C:\Program Files\OpenLP
2024-09-07 20:06 - 2024-09-07 20:06 - 000710738 _____ C:\Users\vondr\Downloads\ez21--openlp-2022-01-25.zip
2024-09-07 19:59 - 2024-09-07 20:01 - 205410875 _____ C:\Users\vondr\Downloads\OpenLP-3.1.3-x64.msi
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-10-02 18:35 - 2020-06-14 21:47 - 000000000 ____D C:\Users\vondr\AppData\Roaming\Dropbox
2024-10-02 18:35 - 2020-06-14 21:46 - 000000000 ___HD C:\Users\vondr\AppData\Local\Dropbox
2024-10-02 18:34 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-10-02 18:34 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-10-02 18:34 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-10-02 18:34 - 2020-03-22 09:07 - 000000000 ___HD C:\Users\vondr\AppData\Local\CrashDumps
2024-10-02 18:34 - 2020-03-21 06:35 - 000000000 ___RD C:\Users\vondr\OneDrive
2024-10-02 18:34 - 2020-03-21 06:21 - 000000000 ___SD C:\Users\vondr\AppData\Roaming\Microsoft\Credentials
2024-10-02 18:34 - 2020-03-20 16:01 - 000000000 ____D C:\Program Files\CCleaner
2024-10-02 18:33 - 2020-03-21 06:33 - 000000000 __SHD C:\Users\vondr\IntelGraphicsProfiles
2024-10-02 18:31 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-10-02 18:29 - 2023-03-21 23:05 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-10-02 18:26 - 2023-03-21 23:12 - 001718028 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-10-02 18:26 - 2022-05-07 07:22 - 000000000 ____D C:\WINDOWS\INF
2024-10-02 18:19 - 2020-03-20 15:55 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-10-02 18:18 - 2023-03-21 23:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-10-02 18:18 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ServiceState
2024-10-02 18:18 - 2021-03-12 23:12 - 000012288 ___SH C:\DumpStack.log.tmp
2024-10-01 21:58 - 2020-03-21 06:33 - 000000000 ___HD C:\Users\vondr\AppData\Local\Packages
2024-10-01 21:57 - 2023-03-23 20:09 - 000000000 ____D C:\Users\vondr\AppData\Local\Deployment
2024-10-01 21:57 - 2020-03-20 20:36 - 000000000 ____D C:\Users\vondr\AppData\Roaming\Microsoft\Excel
2024-10-01 21:52 - 2020-03-20 16:35 - 000000000 ____D C:\Users\vondr\AppData\Roaming\Microsoft\Word
2024-10-01 21:08 - 2022-02-11 14:56 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-10-01 21:02 - 2022-05-07 07:17 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-10-01 20:11 - 2022-05-07 07:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-10-01 09:43 - 2023-03-21 23:05 - 000656952 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-09-30 20:12 - 2023-03-21 12:53 - 000000000 ___DC C:\WINDOWS\Panther
2024-09-30 20:12 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-09-30 20:12 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-09-30 20:12 - 2019-10-26 21:30 - 000000000 ____D C:\Program Files\Microsoft Office
2024-09-30 18:44 - 2020-03-28 09:23 - 000000000 ____D C:\Users\vondr\AppData\Roaming\vlc
2024-09-30 16:54 - 2022-02-06 21:58 - 000000000 ___RD C:\Users\vondr\Documents\Mega
2024-09-28 22:05 - 2022-09-21 09:34 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-09-28 22:05 - 2021-05-16 20:56 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-09-28 21:34 - 2023-03-21 23:06 - 000000000 ____D C:\Users\vondr
2024-09-28 07:46 - 2020-06-09 19:13 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-09-24 21:54 - 2020-03-22 15:21 - 000000000 ____D C:\Users\vondr\AppData\Roaming\MuseScore
2024-09-20 13:39 - 2023-03-21 23:13 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-09-20 13:39 - 2023-03-21 23:13 - 000003380 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2024-09-20 13:26 - 2020-03-22 08:35 - 000000000 ___HD C:\Users\vondr\AppData\Local\Adobe
2024-09-20 13:25 - 2023-03-03 21:57 - 000001386 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2024-09-20 13:25 - 2021-10-04 21:20 - 000000000 ____D C:\Program Files\Common Files\Adobe
2024-09-20 13:25 - 2021-10-04 21:20 - 000000000 ____D C:\Program Files\Adobe
2024-09-20 13:25 - 2020-03-20 19:19 - 000000000 ____D C:\Program Files (x86)\Adobe
2024-09-19 20:48 - 2020-10-17 06:51 - 000002379 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Secure Browser.lnk
2024-09-19 20:27 - 2020-05-08 08:25 - 000000000 ____D C:\Users\vondr\Desktop\Lydinka
2024-09-19 13:27 - 2021-05-16 20:56 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-09-19 10:56 - 2021-09-04 20:23 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-09-19 10:55 - 2023-03-21 23:13 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3501418858-3935017464-633493477-1001
2024-09-19 10:55 - 2023-03-21 23:13 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-09-19 10:55 - 2020-05-25 16:32 - 000002134 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-09-19 10:41 - 2020-03-21 06:17 - 000000000 ____D C:\ProgramData\Packages
2024-09-19 10:40 - 2020-03-21 06:35 - 000000000 ___HD C:\Users\vondr\AppData\Local\PlaceholderTileLogoFolder
2024-09-19 10:36 - 2020-06-14 21:46 - 000000000 ____D C:\Program Files (x86)\Dropbox
2024-09-18 19:24 - 2020-03-21 11:21 - 000000000 ____D C:\Users\vondr\Documents\Angličtina
2024-09-17 21:08 - 2019-10-26 20:40 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-09-17 13:29 - 2021-11-28 19:26 - 000000000 ____D C:\Users\vondr\AppData\Roaming\com.adobe.dunamis
2024-09-16 20:58 - 2022-10-14 08:03 - 000002140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2024-09-16 19:44 - 2021-09-10 18:39 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2024-09-16 19:44 - 2021-09-10 18:39 - 000002012 _____ C:\Users\Default\Desktop\Google Slides.lnk
2024-09-16 19:44 - 2021-09-10 18:39 - 000002012 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2024-09-16 19:44 - 2021-09-10 18:39 - 000002000 _____ C:\Users\Default\Desktop\Google Docs.lnk
2024-09-11 21:35 - 2023-10-11 21:41 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-09-11 21:35 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2024-09-11 21:35 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\F12
2024-09-11 21:35 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-09-11 21:35 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\WUModels
2024-09-11 21:35 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-09-11 21:35 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-09-11 21:35 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-09-11 21:35 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2024-09-11 21:35 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-09-11 21:35 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-09-11 21:35 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\Provisioning
2024-09-11 21:35 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-09-11 13:16 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-09-11 13:09 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-09-11 13:05 - 2023-03-21 23:06 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-09-11 12:56 - 2020-03-21 08:36 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-09-11 12:50 - 2020-03-21 08:36 - 199688632 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-09-09 13:09 - 2023-03-21 23:13 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-09-09 13:09 - 2023-03-21 23:13 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-09-07 20:27 - 2020-03-20 16:35 - 000000000 ____D C:\Users\vondr\AppData\Roaming\Microsoft\Office
2024-09-04 18:45 - 2020-06-26 20:30 - 000000000 ___HD C:\Users\vondr\AppData\Local\D3DSCache
==================== Files in the root of some directories ========
2020-03-24 15:38 - 2021-01-11 21:59 - 000000806 _____ () C:\Users\vondr\AppData\Roaming\ACER.MTBF.txt
2020-03-24 15:38 - 2020-03-24 15:49 - 000000678 _____ () C:\Users\vondr\AppData\Roaming\__AvidCloudManager.log
2020-03-24 15:38 - 2020-03-24 15:47 - 000000647 _____ () C:\Users\vondr\AppData\Roaming\__AvidCloudManagerPrevious.log
2020-05-18 22:12 - 2020-05-18 22:15 - 000000716 _____ () C:\Users\vondr\AppData\Roaming\{E4A5EDDB-14CF-DFF1-5402-0DB91944F0C4}
2020-03-24 15:39 - 2020-06-04 20:42 - 000003584 ____H () C:\Users\vondr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-09-2024
Ran by vondr (02-10-2024 18:36:25)
Running from C:\Users\vondr\Downloads
Microsoft Windows 11 Home Version 23H2 22631.4169 (X64) (2023-03-22 06:23:30)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3501418858-3935017464-633493477-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3501418858-3935017464-633493477-503 - Limited - Disabled)
evraj (S-1-5-21-3501418858-3935017464-633493477-1002 - Limited - Disabled)
Guest (S-1-5-21-3501418858-3935017464-633493477-501 - Limited - Disabled)
vondr (S-1-5-21-3501418858-3935017464-633493477-1001 - Administrator - Enabled) => C:\Users\vondr
WDAGUtilityAccount (S-1-5-21-3501418858-3935017464-633493477-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton Security Ultra (Disabled - Out of date) {A2708B76-6835-6565-CB96-694212954A75}
AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acer Jumpstart (HKLM-x32\...\{4335EAF1-21F1-43D3-8F6F-D7E481E6959A}) (Version: 3.3.19180.60 - Acer)
Adobe Acrobat Reader - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 24.003.20112 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 6.4.0.361 - Adobe Inc.)
Adobe Character Animator 2022 (HKLM-x32\...\CHAR_22_5) (Version: 22.5 - Adobe Inc.)
Adobe Character Animator 2023 (HKLM-x32\...\CHAR_23_6) (Version: 23.6 - Adobe Inc.)
Adobe Character Animator 2024 (HKLM-x32\...\CHAR_24_0) (Version: 24.0 - Adobe Inc.)
Adobe Illustrator 2024 (HKLM-x32\...\ILST_28_1) (Version: 28.1 - Adobe Inc.)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_13_1) (Version: 13.1 - Adobe Inc.)
Adobe Media Encoder 2023 (HKLM-x32\...\AME_23_6_2) (Version: 23.6.2 - Adobe Inc.)
Adobe Media Encoder 2024 (HKLM-x32\...\AME_24_1_1) (Version: 24.1.1 - Adobe Inc.)
Adobe Photoshop 2022 (HKLM-x32\...\PHSP_23_5_5) (Version: 23.5.5.1103 - Adobe Inc.)
Adobe Photoshop 2023 (HKLM-x32\...\PHSP_24_7) (Version: 24.7.0.643 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601078}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Antares Autotune Evo VST RTAS v6.0.9 (HKLM-x32\...\Antares Autotune Evo VST RTAS_is1) (Version: - )
Audacity 2.3.3 (HKLM-x32\...\Audacity_is1) (Version: 2.3.3 - Audacity Team)
AVG Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1066.0 - AVG Technologies) Hidden
AVG Update Helper (HKLM-x32\...\{EDB7AEE7-E932-4836-AE50-D3B0B7766CB5}) (Version: 1.8.1582.3 - AVG Technologies) Hidden
Avidemux VC++ 64bits (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\{958c1728-e7f8-47a4-980a-8dafc359bffe}) (Version: 2.7.5 - Mean)
Bandicam (HKLM-x32\...\Bandicam) (Version: 7.0.0.2117 - Bandicam.com)
Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com)
calibre 64bit (HKLM\...\{7F97780B-9EAD-4000-BD3A-F6D0FE096D56}) (Version: 6.29.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 6.28 - Piriform)
Corel Update Manager (HKLM-x32\...\{FB8387EF-D663-4152-A13E-6B963AC1052A}) (Version: 2.3 - Corel corporation)
Crypto Native App verze 23.01.8574 (HKLM\...\{79D8049F-2978-4E91-90BD-3428C8FF2E69}_is1) (Version: 23.01.8574 - TESCO SW a.s.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 11.1.0.2037 - Disc Soft Ltd)
DaVinci Resolve (HKLM\...\{8CD009CC-08AB-4873-BA5C-DC4AEA8BACEB}) (Version: 16.2.7010 - Blackmagic Design)
Dazzle Video Capture DVC100 X64 Driver 1.06 (HKLM-x32\...\{BFF23267-1D19-444E-93E2-E5059BE805EA}) (Version: 1.06.0000 - Pinnacle)
Dazzle Video Capture DVC100 X64 Driver 1.08 (HKLM-x32\...\{FB4B9EB9-68B2-4C42-8C38-B65F8FE5A5CA}) (Version: 1.08.0000 - Pinnacle)
DidaktaCZ 1.0.0 (HKLM-x32\...\7e81f6ca-38af-5207-b03c-2ecbe5f1ce8e) (Version: 1.0.0 - SILCOM Multimedia, s.r.o.)
Discord (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
DjVu Viewer (HKLM-x32\...\{3A959BCB-643A-462F-A692-5B7FE4CE35AC}_is1) (Version: - djvuviewer.com)
Dropbox (HKLM-x32\...\Dropbox) (Version: 208.4.5824 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.911.1 - Dropbox, Inc.) Hidden
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
FFmpeg 5.0.0 for Audacity - x86_64 (HKLM\...\FFmpeg for Audacity_is1) (Version: - )
Fire Department (HKLM-x32\...\{1BE73DD5-DB8C-4068-867D-FD7D72CE049D}) (Version: - )
Flexibooks 4.6.1 (64 bit) (HKLM\...\{D36F5D15-E633-45E7-803B-4FC66F183092}) (Version: 4.6.1 - Fraus Media s.r.o. 2016)
FormApps Plug-in GPO (HKLM-x32\...\{4E6F3A31-FADD-4634-A820-3EC96877C7B9}) (Version: 1.29.0.79 - Software602 a.s.)
FormatFactory 5.12.2.0 (HKLM-x32\...\FormatFactory) (Version: 5.12.2.0 - Free Time)
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 97.0.1.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 129.0.6668.71 - Google LLC)
HandBrake 1.3.3 (HKLM-x32\...\HandBrake) (Version: 1.3.3 - )
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kontrola stavu osobního počítače s Windows (HKLM\...\{D18FE9D2-2F54-4C68-A2DE-A59D4A80A9BC}) (Version: 3.1.2109.29003 - Microsoft Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Malwarebytes version 5.1.10.127 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.1.10.127 - Malwarebytes)
Media Creator Student (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\Media Creator Student) (Version: - NOVÁ ŠKOLA, s.r.o.)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Host - 6.0.33 (x64) (HKLM\...\{8584855C-3B2B-4F95-BE1D-CCA5B6DE2815}) (Version: 48.132.18378 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.33 (x64) (HKLM\...\{62A8E894-9FD1-45A0-A4D0-BD9FA854818D}) (Version: 48.132.18378 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.33 (x64) (HKLM\...\{07BE9B02-0247-471C-B06F-A3B1A8FA9216}) (Version: 48.132.18378 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 129.0.2792.65 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 129.0.2792.65 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProplusRetail - cs-cz) (Version: 16.0.18025.20104 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.18025.20104 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Retail - cs-cz) (Version: 16.0.18025.20104 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.18025.20104 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.171.0825.0002 - Microsoft Corporation)
Microsoft Project - cs-cz (HKLM\...\ProjectPro2019Retail - cs-cz) (Version: 16.0.18025.20104 - Microsoft Corporation)
Microsoft Project - en-us (HKLM\...\ProjectPro2019Retail - en-us) (Version: 16.0.18025.20104 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\Teams) (Version: 1.6.00.11166 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visio - cs-cz (HKLM\...\VisioPro2019Retail - cs-cz) (Version: 16.0.18025.20104 - Microsoft Corporation)
Microsoft Visio - en-us (HKLM\...\VisioPro2019Retail - en-us) (Version: 16.0.18025.20104 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31326 (HKLM-x32\...\{2d507699-404c-4c8b-a54a-38e352f32cdd}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31326 (HKLM\...\{38624EB5-356D-4B08-8357-C33D89A5C0C5}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31326 (HKLM\...\{C96241EA-9900-4FE8-85B3-1E238D509DF6}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.33 (x64) (HKLM\...\{A59F43A6-AADB-42EB-883B-2FE4E3AA3A69}) (Version: 48.132.18374 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.33 (x64) (HKLM-x32\...\{ecb94bc3-963d-412a-b141-8b7c32ef103f}) (Version: 6.0.33.33916 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox (x86 en-US) (HKLM-x32\...\Mozilla Firefox 130.0.1 (x86 en-US)) (Version: 130.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 88.0 - Mozilla)
MSVCRT (HKLM-x32\...\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}) (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (HKLM-x32\...\{D0B44725-3666-492D-BEF6-587A14BD9BD9}) (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (HKLM-x32\...\{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}) (Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (HKLM\...\{E9FA781F-3E80-4399-825A-AD3E11C28C77}) (Version: 16.4.1109.0912 - Microsoft) Hidden
MuseScore 3 (HKLM\...\{FF67E071-104C-4C42-9301-184442745671}) (Version: 3.6.2.548021803 - Werner Schweer and Others)
MuseScore 4 (HKLM\...\{0146EF2D-5111-4414-8818-4D293AF5E154}) (Version: 4.0.0.223472200 - MuseScore BVBA and Others)
MuseScore 4 (HKLM\...\{85631FCF-88DD-42FD-8E2D-0A5F82CF631E}) (Version: 4.0.2.230651553 - MuseScore BVBA and Others)
MyHeritage Family Tree Builder (HKLM-x32\...\Family Tree Builder) (Version: 8.0.0.8625 - MyHeritage.com)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.18025.20104 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.18025.20104 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenLP (HKLM\...\{41C0F1DB-0AAC-42A9-8221-F2BF5524EC5C}) (Version: 3.1.3.5000 - OpenLP Developers)
Photo Common (HKLM-x32\...\{15BFD731-A10E-43E9-9D18-0F682BC0480F}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Gallery (HKLM-x32\...\{07AAB66E-4718-422D-9218-4AFB3C922A71}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Pinnacle Studio 21 (HKLM\...\{41C196DB-9ED2-449E-A056-20E67255BFC8}) (Version: 21.1.0.132 - Corel Corporation)
PowerISO (HKLM-x32\...\PowerISO) (Version: 8.3 - Power Software Ltd)
Proclaim (HKLM-x32\...\{1FC10733-55C3-4306-BCE2-FAEAB6234DB9}) (Version: 3.0.32 - Faithlife Corporation)
Python 3.12.0 (64-bit) (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\{cf9c4d97-48a7-4a27-b9fc-91b88a803c40}) (Version: 3.12.150.0 - Python Software Foundation)
Python 3.12.0 Core Interpreter (64-bit) (HKLM\...\{6B58F6F9-656A-4CC4-8BAB-22177BFFA45F}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 Development Libraries (64-bit) (HKLM\...\{225BAA2C-BDCA-4D63-9D72-D92CE5E2421D}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 Documentation (64-bit) (HKLM\...\{5DF0B8D8-4E7F-43EB-AD16-30FFA931A905}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 Executables (64-bit) (HKLM\...\{575EC8EB-A481-4CF1-BAB0-3C1DBD2E50A7}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 pip Bootstrap (64-bit) (HKLM\...\{24B8988D-E785-4124-BF77-1DC6A3E62050}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 Standard Library (64-bit) (HKLM\...\{14BBD330-AA3F-4F7A-8A39-DFB28AECFA82}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 Tcl/Tk Support (64-bit) (HKLM\...\{6EAF677E-4EE8-4A22-9781-9131C5298D26}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 Test Suite (64-bit) (HKLM\...\{0A9B38A7-D393-44A5-A94E-9FEC927DC39C}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{3182A195-B671-44A8-B0C7-7876B916BA5A}) (Version: 3.12.150.0 - Python Software Foundation)
SMART Czech Handwriting Resources (HKLM-x32\...\{65A75580-36A0-4490-8181-0967DD6C1464}) (Version: 15.1.10.0 - SMART Technologies ULC)
SMART Gallery Essentials (HKLM-x32\...\{B1BCD573-39C5-48CD-A2A7-F6525BB7072B}) (Version: 2.0.2.0 - SMART Technologies ULC)
SMART Ink (HKLM-x32\...\{431EB801-5D66-409A-B208-AEF76AD7F677}) (Version: 5.6.132.0 - SMART Technologies ULC)
SMART Lesson Activity Toolkit (HKLM-x32\...\{8AD57A09-153E-4F6D-A269-0AD8AC54B82A}) (Version: 2.0.7.0 - SMART Technologies ULC)
SMART Notebook (HKLM-x32\...\{F0215213-10A6-43DB-9BE4-3FD3DB5D8E53}) (Version: 19.1.2790.0 - SMART Technologies ULC)
SMART Ovladače produktů (HKLM-x32\...\{8F02AE90-9219-42E6-AD41-0C0055227B9B}) (Version: 12.15.139.0 - SMART Technologies ULC)
TechSmith Screen Capture Codec (HKLM-x32\...\{84FE50F5-B0F3-4D18-8BE8-A4DEEE0C37AD}) (Version: 4.1.1.0 - TechSmith Corporation) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation)
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Windows Live Communications Platform (HKLM-x32\...\{41C61308-6CFD-4D54-AB6A-7136ED08A18E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{9A470EA9-FF86-4C0E-992C-572BF2B9D6FF}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Installer (HKLM-x32\...\{659CB81C-B54E-4DF1-B618-F35777393A54}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (HKLM-x32\...\{3EE8FA69-F2A5-4BDB-9E23-3ABB2421B4FA}) (Version: 16.4.3528.0331 - společnost Microsoft Corporation) Hidden
Windows Live Mail (HKLM-x32\...\{B775C26B-EAA8-4A11-ACBF-76E52DF6B805}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Messenger (HKLM-x32\...\{88B9357F-0845-465F-96B9-50976FB9C6C2}) (Version: 16.4.3528.0331 - společnost Microsoft Corporation) Hidden
Windows Live Messenger (HKLM-x32\...\{E703613B-BDAB-433E-A66A-DE0263E3D35D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (HKLM\...\{25058321-C33E-496B-8915-6FD64D362CAF}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (HKLM-x32\...\{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (HKLM-x32\...\{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (HKLM-x32\...\{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (HKLM-x32\...\{D1893000-EA77-493C-8DDD-E262436E959B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (HKLM-x32\...\{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{E100E2B5-F2EF-4955-AB7A-C3F2125A3BCD}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (HKLM-x32\...\{04BE4035-3C8E-4B48-BFB8-1655849C0C8B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (HKLM-x32\...\{124A05DC-3C47-4EEF-85CE-56D6C1CAE62B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (HKLM-x32\...\{714E162E-CD4F-4F1B-8302-7F5179409C25}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (HKLM-x32\...\{E5807449-CA84-42F6-9CE3-A0E2BDA9E24B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\ZoomUMX) (Version: 5.6.5 (823) - Zoom Video Communications, Inc.)
Chrome apps:
============
Disk Google (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\5c5a5fb95c6ba6b72e5a904305afe613) (Version: 1.0 - Google\Chrome)
Disk Google (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\6098d7e003d8165867a035a442cd676d) (Version: 1.0 - Google\Chrome)
Dokumenty (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\23bc082de407676f4e713d80388ae829) (Version: 1.0 - Google\Chrome)
Dokumenty (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\c8af2eaa6dc805a0f1c1253e60402936) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\1ad560b38a1f57c91f39d61272f4757f) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\2823b62810c5c2b4a5fbb28a9b99c7fa) (Version: 1.0 - Google\Chrome)
Prezentace (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\cea10a33c13793d394fb086f93bc0620) (Version: 1.0 - Google\Chrome)
Prezentace (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\d9dd83a3e783c7497c347e226d52d02c) (Version: 1.0 - Google\Chrome)
Tabulky (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\1d103e078685bdc3023a7d799683ff34) (Version: 1.0 - Google\Chrome)
Tabulky (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\eb453c38b338f5fa89ad4445f7a6f9fc) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\a8c59f248bb7f46d4c07e655e19f08f0) (Version: 1.0 - Google\Chrome)
Packages:
=========
Acer Product Registration -> C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4 [2023-06-01] (Acer Incorporated)
Adobe Acrobat Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC [2024-06-15] ()
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc [2023-07-01] (Adobe Systems Incorporated)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_9.4.2.0_x64__kgqvnymyfvs32 [2024-09-24] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_4.4.1.0_x64__kgqvnymyfvs32 [2024-09-16] (king.com)
Care Center S -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCareCenterS_4.0.3019.0_x64__48frkmn4z8aw4 [2021-03-12] (Acer Incorporated)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-04-22] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation)
Dropbox -> C:\Program Files (x86)\Dropbox\Client\PackageAssets [2024-09-19] (Dropbox Inc.)
Evernote -> C:\Program Files\WindowsApps\Evernote.Evernote_10.107.3.0_x64__q4d96b2w5wcc2 [2024-09-27] (Evernote) [Startup Task]
Fotografie -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2024.11070.31001.0_x64__8wekyb3d8bbwe [2024-08-07] (Microsoft Corporation) [Startup Task]
GoTrust ID -> C:\Program Files\WindowsApps\GOTrustTechnologyInc.GO-TrustAuthenticator_3.1.21.0_x64__0r04f53sqacg6 [2024-09-17] (GoTrustID Inc.)
InspIS SETmobile -> C:\Program Files\WindowsApps\57320732D6B4D.InspISSETmobile_1.10.20098.0_x86__beccaw7yyhy3g [2020-06-06] (Itelligence-cz, a.s.)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2021-03-13] (INTEL CORP)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1041.0_x64__8j3eq9eme6ctt [2024-09-14] (INTEL CORP)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_3.0.37.0_x64__w1wdnht996qgy [2024-09-24] (LinkedIn) [Startup Task]
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_2150.23.211.0_x64__8xx8rvfyw5nnt [2024-09-11] (Meta) [Startup Task]
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x86__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation) [MS Ad]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-09-14] (Microsoft Corp.)
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_54.20907.567.0_x64__8wekyb3d8bbwe [2024-09-14] (Microsoft Corporation)
Microsoft.BingSearch -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.95.0_x64__8wekyb3d8bbwe [2024-07-23] (Microsoft Corporation)
Microsoft.StartExperiencesApp -> C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.168.0_x64__8wekyb3d8bbwe [2024-09-28] (Microsoft Corporation) [Startup Task]
MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24082.53.0_x64__cw5n1h2txyewy [2024-09-28] (Microsoft Windows) [Startup Task]
Movie & Audio Studio -> C:\Program Files\WindowsApps\MAGIXSoftwareGmbH.MovieAudioStudio_1.1.4.0_x64__awcgk3qbzve1y [2024-09-17] (MAGIX Software GmbH)
Muse Hub -> C:\Program Files\WindowsApps\Muse.MuseHub_1.0.1.693_x64__rb9pth70m6nz6 [2024-02-14] (Muse) [Startup Task]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_7.0.8.0_neutral__mcm4njqhnhss8 [2024-07-23] (Netflix, Inc.)
PhotoDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PhotoDirectorforacerDesktop_8.0.5229.0_x64__ypz87dpxkv292 [2019-10-26] (CYBERLINK COM CORP)
PowerDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PowerDirectorforacerDesktop_14.0.4304.0_x64__ypz87dpxkv292 [2019-10-26] (CYBERLINK COM CORP)
QuickAccess -> C:\Program Files\WindowsApps\AcerIncorporated.QuickAccess_3.0.3017.0_x64__48frkmn4z8aw4 [2020-09-30] (Acer Incorporated)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.9.205.0_x64__dt26b99r8h8gj [2020-04-03] (Realtek Semiconductor Corp)
Simple Mahjong -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleMahjong_6.5.16.0_x64__kx24dqmazqk8j [2024-08-20] (Random Salad Games LLC)
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.5.18.0_x64__kx24dqmazqk8j [2024-08-16] (Random Salad Games LLC)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.364.0_x64__zpdnekdrzrea0 [2024-09-27] (Spotify AB) [Startup Task]
User Experience Improvement Program -> C:\Program Files\WindowsApps\AcerIncorporated.UserExperienceImprovementProgram_4.0.3106.0_x64__48frkmn4z8aw4 [2019-10-26] (Acer Incorporated)
Widgets Platform Runtime -> C:\Program Files\WindowsApps\Microsoft.WidgetsPlatformRuntime_1.4.0.0_x64__8wekyb3d8bbwe [2024-09-19] (Microsoft Corporation)
WinAppRuntime.Main.1.2 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.2_2000.802.31.0_x64__8wekyb3d8bbwe [2023-03-17] (Microsoft Corp.)
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.214.1843.0_x64__8wekyb3d8bbwe [2024-08-14] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_6000.242.101.0_x64__8wekyb3d8bbwe [2024-09-06] (Microsoft Corp.)
Windows App Runtime DDLM 2000.684.1510.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.2000.684.1510.0-x6_2000.684.1510.0_x64__8wekyb3d8bbwe [2022-12-18] (Microsoft Corporation)
Windows App Runtime DDLM 2000.684.1510.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.2000.684.1510.0-x8_2000.684.1510.0_x86__8wekyb3d8bbwe [2022-12-18] (Microsoft Corporation)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\LKG\MicrosoftWindows.LKG.AccountsService_cw5n1h2txyewy [2024-09-11] (Microsoft Windows)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\LKG\MicrosoftWindows.LKG.DesktopSpotlight_cw5n1h2txyewy [2024-09-11] (Microsoft Windows)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\LKG\MicrosoftWindows.LKG.IrisService_cw5n1h2txyewy [2024-09-11] (Microsoft Windows)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3501418858-3935017464-633493477-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-52B34AEEE9B2} -> [Creative Cloud Files] => C:\Users\vondr\Creative Cloud Files [2021-11-28 19:19]
CustomCLSID: HKU\S-1-5-21-3501418858-3935017464-633493477-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\vondr\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.23089.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3501418858-3935017464-633493477-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-3501418858-3935017464-633493477-1001_Classes\CLSID\{BEA218D2-6950-497B-9434-61683EC065FE}\InprocServer32 -> C:\Users\vondr\AppData\Local\Programs\Python\Launcher\pyshellext.amd64.dll (Python Software Foundation -> Python Software Foundation)
CustomCLSID: HKU\S-1-5-21-3501418858-3935017464-633493477-1001_Classes\CLSID\{C40DF59F-2365-4851-99BD-249EFB7ED151} -> [Mega] => C:\Users\vondr\Documents\Mega [2022-02-06 21:58]
CustomCLSID: HKU\S-1-5-21-3501418858-3935017464-633493477-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\vondr\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3501418858-3935017464-633493477-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\vondr\Dropbox [2020-06-14 21:52]
CustomCLSID: HKU\S-1-5-21-3501418858-3935017464-633493477-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\vondr\AppData\Local\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\vondr\AppData\Local\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\vondr\AppData\Local\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-11-28] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-11-28] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-11-28] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\vondr\AppData\Local\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\vondr\AppData\Local\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\vondr\AppData\Local\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers-x32: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers-x32: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers-x32: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.171.0825.0002\FileSyncShell64.dll [2024-09-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-11-28] (Adobe Inc. -> )
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\vondr\AppData\Local\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2022-09-01] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2022-11-05] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\vondr\AppData\Local\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2022-11-05] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-10-01] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\vondr\AppData\Local\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.171.0825.0002\FileSyncShell64.dll [2024-09-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\vondr\AppData\Local\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2022-09-01] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.171.0825.0002\FileSyncShell64.dll [2024-09-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-11-28] (Adobe Inc. -> )
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-10-01] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2022-09-01] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.mjpg] => C:\WINDOWS\system32\bdmjpeg64.dll [75248 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\WINDOWS\system32\bdmpegv64.dll [75272 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\WINDOWS\system32\bdmpega64.acm [75784 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.dvsd] => C:\Windows\SysWOW64\pdvcodec.dll [265797 2010-03-12] (Matsushita Electric Industrial Co., Ltd.) [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [71176 2017-01-26] (Bandicam Company -> )
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\vondr\Desktop\Programy\Media Creator Student.lnk -> C:\Program Files (x86)\Media Creator Student\mc.bat ()
Shortcut: C:\Users\vondr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenLP\Get support for OpenLP.lnk -> hxxp://forums.openlp.org
Shortcut: C:\Users\vondr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenLP\OpenLP on the Web.lnk -> hxxp://openlp.org
Shortcut: C:\Users\vondr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Media Creator Student\Media Creator Student.lnk -> C:\Program Files (x86)\Media Creator Student\mc.bat ()
ShortcutWithArgument: C:\Users\vondr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Disk Google.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 6" --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\vondr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Dokumenty.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 6" --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
ShortcutWithArgument: C:\Users\vondr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Gmail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 6" --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\vondr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Prezentace.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 6" --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\vondr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Tabulky.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 6" --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\vondr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Ondřej (skolababice.cz) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\vondr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\371b6590bc8d800\Jakub - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 6"
ShortcutWithArgument: C:\Users\vondr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\225bb61db2f318c1\Ondřej (skolababice.cz) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 3"
==================== Loaded Modules (Whitelisted) =============
2023-03-21 23:07 - 2023-03-21 23:07 - 000649360 _____ (SMART Technologies ULC -> Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\Fusion\amd64_smarttech.ms.vc120.crt_e7e76aadd9f46776_none_c214de27ee82b5e1\1.0\1.0.19.0\MSVCP120.dll
2023-03-21 23:07 - 2023-03-21 23:07 - 000952464 _____ (SMART Technologies ULC -> Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\Fusion\amd64_smarttech.ms.vc120.crt_e7e76aadd9f46776_none_c214de27ee82b5e1\1.0\1.0.19.0\MSVCR120.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\sharepoint.com -> hxxps://sgocz-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 06:49 - 2019-03-19 06:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
DNS Servers: 93.93.32.32 - 93.93.33.33
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: Realtek PCIe GbE Family Controller -> rt68cx21x64.sys
Wi-Fi: Intel(R) Wi-Fi 6 AX201 160MHz -> Netwtw10.sys
Síťové připojení Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "SMARTNotification"
HKLM\...\StartupApproved\Run32: => "SMART Board Service"
HKLM\...\StartupApproved\Run32: => "SMART Tray Tools"
HKLM\...\StartupApproved\Run32: => "sbsdk-server"
HKLM\...\StartupApproved\Run32: => "SMART Ink"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "Family Tree Builder Update"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "st_global"
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\StartupApproved\Run: => "AVGBrowserAutoLaunch_7EE2BFE1B3B8A803197E356BCB586469"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{DD609FDA-4AD2-4EDA-B048-B78D53D0E0A0}] => (Allow) C:\Program Files\WindowsApps\Muse.MuseHub_1.0.1.693_x64__rb9pth70m6nz6\Muse.Service.exe (Musecy SM Ltd. -> Muse.Service)
FirewallRules: [{8E2E35A3-DEE7-482A-9C3F-1C686010D75B}] => (Allow) C:\Program Files\WindowsApps\Muse.MuseHub_1.0.1.693_x64__rb9pth70m6nz6\Muse.Service.exe (Musecy SM Ltd. -> Muse.Service)
FirewallRules: [{FE8B1B4E-1C73-48C8-9B32-7207AF906D4F}] => (Allow) C:\Program Files\WindowsApps\Muse.MuseHub_1.0.1.693_x64__rb9pth70m6nz6\Muse.Service.exe (Musecy SM Ltd. -> Muse.Service)
FirewallRules: [{E59C594C-FF9F-4103-BC31-4C3D4CA489CE}] => (Allow) C:\Program Files\WindowsApps\Muse.MuseHub_1.0.1.693_x64__rb9pth70m6nz6\Muse.Service.exe (Musecy SM Ltd. -> Muse.Service)
FirewallRules: [UDP Query User{57F64F83-A3BE-4347-82EC-B2193104A9CD}C:\program files\musescore 4\bin\musescore4.exe] => (Allow) C:\program files\musescore 4\bin\musescore4.exe () [File not signed]
FirewallRules: [TCP Query User{B5CDADF5-B9F5-4390-8D24-56B7CA7BEEFF}C:\program files\musescore 4\bin\musescore4.exe] => (Allow) C:\program files\musescore 4\bin\musescore4.exe () [File not signed]
FirewallRules: [{D2357B00-5E34-4342-BA6D-91947EC95CE9}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Software Technology Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{60EAA0D9-7B94-456E-BDC9-01F854FDDEDB}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{75E61BA2-C895-410F-8F12-47D1C8859697}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [UDP Query User{25EB2228-B016-4E08-B3DE-538AF74E06E7}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{762CFD4D-1CE1-43AC-9FDA-95D86C24C4D4}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{24C329C7-F839-49FC-99AD-15CB037238B8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B8B6AC2A-CA06-4F0F-A0CF-987B0D5A26FD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{AE7A16D5-790D-4A69-B7F4-2D2443FC42BF}] => (Allow) C:\Users\vondr\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{AFA40E3C-3A4B-4D65-8CA6-2F2B538ADC7C}] => (Allow) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\UCGui.exe (SMART Technologies ULC -> SMART Technologies)
FirewallRules: [{C2693F67-7F90-47E8-BAC5-D21DDCD29430}] => (Allow) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\UCGui.exe (SMART Technologies ULC -> SMART Technologies)
FirewallRules: [{625B6298-3E39-4BEC-A378-34A10B5D7E6B}] => (Allow) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\UCService.exe (SMART Technologies ULC -> SMART Technologies)
FirewallRules: [{C9FC2339-E561-4842-9402-4D5258E73E35}] => (Allow) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\UCService.exe (SMART Technologies ULC -> SMART Technologies)
FirewallRules: [{51C9519E-14B3-4F3D-A4B1-0A71D350B899}] => (Allow) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTSNMPAgent.exe (SMART Technologies ULC -> SMART Technologies)
FirewallRules: [{D72A7625-1716-4338-B3B5-95DD8614EB91}] => (Allow) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTSNMPAgent.exe (SMART Technologies ULC -> SMART Technologies)
FirewallRules: [{09D6004D-C58D-490B-92DA-528EFADFE65E}] => (Allow) C:\Program Files (x86)\SMART Technologies\Education Software\Notebook.exe (SMART Technologies ULC -> SMART Technologies ULC)
FirewallRules: [{542580BC-9B62-4D86-96A9-F3D4A9037CCA}] => (Allow) C:\Program Files (x86)\SMART Technologies\Education Software\Notebook.exe (SMART Technologies ULC -> SMART Technologies ULC)
FirewallRules: [{43EBF8B2-78A5-478F-8737-CD4E37CA9E7A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EE2BAC3B-FB30-41F8-8090-77100E129D37}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D6771A49-9327-41B2-A4D0-64947F8B8919}] => (Allow) C:\Users\vondr\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{0F000823-23F3-43F9-A139-CE3F64959B36}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\RM.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{26B391DD-70F9-469C-814E-56B10A122B9E}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\RM.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{AF476B1F-839F-46A0-A1C2-091B1864670F}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\NGStudio.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{8F9789AB-7DAC-43F0-B841-04CAF38381E2}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\NGStudio.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{3C588922-5C1D-4EE4-B940-C8C369183531}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\UMI.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{20C929A6-B975-46FB-A382-9158625F9A33}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\UMI.exe (Corel Corporation -> Pinnacle)
FirewallRules: [TCP Query User{91B19305-4BCC-4AD6-AB10-CB5D60170EEF}C:\users\vondr\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\vondr\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{7C1324A5-6FAA-43D2-AF0D-DD6C0B0A5196}C:\users\vondr\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\vondr\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1B928F4C-4ACC-4C04-92B0-186D1440FED9}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Software Technology Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{831393B5-BA13-44CE-9606-EFB19A4E36BF}] => (Allow) C:\Program Files\davinci\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{E25C9EDF-66FE-4BA1-865F-82F1837CABBF}] => (Allow) C:\Program Files\davinci\bmdpaneld.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{30D2C5AB-8965-42D6-A687-AE4AC40BA1C0}] => (Allow) C:\Program Files\davinci\DaVinciPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{C234F19C-AF58-4FE5-A281-81D84501DDE7}] => (Allow) C:\Program Files\davinci\JLCooperPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{C7226308-2E81-419B-9F35-935FDC831C1C}] => (Allow) C:\Program Files\davinci\EuphonixPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{B44025CC-6B06-43E3-BAB1-6746DE8F8B6D}] => (Allow) C:\Program Files\davinci\TangentPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{2D6BA5AB-6B51-421E-840C-B339012E5546}] => (Allow) C:\Program Files\davinci\DPDecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{97D81E44-7E64-4A4C-8A8D-BE4D0A091E53}C:\program files\davinci\fuscript.exe] => (Allow) C:\program files\davinci\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{232C1E3C-E03D-4DC7-9955-504E53AC69C4}C:\program files\davinci\fuscript.exe] => (Allow) C:\program files\davinci\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{7FE3282D-AE5E-46E4-8DCA-B4D26445E210}] => (Allow) C:\Program Files\WindowsApps\Muse.MuseHub_1.0.1.693_x64__rb9pth70m6nz6\Muse.Service.exe (Musecy SM Ltd. -> Muse.Service)
FirewallRules: [{B9C13A73-E524-4493-A376-334CCF063BE0}] => (Allow) C:\Program Files\WindowsApps\Muse.MuseHub_1.0.1.693_x64__rb9pth70m6nz6\Muse.Service.exe (Musecy SM Ltd. -> Muse.Service)
FirewallRules: [{D94B0DC5-760A-4E6C-81AC-41A472AF9D77}] => (Allow) C:\Program Files\WindowsApps\Muse.MuseHub_1.0.1.693_x64__rb9pth70m6nz6\Muse.Service.exe (Musecy SM Ltd. -> Muse.Service)
FirewallRules: [{C2046D68-0C1E-482A-89A9-CAAB3A2C7E77}] => (Allow) C:\Program Files\WindowsApps\Muse.MuseHub_1.0.1.693_x64__rb9pth70m6nz6\Muse.Service.exe (Musecy SM Ltd. -> Muse.Service)
FirewallRules: [{6F4019B5-81DA-4E55-B1F8-F6FE449BE65B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{76164BA3-842A-4BF2-BCDB-FF0CE4027D4E}] => (Allow) C:\Program Files\OpenLP\OpenLP.exe () [File not signed]
FirewallRules: [{7B03F0A6-17E8-436C-A27E-5A6919928DF5}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{AB497E21-49A1-46B5-BAFE-8688DB5544E5}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{A1269F85-3D9F-4690-9301-9E4E98C90820}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.128.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{52DFCDAD-36FC-4D92-9CE5-2010D7B17A40}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.128.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7AFD638E-BB04-478F-A915-34693D01571A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.128.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5B6469D8-2B16-4A9E-88C6-1C8AD0C282D9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.128.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EB172260-C64A-43DF-8547-1DE1FE07F5BC}] => (Allow) C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe (AVG Technologies USA, LLC -> Gen Digital Inc.)
FirewallRules: [{07ED0DF7-5E8A-4C62-AF8F-788A82272104}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24244.507.3118.4732_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{52FA9101-CBBB-4CF7-8E75-99087CF790C8}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24244.507.3118.4732_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{884112A4-BE76-4C05-8B69-6BE1AF8A02A6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.364.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EF0433D3-503B-427D-9275-A8793A247ACA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.364.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{FFF96F75-AC15-4703-ABF4-B1EFBFE3BCBD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.364.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1EA03730-6A7B-4028-9280-DA8A34127298}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.364.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{64CA2984-2B8D-42EC-86B7-49076C050A7B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.364.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{524E2B81-A9E3-45D0-945F-8228E8267D41}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.364.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{85C70B80-118B-4CA8-AC4D-6D8F90DB9704}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.364.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2A0C23F8-2C96-4FB1-B912-7D19FC8C38F9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.364.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4A9B0C6D-3307-45E4-A530-17E0C2681CE9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.364.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{202F5627-FFF7-46F7-BF62-76AE7989337A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.364.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5908A380-B51D-4BCA-8016-0840EE5632F2}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.65\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A28AEA7E-C6DA-446F-8841-2C82044034F5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{ABF4C054-224D-4B93-8738-DE6A57E8928B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{ABA47FA3-366D-4058-B71A-02093FD88B58}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{94A6B6B4-5987-493B-977A-4FA421B37FE4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{89CE1063-15B7-4A85-A302-280B0147DC77}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{30C5114B-E16F-4268-A4AB-5C7CD6E02B5C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6ADCFEE9-8F74-49FD-AF1D-1464BED61D73}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2E9B445E-38C7-4D95-95D7-BF6ADFA9F947}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2CB7E2C7-3882-4DA9-A038-2A8E163CB1C1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A57BB5CC-9DA0-4297-9EA4-47E5E9491DB3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8AFD7127-71A0-475E-A9CA-5A439A5EA7AC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5659ACB8-A156-4D0D-9D42-0BD63D9D74B7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.129.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0422F857-856E-4978-8D53-CD8E44590558}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.129.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2AF64923-3AE3-4B6C-B97B-B3B811F0C22B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.129.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EFB856F4-86E3-4498-9A01-FCBDBFB59CE2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.129.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
20-09-2024 13:44:51 Windows Update
24-09-2024 10:43:27 Windows Update
27-09-2024 15:36:37 Windows Update
01-10-2024 09:51:13 Windows Update
01-10-2024 09:51:24 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (10/02/2024 06:35:41 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Objekt nebo vlastnost nebyly nalezeny.
Error: (10/02/2024 06:35:41 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Objekt nebo vlastnost nebyly nalezeny.
Error: (10/02/2024 06:35:41 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Objekt nebo vlastnost nebyly nalezeny.
Error: (10/02/2024 06:35:40 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Objekt nebo vlastnost nebyly nalezeny.
Error: (10/02/2024 06:35:36 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Objekt nebo vlastnost nebyly nalezeny.
Error: (10/02/2024 06:34:14 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: MBAMService.exe, verze: 3.2.0.1314, časové razítko: 0x6697fdef
Název chybujícího modulu: ntdll.dll, verze: 10.0.22621.4111, časové razítko: 0x518e67bb
Kód výjimky: 0xc0000374
Posun chyby: 0x000000000010caa9
ID chybujícího procesu: 0x0x1364
Čas spuštění chybující aplikace: 0x0x1db14e6c4df3fcd
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: db2eb1e2-2ca5-4e1d-b9b1-d211a13d0a00
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/02/2024 06:34:05 PM) (Source: Application Error) (EventID: 1000) (User: ACER)
Description: Název chybující aplikace: backgroundTaskHost.exe, verze: 10.0.22621.1, časové razítko: 0x004687c2
Název chybujícího modulu: twinapi.appcore.dll, verze: 10.0.22621.4111, časové razítko: 0x8ac9d737
Kód výjimky: 0xc000027b
Posun chyby: 0x00000000000ca273
ID chybujícího procesu: 0x0x27c4
Čas spuštění chybující aplikace: 0x0x1db14e8e4b4ad1d
Cesta k chybující aplikaci: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\twinapi.appcore.dll
ID zprávy: 128f3ab8-8629-4887-8c28-9c6509b05fbb
Úplný název chybujícího balíčku: AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4
ID aplikace související s chybujícím balíčkem: Acer.AcerRegistration
Error: (10/01/2024 09:04:30 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Objekt nebo vlastnost nebyly nalezeny.
System errors:
=============
Error: (10/02/2024 06:34:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Malwarebytes Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.
Error: (10/02/2024 06:20:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (10/02/2024 06:20:55 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).
Error: (10/02/2024 06:18:51 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (21:33:06, 01.10.2024) bylo neočekávané.
Error: (10/02/2024 06:18:37 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684A fatal error occurred processing the restoration data.
Error: (10/01/2024 09:05:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (10/01/2024 09:05:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).
Error: (10/01/2024 09:45:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Windows Defender:
================
Date: 2024-09-28 21:48:49
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: containerfile:_C:\Users\vondr\Desktop\Office_2019_C2R_x86_x64_CS_EN_SK_16.0.11126.20188.ISO; file:_C:\Users\vondr\Desktop\Office_2019_C2R_x86_x64_CS_EN_SK_16.0.11126.20188.ISO->\OInstall.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Uživatel
Uživatel: ACER\vondr
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.419.254.0, AS: 1.419.254.0, NIS: 1.419.254.0
Verze modulu: AM: 1.1.24080.9, NIS: 1.1.24080.9
Date: 2024-09-28 07:56:10
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {B053DE74-6B0F-4A7D-BED9-A1A439F7B1B6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-09-27 15:40:18
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {0C94F69C-5CD8-4361-8626-DDC7540BB27E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-09-26 11:30:17
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: containerfile:_C:\Users\vondr\Desktop\Office_2019_C2R_x86_x64_CS_EN_SK_16.0.11126.20188.ISO; file:_C:\Users\vondr\Desktop\Office_2019_C2R_x86_x64_CS_EN_SK_16.0.11126.20188.ISO->\OInstall.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.419.203.0, AS: 1.419.203.0, NIS: 1.419.203.0
Verze modulu: AM: 1.1.24080.9, NIS: 1.1.24080.9
Date: 2024-09-26 10:40:53
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {70C5005E-7514-4B33-8B27-DD324B88DE26}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]
Date: 2024-10-01 21:02:40
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Zálohování
Kód chyby: 0x80004004
Popis chyby: Operace přerušena
Verze bezpečnostních informací: 1.419.281.0;1.419.281.0
Verze modulu: 1.1.24080.9
Date: 2024-10-01 21:02:39
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80501102
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Verze bezpečnostních informací: 1.419.292.0;1.419.292.0
Verze modulu: 1.1.24080.9
Date: 2024-04-06 20:54:55
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.311.1607.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16800.2
Kód chyby: 0x80072f8f
Popis chyby: Došlo k chybě zabezpečení.
Date: 2024-04-06 20:54:55
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.311.1607.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16800.2
Kód chyby: 0x80072f8f
Popis chyby: Došlo k chybě zabezpečení.
Date: 2024-04-06 20:54:55
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.311.1607.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16800.2
Kód chyby: 0x80072f8f
Popis chyby: Došlo k chybě zabezpečení.
CodeIntegrity:
===============
Date: 2024-10-02 18:36:00
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.
Date: 2024-10-02 18:35:34
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Dropbox\Client\Dropbox.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Dropbox\Client\208.4.5824\vulkan-1.dll that did not meet the Microsoft signing level requirements.
Date: 2024-10-02 18:34:48
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.
Date: 2024-10-02 18:34:21
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\fcon.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: Insyde Corp. V1.24 07/07/2021
Motherboard: CML Doc_WC
Processor: Intel(R) Core(TM) i5-10210U CPU @ 1.60GHz
Percentage of memory in use: 71%
Total physical RAM: 8013.99 MB
Available physical RAM: 2302.13 MB
Total Virtual: 23885.99 MB
Available Virtual: 18304.04 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:952.75 GB) (Free:557.25 GB) (Model: INTEL SSDPEKNW010T8) NTFS
Drive g: (Google Drive) (Fixed) (Total:952.75 GB) (Free:529.38 GB) (Model: INTEL SSDPEKNW010T8) FAT32
\\?\Volume{1d5ebf39-7363-46c2-85c5-6d21b232b7ac}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.15 GB) NTFS
\\?\Volume{c3e08722-726c-4ee4-9a79-cd22e2eab3a5}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 953.9 GB) (Disk ID: 32C3B5EB)
Partition: GPT.
==================== End of Addition.txt =======================
Re: Prosím o kontrolu logu, děkuji
Pouzi fixlist s obsahom:
Start
CloseProcesses:
2024-09-28 21:32 - 2024-10-01 20:57 - 000000000 __SHD C:\explorerwin
EmptyTemp:
End
Start
CloseProcesses:
2024-09-28 21:32 - 2024-10-01 20:57 - 000000000 __SHD C:\explorerwin
EmptyTemp:
End
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kontrolu logu, děkuji
Provedl jsem.
Posílám nové logy:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-09-2024
Ran by vondr (administrator) on ACER (Acer Aspire A515-54) (02-10-2024 20:40:30)
Running from C:\Users\vondr\Downloads\FRST64.exe
Loaded Profiles: vondr
Platform: Microsoft Windows 11 Home Version 23H2 22631.4169 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe
(C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\1.3.911.1\DropboxCrashHandler.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Creative Cloud UI Helper.exe <5>
(C:\Program Files\Google\Drive File Stream\97.0.1.0\GoogleDriveFS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\97.0.1.0\crashpad_handler.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Windows\SysWOW64\runonce.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(C:\Windows\SysWOW64\runonce.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <5>
(C:\Windows\SysWOW64\runonce.exe ->) (Power Software Limited -> Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(DriverStore\FileRepository\cui_dch.inf_amd64_92cf9d9d84f1d3db\igfxCUIService.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_92cf9d9d84f1d3db\igfxEM.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_92cf9d9d84f1d3db\igfxEM.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_92cf9d9d84f1d3db\GfxDownloadWrapper.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\97.0.1.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Mega Limited -> Mega Limited) C:\Users\vondr\AppData\Local\MEGAsync\MEGAsync.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\runonce.exe
(Gen Digital Inc. -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ELANFPService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_3cbddcc68b1c0da2\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_a55aa2cd52a3429d\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_581d7e91d349facc\AS\IAS\IntelAudioService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_31a8dbbf39dcdc3b\jhi_service.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_92cf9d9d84f1d3db\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_0f76d7f335b833dc\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_0f76d7f335b833dc\IntelCpHeciSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\24.180.0905.0001\FileSyncHelper.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpDefenderCoreService.exe
(services.exe ->) (Musecy SM Ltd. -> Muse.Service) C:\Program Files\WindowsApps\Muse.MuseHub_1.0.1.693_x64__rb9pth70m6nz6\Muse.Service.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(services.exe ->) (SMART Technologies ULC -> SMART Technologies) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTHelperService.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24082.53.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\24.180.0905.0001\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WidgetsPlatformRuntime_1.4.0.0_x64__8wekyb3d8bbwe\WidgetService\WidgetService.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.22621.4166_none_e96b0c1842c424f9\TiWorker.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [953120 2019-12-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SMARTNotification] => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTNotification.exe [209856 2019-12-10] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [SMART Board Service] => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTBoardService.exe [2772416 2019-12-10] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [SMART Tray Tools] => C:\Program Files (x86)\Common Files\SMART Technologies\SystemMenu\SMARTSystemMenu.exe [654272 2019-12-01] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [sbsdk-server] => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\sbsdk-server\NodeLauncher.exe [68544 2019-11-08] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [SMART Ink] => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTInk.exe [287680 2019-12-11] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [Family Tree Builder Update] => C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [17935752 2021-03-21] (MyHeritage (USA) Inc. -> MyHeritage)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [9235344 2024-09-17] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [460944 2022-09-01] (Power Software Limited -> Power Software Ltd)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [1130416 2024-09-20] (Adobe Inc. -> Adobe Inc.)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\97.0.1.0\GoogleDriveFS.exe [61368936 2024-09-16] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\97.0.1.0\GoogleDriveFS.exe [61368936 2024-09-16] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4919352 2024-10-02] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45125936 2024-09-18] (Gen Digital Inc. -> Piriform Software Ltd)
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\Run: [Discord] => C:\Users\vondr\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\97.0.1.0\GoogleDriveFS.exe [61368936 2024-09-16] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [482128 2022-11-05] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\Run: [AVGBrowserAutoLaunch_7EE2BFE1B3B8A803197E356BCB586469] => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [3174568 2024-09-11] (AVG Technologies USA, LLC -> Gen Digital Inc.)
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\MountPoints2: {3e27dab4-5d29-11ed-a894-b4a9fc4636cb} - "D:\OInstall.exe"
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\97.0.1.0\GoogleDriveFS.exe [61368936 2024-09-16] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\SMART Local Port: C:\Windows\system32\smrtlocalmon.dll [38336 2019-12-11] (SMART Technologies ULC -> SMART Technologies ULC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{48F69C39-1356-4A7B-A899-70E3539D4982}] -> C:\Program Files (x86)\AVG\Browser\Application\128.0.26382.138\Installer\chrmstp.exe [2024-09-19] (AVG Technologies USA, LLC -> Gen Digital Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\129.0.6668.71\Installer\chrmstp.exe [2024-10-02] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\Users\vondr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2022-02-06]
ShortcutTarget: MEGAsync.lnk -> C:\Users\vondr\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {73136951-D3EA-421A-8B36-39C07D0E4620} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe -> C:\Program Files (x86)\Acer\Care Center\-auto
Task: {ED036599-25D7-4C26-80B1-92B38836DE1E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1563080 2024-07-31] (Adobe Inc. -> Adobe Inc.)
Task: {3A63133B-6693-4CB2-B7A7-FCC88C32D7BE} - System32\Tasks\AVG Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [3174568 2024-09-11] (AVG Technologies USA, LLC -> Gen Digital Inc.)
Task: {2051A499-55AF-40E9-A3B3-8D20AD3BB528} - System32\Tasks\AVG Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [3174568 2024-09-11] (AVG Technologies USA, LLC -> Gen Digital Inc.)
Task: {C5720183-AAC2-407E-A929-563A52583F12} - System32\Tasks\AVGBrowserProtectS-1-5-21-3501418858-3935017464-633493477-1001 => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowserProtect.exe [1690040 2024-04-23] (AVG Technologies USA, LLC -> Gen Digital Inc.)
Task: {8DE0C78B-7DCE-45AA-9BF5-7EE547BF8A77} - System32\Tasks\AVGUpdateTaskMachineCore => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [209224 2022-12-13] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {D024C990-8584-4BE7-A555-0A4FAE095D04} - System32\Tasks\AVGUpdateTaskMachineUA => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [209224 2022-12-13] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {1CC399E4-A613-4C86-825E-506CF2EC7796} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [829408 2024-09-18] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {AC3EEF36-3C8F-47A4-BAB2-2F566D9C5ADC} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5937456 2024-09-18] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "72f88dc7-1a5a-4773-a687-e6ea72779fdd" --version "6.28.11297" --silent
Task: {56FCD6C3-AD0E-45D3-8B1E-386BC75ECDA7} - System32\Tasks\CCleanerSkipUAC - vondr => C:\Program Files\CCleaner\CCleaner.exe [39012144 2024-09-18] (Gen Digital Inc. -> Piriform Software Ltd)
Task: {76207EF4-D7A4-476C-AAF1-D17A3C9F2BB7} - System32\Tasks\CorelUpdateHelperTaskCore => C:\Program Files (x86)\Corel\CUH\v2\CUH.EXE [1589696 2016-08-25] (Corel Corporation -> Corel Corporation)
Task: {063E0D4F-A169-42D1-B0D0-6D23A17987C4} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {F5D9ED7C-22FB-406A-AEB1-B54A25166D3B} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {C938C892-9D4E-4E5D-847A-7D2346394EB9} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{796DF830-26B5-4C96-8720-2ABD1B9CD1F7} => C:\Program Files (x86)\Google\GoogleUpdater\130.0.6679.0\updater.exe [4884584 2024-08-26] (Google LLC -> Google LLC)
Task: {259B4B62-25EA-4089-A510-0B87DE93A06F} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-3501418858-3935017464-633493477-1001 => C:\Users\vondr\AppData\Local\MEGAsync\MEGAupdater.exe [2531592 2024-06-11] (Mega Limited -> )
Task: {7C7864B9-673B-49E2-9BD4-1E674A6D0FDE} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28617448 2024-09-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {8755CF8A-EF60-4A43-B188-BC733E2853FF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28617448 2024-09-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {18A7EDBC-D773-4E0A-9232-AE6E82242304} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312472 2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {45CCF10F-8CD3-45A0-991D-EE16792DA1FC} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312472 2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {A8C8B8F1-6EA1-4D8C-BD10-3BAA55B9A83D} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [187328 2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {AA11E31D-FB1D-4214-9E59-64592C4E120F} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {D7BE0AEA-7374-48B0-A496-75906B690A0A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (No File)
Task: {B471091F-5D76-42BD-8ED1-CB76069E67C2} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval => %systemroot%\system32\MusNotification.exe Display (No File)
Task: {6E49949C-C062-484D-A1FD-D886E90C93DD} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC ReadyToReboot (No File)
Task: {2CB04670-A778-4203-A8F6-66E5CFA231A7} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery ReadyToReboot (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {13B73793-F79F-4441-B4EB-10AEC3E79241} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [31816 2024-09-18] (Mozilla Corporation -> Mozilla Foundation)
Task: {C7540E9F-992B-49BA-BD6F-B49A96C035A3} - System32\Tasks\Oem\AcerJumpstartTask => "C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe" /default (No File)
Task: {A218EB30-8D70-4BD7-AE3F-0F2662FEC7C8} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209184 2024-10-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {A81E7F78-A7EF-4EB0-A6A6-042936461029} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3501418858-3935017464-633493477-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209184 2024-10-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {A61B21F7-B383-4510-85C0-F7B4D3E6D237} - System32\Tasks\S-1-5-21-3501418858-3935017464-633493477-1001\DataSenseLiveTileTask => %SystemRoot%\System32\DataUsageLiveTileTask.exe (No File)
Task: {096D3188-360A-44AE-AD0E-A8B12CA94972} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473880 2020-07-16] (Acer Incorporated -> Acer Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 93.93.32.32 93.93.33.33 192.168.22.1
Tcpip\..\Interfaces\{4e8c78d5-12f3-471b-bd12-26482e625aea}: [DhcpNameServer] 93.93.32.32 93.93.33.33 192.168.22.1
Tcpip\..\Interfaces\{774ed856-bf70-462c-ac71-60ea5fe1934c}: [DhcpNameServer] 40.33.1.66
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\vondr\AppData\Local\Microsoft\Edge\User Data\Default [2024-09-30]
Edge Extension: (Dokumenty Google offline) - C:\Users\vondr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-07-07]
Edge Extension: (Edge relevant text changes) - C:\Users\vondr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
FireFox:
========
FF DefaultProfile: gteda8g8.default
FF ProfilePath: C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Profiles\ob9ytkzq.default-release-1 [2024-10-02]
FF Notifications: Mozilla\Firefox\Profiles\ob9ytkzq.default-release-1 -> hxxps://www.svetviry.cz; hxxps://calendar.google.com
FF Extension: (AdBlocker Ultimate) - C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Profiles\ob9ytkzq.default-release-1\Extensions\adblockultimate@adblockultimate.net.xpi [2024-07-18]
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Profiles\ob9ytkzq.default-release-1\Extensions\cs@dictionaries.addons.mozilla.org.xpi [2021-06-19]
FF Extension: (Language: Čeština (Czech)) - C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Profiles\ob9ytkzq.default-release-1\Extensions\langpack-cs@firefox.mozilla.org.xpi [2024-09-16]
FF Extension: (TWP - Translate Web Pages) - C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Profiles\ob9ytkzq.default-release-1\Extensions\{036a55b4-5e72-4d05-a06c-cba2dfcc134a}.xpi [2024-03-11]
FF Extension: (Adblock na Youtube™) - C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Profiles\ob9ytkzq.default-release-1\Extensions\{0ac04bdb-d698-452f-8048-bcef1a3f4b0d}.xpi [2022-02-21]
FF ProfilePath: C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Profiles\gteda8g8.default [2021-01-24]
FF NewTab: Mozilla\Firefox\Profiles\gteda8g8.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10378__200606
FF ProfilePath: C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Profiles\shkk2f8c.default-release-1621189060132 [2024-10-02]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-06-08] (Unity Technologies ApS -> Unity Technologies ApS)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2024-09-20] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avgbrowser.com/AVG Browser;version=3 -> C:\Program Files (x86)\AVG\Browser\Update\1.8.1582.3\npAvgBrowserUpdate3.dll [2022-12-13] (AVG Technologies USA, LLC -> AVG Technologies)
FF Plugin-x32: @update.avgbrowser.com/AVG Browser;version=9 -> C:\Program Files (x86)\AVG\Browser\Update\1.8.1582.3\npAvgBrowserUpdate3.dll [2022-12-13] (AVG Technologies USA, LLC -> AVG Technologies)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2024-09-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2024-09-20] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Profile 3
CHR Profile: C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Default [2024-10-02]
CHR Extension: (Tampermonkey) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2024-05-19]
CHR Extension: (Dokumenty Google offline) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-13]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-08-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Profile: C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-10-02]
CHR Profile: C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 3 [2024-10-02]
CHR Notifications: Profile 3 -> hxxps://calendar.google.com
CHR Extension: (Dokumenty Google offline) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-06]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-10-02]
CHR Extension: (Komponenta pro aplikaci BUSINESS 24) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\iaihapeddbkncmmikkpmeggfecohnahg [2023-07-17]
CHR Extension: (Violentmonkey) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\jinjaccalgkegednnccohejagnlnfdag [2024-09-25]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-08-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-06-07]
CHR Extension: (Crypto Web Extension) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjohlogcennenjhkfclfgaganagadkkm [2024-05-13]
CHR Profile: C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 4 [2024-10-02]
CHR Extension: (Google Docs Offline) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-18]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-10-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-09-20]
CHR Profile: C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 5 [2024-10-02]
CHR Extension: (Google Docs Offline) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-10]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-09-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-05-21]
CHR Profile: C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 6 [2024-10-02]
CHR Extension: (Google Docs Offline) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-25]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-09-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-09-27]
CHR Profile: C:\Users\vondr\AppData\Local\Google\Chrome\User Data\System Profile [2024-10-02]
CHR HKU\S-1-5-21-3501418858-3935017464-633493477-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-07-31] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [944048 2024-09-20] (Adobe Inc. -> Adobe Inc.)
S2 avg; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [209224 2022-12-13] (AVG Technologies USA, LLC -> AVG Technologies)
S3 avgm; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [209224 2022-12-13] (AVG Technologies USA, LLC -> AVG Technologies)
S3 AVGSecureBrowserElevationService; C:\Program Files (x86)\AVG\Browser\Application\128.0.26382.138\elevation_service.exe [1722592 2024-09-11] (AVG Technologies USA, LLC -> Gen Digital Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1087792 2024-09-18] (Gen Digital Inc. -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13861048 2024-09-22] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2024-09-17] (Dropbox, Inc -> Dropbox, Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4976976 2022-11-05] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 DropboxElevationService; C:\Program Files (x86)\Dropbox\Client\208.4.5824\DropboxElevationService.exe [1659288 2024-09-17] (Dropbox, Inc -> Dropbox, Inc.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [145224 2017-02-27] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.180.0905.0001\FileSyncHelper.exe [3522976 2024-10-02] (Microsoft Corporation -> Microsoft Corporation)
R2 IntelAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_581d7e91d349facc\AS\IAS\IntelAudioService.exe [412120 2023-09-17] (Intel Corporation -> Intel)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8965728 2024-10-01] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-10-01] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpDefenderCoreService.exe [1431160 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Muse Hub Background Service; C:\Program Files\WindowsApps\Muse.MuseHub_1.0.1.693_x64__rb9pth70m6nz6\Muse.Service.exe [169472 2023-01-08] (Musecy SM Ltd. -> Muse.Service)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.180.0905.0001\OneDriveUpdaterService.exe [3864496 2024-10-02] (Microsoft Corporation -> Microsoft Corporation)
R2 SMARTHelperService; C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTHelperService.exe [635328 2019-12-10] (SMART Technologies ULC -> SMART Technologies)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\NisSrv.exe [3199656 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MsMpEng.exe [133704 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [36800 2022-06-02] (Acer Incorporated -> Acer Incorporated)
R1 Amfilter; C:\WINDOWS\system32\DRIVERS\Amfltx64.sys [12288 2023-09-17] (Microsoft Windows Hardware Compatibility Publisher -> (Standard mouse types))
R3 Amusbprt; C:\WINDOWS\system32\DRIVERS\Amusbx64.sys [17920 2023-09-17] (Microsoft Windows Hardware Compatibility Publisher -> A4Tech Co.,Ltd.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [544768 2023-12-12] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [188416 2024-03-13] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2022-11-05] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [63696 2022-11-05] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2024-10-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 googledrivefs31626; C:\Program Files\Google\Drive File Stream\Drivers\31626\googledrivefs31626.sys [384096 2024-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [231504 2024-10-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-10-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt11.sys [234168 2024-10-02] (Malwarebytes Inc. -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [78928 2024-10-02] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239568 2024-10-02] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [189776 2024-10-02] (Malwarebytes Inc. -> Malwarebytes)
R3 rt68cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_0f3a2b5f72186666\rt68cx21x64.sys [717160 2023-09-14] (Realtek Semiconductor Corp. -> Realtek)
R3 SMARTMouseFilterx64; C:\WINDOWS\System32\drivers\SMARTMouseFilterx64.sys [18952 2019-12-10] (Microsoft Windows Hardware Compatibility Publisher -> SMART Technologies)
R3 SMARTVHidMiniVistaAmd64; C:\WINDOWS\System32\drivers\SMARTVHidMiniVistaAmd64.sys [28168 2019-12-10] (Microsoft Windows Hardware Compatibility Publisher -> SMART Technologies)
S3 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22080 2024-09-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [602392 2024-09-17] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2024-09-17] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
Error Reading file: "C:\Users\vondr\AppData\Local\{A44E9F87-614E-44AD-8616-5B58F77886EC}"
2024-10-02 20:40 - 2024-10-02 20:41 - 000037634 _____ C:\Users\vondr\Downloads\FRST.txt
2024-10-02 20:39 - 2024-10-02 20:39 - 000234168 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt11.sys
2024-10-02 20:39 - 2024-10-02 20:39 - 000189776 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2024-10-02 20:39 - 2024-10-02 20:39 - 000000000 ____D C:\Users\vondr\AppData\LocalLow\IGDump
2024-10-02 18:26 - 2024-10-02 18:26 - 000727012 _____ C:\WINDOWS\system32\perfh005.dat
2024-10-02 18:26 - 2024-10-02 18:26 - 000151244 _____ C:\WINDOWS\system32\perfc005.dat
2024-10-01 20:12 - 2024-10-02 20:24 - 000000000 ____D C:\Users\vondr\AppData\Local\Malwarebytes
2024-10-01 20:11 - 2024-10-01 20:11 - 000002097 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-10-01 20:11 - 2024-10-01 20:11 - 000002085 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2024-10-01 20:11 - 2024-10-01 20:11 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-10-01 20:11 - 2024-10-01 20:11 - 000000000 ____D C:\Program Files\Malwarebytes
2024-09-30 20:12 - 2024-09-30 20:12 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-09-30 19:56 - 2024-10-02 20:40 - 000000000 ____D C:\FRST
2024-09-30 19:26 - 2024-09-30 19:26 - 002397696 _____ (Farbar) C:\Users\vondr\Downloads\FRST64.exe
2024-09-30 18:42 - 2024-09-30 18:42 - 000000000 ____D C:\Users\vondr\Downloads\Photos-001 (1)
2024-09-30 16:56 - 2024-09-30 16:59 - 045745463 _____ C:\Users\vondr\Downloads\Photos-001 (1).zip
2024-09-30 16:17 - 2024-09-30 18:17 - 2477729943 _____ C:\Users\vondr\Downloads\INSIDE.OUT.2 -2024. ENG. FullHD.mp4
2024-09-28 21:34 - 2024-09-28 22:04 - 000000002 _____ C:\Users\vondr\count.vip
2024-09-27 15:30 - 2024-09-27 15:30 - 000049479 _____ C:\Users\vondr\Downloads\priloha_1418121780_0_Pospisil_Schneider.pdf
2024-09-25 21:05 - 2024-09-25 21:05 - 075339115 _____ C:\Users\vondr\Downloads\Fyzika 8 _ ZŠ a gymnázia _ FRAUS.pdf
2024-09-25 21:03 - 2024-09-25 21:04 - 066621790 _____ C:\Users\vondr\Downloads\Chemie 9 3D _ 9. ročník ZŠ a gymnázia _ FRAUS.pdf
2024-09-25 21:03 - 2024-09-25 21:03 - 068933978 _____ C:\Users\vondr\Downloads\Chemie 8 3D _ 8. ročník ZŠ a gymnázia _ FRAUS.pdf
2024-09-25 20:44 - 2024-09-25 20:44 - 046739903 _____ C:\Users\vondr\Downloads\SLABIKÁŘ 1 do světa slov _ ZŠ _ FRAUS.pdf
2024-09-24 19:20 - 2024-09-24 19:20 - 000012823 _____ C:\Users\vondr\Downloads\Rozpočet do konce roku 2024.xlsx
2024-09-22 18:44 - 2024-09-22 18:44 - 000115647 _____ C:\Users\vondr\Downloads\Literární věda 4.pdf
2024-09-22 18:40 - 2024-09-22 18:40 - 000269840 _____ C:\Users\vondr\Downloads\Literární věda 3.pdf
2024-09-22 18:38 - 2024-09-22 18:38 - 000288952 _____ C:\Users\vondr\Downloads\Literání věda 2.pdf
2024-09-22 16:36 - 2024-09-22 16:36 - 000933277 _____ C:\Users\vondr\Downloads\Sablony_Klice-k-rozvoji-skoly.pdf
2024-09-19 13:27 - 2024-09-19 13:27 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2024-09-19 10:36 - 2024-09-19 10:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2024-09-18 20:09 - 2024-09-28 22:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2024-09-17 16:18 - 2024-09-17 16:18 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2024-09-17 13:34 - 2024-09-17 13:34 - 000656787 _____ C:\Users\vondr\Downloads\1. pracovní list - obory biologie.pdf
2024-09-15 15:07 - 2024-09-15 15:07 - 000204195 _____ C:\Users\vondr\Downloads\Pravopisná cvičení.pdf
2024-09-15 08:20 - 2024-09-15 08:20 - 000446761 _____ C:\Users\vondr\Downloads\Metodické doporuÄ_enÃ_ k průbÄ›hu individuálnÃ_ho vzdÄ›lávánÃ_ dÄ›tÃ_ v mateÅ™ských Å¡kolách a ověřenÃ_ dosahovánÃ_ oÄ_ekávaných výstupů-3.pdf
2024-09-13 21:15 - 2024-09-13 21:16 - 000000000 ____D C:\Users\vondr\Downloads\Photos-001
2024-09-13 20:50 - 2024-09-13 20:50 - 005213768 _____ C:\Users\vondr\Downloads\Photos-001.zip
2024-09-11 19:29 - 2024-09-11 19:29 - 000161781 _____ C:\Users\vondr\Downloads\Potvrzeni-o-studiu-David Vraj.pdf
2024-09-10 19:38 - 2024-09-10 19:38 - 001594446 _____ C:\Users\vondr\Downloads\Babice - pers.zip
2024-09-10 19:38 - 2024-09-10 19:38 - 000000000 ____D C:\Users\vondr\Downloads\Babice - pers
2024-09-09 19:33 - 2024-09-09 19:33 - 000365485 _____ C:\Users\vondr\Downloads\1-Hynková zápočtový list.pdf
2024-09-07 20:09 - 2024-09-07 20:09 - 000000000 ____D C:\Users\vondr\AppData\Roaming\openlp
2024-09-07 20:08 - 2024-09-07 20:08 - 000000000 ____D C:\Users\vondr\Downloads\ez21--openlp-2022-01-25
2024-09-07 20:07 - 2024-09-07 20:07 - 000000000 ____D C:\Users\vondr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenLP
2024-09-07 20:07 - 2024-09-07 20:07 - 000000000 ____D C:\Program Files\OpenLP
2024-09-07 20:06 - 2024-09-07 20:06 - 000710738 _____ C:\Users\vondr\Downloads\ez21--openlp-2022-01-25.zip
2024-09-07 19:59 - 2024-09-07 20:01 - 205410875 _____ C:\Users\vondr\Downloads\OpenLP-3.1.3-x64.msi
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-10-02 20:41 - 2020-03-22 09:07 - 000000000 ___HD C:\Users\vondr\AppData\Local\CrashDumps
2024-10-02 20:40 - 2020-06-14 21:47 - 000000000 ____D C:\Users\vondr\AppData\Roaming\Dropbox
2024-10-02 20:40 - 2020-06-14 21:46 - 000000000 ___HD C:\Users\vondr\AppData\Local\Dropbox
2024-10-02 20:39 - 2023-03-21 23:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-10-02 20:39 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-10-02 20:39 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ServiceState
2024-10-02 20:39 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-10-02 20:39 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-10-02 20:39 - 2021-09-04 20:23 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-10-02 20:39 - 2021-03-12 23:12 - 000012288 ___SH C:\DumpStack.log.tmp
2024-10-02 20:39 - 2020-03-21 06:35 - 000000000 ___RD C:\Users\vondr\OneDrive
2024-10-02 20:39 - 2020-03-21 06:33 - 000000000 __SHD C:\Users\vondr\IntelGraphicsProfiles
2024-10-02 20:39 - 2020-03-20 16:01 - 000000000 ____D C:\Program Files\CCleaner
2024-10-02 20:38 - 2022-05-07 07:17 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-10-02 20:37 - 2020-03-21 19:26 - 000000000 ___HD C:\Users\vondr\AppData\LocalLow\Temp
2024-10-02 20:35 - 2020-03-21 06:21 - 000000000 ___SD C:\Users\vondr\AppData\Roaming\Microsoft\Credentials
2024-10-02 19:59 - 2020-03-28 09:23 - 000000000 ____D C:\Users\vondr\AppData\Roaming\vlc
2024-10-02 19:54 - 2023-03-21 23:13 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3501418858-3935017464-633493477-1001
2024-10-02 19:54 - 2023-03-21 23:13 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-10-02 19:54 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-10-02 19:54 - 2020-05-25 16:32 - 000002134 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-10-02 19:25 - 2023-03-23 20:09 - 000000000 ____D C:\Users\vondr\AppData\Local\Deployment
2024-10-02 19:25 - 2020-03-20 16:35 - 000000000 ____D C:\Users\vondr\AppData\Roaming\Microsoft\Word
2024-10-02 18:40 - 2022-02-11 14:56 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-10-02 18:29 - 2023-03-21 23:05 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-10-02 18:26 - 2023-03-21 23:12 - 001718028 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-10-02 18:26 - 2022-05-07 07:22 - 000000000 ____D C:\WINDOWS\INF
2024-10-02 18:19 - 2020-03-20 15:55 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-10-01 21:58 - 2020-03-21 06:33 - 000000000 ___HD C:\Users\vondr\AppData\Local\Packages
2024-10-01 21:57 - 2020-03-20 20:36 - 000000000 ____D C:\Users\vondr\AppData\Roaming\Microsoft\Excel
2024-10-01 20:11 - 2022-05-07 07:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-10-01 09:43 - 2023-03-21 23:05 - 000656952 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-09-30 20:12 - 2023-03-21 12:53 - 000000000 ___DC C:\WINDOWS\Panther
2024-09-30 20:12 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-09-30 20:12 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-09-30 20:12 - 2019-10-26 21:30 - 000000000 ____D C:\Program Files\Microsoft Office
2024-09-30 16:54 - 2022-02-06 21:58 - 000000000 ___RD C:\Users\vondr\Documents\Mega
2024-09-28 22:05 - 2022-09-21 09:34 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-09-28 22:05 - 2021-05-16 20:56 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-09-28 21:34 - 2023-03-21 23:06 - 000000000 ____D C:\Users\vondr
2024-09-28 07:46 - 2020-06-09 19:13 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-09-24 21:54 - 2020-03-22 15:21 - 000000000 ____D C:\Users\vondr\AppData\Roaming\MuseScore
2024-09-20 13:39 - 2023-03-21 23:13 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-09-20 13:39 - 2023-03-21 23:13 - 000003380 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2024-09-20 13:26 - 2020-03-22 08:35 - 000000000 ___HD C:\Users\vondr\AppData\Local\Adobe
2024-09-20 13:25 - 2023-03-03 21:57 - 000001386 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2024-09-20 13:25 - 2021-10-04 21:20 - 000000000 ____D C:\Program Files\Common Files\Adobe
2024-09-20 13:25 - 2021-10-04 21:20 - 000000000 ____D C:\Program Files\Adobe
2024-09-20 13:25 - 2020-03-20 19:19 - 000000000 ____D C:\Program Files (x86)\Adobe
2024-09-19 20:48 - 2020-10-17 06:51 - 000002379 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Secure Browser.lnk
2024-09-19 20:27 - 2020-05-08 08:25 - 000000000 ____D C:\Users\vondr\Desktop\Lydinka
2024-09-19 13:27 - 2021-05-16 20:56 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-09-19 10:41 - 2020-03-21 06:17 - 000000000 ____D C:\ProgramData\Packages
2024-09-19 10:40 - 2020-03-21 06:35 - 000000000 ___HD C:\Users\vondr\AppData\Local\PlaceholderTileLogoFolder
2024-09-19 10:36 - 2020-06-14 21:46 - 000000000 ____D C:\Program Files (x86)\Dropbox
2024-09-18 19:24 - 2020-03-21 11:21 - 000000000 ____D C:\Users\vondr\Documents\Angličtina
2024-09-17 21:08 - 2019-10-26 20:40 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-09-17 13:29 - 2021-11-28 19:26 - 000000000 ____D C:\Users\vondr\AppData\Roaming\com.adobe.dunamis
2024-09-16 20:58 - 2022-10-14 08:03 - 000002140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2024-09-16 19:44 - 2021-09-10 18:39 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2024-09-16 19:44 - 2021-09-10 18:39 - 000002012 _____ C:\Users\Default\Desktop\Google Slides.lnk
2024-09-16 19:44 - 2021-09-10 18:39 - 000002012 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2024-09-16 19:44 - 2021-09-10 18:39 - 000002000 _____ C:\Users\Default\Desktop\Google Docs.lnk
2024-09-11 21:35 - 2023-10-11 21:41 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-09-11 21:35 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2024-09-11 21:35 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\F12
2024-09-11 21:35 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-09-11 21:35 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\WUModels
2024-09-11 21:35 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-09-11 21:35 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-09-11 21:35 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-09-11 21:35 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2024-09-11 21:35 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-09-11 21:35 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-09-11 21:35 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\Provisioning
2024-09-11 21:35 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-09-11 13:16 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-09-11 13:09 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-09-11 13:05 - 2023-03-21 23:06 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-09-11 12:56 - 2020-03-21 08:36 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-09-11 12:50 - 2020-03-21 08:36 - 199688632 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-09-09 13:09 - 2023-03-21 23:13 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-09-09 13:09 - 2023-03-21 23:13 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-09-07 20:27 - 2020-03-20 16:35 - 000000000 ____D C:\Users\vondr\AppData\Roaming\Microsoft\Office
2024-09-04 18:45 - 2020-06-26 20:30 - 000000000 ___HD C:\Users\vondr\AppData\Local\D3DSCache
==================== Files in the root of some directories ========
2020-03-24 15:38 - 2021-01-11 21:59 - 000000806 _____ () C:\Users\vondr\AppData\Roaming\ACER.MTBF.txt
2020-03-24 15:38 - 2020-03-24 15:49 - 000000678 _____ () C:\Users\vondr\AppData\Roaming\__AvidCloudManager.log
2020-03-24 15:38 - 2020-03-24 15:47 - 000000647 _____ () C:\Users\vondr\AppData\Roaming\__AvidCloudManagerPrevious.log
2020-05-18 22:12 - 2020-05-18 22:15 - 000000716 _____ () C:\Users\vondr\AppData\Roaming\{E4A5EDDB-14CF-DFF1-5402-0DB91944F0C4}
2020-03-24 15:39 - 2020-06-04 20:42 - 000003584 ____H () C:\Users\vondr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-09-2024
Ran by vondr (02-10-2024 20:41:58)
Running from C:\Users\vondr\Downloads
Microsoft Windows 11 Home Version 23H2 22631.4169 (X64) (2023-03-22 06:23:30)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3501418858-3935017464-633493477-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3501418858-3935017464-633493477-503 - Limited - Disabled)
evraj (S-1-5-21-3501418858-3935017464-633493477-1002 - Limited - Disabled)
Guest (S-1-5-21-3501418858-3935017464-633493477-501 - Limited - Disabled)
vondr (S-1-5-21-3501418858-3935017464-633493477-1001 - Administrator - Enabled) => C:\Users\vondr
WDAGUtilityAccount (S-1-5-21-3501418858-3935017464-633493477-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton Security Ultra (Disabled - Out of date) {A2708B76-6835-6565-CB96-694212954A75}
AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acer Jumpstart (HKLM-x32\...\{4335EAF1-21F1-43D3-8F6F-D7E481E6959A}) (Version: 3.3.19180.60 - Acer)
Adobe Acrobat Reader - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 24.003.20112 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 6.4.0.361 - Adobe Inc.)
Adobe Character Animator 2022 (HKLM-x32\...\CHAR_22_5) (Version: 22.5 - Adobe Inc.)
Adobe Character Animator 2023 (HKLM-x32\...\CHAR_23_6) (Version: 23.6 - Adobe Inc.)
Adobe Character Animator 2024 (HKLM-x32\...\CHAR_24_0) (Version: 24.0 - Adobe Inc.)
Adobe Illustrator 2024 (HKLM-x32\...\ILST_28_1) (Version: 28.1 - Adobe Inc.)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_13_1) (Version: 13.1 - Adobe Inc.)
Adobe Media Encoder 2023 (HKLM-x32\...\AME_23_6_2) (Version: 23.6.2 - Adobe Inc.)
Adobe Media Encoder 2024 (HKLM-x32\...\AME_24_1_1) (Version: 24.1.1 - Adobe Inc.)
Adobe Photoshop 2022 (HKLM-x32\...\PHSP_23_5_5) (Version: 23.5.5.1103 - Adobe Inc.)
Adobe Photoshop 2023 (HKLM-x32\...\PHSP_24_7) (Version: 24.7.0.643 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601078}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Antares Autotune Evo VST RTAS v6.0.9 (HKLM-x32\...\Antares Autotune Evo VST RTAS_is1) (Version: - )
Audacity 2.3.3 (HKLM-x32\...\Audacity_is1) (Version: 2.3.3 - Audacity Team)
AVG Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1066.0 - AVG Technologies) Hidden
AVG Update Helper (HKLM-x32\...\{EDB7AEE7-E932-4836-AE50-D3B0B7766CB5}) (Version: 1.8.1582.3 - AVG Technologies) Hidden
Avidemux VC++ 64bits (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\{958c1728-e7f8-47a4-980a-8dafc359bffe}) (Version: 2.7.5 - Mean)
Bandicam (HKLM-x32\...\Bandicam) (Version: 7.0.0.2117 - Bandicam.com)
Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com)
calibre 64bit (HKLM\...\{7F97780B-9EAD-4000-BD3A-F6D0FE096D56}) (Version: 6.29.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 6.28 - Piriform)
Corel Update Manager (HKLM-x32\...\{FB8387EF-D663-4152-A13E-6B963AC1052A}) (Version: 2.3 - Corel corporation)
Crypto Native App verze 23.01.8574 (HKLM\...\{79D8049F-2978-4E91-90BD-3428C8FF2E69}_is1) (Version: 23.01.8574 - TESCO SW a.s.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 11.1.0.2037 - Disc Soft Ltd)
DaVinci Resolve (HKLM\...\{8CD009CC-08AB-4873-BA5C-DC4AEA8BACEB}) (Version: 16.2.7010 - Blackmagic Design)
Dazzle Video Capture DVC100 X64 Driver 1.06 (HKLM-x32\...\{BFF23267-1D19-444E-93E2-E5059BE805EA}) (Version: 1.06.0000 - Pinnacle)
Dazzle Video Capture DVC100 X64 Driver 1.08 (HKLM-x32\...\{FB4B9EB9-68B2-4C42-8C38-B65F8FE5A5CA}) (Version: 1.08.0000 - Pinnacle)
DidaktaCZ 1.0.0 (HKLM-x32\...\7e81f6ca-38af-5207-b03c-2ecbe5f1ce8e) (Version: 1.0.0 - SILCOM Multimedia, s.r.o.)
Discord (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
DjVu Viewer (HKLM-x32\...\{3A959BCB-643A-462F-A692-5B7FE4CE35AC}_is1) (Version: - djvuviewer.com)
Dropbox (HKLM-x32\...\Dropbox) (Version: 208.4.5824 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.911.1 - Dropbox, Inc.) Hidden
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
FFmpeg 5.0.0 for Audacity - x86_64 (HKLM\...\FFmpeg for Audacity_is1) (Version: - )
Fire Department (HKLM-x32\...\{1BE73DD5-DB8C-4068-867D-FD7D72CE049D}) (Version: - )
Flexibooks 4.6.1 (64 bit) (HKLM\...\{D36F5D15-E633-45E7-803B-4FC66F183092}) (Version: 4.6.1 - Fraus Media s.r.o. 2016)
FormApps Plug-in GPO (HKLM-x32\...\{4E6F3A31-FADD-4634-A820-3EC96877C7B9}) (Version: 1.29.0.79 - Software602 a.s.)
FormatFactory 5.12.2.0 (HKLM-x32\...\FormatFactory) (Version: 5.12.2.0 - Free Time)
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 97.0.1.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 129.0.6668.71 - Google LLC)
HandBrake 1.3.3 (HKLM-x32\...\HandBrake) (Version: 1.3.3 - )
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kontrola stavu osobního počítače s Windows (HKLM\...\{D18FE9D2-2F54-4C68-A2DE-A59D4A80A9BC}) (Version: 3.1.2109.29003 - Microsoft Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Malwarebytes version 5.1.10.127 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.1.10.127 - Malwarebytes)
Media Creator Student (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\Media Creator Student) (Version: - NOVÁ ŠKOLA, s.r.o.)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Host - 6.0.33 (x64) (HKLM\...\{8584855C-3B2B-4F95-BE1D-CCA5B6DE2815}) (Version: 48.132.18378 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.33 (x64) (HKLM\...\{62A8E894-9FD1-45A0-A4D0-BD9FA854818D}) (Version: 48.132.18378 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.33 (x64) (HKLM\...\{07BE9B02-0247-471C-B06F-A3B1A8FA9216}) (Version: 48.132.18378 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 129.0.2792.65 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 129.0.2792.65 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProplusRetail - cs-cz) (Version: 16.0.18025.20104 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.18025.20104 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Retail - cs-cz) (Version: 16.0.18025.20104 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.18025.20104 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.180.0905.0001 - Microsoft Corporation)
Microsoft Project - cs-cz (HKLM\...\ProjectPro2019Retail - cs-cz) (Version: 16.0.18025.20104 - Microsoft Corporation)
Microsoft Project - en-us (HKLM\...\ProjectPro2019Retail - en-us) (Version: 16.0.18025.20104 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\Teams) (Version: 1.6.00.11166 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visio - cs-cz (HKLM\...\VisioPro2019Retail - cs-cz) (Version: 16.0.18025.20104 - Microsoft Corporation)
Microsoft Visio - en-us (HKLM\...\VisioPro2019Retail - en-us) (Version: 16.0.18025.20104 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31326 (HKLM-x32\...\{2d507699-404c-4c8b-a54a-38e352f32cdd}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31326 (HKLM\...\{38624EB5-356D-4B08-8357-C33D89A5C0C5}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31326 (HKLM\...\{C96241EA-9900-4FE8-85B3-1E238D509DF6}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.33 (x64) (HKLM\...\{A59F43A6-AADB-42EB-883B-2FE4E3AA3A69}) (Version: 48.132.18374 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.33 (x64) (HKLM-x32\...\{ecb94bc3-963d-412a-b141-8b7c32ef103f}) (Version: 6.0.33.33916 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox (x86 en-US) (HKLM-x32\...\Mozilla Firefox 130.0.1 (x86 en-US)) (Version: 130.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 88.0 - Mozilla)
MSVCRT (HKLM-x32\...\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}) (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (HKLM-x32\...\{D0B44725-3666-492D-BEF6-587A14BD9BD9}) (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (HKLM-x32\...\{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}) (Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (HKLM\...\{E9FA781F-3E80-4399-825A-AD3E11C28C77}) (Version: 16.4.1109.0912 - Microsoft) Hidden
MuseScore 3 (HKLM\...\{FF67E071-104C-4C42-9301-184442745671}) (Version: 3.6.2.548021803 - Werner Schweer and Others)
MuseScore 4 (HKLM\...\{0146EF2D-5111-4414-8818-4D293AF5E154}) (Version: 4.0.0.223472200 - MuseScore BVBA and Others)
MuseScore 4 (HKLM\...\{85631FCF-88DD-42FD-8E2D-0A5F82CF631E}) (Version: 4.0.2.230651553 - MuseScore BVBA and Others)
MyHeritage Family Tree Builder (HKLM-x32\...\Family Tree Builder) (Version: 8.0.0.8625 - MyHeritage.com)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.18025.20104 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.18025.20104 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenLP (HKLM\...\{41C0F1DB-0AAC-42A9-8221-F2BF5524EC5C}) (Version: 3.1.3.5000 - OpenLP Developers)
Photo Common (HKLM-x32\...\{15BFD731-A10E-43E9-9D18-0F682BC0480F}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Gallery (HKLM-x32\...\{07AAB66E-4718-422D-9218-4AFB3C922A71}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Pinnacle Studio 21 (HKLM\...\{41C196DB-9ED2-449E-A056-20E67255BFC8}) (Version: 21.1.0.132 - Corel Corporation)
PowerISO (HKLM-x32\...\PowerISO) (Version: 8.3 - Power Software Ltd)
Proclaim (HKLM-x32\...\{1FC10733-55C3-4306-BCE2-FAEAB6234DB9}) (Version: 3.0.32 - Faithlife Corporation)
Python 3.12.0 (64-bit) (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\{cf9c4d97-48a7-4a27-b9fc-91b88a803c40}) (Version: 3.12.150.0 - Python Software Foundation)
Python 3.12.0 Core Interpreter (64-bit) (HKLM\...\{6B58F6F9-656A-4CC4-8BAB-22177BFFA45F}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 Development Libraries (64-bit) (HKLM\...\{225BAA2C-BDCA-4D63-9D72-D92CE5E2421D}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 Documentation (64-bit) (HKLM\...\{5DF0B8D8-4E7F-43EB-AD16-30FFA931A905}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 Executables (64-bit) (HKLM\...\{575EC8EB-A481-4CF1-BAB0-3C1DBD2E50A7}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 pip Bootstrap (64-bit) (HKLM\...\{24B8988D-E785-4124-BF77-1DC6A3E62050}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 Standard Library (64-bit) (HKLM\...\{14BBD330-AA3F-4F7A-8A39-DFB28AECFA82}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 Tcl/Tk Support (64-bit) (HKLM\...\{6EAF677E-4EE8-4A22-9781-9131C5298D26}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 Test Suite (64-bit) (HKLM\...\{0A9B38A7-D393-44A5-A94E-9FEC927DC39C}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{3182A195-B671-44A8-B0C7-7876B916BA5A}) (Version: 3.12.150.0 - Python Software Foundation)
SMART Czech Handwriting Resources (HKLM-x32\...\{65A75580-36A0-4490-8181-0967DD6C1464}) (Version: 15.1.10.0 - SMART Technologies ULC)
SMART Gallery Essentials (HKLM-x32\...\{B1BCD573-39C5-48CD-A2A7-F6525BB7072B}) (Version: 2.0.2.0 - SMART Technologies ULC)
SMART Ink (HKLM-x32\...\{431EB801-5D66-409A-B208-AEF76AD7F677}) (Version: 5.6.132.0 - SMART Technologies ULC)
SMART Lesson Activity Toolkit (HKLM-x32\...\{8AD57A09-153E-4F6D-A269-0AD8AC54B82A}) (Version: 2.0.7.0 - SMART Technologies ULC)
SMART Notebook (HKLM-x32\...\{F0215213-10A6-43DB-9BE4-3FD3DB5D8E53}) (Version: 19.1.2790.0 - SMART Technologies ULC)
SMART Ovladače produktů (HKLM-x32\...\{8F02AE90-9219-42E6-AD41-0C0055227B9B}) (Version: 12.15.139.0 - SMART Technologies ULC)
TechSmith Screen Capture Codec (HKLM-x32\...\{84FE50F5-B0F3-4D18-8BE8-A4DEEE0C37AD}) (Version: 4.1.1.0 - TechSmith Corporation) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation)
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Windows Live Communications Platform (HKLM-x32\...\{41C61308-6CFD-4D54-AB6A-7136ED08A18E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{9A470EA9-FF86-4C0E-992C-572BF2B9D6FF}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Installer (HKLM-x32\...\{659CB81C-B54E-4DF1-B618-F35777393A54}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (HKLM-x32\...\{3EE8FA69-F2A5-4BDB-9E23-3ABB2421B4FA}) (Version: 16.4.3528.0331 - společnost Microsoft Corporation) Hidden
Windows Live Mail (HKLM-x32\...\{B775C26B-EAA8-4A11-ACBF-76E52DF6B805}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Messenger (HKLM-x32\...\{88B9357F-0845-465F-96B9-50976FB9C6C2}) (Version: 16.4.3528.0331 - společnost Microsoft Corporation) Hidden
Windows Live Messenger (HKLM-x32\...\{E703613B-BDAB-433E-A66A-DE0263E3D35D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (HKLM\...\{25058321-C33E-496B-8915-6FD64D362CAF}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (HKLM-x32\...\{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (HKLM-x32\...\{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (HKLM-x32\...\{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (HKLM-x32\...\{D1893000-EA77-493C-8DDD-E262436E959B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (HKLM-x32\...\{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{E100E2B5-F2EF-4955-AB7A-C3F2125A3BCD}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (HKLM-x32\...\{04BE4035-3C8E-4B48-BFB8-1655849C0C8B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (HKLM-x32\...\{124A05DC-3C47-4EEF-85CE-56D6C1CAE62B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (HKLM-x32\...\{714E162E-CD4F-4F1B-8302-7F5179409C25}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (HKLM-x32\...\{E5807449-CA84-42F6-9CE3-A0E2BDA9E24B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\ZoomUMX) (Version: 5.6.5 (823) - Zoom Video Communications, Inc.)
Chrome apps:
============
Disk Google (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\5c5a5fb95c6ba6b72e5a904305afe613) (Version: 1.0 - Google\Chrome)
Disk Google (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\6098d7e003d8165867a035a442cd676d) (Version: 1.0 - Google\Chrome)
Dokumenty (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\23bc082de407676f4e713d80388ae829) (Version: 1.0 - Google\Chrome)
Dokumenty (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\c8af2eaa6dc805a0f1c1253e60402936) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\1ad560b38a1f57c91f39d61272f4757f) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\2823b62810c5c2b4a5fbb28a9b99c7fa) (Version: 1.0 - Google\Chrome)
Prezentace (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\cea10a33c13793d394fb086f93bc0620) (Version: 1.0 - Google\Chrome)
Prezentace (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\d9dd83a3e783c7497c347e226d52d02c) (Version: 1.0 - Google\Chrome)
Tabulky (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\1d103e078685bdc3023a7d799683ff34) (Version: 1.0 - Google\Chrome)
Tabulky (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\eb453c38b338f5fa89ad4445f7a6f9fc) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\a8c59f248bb7f46d4c07e655e19f08f0) (Version: 1.0 - Google\Chrome)
Packages:
=========
Acer Product Registration -> C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4 [2023-06-01] (Acer Incorporated)
Adobe Acrobat Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC [2024-06-15] ()
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc [2023-07-01] (Adobe Systems Incorporated)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_9.4.2.0_x64__kgqvnymyfvs32 [2024-09-24] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_4.4.1.0_x64__kgqvnymyfvs32 [2024-09-16] (king.com)
Care Center S -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCareCenterS_4.0.3019.0_x64__48frkmn4z8aw4 [2021-03-12] (Acer Incorporated)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-04-22] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation)
Dropbox -> C:\Program Files (x86)\Dropbox\Client\PackageAssets [2024-09-19] (Dropbox Inc.)
Evernote -> C:\Program Files\WindowsApps\Evernote.Evernote_10.107.3.0_x64__q4d96b2w5wcc2 [2024-09-27] (Evernote) [Startup Task]
Fotografie -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2024.11070.31001.0_x64__8wekyb3d8bbwe [2024-08-07] (Microsoft Corporation) [Startup Task]
GoTrust ID -> C:\Program Files\WindowsApps\GOTrustTechnologyInc.GO-TrustAuthenticator_3.1.21.0_x64__0r04f53sqacg6 [2024-09-17] (GoTrustID Inc.)
InspIS SETmobile -> C:\Program Files\WindowsApps\57320732D6B4D.InspISSETmobile_1.10.20098.0_x86__beccaw7yyhy3g [2020-06-06] (Itelligence-cz, a.s.)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2021-03-13] (INTEL CORP)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1041.0_x64__8j3eq9eme6ctt [2024-09-14] (INTEL CORP)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_3.0.37.0_x64__w1wdnht996qgy [2024-09-24] (LinkedIn) [Startup Task]
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_2150.23.211.0_x64__8xx8rvfyw5nnt [2024-09-11] (Meta) [Startup Task]
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x86__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation) [MS Ad]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-09-14] (Microsoft Corp.)
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_54.20907.567.0_x64__8wekyb3d8bbwe [2024-09-14] (Microsoft Corporation)
Microsoft.BingSearch -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.95.0_x64__8wekyb3d8bbwe [2024-07-23] (Microsoft Corporation)
Microsoft.StartExperiencesApp -> C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.168.0_x64__8wekyb3d8bbwe [2024-09-28] (Microsoft Corporation) [Startup Task]
MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24082.53.0_x64__cw5n1h2txyewy [2024-09-28] (Microsoft Windows) [Startup Task]
Movie & Audio Studio -> C:\Program Files\WindowsApps\MAGIXSoftwareGmbH.MovieAudioStudio_1.1.4.0_x64__awcgk3qbzve1y [2024-09-17] (MAGIX Software GmbH)
Muse Hub -> C:\Program Files\WindowsApps\Muse.MuseHub_1.0.1.693_x64__rb9pth70m6nz6 [2024-02-14] (Muse) [Startup Task]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_7.0.8.0_neutral__mcm4njqhnhss8 [2024-07-23] (Netflix, Inc.)
PhotoDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PhotoDirectorforacerDesktop_8.0.5229.0_x64__ypz87dpxkv292 [2019-10-26] (CYBERLINK COM CORP)
PowerDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PowerDirectorforacerDesktop_14.0.4304.0_x64__ypz87dpxkv292 [2019-10-26] (CYBERLINK COM CORP)
QuickAccess -> C:\Program Files\WindowsApps\AcerIncorporated.QuickAccess_3.0.3017.0_x64__48frkmn4z8aw4 [2020-09-30] (Acer Incorporated)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.9.205.0_x64__dt26b99r8h8gj [2020-04-03] (Realtek Semiconductor Corp)
Simple Mahjong -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleMahjong_6.5.16.0_x64__kx24dqmazqk8j [2024-08-20] (Random Salad Games LLC)
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.5.18.0_x64__kx24dqmazqk8j [2024-08-16] (Random Salad Games LLC)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0 [2024-10-02] (Spotify AB) [Startup Task]
User Experience Improvement Program -> C:\Program Files\WindowsApps\AcerIncorporated.UserExperienceImprovementProgram_4.0.3106.0_x64__48frkmn4z8aw4 [2019-10-26] (Acer Incorporated)
Widgets Platform Runtime -> C:\Program Files\WindowsApps\Microsoft.WidgetsPlatformRuntime_1.4.0.0_x64__8wekyb3d8bbwe [2024-09-19] (Microsoft Corporation)
WinAppRuntime.Main.1.2 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.2_2000.802.31.0_x64__8wekyb3d8bbwe [2023-03-17] (Microsoft Corp.)
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.214.1843.0_x64__8wekyb3d8bbwe [2024-08-14] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_6000.266.2241.0_x64__8wekyb3d8bbwe [2024-10-02] (Microsoft Corp.)
Windows App Runtime DDLM 2000.684.1510.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.2000.684.1510.0-x6_2000.684.1510.0_x64__8wekyb3d8bbwe [2022-12-18] (Microsoft Corporation)
Windows App Runtime DDLM 2000.684.1510.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.2000.684.1510.0-x8_2000.684.1510.0_x86__8wekyb3d8bbwe [2022-12-18] (Microsoft Corporation)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\LKG\MicrosoftWindows.LKG.AccountsService_cw5n1h2txyewy [2024-09-11] (Microsoft Windows)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\LKG\MicrosoftWindows.LKG.DesktopSpotlight_cw5n1h2txyewy [2024-09-11] (Microsoft Windows)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\LKG\MicrosoftWindows.LKG.IrisService_cw5n1h2txyewy [2024-09-11] (Microsoft Windows)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3501418858-3935017464-633493477-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-52B34AEEE9B2} -> [Creative Cloud Files] => C:\Users\vondr\Creative Cloud Files [2021-11-28 19:19]
CustomCLSID: HKU\S-1-5-21-3501418858-3935017464-633493477-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\vondr\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.23089.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3501418858-3935017464-633493477-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-3501418858-3935017464-633493477-1001_Classes\CLSID\{BEA218D2-6950-497B-9434-61683EC065FE}\InprocServer32 -> C:\Users\vondr\AppData\Local\Programs\Python\Launcher\pyshellext.amd64.dll (Python Software Foundation -> Python Software Foundation)
CustomCLSID: HKU\S-1-5-21-3501418858-3935017464-633493477-1001_Classes\CLSID\{C40DF59F-2365-4851-99BD-249EFB7ED151} -> [Mega] => C:\Users\vondr\Documents\Mega [2022-02-06 21:58]
CustomCLSID: HKU\S-1-5-21-3501418858-3935017464-633493477-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\vondr\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3501418858-3935017464-633493477-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\vondr\Dropbox [2020-06-14 21:52]
CustomCLSID: HKU\S-1-5-21-3501418858-3935017464-633493477-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\vondr\AppData\Local\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\vondr\AppData\Local\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\vondr\AppData\Local\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-11-28] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-11-28] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-11-28] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\vondr\AppData\Local\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\vondr\AppData\Local\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\vondr\AppData\Local\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers-x32: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers-x32: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers-x32: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.180.0905.0001\FileSyncShell64.dll [2024-10-02] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-11-28] (Adobe Inc. -> )
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\vondr\AppData\Local\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2022-09-01] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2022-11-05] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\vondr\AppData\Local\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2022-11-05] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-10-01] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\vondr\AppData\Local\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.180.0905.0001\FileSyncShell64.dll [2024-10-02] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\vondr\AppData\Local\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2022-09-01] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.180.0905.0001\FileSyncShell64.dll [2024-10-02] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-11-28] (Adobe Inc. -> )
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-10-01] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2022-09-01] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.mjpg] => C:\WINDOWS\system32\bdmjpeg64.dll [75248 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\WINDOWS\system32\bdmpegv64.dll [75272 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\WINDOWS\system32\bdmpega64.acm [75784 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.dvsd] => C:\Windows\SysWOW64\pdvcodec.dll [265797 2010-03-12] (Matsushita Electric Industrial Co., Ltd.) [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [71176 2017-01-26] (Bandicam Company -> )
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\vondr\Desktop\Programy\Media Creator Student.lnk -> C:\Program Files (x86)\Media Creator Student\mc.bat ()
Shortcut: C:\Users\vondr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenLP\Get support for OpenLP.lnk -> hxxp://forums.openlp.org
Shortcut: C:\Users\vondr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenLP\OpenLP on the Web.lnk -> hxxp://openlp.org
Shortcut: C:\Users\vondr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Media Creator Student\Media Creator Student.lnk -> C:\Program Files (x86)\Media Creator Student\mc.bat ()
ShortcutWithArgument: C:\Users\vondr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Disk Google.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 6" --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\vondr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Dokumenty.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 6" --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
ShortcutWithArgument: C:\Users\vondr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Gmail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 6" --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\vondr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Prezentace.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 6" --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\vondr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Tabulky.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 6" --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\vondr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Ondřej (skolababice.cz) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\vondr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\371b6590bc8d800\Jakub - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 6"
ShortcutWithArgument: C:\Users\vondr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\225bb61db2f318c1\Ondřej (skolababice.cz) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 3"
==================== Loaded Modules (Whitelisted) =============
2023-03-21 23:07 - 2023-03-21 23:07 - 000649360 _____ (SMART Technologies ULC -> Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\Fusion\amd64_smarttech.ms.vc120.crt_e7e76aadd9f46776_none_c214de27ee82b5e1\1.0\1.0.19.0\MSVCP120.dll
2023-03-21 23:07 - 2023-03-21 23:07 - 000952464 _____ (SMART Technologies ULC -> Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\Fusion\amd64_smarttech.ms.vc120.crt_e7e76aadd9f46776_none_c214de27ee82b5e1\1.0\1.0.19.0\MSVCR120.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\sharepoint.com -> hxxps://sgocz-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 06:49 - 2019-03-19 06:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
DNS Servers: 93.93.32.32 - 93.93.33.33
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: Realtek PCIe GbE Family Controller -> rt68cx21x64.sys
Wi-Fi: Intel(R) Wi-Fi 6 AX201 160MHz -> Netwtw10.sys
Síťové připojení Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "SMARTNotification"
HKLM\...\StartupApproved\Run32: => "SMART Board Service"
HKLM\...\StartupApproved\Run32: => "SMART Tray Tools"
HKLM\...\StartupApproved\Run32: => "sbsdk-server"
HKLM\...\StartupApproved\Run32: => "SMART Ink"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "Family Tree Builder Update"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "st_global"
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\StartupApproved\Run: => "AVGBrowserAutoLaunch_7EE2BFE1B3B8A803197E356BCB586469"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{DD609FDA-4AD2-4EDA-B048-B78D53D0E0A0}] => (Allow) C:\Program Files\WindowsApps\Muse.MuseHub_1.0.1.693_x64__rb9pth70m6nz6\Muse.Service.exe (Musecy SM Ltd. -> Muse.Service)
FirewallRules: [{8E2E35A3-DEE7-482A-9C3F-1C686010D75B}] => (Allow) C:\Program Files\WindowsApps\Muse.MuseHub_1.0.1.693_x64__rb9pth70m6nz6\Muse.Service.exe (Musecy SM Ltd. -> Muse.Service)
FirewallRules: [{FE8B1B4E-1C73-48C8-9B32-7207AF906D4F}] => (Allow) C:\Program Files\WindowsApps\Muse.MuseHub_1.0.1.693_x64__rb9pth70m6nz6\Muse.Service.exe (Musecy SM Ltd. -> Muse.Service)
FirewallRules: [{E59C594C-FF9F-4103-BC31-4C3D4CA489CE}] => (Allow) C:\Program Files\WindowsApps\Muse.MuseHub_1.0.1.693_x64__rb9pth70m6nz6\Muse.Service.exe (Musecy SM Ltd. -> Muse.Service)
FirewallRules: [UDP Query User{57F64F83-A3BE-4347-82EC-B2193104A9CD}C:\program files\musescore 4\bin\musescore4.exe] => (Allow) C:\program files\musescore 4\bin\musescore4.exe () [File not signed]
FirewallRules: [TCP Query User{B5CDADF5-B9F5-4390-8D24-56B7CA7BEEFF}C:\program files\musescore 4\bin\musescore4.exe] => (Allow) C:\program files\musescore 4\bin\musescore4.exe () [File not signed]
FirewallRules: [{D2357B00-5E34-4342-BA6D-91947EC95CE9}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Software Technology Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{60EAA0D9-7B94-456E-BDC9-01F854FDDEDB}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{75E61BA2-C895-410F-8F12-47D1C8859697}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [UDP Query User{25EB2228-B016-4E08-B3DE-538AF74E06E7}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{762CFD4D-1CE1-43AC-9FDA-95D86C24C4D4}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{24C329C7-F839-49FC-99AD-15CB037238B8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B8B6AC2A-CA06-4F0F-A0CF-987B0D5A26FD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{AE7A16D5-790D-4A69-B7F4-2D2443FC42BF}] => (Allow) C:\Users\vondr\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{AFA40E3C-3A4B-4D65-8CA6-2F2B538ADC7C}] => (Allow) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\UCGui.exe (SMART Technologies ULC -> SMART Technologies)
FirewallRules: [{C2693F67-7F90-47E8-BAC5-D21DDCD29430}] => (Allow) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\UCGui.exe (SMART Technologies ULC -> SMART Technologies)
FirewallRules: [{625B6298-3E39-4BEC-A378-34A10B5D7E6B}] => (Allow) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\UCService.exe (SMART Technologies ULC -> SMART Technologies)
FirewallRules: [{C9FC2339-E561-4842-9402-4D5258E73E35}] => (Allow) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\UCService.exe (SMART Technologies ULC -> SMART Technologies)
FirewallRules: [{51C9519E-14B3-4F3D-A4B1-0A71D350B899}] => (Allow) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTSNMPAgent.exe (SMART Technologies ULC -> SMART Technologies)
FirewallRules: [{D72A7625-1716-4338-B3B5-95DD8614EB91}] => (Allow) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTSNMPAgent.exe (SMART Technologies ULC -> SMART Technologies)
FirewallRules: [{09D6004D-C58D-490B-92DA-528EFADFE65E}] => (Allow) C:\Program Files (x86)\SMART Technologies\Education Software\Notebook.exe (SMART Technologies ULC -> SMART Technologies ULC)
FirewallRules: [{542580BC-9B62-4D86-96A9-F3D4A9037CCA}] => (Allow) C:\Program Files (x86)\SMART Technologies\Education Software\Notebook.exe (SMART Technologies ULC -> SMART Technologies ULC)
FirewallRules: [{43EBF8B2-78A5-478F-8737-CD4E37CA9E7A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EE2BAC3B-FB30-41F8-8090-77100E129D37}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D6771A49-9327-41B2-A4D0-64947F8B8919}] => (Allow) C:\Users\vondr\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{0F000823-23F3-43F9-A139-CE3F64959B36}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\RM.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{26B391DD-70F9-469C-814E-56B10A122B9E}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\RM.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{AF476B1F-839F-46A0-A1C2-091B1864670F}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\NGStudio.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{8F9789AB-7DAC-43F0-B841-04CAF38381E2}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\NGStudio.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{3C588922-5C1D-4EE4-B940-C8C369183531}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\UMI.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{20C929A6-B975-46FB-A382-9158625F9A33}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\UMI.exe (Corel Corporation -> Pinnacle)
FirewallRules: [TCP Query User{91B19305-4BCC-4AD6-AB10-CB5D60170EEF}C:\users\vondr\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\vondr\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{7C1324A5-6FAA-43D2-AF0D-DD6C0B0A5196}C:\users\vondr\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\vondr\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1B928F4C-4ACC-4C04-92B0-186D1440FED9}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Software Technology Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{831393B5-BA13-44CE-9606-EFB19A4E36BF}] => (Allow) C:\Program Files\davinci\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{E25C9EDF-66FE-4BA1-865F-82F1837CABBF}] => (Allow) C:\Program Files\davinci\bmdpaneld.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{30D2C5AB-8965-42D6-A687-AE4AC40BA1C0}] => (Allow) C:\Program Files\davinci\DaVinciPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{C234F19C-AF58-4FE5-A281-81D84501DDE7}] => (Allow) C:\Program Files\davinci\JLCooperPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{C7226308-2E81-419B-9F35-935FDC831C1C}] => (Allow) C:\Program Files\davinci\EuphonixPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{B44025CC-6B06-43E3-BAB1-6746DE8F8B6D}] => (Allow) C:\Program Files\davinci\TangentPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{2D6BA5AB-6B51-421E-840C-B339012E5546}] => (Allow) C:\Program Files\davinci\DPDecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{97D81E44-7E64-4A4C-8A8D-BE4D0A091E53}C:\program files\davinci\fuscript.exe] => (Allow) C:\program files\davinci\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{232C1E3C-E03D-4DC7-9955-504E53AC69C4}C:\program files\davinci\fuscript.exe] => (Allow) C:\program files\davinci\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{7FE3282D-AE5E-46E4-8DCA-B4D26445E210}] => (Allow) C:\Program Files\WindowsApps\Muse.MuseHub_1.0.1.693_x64__rb9pth70m6nz6\Muse.Service.exe (Musecy SM Ltd. -> Muse.Service)
FirewallRules: [{B9C13A73-E524-4493-A376-334CCF063BE0}] => (Allow) C:\Program Files\WindowsApps\Muse.MuseHub_1.0.1.693_x64__rb9pth70m6nz6\Muse.Service.exe (Musecy SM Ltd. -> Muse.Service)
FirewallRules: [{D94B0DC5-760A-4E6C-81AC-41A472AF9D77}] => (Allow) C:\Program Files\WindowsApps\Muse.MuseHub_1.0.1.693_x64__rb9pth70m6nz6\Muse.Service.exe (Musecy SM Ltd. -> Muse.Service)
FirewallRules: [{C2046D68-0C1E-482A-89A9-CAAB3A2C7E77}] => (Allow) C:\Program Files\WindowsApps\Muse.MuseHub_1.0.1.693_x64__rb9pth70m6nz6\Muse.Service.exe (Musecy SM Ltd. -> Muse.Service)
FirewallRules: [{6F4019B5-81DA-4E55-B1F8-F6FE449BE65B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{76164BA3-842A-4BF2-BCDB-FF0CE4027D4E}] => (Allow) C:\Program Files\OpenLP\OpenLP.exe () [File not signed]
FirewallRules: [{7B03F0A6-17E8-436C-A27E-5A6919928DF5}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{AB497E21-49A1-46B5-BAFE-8688DB5544E5}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{EB172260-C64A-43DF-8547-1DE1FE07F5BC}] => (Allow) C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe (AVG Technologies USA, LLC -> Gen Digital Inc.)
FirewallRules: [{07ED0DF7-5E8A-4C62-AF8F-788A82272104}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24244.507.3118.4732_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{52FA9101-CBBB-4CF7-8E75-99087CF790C8}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24244.507.3118.4732_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5908A380-B51D-4BCA-8016-0840EE5632F2}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.65\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A28AEA7E-C6DA-446F-8841-2C82044034F5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{ABF4C054-224D-4B93-8738-DE6A57E8928B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{ABA47FA3-366D-4058-B71A-02093FD88B58}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{94A6B6B4-5987-493B-977A-4FA421B37FE4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{89CE1063-15B7-4A85-A302-280B0147DC77}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{30C5114B-E16F-4268-A4AB-5C7CD6E02B5C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6ADCFEE9-8F74-49FD-AF1D-1464BED61D73}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2E9B445E-38C7-4D95-95D7-BF6ADFA9F947}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2CB7E2C7-3882-4DA9-A038-2A8E163CB1C1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A57BB5CC-9DA0-4297-9EA4-47E5E9491DB3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8AFD7127-71A0-475E-A9CA-5A439A5EA7AC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5659ACB8-A156-4D0D-9D42-0BD63D9D74B7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.129.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0422F857-856E-4978-8D53-CD8E44590558}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.129.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2AF64923-3AE3-4B6C-B97B-B3B811F0C22B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.129.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EFB856F4-86E3-4498-9A01-FCBDBFB59CE2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.129.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
20-09-2024 13:44:51 Windows Update
24-09-2024 10:43:27 Windows Update
27-09-2024 15:36:37 Windows Update
01-10-2024 09:51:13 Windows Update
01-10-2024 09:51:24 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (10/02/2024 08:41:32 PM) (Source: Application Error) (EventID: 1000) (User: ACER)
Description: Název chybující aplikace: igfxEM.exe, verze: 6.15.100.6911, časové razítko: 0x5cedf1c9
Název chybujícího modulu: SHELL32.dll, verze: 10.0.22621.4111, časové razítko: 0xbe495689
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000293cb9
ID chybujícího procesu: 0x0x21e0
Čas spuštění chybující aplikace: 0x0x1db14fa699dec8c
Cesta k chybující aplikaci: C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_92cf9d9d84f1d3db\igfxEM.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\SHELL32.dll
ID zprávy: 842b2dd5-4d64-421c-9496-dba339fdfe72
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/02/2024 08:40:35 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Objekt nebo vlastnost nebyly nalezeny.
Error: (10/02/2024 08:40:35 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Objekt nebo vlastnost nebyly nalezeny.
Error: (10/02/2024 08:40:35 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Objekt nebo vlastnost nebyly nalezeny.
Error: (10/02/2024 08:40:34 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Objekt nebo vlastnost nebyly nalezeny.
Error: (10/02/2024 08:40:33 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Objekt nebo vlastnost nebyly nalezeny.
Error: (10/02/2024 08:39:39 PM) (Source: Application Error) (EventID: 1000) (User: ACER)
Description: Název chybující aplikace: backgroundTaskHost.exe, verze: 10.0.22621.1, časové razítko: 0x004687c2
Název chybujícího modulu: twinapi.appcore.dll, verze: 10.0.22621.4111, časové razítko: 0x8ac9d737
Kód výjimky: 0xc000027b
Posun chyby: 0x00000000000ca273
ID chybujícího procesu: 0x0x2240
Čas spuštění chybující aplikace: 0x0x1db14fa6f0ca544
Cesta k chybující aplikaci: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\twinapi.appcore.dll
ID zprávy: 361b23f7-317c-4878-a7ce-d7ad2d855a70
Úplný název chybujícího balíčku: AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4
ID aplikace související s chybujícím balíčkem: Acer.AcerRegistration
Error: (10/02/2024 06:35:41 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Objekt nebo vlastnost nebyly nalezeny.
System errors:
=============
Error: (10/02/2024 08:41:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (10/02/2024 08:41:24 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).
Error: (10/02/2024 08:38:50 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\system32\IntelIHVRouter10.dll
Error: (10/02/2024 08:38:50 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\system32\IntelIHVRouter10.dll
Error: (10/02/2024 08:36:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba FileSyncHelper byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/02/2024 08:36:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Disc Soft Lite Bus Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/02/2024 08:36:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (10/02/2024 08:36:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Windows Defender:
================
Date: 2024-09-28 21:48:49
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: containerfile:_C:\Users\vondr\Desktop\Office_2019_C2R_x86_x64_CS_EN_SK_16.0.11126.20188.ISO; file:_C:\Users\vondr\Desktop\Office_2019_C2R_x86_x64_CS_EN_SK_16.0.11126.20188.ISO->\OInstall.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Uživatel
Uživatel: ACER\vondr
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.419.254.0, AS: 1.419.254.0, NIS: 1.419.254.0
Verze modulu: AM: 1.1.24080.9, NIS: 1.1.24080.9
Date: 2024-09-28 07:56:10
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {B053DE74-6B0F-4A7D-BED9-A1A439F7B1B6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-09-27 15:40:18
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {0C94F69C-5CD8-4361-8626-DDC7540BB27E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-09-26 11:30:17
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: containerfile:_C:\Users\vondr\Desktop\Office_2019_C2R_x86_x64_CS_EN_SK_16.0.11126.20188.ISO; file:_C:\Users\vondr\Desktop\Office_2019_C2R_x86_x64_CS_EN_SK_16.0.11126.20188.ISO->\OInstall.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.419.203.0, AS: 1.419.203.0, NIS: 1.419.203.0
Verze modulu: AM: 1.1.24080.9, NIS: 1.1.24080.9
Date: 2024-09-26 10:40:53
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {70C5005E-7514-4B33-8B27-DD324B88DE26}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]
Date: 2024-10-01 21:02:40
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Zálohování
Kód chyby: 0x80004004
Popis chyby: Operace přerušena
Verze bezpečnostních informací: 1.419.281.0;1.419.281.0
Verze modulu: 1.1.24080.9
Date: 2024-10-01 21:02:39
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80501102
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Verze bezpečnostních informací: 1.419.292.0;1.419.292.0
Verze modulu: 1.1.24080.9
Date: 2024-04-06 20:54:55
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.311.1607.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16800.2
Kód chyby: 0x80072f8f
Popis chyby: Došlo k chybě zabezpečení.
Date: 2024-04-06 20:54:55
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.311.1607.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16800.2
Kód chyby: 0x80072f8f
Popis chyby: Došlo k chybě zabezpečení.
Date: 2024-04-06 20:54:55
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.311.1607.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16800.2
Kód chyby: 0x80072f8f
Popis chyby: Došlo k chybě zabezpečení.
CodeIntegrity:
===============
Date: 2024-10-02 20:43:06
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.
Date: 2024-10-02 20:41:53
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.
Date: 2024-10-02 20:40:50
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Insyde Corp. V1.24 07/07/2021
Motherboard: CML Doc_WC
Processor: Intel(R) Core(TM) i5-10210U CPU @ 1.60GHz
Percentage of memory in use: 77%
Total physical RAM: 8013.99 MB
Available physical RAM: 1792.86 MB
Total Virtual: 23885.99 MB
Available Virtual: 17484.95 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:952.75 GB) (Free:557.16 GB) (Model: INTEL SSDPEKNW010T8) NTFS
Drive g: (Google Drive) (Fixed) (Total:952.75 GB) (Free:529.3 GB) (Model: INTEL SSDPEKNW010T8) FAT32
\\?\Volume{1d5ebf39-7363-46c2-85c5-6d21b232b7ac}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.15 GB) NTFS
\\?\Volume{c3e08722-726c-4ee4-9a79-cd22e2eab3a5}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 953.9 GB) (Disk ID: 32C3B5EB)
Partition: GPT.
==================== End of Addition.txt =======================
Posílám nové logy:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-09-2024
Ran by vondr (administrator) on ACER (Acer Aspire A515-54) (02-10-2024 20:40:30)
Running from C:\Users\vondr\Downloads\FRST64.exe
Loaded Profiles: vondr
Platform: Microsoft Windows 11 Home Version 23H2 22631.4169 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe
(C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\1.3.911.1\DropboxCrashHandler.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Creative Cloud UI Helper.exe <5>
(C:\Program Files\Google\Drive File Stream\97.0.1.0\GoogleDriveFS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\97.0.1.0\crashpad_handler.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Windows\SysWOW64\runonce.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(C:\Windows\SysWOW64\runonce.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <5>
(C:\Windows\SysWOW64\runonce.exe ->) (Power Software Limited -> Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(DriverStore\FileRepository\cui_dch.inf_amd64_92cf9d9d84f1d3db\igfxCUIService.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_92cf9d9d84f1d3db\igfxEM.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_92cf9d9d84f1d3db\igfxEM.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_92cf9d9d84f1d3db\GfxDownloadWrapper.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\97.0.1.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Mega Limited -> Mega Limited) C:\Users\vondr\AppData\Local\MEGAsync\MEGAsync.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\runonce.exe
(Gen Digital Inc. -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ELANFPService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_3cbddcc68b1c0da2\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_a55aa2cd52a3429d\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_581d7e91d349facc\AS\IAS\IntelAudioService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_31a8dbbf39dcdc3b\jhi_service.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_92cf9d9d84f1d3db\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_0f76d7f335b833dc\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_0f76d7f335b833dc\IntelCpHeciSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\24.180.0905.0001\FileSyncHelper.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpDefenderCoreService.exe
(services.exe ->) (Musecy SM Ltd. -> Muse.Service) C:\Program Files\WindowsApps\Muse.MuseHub_1.0.1.693_x64__rb9pth70m6nz6\Muse.Service.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(services.exe ->) (SMART Technologies ULC -> SMART Technologies) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTHelperService.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24082.53.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\24.180.0905.0001\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WidgetsPlatformRuntime_1.4.0.0_x64__8wekyb3d8bbwe\WidgetService\WidgetService.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.22621.4166_none_e96b0c1842c424f9\TiWorker.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [953120 2019-12-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SMARTNotification] => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTNotification.exe [209856 2019-12-10] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [SMART Board Service] => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTBoardService.exe [2772416 2019-12-10] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [SMART Tray Tools] => C:\Program Files (x86)\Common Files\SMART Technologies\SystemMenu\SMARTSystemMenu.exe [654272 2019-12-01] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [sbsdk-server] => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\sbsdk-server\NodeLauncher.exe [68544 2019-11-08] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [SMART Ink] => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTInk.exe [287680 2019-12-11] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [Family Tree Builder Update] => C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [17935752 2021-03-21] (MyHeritage (USA) Inc. -> MyHeritage)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [9235344 2024-09-17] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [460944 2022-09-01] (Power Software Limited -> Power Software Ltd)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [1130416 2024-09-20] (Adobe Inc. -> Adobe Inc.)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\97.0.1.0\GoogleDriveFS.exe [61368936 2024-09-16] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\97.0.1.0\GoogleDriveFS.exe [61368936 2024-09-16] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4919352 2024-10-02] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45125936 2024-09-18] (Gen Digital Inc. -> Piriform Software Ltd)
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\Run: [Discord] => C:\Users\vondr\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\97.0.1.0\GoogleDriveFS.exe [61368936 2024-09-16] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [482128 2022-11-05] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\Run: [AVGBrowserAutoLaunch_7EE2BFE1B3B8A803197E356BCB586469] => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [3174568 2024-09-11] (AVG Technologies USA, LLC -> Gen Digital Inc.)
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\MountPoints2: {3e27dab4-5d29-11ed-a894-b4a9fc4636cb} - "D:\OInstall.exe"
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\97.0.1.0\GoogleDriveFS.exe [61368936 2024-09-16] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\SMART Local Port: C:\Windows\system32\smrtlocalmon.dll [38336 2019-12-11] (SMART Technologies ULC -> SMART Technologies ULC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{48F69C39-1356-4A7B-A899-70E3539D4982}] -> C:\Program Files (x86)\AVG\Browser\Application\128.0.26382.138\Installer\chrmstp.exe [2024-09-19] (AVG Technologies USA, LLC -> Gen Digital Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\129.0.6668.71\Installer\chrmstp.exe [2024-10-02] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\Users\vondr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2022-02-06]
ShortcutTarget: MEGAsync.lnk -> C:\Users\vondr\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {73136951-D3EA-421A-8B36-39C07D0E4620} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe -> C:\Program Files (x86)\Acer\Care Center\-auto
Task: {ED036599-25D7-4C26-80B1-92B38836DE1E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1563080 2024-07-31] (Adobe Inc. -> Adobe Inc.)
Task: {3A63133B-6693-4CB2-B7A7-FCC88C32D7BE} - System32\Tasks\AVG Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [3174568 2024-09-11] (AVG Technologies USA, LLC -> Gen Digital Inc.)
Task: {2051A499-55AF-40E9-A3B3-8D20AD3BB528} - System32\Tasks\AVG Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [3174568 2024-09-11] (AVG Technologies USA, LLC -> Gen Digital Inc.)
Task: {C5720183-AAC2-407E-A929-563A52583F12} - System32\Tasks\AVGBrowserProtectS-1-5-21-3501418858-3935017464-633493477-1001 => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowserProtect.exe [1690040 2024-04-23] (AVG Technologies USA, LLC -> Gen Digital Inc.)
Task: {8DE0C78B-7DCE-45AA-9BF5-7EE547BF8A77} - System32\Tasks\AVGUpdateTaskMachineCore => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [209224 2022-12-13] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {D024C990-8584-4BE7-A555-0A4FAE095D04} - System32\Tasks\AVGUpdateTaskMachineUA => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [209224 2022-12-13] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {1CC399E4-A613-4C86-825E-506CF2EC7796} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [829408 2024-09-18] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {AC3EEF36-3C8F-47A4-BAB2-2F566D9C5ADC} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5937456 2024-09-18] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "72f88dc7-1a5a-4773-a687-e6ea72779fdd" --version "6.28.11297" --silent
Task: {56FCD6C3-AD0E-45D3-8B1E-386BC75ECDA7} - System32\Tasks\CCleanerSkipUAC - vondr => C:\Program Files\CCleaner\CCleaner.exe [39012144 2024-09-18] (Gen Digital Inc. -> Piriform Software Ltd)
Task: {76207EF4-D7A4-476C-AAF1-D17A3C9F2BB7} - System32\Tasks\CorelUpdateHelperTaskCore => C:\Program Files (x86)\Corel\CUH\v2\CUH.EXE [1589696 2016-08-25] (Corel Corporation -> Corel Corporation)
Task: {063E0D4F-A169-42D1-B0D0-6D23A17987C4} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {F5D9ED7C-22FB-406A-AEB1-B54A25166D3B} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {C938C892-9D4E-4E5D-847A-7D2346394EB9} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{796DF830-26B5-4C96-8720-2ABD1B9CD1F7} => C:\Program Files (x86)\Google\GoogleUpdater\130.0.6679.0\updater.exe [4884584 2024-08-26] (Google LLC -> Google LLC)
Task: {259B4B62-25EA-4089-A510-0B87DE93A06F} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-3501418858-3935017464-633493477-1001 => C:\Users\vondr\AppData\Local\MEGAsync\MEGAupdater.exe [2531592 2024-06-11] (Mega Limited -> )
Task: {7C7864B9-673B-49E2-9BD4-1E674A6D0FDE} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28617448 2024-09-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {8755CF8A-EF60-4A43-B188-BC733E2853FF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28617448 2024-09-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {18A7EDBC-D773-4E0A-9232-AE6E82242304} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312472 2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {45CCF10F-8CD3-45A0-991D-EE16792DA1FC} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312472 2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {A8C8B8F1-6EA1-4D8C-BD10-3BAA55B9A83D} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [187328 2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {AA11E31D-FB1D-4214-9E59-64592C4E120F} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {D7BE0AEA-7374-48B0-A496-75906B690A0A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (No File)
Task: {B471091F-5D76-42BD-8ED1-CB76069E67C2} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval => %systemroot%\system32\MusNotification.exe Display (No File)
Task: {6E49949C-C062-484D-A1FD-D886E90C93DD} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC ReadyToReboot (No File)
Task: {2CB04670-A778-4203-A8F6-66E5CFA231A7} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery ReadyToReboot (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {13B73793-F79F-4441-B4EB-10AEC3E79241} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [31816 2024-09-18] (Mozilla Corporation -> Mozilla Foundation)
Task: {C7540E9F-992B-49BA-BD6F-B49A96C035A3} - System32\Tasks\Oem\AcerJumpstartTask => "C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe" /default (No File)
Task: {A218EB30-8D70-4BD7-AE3F-0F2662FEC7C8} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209184 2024-10-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {A81E7F78-A7EF-4EB0-A6A6-042936461029} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3501418858-3935017464-633493477-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209184 2024-10-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {A61B21F7-B383-4510-85C0-F7B4D3E6D237} - System32\Tasks\S-1-5-21-3501418858-3935017464-633493477-1001\DataSenseLiveTileTask => %SystemRoot%\System32\DataUsageLiveTileTask.exe (No File)
Task: {096D3188-360A-44AE-AD0E-A8B12CA94972} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473880 2020-07-16] (Acer Incorporated -> Acer Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 93.93.32.32 93.93.33.33 192.168.22.1
Tcpip\..\Interfaces\{4e8c78d5-12f3-471b-bd12-26482e625aea}: [DhcpNameServer] 93.93.32.32 93.93.33.33 192.168.22.1
Tcpip\..\Interfaces\{774ed856-bf70-462c-ac71-60ea5fe1934c}: [DhcpNameServer] 40.33.1.66
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\vondr\AppData\Local\Microsoft\Edge\User Data\Default [2024-09-30]
Edge Extension: (Dokumenty Google offline) - C:\Users\vondr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-07-07]
Edge Extension: (Edge relevant text changes) - C:\Users\vondr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
FireFox:
========
FF DefaultProfile: gteda8g8.default
FF ProfilePath: C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Profiles\ob9ytkzq.default-release-1 [2024-10-02]
FF Notifications: Mozilla\Firefox\Profiles\ob9ytkzq.default-release-1 -> hxxps://www.svetviry.cz; hxxps://calendar.google.com
FF Extension: (AdBlocker Ultimate) - C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Profiles\ob9ytkzq.default-release-1\Extensions\adblockultimate@adblockultimate.net.xpi [2024-07-18]
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Profiles\ob9ytkzq.default-release-1\Extensions\cs@dictionaries.addons.mozilla.org.xpi [2021-06-19]
FF Extension: (Language: Čeština (Czech)) - C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Profiles\ob9ytkzq.default-release-1\Extensions\langpack-cs@firefox.mozilla.org.xpi [2024-09-16]
FF Extension: (TWP - Translate Web Pages) - C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Profiles\ob9ytkzq.default-release-1\Extensions\{036a55b4-5e72-4d05-a06c-cba2dfcc134a}.xpi [2024-03-11]
FF Extension: (Adblock na Youtube™) - C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Profiles\ob9ytkzq.default-release-1\Extensions\{0ac04bdb-d698-452f-8048-bcef1a3f4b0d}.xpi [2022-02-21]
FF ProfilePath: C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Profiles\gteda8g8.default [2021-01-24]
FF NewTab: Mozilla\Firefox\Profiles\gteda8g8.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10378__200606
FF ProfilePath: C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Profiles\shkk2f8c.default-release-1621189060132 [2024-10-02]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-06-08] (Unity Technologies ApS -> Unity Technologies ApS)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2024-09-20] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avgbrowser.com/AVG Browser;version=3 -> C:\Program Files (x86)\AVG\Browser\Update\1.8.1582.3\npAvgBrowserUpdate3.dll [2022-12-13] (AVG Technologies USA, LLC -> AVG Technologies)
FF Plugin-x32: @update.avgbrowser.com/AVG Browser;version=9 -> C:\Program Files (x86)\AVG\Browser\Update\1.8.1582.3\npAvgBrowserUpdate3.dll [2022-12-13] (AVG Technologies USA, LLC -> AVG Technologies)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2024-09-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2024-09-20] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Profile 3
CHR Profile: C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Default [2024-10-02]
CHR Extension: (Tampermonkey) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2024-05-19]
CHR Extension: (Dokumenty Google offline) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-13]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-08-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Profile: C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-10-02]
CHR Profile: C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 3 [2024-10-02]
CHR Notifications: Profile 3 -> hxxps://calendar.google.com
CHR Extension: (Dokumenty Google offline) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-06]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-10-02]
CHR Extension: (Komponenta pro aplikaci BUSINESS 24) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\iaihapeddbkncmmikkpmeggfecohnahg [2023-07-17]
CHR Extension: (Violentmonkey) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\jinjaccalgkegednnccohejagnlnfdag [2024-09-25]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-08-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-06-07]
CHR Extension: (Crypto Web Extension) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjohlogcennenjhkfclfgaganagadkkm [2024-05-13]
CHR Profile: C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 4 [2024-10-02]
CHR Extension: (Google Docs Offline) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-18]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-10-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-09-20]
CHR Profile: C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 5 [2024-10-02]
CHR Extension: (Google Docs Offline) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-10]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-09-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-05-21]
CHR Profile: C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 6 [2024-10-02]
CHR Extension: (Google Docs Offline) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-25]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-09-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\vondr\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-09-27]
CHR Profile: C:\Users\vondr\AppData\Local\Google\Chrome\User Data\System Profile [2024-10-02]
CHR HKU\S-1-5-21-3501418858-3935017464-633493477-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-07-31] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [944048 2024-09-20] (Adobe Inc. -> Adobe Inc.)
S2 avg; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [209224 2022-12-13] (AVG Technologies USA, LLC -> AVG Technologies)
S3 avgm; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [209224 2022-12-13] (AVG Technologies USA, LLC -> AVG Technologies)
S3 AVGSecureBrowserElevationService; C:\Program Files (x86)\AVG\Browser\Application\128.0.26382.138\elevation_service.exe [1722592 2024-09-11] (AVG Technologies USA, LLC -> Gen Digital Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1087792 2024-09-18] (Gen Digital Inc. -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13861048 2024-09-22] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2024-09-17] (Dropbox, Inc -> Dropbox, Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4976976 2022-11-05] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 DropboxElevationService; C:\Program Files (x86)\Dropbox\Client\208.4.5824\DropboxElevationService.exe [1659288 2024-09-17] (Dropbox, Inc -> Dropbox, Inc.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [145224 2017-02-27] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.180.0905.0001\FileSyncHelper.exe [3522976 2024-10-02] (Microsoft Corporation -> Microsoft Corporation)
R2 IntelAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_581d7e91d349facc\AS\IAS\IntelAudioService.exe [412120 2023-09-17] (Intel Corporation -> Intel)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8965728 2024-10-01] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-10-01] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpDefenderCoreService.exe [1431160 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Muse Hub Background Service; C:\Program Files\WindowsApps\Muse.MuseHub_1.0.1.693_x64__rb9pth70m6nz6\Muse.Service.exe [169472 2023-01-08] (Musecy SM Ltd. -> Muse.Service)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.180.0905.0001\OneDriveUpdaterService.exe [3864496 2024-10-02] (Microsoft Corporation -> Microsoft Corporation)
R2 SMARTHelperService; C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTHelperService.exe [635328 2019-12-10] (SMART Technologies ULC -> SMART Technologies)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\NisSrv.exe [3199656 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MsMpEng.exe [133704 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [36800 2022-06-02] (Acer Incorporated -> Acer Incorporated)
R1 Amfilter; C:\WINDOWS\system32\DRIVERS\Amfltx64.sys [12288 2023-09-17] (Microsoft Windows Hardware Compatibility Publisher -> (Standard mouse types))
R3 Amusbprt; C:\WINDOWS\system32\DRIVERS\Amusbx64.sys [17920 2023-09-17] (Microsoft Windows Hardware Compatibility Publisher -> A4Tech Co.,Ltd.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [544768 2023-12-12] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [188416 2024-03-13] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2022-11-05] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [63696 2022-11-05] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2024-10-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 googledrivefs31626; C:\Program Files\Google\Drive File Stream\Drivers\31626\googledrivefs31626.sys [384096 2024-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [231504 2024-10-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-10-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt11.sys [234168 2024-10-02] (Malwarebytes Inc. -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [78928 2024-10-02] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239568 2024-10-02] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [189776 2024-10-02] (Malwarebytes Inc. -> Malwarebytes)
R3 rt68cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_0f3a2b5f72186666\rt68cx21x64.sys [717160 2023-09-14] (Realtek Semiconductor Corp. -> Realtek)
R3 SMARTMouseFilterx64; C:\WINDOWS\System32\drivers\SMARTMouseFilterx64.sys [18952 2019-12-10] (Microsoft Windows Hardware Compatibility Publisher -> SMART Technologies)
R3 SMARTVHidMiniVistaAmd64; C:\WINDOWS\System32\drivers\SMARTVHidMiniVistaAmd64.sys [28168 2019-12-10] (Microsoft Windows Hardware Compatibility Publisher -> SMART Technologies)
S3 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22080 2024-09-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [602392 2024-09-17] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2024-09-17] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
Error Reading file: "C:\Users\vondr\AppData\Local\{A44E9F87-614E-44AD-8616-5B58F77886EC}"
2024-10-02 20:40 - 2024-10-02 20:41 - 000037634 _____ C:\Users\vondr\Downloads\FRST.txt
2024-10-02 20:39 - 2024-10-02 20:39 - 000234168 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt11.sys
2024-10-02 20:39 - 2024-10-02 20:39 - 000189776 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2024-10-02 20:39 - 2024-10-02 20:39 - 000000000 ____D C:\Users\vondr\AppData\LocalLow\IGDump
2024-10-02 18:26 - 2024-10-02 18:26 - 000727012 _____ C:\WINDOWS\system32\perfh005.dat
2024-10-02 18:26 - 2024-10-02 18:26 - 000151244 _____ C:\WINDOWS\system32\perfc005.dat
2024-10-01 20:12 - 2024-10-02 20:24 - 000000000 ____D C:\Users\vondr\AppData\Local\Malwarebytes
2024-10-01 20:11 - 2024-10-01 20:11 - 000002097 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-10-01 20:11 - 2024-10-01 20:11 - 000002085 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2024-10-01 20:11 - 2024-10-01 20:11 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-10-01 20:11 - 2024-10-01 20:11 - 000000000 ____D C:\Program Files\Malwarebytes
2024-09-30 20:12 - 2024-09-30 20:12 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-09-30 19:56 - 2024-10-02 20:40 - 000000000 ____D C:\FRST
2024-09-30 19:26 - 2024-09-30 19:26 - 002397696 _____ (Farbar) C:\Users\vondr\Downloads\FRST64.exe
2024-09-30 18:42 - 2024-09-30 18:42 - 000000000 ____D C:\Users\vondr\Downloads\Photos-001 (1)
2024-09-30 16:56 - 2024-09-30 16:59 - 045745463 _____ C:\Users\vondr\Downloads\Photos-001 (1).zip
2024-09-30 16:17 - 2024-09-30 18:17 - 2477729943 _____ C:\Users\vondr\Downloads\INSIDE.OUT.2 -2024. ENG. FullHD.mp4
2024-09-28 21:34 - 2024-09-28 22:04 - 000000002 _____ C:\Users\vondr\count.vip
2024-09-27 15:30 - 2024-09-27 15:30 - 000049479 _____ C:\Users\vondr\Downloads\priloha_1418121780_0_Pospisil_Schneider.pdf
2024-09-25 21:05 - 2024-09-25 21:05 - 075339115 _____ C:\Users\vondr\Downloads\Fyzika 8 _ ZŠ a gymnázia _ FRAUS.pdf
2024-09-25 21:03 - 2024-09-25 21:04 - 066621790 _____ C:\Users\vondr\Downloads\Chemie 9 3D _ 9. ročník ZŠ a gymnázia _ FRAUS.pdf
2024-09-25 21:03 - 2024-09-25 21:03 - 068933978 _____ C:\Users\vondr\Downloads\Chemie 8 3D _ 8. ročník ZŠ a gymnázia _ FRAUS.pdf
2024-09-25 20:44 - 2024-09-25 20:44 - 046739903 _____ C:\Users\vondr\Downloads\SLABIKÁŘ 1 do světa slov _ ZŠ _ FRAUS.pdf
2024-09-24 19:20 - 2024-09-24 19:20 - 000012823 _____ C:\Users\vondr\Downloads\Rozpočet do konce roku 2024.xlsx
2024-09-22 18:44 - 2024-09-22 18:44 - 000115647 _____ C:\Users\vondr\Downloads\Literární věda 4.pdf
2024-09-22 18:40 - 2024-09-22 18:40 - 000269840 _____ C:\Users\vondr\Downloads\Literární věda 3.pdf
2024-09-22 18:38 - 2024-09-22 18:38 - 000288952 _____ C:\Users\vondr\Downloads\Literání věda 2.pdf
2024-09-22 16:36 - 2024-09-22 16:36 - 000933277 _____ C:\Users\vondr\Downloads\Sablony_Klice-k-rozvoji-skoly.pdf
2024-09-19 13:27 - 2024-09-19 13:27 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2024-09-19 10:36 - 2024-09-19 10:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2024-09-18 20:09 - 2024-09-28 22:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2024-09-17 16:18 - 2024-09-17 16:18 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2024-09-17 13:34 - 2024-09-17 13:34 - 000656787 _____ C:\Users\vondr\Downloads\1. pracovní list - obory biologie.pdf
2024-09-15 15:07 - 2024-09-15 15:07 - 000204195 _____ C:\Users\vondr\Downloads\Pravopisná cvičení.pdf
2024-09-15 08:20 - 2024-09-15 08:20 - 000446761 _____ C:\Users\vondr\Downloads\Metodické doporuÄ_enÃ_ k průbÄ›hu individuálnÃ_ho vzdÄ›lávánÃ_ dÄ›tÃ_ v mateÅ™ských Å¡kolách a ověřenÃ_ dosahovánÃ_ oÄ_ekávaných výstupů-3.pdf
2024-09-13 21:15 - 2024-09-13 21:16 - 000000000 ____D C:\Users\vondr\Downloads\Photos-001
2024-09-13 20:50 - 2024-09-13 20:50 - 005213768 _____ C:\Users\vondr\Downloads\Photos-001.zip
2024-09-11 19:29 - 2024-09-11 19:29 - 000161781 _____ C:\Users\vondr\Downloads\Potvrzeni-o-studiu-David Vraj.pdf
2024-09-10 19:38 - 2024-09-10 19:38 - 001594446 _____ C:\Users\vondr\Downloads\Babice - pers.zip
2024-09-10 19:38 - 2024-09-10 19:38 - 000000000 ____D C:\Users\vondr\Downloads\Babice - pers
2024-09-09 19:33 - 2024-09-09 19:33 - 000365485 _____ C:\Users\vondr\Downloads\1-Hynková zápočtový list.pdf
2024-09-07 20:09 - 2024-09-07 20:09 - 000000000 ____D C:\Users\vondr\AppData\Roaming\openlp
2024-09-07 20:08 - 2024-09-07 20:08 - 000000000 ____D C:\Users\vondr\Downloads\ez21--openlp-2022-01-25
2024-09-07 20:07 - 2024-09-07 20:07 - 000000000 ____D C:\Users\vondr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenLP
2024-09-07 20:07 - 2024-09-07 20:07 - 000000000 ____D C:\Program Files\OpenLP
2024-09-07 20:06 - 2024-09-07 20:06 - 000710738 _____ C:\Users\vondr\Downloads\ez21--openlp-2022-01-25.zip
2024-09-07 19:59 - 2024-09-07 20:01 - 205410875 _____ C:\Users\vondr\Downloads\OpenLP-3.1.3-x64.msi
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-10-02 20:41 - 2020-03-22 09:07 - 000000000 ___HD C:\Users\vondr\AppData\Local\CrashDumps
2024-10-02 20:40 - 2020-06-14 21:47 - 000000000 ____D C:\Users\vondr\AppData\Roaming\Dropbox
2024-10-02 20:40 - 2020-06-14 21:46 - 000000000 ___HD C:\Users\vondr\AppData\Local\Dropbox
2024-10-02 20:39 - 2023-03-21 23:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-10-02 20:39 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-10-02 20:39 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ServiceState
2024-10-02 20:39 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-10-02 20:39 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-10-02 20:39 - 2021-09-04 20:23 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-10-02 20:39 - 2021-03-12 23:12 - 000012288 ___SH C:\DumpStack.log.tmp
2024-10-02 20:39 - 2020-03-21 06:35 - 000000000 ___RD C:\Users\vondr\OneDrive
2024-10-02 20:39 - 2020-03-21 06:33 - 000000000 __SHD C:\Users\vondr\IntelGraphicsProfiles
2024-10-02 20:39 - 2020-03-20 16:01 - 000000000 ____D C:\Program Files\CCleaner
2024-10-02 20:38 - 2022-05-07 07:17 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-10-02 20:37 - 2020-03-21 19:26 - 000000000 ___HD C:\Users\vondr\AppData\LocalLow\Temp
2024-10-02 20:35 - 2020-03-21 06:21 - 000000000 ___SD C:\Users\vondr\AppData\Roaming\Microsoft\Credentials
2024-10-02 19:59 - 2020-03-28 09:23 - 000000000 ____D C:\Users\vondr\AppData\Roaming\vlc
2024-10-02 19:54 - 2023-03-21 23:13 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3501418858-3935017464-633493477-1001
2024-10-02 19:54 - 2023-03-21 23:13 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-10-02 19:54 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-10-02 19:54 - 2020-05-25 16:32 - 000002134 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-10-02 19:25 - 2023-03-23 20:09 - 000000000 ____D C:\Users\vondr\AppData\Local\Deployment
2024-10-02 19:25 - 2020-03-20 16:35 - 000000000 ____D C:\Users\vondr\AppData\Roaming\Microsoft\Word
2024-10-02 18:40 - 2022-02-11 14:56 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-10-02 18:29 - 2023-03-21 23:05 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-10-02 18:26 - 2023-03-21 23:12 - 001718028 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-10-02 18:26 - 2022-05-07 07:22 - 000000000 ____D C:\WINDOWS\INF
2024-10-02 18:19 - 2020-03-20 15:55 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-10-01 21:58 - 2020-03-21 06:33 - 000000000 ___HD C:\Users\vondr\AppData\Local\Packages
2024-10-01 21:57 - 2020-03-20 20:36 - 000000000 ____D C:\Users\vondr\AppData\Roaming\Microsoft\Excel
2024-10-01 20:11 - 2022-05-07 07:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-10-01 09:43 - 2023-03-21 23:05 - 000656952 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-09-30 20:12 - 2023-03-21 12:53 - 000000000 ___DC C:\WINDOWS\Panther
2024-09-30 20:12 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-09-30 20:12 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-09-30 20:12 - 2019-10-26 21:30 - 000000000 ____D C:\Program Files\Microsoft Office
2024-09-30 16:54 - 2022-02-06 21:58 - 000000000 ___RD C:\Users\vondr\Documents\Mega
2024-09-28 22:05 - 2022-09-21 09:34 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-09-28 22:05 - 2021-05-16 20:56 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-09-28 21:34 - 2023-03-21 23:06 - 000000000 ____D C:\Users\vondr
2024-09-28 07:46 - 2020-06-09 19:13 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-09-24 21:54 - 2020-03-22 15:21 - 000000000 ____D C:\Users\vondr\AppData\Roaming\MuseScore
2024-09-20 13:39 - 2023-03-21 23:13 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-09-20 13:39 - 2023-03-21 23:13 - 000003380 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2024-09-20 13:26 - 2020-03-22 08:35 - 000000000 ___HD C:\Users\vondr\AppData\Local\Adobe
2024-09-20 13:25 - 2023-03-03 21:57 - 000001386 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2024-09-20 13:25 - 2021-10-04 21:20 - 000000000 ____D C:\Program Files\Common Files\Adobe
2024-09-20 13:25 - 2021-10-04 21:20 - 000000000 ____D C:\Program Files\Adobe
2024-09-20 13:25 - 2020-03-20 19:19 - 000000000 ____D C:\Program Files (x86)\Adobe
2024-09-19 20:48 - 2020-10-17 06:51 - 000002379 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Secure Browser.lnk
2024-09-19 20:27 - 2020-05-08 08:25 - 000000000 ____D C:\Users\vondr\Desktop\Lydinka
2024-09-19 13:27 - 2021-05-16 20:56 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-09-19 10:41 - 2020-03-21 06:17 - 000000000 ____D C:\ProgramData\Packages
2024-09-19 10:40 - 2020-03-21 06:35 - 000000000 ___HD C:\Users\vondr\AppData\Local\PlaceholderTileLogoFolder
2024-09-19 10:36 - 2020-06-14 21:46 - 000000000 ____D C:\Program Files (x86)\Dropbox
2024-09-18 19:24 - 2020-03-21 11:21 - 000000000 ____D C:\Users\vondr\Documents\Angličtina
2024-09-17 21:08 - 2019-10-26 20:40 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-09-17 13:29 - 2021-11-28 19:26 - 000000000 ____D C:\Users\vondr\AppData\Roaming\com.adobe.dunamis
2024-09-16 20:58 - 2022-10-14 08:03 - 000002140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2024-09-16 19:44 - 2021-09-10 18:39 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2024-09-16 19:44 - 2021-09-10 18:39 - 000002012 _____ C:\Users\Default\Desktop\Google Slides.lnk
2024-09-16 19:44 - 2021-09-10 18:39 - 000002012 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2024-09-16 19:44 - 2021-09-10 18:39 - 000002000 _____ C:\Users\Default\Desktop\Google Docs.lnk
2024-09-11 21:35 - 2023-10-11 21:41 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-09-11 21:35 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2024-09-11 21:35 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\F12
2024-09-11 21:35 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-09-11 21:35 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\WUModels
2024-09-11 21:35 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-09-11 21:35 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-09-11 21:35 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-09-11 21:35 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2024-09-11 21:35 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-09-11 21:35 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-09-11 21:35 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\Provisioning
2024-09-11 21:35 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-09-11 13:16 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-09-11 13:09 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-09-11 13:05 - 2023-03-21 23:06 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-09-11 12:56 - 2020-03-21 08:36 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-09-11 12:50 - 2020-03-21 08:36 - 199688632 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-09-09 13:09 - 2023-03-21 23:13 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-09-09 13:09 - 2023-03-21 23:13 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-09-07 20:27 - 2020-03-20 16:35 - 000000000 ____D C:\Users\vondr\AppData\Roaming\Microsoft\Office
2024-09-04 18:45 - 2020-06-26 20:30 - 000000000 ___HD C:\Users\vondr\AppData\Local\D3DSCache
==================== Files in the root of some directories ========
2020-03-24 15:38 - 2021-01-11 21:59 - 000000806 _____ () C:\Users\vondr\AppData\Roaming\ACER.MTBF.txt
2020-03-24 15:38 - 2020-03-24 15:49 - 000000678 _____ () C:\Users\vondr\AppData\Roaming\__AvidCloudManager.log
2020-03-24 15:38 - 2020-03-24 15:47 - 000000647 _____ () C:\Users\vondr\AppData\Roaming\__AvidCloudManagerPrevious.log
2020-05-18 22:12 - 2020-05-18 22:15 - 000000716 _____ () C:\Users\vondr\AppData\Roaming\{E4A5EDDB-14CF-DFF1-5402-0DB91944F0C4}
2020-03-24 15:39 - 2020-06-04 20:42 - 000003584 ____H () C:\Users\vondr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-09-2024
Ran by vondr (02-10-2024 20:41:58)
Running from C:\Users\vondr\Downloads
Microsoft Windows 11 Home Version 23H2 22631.4169 (X64) (2023-03-22 06:23:30)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3501418858-3935017464-633493477-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3501418858-3935017464-633493477-503 - Limited - Disabled)
evraj (S-1-5-21-3501418858-3935017464-633493477-1002 - Limited - Disabled)
Guest (S-1-5-21-3501418858-3935017464-633493477-501 - Limited - Disabled)
vondr (S-1-5-21-3501418858-3935017464-633493477-1001 - Administrator - Enabled) => C:\Users\vondr
WDAGUtilityAccount (S-1-5-21-3501418858-3935017464-633493477-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton Security Ultra (Disabled - Out of date) {A2708B76-6835-6565-CB96-694212954A75}
AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acer Jumpstart (HKLM-x32\...\{4335EAF1-21F1-43D3-8F6F-D7E481E6959A}) (Version: 3.3.19180.60 - Acer)
Adobe Acrobat Reader - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 24.003.20112 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 6.4.0.361 - Adobe Inc.)
Adobe Character Animator 2022 (HKLM-x32\...\CHAR_22_5) (Version: 22.5 - Adobe Inc.)
Adobe Character Animator 2023 (HKLM-x32\...\CHAR_23_6) (Version: 23.6 - Adobe Inc.)
Adobe Character Animator 2024 (HKLM-x32\...\CHAR_24_0) (Version: 24.0 - Adobe Inc.)
Adobe Illustrator 2024 (HKLM-x32\...\ILST_28_1) (Version: 28.1 - Adobe Inc.)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_13_1) (Version: 13.1 - Adobe Inc.)
Adobe Media Encoder 2023 (HKLM-x32\...\AME_23_6_2) (Version: 23.6.2 - Adobe Inc.)
Adobe Media Encoder 2024 (HKLM-x32\...\AME_24_1_1) (Version: 24.1.1 - Adobe Inc.)
Adobe Photoshop 2022 (HKLM-x32\...\PHSP_23_5_5) (Version: 23.5.5.1103 - Adobe Inc.)
Adobe Photoshop 2023 (HKLM-x32\...\PHSP_24_7) (Version: 24.7.0.643 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601078}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Antares Autotune Evo VST RTAS v6.0.9 (HKLM-x32\...\Antares Autotune Evo VST RTAS_is1) (Version: - )
Audacity 2.3.3 (HKLM-x32\...\Audacity_is1) (Version: 2.3.3 - Audacity Team)
AVG Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1066.0 - AVG Technologies) Hidden
AVG Update Helper (HKLM-x32\...\{EDB7AEE7-E932-4836-AE50-D3B0B7766CB5}) (Version: 1.8.1582.3 - AVG Technologies) Hidden
Avidemux VC++ 64bits (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\{958c1728-e7f8-47a4-980a-8dafc359bffe}) (Version: 2.7.5 - Mean)
Bandicam (HKLM-x32\...\Bandicam) (Version: 7.0.0.2117 - Bandicam.com)
Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com)
calibre 64bit (HKLM\...\{7F97780B-9EAD-4000-BD3A-F6D0FE096D56}) (Version: 6.29.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 6.28 - Piriform)
Corel Update Manager (HKLM-x32\...\{FB8387EF-D663-4152-A13E-6B963AC1052A}) (Version: 2.3 - Corel corporation)
Crypto Native App verze 23.01.8574 (HKLM\...\{79D8049F-2978-4E91-90BD-3428C8FF2E69}_is1) (Version: 23.01.8574 - TESCO SW a.s.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 11.1.0.2037 - Disc Soft Ltd)
DaVinci Resolve (HKLM\...\{8CD009CC-08AB-4873-BA5C-DC4AEA8BACEB}) (Version: 16.2.7010 - Blackmagic Design)
Dazzle Video Capture DVC100 X64 Driver 1.06 (HKLM-x32\...\{BFF23267-1D19-444E-93E2-E5059BE805EA}) (Version: 1.06.0000 - Pinnacle)
Dazzle Video Capture DVC100 X64 Driver 1.08 (HKLM-x32\...\{FB4B9EB9-68B2-4C42-8C38-B65F8FE5A5CA}) (Version: 1.08.0000 - Pinnacle)
DidaktaCZ 1.0.0 (HKLM-x32\...\7e81f6ca-38af-5207-b03c-2ecbe5f1ce8e) (Version: 1.0.0 - SILCOM Multimedia, s.r.o.)
Discord (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
DjVu Viewer (HKLM-x32\...\{3A959BCB-643A-462F-A692-5B7FE4CE35AC}_is1) (Version: - djvuviewer.com)
Dropbox (HKLM-x32\...\Dropbox) (Version: 208.4.5824 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.911.1 - Dropbox, Inc.) Hidden
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
FFmpeg 5.0.0 for Audacity - x86_64 (HKLM\...\FFmpeg for Audacity_is1) (Version: - )
Fire Department (HKLM-x32\...\{1BE73DD5-DB8C-4068-867D-FD7D72CE049D}) (Version: - )
Flexibooks 4.6.1 (64 bit) (HKLM\...\{D36F5D15-E633-45E7-803B-4FC66F183092}) (Version: 4.6.1 - Fraus Media s.r.o. 2016)
FormApps Plug-in GPO (HKLM-x32\...\{4E6F3A31-FADD-4634-A820-3EC96877C7B9}) (Version: 1.29.0.79 - Software602 a.s.)
FormatFactory 5.12.2.0 (HKLM-x32\...\FormatFactory) (Version: 5.12.2.0 - Free Time)
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 97.0.1.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 129.0.6668.71 - Google LLC)
HandBrake 1.3.3 (HKLM-x32\...\HandBrake) (Version: 1.3.3 - )
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kontrola stavu osobního počítače s Windows (HKLM\...\{D18FE9D2-2F54-4C68-A2DE-A59D4A80A9BC}) (Version: 3.1.2109.29003 - Microsoft Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Malwarebytes version 5.1.10.127 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.1.10.127 - Malwarebytes)
Media Creator Student (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\Media Creator Student) (Version: - NOVÁ ŠKOLA, s.r.o.)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Host - 6.0.33 (x64) (HKLM\...\{8584855C-3B2B-4F95-BE1D-CCA5B6DE2815}) (Version: 48.132.18378 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.33 (x64) (HKLM\...\{62A8E894-9FD1-45A0-A4D0-BD9FA854818D}) (Version: 48.132.18378 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.33 (x64) (HKLM\...\{07BE9B02-0247-471C-B06F-A3B1A8FA9216}) (Version: 48.132.18378 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 129.0.2792.65 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 129.0.2792.65 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProplusRetail - cs-cz) (Version: 16.0.18025.20104 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.18025.20104 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Retail - cs-cz) (Version: 16.0.18025.20104 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.18025.20104 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.180.0905.0001 - Microsoft Corporation)
Microsoft Project - cs-cz (HKLM\...\ProjectPro2019Retail - cs-cz) (Version: 16.0.18025.20104 - Microsoft Corporation)
Microsoft Project - en-us (HKLM\...\ProjectPro2019Retail - en-us) (Version: 16.0.18025.20104 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\Teams) (Version: 1.6.00.11166 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visio - cs-cz (HKLM\...\VisioPro2019Retail - cs-cz) (Version: 16.0.18025.20104 - Microsoft Corporation)
Microsoft Visio - en-us (HKLM\...\VisioPro2019Retail - en-us) (Version: 16.0.18025.20104 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31326 (HKLM-x32\...\{2d507699-404c-4c8b-a54a-38e352f32cdd}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31326 (HKLM\...\{38624EB5-356D-4B08-8357-C33D89A5C0C5}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31326 (HKLM\...\{C96241EA-9900-4FE8-85B3-1E238D509DF6}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.33 (x64) (HKLM\...\{A59F43A6-AADB-42EB-883B-2FE4E3AA3A69}) (Version: 48.132.18374 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.33 (x64) (HKLM-x32\...\{ecb94bc3-963d-412a-b141-8b7c32ef103f}) (Version: 6.0.33.33916 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox (x86 en-US) (HKLM-x32\...\Mozilla Firefox 130.0.1 (x86 en-US)) (Version: 130.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 88.0 - Mozilla)
MSVCRT (HKLM-x32\...\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}) (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (HKLM-x32\...\{D0B44725-3666-492D-BEF6-587A14BD9BD9}) (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (HKLM-x32\...\{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}) (Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (HKLM\...\{E9FA781F-3E80-4399-825A-AD3E11C28C77}) (Version: 16.4.1109.0912 - Microsoft) Hidden
MuseScore 3 (HKLM\...\{FF67E071-104C-4C42-9301-184442745671}) (Version: 3.6.2.548021803 - Werner Schweer and Others)
MuseScore 4 (HKLM\...\{0146EF2D-5111-4414-8818-4D293AF5E154}) (Version: 4.0.0.223472200 - MuseScore BVBA and Others)
MuseScore 4 (HKLM\...\{85631FCF-88DD-42FD-8E2D-0A5F82CF631E}) (Version: 4.0.2.230651553 - MuseScore BVBA and Others)
MyHeritage Family Tree Builder (HKLM-x32\...\Family Tree Builder) (Version: 8.0.0.8625 - MyHeritage.com)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.18025.20104 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.18025.20104 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenLP (HKLM\...\{41C0F1DB-0AAC-42A9-8221-F2BF5524EC5C}) (Version: 3.1.3.5000 - OpenLP Developers)
Photo Common (HKLM-x32\...\{15BFD731-A10E-43E9-9D18-0F682BC0480F}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Gallery (HKLM-x32\...\{07AAB66E-4718-422D-9218-4AFB3C922A71}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Pinnacle Studio 21 (HKLM\...\{41C196DB-9ED2-449E-A056-20E67255BFC8}) (Version: 21.1.0.132 - Corel Corporation)
PowerISO (HKLM-x32\...\PowerISO) (Version: 8.3 - Power Software Ltd)
Proclaim (HKLM-x32\...\{1FC10733-55C3-4306-BCE2-FAEAB6234DB9}) (Version: 3.0.32 - Faithlife Corporation)
Python 3.12.0 (64-bit) (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\{cf9c4d97-48a7-4a27-b9fc-91b88a803c40}) (Version: 3.12.150.0 - Python Software Foundation)
Python 3.12.0 Core Interpreter (64-bit) (HKLM\...\{6B58F6F9-656A-4CC4-8BAB-22177BFFA45F}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 Development Libraries (64-bit) (HKLM\...\{225BAA2C-BDCA-4D63-9D72-D92CE5E2421D}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 Documentation (64-bit) (HKLM\...\{5DF0B8D8-4E7F-43EB-AD16-30FFA931A905}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 Executables (64-bit) (HKLM\...\{575EC8EB-A481-4CF1-BAB0-3C1DBD2E50A7}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 pip Bootstrap (64-bit) (HKLM\...\{24B8988D-E785-4124-BF77-1DC6A3E62050}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 Standard Library (64-bit) (HKLM\...\{14BBD330-AA3F-4F7A-8A39-DFB28AECFA82}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 Tcl/Tk Support (64-bit) (HKLM\...\{6EAF677E-4EE8-4A22-9781-9131C5298D26}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 Test Suite (64-bit) (HKLM\...\{0A9B38A7-D393-44A5-A94E-9FEC927DC39C}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{3182A195-B671-44A8-B0C7-7876B916BA5A}) (Version: 3.12.150.0 - Python Software Foundation)
SMART Czech Handwriting Resources (HKLM-x32\...\{65A75580-36A0-4490-8181-0967DD6C1464}) (Version: 15.1.10.0 - SMART Technologies ULC)
SMART Gallery Essentials (HKLM-x32\...\{B1BCD573-39C5-48CD-A2A7-F6525BB7072B}) (Version: 2.0.2.0 - SMART Technologies ULC)
SMART Ink (HKLM-x32\...\{431EB801-5D66-409A-B208-AEF76AD7F677}) (Version: 5.6.132.0 - SMART Technologies ULC)
SMART Lesson Activity Toolkit (HKLM-x32\...\{8AD57A09-153E-4F6D-A269-0AD8AC54B82A}) (Version: 2.0.7.0 - SMART Technologies ULC)
SMART Notebook (HKLM-x32\...\{F0215213-10A6-43DB-9BE4-3FD3DB5D8E53}) (Version: 19.1.2790.0 - SMART Technologies ULC)
SMART Ovladače produktů (HKLM-x32\...\{8F02AE90-9219-42E6-AD41-0C0055227B9B}) (Version: 12.15.139.0 - SMART Technologies ULC)
TechSmith Screen Capture Codec (HKLM-x32\...\{84FE50F5-B0F3-4D18-8BE8-A4DEEE0C37AD}) (Version: 4.1.1.0 - TechSmith Corporation) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation)
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Windows Live Communications Platform (HKLM-x32\...\{41C61308-6CFD-4D54-AB6A-7136ED08A18E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{9A470EA9-FF86-4C0E-992C-572BF2B9D6FF}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Installer (HKLM-x32\...\{659CB81C-B54E-4DF1-B618-F35777393A54}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (HKLM-x32\...\{3EE8FA69-F2A5-4BDB-9E23-3ABB2421B4FA}) (Version: 16.4.3528.0331 - společnost Microsoft Corporation) Hidden
Windows Live Mail (HKLM-x32\...\{B775C26B-EAA8-4A11-ACBF-76E52DF6B805}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Messenger (HKLM-x32\...\{88B9357F-0845-465F-96B9-50976FB9C6C2}) (Version: 16.4.3528.0331 - společnost Microsoft Corporation) Hidden
Windows Live Messenger (HKLM-x32\...\{E703613B-BDAB-433E-A66A-DE0263E3D35D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (HKLM\...\{25058321-C33E-496B-8915-6FD64D362CAF}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (HKLM-x32\...\{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (HKLM-x32\...\{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (HKLM-x32\...\{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (HKLM-x32\...\{D1893000-EA77-493C-8DDD-E262436E959B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (HKLM-x32\...\{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{E100E2B5-F2EF-4955-AB7A-C3F2125A3BCD}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (HKLM-x32\...\{04BE4035-3C8E-4B48-BFB8-1655849C0C8B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (HKLM-x32\...\{124A05DC-3C47-4EEF-85CE-56D6C1CAE62B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (HKLM-x32\...\{714E162E-CD4F-4F1B-8302-7F5179409C25}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (HKLM-x32\...\{E5807449-CA84-42F6-9CE3-A0E2BDA9E24B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\ZoomUMX) (Version: 5.6.5 (823) - Zoom Video Communications, Inc.)
Chrome apps:
============
Disk Google (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\5c5a5fb95c6ba6b72e5a904305afe613) (Version: 1.0 - Google\Chrome)
Disk Google (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\6098d7e003d8165867a035a442cd676d) (Version: 1.0 - Google\Chrome)
Dokumenty (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\23bc082de407676f4e713d80388ae829) (Version: 1.0 - Google\Chrome)
Dokumenty (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\c8af2eaa6dc805a0f1c1253e60402936) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\1ad560b38a1f57c91f39d61272f4757f) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\2823b62810c5c2b4a5fbb28a9b99c7fa) (Version: 1.0 - Google\Chrome)
Prezentace (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\cea10a33c13793d394fb086f93bc0620) (Version: 1.0 - Google\Chrome)
Prezentace (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\d9dd83a3e783c7497c347e226d52d02c) (Version: 1.0 - Google\Chrome)
Tabulky (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\1d103e078685bdc3023a7d799683ff34) (Version: 1.0 - Google\Chrome)
Tabulky (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\eb453c38b338f5fa89ad4445f7a6f9fc) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\a8c59f248bb7f46d4c07e655e19f08f0) (Version: 1.0 - Google\Chrome)
Packages:
=========
Acer Product Registration -> C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4 [2023-06-01] (Acer Incorporated)
Adobe Acrobat Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC [2024-06-15] ()
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc [2023-07-01] (Adobe Systems Incorporated)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_9.4.2.0_x64__kgqvnymyfvs32 [2024-09-24] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_4.4.1.0_x64__kgqvnymyfvs32 [2024-09-16] (king.com)
Care Center S -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCareCenterS_4.0.3019.0_x64__48frkmn4z8aw4 [2021-03-12] (Acer Incorporated)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-04-22] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation)
Dropbox -> C:\Program Files (x86)\Dropbox\Client\PackageAssets [2024-09-19] (Dropbox Inc.)
Evernote -> C:\Program Files\WindowsApps\Evernote.Evernote_10.107.3.0_x64__q4d96b2w5wcc2 [2024-09-27] (Evernote) [Startup Task]
Fotografie -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2024.11070.31001.0_x64__8wekyb3d8bbwe [2024-08-07] (Microsoft Corporation) [Startup Task]
GoTrust ID -> C:\Program Files\WindowsApps\GOTrustTechnologyInc.GO-TrustAuthenticator_3.1.21.0_x64__0r04f53sqacg6 [2024-09-17] (GoTrustID Inc.)
InspIS SETmobile -> C:\Program Files\WindowsApps\57320732D6B4D.InspISSETmobile_1.10.20098.0_x86__beccaw7yyhy3g [2020-06-06] (Itelligence-cz, a.s.)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2021-03-13] (INTEL CORP)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1041.0_x64__8j3eq9eme6ctt [2024-09-14] (INTEL CORP)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_3.0.37.0_x64__w1wdnht996qgy [2024-09-24] (LinkedIn) [Startup Task]
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_2150.23.211.0_x64__8xx8rvfyw5nnt [2024-09-11] (Meta) [Startup Task]
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x86__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation) [MS Ad]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-09-14] (Microsoft Corp.)
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_54.20907.567.0_x64__8wekyb3d8bbwe [2024-09-14] (Microsoft Corporation)
Microsoft.BingSearch -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.95.0_x64__8wekyb3d8bbwe [2024-07-23] (Microsoft Corporation)
Microsoft.StartExperiencesApp -> C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.168.0_x64__8wekyb3d8bbwe [2024-09-28] (Microsoft Corporation) [Startup Task]
MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24082.53.0_x64__cw5n1h2txyewy [2024-09-28] (Microsoft Windows) [Startup Task]
Movie & Audio Studio -> C:\Program Files\WindowsApps\MAGIXSoftwareGmbH.MovieAudioStudio_1.1.4.0_x64__awcgk3qbzve1y [2024-09-17] (MAGIX Software GmbH)
Muse Hub -> C:\Program Files\WindowsApps\Muse.MuseHub_1.0.1.693_x64__rb9pth70m6nz6 [2024-02-14] (Muse) [Startup Task]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_7.0.8.0_neutral__mcm4njqhnhss8 [2024-07-23] (Netflix, Inc.)
PhotoDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PhotoDirectorforacerDesktop_8.0.5229.0_x64__ypz87dpxkv292 [2019-10-26] (CYBERLINK COM CORP)
PowerDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PowerDirectorforacerDesktop_14.0.4304.0_x64__ypz87dpxkv292 [2019-10-26] (CYBERLINK COM CORP)
QuickAccess -> C:\Program Files\WindowsApps\AcerIncorporated.QuickAccess_3.0.3017.0_x64__48frkmn4z8aw4 [2020-09-30] (Acer Incorporated)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.9.205.0_x64__dt26b99r8h8gj [2020-04-03] (Realtek Semiconductor Corp)
Simple Mahjong -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleMahjong_6.5.16.0_x64__kx24dqmazqk8j [2024-08-20] (Random Salad Games LLC)
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.5.18.0_x64__kx24dqmazqk8j [2024-08-16] (Random Salad Games LLC)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0 [2024-10-02] (Spotify AB) [Startup Task]
User Experience Improvement Program -> C:\Program Files\WindowsApps\AcerIncorporated.UserExperienceImprovementProgram_4.0.3106.0_x64__48frkmn4z8aw4 [2019-10-26] (Acer Incorporated)
Widgets Platform Runtime -> C:\Program Files\WindowsApps\Microsoft.WidgetsPlatformRuntime_1.4.0.0_x64__8wekyb3d8bbwe [2024-09-19] (Microsoft Corporation)
WinAppRuntime.Main.1.2 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.2_2000.802.31.0_x64__8wekyb3d8bbwe [2023-03-17] (Microsoft Corp.)
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.214.1843.0_x64__8wekyb3d8bbwe [2024-08-14] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_6000.266.2241.0_x64__8wekyb3d8bbwe [2024-10-02] (Microsoft Corp.)
Windows App Runtime DDLM 2000.684.1510.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.2000.684.1510.0-x6_2000.684.1510.0_x64__8wekyb3d8bbwe [2022-12-18] (Microsoft Corporation)
Windows App Runtime DDLM 2000.684.1510.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.2000.684.1510.0-x8_2000.684.1510.0_x86__8wekyb3d8bbwe [2022-12-18] (Microsoft Corporation)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\LKG\MicrosoftWindows.LKG.AccountsService_cw5n1h2txyewy [2024-09-11] (Microsoft Windows)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\LKG\MicrosoftWindows.LKG.DesktopSpotlight_cw5n1h2txyewy [2024-09-11] (Microsoft Windows)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\LKG\MicrosoftWindows.LKG.IrisService_cw5n1h2txyewy [2024-09-11] (Microsoft Windows)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3501418858-3935017464-633493477-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-52B34AEEE9B2} -> [Creative Cloud Files] => C:\Users\vondr\Creative Cloud Files [2021-11-28 19:19]
CustomCLSID: HKU\S-1-5-21-3501418858-3935017464-633493477-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\vondr\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.23089.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3501418858-3935017464-633493477-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-3501418858-3935017464-633493477-1001_Classes\CLSID\{BEA218D2-6950-497B-9434-61683EC065FE}\InprocServer32 -> C:\Users\vondr\AppData\Local\Programs\Python\Launcher\pyshellext.amd64.dll (Python Software Foundation -> Python Software Foundation)
CustomCLSID: HKU\S-1-5-21-3501418858-3935017464-633493477-1001_Classes\CLSID\{C40DF59F-2365-4851-99BD-249EFB7ED151} -> [Mega] => C:\Users\vondr\Documents\Mega [2022-02-06 21:58]
CustomCLSID: HKU\S-1-5-21-3501418858-3935017464-633493477-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\vondr\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3501418858-3935017464-633493477-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\vondr\Dropbox [2020-06-14 21:52]
CustomCLSID: HKU\S-1-5-21-3501418858-3935017464-633493477-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\vondr\AppData\Local\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\vondr\AppData\Local\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\vondr\AppData\Local\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-11-28] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-11-28] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-11-28] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\vondr\AppData\Local\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\vondr\AppData\Local\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\vondr\AppData\Local\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers-x32: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers-x32: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers-x32: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.180.0905.0001\FileSyncShell64.dll [2024-10-02] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-11-28] (Adobe Inc. -> )
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\vondr\AppData\Local\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2022-09-01] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2022-11-05] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\vondr\AppData\Local\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2022-11-05] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-10-01] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\vondr\AppData\Local\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.180.0905.0001\FileSyncShell64.dll [2024-10-02] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\vondr\AppData\Local\MEGAsync\ShellExtX64.dll [2024-06-11] (Mega Limited -> )
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2022-09-01] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.180.0905.0001\FileSyncShell64.dll [2024-10-02] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\97.0.1.0\drivefsext.dll [2024-09-16] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll [2024-07-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-11-28] (Adobe Inc. -> )
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-10-01] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2022-09-01] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.mjpg] => C:\WINDOWS\system32\bdmjpeg64.dll [75248 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\WINDOWS\system32\bdmpegv64.dll [75272 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\WINDOWS\system32\bdmpega64.acm [75784 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.dvsd] => C:\Windows\SysWOW64\pdvcodec.dll [265797 2010-03-12] (Matsushita Electric Industrial Co., Ltd.) [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [71176 2017-01-26] (Bandicam Company -> )
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\vondr\Desktop\Programy\Media Creator Student.lnk -> C:\Program Files (x86)\Media Creator Student\mc.bat ()
Shortcut: C:\Users\vondr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenLP\Get support for OpenLP.lnk -> hxxp://forums.openlp.org
Shortcut: C:\Users\vondr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenLP\OpenLP on the Web.lnk -> hxxp://openlp.org
Shortcut: C:\Users\vondr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Media Creator Student\Media Creator Student.lnk -> C:\Program Files (x86)\Media Creator Student\mc.bat ()
ShortcutWithArgument: C:\Users\vondr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Disk Google.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 6" --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\vondr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Dokumenty.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 6" --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
ShortcutWithArgument: C:\Users\vondr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Gmail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 6" --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\vondr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Prezentace.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 6" --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\vondr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Tabulky.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 6" --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\vondr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Ondřej (skolababice.cz) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\vondr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\371b6590bc8d800\Jakub - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 6"
ShortcutWithArgument: C:\Users\vondr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\225bb61db2f318c1\Ondřej (skolababice.cz) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 3"
==================== Loaded Modules (Whitelisted) =============
2023-03-21 23:07 - 2023-03-21 23:07 - 000649360 _____ (SMART Technologies ULC -> Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\Fusion\amd64_smarttech.ms.vc120.crt_e7e76aadd9f46776_none_c214de27ee82b5e1\1.0\1.0.19.0\MSVCP120.dll
2023-03-21 23:07 - 2023-03-21 23:07 - 000952464 _____ (SMART Technologies ULC -> Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\Fusion\amd64_smarttech.ms.vc120.crt_e7e76aadd9f46776_none_c214de27ee82b5e1\1.0\1.0.19.0\MSVCR120.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\sharepoint.com -> hxxps://sgocz-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 06:49 - 2019-03-19 06:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\vondr\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
DNS Servers: 93.93.32.32 - 93.93.33.33
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: Realtek PCIe GbE Family Controller -> rt68cx21x64.sys
Wi-Fi: Intel(R) Wi-Fi 6 AX201 160MHz -> Netwtw10.sys
Síťové připojení Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "SMARTNotification"
HKLM\...\StartupApproved\Run32: => "SMART Board Service"
HKLM\...\StartupApproved\Run32: => "SMART Tray Tools"
HKLM\...\StartupApproved\Run32: => "sbsdk-server"
HKLM\...\StartupApproved\Run32: => "SMART Ink"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "Family Tree Builder Update"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "st_global"
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3501418858-3935017464-633493477-1001\...\StartupApproved\Run: => "AVGBrowserAutoLaunch_7EE2BFE1B3B8A803197E356BCB586469"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{DD609FDA-4AD2-4EDA-B048-B78D53D0E0A0}] => (Allow) C:\Program Files\WindowsApps\Muse.MuseHub_1.0.1.693_x64__rb9pth70m6nz6\Muse.Service.exe (Musecy SM Ltd. -> Muse.Service)
FirewallRules: [{8E2E35A3-DEE7-482A-9C3F-1C686010D75B}] => (Allow) C:\Program Files\WindowsApps\Muse.MuseHub_1.0.1.693_x64__rb9pth70m6nz6\Muse.Service.exe (Musecy SM Ltd. -> Muse.Service)
FirewallRules: [{FE8B1B4E-1C73-48C8-9B32-7207AF906D4F}] => (Allow) C:\Program Files\WindowsApps\Muse.MuseHub_1.0.1.693_x64__rb9pth70m6nz6\Muse.Service.exe (Musecy SM Ltd. -> Muse.Service)
FirewallRules: [{E59C594C-FF9F-4103-BC31-4C3D4CA489CE}] => (Allow) C:\Program Files\WindowsApps\Muse.MuseHub_1.0.1.693_x64__rb9pth70m6nz6\Muse.Service.exe (Musecy SM Ltd. -> Muse.Service)
FirewallRules: [UDP Query User{57F64F83-A3BE-4347-82EC-B2193104A9CD}C:\program files\musescore 4\bin\musescore4.exe] => (Allow) C:\program files\musescore 4\bin\musescore4.exe () [File not signed]
FirewallRules: [TCP Query User{B5CDADF5-B9F5-4390-8D24-56B7CA7BEEFF}C:\program files\musescore 4\bin\musescore4.exe] => (Allow) C:\program files\musescore 4\bin\musescore4.exe () [File not signed]
FirewallRules: [{D2357B00-5E34-4342-BA6D-91947EC95CE9}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Software Technology Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{60EAA0D9-7B94-456E-BDC9-01F854FDDEDB}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{75E61BA2-C895-410F-8F12-47D1C8859697}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [UDP Query User{25EB2228-B016-4E08-B3DE-538AF74E06E7}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{762CFD4D-1CE1-43AC-9FDA-95D86C24C4D4}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{24C329C7-F839-49FC-99AD-15CB037238B8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B8B6AC2A-CA06-4F0F-A0CF-987B0D5A26FD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{AE7A16D5-790D-4A69-B7F4-2D2443FC42BF}] => (Allow) C:\Users\vondr\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{AFA40E3C-3A4B-4D65-8CA6-2F2B538ADC7C}] => (Allow) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\UCGui.exe (SMART Technologies ULC -> SMART Technologies)
FirewallRules: [{C2693F67-7F90-47E8-BAC5-D21DDCD29430}] => (Allow) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\UCGui.exe (SMART Technologies ULC -> SMART Technologies)
FirewallRules: [{625B6298-3E39-4BEC-A378-34A10B5D7E6B}] => (Allow) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\UCService.exe (SMART Technologies ULC -> SMART Technologies)
FirewallRules: [{C9FC2339-E561-4842-9402-4D5258E73E35}] => (Allow) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\UCService.exe (SMART Technologies ULC -> SMART Technologies)
FirewallRules: [{51C9519E-14B3-4F3D-A4B1-0A71D350B899}] => (Allow) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTSNMPAgent.exe (SMART Technologies ULC -> SMART Technologies)
FirewallRules: [{D72A7625-1716-4338-B3B5-95DD8614EB91}] => (Allow) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTSNMPAgent.exe (SMART Technologies ULC -> SMART Technologies)
FirewallRules: [{09D6004D-C58D-490B-92DA-528EFADFE65E}] => (Allow) C:\Program Files (x86)\SMART Technologies\Education Software\Notebook.exe (SMART Technologies ULC -> SMART Technologies ULC)
FirewallRules: [{542580BC-9B62-4D86-96A9-F3D4A9037CCA}] => (Allow) C:\Program Files (x86)\SMART Technologies\Education Software\Notebook.exe (SMART Technologies ULC -> SMART Technologies ULC)
FirewallRules: [{43EBF8B2-78A5-478F-8737-CD4E37CA9E7A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EE2BAC3B-FB30-41F8-8090-77100E129D37}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D6771A49-9327-41B2-A4D0-64947F8B8919}] => (Allow) C:\Users\vondr\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{0F000823-23F3-43F9-A139-CE3F64959B36}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\RM.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{26B391DD-70F9-469C-814E-56B10A122B9E}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\RM.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{AF476B1F-839F-46A0-A1C2-091B1864670F}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\NGStudio.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{8F9789AB-7DAC-43F0-B841-04CAF38381E2}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\NGStudio.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{3C588922-5C1D-4EE4-B940-C8C369183531}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\UMI.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{20C929A6-B975-46FB-A382-9158625F9A33}] => (Allow) C:\Program Files\Pinnacle\Studio 21\programs\UMI.exe (Corel Corporation -> Pinnacle)
FirewallRules: [TCP Query User{91B19305-4BCC-4AD6-AB10-CB5D60170EEF}C:\users\vondr\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\vondr\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{7C1324A5-6FAA-43D2-AF0D-DD6C0B0A5196}C:\users\vondr\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\vondr\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1B928F4C-4ACC-4C04-92B0-186D1440FED9}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Software Technology Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{831393B5-BA13-44CE-9606-EFB19A4E36BF}] => (Allow) C:\Program Files\davinci\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{E25C9EDF-66FE-4BA1-865F-82F1837CABBF}] => (Allow) C:\Program Files\davinci\bmdpaneld.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{30D2C5AB-8965-42D6-A687-AE4AC40BA1C0}] => (Allow) C:\Program Files\davinci\DaVinciPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{C234F19C-AF58-4FE5-A281-81D84501DDE7}] => (Allow) C:\Program Files\davinci\JLCooperPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{C7226308-2E81-419B-9F35-935FDC831C1C}] => (Allow) C:\Program Files\davinci\EuphonixPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{B44025CC-6B06-43E3-BAB1-6746DE8F8B6D}] => (Allow) C:\Program Files\davinci\TangentPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{2D6BA5AB-6B51-421E-840C-B339012E5546}] => (Allow) C:\Program Files\davinci\DPDecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{97D81E44-7E64-4A4C-8A8D-BE4D0A091E53}C:\program files\davinci\fuscript.exe] => (Allow) C:\program files\davinci\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{232C1E3C-E03D-4DC7-9955-504E53AC69C4}C:\program files\davinci\fuscript.exe] => (Allow) C:\program files\davinci\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{7FE3282D-AE5E-46E4-8DCA-B4D26445E210}] => (Allow) C:\Program Files\WindowsApps\Muse.MuseHub_1.0.1.693_x64__rb9pth70m6nz6\Muse.Service.exe (Musecy SM Ltd. -> Muse.Service)
FirewallRules: [{B9C13A73-E524-4493-A376-334CCF063BE0}] => (Allow) C:\Program Files\WindowsApps\Muse.MuseHub_1.0.1.693_x64__rb9pth70m6nz6\Muse.Service.exe (Musecy SM Ltd. -> Muse.Service)
FirewallRules: [{D94B0DC5-760A-4E6C-81AC-41A472AF9D77}] => (Allow) C:\Program Files\WindowsApps\Muse.MuseHub_1.0.1.693_x64__rb9pth70m6nz6\Muse.Service.exe (Musecy SM Ltd. -> Muse.Service)
FirewallRules: [{C2046D68-0C1E-482A-89A9-CAAB3A2C7E77}] => (Allow) C:\Program Files\WindowsApps\Muse.MuseHub_1.0.1.693_x64__rb9pth70m6nz6\Muse.Service.exe (Musecy SM Ltd. -> Muse.Service)
FirewallRules: [{6F4019B5-81DA-4E55-B1F8-F6FE449BE65B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{76164BA3-842A-4BF2-BCDB-FF0CE4027D4E}] => (Allow) C:\Program Files\OpenLP\OpenLP.exe () [File not signed]
FirewallRules: [{7B03F0A6-17E8-436C-A27E-5A6919928DF5}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{AB497E21-49A1-46B5-BAFE-8688DB5544E5}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{EB172260-C64A-43DF-8547-1DE1FE07F5BC}] => (Allow) C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe (AVG Technologies USA, LLC -> Gen Digital Inc.)
FirewallRules: [{07ED0DF7-5E8A-4C62-AF8F-788A82272104}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24244.507.3118.4732_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{52FA9101-CBBB-4CF7-8E75-99087CF790C8}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24244.507.3118.4732_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5908A380-B51D-4BCA-8016-0840EE5632F2}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.65\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A28AEA7E-C6DA-446F-8841-2C82044034F5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{ABF4C054-224D-4B93-8738-DE6A57E8928B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{ABA47FA3-366D-4058-B71A-02093FD88B58}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{94A6B6B4-5987-493B-977A-4FA421B37FE4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{89CE1063-15B7-4A85-A302-280B0147DC77}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{30C5114B-E16F-4268-A4AB-5C7CD6E02B5C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6ADCFEE9-8F74-49FD-AF1D-1464BED61D73}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2E9B445E-38C7-4D95-95D7-BF6ADFA9F947}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2CB7E2C7-3882-4DA9-A038-2A8E163CB1C1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A57BB5CC-9DA0-4297-9EA4-47E5E9491DB3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8AFD7127-71A0-475E-A9CA-5A439A5EA7AC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5659ACB8-A156-4D0D-9D42-0BD63D9D74B7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.129.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0422F857-856E-4978-8D53-CD8E44590558}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.129.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2AF64923-3AE3-4B6C-B97B-B3B811F0C22B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.129.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EFB856F4-86E3-4498-9A01-FCBDBFB59CE2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.129.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
20-09-2024 13:44:51 Windows Update
24-09-2024 10:43:27 Windows Update
27-09-2024 15:36:37 Windows Update
01-10-2024 09:51:13 Windows Update
01-10-2024 09:51:24 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (10/02/2024 08:41:32 PM) (Source: Application Error) (EventID: 1000) (User: ACER)
Description: Název chybující aplikace: igfxEM.exe, verze: 6.15.100.6911, časové razítko: 0x5cedf1c9
Název chybujícího modulu: SHELL32.dll, verze: 10.0.22621.4111, časové razítko: 0xbe495689
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000293cb9
ID chybujícího procesu: 0x0x21e0
Čas spuštění chybující aplikace: 0x0x1db14fa699dec8c
Cesta k chybující aplikaci: C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_92cf9d9d84f1d3db\igfxEM.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\SHELL32.dll
ID zprávy: 842b2dd5-4d64-421c-9496-dba339fdfe72
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/02/2024 08:40:35 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Objekt nebo vlastnost nebyly nalezeny.
Error: (10/02/2024 08:40:35 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Objekt nebo vlastnost nebyly nalezeny.
Error: (10/02/2024 08:40:35 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Objekt nebo vlastnost nebyly nalezeny.
Error: (10/02/2024 08:40:34 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Objekt nebo vlastnost nebyly nalezeny.
Error: (10/02/2024 08:40:33 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Objekt nebo vlastnost nebyly nalezeny.
Error: (10/02/2024 08:39:39 PM) (Source: Application Error) (EventID: 1000) (User: ACER)
Description: Název chybující aplikace: backgroundTaskHost.exe, verze: 10.0.22621.1, časové razítko: 0x004687c2
Název chybujícího modulu: twinapi.appcore.dll, verze: 10.0.22621.4111, časové razítko: 0x8ac9d737
Kód výjimky: 0xc000027b
Posun chyby: 0x00000000000ca273
ID chybujícího procesu: 0x0x2240
Čas spuštění chybující aplikace: 0x0x1db14fa6f0ca544
Cesta k chybující aplikaci: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\twinapi.appcore.dll
ID zprávy: 361b23f7-317c-4878-a7ce-d7ad2d855a70
Úplný název chybujícího balíčku: AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4
ID aplikace související s chybujícím balíčkem: Acer.AcerRegistration
Error: (10/02/2024 06:35:41 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Objekt nebo vlastnost nebyly nalezeny.
System errors:
=============
Error: (10/02/2024 08:41:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (10/02/2024 08:41:24 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).
Error: (10/02/2024 08:38:50 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\system32\IntelIHVRouter10.dll
Error: (10/02/2024 08:38:50 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\system32\IntelIHVRouter10.dll
Error: (10/02/2024 08:36:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba FileSyncHelper byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/02/2024 08:36:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Disc Soft Lite Bus Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/02/2024 08:36:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (10/02/2024 08:36:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Windows Defender:
================
Date: 2024-09-28 21:48:49
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: containerfile:_C:\Users\vondr\Desktop\Office_2019_C2R_x86_x64_CS_EN_SK_16.0.11126.20188.ISO; file:_C:\Users\vondr\Desktop\Office_2019_C2R_x86_x64_CS_EN_SK_16.0.11126.20188.ISO->\OInstall.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Uživatel
Uživatel: ACER\vondr
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.419.254.0, AS: 1.419.254.0, NIS: 1.419.254.0
Verze modulu: AM: 1.1.24080.9, NIS: 1.1.24080.9
Date: 2024-09-28 07:56:10
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {B053DE74-6B0F-4A7D-BED9-A1A439F7B1B6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-09-27 15:40:18
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {0C94F69C-5CD8-4361-8626-DDC7540BB27E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-09-26 11:30:17
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: containerfile:_C:\Users\vondr\Desktop\Office_2019_C2R_x86_x64_CS_EN_SK_16.0.11126.20188.ISO; file:_C:\Users\vondr\Desktop\Office_2019_C2R_x86_x64_CS_EN_SK_16.0.11126.20188.ISO->\OInstall.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.419.203.0, AS: 1.419.203.0, NIS: 1.419.203.0
Verze modulu: AM: 1.1.24080.9, NIS: 1.1.24080.9
Date: 2024-09-26 10:40:53
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {70C5005E-7514-4B33-8B27-DD324B88DE26}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]
Date: 2024-10-01 21:02:40
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Zálohování
Kód chyby: 0x80004004
Popis chyby: Operace přerušena
Verze bezpečnostních informací: 1.419.281.0;1.419.281.0
Verze modulu: 1.1.24080.9
Date: 2024-10-01 21:02:39
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80501102
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Verze bezpečnostních informací: 1.419.292.0;1.419.292.0
Verze modulu: 1.1.24080.9
Date: 2024-04-06 20:54:55
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.311.1607.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16800.2
Kód chyby: 0x80072f8f
Popis chyby: Došlo k chybě zabezpečení.
Date: 2024-04-06 20:54:55
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.311.1607.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16800.2
Kód chyby: 0x80072f8f
Popis chyby: Došlo k chybě zabezpečení.
Date: 2024-04-06 20:54:55
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.311.1607.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16800.2
Kód chyby: 0x80072f8f
Popis chyby: Došlo k chybě zabezpečení.
CodeIntegrity:
===============
Date: 2024-10-02 20:43:06
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.
Date: 2024-10-02 20:41:53
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.
Date: 2024-10-02 20:40:50
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Insyde Corp. V1.24 07/07/2021
Motherboard: CML Doc_WC
Processor: Intel(R) Core(TM) i5-10210U CPU @ 1.60GHz
Percentage of memory in use: 77%
Total physical RAM: 8013.99 MB
Available physical RAM: 1792.86 MB
Total Virtual: 23885.99 MB
Available Virtual: 17484.95 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:952.75 GB) (Free:557.16 GB) (Model: INTEL SSDPEKNW010T8) NTFS
Drive g: (Google Drive) (Fixed) (Total:952.75 GB) (Free:529.3 GB) (Model: INTEL SSDPEKNW010T8) FAT32
\\?\Volume{1d5ebf39-7363-46c2-85c5-6d21b232b7ac}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.15 GB) NTFS
\\?\Volume{c3e08722-726c-4ee4-9a79-cd22e2eab3a5}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 953.9 GB) (Disk ID: 32C3B5EB)
Partition: GPT.
==================== End of Addition.txt =======================
Re: Prosím o kontrolu logu, děkuji
Vycisti registre CCleanerom a mame hotovo
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kontrolu logu, děkuji
Provedeno.
Moc děkuji!!!
Moc děkuji!!!
Re: Prosím o kontrolu logu, děkuji
Rado sa stalo
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/