VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Stále se vrací Wacatac

https://forum.viry.cz:443/viewtopic.php?t=158569

Stránka 1 z 1

Stále se vrací Wacatac

Napsal: 27 úno 2022 13:52
od Miloslav
Dobrý den, nalezl jsem Trojan:Script/Wacatac.B!ml a dal jsem ho do karantény Defenderu. Objevuje se ale znovu a už ani nejde odstranit. Prosím o pomoc. Přikládám FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-02-2022
Ran by Miloslav Neužil (administrator) on DESKTOP-91G8VB2 (MSI MS-7977) (27-02-2022 13:36:00)
Running from C:\Users\Miloslav Neužil\AppData\Local\Temp\MicrosoftEdgeDownloads\6c344e81-9d96-4eea-96d1-c4cd5c3b70f2
Loaded Profiles: Miloslav Neužil
Platform: Microsoft Windows 10 Pro Version 21H2 19044.1566 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\Logi\LogiBolt\LogiBolt.exe ->) (Logitech Inc -> Logitech) C:\Program Files\Logi\LogiBolt\logi_crashpad_handler.exe
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCopyAccelerator.exe
(Corel Corporation -> ) C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
(D:\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(explorer.exe ->) (Daniel Redlich Software) [File not signed] C:\DosPrint\DOSPRINT.EXE
(explorer.exe ->) (Ghisler Software GmbH -> Ghisler Software GmbH) C:\Totalcmd\TOTALCMD64.EXE
(explorer.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\appup.intelgraphicsexperience_1.100.3407.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(explorer.exe ->) (Logitech Inc -> Logitech) C:\Program Files\Logi\LogiBolt\LogiBolt.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <29>
(Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd) C:\Windows\SysWOW64\CtHelper.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Corel Corporation -> ) C:\Windows\SysWOW64\PSIService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3b12ac0f95b18b9d\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(svchost.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\appup.intelgraphicsexperience_1.100.3407.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.xboxapp_48.78.15001.0_x64__8wekyb3d8bbwe\XboxApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Valve Corp. -> Valve Corporation) D:\Steam\steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8484056 2015-06-12] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1687616 2022-01-06] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [LogiBolt] => C:\Program Files\Logi\LogiBolt\LogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech)
HKLM\...\Run: [Corel Photo Downloader] => C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe [531784 2007-12-14] (Corel Corporation -> Corel, Inc.)
HKLM-x32\...\Run: [AsioThk32Reg] => REGSVR32.EXE /S CTASIO.DLL (No File)
HKLM-x32\...\Run: [CTHelper] => C:\Windows\SysWOW64\CTHELPER.EXE* [29776 2018-08-14] () [File not signed]
HKLM-x32\...\Run: [Corel Photo Downloader] => C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe [531784 2007-12-14] (Corel Corporation -> Corel, Inc.)
HKLM-x32\...\Run: [Corel File Shell Monitor] => C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe [16200 2008-01-15] (Corel Corporation -> )
HKU\S-1-5-21-1292141479-613030465-2163202204-1001\...\Run: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [2367352 2022-02-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1292141479-613030465-2163202204-1001\...\Run: [MicrosoftEdgeAutoLaunch_43A2E249496E7690013CBADCF8C32222] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKU\S-1-5-21-1292141479-613030465-2163202204-1001\...\Run: [LogiBolt] => C:\Program Files\Logi\LogiBolt\LogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech)
HKU\S-1-5-21-1292141479-613030465-2163202204-1001\...\Run: [KKBirthday] => C:\Program Files (x86)\Kith and Kin Birthday Alert\KKBirthday.exe [2058752 2015-08-07] (SpanSoft) [File not signed]
HKU\S-1-5-21-1292141479-613030465-2163202204-1001\...\MountPoints2: {61d98a3c-058d-11eb-9fde-806e6f6e6963} - "K:\setup.exe"
Startup: C:\Users\Miloslav Neužil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dosprint.lnk [2021-05-13]
ShortcutTarget: Dosprint.lnk -> C:\DosPrint\DOSPRINT.EXE (Daniel Redlich Software) [File not signed]

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {06973360-16D2-496B-AA59-924FBF0120C3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22880136 2022-02-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {2A5DAC7F-4EAC-4951-AC0E-F9C11B31A489} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1009872 2021-11-02] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {44599B23-AAD1-4163-A10C-4BA4A3B74EC4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [647376 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
Task: {4EC5348D-10CD-40ED-AD23-F371C3019FA3} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339472 2022-02-03] (Nvidia Corporation -> NVIDIA Corporation)
Task: {4FC71049-D29C-464A-B792-F4BC92813D46} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
Task: {53973E3F-7DCC-4776-8548-3D523C433D82} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
Task: {6D63E7FC-BFD5-4A74-A5DF-95C6FFAEA856} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
Task: {73179102-8D7B-4389-8463-C08F9217C221} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1292141479-613030465-2163202204-1001 => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [3060072 2022-02-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {7380FD2E-42AC-445B-9057-F383BBCAAAE4} - System32\Tasks\Microsoft\Windows\SysResetDelayedCleanup => C:\WINDOWS\system32\ResetEngine.exe [20296 2022-02-26] (Microsoft Windows -> Microsoft Corporation)
Task: {98F04194-0777-415E-BF50-22A52B1C86A4} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2022-02-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {98F80DA6-02C6-4E67-AD40-1D9EB9821818} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2022-02-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {9A11CD3E-D801-48D1-B2BC-FE56BD191EF7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22880136 2022-02-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {AA1D297E-1633-4123-9195-E02953DA1F8B} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
Task: {B3AF80F1-7648-4DA9-AD90-FFD3787729AB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B77F7053-8229-4AFF-A995-DFC7EE018BB0} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [3060072 2022-02-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {B9C4D427-A18A-4689-A693-6730FD9A28A6} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
Task: {BB70F0FD-5BD7-411B-A2FB-CD6FF7E3A747} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D098AC00-798C-4FA3-8B66-5B2E03B97952} - System32\Tasks\HPCustParticipation HP LaserJet MFP M129-M134 => C:\Program Files\HP\HP LaserJet MFP M129-M134\Bin\HPCustPartic.exe [6660744 2018-08-22] (Hewlett Packard -> HP Inc.)
Task: {E14A7D87-F0AB-4A16-8062-590186DDF24F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E434E202-8A18-4C8C-93FB-E50EA98D5750} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
Task: {FB0C0950-BC39-4907-AA16-07016FB6063E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-26] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{0a698cd5-eccb-43aa-a39b-c3eda411c9cb}: [DhcpNameServer] 10.0.0.138

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Miloslav Neužil\AppData\Local\Microsoft\Edge\User Data\Default [2022-02-27]
Edge HomePage: Default -> hxxps://www.seznam.cz/
Edge StartupUrls: Default -> "hxxps://www.seznam.cz/"
Edge Extension: (CacheList) - C:\Users\Miloslav Neužil\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\amhhdbdhoghppijbjfdkiaconkmfbbpa [2022-02-26]
Edge Extension: (Podepisovací komponenta Signer) - C:\Users\Miloslav Neužil\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bhlaechjbkikglhincgjdmhceppidngc [2022-02-26]
Edge Extension: (Easy Video Downloader) - C:\Users\Miloslav Neužil\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\eaicplkoeceoelookkiaeekhodehdhde [2022-02-26]
Edge Extension: (Adblock Plus - free ad blocker) - C:\Users\Miloslav Neužil\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2022-02-26]
Edge Extension: (FormApps Extension) - C:\Users\Miloslav Neužil\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2022-02-26]
Edge Extension: (Komponenta I.CA PKI Service) - C:\Users\Miloslav Neužil\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kchhpancoebhkdgdafnifpkcacaopncp [2022-02-26]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-02-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-02-27] (Microsoft Corporation -> Microsoft Corporation)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12124536 2022-02-03] (Microsoft Corporation -> Microsoft Corporation)
S3 FileSyncHelper; C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\FileSyncHelper.exe [2448232 2022-02-27] (Microsoft Corporation -> Microsoft Corporation)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [260256 2022-02-27] (HP Inc. -> HP Inc.)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-06-01] (Nero AG -> Nero AG)
S3 OneDrive Updater Service; C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\OneDriveUpdaterService.exe [2836840 2022-02-27] (Microsoft Corporation -> Microsoft Corporation)
R2 ProtexisLicensing; C:\WINDOWS\SysWOW64\PSIService.exe [177704 2007-06-05] (Corel Corporation -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6133448 2022-02-26] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2201.10-0\NisSrv.exe [2909208 2022-02-26] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2201.10-0\MsMpEng.exe [128376 2022-02-26] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3b12ac0f95b18b9d\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3b12ac0f95b18b9d\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 DSI_SiUSBXp_3_1; C:\WINDOWS\system32\drivers\DSI_SiUSBXp_3_1.sys [16384 2007-09-06] (Microsoft Windows Hardware Compatibility Publisher -> Silicon Laboratories)
S3 HP1210FAX; C:\WINDOWS\System32\Drivers\HPM1210FAX.sys [16896 2012-11-08] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 MpKsld9ef8270; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9EE9FE0D-6E5B-4F2D-B09F-A5334B5C8472}\MpKslDrv.sys [135440 2022-02-27] (Microsoft Windows -> Microsoft Corporation)
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [19968 2012-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [65144 2021-10-08] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2022-02-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [438520 2022-02-26] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90360 2022-02-26] (Microsoft Windows -> Microsoft Corporation)
S4 NVSWCFilter; \SystemRoot\System32\drivers\nvswcfilter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-02-27 13:35 - 2022-02-27 13:36 - 000000000 ____D C:\FRST
2022-02-27 09:39 - 2022-02-27 09:40 - 000000000 ____D C:\Users\Miloslav Neužil\AppData\Local\Steam
2022-02-27 09:33 - 1999-06-21 05:10 - 000183808 _____ C:\WINDOWS\SysWOW64\BDEADMIN.CPL
2022-02-27 09:33 - 1999-01-20 05:01 - 000210032 _____ C:\WINDOWS\SysWOW64\DBCLIENT.DLL
2022-02-27 09:31 - 2022-02-27 10:06 - 000000000 ____D C:\Users\Miloslav Neužil\AppData\Local\CrashDumps
2022-02-27 09:30 - 2022-02-27 09:31 - 000001613 _____ C:\Users\Miloslav Neužil\Desktop\Adresy a telefony.lnk
2022-02-27 09:29 - 2022-02-27 09:30 - 000000000 ____D C:\Program Files (x86)\NeuSoft
2022-02-27 09:08 - 2022-02-27 09:37 - 000000000 ____D C:\ProgramData\KKBirthday
2022-02-27 08:58 - 2022-02-27 12:25 - 000000000 ____D C:\Users\Miloslav Neužil\AppData\Local\NVIDIA Corporation
2022-02-27 08:58 - 2022-02-27 08:58 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-02-27 08:58 - 2022-02-27 08:58 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-02-27 08:58 - 2022-02-27 08:58 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-02-27 08:58 - 2022-02-27 08:58 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-02-27 08:58 - 2022-02-27 08:58 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-02-27 08:58 - 2022-02-27 08:58 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-02-27 08:58 - 2022-02-27 08:58 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-02-27 08:58 - 2022-02-27 08:58 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-02-27 08:58 - 2022-02-27 08:58 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-02-27 08:58 - 2022-02-27 08:58 - 000001403 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2022-02-27 08:58 - 2022-02-27 08:58 - 000000000 ____D C:\Users\Miloslav Neužil\AppData\Local\NVIDIA
2022-02-27 08:58 - 2022-02-27 08:58 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2022-02-27 08:58 - 2022-01-28 12:50 - 002859520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2022-02-27 08:58 - 2022-01-28 12:50 - 002201800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2022-02-27 08:58 - 2022-01-28 12:50 - 001295872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2022-02-27 08:58 - 2022-01-21 13:22 - 000082432 _____ C:\WINDOWS\system32\FvSDK_x64.dll
2022-02-27 08:58 - 2022-01-21 13:22 - 000071168 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll
2022-02-27 08:58 - 2021-11-23 08:38 - 000168648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2022-02-27 08:58 - 2021-11-23 08:38 - 000144584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2022-02-27 08:58 - 2021-11-02 19:47 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2022-02-27 08:56 - 2022-02-27 08:58 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-02-27 08:52 - 2022-02-27 08:52 - 000000000 ____D C:\Users\Miloslav Neužil\AppData\Roaming\ZoomBrowser EX
2022-02-27 08:47 - 2022-02-27 08:48 - 000000000 ____D C:\Program Files (x86)\Canon
2022-02-27 08:47 - 2022-02-27 08:47 - 000001369 _____ C:\Users\Public\Desktop\ZoomBrowser EX.lnk
2022-02-27 08:47 - 2022-02-27 08:47 - 000000000 ____D C:\ProgramData\ZoomBrowser
2022-02-27 08:43 - 2022-02-27 08:43 - 000000096 _____ C:\Users\Miloslav Neužil\AppData\Local\X-Plane_xdd_11.prf
2022-02-27 08:34 - 2022-02-27 08:34 - 000000405 _____ C:\Users\Miloslav Neužil\Desktop\Control Panel (2).lnk
2022-02-27 08:30 - 2022-02-27 08:58 - 000000000 ____D C:\ProgramData\Package Cache
2022-02-27 08:03 - 2022-02-27 08:07 - 000000986 _____ C:\Users\Miloslav Neužil\Desktop\JUC.lnk
2022-02-27 06:38 - 2022-02-27 08:49 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2022-02-27 06:38 - 2022-02-27 06:43 - 000003206 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2022-02-27 06:38 - 2022-02-27 06:43 - 000002172 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-02-27 06:38 - 2022-02-27 06:38 - 000000000 ___RD C:\Users\Default\OneDrive
2022-02-27 06:38 - 2022-02-27 06:38 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2022-02-27 06:37 - 2022-02-27 06:37 - 000002477 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2022-02-27 06:37 - 2022-02-27 06:37 - 000002471 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2022-02-27 06:37 - 2022-02-27 06:37 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2022-02-27 06:37 - 2022-02-27 06:37 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2022-02-27 06:32 - 2022-02-27 06:37 - 000000000 ____D C:\Program Files\Microsoft Office
2022-02-27 06:32 - 2022-02-27 06:32 - 000000000 ____D C:\Program Files\Microsoft Office 15
2022-02-27 06:28 - 2022-02-27 06:28 - 000000000 ____D C:\Users\Miloslav Neužil\AppData\Local\Ahead
2022-02-27 06:27 - 2022-02-27 06:27 - 000000000 ____D C:\ProgramData\Ahead
2022-02-27 06:25 - 2022-02-27 06:25 - 000000000 ____D C:\ProgramData\Nero
2022-02-27 06:25 - 2022-02-27 06:25 - 000000000 ____D C:\Program Files (x86)\Nero
2022-02-27 06:14 - 2022-02-27 06:17 - 000000000 ____D C:\Program Files (x86)\Kith and Kin Birthday Alert
2022-02-27 06:14 - 2022-02-27 06:14 - 000001149 _____ C:\Users\Public\Desktop\KK Birthday Alert.lnk
2022-02-27 06:13 - 2022-02-27 06:18 - 000000000 ____D C:\ProgramData\KKPro
2022-02-27 06:13 - 2022-02-27 06:17 - 000000000 ____D C:\Program Files (x86)\Kith and Kin Pro V3
2022-02-27 06:13 - 2022-02-27 06:13 - 000001083 _____ C:\Users\Public\Desktop\Kith and Kin Pro V3.lnk
2022-02-27 05:58 - 2022-02-27 05:58 - 000000057 _____ C:\ProgramData\Ament.ini
2022-02-27 05:56 - 2022-02-27 05:56 - 000001248 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S OCR Registration.lnk
2022-02-27 05:55 - 2022-02-27 05:55 - 000003782 _____ C:\WINDOWS\system32\Tasks\HPCustParticipation HP LaserJet MFP M129-M134
2022-02-27 05:53 - 2022-02-27 05:56 - 000000000 ____D C:\Program Files (x86)\HP
2022-02-27 05:53 - 2022-02-27 05:53 - 000001294 _____ C:\Users\Public\Desktop\HP LaserJet MFP M129-M134-HP Scan.lnk
2022-02-27 05:53 - 2022-02-27 05:53 - 000000000 ____D C:\Program Files\HP
2022-02-27 05:49 - 2022-02-27 05:55 - 000000000 ____D C:\ProgramData\HP
2022-02-27 05:38 - 2022-02-27 05:38 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2022-02-27 05:35 - 2022-02-27 06:00 - 000000000 ____D C:\Users\Miloslav Neužil\AppData\Local\HP
2022-02-27 05:27 - 2022-02-27 10:51 - 000000000 ____D C:\Users\Miloslav Neužil\AppData\Local\Corel
2022-02-27 05:27 - 2022-02-27 10:06 - 000000848 ___SH C:\WINDOWS\SysWOW64\KGyGaAvL.sys
2022-02-27 05:27 - 2022-02-27 05:29 - 000011776 _____ C:\Users\Miloslav Neužil\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2022-02-27 05:27 - 2022-02-27 05:27 - 000000000 ____D C:\Users\Miloslav Neužil\AppData\Roaming\Corel
2022-02-27 05:26 - 2022-02-27 05:26 - 000002453 _____ C:\Users\Public\Desktop\Corel Paint Shop Pro Photo X2.lnk
2022-02-27 05:26 - 2022-02-27 05:26 - 000000000 ____D C:\ProgramData\Corel
2022-02-27 05:25 - 2022-02-27 05:25 - 000000000 ____D C:\WINDOWS\SysWOW64\Spool
2022-02-27 05:25 - 2022-02-27 05:25 - 000000000 ____D C:\Program Files (x86)\Corel
2022-02-26 21:17 - 2022-02-26 21:17 - 000000335 _____ C:\Users\Miloslav Neužil\Desktop\computer.lnk
2022-02-26 21:13 - 2022-02-27 08:43 - 000000112 _____ C:\Users\Miloslav Neužil\AppData\Local\X-Plane_drm_11.prf
2022-02-26 21:13 - 2022-02-26 21:15 - 000000093 _____ C:\Users\Miloslav Neužil\AppData\Local\X-Plane 11 Preferences.prf
2022-02-26 21:13 - 2022-02-26 21:13 - 000000016 _____ C:\Users\Miloslav Neužil\AppData\Local\x-plane_install_11.txt
2022-02-26 20:48 - 2022-02-27 08:55 - 000000000 ____D C:\Users\Miloslav Neužil\AppData\Local\PlaceholderTileLogoFolder
2022-02-26 20:41 - 2022-02-26 20:41 - 000000000 ____D C:\Users\Miloslav Neužil\AppData\Roaming\Logishrd
2022-02-26 20:39 - 2022-02-26 20:39 - 000000000 ____D C:\Program Files\Logitech
2022-02-26 20:30 - 2022-02-26 20:30 - 000000000 ____D C:\Users\Miloslav Neužil\AppData\Local\Logitech
2022-02-26 20:13 - 2022-02-26 20:13 - 000000000 ____D C:\Users\Miloslav Neužil\AppData\Local\GHISLER
2022-02-26 19:20 - 2022-02-26 19:20 - 000000000 ____D C:\Users\Miloslav Neužil\AppData\Local\Comms
2022-02-26 19:20 - 2022-02-26 19:20 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-02-26 19:17 - 2022-02-26 19:18 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-02-26 19:16 - 2022-02-26 19:25 - 000000000 ____D C:\Users\Miloslav Neužil\AppData\Local\D3DSCache
2022-02-26 19:11 - 2022-02-27 08:53 - 000000000 ____D C:\Users\Miloslav Neužil\AppData\Local\LogiBolt
2022-02-26 19:11 - 2022-02-26 19:11 - 000000000 ____D C:\Users\Miloslav Neužil\AppData\Local\CEF
2022-02-26 19:11 - 2022-02-26 19:11 - 000000000 ____D C:\Program Files\Logi
2022-02-26 19:10 - 2022-02-27 06:43 - 000003604 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1292141479-613030465-2163202204-1001
2022-02-26 19:10 - 2022-02-26 19:10 - 000000000 ____D C:\Users\Miloslav Neužil\AppData\Local\PeerDistRepub
2022-02-26 19:09 - 2022-02-26 20:40 - 000000000 ____D C:\ProgramData\Logishrd
2022-02-26 19:06 - 2022-02-26 19:06 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2022-02-26 19:04 - 2022-02-26 19:06 - 000000000 ____D C:\Users\Miloslav Neužil\AppData\Local\Publishers
2022-02-26 19:03 - 2022-02-27 08:55 - 000000000 ____D C:\ProgramData\Packages
2022-02-26 19:02 - 2022-02-27 09:35 - 000000000 ____D C:\Users\Miloslav Neužil\AppData\Local\VirtualStore
2022-02-26 19:02 - 2022-02-27 08:55 - 000000000 ____D C:\Users\Miloslav Neužil\AppData\Local\Packages
2022-02-26 19:02 - 2022-02-26 19:38 - 000000000 ____D C:\Users\Miloslav Neužil\AppData\Local\ConnectedDevicesPlatform
2022-02-26 19:02 - 2022-02-26 19:02 - 004931577 ____H C:\WINDOWS\{00000005-00000000-00000000-00001102-00000008-10241102}.BAK
2022-02-26 19:02 - 2022-02-26 19:02 - 000000020 ___SH C:\Users\Miloslav Neužil\ntuser.ini
2022-02-26 19:02 - 2022-02-26 19:02 - 000000000 ____D C:\Users\Miloslav Neužil\AppData\Roaming\Adobe
2022-02-26 18:44 - 2022-02-26 18:44 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2022-02-26 18:44 - 2022-02-26 18:44 - 000000000 _SHDL C:\ProgramData\Šablony
2022-02-26 18:44 - 2022-02-26 18:44 - 000000000 _SHDL C:\ProgramData\Plocha
2022-02-26 18:44 - 2022-02-26 18:44 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2022-02-26 18:44 - 2022-02-26 18:44 - 000000000 _SHDL C:\ProgramData\Dokumenty
2022-02-26 18:44 - 2022-02-26 18:44 - 000000000 _SHDL C:\ProgramData\Data aplikací
2022-02-26 18:42 - 2022-02-27 09:02 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-02-26 18:25 - 2022-02-26 19:02 - 000000000 ____D C:\Users\Miloslav Neužil
2022-02-26 18:25 - 2022-02-26 18:25 - 000000000 _SHDL C:\Users\Miloslav Neužil\Šablony
2022-02-26 18:25 - 2022-02-26 18:25 - 000000000 _SHDL C:\Users\Miloslav Neužil\Soubory cookie
2022-02-26 18:25 - 2022-02-26 18:25 - 000000000 _SHDL C:\Users\Miloslav Neužil\Poslední
2022-02-26 18:25 - 2022-02-26 18:25 - 000000000 _SHDL C:\Users\Miloslav Neužil\Okolní tiskárny
2022-02-26 18:25 - 2022-02-26 18:25 - 000000000 _SHDL C:\Users\Miloslav Neužil\Okolní síť
2022-02-26 18:25 - 2022-02-26 18:25 - 000000000 _SHDL C:\Users\Miloslav Neužil\Nabídka Start
2022-02-26 18:25 - 2022-02-26 18:25 - 000000000 _SHDL C:\Users\Miloslav Neužil\Dokumenty
2022-02-26 18:25 - 2022-02-26 18:25 - 000000000 _SHDL C:\Users\Miloslav Neužil\Documents\Obrázky
2022-02-26 18:25 - 2022-02-26 18:25 - 000000000 _SHDL C:\Users\Miloslav Neužil\Documents\Hudba
2022-02-26 18:25 - 2022-02-26 18:25 - 000000000 _SHDL C:\Users\Miloslav Neužil\Documents\Filmy
2022-02-26 18:25 - 2022-02-26 18:25 - 000000000 _SHDL C:\Users\Miloslav Neužil\Data aplikací
2022-02-26 18:25 - 2022-02-26 18:25 - 000000000 _SHDL C:\Users\Miloslav Neužil\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2022-02-26 18:25 - 2022-02-26 18:25 - 000000000 _SHDL C:\Users\Miloslav Neužil\AppData\Local\Data aplikací
2022-02-26 18:18 - 2022-02-27 12:25 - 000000000 ____D C:\ProgramData\NVIDIA
2022-02-26 18:18 - 2022-02-27 09:02 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-02-26 18:17 - 2022-02-27 08:53 - 000033800 _____ C:\WINDOWS\system32\BMXStateBkp-{00000005-00000000-00000000-00001102-00000008-10241102}.rfx
2022-02-26 18:17 - 2022-02-27 08:53 - 000033800 _____ C:\WINDOWS\system32\BMXState-{00000005-00000000-00000000-00001102-00000008-10241102}.rfx
2022-02-26 18:17 - 2022-02-27 08:53 - 000029040 _____ C:\WINDOWS\system32\BMXCtrlState-{00000005-00000000-00000000-00001102-00000008-10241102}.rfx
2022-02-26 18:17 - 2022-02-27 08:53 - 000029040 _____ C:\WINDOWS\system32\BMXBkpCtrlState-{00000005-00000000-00000000-00001102-00000008-10241102}.rfx
2022-02-26 18:17 - 2022-02-27 08:53 - 000011564 _____ C:\WINDOWS\system32\DVCState-{00000005-00000000-00000000-00001102-00000008-10241102}.rfx
2022-02-26 18:17 - 2022-02-26 19:27 - 004931577 _____ C:\WINDOWS\{00000005-00000000-00000000-00001102-00000008-10241102}.CDF
2022-02-26 18:17 - 2022-02-26 18:17 - 000466520 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2022-02-26 18:17 - 2022-02-26 18:17 - 000445016 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2022-02-26 18:17 - 2022-02-26 18:17 - 000123480 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2022-02-26 18:17 - 2022-02-26 18:17 - 000109144 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2022-02-26 18:17 - 2022-02-26 18:17 - 000000159 ___RH C:\WINDOWS\ctfile.rfc
2022-02-26 18:17 - 2022-02-26 18:17 - 000000000 ____D C:\WINDOWS\system32\lxss
2022-02-26 18:17 - 2022-02-26 18:17 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2022-02-26 18:17 - 2022-02-26 18:17 - 000000000 ____D C:\Program Files (x86)\OpenAL
2022-02-26 18:17 - 2009-03-26 14:48 - 000190976 _____ C:\WINDOWS\system32\APOMgr64.DLL
2022-02-26 18:17 - 2009-03-26 14:46 - 000148480 _____ C:\WINDOWS\SysWOW64\APOMngr.DLL
2022-02-26 18:17 - 2009-02-06 18:53 - 000089088 _____ C:\WINDOWS\system32\CmdRtr64.DLL
2022-02-26 18:17 - 2009-02-06 18:52 - 000073728 _____ C:\WINDOWS\SysWOW64\CmdRtr.DLL
2022-02-26 18:15 - 2022-02-26 19:09 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-02-26 18:14 - 2022-02-26 18:24 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-02-26 18:14 - 2022-02-26 18:24 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-02-26 18:14 - 2022-02-26 18:14 - 000000000 ____H C:\ProgramData\DP45977C.lfl
2022-02-26 18:14 - 2022-02-26 18:14 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2022-02-26 18:14 - 2022-02-26 18:14 - 000000000 ____D C:\WINDOWS\system32\DAX2
2022-02-26 18:14 - 2022-02-26 18:14 - 000000000 ____D C:\WINDOWS\system32\data
2022-02-26 18:14 - 2022-02-26 18:14 - 000000000 ____D C:\Program Files\Realtek
2022-02-26 18:13 - 2022-02-26 18:13 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2022-02-26 18:12 - 2022-02-27 08:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-02-26 18:12 - 2022-02-26 19:16 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-02-26 18:02 - 2022-02-27 06:40 - 000304656 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-02-26 18:02 - 2022-02-26 18:12 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-02-26 18:00 - 2022-02-26 19:01 - 000000000 ____D C:\WINDOWS\Panther
2022-02-26 17:48 - 2022-02-26 17:48 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2022-02-26 17:44 - 2022-02-26 17:44 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-02-26 17:44 - 2022-02-26 17:44 - 000000000 ____D C:\ProgramData\ssh
2022-02-26 17:41 - 2022-02-26 17:41 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2022-02-26 17:41 - 2022-02-26 17:41 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll
2022-02-26 17:41 - 2022-02-26 17:41 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2022-02-26 17:41 - 2022-02-26 17:41 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2022-02-26 17:41 - 2022-02-26 17:41 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2022-02-26 17:41 - 2022-02-26 17:41 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2022-02-26 17:41 - 2022-02-26 17:41 - 000672768 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-02-26 17:41 - 2022-02-26 17:41 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2022-02-26 17:41 - 2022-02-26 17:41 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-02-26 17:41 - 2022-02-26 17:41 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2022-02-26 17:41 - 2022-02-26 17:41 - 000480256 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2022-02-26 17:41 - 2022-02-26 17:41 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-02-26 17:41 - 2022-02-26 17:41 - 000195584 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
2022-02-26 17:41 - 2022-02-26 17:41 - 000170496 _____ C:\WINDOWS\system32\DeviceUpdateCenterCsp.dll
2022-02-26 17:41 - 2022-02-26 17:41 - 000158208 _____ C:\WINDOWS\system32\uwfcsp.dll
2022-02-26 17:41 - 2022-02-26 17:41 - 000138056 _____ C:\WINDOWS\system32\HvsiManagementApi.dll
2022-02-26 17:41 - 2022-02-26 17:41 - 000101704 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll
2022-02-26 17:41 - 2022-02-26 17:41 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2022-02-26 17:41 - 2022-02-26 17:41 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2022-02-26 17:41 - 2022-02-26 17:41 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2022-02-26 17:41 - 2022-02-26 17:41 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2022-02-26 17:41 - 2022-02-26 17:41 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2022-02-26 17:41 - 2022-02-26 17:41 - 000040960 _____ C:\WINDOWS\system32\uwfservicingapi.dll
2022-02-26 17:41 - 2022-02-26 17:41 - 000011821 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-02-26 17:40 - 2022-02-26 17:40 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2022-02-26 17:40 - 2022-02-26 17:40 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll
2022-02-26 17:40 - 2022-02-26 17:40 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-02-26 17:40 - 2022-02-26 17:40 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2022-02-26 17:40 - 2022-02-26 17:40 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2022-02-26 17:40 - 2022-02-26 17:40 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll
2022-02-26 17:40 - 2022-02-26 17:40 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2022-02-26 17:40 - 2022-02-26 17:40 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2022-02-26 17:40 - 2022-02-26 17:40 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-02-26 17:40 - 2022-02-26 17:40 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2022-02-26 17:40 - 2022-02-26 17:40 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2022-02-26 17:40 - 2022-02-26 17:40 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2022-02-26 17:40 - 2022-02-26 17:40 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2022-02-26 17:40 - 2022-02-26 17:40 - 000611960 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2022-02-26 17:40 - 2022-02-26 17:40 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2022-02-26 17:40 - 2022-02-26 17:40 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2022-02-26 17:40 - 2022-02-26 17:40 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2022-02-26 17:40 - 2022-02-26 17:40 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2022-02-26 17:40 - 2022-02-26 17:40 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2022-02-26 17:40 - 2022-02-26 17:40 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2022-02-26 17:40 - 2022-02-26 17:40 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-02-26 17:40 - 2022-02-26 17:40 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2022-02-26 17:40 - 2022-02-26 17:40 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2022-02-26 17:40 - 2022-02-26 17:40 - 000098304 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2022-02-26 17:40 - 2022-02-26 17:40 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-02-26 17:40 - 2022-02-26 17:40 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2022-02-26 17:40 - 2022-02-26 17:40 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-02-26 17:40 - 2022-02-26 17:40 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2022-02-26 17:40 - 2022-02-26 17:40 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-02-26 17:40 - 2022-02-26 17:40 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2022-02-26 17:40 - 2022-02-26 17:40 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2022-02-26 17:40 - 2022-02-26 17:40 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2022-02-26 17:40 - 2022-02-26 17:40 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2022-02-26 17:39 - 2022-02-26 17:39 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2022-02-26 17:39 - 2022-02-26 17:39 - 000706536 _____ C:\WINDOWS\system32\TextShaping.dll
2022-02-26 17:39 - 2022-02-26 17:39 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2022-02-26 17:39 - 2022-02-26 17:39 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2022-02-26 17:39 - 2022-02-26 17:39 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2022-02-26 17:39 - 2022-02-26 17:39 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-02-26 17:39 - 2022-02-26 17:39 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2022-02-26 17:39 - 2022-02-26 17:39 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe
2022-02-26 17:39 - 2022-02-26 17:39 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2022-02-26 17:39 - 2022-02-26 17:39 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-02-26 17:39 - 2022-02-26 17:39 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2022-02-26 17:39 - 2022-02-26 17:39 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2022-02-26 17:39 - 2022-02-26 17:39 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2022-02-26 17:39 - 2022-02-26 17:39 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2022-02-26 17:39 - 2022-02-26 17:39 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2022-02-26 17:23 - 2022-02-26 17:23 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2022-02-26 17:23 - 2022-02-26 17:23 - 000000000 ____D C:\Program Files\Reference Assemblies
2022-02-26 17:23 - 2022-02-26 17:23 - 000000000 ____D C:\Program Files\MSBuild
2022-02-26 17:23 - 2022-02-26 17:23 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2022-02-26 17:23 - 2022-02-26 17:23 - 000000000 ____D C:\Program Files (x86)\MSBuild
2022-02-26 17:20 - 2022-02-26 17:20 - 000000000 ____D C:\WINDOWS\system32\Samsung
2022-02-26 17:19 - 2022-02-26 17:19 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2022-02-26 16:48 - 2022-02-26 18:41 - 000000000 ___HD C:\$SysReset
2022-02-22 16:02 - 2022-02-22 16:02 - 000275752 _____ C:\Users\Miloslav Neužil\Downloads\UK-4763015-21041000--[3505].pdf
2022-02-17 18:45 - 2022-02-27 05:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel Paint Shop Pro Photo X2
2022-02-17 10:57 - 2022-02-17 10:57 - 000000000 ____D C:\CyberLink
2022-02-16 12:19 - 2022-02-16 12:22 - 000000000 ___HD C:\$WinREAgent
2022-02-15 18:25 - 2022-02-15 18:25 - 000000000 ____D C:\Users\Miloslav Neužil\Documents\Corel
2022-02-15 17:07 - 2022-02-10 07:18 - 000127968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2022-02-15 17:07 - 2022-02-10 07:18 - 000040920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2022-02-15 17:02 - 2022-02-10 19:42 - 001905936 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-02-15 17:02 - 2022-02-10 19:42 - 001905936 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-02-15 17:02 - 2022-02-10 19:42 - 001478416 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-02-15 17:02 - 2022-02-10 19:42 - 001478416 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-02-15 17:02 - 2022-02-10 19:42 - 001467840 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-02-15 17:02 - 2022-02-10 19:42 - 001432336 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-02-15 17:02 - 2022-02-10 19:42 - 001432336 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-02-15 17:02 - 2022-02-10 19:42 - 001209280 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-02-15 17:02 - 2022-02-10 19:42 - 001145616 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-02-15 17:02 - 2022-02-10 19:42 - 001145616 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-02-15 17:02 - 2022-02-10 19:39 - 001531872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-02-15 17:02 - 2022-02-10 19:39 - 001176704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-02-15 17:02 - 2022-02-10 19:39 - 000797112 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-02-15 17:02 - 2022-02-10 19:39 - 000717760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-02-15 17:02 - 2022-02-10 19:39 - 000636032 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-02-15 17:02 - 2022-02-10 19:38 - 002120320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-02-15 17:02 - 2022-02-10 19:38 - 001602728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-02-15 17:02 - 2022-02-10 19:38 - 000983992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-02-15 17:02 - 2022-02-10 19:38 - 000795584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-02-15 17:02 - 2022-02-10 19:38 - 000711608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-02-15 17:02 - 2022-02-10 19:37 - 008612496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-02-15 17:02 - 2022-02-10 19:37 - 007714960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-02-15 17:02 - 2022-02-10 19:37 - 005727376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-02-15 17:02 - 2022-02-10 19:37 - 005099152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-02-15 17:02 - 2022-02-10 19:37 - 002935744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-02-15 17:02 - 2022-02-10 19:37 - 000456848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-02-15 17:02 - 2022-02-10 19:35 - 000849024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-02-15 17:02 - 2022-02-10 19:34 - 007613344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2022-02-15 17:02 - 2022-02-10 19:34 - 006461040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-02-15 17:02 - 2022-02-10 07:18 - 000089251 _____ C:\WINDOWS\system32\nvinfo.pb
2022-02-15 14:41 - 2021-06-02 15:03 - 000067464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2022-02-14 15:27 - 2022-02-14 15:27 - 000200688 _____ C:\Users\Miloslav Neužil\Downloads\DPZVD6-0511230014-20220214-152605.pdf
2022-02-14 15:27 - 2022-02-14 15:27 - 000020704 _____ C:\Users\Miloslav Neužil\Downloads\DPZVD6-0511230014-20220214-152605-1625680322-potvrzeni.p7s
2022-02-06 15:44 - 2022-02-06 15:44 - 009977334 _____ C:\Users\Miloslav Neužil\Downloads\samsung-galaxy-labs-2-5-00-10.apk
2022-01-31 12:14 - 2022-01-31 12:40 - 3037065094 _____ C:\Users\Miloslav Neužil\Downloads\OneDrive-2022-01-31 (1).zip
2022-01-28 19:10 - 2022-01-28 19:10 - 000000000 ____D C:\Users\Miloslav Neužil\AppData\LocalLow\Intel
2022-01-28 19:09 - 2022-01-29 11:02 - 000000000 __SHD C:\Users\Miloslav Neužil\IntelGraphicsProfiles
2022-01-28 19:06 - 2022-02-21 08:23 - 000000000 ____D C:\Intel

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-02-27 12:31 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-02-27 10:06 - 2020-10-04 12:06 - 000000000 ____D C:\Users\Miloslav Neužil\Documents\My PSP Files
2022-02-27 09:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-02-27 09:02 - 2019-12-07 15:43 - 000716726 _____ C:\WINDOWS\system32\perfh005.dat
2022-02-27 09:02 - 2019-12-07 15:43 - 000144904 _____ C:\WINDOWS\system32\perfc005.dat
2022-02-27 09:02 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-02-27 08:58 - 2020-10-20 05:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2022-02-27 08:54 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-02-27 08:53 - 2020-10-03 15:39 - 000000000 ___RD C:\Users\Miloslav Neužil\OneDrive
2022-02-27 08:49 - 2020-10-13 21:24 - 000008192 ___SH C:\DumpStack.log.tmp
2022-02-27 08:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-02-27 08:48 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-02-27 08:47 - 2020-10-05 11:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2022-02-27 08:08 - 2021-05-13 10:23 - 000000000 ____D C:\Juc
2022-02-27 06:38 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-02-27 06:37 - 2021-05-22 04:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2022-02-27 06:28 - 2020-10-04 13:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Essentials
2022-02-27 06:26 - 2020-10-03 15:37 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-02-27 06:16 - 2020-10-04 06:49 - 000000000 ____D C:\SpanSoft updates
2022-02-27 06:14 - 2020-10-04 06:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kith and Kin Birthday Alert
2022-02-27 06:13 - 2020-10-04 06:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kith and Kin Pro V3
2022-02-27 05:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\appcompat
2022-02-26 20:41 - 2021-09-07 16:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2022-02-26 20:40 - 2020-10-03 17:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2022-02-26 19:20 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-02-26 19:20 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-02-26 19:15 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2022-02-26 19:09 - 2020-10-03 21:03 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-02-26 19:03 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-02-26 19:02 - 2020-10-03 19:54 - 000000000 ___RD C:\Users\Miloslav Neužil\3D Objects
2022-02-26 19:01 - 2019-12-07 15:45 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2022-02-26 19:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\spool
2022-02-26 19:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-02-26 19:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-02-26 19:01 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate
2022-02-26 18:44 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows NT
2022-02-26 18:41 - 2021-12-30 18:44 - 000000000 ____D C:\Users\Miloslav Neužil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Silicon Labs
2022-02-26 18:41 - 2021-10-24 12:58 - 000000000 ____D C:\Users\Miloslav Neužil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2022-02-26 18:41 - 2021-09-27 18:44 - 000000000 ____D C:\Users\Miloslav Neužil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-02-26 18:41 - 2021-05-13 10:12 - 000000000 ____D C:\Users\Miloslav Neužil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DOSBox-X
2022-02-26 18:41 - 2021-05-08 18:09 - 000000000 ____D C:\Users\Miloslav Neužil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NR
2022-02-26 18:41 - 2021-01-30 06:48 - 000000000 ____D C:\Users\Miloslav Neužil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Borland InterBase 2007 [instance = gds_db]
2022-02-26 18:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-02-26 18:13 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-02-26 17:58 - 2021-10-28 13:15 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2022-02-26 17:58 - 2021-09-27 18:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-02-26 17:58 - 2021-07-10 06:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TagScanner
2022-02-26 17:58 - 2021-07-10 05:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3 Merger
2022-02-26 17:58 - 2021-05-14 15:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DosPrint
2022-02-26 17:58 - 2020-11-08 13:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2022-02-26 17:58 - 2020-10-06 10:15 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Embarcadero RAD Studio 2010
2022-02-26 17:58 - 2020-10-05 07:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Borland InterBase 2007 [instance = gds_db]
2022-02-26 17:58 - 2020-10-05 07:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2022-02-26 17:58 - 2020-10-04 20:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2022-02-26 17:58 - 2019-12-07 10:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2022-02-26 17:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2022-02-26 17:48 - 2021-12-12 17:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2022-02-26 17:48 - 2020-10-04 16:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2022-02-26 17:48 - 2020-10-04 14:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2022-02-26 17:48 - 2020-10-03 17:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Killer Networking
2022-02-26 17:48 - 2020-10-03 17:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2022-02-26 17:48 - 2019-12-07 10:14 - 000000000 __RHD C:\Users\Public\Libraries
2022-02-26 17:44 - 2019-12-07 15:47 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2022-02-26 17:44 - 2019-12-07 15:47 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2022-02-26 17:44 - 2019-12-07 15:47 - 000000000 ___SD C:\WINDOWS\system32\AppV
2022-02-26 17:44 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2022-02-26 17:44 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-02-26 17:44 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-02-26 17:44 - 2019-12-07 15:44 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2022-02-26 17:44 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2022-02-26 17:44 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2022-02-26 17:44 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-02-26 17:44 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2022-02-26 17:44 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-02-26 17:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-02-26 17:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2022-02-26 17:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2022-02-26 17:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2022-02-26 17:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2022-02-26 17:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-02-26 17:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-02-26 17:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2022-02-26 17:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-02-26 17:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-02-26 17:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2022-02-26 17:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2022-02-26 17:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-02-26 17:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-02-26 17:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2022-02-26 17:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2022-02-26 17:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-02-26 17:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-02-26 17:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2022-02-26 17:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-02-26 17:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-02-26 17:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-02-26 17:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2022-02-26 17:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-02-26 17:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-02-26 17:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-02-26 17:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-02-26 17:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2022-02-26 17:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-02-26 17:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2022-02-26 17:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-02-26 17:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-02-26 17:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-02-26 17:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-02-26 17:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2022-02-26 17:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2022-02-26 17:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-02-26 17:44 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-02-26 17:44 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2022-02-26 17:44 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2022-02-26 17:24 - 2019-12-07 15:45 - 000000000 ____D C:\WINDOWS\OCR
2022-02-26 17:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2022-02-26 17:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\MUI
2022-02-22 16:57 - 2020-10-04 20:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2022-02-21 12:32 - 2022-01-19 19:27 - 000032790 _____ C:\Users\Miloslav Neužil\Downloads\Vysílačka záloha.kg
2022-02-21 07:50 - 2020-10-13 20:11 - 000000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2022-02-16 16:40 - 2020-10-04 12:02 - 000000000 ____D C:\INSTALL
2022-02-16 14:25 - 2022-01-03 16:02 - 000000000 ____D C:\Users\Miloslav Neužil\Downloads\Nová složka
2022-02-14 15:27 - 2021-01-19 15:21 - 000002938 _____ C:\Users\Miloslav Neužil\epodpisfs.properties
2022-02-14 15:16 - 2021-05-13 10:23 - 000000000 ____D C:\JUCTISK

==================== Files in the root of some directories ========

2022-02-27 05:27 - 2022-02-27 05:29 - 000011776 _____ () C:\Users\Miloslav Neužil\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2022-02-26 21:13 - 2022-02-26 21:15 - 000000093 _____ () C:\Users\Miloslav Neužil\AppData\Local\X-Plane 11 Preferences.prf
2022-02-26 21:13 - 2022-02-27 08:43 - 000000112 _____ () C:\Users\Miloslav Neužil\AppData\Local\X-Plane_drm_11.prf
2022-02-26 21:13 - 2022-02-26 21:13 - 000000016 _____ () C:\Users\Miloslav Neužil\AppData\Local\x-plane_install_11.txt
2022-02-27 08:43 - 2022-02-27 08:43 - 000000096 _____ () C:\Users\Miloslav Neužil\AppData\Local\X-Plane_xdd_11.prf

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-02-2022
Ran by Miloslav Neužil (27-02-2022 13:43:28)
Running from C:\Users\Miloslav Neužil\AppData\Local\Temp\MicrosoftEdgeDownloads\6c344e81-9d96-4eea-96d1-c4cd5c3b70f2
Microsoft Windows 10 Pro Version 21H2 19044.1566 (X64) (2022-02-26 18:01:13)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1292141479-613030465-2163202204-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1292141479-613030465-2163202204-503 - Limited - Disabled)
Guest (S-1-5-21-1292141479-613030465-2163202204-501 - Limited - Disabled)
Miloslav Neužil (S-1-5-21-1292141479-613030465-2163202204-1001 - Administrator - Enabled) => C:\Users\Miloslav Neužil
WDAGUtilityAccount (S-1-5-21-1292141479-613030465-2163202204-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.0.0.65 - Canon Inc.)
Canon Utilities CameraWindow (HKLM-x32\...\CameraWindowLauncher) (Version: 7.1.0.2 - Canon Inc.)
Canon Utilities CameraWindow DC (HKLM-x32\...\CameraWindowDC) (Version: 7.2.0.10 - Canon Inc.)
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (HKLM-x32\...\CameraWindowDVC6) (Version: 6.4.2.16 - Canon Inc.)
Canon Utilities MyCamera (HKLM-x32\...\MyCamera) (Version: 7.0.0.3 - Canon Inc.)
Canon Utilities MyCamera DC (HKLM-x32\...\MyCameraDC) (Version: 7.1.0.4 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities RemoteCapture Task for ZoomBrowser EX (HKLM-x32\...\RemoteCaptureTask) (Version: 1.7.1.9 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.2.0.29 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.2.0.9 - Canon Inc.)
Corel Paint Shop Pro Photo X2 (HKLM-x32\...\{64E72FB1-2343-4977-B4A8-262CD53D0BD3}) (Version: 12.011.0000 - Corel Corporation)
HP Dropbox Plugin (HKLM-x32\...\{2B241F10-5647-4C07-B982-CC0B81682A59}) (Version: 36.0.102.68541 - HP)
HP EmailSMTP Plugin (HKLM-x32\...\{FBCFDA37-DD90-4465-9E8B-26C2D2260EFF}) (Version: 43.0.0.0 - HP)
HP FTP Plugin (HKLM-x32\...\{5B4F8499-E03E-4A81-850D-81B27CC8EC9C}) (Version: 43.0.0.0 - HP)
HP Google Drive Plugin (HKLM-x32\...\{489527CD-23E4-4F60-82CB-F85DF758049F}) (Version: 36.0.102.68541 - HP)
HP OneDrive Plugin (HKLM-x32\...\{904BE479-2821-419D-B44F-C963042CB6FD}) (Version: 36.0.0.0 - HP)
HP SharePoint Plugin (HKLM-x32\...\{86B04693-5E1B-4A2A-8715-6E1E1B5AE8C2}) (Version: 43.0.0.0 - HP)
I.R.I.S OCR (HKLM-x32\...\{39508F29-1E81-40FC-85DA-3182CB04614E}) (Version: 15.2.10.1114 - HP Inc.)
Kith and Kin Birthday Alert (HKLM-x32\...\{6BC036CF-E514-45BE-85FB-CD789EA57D7B}) (Version: 1.2.3 - SpanSoft)
Kith and Kin Pro V3 (HKLM-x32\...\{9E7214FB-57C5-4B91-9C21-4F5F26E25B5A}) (Version: 3.3.0 - SpanSoft)
LM129 (HKLM-x32\...\{A2D25501-6F44-4CE2-9EFA-C9E5A0658FA9}) (Version: 0.00.0005 - HP)
Logi Bolt (HKLM\...\LogiBolt) (Version: 1.2.6024.0 - Logi)
Logitech Options (HKLM\...\LogiOptions) (Version: 9.50.269 - Logitech)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 98.0.1108.62 - Microsoft Corporation)
Microsoft Office 2016 pro domácnosti - cs-cz (HKLM\...\HomeStudentRetail - cs-cz) (Version: 16.0.14827.20198 - Microsoft Corporation)
Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{16E50919-B07A-4B4E-994A-476D4773F5BF}) (Version: 3.65.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{2fa65abe-2cfc-4cf3-89b1-99122a47fdd6}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Nero 7 Essentials (HKLM-x32\...\{BC61F51E-8AF7-46B9-AF20-B33B5EE81029}) (Version: 7.03.0188 - Nero AG)
NVIDIA FrameView SDK 1.2.7321.30900954 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.7321.30900954 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.25.0.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.25.0.84 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14827.20198 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14827.20198 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7534 - Realtek Semiconductor Corp.)
Studie vylepšování produktu HP LaserJet MFP M129-M134 (HKLM\...\{6319D85A-6C39-46CB-819B-5F39EDCF3C4C}) (Version: 44.3.2667.18234 - HP Inc.)
Základní software zařízení HP LaserJet MFP M129-M134 (HKLM\...\{3A7EC3EF-57A8-4F84-AD06-FA71DF75C7BE}) (Version: 44.3.2667.18234 - HP Inc.)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-02-26] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_134.1.221.0_x64__v10z8vjag6ke6 [2022-02-27] (HP Inc.)
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_4.2.2190.0_x64__8wekyb3d8bbwe [2022-02-26] (Microsoft Studios) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.2180.0_x64__8wekyb3d8bbwe [2022-02-26] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-02-27] (NVIDIA Corp.)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3407.0_x64__8j3eq9eme6ctt [2022-02-26] (INTEL CORP) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll [2022-02-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll [2022-02-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll [2022-02-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll [2022-02-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll [2022-02-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll [2022-02-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll [2022-02-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll [2022-02-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll [2022-02-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll [2022-02-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll [2022-02-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll [2022-02-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll [2022-02-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll [2022-02-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll [2022-02-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [2007-05-04] (Nero AG -> Nero AG)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll [2022-02-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll [2022-02-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3b12ac0f95b18b9d\nvshext.dll [2022-02-10] (Nvidia Corporation -> NVIDIA Corporation)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Miloslav Neužil\Desktop\JUC.lnk -> C:\Juc\juc.bat ()

==================== Loaded Modules (Whitelisted) =============

2021-11-21 05:10 - 2021-10-06 02:30 - 126961152 _____ () [File not signed] D:\Steam\bin\cef\cef.win7x64\libcef.dll
2021-11-21 05:10 - 2021-10-06 02:30 - 000384000 _____ () [File not signed] D:\Steam\bin\cef\cef.win7x64\libegl.dll
2021-11-21 05:10 - 2021-10-06 02:30 - 008006656 _____ () [File not signed] D:\Steam\bin\cef\cef.win7x64\libglesv2.dll
2022-01-28 19:16 - 2022-01-28 19:17 - 042859520 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3407.0_x64__8j3eq9eme6ctt\IGCC.dll
2021-11-21 05:10 - 2021-10-06 02:30 - 000983552 _____ (The Chromium Authors) [File not signed] D:\Steam\bin\cef\cef.win7x64\chrome_elf.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Miloslav Neužil\Desktop\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\Miloslav Neužil\Documents\desktop.ini:gs5sys [3074]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-02-27] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-02-27] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-02-27] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-02-27] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-02-27] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1292141479-613030465-2163202204-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Miloslav Neužil\AppData\Roaming\ZBWallpaper_42.bmp
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{177D78C5-CD7A-4E4E-A9AA-988C35230E21}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{289B9876-563B-4741-96F8-4ED2B0E4F302}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{24725F16-01F6-4C3C-8469-D821ED9CA9C1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D49A65C2-095F-4BD1-8D95-247789C697B7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F8DA4AC4-1CAC-4A9B-B80F-11001DC13F99}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{2A630ACB-BE38-4352-A002-7A60D148788A}D:\x-plane 11\x-plane.exe] => (Allow) D:\x-plane 11\x-plane.exe (Laminar Research, LLC -> Laminar Research)
FirewallRules: [UDP Query User{D7E783F5-CC98-458D-894C-F9E61A7B2E33}D:\x-plane 11\x-plane.exe] => (Allow) D:\x-plane 11\x-plane.exe (Laminar Research, LLC -> Laminar Research)
FirewallRules: [{359792C6-E028-4084-9470-685702D4E817}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M129-M134\bin\EWSProxy.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{B674B6FE-2BDF-4335-90D2-881A7FF1B3C3}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M129-M134\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{4FBC1DCB-4BB4-4755-B680-CD9A58A9EBA2}] => (Allow) LPort=5357
FirewallRules: [{558CBED6-B4AA-48EB-86A2-B7CFC54CFD72}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M129-M134\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{3098E8BB-BD13-451B-AE3A-D498B9936C41}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M129-M134\bin\FaxApplications.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{370A7050-3028-4341-AB0E-BFB78EF8D161}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M129-M134\bin\DigitalWizards.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{26BC518C-B278-4A32-B234-8BAE13C75231}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M129-M134\bin\SendAFax.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{AAC0D059-1555-4327-997F-AE632F536F19}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M129-M134\bin\FaxPrinterUtility.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{37D7010F-3F07-4C9E-94EF-1D5F1BCE5DC8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{7F49CA9D-6097-4B73-B743-6E450C75AD35}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{2F1C1C0F-CAEB-49EA-8F08-B0C74A1304DE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{15359610-960E-4810-B8F0-763A2264D8C8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{C181E3D9-545E-4AD2-B58A-4BA5096F7484}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{66370540-7773-4681-A0E9-4AA056194C02}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{D8A8D8CD-A3A5-4D75-8E39-F228835FF40F}] => (Allow) D:\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{6DF09158-B700-48F3-B280-817CDA45BF32}] => (Allow) D:\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{578B1C97-5A43-4862-83BF-E038FC6EB9FF}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{C56C7F90-F7A7-4392-999E-D21366D3114C}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)

==================== Restore Points =========================

26-02-2022 19:18:32 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/27/2022 10:06:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Corel Paint Shop Pro Photo.exe, verze: 12.0.1.1, časové razítko: 0x478d13e9
Název chybujícího modulu: igCGM15d.dll_unloaded, verze: 15.2.1.0, časové razítko: 0x46411fe9
Kód výjimky: 0xc0000005
Posun chyby: 0x0000a820
ID chybujícího procesu: 0x1984
Čas spuštění chybující aplikace: 0x01d82bb9479aa3e7
Cesta k chybující aplikaci: C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\Corel Paint Shop Pro Photo.exe
Cesta k chybujícímu modulu: igCGM15d.dll
ID zprávy: d527ef52-2478-4d99-9365-6f98b90cd305
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/27/2022 09:38:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Corel Paint Shop Pro Photo.exe, verze: 12.0.1.1, časové razítko: 0x478d13e9
Název chybujícího modulu: igCAD15d.dll_unloaded, verze: 15.2.1.0, časové razítko: 0x4641204f
Kód výjimky: 0xc0000005
Posun chyby: 0x0001ec30
ID chybujícího procesu: 0x3970
Čas spuštění chybující aplikace: 0x01d82bb553e4c937
Cesta k chybující aplikaci: C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\Corel Paint Shop Pro Photo.exe
Cesta k chybujícímu modulu: igCAD15d.dll
ID zprávy: bfa844ea-bdc1-48d8-b749-6b8487b1c3fb
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/27/2022 09:35:16 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program BDEADMIN.EXE verze 5.1.0.4 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 3e24

Čas spuštění: 01d82bb4b5501d49

Čas ukončení: 4

Cesta k aplikaci: C:\Program Files (x86)\Common Files\Borland Shared\BDE\BDEADMIN.EXE

ID hlášení: 365cc6a3-83ec-4bbe-aa45-0dee60305251

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (02/27/2022 09:32:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: regsvr32.exe, verze: 10.0.19041.1, časové razítko: 0x02a48164
Název chybujícího modulu: bdeinst.dll, verze: 0.0.0.0, časové razítko: 0x2a425e19
Kód výjimky: 0xc0000005
Posun chyby: 0x00015400
ID chybujícího procesu: 0x3898
Čas spuštění chybující aplikace: 0x01d82bb48debc358
Cesta k chybující aplikaci: C:\WINDOWS\SysWOW64\regsvr32.exe
Cesta k chybujícímu modulu: C:\Users\MILOSL~1\AppData\Local\Temp\is-0G42B.tmp\bdeinst.dll
ID zprávy: 2de913f5-3f02-40d2-ac4c-557d962deb56
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/27/2022 09:31:47 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Adresy.exe verze 7.0.0.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 3ccc

Čas spuštění: 01d82bb46848339d

Čas ukončení: 3

Cesta k aplikaci: C:\Program Files (x86)\NeuSoft\Adresy\Adresy.exe

ID hlášení: 2cf8cdf7-f962-478c-b32e-be77c0a80e8b

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (02/27/2022 09:31:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Adresy.exe, verze: 7.0.0.0, časové razítko: 0x2a425e19
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1566, časové razítko: 0xea471ca7
Kód výjimky: 0x0eedfade
Posun chyby: 0x0012b922
ID chybujícího procesu: 0x3ccc
Čas spuštění chybující aplikace: 0x01d82bb46848339d
Cesta k chybující aplikaci: C:\Program Files (x86)\NeuSoft\Adresy\Adresy.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 266b83a1-2183-46ca-b25d-55f98e3d3293
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/27/2022 08:48:24 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (02/27/2022 08:48:24 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]


System errors:
=============
Error: (02/27/2022 08:49:25 AM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.

Error: (02/27/2022 08:48:19 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-91G8VB2)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/27/2022 08:48:19 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-91G8VB2)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/27/2022 08:48:19 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-91G8VB2)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/27/2022 08:48:19 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-91G8VB2)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/27/2022 08:48:19 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-91G8VB2)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/27/2022 08:48:19 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-91G8VB2)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/27/2022 08:48:19 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-91G8VB2)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
================
Date: 2022-02-27 13:33:25
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Miloslav Neužil\AppData\Local\Comms\Unistore\data\7\d\10000003000000073701.dat
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Uživatel
Uživatel: DESKTOP-91G8VB2\Miloslav Neužil
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.359.1013.0, AS: 1.359.1013.0, NIS: 1.359.1013.0
Verze modulu: AM: 1.1.18900.3, NIS: 1.1.18900.3

Date: 2022-02-27 13:21:24
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win64/ProductKey.G!MSR
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: containerfile:_M:\C\INSTALL\produkey-x64.zip; containerfile:_M:\FileHistory\Miloslav\DESKTOP-91G8VB2 (3)\Data\C\INSTALL\produkey-x64 (2020_09_26 15_54_34 UTC).zip; file:_M:\C\INSTALL\produkey-x64.zip->ProduKey.exe; file:_M:\FileHistory\Miloslav\DESKTOP-91G8VB2 (3)\Data\C\INSTALL\produkey-x64 (2020_09_26 15_54_34 UTC).zip->ProduKey.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Uživatel
Uživatel: DESKTOP-91G8VB2\Miloslav Neužil
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.359.1013.0, AS: 1.359.1013.0, NIS: 1.359.1013.0
Verze modulu: AM: 1.1.18900.3, NIS: 1.1.18900.3

Date: 2022-02-27 13:21:24
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Ransom:Win32/Cobra
Závažnost: Vážné
Kategorie: Ransomware
Cesta: containerfile:_M:\C\INSTALL\spojeni-avi-souboru.zip; containerfile:_M:\FileHistory\Miloslav\DESKTOP-91G8VB2 (3)\Data\C\INSTALL\spojeni-avi-souboru (2020_09_26 15_54_34 UTC).zip; file:_M:\C\INSTALL\spojeni-avi-souboru.zip->spojeni avi souboru/Keygen.exe; file:_M:\FileHistory\Miloslav\DESKTOP-91G8VB2 (3)\Data\C\INSTALL\spojeni-avi-souboru (2020_09_26 15_54_34 UTC).zip->spojeni avi souboru/Keygen.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Uživatel
Uživatel: DESKTOP-91G8VB2\Miloslav Neužil
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.359.1013.0, AS: 1.359.1013.0, NIS: 1.359.1013.0
Verze modulu: AM: 1.1.18900.3, NIS: 1.1.18900.3

Date: 2022-02-27 10:08:20
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {6D6599AB-674B-4FEE-9421-616FEFF62225}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Vlastní prohledávání
Uživatel: DESKTOP-91G8VB2\Miloslav Neužil

Date: 2022-02-27 10:04:03
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Miloslav Neužil\AppData\Local\Comms\Unistore\data\temp\0044a0f8s10000003000000073701.dat
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-91G8VB2\Miloslav Neužil
Název procesu: C:\Windows\System32\svchost.exe
Verze bezpečnostních informací: AV: 1.359.1013.0, AS: 1.359.1013.0, NIS: 1.359.1013.0
Verze modulu: AM: 1.1.18900.3, NIS: 1.1.18900.3

==================== Memory info ===========================

BIOS: American Megatrends Inc. 1.I0 06/26/2018
Motherboard: MSI Z170A GAMING M5 (MS-7977)
Processor: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz
Percentage of memory in use: 24%
Total physical RAM: 32728.2 MB
Available physical RAM: 24767.43 MB
Total Virtual: 37848.2 MB
Available Virtual: 28785.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:487.27 GB) (Free:301.58 GB) NTFS
Drive d: () (Fixed) (Total:1374.73 GB) (Free:907.94 GB) NTFS
Drive k: (MFS DISK 1) (CDROM) (Total:7.95 GB) (Free:0 GB) UDF

\\?\Volume{63569d8a-0000-0000-0000-100000000000}\ () (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{63569d8a-0000-0000-0000-a0f079000000}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 63569D8A)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=487.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=534 MB) - (Type=27)
Partition 4: (Not Active) - (Size=1374.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Re: Stále se vrací Wacatac

Napsal: 27 úno 2022 15:24
od Rudy
Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: Stále se vrací Wacatac

Napsal: 27 úno 2022 15:47
od Miloslav
Posílám výsledek, mám dojem, že to ale nic nenašlo. W-defender dal soubor do karantény (dnes dopoledne) a za chvíli se tam objevilo varování znovu. Pokud o další odstranění nebo přesunutí do karantény už nešlo udělat. Teď jsem to zkusil znovu a povedlo se, je v karanténě.

# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2022-02-03.4 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 02-27-2022
# Duration: 00:00:04
# OS: Windows 10 Pro
# Scanned: 32032
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Re: Stále se vrací Wacatac

Napsal: 27 úno 2022 16:40
od Rudy
Toto je OK. Přesuňte FRST na plochu, otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcvesses:
HKLM-x32\...\Run: [AsioThk32Reg] => REGSVR32.EXE /S CTASIO.DLL (No File)
HKU\S-1-5-21-1292141479-613030465-2163202204-1001\...\MountPoints2: {61d98a3c-058d-11eb-9fde-806e6f6e6963} - "K:\setup.exe"
C:\Users\Miloslav Neužil\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
AlternateDataStreams: C:\Users\Miloslav Neužil\Desktop\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\Miloslav Neužil\Documents\desktop.ini:gs5sys [3074]
C:\Users\Miloslav Neužil\AppData\Local\Comms\Unistore\data\7\d\10000003000000073701.dat
M:\C\INSTALL\produkey-x64.zip; containerfile:_M:\FileHistory\Miloslav\DESKTOP-91G8VB2 (3)\Data\C\INSTALL\produkey-x64 (2020_09_26 15_54_34 UTC).zip
M:\C\INSTALL\spojeni-avi-souboru.zip->spojeni avi souboru/Keygen.exe

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Stále se vrací Wacatac

Napsal: 27 úno 2022 17:02
od Miloslav
Po kliknutí na FIX se PC restartoval. Soubor, který vznikl, posílám.

Fix result of Farbar Recovery Scan Tool (x64) Version: 27-02-2022
Ran by Miloslav Neužil (27-02-2022 16:54:48) Run:1
Running from C:\Users\Miloslav Neužil\Desktop
Loaded Profiles: Miloslav Neužil
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcvesses:
HKLM-x32\...\Run: [AsioThk32Reg] => REGSVR32.EXE /S CTASIO.DLL (No File)
HKU\S-1-5-21-1292141479-613030465-2163202204-1001\...\MountPoints2: {61d98a3c-058d-11eb-9fde-806e6f6e6963} - "K:\setup.exe"
C:\Users\Miloslav Neužil\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
AlternateDataStreams: C:\Users\Miloslav Neužil\Desktop\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\Miloslav Neužil\Documents\desktop.ini:gs5sys [3074]
C:\Users\Miloslav Neužil\AppData\Local\Comms\Unistore\data\7\d\10000003000000073701.dat
M:\C\INSTALL\produkey-x64.zip; containerfile:_M:\FileHistory\Miloslav\DESKTOP-91G8VB2 (3)\Data\C\INSTALL\produkey-x64 (2020_09_26 15_54_34 UTC).zip
M:\C\INSTALL\spojeni-avi-souboru.zip->spojeni avi souboru/Keygen.exe

EmptyTemp:
End
*****************

CloseProcvesses: => Error: No automatic fix found for this entry.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AsioThk32Reg" => removed successfully
HKU\S-1-5-21-1292141479-613030465-2163202204-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{61d98a3c-058d-11eb-9fde-806e6f6e6963} => removed successfully
C:\Users\Miloslav Neužil\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\Users\Miloslav Neužil\Desktop\desktop.ini => ":gs5sys" ADS removed successfully
C:\Users\Miloslav Neužil\Documents\desktop.ini => ":gs5sys" ADS removed successfully
"C:\Users\Miloslav Neužil\AppData\Local\Comms\Unistore\data\7\d\10000003000000073701.dat" => not found
"M:\C\INSTALL\produkey-x64.zip; containerfile:_M:\FileHistory\Miloslav\DESKTOP-91G8VB2 (3)\Data\C\INSTALL\produkey-x64 (2020_09_26 15_54_34 UTC).zip" => not found
"M:\C\INSTALL\spojeni-avi-souboru.zip->spojeni avi souboru\Keygen.exe" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 14811916 B
Java, Flash, Steam htmlcache => 9065720 B
Windows/system/drivers => 45311855 B
Edge => 0 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 758 B
LocalService => 758 B
NetworkService => 6046 B
Miloslav Neužil => 432595035 B

RecycleBin => 1072 B
EmptyTemp: => 480 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 16:55:18 ====

Re: Stále se vrací Wacatac

Napsal: 27 úno 2022 17:51
od Rudy
Smazáno. Nastala nějaká změna?

Re: Stále se vrací Wacatac

Napsal: 27 úno 2022 17:56
od Miloslav
Vir se zatím neukázal a doufám, že to tak zůstane. Pokud ne, dal bych vědět, určitě během 1 - 2 dní. V každém případě Vás obdivuji a děkuji za čas, který jste mi věnoval.

Re: Stále se vrací Wacatac

Napsal: 27 úno 2022 18:52
od Rudy
Děkuji a vy nemáte zač! :)

Re: Stále se vrací Wacatac

Napsal: 01 bře 2022 07:49
od Miloslav
Vir už se opravdu neobjevil, ještě jednou upřímně děkuji a posílám příspěvek.

Re: Stále se vrací Wacatac

Napsal: 01 bře 2022 10:01
od Rudy
Děkujeme za příspěvek a vy nemáte zač! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz