VIRY.CZ

Dobrý den , poprosil bych o kontrolu RSIT logu, ntb je pomalý. děkuji.


Logfile of random's system information tool 1.10 (written by random/random)
Run by zippy at 2022-05-08 18:02:16
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 40 GB (21%) free of 190 GB
Total RAM: 3965 MB (26% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:06:19, on 8.5.2022
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19597)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2RPK.EXE
C:\Windows\system32\spool\DRIVERS\x64\3\CNAB8SWK.EXE
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\SysWOW64\svchost.exe
C:\Program Files\trend micro\zippy.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
O4 - HKCU\..\Run: [GoogleDriveFS] C:\Program Files\Google\Drive File Stream\57.0.5.0\GoogleDriveFS.exe --startup_mode
O4 - HKUS\S-1-5-19\..\Run: [GoogleDriveFS] C:\Program Files\Google\Drive File Stream\57.0.5.0\GoogleDriveFS.exe --startup_mode (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [GoogleDriveFS] C:\Program Files\Google\Drive File Stream\57.0.5.0\GoogleDriveFS.exe --startup_mode (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [GoogleDriveFS] C:\Program Files\Google\Drive File Stream\57.0.5.0\GoogleDriveFS.exe --startup_mode (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GoogleDriveFS] C:\Program Files\Google\Drive File Stream\57.0.5.0\GoogleDriveFS.exe --startup_mode (User 'Default user')
O4 - Startup: RT-Updater-SVO.lnk = C:\Ross-Tech\VCDS SVO 20.4.2\VCDS.exe
O4 - Startup: RT-Updater.lnk = C:\Ross-Tech\VCDS 20.4.1\VCDS.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~1\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat do Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm
O8 - Extra context menu item: Poslat do On&eNotu - res://C:\PROGRA~1\MICROS~1\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra button: Odeslat do Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O9 - Extra 'Tools' menuitem: Odeslat do Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Unknown owner - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: AsusFPService - Unknown owner - C:\Program Files (x86)\ASUS\FingerPrint\AsusFPService_x64.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: BBGate DMS-Backbone Service (BBGate) - VOLKSWAGEN AG - D:\srv_apps\bbgate\BBGate.exe
O23 - Service: BBGate-HTTPD - Unknown owner - D:\srv_apps\bbgate\Apache.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Crypkey License - Unknown owner - crypserv.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: Intel(R) Dynamic Platform and Thermal Framework Processor Participant Service Application (DptfParticipantProcessorService) - Unknown owner - C:\Windows\system32\DptfParticipantProcessorService.exe (file missing)
O23 - Service: Intel(R) Dynamic Platform and Thermal Framework Config TDP Service Application (DptfPolicyConfigTDPService) - Unknown owner - C:\Windows\system32\DptfPolicyConfigTDPService.exe (file missing)
O23 - Service: Intel(R) Driver & Support Assistant (DSAService) - Intel - C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
O23 - Service: Intel(R) Driver & Support Assistant Updater (DSAUpdateService) - Unknown owner - C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\101.0.4951.54\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (file missing)
O23 - Service: Intel(R) SUR QC Software Asset Manager (Intel(R) SUR QC SAM) - Intel Corporation - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
O23 - Service: Intel(R) Small Business Advantage (intelsba) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
O23 - Service: ISCT Always Updated Agent (ISCTAgent) - Unknown owner - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\Windows\SysWOW64\rpcnet.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: ASUS Virtual MFP Service (UsbService) - Unknown owner - C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14771 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
C:\Windows\system32\WLANExt.exe 26249824
\??\C:\Windows\system32\conhost.exe "-1108175214-2094172567-1106652515700428011341132422-20282772401092731827552681536
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\microsoft.net\framework\v2.0.50727\RegAsm.exe /u C:\ProgramData\NationAssets\AdvaiceSehrch\dojrVhell_DLM.dll
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
ATKOSD.exe
\??\C:\Windows\system32\conhost.exe "-1868255532-2058451338-504817963-6702781251253277493451535922-1311487633336516706
"taskhost.exe"
"C:\Program Files (x86)\ASUS\FingerPrint\AsusFPService_x64.exe"
KBFiltr.exe
WDC.exe
D:\srv_apps\bbgate\BBGate.exe
"D:\srv_apps\bbgate\Apache.exe"
"C:\Program Files\Google\Drive File Stream\57.0.4.0\crashpad_handler.exe" --database=C:\Users\zippy\AppData\Local\Google\DriveFS\Crashpad --url=https://clients2.google.com/cr/report --annotation=application=Explorer.EXE --annotation=prod=DriveFS --annotation=ver=57.0.4.0 --initial-client-data=0x1e0,0x1e4,0x1e8,0x1b4,0x1ec,0x7fef7c1d3e0,0x7fef7c1d3f0,0x7fef7c1d400
"D:\srv_apps\bbgate\Apache.exe" -Z ap2264_C1 -f "d:/srv_apps/bbgate/httpd.conf"
\??\C:\Windows\system32\conhost.exe "-561863043-12845106411614457798-4370032959465173111730550037-522603119-856494872
crypserv.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\DptfParticipantProcessorService.exe
"C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe"
"C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"
"c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS
"c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe" -sMSSQLSERVER
"C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"c:\Program Files\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe"
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe"
C:\Windows\system32\viakaraokesrv.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 4304
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe"
"c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe" -s MSSQL10_50.MSSQLSERVER
"c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdhost.exe" "MSSQL10_50.MSSQLSERVERFf02614e8f901cf408af9a4ef1b25c936288fo555" "MSSQL10_50.MSSQLSERVER" "MSSQL10_50.MSSQLSERVER" "8" "" "4096" "M" "0" "" "" ""
\??\C:\Windows\system32\conhost.exe "1487344105500652782-1486867265-1629535173-72566227-101653682775491377-1900456896
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-a900d658-51ed-4ee9-81b3-87b6d1fa76e3 -SystemEventPortName:HostProcess-2eb9ca6c-7b98-4f1d-b0bf-c106d5fc8c76 -IoCancelEventPortName:HostProcess-bedcf2bd-0481-49ad-bd67-cc7f3ec169e6 -NonStateChangingEventPortName:HostProcess-b025652b-e7d1-48b1-963b-8d2a4607f704 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:443031b9-30a0-4724-8c31-2fc4ca001194 -DeviceGroupId:
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVShNotify.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVShNotify.exe"
"taskhost.exe"
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2RPK.EXE
C:\Windows\system32\spool\DRIVERS\x64\3\CNAB8SWK.EXE !hide Canon LBP3010/LBP3018/LBP3050
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Google\Drive File Stream\57.0.5.0\crashpad_handler.exe" --database=C:\Users\zippy\AppData\Local\Google\DriveFS\Crashpad --url=https://clients2.google.com/cr/report --annotation=application=Explorer.EXE --annotation=prod=DriveFS --annotation=ver=57.0.5.0 --initial-client-data=0x14e8,0x1540,0x15f8,0x1938,0x1738,0x7feb912d3e0,0x7feb912d3f0,0x7feb912d400
"C:\Program Files\Google\Drive File Stream\57.0.5.0\crashpad_handler.exe" --database=C:\Users\zippy\AppData\Local\Google\DriveFS\Crashpad --url=https://clients2.google.com/cr/report --annotation=application=Explorer.EXE --annotation=prod=DriveFS --annotation=ver=57.0.5.0 --initial-client-data=0x152c,0x1614,0xf50,0x1524,0x1260,0x7feb787d3e0,0x7feb787d3f0,0x7feb787d400
"C:\Program Files\Google\Drive File Stream\57.0.5.0\crashpad_handler.exe" --database=C:\Users\zippy\AppData\Local\Google\DriveFS\Crashpad --url=https://clients2.google.com/cr/report --annotation=application=Explorer.EXE --annotation=prod=DriveFS --annotation=ver=57.0.5.0 --initial-client-data=0x1610,0x16e4,0x1710,0x15f4,0x146c,0x7feb787d3e0,0x7feb787d3f0,0x7feb787d400
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\SysWOW64\svchost.exe
C:\Windows\SysWOW64\svchost.exe
"C:\Program Files\Microsoft Security Client\msseces.exe"
C:\Windows\system32\DllHost.exe /Processid:{A79DB36D-6218-48E6-9EC9-DCBA9A39BF00}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\zippy\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\zippy\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\zippy\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=101.0.4951.54 --initial-client-data=0xb0,0xb4,0xb8,0x84,0xbc,0x7fef2f9b520,0x7fef2f9b530,0x7fef2f9b540
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1148 --field-trial-handle=1188,i,9252199297338958574,15112238677628852052,131072 /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=cs --service-sandbox-type=none --mojo-platform-channel-handle=1396 --field-trial-handle=1188,i,9252199297338958574,15112238677628852052,131072 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=cs --service-sandbox-type=utility --mojo-platform-channel-handle=1516 --field-trial-handle=1188,i,9252199297338958574,15112238677628852052,131072 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=15 --launch-time-ticks=703309569018 --mojo-platform-channel-handle=4764 --field-trial-handle=1188,i,9252199297338958574,15112238677628852052,131072 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=21 --launch-time-ticks=703382540716 --mojo-platform-channel-handle=7860 --field-trial-handle=1188,i,9252199297338958574,15112238677628852052,131072 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=22 --launch-time-ticks=703384233356 --mojo-platform-channel-handle=7100 --field-trial-handle=1188,i,9252199297338958574,15112238677628852052,131072 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=23 --launch-time-ticks=703396084186 --mojo-platform-channel-handle=2200 --field-trial-handle=1188,i,9252199297338958574,15112238677628852052,131072 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=24 --launch-time-ticks=703409187765 --mojo-platform-channel-handle=2984 --field-trial-handle=1188,i,9252199297338958574,15112238677628852052,131072 /prefetch:1
"C:\Program Files\Google\Drive File Stream\57.0.5.0\crashpad_handler.exe" --database=C:\Users\zippy\AppData\Local\Google\DriveFS\Crashpad --url=https://clients2.google.com/cr/report --annotation=application=chrome.exe --annotation=prod=DriveFS --annotation=ver=57.0.5.0 --initial-client-data=0x1b64,0x15c0,0x15b4,0x15b0,0x98c,0x7fed3bfd3e0,0x7fed3bfd3f0,0x7fed3bfd400

"C:\Users\zippy\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=41 --launch-time-ticks=703587905259 --mojo-platform-channel-handle=2560 --field-trial-handle=1188,i,9252199297338958574,15112238677628852052,131072 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=42 --launch-time-ticks=703601030015 --mojo-platform-channel-handle=5432 --field-trial-handle=1188,i,9252199297338958574,15112238677628852052,131072 /prefetch:1
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe52_ Global\UsGthrCtrlFltPipeMssGthrPipe52 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=51 --launch-time-ticks=703704356779 --mojo-platform-channel-handle=8340 --field-trial-handle=1188,i,9252199297338958574,15112238677628852052,131072 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=55 --launch-time-ticks=703721621768 --mojo-platform-channel-handle=8244 --field-trial-handle=1188,i,9252199297338958574,15112238677628852052,131072 /prefetch:1


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-04-04 571456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2021-11-14 984496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-04-04 234560]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-11-14 157904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2021-11-14 687536]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2021-11-14 2595208]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveFS"=C:\Program Files\Google\Drive File Stream\57.0.5.0\GoogleDriveFS.exe [2022-04-14 53934992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Smart Cleaning]
C:\Program Files\CCleaner\CCleaner64.exe [2022-01-25 35320448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent]
C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [2012-10-23 3108480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_05A2DD7A5AB557BE38B88C67EC7FFE53]
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2022-04-30 2622352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]
c:\Program Files\Microsoft Security Client\msseces.exe [2016-11-14 1353680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
D:\Steam\steam.exe -silent []

C:\Users\zippy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
RT-Updater-SVO.lnk - C:\Ross-Tech\VCDS SVO 20.4.2\VCDS.exe
RT-Updater.lnk - C:\Ross-Tech\VCDS 20.4.1\VCDS.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-05-22 436224]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\rpcnet]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McNaiAnn]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rpcnet]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open -
.scr - install -
.scr - config -
.txt - open - "C:\Program Files (x86)\PSPad editor\PSPad.exe" "%1"

======List of files/folders created in the last 1 month======

2022-05-08 18:02:17 ----D---- C:\Program Files\trend micro
2022-05-08 18:02:16 ----D---- C:\rsit
2022-04-30 14:42:27 ----A---- C:\Windows\system32\WPRO_41_2001woem.tmp
2022-04-15 22:57:27 ----D---- C:\AdwCleaner

======List of files/folders modified in the last 1 month======

2022-05-08 18:06:04 ----D---- C:\Windows\Temp
2022-05-08 18:02:52 ----D---- C:\Windows\Prefetch
2022-05-08 18:02:17 ----RD---- C:\Program Files
2022-05-08 17:50:48 ----D---- C:\Windows\system32\DriverStore
2022-05-08 17:10:29 ----D---- C:\Program Files (x86)\Google
2022-05-08 15:29:17 ----D---- C:\Windows\system32\config
2022-05-08 10:59:41 ----D---- C:\ProgramData\NationAssets
2022-05-08 10:59:41 ----D---- C:\Program Files (x86)\Cisco
2022-05-08 10:36:06 ----SHD---- C:\System Volume Information
2022-05-08 10:02:18 ----A---- C:\Windows\SYSWOW64\log.txt
2022-05-01 12:04:44 ----SHD---- C:\Windows\Installer
2022-05-01 12:04:43 ----SHD---- C:\Config.Msi
2022-05-01 12:04:38 ----D---- C:\Windows\system32\Tasks
2022-05-01 11:58:51 ----D---- C:\Windows\SysWOW64
2022-05-01 00:56:43 ----D---- C:\Windows\System32
2022-04-30 15:24:24 ----D---- C:\Windows\Microsoft.NET
2022-04-30 15:07:54 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2022-04-30 15:06:43 ----D---- C:\Program Files\Common Files\Microsoft Shared
2022-04-30 14:59:12 ----D---- C:\Program Files\Microsoft Office
2022-04-30 14:51:13 ----D---- C:\Windows\inf
2022-04-30 14:51:13 ----A---- C:\Windows\system32\PerfStringBackup.INI
2022-04-30 14:42:06 ----A---- C:\Windows\system32\rpcnetp.exe
2022-04-30 14:42:04 ----A---- C:\Windows\SYSWOW64\rpcnet.dll
2022-04-24 15:49:09 ----D---- C:\Windows\winsxs
2022-04-15 23:34:33 ----D---- C:\Windows\system32\catroot
2022-04-15 23:33:33 ----D---- C:\Windows\system32\MRT
2022-04-15 23:02:55 ----AC---- C:\Windows\system32\MRT.exe
2022-04-15 17:08:24 ----D---- C:\Program Files (x86)
2022-04-15 17:04:10 ----D---- C:\Program Files (x86)\Common Files
2022-04-15 17:04:04 ----D---- C:\Windows\system32\drivers
2022-04-15 17:03:37 ----D---- C:\Windows
2022-04-15 17:00:38 ----DC---- C:\Windows\system32\DRVSTORE
2022-04-15 16:57:18 ----AD---- C:\adb
2022-04-15 16:57:05 ----D---- C:\Program Files (x86)\Sonork
2022-04-15 16:53:28 ----D---- C:\Program Files (x86)\Chimera

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 assd;assd; C:\Windows\system32\drivers\assd.sys [2012-08-21 31104]
R0 iaStorA;iaStorA; C:\Windows\system32\drivers\iaStorA.sys [2012-09-14 647736]
R0 iaStorF;iaStorF; C:\Windows\system32\drivers\iaStorF.sys [2012-09-14 28216]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-05-20 19264]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2016-08-25 295000]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2018-11-20 564824]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer; C:\Windows\system32\DRIVERS\stdcfltn.sys [2011-07-16 22128]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2018-06-29 516096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2018-11-20 283200]
R1 googledrivefs3758;googledrivefs3758; C:\Windows\system32\DRIVERS\googledrivefs3758.sys [2022-04-13 386632]
R1 NetworkX;NetworkX; C:\Windows\syswow64\ckldrv.sys []
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R3 acpials;ALS Sensor Filter; C:\Windows\system32\DRIVERS\acpials.sys [2009-07-14 9728]
R3 AiCharger;ASUS Charger Driver; C:\Windows\system32\DRIVERS\AiCharger.sys [2012-09-18 17152]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter; C:\Windows\system32\DRIVERS\AMPPAL.sys [2012-03-15 198144]
R3 DptfDevDram;DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [2012-10-01 107328]
R3 DptfDevFan;DptfDevFan; C:\Windows\system32\DRIVERS\DptfDevFan.sys [2012-10-01 42816]
R3 DptfDevGen;DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [2012-10-01 64832]
R3 DptfDevPch;DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [2012-10-01 96576]
R3 DptfDevProc;DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [2012-10-01 229184]
R3 DptfManager;DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [2012-10-01 363328]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2018-06-17 30264]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2018-06-17 47160]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2011-12-20 358576]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2012-07-29 309584]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-05-22 14759136]
R3 ikbevent;Intel Upper keyboard Class Filter Driver; C:\Windows\system32\DRIVERS\ikbevent.sys [2012-08-17 20968]
R3 imsevent;Intel Upper Mouse Class Filter Driver; C:\Windows\system32\DRIVERS\imsevent.sys [2012-08-17 19944]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-05-25 331264]
R3 ISCT;Intel(R) Smart Connect Technology Device Driver; C:\Windows\system32\DRIVERS\ISCTD64.sys [2012-08-17 46016]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-05-20 357184]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-05-20 789824]
R3 iwdbus;IWD Bus Enumerator; C:\Windows\system32\DRIVERS\iwdbus.sys [2012-08-10 25528]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2012-08-05 17280]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-03 62784]
R3 MpKsla829a9a5;MpKsla829a9a5; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7D47614B-E75F-4690-9F10-BF61D6937EB2}\MpKslDrv.sys [2022-05-08 48360]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\Netwsw00.sys [2012-06-03 11499008]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2016-08-25 135928]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2012-05-21 339088]
R3 ST_ACCEL;STMicroelectronics Accelerometer Service; C:\Windows\system32\DRIVERS\ST_ACCEL.sys [2012-05-21 67184]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2016-02-05 147904]
S0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys []
S1 fkwktvhs;fkwktvhs; \??\C:\Windows\system32\drivers\fkwktvhs.sys []
S2 HOSTNT;HOSTNT; C:\Windows\system32\drivers\HOSTNT.sys []
S2 multikey;Virtual USB MultiKey; C:\Windows\system32\DRIVERS\multikey.sys [2021-01-11 67584]
S2 NSHE;Guardant Emulator Driver; \??\C:\Windows\system32\Drivers\NSHE.SYS []
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol; C:\Windows\system32\DRIVERS\amppal.sys [2012-03-15 198144]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2019-07-30 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\drivers\bthpan.sys [2017-07-06 119296]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2019-07-30 556032]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2019-07-30 80384]
S3 btmaudio;Intel Bluetooth Audio Service; C:\Windows\system32\drivers\btmaud.sys [2012-05-21 80896]
S3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys [2012-05-21 111104]
S3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [2012-06-10 849408]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2016-09-05 131712]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 71168]
S3 edicusb;Softing EDIC USB Communication Driver; C:\Windows\system32\DRIVERS\edicusb7x64.sys [2016-03-01 33944]
S3 ew_usbccgpfilter;HwHandSet_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbccgpfilter.sys [2021-11-08 18944]
S3 FTDIBUS;USB Serial Converter Driver; C:\Windows\system32\drivers\ftdibus.sys [2016-02-01 110912]
S3 FTSER2K;USB Serial Port Driver; C:\Windows\system32\drivers\ftser2k.sys [2016-02-01 95168]
S3 HWHandSet;HWUSBSERSP; C:\Windows\system32\DRIVERS\hw_quusbmdm.sys [2021-11-08 226560]
S3 ibtfltcoex;ibtfltcoex; C:\Windows\system32\DRIVERS\iBtFltCoex.sys [2012-07-10 60928]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2012-08-10 35256]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344]
S3 NSNDIS5;NSNDIS5 NDIS Protocol Driver; \??\C:\Windows\syswow64\NSNDIS5.SYS [2004-03-24 17280]
S3 PCASp60;PCASp60 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp60.sys []
S3 qcusbser;Qualcomm USB Device for Legacy Serial Communication; C:\Windows\system32\DRIVERS\qcusbser.sys [2015-07-09 245248]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RT-USB;Ross-Tech USB driver; C:\Windows\system32\drivers\RT-USB64.SYS [2014-05-12 97152]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2016-09-05 165504]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 teamviewervpn;TeamViewer VPN Adapter; C:\Windows\system32\DRIVERS\teamviewervpn.sys [2015-08-18 35112]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S4 RsFx0153;RsFx0153 Driver; C:\Windows\system32\DRIVERS\RsFx0153.sys [2015-03-30 322736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2021-11-18 169728]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2012-09-11 106880]
R2 AsusFPService;AsusFPService; C:\Program Files (x86)\ASUS\FingerPrint\AsusFPService_x64.exe [2012-09-22 912896]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-22 96896]
R2 BBGate;BBGate DMS-Backbone Service; D:\srv_apps\bbgate\BBGate.exe [2014-03-05 1211392]
R2 BBGate-HTTPD;BBGate-HTTPD; D:\srv_apps\bbgate\Apache.exe [2013-06-20 20480]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-06-19 1095616]
R2 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2012-06-19 1333184]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-06-19 1124288]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-04-24 135952]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2022-03-28 11138976]
R2 Crypkey License;Crypkey License; C:\Windows\system32\crypserv.exe [2008-05-08 122880]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DptfParticipantProcessorService;Intel(R) Dynamic Platform and Thermal Framework Processor Participant Service Application; C:\Windows\system32\DptfParticipantProcessorService.exe [2012-10-01 30080]
R2 DSAService;Intel(R) Driver & Support Assistant; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [2019-10-16 34664]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2012-06-26 628016]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-06-20 634632]
R2 ISCTAgent;ISCT Always Updated Agent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [2012-08-17 149032]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-05 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-19 277824]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2016-11-14 119864]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2015-03-30 62382256]
R2 MSSQLSERVER;SQL Server (MSSQLSERVER); c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [2015-03-30 62382256]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2012-06-26 149296]
R2 ReportServer;SQL Server Reporting Services (MSSQLSERVER); c:\Program Files\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2015-03-30 2194096]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-04-03 146272]
R3 MSSQLFDLauncher;SQL Full-text Filter Daemon Launcher (MSSQLSERVER); c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [2015-03-30 42168]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2016-11-14 361816]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2019-03-28 132792]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2019-03-28 158912]
S2 DptfPolicyConfigTDPService;Intel(R) Dynamic Platform and Thermal Framework Config TDP Service Application; C:\Windows\system32\DptfPolicyConfigTDPService.exe []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-14 144200]
S2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe []
S2 intelsba;Intel(R) Small Business Advantage; C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [2012-07-12 47368]
S2 rpcnet;Remote Procedure Call (RPC) Net; C:\Windows\SysWOW64\rpcnet.exe [2020-04-04 73232]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2019-03-28 54912]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-05-22 276248]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-11-18 1369432]
S3 DSAUpdateService;Intel(R) Driver & Support Assistant Updater; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe []
S3 GoogleChromeElevationService;Google Chrome Elevation Service (GoogleChromeElevationService); C:\Program Files (x86)\Google\Chrome\Application\101.0.4951.54\elevation_service.exe [2022-04-30 1600912]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-14 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2019-12-17 116224]
S3 Intel(R) SUR QC SAM;Intel(R) SUR QC Software Asset Manager; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2017-07-13 18168]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-06-26 272688]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2002-02-01 265592]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2016-12-27 5132888]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2020-12-21 2073888]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-12-07 2429544]
S4 McOobeSv2;McAfee OOBE Service2; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2015-07-21 368048]
S4 mcpltsvc;McAfee Platform Services; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2015-07-21 368048]
S4 McSchedulerSvc;McAfee PC Task Scheduler Service; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2015-07-21 368048]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 59744]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2015-03-30 442536]
S4 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2015-03-30 278704]
S4 SQLSERVERAGENT;SQL Server Agent (MSSQLSERVER); c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [2015-03-30 442536]

-----------------EOF-----------------

Zdravím!
Dejte logy FRST+Addition. RSiT není plně kompatibilní se 64b systémy. Děkuji.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-06-2022 01
Ran by zippy (administrator) on ZIPPY-PC (ASUSTeK COMPUTER INC. B400A) (04-06-2022 10:13:22)
Running from C:\Users\zippy\Desktop
Loaded Profiles: zippy
Platform: Microsoft Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(C:\Program Files (x86)\Google\Update\Install\{94166C86-012B-40DD-9748-297B0B23A3D6}\102.0.5005.63_101.0.4951.67_chrome_updater.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{94166C86-012B-40DD-9748-297B0B23A3D6}\CR_A691D.tmp\setup.exe <2>
(C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe ->) (IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE ->) (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdhost.exe
(explorer.exe ->) (Disc Soft Ltd -> DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <30>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{94166C86-012B-40DD-9748-297B0B23A3D6}\102.0.5005.63_101.0.4951.67_chrome_updater.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\ASUS\FingerPrint\AsusFPService_x64.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe
(services.exe ->) () [File not signed] D:\srv_apps\bbgate\Apache.exe <2>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(services.exe ->) (CrypKey (Canada) Ltd.) [File not signed] C:\Windows\System32\Crypserv.exe
(services.exe ->) (IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(services.exe ->) (Intel Corporation - Business Client Platform Division -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(services.exe ->) (Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(services.exe ->) (Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel(R) Smart Connect software -> ) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(services.exe ->) (Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(services.exe ->) (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(services.exe ->) (Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(services.exe ->) (Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(services.exe ->) (Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(services.exe ->) (Validity Sensors, Inc.) [File not signed] C:\Windows\System32\vcsFPService.exe
(services.exe ->) (VIA Technologies Inc. -> VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(services.exe ->) (VOLKSWAGEN AG) [File not signed] D:\srv_apps\bbgate\BBGate.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(taskeng.exe ->) (Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\58.0.3.0\GoogleDriveFS.exe [55667088 2022-05-16] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\58.0.3.0\GoogleDriveFS.exe [55667088 2022-05-16] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3120791401-419603262-3569886352-1000\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\57.0.5.0\GoogleDriveFS.exe --startup_mode (No File)
HKU\S-1-5-21-3120791401-419603262-3569886352-1000\...\MountPoints2: F - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3120791401-419603262-3569886352-1000\...\MountPoints2: {12577f27-6a9f-11eb-8851-f48092b56344} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3120791401-419603262-3569886352-1000\...\MountPoints2: {1edd4882-4fc2-11eb-89dd-08606e18a8a4} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3120791401-419603262-3569886352-1000\...\MountPoints2: {1edd48b8-4fc2-11eb-89dd-08606e18a8a4} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3120791401-419603262-3569886352-1000\...\MountPoints2: {5bb22c90-ece1-11e8-8ef4-c8f7336ca29f} - E:\OInstall.exe
HKU\S-1-5-21-3120791401-419603262-3569886352-1000\...\MountPoints2: {85c9b526-01bc-11eb-884f-08606e18a8a4} - 华为手机助手安装向导.exe
HKU\S-1-5-21-3120791401-419603262-3569886352-1000\...\MountPoints2: {a219ce85-950b-11ea-832d-c8f7336ca29b} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3120791401-419603262-3569886352-1000\...\MountPoints2: {b3cf6cec-8cbf-11ec-960e-08606e18a8a4} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3120791401-419603262-3569886352-1000\...\MountPoints2: {b3cf6cfe-8cbf-11ec-960e-08606e18a8a4} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\58.0.3.0\GoogleDriveFS.exe [55667088 2022-05-16] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\hpzppWN7: C:\Windows\System32\spool\prtprocs\x64\hpzppWN7.dll [101376 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\CNAP2 Monitor: C:\Windows\system32\CNAP2LMD.DLL [486400 2012-09-03] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Epson Inbox Language Monitor01: C:\Windows\system32\EP0SLM01.DLL [77824 2009-07-14] (Microsoft Windows -> SEIKO EPSON CORPORATION)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\101.0.4951.67\Installer\chrmstp.exe [2022-05-28] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2022-04-07] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{0CE326A8-C767-433F-82B9-601B2A27321E}] -> C:\Windows\system32\AsusFPCredentialProvider.dll [2012-09-22] () [File not signed]
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\Users\zippy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RT-Updater-SVO.lnk [2021-10-09]
ShortcutTarget: RT-Updater-SVO.lnk -> C:\Ross-Tech\VCDS SVO 20.4.2\VCDS.exe (Ross-Tech, LLC -> Ross-Tech, LLC)
Startup: C:\Users\zippy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RT-Updater.lnk [2021-06-29]
ShortcutTarget: RT-Updater.lnk -> C:\Ross-Tech\VCDS 20.4.1\VCDS.EXE (Ross-Tech, LLC -> Ross-Tech, LLC)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0643BCDB-A9D9-426E-9E4D-24B3ADE03E5D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24614336 2022-05-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {135535C8-87DC-49D7-A74C-6A6F740C9D6D} - System32\Tasks\GoogleUpdateTaskMachineCore{AE6DF576-7FA7-4A59-B2DE-0CBA3D08FD52} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-14] (Google Inc -> Google Inc.)
Task: {18492137-DC19-480D-B1F5-F32DCA8583E9} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [410784 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {25DCCC94-2C25-4905-A720-8CECF9155877} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24614336 2022-05-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {341F4081-BD7A-4B52-A210-E828B1E59A8A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6158752 2022-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {3F6CA75B-AE11-4062-A832-52EAA2AE782B} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {41465486-A1F1-4FAA-971E-188DFC961961} - System32\Tasks\{FBE65720-74A3-46C9-8FFE-EDFB6F691276} => C:\Windows\system32\pcalua.exe -a "C:\Users\zippy\Downloads\Huawei_Android_phone_drivers\Huawei Android phone drivers\DriverSetup.exe" -d "C:\Users\zippy\Downloads\Huawei_Android_phone_drivers\Huawei Android phone drivers"
Task: {554ED453-7B86-46F4-9F93-E3048A84F2EE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6158752 2022-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {7C80FDDF-E975-4694-B471-6F2B4B7F9C1D} - System32\Tasks\GoogleUpdateTaskMachineUA{163BD96A-C5C9-4028-A12E-59D4998602C8} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-14] (Google Inc -> Google Inc.)
Task: {B46545DA-BAF2-4AD9-8ADA-BE67C3644E88} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [160680 2022-05-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {C35DA3D0-B5AD-4D23-A947-7C002497BDC1} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [160680 2022-05-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {D85FE754-5673-44D6-BB0D-14CDF4EF8B2F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 10.255.255.10 10.255.255.20 8.8.8.8
Tcpip\..\Interfaces\{132EF034-57AE-4B13-8DC5-8596BB8B0D63}: [DhcpNameServer] 10.255.255.10 10.255.255.20 8.8.8.8
Tcpip\..\Interfaces\{97F296BA-EF48-4F4C-BAD8-75275EC90D86}: [DhcpNameServer] 10.255.255.10 10.255.255.20 8.8.8.8

Edge:
=======
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => not found
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => not found
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-04-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-04-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\zippy\AppData\Local\Google\Chrome\User Data\Default [2022-06-04]
CHR Notifications: Default -> hxxp://router.asus.com; hxxps://p7.regardensy.mobi; hxxps://www.facebook.com; hxxps://www.google.cz; hxxps://www.youtube.com
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\zippy\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2015-08-14]
CHR Extension: (Cultures Online) - C:\Users\zippy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjbdgmikfnklbopkafjgbcejoiipemkl [2015-08-14]
CHR Extension: (Full Screen Weather) - C:\Users\zippy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg [2015-08-14]
CHR Extension: (Facebook for Chrome) - C:\Users\zippy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp [2015-08-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\zippy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-05-08]
CHR Extension: (Ubiquiti Device Discovery Tool) - C:\Users\zippy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmpigflbjeapnknladcfphgkemopofig [2019-01-26]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\zippy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-06-04]
CHR Extension: (Google Translate) - C:\Users\zippy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfhgpjbcoignfibliobpclhpfnadhofn [2022-02-13]
CHR Extension: (Quick Earth) - C:\Users\zippy\AppData\Local\Google\Chrome\User Data\Default\Extensions\khodocggeplgfhppgagfdpbjkniadmdh [2015-08-14]
CHR Extension: (3D Solar System Web) - C:\Users\zippy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdaaepplopehigjgkolniddiadbbkphd [2015-08-14]
CHR Extension: (Typing Game) - C:\Users\zippy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mobfbeogeanchbdhboilncgnkfkibjjg [2015-08-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\zippy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-06]
CHR Extension: (convert2mp3.net Online Video Converter) - C:\Users\zippy\Downloads\convert2mp3_chrome_addon-2.4\convert2mp3_video_converter_2.4 [2014-12-18] [UpdateUrl:hxxp://convert2mp3.net/misc/chrome_update.xml] <==== ATTENTION
CHR Profile: C:\Users\zippy\AppData\Local\Google\Chrome\User Data\System Profile [2022-02-13]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 AsusFPService; C:\Program Files (x86)\ASUS\FingerPrint\AsusFPService_x64.exe [912896 2012-09-22] () [File not signed]
R2 BBGate; D:\srv_apps\bbgate\BBGate.exe [1211392 2014-03-05] (VOLKSWAGEN AG) [File not signed]
R2 BBGate-HTTPD; D:\srv_apps\bbgate\Apache.exe [20480 2013-06-20] () [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11139024 2022-05-03] (Microsoft Corporation -> Microsoft Corporation)
S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-21] (Microsoft Corporation -> Microsoft Corporation)
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [158912 2019-03-28] (Microsoft Dynamic Code Publisher -> Microsoft Corporation)
R2 Crypkey License; C:\Windows\system32\crypserv.exe [122880 2008-05-08] (CrypKey (Canada) Ltd.) [File not signed]
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1369432 2015-11-18] (Disc Soft Ltd -> Disc Soft Ltd)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [30080 2012-10-01] (Intel Corporation -> Intel Corporation)
S4 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2429544 2011-12-07] (Realtek Semiconductor Corp -> Realsil Microelectronics Inc.)
R2 intelsba; C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [47368 2012-07-12] (Intel Corporation - Business Client Platform Division -> Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [149032 2012-08-17] (Intel(R) Smart Connect software -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8524512 2022-05-08] (Malwarebytes Inc. -> Malwarebytes)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc. -> McAfee, Inc.)
S4 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc. -> McAfee, Inc.)
S4 McSchedulerSvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc. -> McAfee, Inc.)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [62382256 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
R3 MSSQLFDLauncher; c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [42168 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
R2 MSSQLSERVER; c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [62382256 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R2 ReportServer; c:\Program Files\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2194096 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [442536 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
S4 SQLSERVERAGENT; c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [442536 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
R2 UsbService; C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe [334848 2010-08-10] () [File not signed]
R2 vcsFPService; C:\Windows\system32\vcsFPService.exe [2248192 2012-09-11] (Validity Sensors, Inc.) [File not signed]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-09-14] (VIA Technologies Inc. -> VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292096 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
S4 WorkshopDBService; C:\Program Files (x86)\Vivid WorkshopData ATI\WorkshopDBServer.exe [114688 2019-02-05] (Acresso) [File not signed]
S2 AMPPALR3; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [X]
S2 DptfPolicyConfigTDPService; %SystemRoot%\system32\DptfPolicyConfigTDPService.exe [X]
S3 DSAUpdateService; "C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe" [X]
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AMPPAL; C:\Windows\System32\DRIVERS\AMPPAL.sys [198144 2012-03-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 AMPPALP; C:\Windows\System32\DRIVERS\amppal.sys [198144 2012-03-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R0 assd; C:\Windows\System32\Drivers\assd.sys [31104 2012-08-21] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 athr; C:\Windows\System32\DRIVERS\athrx.sys [1394688 2009-06-20] (Microsoft Windows -> Atheros Communications, Inc.)
S3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [80896 2012-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Motorola Solutions, Inc.)
S3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [111104 2012-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [849408 2012-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Motorola Solutions, Inc.)
R3 DptfDevDram; C:\Windows\System32\DRIVERS\DptfDevDram.sys [107328 2012-10-01] (Intel Corporation -> Intel Corporation)
R3 DptfDevFan; C:\Windows\System32\DRIVERS\DptfDevFan.sys [42816 2012-10-01] (Intel Corporation -> Intel Corporation)
R3 DptfDevGen; C:\Windows\System32\DRIVERS\DptfDevGen.sys [64832 2012-10-01] (Intel Corporation -> Intel Corporation)
R3 DptfDevPch; C:\Windows\System32\DRIVERS\DptfDevPch.sys [96576 2012-10-01] (Intel Corporation -> Intel Corporation)
R3 DptfDevProc; C:\Windows\System32\DRIVERS\DptfDevProc.sys [229184 2012-10-01] (Intel Corporation -> Intel Corporation)
R3 DptfManager; C:\Windows\System32\DRIVERS\DptfManager.sys [363328 2012-10-01] (Intel Corporation -> Intel Corporation)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2018-06-17] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47160 2018-06-17] (Disc Soft Ltd -> Disc Soft Ltd)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2018-11-20] (DT Soft Ltd -> DT Soft Ltd)
S3 edicusb; C:\Windows\System32\DRIVERS\edicusb7x64.sys [33944 2016-03-01] (Softing AG -> Softing Automotive Electronics GmbH)
S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [18944 2021-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 googledrivefs3758; C:\Windows\System32\DRIVERS\googledrivefs3758.sys [386632 2022-04-13] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
S2 HOSTNT; C:\Windows\SysWow64\Drivers\HOSTNT.sys [4032 2019-07-17] () [File not signed]
S3 HWHandSet; C:\Windows\System32\DRIVERS\hw_quusbmdm.sys [226560 2021-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2021-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [17280 2012-08-05] (ASUSTeK Computer Inc. -> )
S3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [57344 2009-06-10] (Microsoft Windows -> Atheros Communications, Inc.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2022-05-08] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239560 2022-06-04] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
S2 multikey; C:\Windows\System32\DRIVERS\multikey.sys [67584 2021-01-11] (NGO -> Chingachguk & Denger2k (Elite & SP edition))
R1 NetworkX; C:\Windows\system32\ckldrv.sys [28664 2008-03-17] (CrypKey (Canada) Inc. -> )
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
S2 NSHE; C:\Windows\SysWOW64\Drivers\NSHE.SYS [98816 2013-05-22] (NGO -> T0r0 2008) [File not signed]
S3 NSNDIS5; C:\Windows\SysWOW64\NSNDIS5.SYS [17280 2004-03-24] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 qcusbser; C:\Windows\System32\DRIVERS\qcusbser.sys [245248 2015-07-09] (QUALCOMM Incorporated) [File not signed]
S4 RsFx0153; C:\Windows\System32\DRIVERS\RsFx0153.sys [322736 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
S3 RT-USB; C:\Windows\System32\drivers\RT-USB64.SYS [97152 2014-05-12] (Ross-Tech, LLC -> Ross-Tech LLC)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2018-11-20] (Duplex Secure Ltd -> Duplex Secure Ltd.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 stdcfltn; C:\Windows\System32\DRIVERS\stdcfltn.sys [22128 2011-07-16] (STMicroelectronics -> ST Microelectronics)
S3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [48096 2012-08-10] (Intel Wireless Display -> Windows (R) Win 7 DDK provider)
S1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [121824 2016-07-21] (Oracle Corporation -> Oracle Corporation)
U5 vsock; C:\Windows\System32\Drivers\vsock.sys [103736 2019-08-14] (VMware, Inc. -> VMware, Inc.)
R3 vuhub; C:\Windows\System32\DRIVERS\vuhub.sys [47616 2007-12-17] (Eltima Software -> )
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2022-06-04] (Intel(R) Smart Connect software -> )
S3 XHCIPort; C:\Windows\System32\DRIVERS\XHCIPort.sys [188384 2012-08-10] (Intel Wireless Display -> Windows (R) Win 7 DDK provider)
S0 edevmon; system32\DRIVERS\edevmon.sys [X]
S1 fkwktvhs; \??\C:\Windows\system32\drivers\fkwktvhs.sys [X]
S3 PCASp60; System32\Drivers\PCASp60.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-06-04 10:13 - 2022-06-04 10:18 - 000034495 _____ C:\Users\zippy\Desktop\FRST.txt
2022-06-04 10:12 - 2022-06-04 10:16 - 000000000 ____D C:\FRST
2022-06-04 10:11 - 2022-06-04 10:12 - 002368000 _____ (Farbar) C:\Users\zippy\Desktop\FRST64.exe
2022-06-04 09:29 - 2022-06-04 09:29 - 000094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2022-05-28 22:10 - 2022-05-28 22:10 - 000002470 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visio 2016.lnk
2022-05-28 22:10 - 2022-05-28 22:10 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2022-05-28 22:10 - 2022-05-28 22:10 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2022-05-28 22:10 - 2022-05-28 22:10 - 000002422 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project 2016.lnk
2022-05-28 22:10 - 2022-05-28 22:10 - 000002417 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2022-05-28 22:10 - 2022-05-28 22:10 - 000002412 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2022-05-28 22:10 - 2022-05-28 22:10 - 000002373 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2022-05-28 22:10 - 2022-05-28 22:10 - 000002338 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2022-05-28 22:10 - 2022-05-28 22:10 - 000002334 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2022-05-28 22:10 - 2022-05-28 22:10 - 000002210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive pro firmy.lnk
2022-05-28 22:10 - 2022-05-28 22:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2022-05-08 18:16 - 2022-05-08 18:16 - 000000000 ____D C:\Users\zippy\AppData\Local\mbam
2022-05-08 18:13 - 2022-05-08 18:13 - 000001966 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-05-08 18:13 - 2022-05-08 18:13 - 000001954 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-05-08 18:12 - 2022-06-04 09:31 - 000239560 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2022-05-08 18:12 - 2022-05-08 18:12 - 000223176 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2022-05-08 18:11 - 2022-05-08 18:10 - 000103888 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2022-05-08 18:09 - 2022-05-08 18:09 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-05-08 18:09 - 2022-05-08 18:09 - 000000000 ____D C:\Program Files\Malwarebytes
2022-05-08 18:06 - 2022-05-08 18:07 - 002443448 _____ (Malwarebytes) C:\Users\zippy\Desktop\MBSetup-119181.119181-consumer.exe
2022-05-08 18:02 - 2022-05-08 18:07 - 000000000 ____D C:\rsit
2022-05-08 18:02 - 2022-05-08 18:06 - 000000000 ____D C:\Program Files\trend micro
2022-05-08 18:01 - 2022-05-08 18:01 - 001222144 _____ C:\Users\zippy\Desktop\RSITx64.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-06-04 10:10 - 2015-08-14 23:28 - 000000000 ____D C:\Program Files (x86)\Google
2022-06-04 09:53 - 2009-07-14 06:45 - 000025216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2022-06-04 09:53 - 2009-07-14 06:45 - 000025216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2022-06-04 09:29 - 2009-01-02 07:10 - 000034752 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys
2022-06-04 09:28 - 2016-09-05 18:35 - 000073232 _____ (Absolute Software Corp.) C:\Windows\SysWOW64\rpcnet.dll
2022-06-04 09:28 - 2009-01-02 06:41 - 000017408 _____ C:\Windows\system32\rpcnetp.exe
2022-06-04 09:26 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-05-29 00:25 - 2015-08-24 23:28 - 000000000 ____D C:\Windows\system32\MRT
2022-05-28 23:27 - 2015-08-14 23:30 - 000002190 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-05-28 23:10 - 2015-08-24 23:28 - 145501456 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-05-28 22:08 - 2015-08-17 10:45 - 000000000 ____D C:\Program Files\Microsoft Office
2022-05-28 21:58 - 2021-10-20 18:57 - 000002014 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2022-05-28 21:58 - 2021-09-30 15:31 - 000001860 _____ C:\Users\Default\Desktop\Google Slides.lnk
2022-05-28 21:58 - 2021-09-30 15:31 - 000001860 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2022-05-28 21:58 - 2021-09-30 15:31 - 000001848 _____ C:\Users\Default\Desktop\Google Docs.lnk
2022-05-08 19:13 - 2021-03-17 00:01 - 000000000 ____D C:\Windows\system32\Tasks\MEGA
2022-05-08 19:13 - 2020-03-24 15:24 - 000000000 ____D C:\Program Files (x86)\TNod
2022-05-08 19:13 - 2016-09-10 16:59 - 000000000 ____D C:\Users\zippy\Downloads\GoogleSketchUpPro 8
2022-05-08 19:07 - 2021-04-04 14:19 - 000000000 ____D C:\Users\zippy\Downloads\xiaomi 4a unlock
2022-05-08 10:59 - 2017-09-17 14:27 - 000000000 ____D C:\ProgramData\NationAssets
2022-05-08 10:59 - 2009-01-02 07:01 - 000000000 ____D C:\Program Files (x86)\Cisco

==================== Files in the root of some directories ========

2019-07-17 12:15 - 2019-07-17 12:15 - 000000000 _____ () C:\Program Files (x86)\appl.log
2016-04-07 13:57 - 2016-04-07 13:57 - 000000600 _____ () C:\Users\zippy\AppData\Roaming\winscp.rnd
2015-08-18 08:16 - 2022-02-13 12:50 - 000000128 _____ () C:\Users\zippy\AppData\Local\PUTTY.RND
2019-03-02 22:02 - 2019-03-02 22:02 - 000007605 _____ () C:\Users\zippy\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2022-05-08 20:42
==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-06-2022 01
Ran by zippy (04-06-2022 10:20:44)
Running from C:\Users\zippy\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X64) (2015-08-14 18:32:08)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3120791401-419603262-3569886352-500 - Administrator - Disabled)
Guest (S-1-5-21-3120791401-419603262-3569886352-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3120791401-419603262-3569886352-1005 - Limited - Enabled)
zippy (S-1-5-21-3120791401-419603262-3569886352-1000 - Administrator - Enabled) => C:\Users\zippy

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
ASUS AlwaysLive (HKLM-x32\...\{47648543-9411-4E38-B24F-AA9186FAAEF2}) (Version: 1.0.1 - ASUS)
ASUS FaceLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0014 - ASUS)
ASUS FingerPrint (HKLM-x32\...\{3C8ABBCF-EADC-4BD7-AD10-5D48B2A8A332}) (Version: 1.0.5 - ASUSTek Computer Inc.)
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.2 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.6.8 - ASUSTeK COMPUTER INC.)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.2.2 - ASUS)
ASUS Secure Delete (HKLM\...\{761C6783-D3BC-48AB-8E7C-61CE918A8436}) (Version: 1.00.0012 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
ASUS Wireless Router Device Discovery Utility (HKLM-x32\...\{09CDCA35-23FF-4ED6-AFDA-BBD55235CE4B}) (Version: 1.4.7.2 - ASUS)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.10.168 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0023 - ASUS)
Auto-diagnostika (HKLM-x32\...\{96A08A55-6F13-4105-B794-472801453427}) (Version: 1.0.0 - AutoComSoft s.r.o)
Backup and Sync from Google (HKLM\...\{696895F7-52C7-4C9E-998B-C7E0CC907092}) (Version: 3.57.4256.0809 - Google, Inc.)
Balíček ovladače systému Windows - AVL DiTEST (VAS6356) Net (06/01/2011 3.14.3.6) (HKLM\...\977056345FBDB7C834B41705C11ADE45A26FA056) (Version: 06/01/2011 3.14.3.6 - AVL DiTEST)
Balíček ovladače systému Windows - FTDI CDM Driver Package - Bus/D2XX Driver (01/18/2013 2.08.28) (HKLM\...\9E24492CE9279512BD465F61DB8523641BB7BBFC) (Version: 01/18/2013 2.08.28 - FTDI)
Balíček ovladače systému Windows - FTDI CDM Driver Package - Bus/D2XX Driver (10/28/2015 2.12.10) (HKLM\...\12D44995952AE7F32773C9692DF0FC7C18D8780F) (Version: 10/28/2015 2.12.10 - FTDI)
Balíček ovladače systému Windows - FTDI CDM Driver Package - VCP Driver (01/18/2013 2.08.28) (HKLM\...\E61B77ECE57113AE1CA028BC7A8AD6C137BD13DD) (Version: 01/18/2013 2.08.28 - FTDI)
Balíček ovladače systému Windows - FTDI CDM Driver Package - VCP Driver (10/28/2015 2.12.10) (HKLM\...\9A46F8D76A417B6410313C6EA2772D42E3F5B88B) (Version: 10/28/2015 2.12.10 - FTDI)
Balíček ovladače systému Windows - Ross-Tech USB Driver Package (05/12/2014 2.10.00) (HKLM\...\88B02C4BD09AA7910C55C4E74BE8F036244B5CF9) (Version: 05/12/2014 2.10.00 - Ross-Tech)
Balíček ovladače systému Windows - Ross-Tech USB Driver Package (05/12/2014 2.10.00) (HKLM\...\F99E6C5A14B5EBAB27FDFE2637878DF8208069E7) (Version: 05/12/2014 2.10.00 - Ross-Tech)
Balíček ovladače systému Windows - Ross-Tech USB Driver Package (06/16/2010 2.06.02) (HKLM\...\F2D626F9A8E5C6126BED6EBD3E3504D0B2AB8443) (Version: 06/16/2010 2.06.02 - Ross-Tech)
Black & White® 2 (HKLM-x32\...\{D9E52CD1-9DF1-4A8A-9BDC-1E5E53982F2B}) (Version: 1.00.0000 - Lionhead Studios)
Caesar 3 (HKLM-x32\...\GOGPACKCAESAR3_is1) (Version: 2.0.0.9 - GOG.com)
Canon LBP3010/LBP3018/LBP3050 (HKLM\...\Canon LBP3010/LBP3018/LBP3050) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.89 - Piriform)
CDSM Designer (HKLM-x32\...\CDSM_CDSM Designer) (Version: - )
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Counter-Strike 1.6 (HKLM-x32\...\{13B792AA-C078-43A4-8A3A-8B12D629940D}) (Version: 1.00.0000 - )
Counter-Strike 1.6 (HKLM-x32\...\Counter-Strike 1.6) (Version: - )
CPUID CPU-Z 1.98 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.98 - CPUID, Inc.)
Crash Bandicoot 2 version 1.9.0 (HKLM-x32\...\{6A17D308-CA80-4423-8EAB-4CBB645DBEC4}_is1) (Version: 1.9.0 - )
Crash Bandicoot 3 version 1.9.0 (HKLM-x32\...\{C44E0661-5603-4F83-B85D-4092248E2DFB}_is1) (Version: 1.9.0 - )
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0112 - Disc Soft Ltd)
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.2.0.0348 - DT Soft Ltd)
Diablo II CZ verze 1.13c (HKLM-x32\...\{F380060E-D8AC-4823-91B8-71B9054C8DD2}_is1) (Version: 1.13c - )
DiskGenius 5.1.2 (HKLM\...\{2661F2FA-56A7-415D-8196-C4CB3D3ACFFE}_is1) (Version: - Eassos Co., Ltd.)
ETDWare PS/2-X64 11.5.0.9_WHQL (HKLM\...\Elantech) (Version: 11.5.0.9 - ELAN Microelectronic Corp.)
Expendable (HKLM-x32\...\1207658789_is1) (Version: 1.0 - GOG.com)
FastShare.cz verze 2.3.1 (HKLM-x32\...\FastShare.cz_is1) (Version: 2.3.1 - )
Firefox portable - TV (HKLM-x32\...\{7E2E3B95-8D35-4C23-9BFE-442044F05B33}) (Version: 1.26.11.14 - Starnet s.r.o.)
FormApps Signing Extension (HKLM-x32\...\{ACA43D91-8B42-4D42-8C8B-A893BD6AA40D}) (Version: 2.8.2.28 - Software602 a.s.)
Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GDR 4042 for SQL Server 2008 R2 (KB3045313) (64-bit) (HKLM\...\KB3045313) (Version: 10.52.4042.0 - Microsoft Corporation)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 58.0.3.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 101.0.4951.67 - Google LLC)
HellShare Upload Client verze 2.0 (HKLM-x32\...\{D23B94EF-3D81-4EC7-B826-EF3D07F8C7AF}_is1) (Version: 2.0 - HellShare.com)
Heroes of Might and Magic III Complete HD verze 4.203 RC3 (HKLM-x32\...\{9C248150-24CA-45DF-8A4E-632BD270D09D}_is1) (Version: 4.203 RC3 - )
Heroes of Might and Magic IV Gold verze 3.0c (HKLM-x32\...\{67FA88C6-ECC7-45AD-9615-3FB4AFE3E131}_is1) (Version: 3.0c - )
Heroes of Might and Magic V with Hammers of Fate (HKLM-x32\...\1207661143_is1) (Version: 2.1.0.22 - GOG.com)
HID OMNIKEY 3x2x PC/SC Driver (HKLM-x32\...\{8C825A17-A0F6-48AE-8DAE-A9FAC5999510}) (Version: 1.2.24.27 - HID Global Corporation)
Intel Driver && Support Assistant (HKLM-x32\...\{6B913517-E442-4045-A3A6-4C9EC4C4F0CC}) (Version: 19.10.42.4 - Intel) Hidden
Intel PROSet Wireless (HKLM\...\ProInst) (Version: - ) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{D40D4164-EEDB-4F0F-85C6-2058A9E34CC7}) (Version: 2.4.04370 - Intel Corporation)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 6.0.6.1082 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 16.8 - Intel)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2752 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{BEE86606-EFB5-4353-9F34-29E0C59CDCFA}) (Version: 15.2.0.0284 - Intel Corporation)
Intel(R) Small Business Advantage (HKLM-x32\...\{6A6D86CD-B004-46b7-8951-7BB75A776F8C}) (Version: 1.1.22.3687 - Intel(R) Corporation)
Intel(R) Smart Connect Technology 3.0 x64 (HKLM\...\{DE788AD4-F7CE-4995-ADF8-56174A7B613C}) (Version: 3.0.41.1571 - Intel)
Intel(R) Update Manager (HKLM-x32\...\{608E1B9B-A2E8-4A1F-8BAB-874EB0DD25E3}) (Version: 1.0.0.34813 - Intel Corporation) Hidden
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{EDBA2433-0910-4C72-8C5B-8FEDAE3EF18E}) (Version: 3.5.34.0 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{d42c99b5-286f-435f-8ba8-367bd9cffb1b}) (Version: 19.10.42.4 - Intel)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{181BBF43-CA17-4E1A-A78D-81E67A57B8A4}) (Version: 15.02.0000.1258 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{977D1ABF-4089-4CA7-BA33-CC75808B7ACE}) (Version: 1.24.738.1 - Intel Corporation) Hidden
Malwarebytes version 4.5.9.198 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.9.198 - Malwarebytes)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3120791401-419603262-3569886352-1000\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Need for Speed Underground 2 verze 1.2 (HKLM-x32\...\{6B8B33B2-6227-4912-9173-0A1F32535CF7}_is1) (Version: 1.2 - )
Network Stumbler 0.4.0 (remove only) (HKLM-x32\...\Network Stumbler) (Version: - )
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12527.22121 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12527.22121 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.12527.22121 - Microsoft Corporation) Hidden
OldSchool RuneScape Launcher 1.2.7 (HKLM-x32\...\{FEDDCE73-34B8-4980-90B8-8619A78C902C}) (Version: 1.2.7 - Jagex Ltd)
OpenOffice 4.1.2 (HKLM-x32\...\{69D27D4C-36CE-4CB2-A290-C38B0A990955}) (Version: 4.12.9782 - Apache Software Foundation)
Patch 1.00 (HKLM-x32\...\Patch 1.00) (Version: 1.00 - Patch)
Pharaoh Gold (HKLM-x32\...\1207659046_is1) (Version: 2.1.0.15 - GOG.com)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 5.0.1.312 - Jan Fiala)
qBittorrent 4.3.2 (HKLM-x32\...\qBittorrent) (Version: 4.3.2 - The qBittorrent project)
Raccolta foto di Windows Live (HKLM-x32\...\{ED16B700-D91F-44B0-867C-7EB5253CA38D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.28117 - Realtek Semiconductor Corp.)
RuneScape Launcher 2.2.4 (HKLM\...\RuneScape Launcher_is1) (Version: 2.2.4 - Jagex Ltd)
SceneSwitch (HKLM-x32\...\{5172E572-C175-4F80-A6D5-5CB45826AD61}) (Version: 1.0.16 - ASUS)
SD Card Formatter (HKLM-x32\...\{A61131DC-B92D-4AD8-A925-E2D6D5FE217C}) (Version: 5.0.1 - SD Association)
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Softing D-PDU API V1.20.042 EDIC_D_PDU_API_OS (HKLM-x32\...\Softing D-PDU API V1.20.042 EDIC_D_PDU_API_OS) (Version: 1.20.042 - Softing Automotive Electronics GmbH)
SQL Server 2008 R2 Reporting Services (HKLM\...\{0C270C59-8706-42B8-A2AD-6E5EE18BC90B}) (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 BI Development Studio (HKLM\...\{1330309E-64D3-43F4-AA18-BC856182B5DB}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 BI Development Studio (HKLM\...\{312E8540-0799-45D5-A02E-DFB8FCA93CCA}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Common Files (HKLM\...\{234F6B0D-10AE-4BB7-B2F3-E48D4861952D}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Common Files (HKLM\...\{36F70DEE-1EBF-4707-AFA2-E035EEAEBAA1}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM\...\{2E81ADBE-DED7-4B54-9C8D-FBD885C259C5}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM\...\{5318020E-E32C-4A33-BC8D-EEF5CC2F6CA1}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM\...\{9FFAE13C-6160-4DD0-A67A-DAC5994F81BD}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM\...\{A06F883B-5E97-486F-BD22-7EAB77E8F701}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM\...\{FA7394B8-CE65-4F9E-AC99-F372AD365424}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM\...\{FBD367D1-642F-47CF-B79B-9BE48FB34007}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (HKLM\...\{A2122A9C-A699-4365-ADF8-68FEAC125D61}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (HKLM\...\{C942A025-A840-4BF2-8987-849C0DD44574}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Full text search (HKLM\...\{9E9A647A-7AB5-40BF-9D0B-329451770077}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Management Studio (HKLM\...\{51E5BC99-A087-4CFF-8D93-462903EA7E12}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Management Studio (HKLM\...\{72AB7E6F-BC24-481E-8C45-1AB5B3DD795D}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Reporting Services (HKLM\...\{2453DBC8-ACC4-4711-BD03-0C15353AA3D8}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (HKLM\...\{F31183CF-E10F-4DE1-BB59-6C0FF38E481E}) (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.07.0031 - ST Microelectronics)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
STORMWARE POHODA Start CZ (HKLM-x32\...\{6531FE3F-206A-4683-BA0A-3AC2CD746021}) (Version: 11500.110 - STORMWARE)
The Settlers II - 10th Anniversary (HKLM-x32\...\GOGPACKSETTLERS210TH_is1) (Version: 2.0.0.8 - GOG.com)
TmUnitedForever (HKLM-x32\...\TmUnitedForever_is1) (Version: - Nadeo)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0 - Ghisler Software GmbH)
Total Commander 8.51 Final Multilingual Full Version + Patch 8.51 (HKLM-x32\...\Total Commander 8.51 Final Multilingual Full Version + Patch 8.51) (Version: 8.51 - Total Commander)
UndeleteMyFiles Pro (HKLM-x32\...\UndeleteMyFiles Pro_is1) (Version: - SeriousBit)
Uplink (HKLM-x32\...\GOGPACKUPLINK_is1) (Version: 2.0.0.5 - GOG.com)
VAG CAN Professional version 5.0.4 (HKLM-x32\...\VAG CAN Professional_is1) (Version: 5.0.4 - )
Validity Sensors PBA DDK (HKLM\...\{6BCFA58F-AB31-4BB4-8999-5603ADE3B7C4}) (Version: 4.4.210.5 - Validity Sensors, Inc.)
VAS 6154 Driver Package 2.0.10.110 (HKLM-x32\...\VAS6154 RNDIS USB Driver_is1) (Version: 2.0.10.110 - Volkswagen AG)
VAS 6356 ODIS 2020 (HKLM-x32\...\{B3C5AF3B-63A8-4803-A89B-D6DDFA5A5F5A}) (Version: 1.19.0005 - AVL DiTEST GmbH)
VAS 6558 - 6558A ODIS 2020 (HKLM-x32\...\{4F917E7C-4EF8-4881-818F-8D8992D83FF0}) (Version: 1.18.0005 - AVL DiTEST GmbH)
VCDS Release 21.3.0 (HKLM-x32\...\VCDS Release) (Version: 21.3.0 - Ross-Tech)
VCDS SVO 19.6 (HKLM-x32\...\VCDS SVO) (Version: SVO 19.6.2 - Ross-Tech, LLC)
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Viber (HKLM-x32\...\{1136C29D-BAFD-4D56-9594-DF24428B85EE}) (Version: 6.9.1.77 - Viber Media Inc.) Hidden
VIIPlusLoader 08.021.05 (HKLM-x32\...\VIIPlusLoader) (Version: 08.021.05 - ABCXX)
Vivid WorkshopData ATI (HKLM-x32\...\Vivid WorkshopData ATI) (Version: 8.3.0.1 - )
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
VW D-PDU API (XS_D_PDU_API_OS) (HKLM-x32\...\XS_D_PDU_API_OS_is1) (Version: 21.2.0 - Volkswagen AG)
VW-MCD MCD-Kernel 14.0.0 (HKLM-x32\...\Uninstall VW-MCD MCD-Kernel 14.0.0_is1) (Version: 14.0.0 - VW)
VW-MCD MCD-Kernel 14.0.0 Installation #2 (HKLM-x32\...\Uninstall VW-MCD MCD-Kernel 14.0.0 Installation #2_is1) (Version: 14.0.0 - VW)
VW-MCD ODX-Converter 14.0.0 (HKLM-x32\...\Uninstall VW-MCD ODX-Converter 14.0.0_is1) (Version: 14.0.0 - VW)
VW-MCD ODX-Converter 14.0.0 Installation #2 (HKLM-x32\...\Uninstall VW-MCD ODX-Converter 14.0.0 Installation #2_is1) (Version: 14.0.0 - VW)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - Blizzard Entertainment)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.2.7.557 - ASUS Cloud Corporation)
Wi-Fi Scanner version 3.4.0.121 (HKLM-x32\...\Wi-Fi Scanner_is1) (Version: 3.4.0.121 - LizardSystems)
Win32DiskImager version 1.0.0 (HKLM-x32\...\{3DFFA293-DF2C-4B23-92E5-3433BDC310E1}}_is1) (Version: 1.0.0 - ImageWriter Developers)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
WinRAR 5.61 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
WinSCP 5.7.7 (HKLM-x32\...\winscp3_is1) (Version: 5.7.7 - Martin Prikryl)
Wireless Console 3 (HKLM-x32\...\{19EA33FB-B34E-40EA-8B8A-61743AEB795A}) (Version: 3.0.35 - ASUS)
Wondershare Data Recovery(Build 4.3.1.6) (HKLM-x32\...\{FEA3976F-D621-45F3-AFBD-E812A1F2F00D}_is1) (Version: 4.3.1.6 - Wondershare Software Co.,Ltd.)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (HKLM-x32\...\{C00C2A91-6CB3-483F-80B3-2958E29468F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (HKLM-x32\...\{E83DC314-C926-4214-AD58-147691D6FE9F}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотоальбом Windows Live (HKLM-x32\...\{77F69CA1-E53D-4D77-8BA3-FA07606CC851}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)
גלריית התמונות של Windows Live (HKLM-x32\...\{CE929F09-3853-4180-BD90-30764BFF7136}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים (HKLM-x32\...\{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}) (Version: 15.4.5722.2 - Microsoft Corporation)
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة (HKLM-x32\...\{E18B30AA-6E2D-480C-B918-AF61009F4010}) (Version: 15.4.5722.2 - Microsoft Corporation)
معرض صور Windows Live (HKLM-x32\...\{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3120791401-419603262-3569886352-1000_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed]
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\58.0.3.0\drivefsext.dll [2022-05-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\58.0.3.0\drivefsext.dll [2022-05-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\58.0.3.0\drivefsext.dll [2022-05-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\58.0.3.0\drivefsext.dll [2022-05-16] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.7.557\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.7.557\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.7.557\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) [File not signed]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [DaemonShellExtImage] -> {40966797-8FFE-46C8-9EF8-7003F33CCF0F} => C:\Program Files (x86)\DAEMON Tools Pro\DTShl64.dll [2012-10-23] (Disc Soft Ltd -> DT Soft Ltd)
ContextMenuHandlers1: [DataSanitizerShellExtObj] -> {35595751-F655-4A14-90AB-C2EC32780F41} => C:\Program Files (x86)\Common Files\ASUS\Secure Delete\ASUS Secure Delete ShellExt.dll [2012-08-21] (ASUSTeK Computer Inc. -> TODO: <Company name>)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\58.0.3.0\drivefsext.dll [2022-05-16] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDrive] -> {A5415364-784A-41A5-B47A-D452909CA8FF} => C:\Program Files (x86)\DAEMON Tools Pro\DTShl64.dll [2012-10-23] (Disc Soft Ltd -> DT Soft Ltd)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:\Program Files (x86)\Common Files\AWS\2.2.7.557\ASUSWSContextMenu.dll [2016-03-15] (ASUS Cloud Corporation -> ASUS Cloud Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-08] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DataSanitizerShellExtObj] -> {35595751-F655-4A14-90AB-C2EC32780F41} => C:\Program Files (x86)\Common Files\ASUS\Secure Delete\ASUS Secure Delete ShellExt.dll [2012-08-21] (ASUSTeK Computer Inc. -> TODO: <Company name>)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\58.0.3.0\drivefsext.dll [2022-05-16] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\58.0.3.0\drivefsext.dll [2022-05-16] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-05-22] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-08] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-3120791401-419603262-3569886352-1000: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\zippy\Desktop\starnet\Firefox Portable - TV.lnk -> C:\Program Files (x86)\Firefox portable - TV\FirefoxPortable.exe (PortableApps.com)
ShortcutWithArgument: C:\Users\zippy\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_hmpigflbjeapnknladcfphgkemopofig\Ubiquiti Device Discovery Tool.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=hmpigflbjeapnknladcfphgkemopofig
ShortcutWithArgument: C:\Users\zippy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Ubiquiti Device Discovery Tool.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=hmpigflbjeapnknladcfphgkemopofig

==================== Loaded Modules (Whitelisted) =============

2018-11-20 18:23 - 2018-11-19 16:53 - 000002560 _____ () [File not signed] C:\Program Files (x86)\DAEMON Tools Pro\MSIMG32.dll
2021-01-21 00:15 - 2013-06-20 10:36 - 000299008 _____ () [File not signed] D:\srv_apps\bbgate\ApacheCore.dll
2012-04-24 03:21 - 2012-04-24 03:21 - 000333312 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\BluetoothHS\BTHSSupplicant.dll
2012-03-15 16:00 - 2012-03-15 16:00 - 000105472 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\BluetoothHS\UsR3IoPort.dll
2012-08-17 06:33 - 2012-08-17 06:33 - 002207744 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\LServ.dll
2003-03-18 22:23 - 2003-03-18 22:23 - 000024576 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\1029\mdmui.dll
2021-01-21 00:35 - 2021-01-21 00:35 - 000113664 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_8a1a02152edb659b\ATL80.DLL
2012-09-11 17:40 - 2012-09-11 17:40 - 000569344 _____ (Validity Sensors, Inc.) [File not signed] C:\Windows\system32\vcsFPClient.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\rpcnet => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rpcnet => ""="Service"

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKLM\...\.scr: => <==== ATTENTION

==================== Internet Explorer (Version 11) (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3120791401-419603262-3569886352-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3120791401-419603262-3569886352-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
SearchScopes: HKU\S-1-5-21-3120791401-419603262-3569886352-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3120791401-419603262-3569886352-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-04-04] (Oracle America, Inc. -> Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-04-04] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-14] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2021-10-03 18:57 - 2022-02-13 12:50 - 000000000 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;C:\Program Files\Microsoft SQL Server\100\Tools\Binn\;C:\Program Files\Microsoft SQL Server\100\DTS\Binn\;C:\Program Fil
HKU\S-1-5-21-3120791401-419603262-3569886352-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\zippy\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.255.255.10 - 10.255.255.20
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: IconMan_R => 2
MSCONFIG\Services: mcpltsvc => 3
MSCONFIG\Services: McSchedulerSvc => 2
MSCONFIG\Services: WorkshopDBService => 2
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
MSCONFIG\startupreg: GoogleChromeAutoLaunch_05A2DD7A5AB557BE38B88C67EC7FFE53 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: Steam => "D:\Steam\steam.exe" -silent

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{2BE6E737-233A-4225-AC1F-2A349ED4A902}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{48E228F9-6D6D-4EEA-92E5-32B6B6FF7FED}] => (Allow) LPort=2869
FirewallRules: [{2BF3935E-0230-49B0-98B3-E675E577098E}] => (Allow) LPort=1900
FirewallRules: [{1BD0E0D6-B221-4E50-92E3-129534FA31FE}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Mobile Wireless Group -> )
FirewallRules: [{6EB5C4BD-A1E4-4FA0-874C-E375F2F867EF}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe (Intel Wireless Display -> Intel Corporation)
FirewallRules: [{0119894D-9E9F-47D4-ADBC-13810A996FAE}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{04CDC641-CF38-4970-9A8D-1DAC1901A314}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{EB810048-6024-4E8F-903D-D25113C32327}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{81B5CEC2-2AF5-4AD6-A1E9-2B45B021197C}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [TCP Query User{2BA34A87-82AE-4316-AD76-BD20C8572ED5}\\dave-pc\filmy\logiciel de scan - windows\ipcam3.6.exe] => (Allow) \\dave-pc\filmy\logiciel de scan - windows\ipcam3.6.exe => No File
FirewallRules: [UDP Query User{CF26E233-1A4C-4407-97F6-B51BC1FEFFC1}\\dave-pc\filmy\logiciel de scan - windows\ipcam3.6.exe] => (Allow) \\dave-pc\filmy\logiciel de scan - windows\ipcam3.6.exe => No File
FirewallRules: [TCP Query User{F201442A-9C37-415B-AC42-64FEF775EA41}D:\winbox.exe] => (Allow) D:\winbox.exe => No File
FirewallRules: [UDP Query User{E93EADFC-96D7-4DE3-9A1A-D46F487C952D}D:\winbox.exe] => (Allow) D:\winbox.exe => No File
FirewallRules: [TCP Query User{D799B948-6D2E-4C71-B978-B4166EA169ED}D:\hry\tmunitedforever\tmforever.exe] => (Allow) D:\hry\tmunitedforever\tmforever.exe () [File not signed]
FirewallRules: [UDP Query User{BCB8C6A6-61B9-411A-BE25-4925C4981A91}D:\hry\tmunitedforever\tmforever.exe] => (Allow) D:\hry\tmunitedforever\tmforever.exe () [File not signed]
FirewallRules: [{435D3954-F3D6-460F-A861-DA95BB238C24}] => (Allow) C:\Program Files (x86)\ASUS\Wireless Router\Device Discovery\Discovery.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{A18EE0BC-51B8-4581-B91B-8B93498B2B3A}] => (Allow) C:\Program Files (x86)\ASUS\Wireless Router\Device Discovery\Discovery.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [TCP Query User{2731AD98-5B47-4FE6-B368-E62669F7E11E}C:\hry\valve\hl.exe] => (Allow) C:\hry\valve\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{BC727FDF-9127-4FD0-95C0-16CD1781660A}C:\hry\valve\hl.exe] => (Allow) C:\hry\valve\hl.exe (Valve) [File not signed]
FirewallRules: [{BE75B6E7-81D3-46B9-97E9-15DADF4E9536}] => (Allow) C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe () [File not signed]
FirewallRules: [{A079BC1C-767D-4599-B842-881B6411C4B9}] => (Allow) C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe () [File not signed]
FirewallRules: [{A55E2B3B-FD92-4DEF-9C33-366EAC233827}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{E80D4EE7-F157-414B-896D-318F0114F6E0}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{DAF3AFAE-C581-4C86-9DD4-89E1D56B78A1}C:\program files (x86)\vivid workshopdata ati\sed.exe] => (Allow) C:\program files (x86)\vivid workshopdata ati\sed.exe () [File not signed]
FirewallRules: [UDP Query User{9F9A1405-11E9-43AC-8573-31AAD065DEF5}C:\program files (x86)\vivid workshopdata ati\sed.exe] => (Allow) C:\program files (x86)\vivid workshopdata ati\sed.exe () [File not signed]
FirewallRules: [{B9C30055-688D-4A26-8EC2-8585723D92C7}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{27AD3760-8CE2-414A-917A-ECC235DD83E3}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [TCP Query User{DBC494DA-0FBB-48CA-93B9-37EB13D35347}C:\hry\counter-strike 1.6\hl.exe] => (Allow) C:\hry\counter-strike 1.6\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{6AABBCBF-703D-4790-9410-FB081720AFD7}C:\hry\counter-strike 1.6\hl.exe] => (Allow) C:\hry\counter-strike 1.6\hl.exe (Valve) [File not signed]
FirewallRules: [TCP Query User{25A378BB-DD85-490D-946C-25C8746AEDC7}C:\program files (x86)\microsoft\skype for desktop\skype.exe] => (Block) C:\program files (x86)\microsoft\skype for desktop\skype.exe => No File
FirewallRules: [UDP Query User{4E4C92EF-0FB0-4321-83B0-14249A82101F}C:\program files (x86)\microsoft\skype for desktop\skype.exe] => (Block) C:\program files (x86)\microsoft\skype for desktop\skype.exe => No File
FirewallRules: [{BEC6AD97-A672-44D1-ADD8-A2A3DA459A77}] => (Allow) C:\Ross-Tech\VCDS-SVO\VCIConfig.EXE (Ross-Tech, LLC -> Ross-Tech, LLC)
FirewallRules: [{DBA32A8B-73D4-47D8-9CC8-897FB36E7DAA}] => (Allow) C:\Ross-Tech\VCDS-SVO\VCIConfig.EXE (Ross-Tech, LLC -> Ross-Tech, LLC)
FirewallRules: [{BAC2A0EA-C071-4960-880E-FC5B7C550813}] => (Allow) C:\Ross-Tech\VCDS-SVO\VCIConfig.EXE (Ross-Tech, LLC -> Ross-Tech, LLC)
FirewallRules: [{DA9E34CB-3B69-45C7-B9A5-74A8D4147C6F}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{633DE3ED-A4C1-4D2B-975C-87EA0B1C7BF7}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{9972903B-C780-403D-B32E-3FE134743172}] => (Allow) D:\Steam\steamapps\common\Hacknet\Hacknet.exe () [File not signed]
FirewallRules: [{F7C3F2D6-B504-4720-8A40-ECB5ECD87646}] => (Allow) D:\Steam\steamapps\common\Hacknet\Hacknet.exe () [File not signed]
FirewallRules: [{C3398886-2900-4ED5-AA57-93E5F72AC8B0}] => (Allow) LPort=135
FirewallRules: [TCP Query User{F2C6C0FB-9F06-44BD-809B-8FF1F84BADB2}C:\users\zippy\downloads\nero burning rom & nero express 2020 22.0.1004 portable\nero burning rom.exe] => (Allow) C:\users\zippy\downloads\nero burning rom & nero express 2020 22.0.1004 portable\nero burning rom.exe (BALTAGY -> Nero AG) [File not signed]
FirewallRules: [UDP Query User{5ABD05DD-FE2B-469B-82C8-BABF085B17AA}C:\users\zippy\downloads\nero burning rom & nero express 2020 22.0.1004 portable\nero burning rom.exe] => (Allow) C:\users\zippy\downloads\nero burning rom & nero express 2020 22.0.1004 portable\nero burning rom.exe (BALTAGY -> Nero AG) [File not signed]
FirewallRules: [TCP Query User{BB794DC3-76A3-4572-9CE4-200D910550F3}C:\users\zippy\downloads\money s5 1.3.7.2740\s5.exe] => (Allow) C:\users\zippy\downloads\money s5 1.3.7.2740\s5.exe => No File
FirewallRules: [UDP Query User{E30C7BED-D2A9-497B-954B-6B44DE06789A}C:\users\zippy\downloads\money s5 1.3.7.2740\s5.exe] => (Allow) C:\users\zippy\downloads\money s5 1.3.7.2740\s5.exe => No File
FirewallRules: [{E2F79DC6-D442-4ECF-85B2-2F2996C095F8}] => (Allow) C:\Program Files (x86)\I+ME Actia GmbH\VAS6154 Driver\VAS6154App.exe (Actia I+ME GmbH -> Volkswagen AG)
FirewallRules: [{E7251C89-CA74-4297-8A36-0D16C22A93C6}] => (Allow) C:\Program Files (x86)\I+ME Actia GmbH\VAS6154 Driver\VAS6154App.exe (Actia I+ME GmbH -> Volkswagen AG)
FirewallRules: [{A6AD6C3C-BE1C-4B70-A1F2-B2E75DB41D74}] => (Allow) C:\Program Files (x86)\VW_PDUAPI_OS\PduProtocolLayerJ2534.exe => No File
FirewallRules: [{61C66289-501F-4F10-9C26-639AF4B58BD6}] => (Allow) C:\Program Files (x86)\VW_PDUAPI_OS\PduProtocolLayerVector.exe => No File
FirewallRules: [{999432E9-0B77-445D-9728-BB5A411A2ECE}] => (Allow) C:\Ross-Tech\VCDS 20.4.1\VCDS.EXE (Ross-Tech, LLC -> Ross-Tech, LLC)
FirewallRules: [{0B6A63E5-ED3C-4D4A-ADCE-24BED74A07F2}] => (Allow) C:\Ross-Tech\VCDS 20.4.1\VCIConfig.EXE (Ross-Tech, LLC -> Ross-Tech, LLC)
FirewallRules: [{EE1B7B90-C8F4-4170-8E83-907334E471E4}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe => No File
FirewallRules: [{6A55E916-CBB3-4165-89D5-911589064D82}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe => No File
FirewallRules: [{E1486ACC-FD54-48AE-ABAE-E52318CFF0FF}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe => No File
FirewallRules: [{C4198E8B-CBCF-45C3-A92D-7E517E8E6D34}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe => No File
FirewallRules: [TCP Query User{82625E8E-15FE-4A12-A5C5-8464DFFCE2E4}C:\windows\temp\files\bin\kmss.exe] => (Allow) C:\windows\temp\files\bin\kmss.exe => No File
FirewallRules: [UDP Query User{FA38476C-0A67-46FC-8191-E30C850E9FB5}C:\windows\temp\files\bin\kmss.exe] => (Allow) C:\windows\temp\files\bin\kmss.exe => No File
FirewallRules: [{DAC16B08-3168-43C6-845C-3CB586ECD185}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{AAD2DC56-6197-400C-BE21-5ECEF55BEA26}C:\hry\heroes of might and magic iii complete hd\_hd3_data\heroes3.exe] => (Allow) C:\hry\heroes of might and magic iii complete hd\_hd3_data\heroes3.exe (The 3DO Company) [File not signed]
FirewallRules: [UDP Query User{C4B5DAE5-4508-452B-9647-CF652446E6CE}C:\hry\heroes of might and magic iii complete hd\_hd3_data\heroes3.exe] => (Allow) C:\hry\heroes of might and magic iii complete hd\_hd3_data\heroes3.exe (The 3DO Company) [File not signed]
FirewallRules: [TCP Query User{8AFB8950-0C6C-4FD8-B3DD-FDCC14A5B7E9}C:\program files (x86)\sonork\sonork.exe] => (Allow) C:\program files (x86)\sonork\sonork.exe => No File
FirewallRules: [UDP Query User{5352A487-E18A-4367-8EFD-FDB4AC3A0427}C:\program files (x86)\sonork\sonork.exe] => (Allow) C:\program files (x86)\sonork\sonork.exe => No File
FirewallRules: [{DEAA0AD7-9D70-4303-B47C-90F2D425F10B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

28-05-2022 22:09:29 Windows Update
28-05-2022 23:03:09 Windows Update
04-06-2022 10:01:51 Windows Update

==================== Faulty Device Manager Devices ============

Name: Intel(R) Centrino(R) Wireless Bluetooth(R) 4.0 + High Speed Adapter
Description: Intel(R) Centrino(R) Wireless Bluetooth(R) 4.0 + High Speed Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Intel Corporation
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (06/04/2022 09:27:06 AM) (Source: BBGate) (EventID: 151) (User: NT AUTHORITY)
Description: COM error at HTTP post for WorkshopOrder

Error: (06/04/2022 09:27:06 AM) (Source: BBGate) (EventID: 151) (User: NT AUTHORITY)
Description: COM error at HTTP post for WorkshopOrder

Error: (06/04/2022 09:26:58 AM) (Source: BBGate) (EventID: 110) (User: NT AUTHORITY)
Description: Critical Error: BBGate(.\ElsaGate.cpp, 4637): Connection to aktive partner server failed. Třída není zaregistrována

Error: (05/28/2022 09:45:05 PM) (Source: BBGate) (EventID: 151) (User: NT AUTHORITY)
Description: COM error at HTTP post for WorkshopOrder

Error: (05/28/2022 09:45:05 PM) (Source: BBGate) (EventID: 151) (User: NT AUTHORITY)
Description: COM error at HTTP post for WorkshopOrder

Error: (05/28/2022 09:45:00 PM) (Source: BBGate) (EventID: 110) (User: NT AUTHORITY)
Description: Critical Error: BBGate(.\ElsaGate.cpp, 4637): Connection to aktive partner server failed. Třída není zaregistrována

Error: (05/08/2022 10:02:50 AM) (Source: Report Server Windows Service (MSSQLSERVER)) (EventID: 107) (User: )
Description: Report Server Windows Service (MSSQLSERVER) cannot connect to the report server database.

Error: (05/01/2022 03:01:01 AM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: CISCTPnpDriverApi::SetIsctMode Set ISCT_MODE failed, EXP=3, ACT=1


System errors:
=============
Error: (06/04/2022 10:27:51 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/04/2022 10:17:35 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070643): Aktualizace bezpečnostních informací pro produkt Microsoft Security Essentials - KB2310138 (verze 1.367.1009.0).

Error: (06/04/2022 10:03:22 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Microsoft Antimalware zjistil chybu při pokusu o aktualizaci podpisů.

Nová verze podpisu:

Předchozí verze podpisu:

Zdroj aktualizace: Uživatel

Fáze aktualizace: Instalovat

Zdrojová cesta:

Typ podpisu:

Typ aktualizace:

Uživatel: NT AUTHORITY\SYSTEM

Aktuální verze modulu:

Předchozí verze modulu:

Kód chyby: 0x80070652

Popis chyby: Momentálně je spuštěna jiná instalace. Před spuštěním nové instalace nejdříve dokončete spuštěnou instalaci.

Error: (06/04/2022 10:01:57 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Microsoft Antimalware zjistil chybu při pokusu o aktualizaci podpisů.

Nová verze podpisu:

Předchozí verze podpisu: 1.367.625.0

Zdroj aktualizace: Server Microsoft Update

Fáze aktualizace: Stahovat

Zdrojová cesta: http://www.microsoft.com

Typ podpisu: Antivirový program

Typ aktualizace: Úplné

Uživatel: NT AUTHORITY\SYSTEM

Aktuální verze modulu:

Předchozí verze modulu: 1.1.19200.6

Kód chyby: 0x80240016

Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Error: (06/04/2022 10:01:57 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Microsoft Antimalware zjistil chybu při pokusu o aktualizaci podpisů.

Nová verze podpisu:

Předchozí verze podpisu: 1.367.625.0

Zdroj aktualizace: Server Microsoft Update

Fáze aktualizace: Instalovat

Zdrojová cesta: http://www.microsoft.com

Typ podpisu: Antivirový program

Typ aktualizace: Úplné

Uživatel: NT AUTHORITY\SYSTEM

Aktuální verze modulu:

Předchozí verze modulu: 1.1.19200.6

Kód chyby: 0x80240016

Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Error: (06/04/2022 10:01:57 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Microsoft Antimalware zjistil chybu při pokusu o aktualizaci podpisů.

Nová verze podpisu:

Předchozí verze podpisu: 1.367.625.0

Zdroj aktualizace: Server Microsoft Update

Fáze aktualizace: Instalovat

Zdrojová cesta: http://www.microsoft.com

Typ podpisu: Antivirový program

Typ aktualizace: Úplné

Uživatel: NT AUTHORITY\SYSTEM

Aktuální verze modulu:

Předchozí verze modulu: 1.1.19200.6

Kód chyby: 0x80240016

Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Error: (06/04/2022 09:41:21 AM) (Source: sptd) (EventID: 4) (User: )
Description: Ovladač zjistil interní chybu ve vlastní struktuře dat u .

Error: (06/04/2022 09:41:21 AM) (Source: sptd) (EventID: 4) (User: )
Description: Ovladač zjistil interní chybu ve vlastní struktuře dat u .


Windows Defender:
================
Date: 2019-09-15 22:37:40.483
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=258086
Název:SoftwareBundler:Win32/Prepscram.BN!MTB
Závažnost:Vysoké
Kategorie:Software instalující další produkty
Nalezeno v cestě:file:C:\Users\zippy\AppData\Local\Temp\is-NVLBN.tmp\Upgrade.exe;file:C:\Users\zippy\AppData\Local\Temp\is-OU3J3.tmp\Upgrade.exe;process:pid:8068;process:pid:8424
Typ zjišťování:Konkrétní
Zdroj zjišťování:Ochrana v reálném čase
Stav:Neznámý
Uživatel:\
Název procesu:

Date: 2019-09-15 22:36:11.209
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=258086
Název:SoftwareBundler:Win32/Prepscram.BN!MTB
Závažnost:Vysoké
Kategorie:Software instalující další produkty
Nalezeno v cestě:file:C:\Users\zippy\AppData\Local\Temp\is-OU3J3.tmp\Upgrade.exe;process:pid:8068
Typ zjišťování:Konkrétní
Zdroj zjišťování:Ochrana v reálném čase
Stav:Neznámý
Uživatel:\
Název procesu:

Date: 2018-09-13 17:26:07.956
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{D1680C0C-1D51-46EF-B8D3-11BDD577E5EE}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2018-06-13 10:34:53.588
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{47BCAF38-9073-4E6D-843A-38C318428318}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE
Event[0]:

Date: 2019-09-15 22:38:01.820
Description:
Prohledávání Windows Defender zjistilo chybu při provádění akce u spywaru nebo jiného potenciálně nežádoucího softwaru.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=258086
Uživatel:zippy-PC\zippy
Název:SoftwareBundler:Win32/Prepscram.BN!MTB
Závažnost:Vysoké
Kategorie:Software instalující další produkty
Cesta:
Akce:Odebrat
Kód chyby:0x80508023
Popis chyby:Programu se nepodařilo najít spyware ani jiný potenciálně nežádoucí software v tomto počítači.
Stav:

Date: 2018-07-04 16:01:04.177
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.271.442.0
Předchozí verze podpisu:1.269.1075.0
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.15000.2
Předchozí verze modulu:1.1.14901.4
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2018-07-04 16:01:04.146
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.15000.2
Předchozí verze modulu:1.1.14901.4
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

==================== Memory info ===========================

BIOS: American Megatrends Inc. B400A.211 05/17/2013
Motherboard: ASUSTeK COMPUTER INC. B400A
Processor: Intel(R) Core(TM) i5-3317U CPU @ 1.70GHz
Percentage of memory in use: 88%
Total physical RAM: 3965.17 MB
Available physical RAM: 443.1 MB
Total Virtual: 7928.48 MB
Available Virtual: 2127.33 MB

==================== Drives ================================

Drive c: (SYSTEM) (Fixed) (Total:185.99 GB) (Free:38.72 GB) (Model: ATA Hitachi HTS54505 SCSI Disk Device) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (DATA) (Fixed) (Total:254.46 GB) (Free:53.32 GB) (Model: ATA Hitachi HTS54505 SCSI Disk Device) NTFS

\\?\Volume{ee4ca6e7-d578-48ac-a419-7eb7997dfeb2}\ (Recovery) (Fixed) (Total:25 GB) (Free:10.94 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 51BD08DA)

Partition: GPT.

==================== End of Addition.txt =======================

OK. Teď spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi