Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

DĚKUJI za kontrolu logů

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
608333700
Návštěvník
Návštěvník
Příspěvky: 3
Registrován: 08 pro 2022 11:16

DĚKUJI za kontrolu logů

#1 Příspěvek od 608333700 »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-12-2022
Ran by Roman MARTINI (administrator) on MI (Timi TM1703) (08-12-2022 09:59:54)
Running from C:\Users\Roman MARTINI\Desktop
Loaded Profiles: Roman MARTINI
Platform: Microsoft Windows 10 Home Version 22H2 19045.2311 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\Bitdefender Agent\ProductAgentService.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\26.0.1.233\DiscoverySrv.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (S.C. BITDEFENDER S.R.L. -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\wsccommunicator.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxEM.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <23>
(explorer.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2211.21001.0_x64__8wekyb3d8bbwe\MicrosoftSecurityApp\MicrosoftSecurityApp.exe
(explorer.exe ->) (Open-Shell) [File not signed] C:\Program Files\Open-Shell\StartMenu.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Seznam.cz, a.s. -> Seznam.cz) C:\Users\Roman MARTINI\AppData\Roaming\Seznam Browser\sznAgent\Seznam.cz.exe
(explorer.exe ->) (Timi Personal Computing Co.,Ltd -> Xiaomi Inc.) C:\Program Files\MI\OSD Utility\1.0.0.155\OSDUtility.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\redline\bdredline.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe <3>
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c2ac023763d5d3ad\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHeciSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Timi Personal Computing Co.,Ltd -> Xiaomi Inc.) C:\Program Files\MI\OSD Utility\1.0.0.155\OSDService.exe
(sihost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_22210.1401.10.0_x64__8wekyb3d8bbwe\WinStore.DesktopExtension\StoreDesktopExtension.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.BingWeather_4.53.43112.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.18.2691.0_x64__8wekyb3d8bbwe\WindowsPackageManagerServer.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_11.2209.11.0_x64__8wekyb3d8bbwe\Time.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_22210.1401.10.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.2300_none_7e14edbc7c88b7d5\TiWorker.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [On Screen Display Utility] => C:\Program Files\MI\OSD Utility\1.0.0.155\OSDUtility.exe [237336 2021-01-06] (Timi Personal Computing Co.,Ltd -> Xiaomi Inc.)
HKLM\...\Run: [Open-Shell Start Menu] => C:\Program Files\Open-Shell\StartMenu.exe [226816 2022-08-21] (Open-Shell) [File not signed]
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [989208 2022-12-06] (Bitdefender SRL -> Bitdefender)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9277528 2019-10-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506176 2019-10-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506176 2019-10-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION
HKU\S-1-5-21-2067734800-1198840614-835255823-1001 Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION
HKU\S-1-5-21-2067734800-1198840614-835255823-1001 Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2067734800-1198840614-835255823-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2626440 2022-12-08] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2067734800-1198840614-835255823-1001\...\Run: [sznAgent] => C:\Users\Roman MARTINI\AppData\Roaming\Seznam Browser\sznAgent\Seznam.cz.exe [168296 2022-12-02] (Seznam.cz, a.s. -> Seznam.cz)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\108.0.5359.99\Installer\chrmstp.exe [2022-12-07] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {154431D2-1A6C-43D0-89A6-5DA0D08C4943} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144256 2022-12-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {1BD0CCFB-7394-4794-8183-4507F13769F0} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144256 2022-12-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {45C90138-1636-4F23-884E-7270ED9526C0} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2067734800-1198840614-835255823-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4189064 2022-12-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {615CE633-D8A8-4243-98A4-03758D1DFE46} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\26.0.1.233\WatchDog.exe [1053264 2022-07-25] (Bitdefender SRL -> Bitdefender)
Task: {74B379C7-D44E-4895-B862-3D170795872B} - System32\Tasks\GoogleUpdateTaskMachineUA{A901F533-64D8-41AE-B17E-F6A325F685FB} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-12-03] (Google LLC -> Google LLC)
Task: {79696E90-F218-492C-8F5E-48C56E44D9BE} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26308528 2022-12-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {7D5332D3-6E58-47BF-BF51-9B867C974D9A} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4189064 2022-12-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {AFEA74C3-4925-4E71-8D6C-88985DC4B0DD} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [146816 2022-12-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {D7FF4379-D7F7-4619-9685-E19B3C7BAFD2} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26308528 2022-12-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {FFBE8E7D-F77A-4E65-AF6F-9D77C595A105} - System32\Tasks\GoogleUpdateTaskMachineCore{D47B306C-6A1F-4BD7-ACF5-63FA3D195B67} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-12-03] (Google LLC -> Google LLC)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5dcccead-1784-4779-84ed-838485763e64}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{cf4f61c2-bbf5-406c-9496-fc713daa1fa8}: [DhcpNameServer] 192.168.38.78

Edge:
=======
Edge Profile: C:\Users\Roman MARTINI\AppData\Local\Microsoft\Edge\User Data\Default [2022-12-06]
Edge HomePage: Default -> hxxps://www.google.com/
Edge StartupUrls: Default -> "hxxps://www.google.cz/","hxxps://www.google.com/"
Edge Extension: (Seznam doplněk - Email) - C:\Users\Roman MARTINI\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2022-12-05]
Edge Extension: (Checker Plus for Gmail™) - C:\Users\Roman MARTINI\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dkjkomkbjefdadfgbgdfgnpbmhmppiaa [2022-12-05]
Edge Extension: (Quick Pocket) - C:\Users\Roman MARTINI\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dmhjpaiejdcofhafnlnhlpnccngaeimg [2022-12-05]
Edge Extension: (Upravte a pošlete snímek obrazovky) - C:\Users\Roman MARTINI\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dnjgbabpedipbaghlhmcacpoehgpfoei [2022-12-05]
Edge Extension: (Gmail Notifier- gmail notification tool) - C:\Users\Roman MARTINI\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ealojglnbikknifbgleaceopepceakfn [2022-12-05]
Edge Extension: (Hodiny pro Google Chrome ™) - C:\Users\Roman MARTINI\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\eijfcjdmbjmpiioekgaiihgefagbagnk [2022-12-05]
Edge Extension: (Microsoft Automatické vyplňování) - C:\Users\Roman MARTINI\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fiedbfgcleddlbcmgdigjgdfcggjcion [2022-12-05]
Edge Extension: (Sticky Password - správce hesel) - C:\Users\Roman MARTINI\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jbipmfkjgjhibkepepeneigpkfeikikp [2022-12-05]
Edge Extension: (Save to Pocket) - C:\Users\Roman MARTINI\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jicacccodjjgmghnmekophahpmddeemd [2022-12-05]
Edge Extension: (Microsoft Outlook) - C:\Users\Roman MARTINI\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kkpalkknhlklpbflpcpkepmmbnmfailf [2022-12-05]
Edge Extension: (Full Screen for Google Tasks) - C:\Users\Roman MARTINI\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndbaejgcaecffnhlmdghchfehkflgfkj [2022-12-05]
Edge Extension: (Urban Free VPN Proxy) - C:\Users\Roman MARTINI\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nimlmejbmnecnaghgmbahmbaddhjbecg [2022-12-05]
Edge Extension: (Blokátor reklam AdGuard) - C:\Users\Roman MARTINI\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pdffkfellgipmhklpdmokmckkkfcopbh [2022-12-05]
Edge Extension: (Hlídač Shopů) - C:\Users\Roman MARTINI\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\plmlonggbfebcjelncogcnclagkmkikk [2022-12-05]
Edge HKLM-x32\...\Edge\Extension: [dbconhplchnbippmjabbcedokimacfjl]
Edge HKLM-x32\...\Edge\Extension: [pdhdldaneekjpoaldekpgomomeabpnek]

FireFox:
========
FF HKLM\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi [2022-12-06] [UpdateUrl:hxxps://download.bitdefender.com/windows/desktop/connect/wallet/updates.json ]
FF HKLM\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi
FF Extension: (Bitdefender Anti-tracker) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi [2022-12-06] [UpdateUrl:hxxps://download.bitdefender.com/windows/desktop/connect/antitracker/updates.json ]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext [2022-11-03] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF HKLM-x32\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-12-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-12-02] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\Roman MARTINI\AppData\Local\Google\Chrome\User Data\Default [2022-12-08]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR Extension: (Překladač Google) - C:\Users\Roman MARTINI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-12-03]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Roman MARTINI\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2022-12-07]
CHR Extension: (Blokátor reklam AdGuard) - C:\Users\Roman MARTINI\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2022-12-03]
CHR Extension: (Microsoft Automatické vyplňování) - C:\Users\Roman MARTINI\AppData\Local\Google\Chrome\User Data\Default\Extensions\fiedbfgcleddlbcmgdigjgdfcggjcion [2022-12-05]
CHR Extension: (AdGuard Extra) - C:\Users\Roman MARTINI\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkeojjjcdcopjkbelgbcpckplegclfeg [2022-12-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Roman MARTINI\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-12-03]
CHR Profile: C:\Users\Roman MARTINI\AppData\Local\Google\Chrome\User Data\System Profile [2022-12-07]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl]
CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [821784 2022-12-06] (Bitdefender SRL -> Bitdefender)
R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [821784 2022-12-06] (Bitdefender SRL -> Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2995792 2022-01-28] (Bitdefender SRL -> Bitdefender)
R2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [2454632 2022-02-10] (Bitdefender SRL -> Bitdefender)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12544456 2022-12-08] (Microsoft Corporation -> Microsoft Corporation)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2019-01-21] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.248.1127.0001\FileSyncHelper.exe [3478912 2022-12-08] (Microsoft Corporation -> Microsoft Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.248.1127.0001\OneDriveUpdaterService.exe [3845000 2022-12-08] (Microsoft Corporation -> Microsoft Corporation)
R2 OSDService; C:\Program Files\MI\OSD Utility\1.0.0.155\OSDService.exe [279320 2021-01-06] (Timi Personal Computing Co.,Ltd -> Xiaomi Inc.)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [789072 2022-07-25] (Bitdefender SRL -> Bitdefender)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [280088 2022-12-06] (Bitdefender SRL -> Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [821784 2022-12-06] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 adgnetworkwfpdrv; C:\Windows\System32\drivers\adgnetworkwfpdrv.sys [87592 2022-08-18] (Microsoft Windows Hardware Compatibility Publisher -> Adguard Software Ltd)
R1 atc; C:\Windows\System32\DRIVERS\atc.sys [5118384 2022-09-12] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 BdDci; C:\Windows\system32\DRIVERS\bddci.sys [798128 2022-09-29] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [22976 2020-12-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
R0 bdprivmon; C:\Windows\System32\DRIVERS\bdprivmon.sys [33208 2022-02-01] (Microsoft Windows Hardware Compatibility Publisher -> © Bitdefender SRL)
S3 bduefiscan; C:\Windows\system32\DRIVERS\bduefiscan.sys [55864 2021-07-08] (Bitdefender SRL -> Bitdefender)
R0 Gemma; C:\Windows\System32\DRIVERS\gemma.sys [1274296 2022-06-27] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender S.R.L. Bucharest, ROMANIA)
R2 Ignis; C:\Windows\system32\DRIVERS\ignis.sys [185312 2020-10-07] (Bitdefender SRL -> Bitdefender)
S3 kmloop; C:\Windows\system32\DRIVERS\loop.sys [17408 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R1 OSDServiceDaemon; C:\Program Files\MI\OSD Utility\1.0.0.155\Drivers\OSDServiceDaemon.sys [19496 2018-12-06] (北京田米科技有限公司 -> )
R3 RadioControl; C:\Windows\System32\drivers\RadioControl.sys [32800 2021-01-14] (Timi Personal Computing Co.,Ltd -> 北京田米科技有限公司)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [633264 2022-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R0 vlflt; C:\Windows\System32\DRIVERS\vlflt.sys [480184 2022-05-26] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
U1 avgbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-12-08 09:59 - 2022-12-08 10:00 - 000022972 _____ C:\Users\Roman MARTINI\Desktop\FRST.txt
2022-12-08 09:59 - 2022-12-08 10:00 - 000000000 ____D C:\FRST
2022-12-08 09:58 - 2022-12-08 09:58 - 002375680 _____ (Farbar) C:\Users\Roman MARTINI\Desktop\FRST64.exe
2022-12-08 09:56 - 2022-12-08 09:56 - 044077523 _____ C:\Users\Roman MARTINI\Downloads\ccsetup606.zip
2022-12-08 09:39 - 2022-12-08 09:39 - 000000000 ____T C:\Windows\system32\Elan_FP_Image_20221208_093930.txt
2022-12-08 08:44 - 2022-12-08 08:44 - 000000000 ____T C:\Windows\system32\Elan_FP_Image_20221208_084400.txt
2022-12-07 20:34 - 2022-12-07 20:34 - 000000000 ____T C:\Windows\system32\Elan_FP_Image_20221207_203400.txt
2022-12-07 20:11 - 2022-12-08 09:39 - 000000000 ___HD C:\Intel
2022-12-07 20:11 - 2022-12-07 20:11 - 000000000 ____T C:\Windows\system32\Elan_FP_Image_20221207_201105.txt
2022-12-07 20:06 - 2022-12-07 20:06 - 000001948 _____ C:\Users\Roman MARTINI\Desktop\PC Health Check.lnk
2022-12-07 20:06 - 2022-12-07 20:06 - 000001390 _____ C:\Users\Roman MARTINI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2022-12-07 20:06 - 2022-12-07 20:06 - 000000000 ___RD C:\Users\Roman MARTINI\AppData\Local\PCHealthCheck
2022-12-07 19:50 - 2022-12-07 19:50 - 000000000 ____T C:\Windows\system32\Elan_FP_Image_20221207_195038.txt
2022-12-07 19:45 - 2022-12-07 19:45 - 000000000 ____T C:\Windows\system32\Elan_FP_Image_20221207_194545.txt
2022-12-07 19:42 - 2022-12-07 19:42 - 000000000 ____T C:\Windows\system32\Elan_FP_Image_20221207_194234.txt
2022-12-07 19:38 - 2022-12-07 19:38 - 000000000 ____T C:\Windows\system32\Elan_FP_Image_20221207_193815.txt
2022-12-07 19:30 - 2022-12-07 19:30 - 000000000 ____D C:\Users\Roman MARTINI\AppData\Local\CEF
2022-12-07 19:29 - 2022-12-07 19:42 - 000000000 ____D C:\ProgramData\AVG
2022-12-07 19:27 - 2022-12-07 19:27 - 000000000 ____T C:\Windows\system32\Elan_FP_Image_20221207_192743.txt
2022-12-07 17:45 - 2022-12-07 17:45 - 000000000 ____T C:\Windows\system32\Elan_FP_Image_20221207_174533.txt
2022-12-07 13:39 - 2022-12-07 13:39 - 000000000 ____T C:\Windows\system32\Elan_FP_Image_20221207_133948.txt
2022-12-07 11:17 - 2022-12-07 11:17 - 000000000 ____T C:\Windows\system32\Elan_FP_Image_20221207_111721.txt
2022-12-07 10:59 - 2022-12-07 10:59 - 000000000 ____D C:\Users\Roman MARTINI\AppData\Local\mbam
2022-12-07 10:59 - 2022-12-07 10:59 - 000000000 ____D C:\Program Files\Malwarebytes
2022-12-07 10:55 - 2022-12-07 10:55 - 000000000 ____T C:\Windows\system32\Elan_FP_Image_20221207_105530.txt
2022-12-07 10:53 - 2022-12-07 10:53 - 000000000 ____D C:\Users\Roman MARTINI\AppData\Local\NPE
2022-12-07 10:53 - 2022-12-07 10:53 - 000000000 ____D C:\ProgramData\Norton
2022-12-07 07:07 - 2022-12-08 01:26 - 000000000 ____D C:\Users\Roman MARTINI\Downloads\2 GoogleDialerMod
2022-12-07 01:19 - 2022-12-08 01:44 - 000000000 ____D C:\Users\Roman MARTINI\Downloads\Realme Unlock Boot Loader
2022-12-07 01:07 - 2022-12-07 01:07 - 004565082 _____ C:\Users\Roman MARTINI\Downloads\deeptesting_RMX3300.apk
2022-12-07 01:07 - 2022-12-07 01:07 - 003058045 _____ C:\Users\Roman MARTINI\Downloads\deeptesting-global-rmx3301.zip
2022-12-07 01:02 - 2022-12-07 01:02 - 010799298 _____ C:\Users\Roman MARTINI\Downloads\com.android.incallui_13.6.25-13006025_minAPI30(nodpi)_apkmirror.com.apk
2022-12-07 00:56 - 2022-12-07 00:56 - 006860409 _____ C:\Users\Roman MARTINI\Downloads\com.android.incallui_12.203.4-12203004_minAPI30(arm64-v8a)(nodpi).apk
2022-12-06 23:31 - 2022-12-06 23:31 - 001725451 _____ C:\Users\Roman MARTINI\Downloads\BCR-1.25-release.zip
2022-12-06 23:30 - 2022-12-06 23:30 - 000000080 _____ C:\Users\Roman MARTINI\Downloads\BCR - GitHub.url
2022-12-06 10:56 - 2022-12-06 10:56 - 000000000 ____T C:\Windows\system32\Elan_FP_Image_20221206_105612.txt
2022-12-05 16:04 - 2022-12-05 16:04 - 000000094 _____ C:\Users\Roman MARTINI\Downloads\Releases · Magisk-Modules-Repo-callrecorder-skvalex.url
2022-12-05 15:24 - 2022-12-05 15:24 - 000000118 _____ C:\Users\Roman MARTINI\Downloads\(3) How To Guide - Nahrávání hovorů fungující v GT 2 pro (bez rootu) - Strana 2 - XDA fóra.url
2022-12-05 15:14 - 2022-12-06 02:21 - 000000000 ____D C:\G
2022-12-04 23:55 - 2022-12-05 00:40 - 000000000 ____D C:\Users\Roman MARTINI\Downloads\OnePlus
2022-12-04 23:55 - 2022-12-04 23:55 - 000000000 ____D C:\Users\Roman MARTINI\Downloads\Google
2022-12-04 19:56 - 2022-12-04 19:56 - 000000000 ____T C:\Windows\system32\Elan_FP_Image_20221204_195626.txt
2022-12-04 11:11 - 2022-12-04 11:11 - 000000123 _____ C:\Users\Roman MARTINI\Desktop\ALL SETEDIT CODE THAT YOU SHOULD TO TRY NOW!!.url
2022-12-04 02:51 - 2022-12-04 02:51 - 000000000 ____T C:\Windows\system32\Elan_FP_Image_20221204_025137.txt
2022-12-04 02:37 - 2022-12-04 02:37 - 000107696 _____ C:\ProgramData\vpn.uninstall.1670117825.bdinstall.v2.bin
2022-12-04 02:32 - 2022-12-04 02:32 - 000230084 _____ C:\ProgramData\vpn.1670117553.bdinstall.v2.bin
2022-12-04 02:31 - 2022-12-04 02:31 - 000000000 ____T C:\Windows\system32\Elan_FP_Image_20221204_023135.txt
2022-12-04 02:08 - 2022-12-07 06:45 - 000000000 ____D C:\Users\Roman MARTINI\Downloads\3
2022-12-04 00:54 - 2017-10-12 16:44 - 001730200 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2022-12-04 00:54 - 2017-10-12 16:44 - 001011352 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller2.dll
2022-12-03 23:23 - 2022-12-03 23:23 - 000000091 _____ C:\Users\Roman MARTINI\Desktop\How to set up call recording on Realmi in 2022 - RealmeHelp.com.url
2022-12-03 22:03 - 2022-12-03 22:03 - 000000000 ____D C:\Users\Roman MARTINI\Downloads\A
2022-12-03 20:29 - 2022-12-03 20:29 - 000000000 ____D C:\Users\Roman MARTINI\Downloads\Realme1
2022-12-03 20:24 - 2022-12-03 20:25 - 000000000 ____D C:\Users\Roman MARTINI\Downloads\OPO4
2022-12-03 20:22 - 2022-12-06 02:21 - 000000000 ____D C:\Users\Roman MARTINI\Downloads\OPO3
2022-12-03 19:57 - 2022-12-03 19:57 - 000000000 ____T C:\Windows\system32\Elan_FP_Image_20221203_195725.txt
2022-12-03 19:08 - 2022-12-03 19:08 - 000000000 ____D C:\Program Files\Easy Context Menu
2022-12-03 18:20 - 2022-12-03 18:20 - 000312407 _____ C:\Users\Roman MARTINI\Downloads\ALZA vrácení AVRA221098234.pdf
2022-12-03 16:15 - 2022-12-03 16:15 - 000000000 ____D C:\Users\Roman MARTINI\AppData\Local\Rufus
2022-12-03 14:29 - 2022-12-07 10:59 - 000000000 ____D C:\Users\Roman MARTINI\AppData\Roaming\AnyDesk
2022-12-03 14:29 - 2022-12-07 10:59 - 000000000 ____D C:\Program Files (x86)\AnyDesk
2022-12-03 12:47 - 2022-12-03 16:16 - 000000270 __RSH C:\ProgramData\ntuser.pol
2022-12-03 12:47 - 2022-12-03 12:47 - 000000000 ____T C:\Windows\system32\Elan_FP_Image_20221203_124737.txt
2022-12-03 12:35 - 2022-12-03 12:37 - 000000000 ____D C:\Users\Roman MARTINI\Downloads\Realme2 - CZ 4.5.19
2022-12-03 12:24 - 2022-12-03 12:24 - 000000000 ____D C:\Users\Roman MARTINI\Downloads\1
2022-12-03 12:10 - 2022-12-03 12:10 - 000000000 ____D C:\Users\Roman MARTINI\Downloads\OPO2 - EN
2022-12-03 12:10 - 2022-12-03 12:10 - 000000000 ____D C:\Users\Roman MARTINI\Downloads\OPO1 - CZ 4.5.59 220127
2022-12-03 09:58 - 2022-12-08 09:43 - 000000000 ____D C:\Program Files (x86)\Google
2022-12-03 09:58 - 2022-12-07 19:49 - 000002252 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-12-03 09:58 - 2022-12-07 19:49 - 000002211 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-12-03 09:58 - 2022-12-03 09:58 - 000003550 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{A901F533-64D8-41AE-B17E-F6A325F685FB}
2022-12-03 09:58 - 2022-12-03 09:58 - 000003426 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{D47B306C-6A1F-4BD7-ACF5-63FA3D195B67}
2022-12-03 09:58 - 2022-12-03 09:58 - 000000000 ____D C:\Program Files\Google
2022-12-03 08:37 - 2022-12-03 08:37 - 000000000 ____D C:\Users\Roman MARTINI\.android
2022-12-03 08:27 - 2022-12-03 08:27 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2022-12-03 08:24 - 2022-12-07 19:33 - 000001261 _____ C:\Users\Public\Desktop\Minimal ADB and Fastboot.lnk
2022-12-03 08:24 - 2022-12-04 00:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OPPOĘŰşóÇý¶ŻłĚĐň
2022-12-03 08:24 - 2022-12-03 08:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minimal ADB and Fastboot
2022-12-03 08:24 - 2022-12-03 08:24 - 000000000 ____D C:\Program Files\OPPO
2022-12-03 08:24 - 2022-12-03 08:24 - 000000000 ____D C:\Program Files (x86)\Minimal ADB and Fastboot
2022-12-03 06:19 - 2022-12-03 16:32 - 000000000 ___HD C:\OneDriveTemp
2022-12-02 19:00 - 2022-12-02 19:00 - 000000000 ____T C:\Windows\system32\Elan_FP_Image_20221202_190020.txt
2022-12-02 18:52 - 2022-12-02 18:52 - 000000000 ____T C:\Windows\system32\Elan_FP_Image_20221202_185205.txt
2022-12-02 18:49 - 2022-12-08 09:39 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2022-12-02 18:48 - 2022-12-02 18:48 - 000000000 ____T C:\Windows\system32\Elan_FP_Image_20221202_184834.txt
2022-12-02 18:43 - 2022-12-08 08:45 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2022-12-02 18:43 - 2022-12-08 08:45 - 000002135 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-12-02 18:43 - 2022-12-02 18:43 - 000000000 ___RD C:\Users\Default\OneDrive
2022-12-02 18:43 - 2022-12-02 18:43 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2022-12-02 18:43 - 2022-12-02 18:41 - 000002516 _____ C:\Users\Roman MARTINI\Desktop\Word.lnk
2022-12-02 18:43 - 2022-12-02 18:41 - 000002488 _____ C:\Users\Roman MARTINI\Desktop\Excel.lnk
2022-12-02 18:41 - 2022-12-02 18:41 - 000002522 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2022-12-02 18:41 - 2022-12-02 18:41 - 000002516 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2022-12-02 18:41 - 2022-12-02 18:41 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2022-12-02 18:41 - 2022-12-02 18:41 - 000002488 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2022-12-02 18:41 - 2022-12-02 18:41 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2022-12-02 18:41 - 2022-12-02 18:41 - 000002414 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2022-12-02 18:41 - 2022-12-02 18:41 - 000002410 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2022-12-02 18:41 - 2022-12-02 18:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2022-12-02 18:39 - 2022-12-08 01:18 - 000000000 ____D C:\Program Files\Microsoft Office
2022-12-02 18:39 - 2022-12-02 18:39 - 000000000 ____D C:\Program Files\Microsoft Office 15
2022-12-02 18:30 - 2022-12-02 18:30 - 000000000 ____T C:\Windows\system32\Elan_FP_Image_20221202_183032.txt
2022-12-02 18:05 - 2022-12-02 18:05 - 000000000 ____T C:\Windows\system32\Elan_FP_Image_20221202_180500.txt
2022-12-02 17:57 - 2022-12-08 09:44 - 000000000 ___RD C:\OneDrive
2022-12-02 17:37 - 2022-12-02 17:37 - 000000000 ____T C:\Windows\system32\Elan_FP_Image_20221202_173746.txt
2022-12-02 17:33 - 2022-12-02 17:33 - 000297472 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2022-12-02 17:33 - 2022-12-02 17:33 - 000012261 _____ C:\Windows\system32\DrtmAuthTxt.wim
2022-12-02 17:24 - 2022-12-02 17:24 - 000000000 ___HD C:\$WinREAgent
2022-12-02 17:22 - 2022-12-02 17:22 - 000000000 ____D C:\Windows\Firmware
2022-12-02 17:22 - 2022-12-02 17:22 - 000000000 ____D C:\Program Files\Intel
2022-12-02 17:19 - 2022-12-02 17:19 - 000000000 ____D C:\Users\Roman MARTINI\AppData\Roaming\COWON
2022-12-02 17:16 - 2022-12-02 17:16 - 000000000 ____T C:\Windows\system32\Elan_FP_Image_20221202_171620.txt
2022-12-02 17:14 - 2022-12-02 17:14 - 000000102 _____ C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc
2022-12-02 17:14 - 2022-12-02 17:14 - 000000000 ____D C:\ProgramData\Dolby
2022-12-02 17:14 - 2022-12-02 17:14 - 000000000 ____D C:\Program Files\Dolby
2022-12-02 17:14 - 2022-12-02 17:14 - 000000000 ____D C:\Program Files (x86)\Realtek
2022-12-02 17:12 - 2022-12-08 09:39 - 000000000 ____D C:\ProgramData\NVIDIA
2022-12-02 17:12 - 2022-12-02 21:08 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-12-02 17:12 - 2022-12-02 17:12 - 000000000 ____T C:\Windows\system32\Elan_FP_Image_20221202_171247.txt
2022-12-02 17:12 - 2022-12-02 17:12 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WbfUsbDriver_01_11_00.Wdf
2022-12-02 17:12 - 2022-12-02 17:12 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2022-12-02 17:12 - 2022-12-02 17:12 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-12-02 17:12 - 2022-12-02 17:12 - 000000000 ____D C:\Program Files\ElanFP
2022-12-02 17:12 - 2022-12-02 17:12 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2022-12-02 17:12 - 2019-08-28 12:11 - 005435192 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2022-12-02 17:12 - 2019-08-28 12:11 - 002639160 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2022-12-02 17:12 - 2019-08-28 12:11 - 001767464 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2022-12-02 17:12 - 2019-08-28 12:11 - 000650608 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2022-12-02 17:12 - 2019-08-28 12:11 - 000450872 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2022-12-02 17:12 - 2019-08-28 12:11 - 000124784 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2022-12-02 17:12 - 2019-08-28 12:11 - 000083440 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2022-12-02 17:12 - 2019-08-24 20:23 - 008691082 _____ C:\Windows\system32\nvcoproc.bin
2022-12-02 17:12 - 2019-06-03 11:11 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2022-12-02 17:11 - 2022-12-02 20:58 - 000000000 ____D C:\Users\Roman MARTINI\AppData\Local\SumatraPDF
2022-12-02 17:11 - 2019-09-12 05:55 - 011059080 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2022-12-02 17:11 - 2019-09-12 05:55 - 009492688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2022-12-02 17:11 - 2019-09-12 05:55 - 000676800 _____ C:\Windows\system32\nvofapi64.dll
2022-12-02 17:11 - 2019-09-12 05:54 - 005425408 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2022-12-02 17:11 - 2019-09-12 05:54 - 002041792 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2022-12-02 17:11 - 2019-09-12 05:54 - 001721792 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6443187.dll
2022-12-02 17:11 - 2019-09-12 05:54 - 001543888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2022-12-02 17:11 - 2019-09-12 05:54 - 001472392 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2022-12-02 17:11 - 2019-09-12 05:54 - 001468296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6443187.dll
2022-12-02 17:11 - 2019-09-12 05:54 - 001163984 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2022-12-02 17:11 - 2019-09-12 05:54 - 001135816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2022-12-02 17:11 - 2019-09-12 05:54 - 000914120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2022-12-02 17:11 - 2019-09-12 05:54 - 000633544 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2022-12-02 17:11 - 2019-09-12 05:54 - 000543680 _____ C:\Windows\SysWOW64\nvofapi.dll
2022-12-02 17:11 - 2019-09-12 05:54 - 000524168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2022-12-02 17:11 - 2019-09-12 05:53 - 040411904 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2022-12-02 17:11 - 2019-09-12 05:53 - 035269568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2022-12-02 17:11 - 2019-09-12 05:53 - 020194696 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2022-12-02 17:11 - 2019-09-12 05:53 - 017471176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2022-12-02 17:11 - 2019-09-12 05:53 - 004767944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2022-12-02 17:11 - 2019-09-12 05:52 - 005088560 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2022-12-02 17:11 - 2019-09-12 05:52 - 004343736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2022-12-02 17:11 - 2019-09-12 05:37 - 000052612 _____ C:\Windows\system32\nvinfo.pb
2022-12-02 17:11 - 2019-05-09 19:49 - 000185232 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaLPSS2_I2C.sys
2022-12-02 17:11 - 2019-05-09 19:49 - 000095632 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaLPSS2_GPIO2.sys
2022-12-02 17:09 - 2022-12-08 09:38 - 000000000 ____D C:\Users\Roman MARTINI\AppData\Local\OpenShell
2022-12-02 17:09 - 2022-12-02 17:09 - 000000318 _____ C:\Windows\system32\httpproxy.json
2022-12-02 17:09 - 2022-12-02 17:09 - 000000027 _____ C:\Windows\system32\ctc.json
2022-12-02 17:09 - 2022-12-02 16:59 - 000002068 _____ C:\Users\Roman MARTINI\AppData\Roaming\Microsoft\Windows\Start Menu\startscreen.lnk
2022-12-02 17:08 - 2022-12-02 17:08 - 000001890 _____ C:\Users\Public\Desktop\jetAudio.lnk
2022-12-02 17:08 - 2022-12-02 17:08 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2022-12-02 17:08 - 2022-12-02 17:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jetAudio
2022-12-02 17:08 - 2022-12-02 17:08 - 000000000 ____D C:\Program Files (x86)\JetAudio
2022-12-02 17:07 - 2022-12-02 17:08 - 000000000 ____D C:\Program Files\IrfanView
2022-12-02 17:07 - 2022-12-02 17:07 - 000688128 _____ C:\Windows\system32\FsNVSDeviceSource.dll
2022-12-02 17:07 - 2022-12-02 17:07 - 000073216 _____ C:\Windows\system32\nettraceex.dll
2022-12-02 17:07 - 2022-12-02 17:07 - 000001917 _____ C:\Users\Roman MARTINI\Desktop\IrfanView 64 Thumbnails.lnk
2022-12-02 17:07 - 2022-12-02 17:07 - 000001043 _____ C:\Users\Roman MARTINI\Desktop\IrfanView 64.lnk
2022-12-02 17:07 - 2022-12-02 17:07 - 000000000 ____D C:\Users\Roman MARTINI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2022-12-02 17:07 - 2022-12-02 17:07 - 000000000 ____D C:\Users\Roman MARTINI\AppData\Roaming\IrfanView
2022-12-02 17:06 - 2022-12-02 17:06 - 002260480 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2022-12-02 17:06 - 2022-12-02 17:06 - 001333760 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll
2022-12-02 17:06 - 2022-12-02 17:06 - 000060928 _____ C:\Windows\system32\runexehelper.exe
2022-12-02 17:06 - 2022-12-02 17:06 - 000048640 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2022-12-02 17:06 - 2022-12-02 17:06 - 000039936 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2022-12-02 17:06 - 2022-12-02 17:06 - 000001938 _____ C:\ProgramData\Microsoft\Windows\Start Menu\SumatraPDF.lnk
2022-12-02 17:06 - 2022-12-02 17:06 - 000001932 _____ C:\Users\Public\Desktop\SumatraPDF.lnk
2022-12-02 17:06 - 2022-12-02 17:06 - 000000000 ____D C:\Program Files\SumatraPDF
2022-12-02 17:04 - 2022-12-07 20:29 - 000001976 _____ C:\Users\Roman MARTINI\Desktop\Seznam.cz.lnk
2022-12-02 17:04 - 2022-12-02 17:07 - 000000000 ____D C:\Users\Roman MARTINI\AppData\Local\Seznam.cz
2022-12-02 17:04 - 2022-12-02 17:04 - 000001033 _____ C:\Users\Roman MARTINI\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.lnk
2022-12-02 17:03 - 2022-12-02 17:03 - 000636860 _____ C:\ProgramData\cl.1669996805.bdinstall.v2.bin
2022-12-02 17:03 - 2022-12-02 17:03 - 000113296 _____ C:\ProgramData\cl.kit.1669996803.bdinstall.v2.bin
2022-12-02 17:03 - 2022-12-02 17:03 - 000000000 ____D C:\ProgramData\48C4687D-9760-4F5B-BAB3-60351B0841E4
2022-12-02 17:02 - 2022-12-07 10:59 - 000000000 ____D C:\Users\Roman MARTINI\AppData\Roaming\Seznam Browser
2022-12-02 17:02 - 2022-12-02 17:02 - 000000000 ____D C:\Users\Roman MARTINI\AppData\Local\Comms
2022-12-02 17:01 - 2022-12-02 17:01 - 000002338 _____ C:\Users\Public\Desktop\Bitdefender.lnk
2022-12-02 17:01 - 2022-12-02 17:01 - 000000000 ____D C:\Windows\system32\elambkup
2022-12-02 17:01 - 2022-12-02 17:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Security
2022-12-02 17:01 - 2022-12-02 17:01 - 000000000 ____D C:\ProgramData\Gemma
2022-12-02 17:01 - 2022-12-02 17:01 - 000000000 ____D C:\ProgramData\BDLogging
2022-12-02 17:01 - 2022-12-02 17:01 - 000000000 ____D C:\ProgramData\Atc
2022-12-02 17:01 - 2022-09-29 12:18 - 000798128 _____ (Bitdefender) C:\Windows\system32\Drivers\bddci.sys
2022-12-02 17:01 - 2022-09-12 13:21 - 005118384 _____ (Bitdefender S.R.L. Bucharest, ROMANIA) C:\Windows\system32\Drivers\atc.sys
2022-12-02 17:01 - 2022-08-18 03:22 - 000087592 _____ (Adguard Software Ltd) C:\Windows\system32\Drivers\adgnetworkwfpdrv.sys
2022-12-02 17:01 - 2022-06-27 06:58 - 001274296 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\Windows\system32\Drivers\gemma.sys
2022-12-02 17:01 - 2022-02-01 05:13 - 000033208 _____ (© Bitdefender SRL) C:\Windows\system32\Drivers\bdprivmon.sys
2022-12-02 17:01 - 2021-07-08 23:36 - 000055864 _____ (Bitdefender) C:\Windows\system32\Drivers\bduefiscan.sys
2022-12-02 17:01 - 2020-12-18 00:33 - 000022976 _____ (Bitdefender) C:\Windows\system32\Drivers\bdelam.sys
2022-12-02 17:00 - 2022-12-08 09:43 - 000000000 __SHD C:\Users\Roman MARTINI\IntelGraphicsProfiles
2022-12-02 17:00 - 2022-12-07 08:26 - 000000000 ____D C:\ProgramData\Adguard
2022-12-02 17:00 - 2022-12-04 19:56 - 000000000 ____D C:\Program Files\Bitdefender
2022-12-02 17:00 - 2022-12-03 10:05 - 000000000 ____D C:\Users\Roman MARTINI\AppData\Local\Google
2022-12-02 17:00 - 2022-12-02 17:31 - 000000000 ____D C:\ProgramData\Bitdefender
2022-12-02 17:00 - 2022-12-02 17:16 - 000000000 ____D C:\ProgramData\Intel
2022-12-02 17:00 - 2022-12-02 17:00 - 000003846 _____ C:\Windows\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2022-12-02 17:00 - 2022-12-02 17:00 - 000000000 ____D C:\Users\Roman MARTINI\AppData\Roaming\Bitdefender
2022-12-02 17:00 - 2022-12-02 17:00 - 000000000 ____D C:\Users\Roman MARTINI\AppData\LocalLow\Intel
2022-12-02 17:00 - 2022-12-02 17:00 - 000000000 ____D C:\Program Files\Common Files\Bitdefender
2022-12-02 17:00 - 2022-12-02 17:00 - 000000000 _____ C:\Windows\system32\GfxValDisplayLog.bin
2022-12-02 17:00 - 2022-05-26 03:20 - 000480184 _____ (Bitdefender) C:\Windows\system32\Drivers\vlflt.sys
2022-12-02 17:00 - 2022-04-16 14:09 - 000633264 _____ (Bitdefender) C:\Windows\system32\Drivers\trufos.sys
2022-12-02 17:00 - 2020-10-07 09:30 - 000185312 _____ (Bitdefender) C:\Windows\system32\Drivers\ignis.sys
2022-12-02 16:59 - 2022-12-02 16:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Open-Shell
2022-12-02 16:59 - 2022-12-02 16:59 - 000000000 ____D C:\Program Files\Open-Shell
2022-12-02 16:58 - 2022-12-08 09:57 - 000000000 ____D C:\Users\Roman MARTINI\AppData\Local\PlaceholderTileLogoFolder
2022-12-02 16:58 - 2022-12-02 16:58 - 000157820 _____ C:\ProgramData\agent.1669996715.bdinstall.v2.bin
2022-12-02 16:58 - 2022-12-02 16:58 - 000000000 ____D C:\Users\Roman MARTINI\AppData\Local\Bitdefender
2022-12-02 16:58 - 2022-12-02 16:58 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2022-12-02 16:58 - 2022-12-02 16:58 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-12-02 16:58 - 2022-12-02 16:58 - 000000000 ____D C:\Program Files\Bitdefender Agent
2022-12-02 16:58 - 2022-08-16 01:00 - 000514552 _____ (Intel) C:\Windows\system32\libvpl.dll
2022-12-02 16:58 - 2022-08-16 01:00 - 000455176 _____ (Intel) C:\Windows\SysWOW64\libvpl.dll
2022-12-02 16:58 - 2022-08-16 00:59 - 000948464 _____ (Intel Corporation) C:\Windows\system32\libmfxhw64.dll
2022-12-02 16:58 - 2022-08-16 00:59 - 000709280 _____ (Intel Corporation) C:\Windows\SysWOW64\libmfxhw32.dll
2022-12-02 16:58 - 2022-08-16 00:59 - 000594184 _____ (Intel Corporation) C:\Windows\system32\intel_gfx_api-x64.dll
2022-12-02 16:58 - 2022-08-16 00:59 - 000454448 _____ (Intel Corporation) C:\Windows\SysWOW64\intel_gfx_api-x86.dll
2022-12-02 16:58 - 2022-08-16 00:58 - 027948464 _____ (Intel Corporation) C:\Windows\system32\mfxplugin64_hw.dll
2022-12-02 16:58 - 2022-08-16 00:58 - 020672432 _____ (Intel Corporation) C:\Windows\SysWOW64\mfxplugin32_hw.dll
2022-12-02 16:58 - 2022-08-16 00:58 - 001969712 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2022-12-02 16:58 - 2022-08-16 00:58 - 001969712 _____ C:\Windows\system32\vulkaninfo.exe
2022-12-02 16:58 - 2022-08-16 00:58 - 001526320 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-12-02 16:58 - 2022-08-16 00:58 - 001526320 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2022-12-02 16:58 - 2022-08-16 00:58 - 001432304 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2022-12-02 16:58 - 2022-08-16 00:58 - 001432304 _____ C:\Windows\system32\vulkan-1.dll
2022-12-02 16:58 - 2022-08-16 00:58 - 001145584 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2022-12-02 16:58 - 2022-08-16 00:58 - 001145584 _____ C:\Windows\SysWOW64\vulkan-1.dll
2022-12-02 16:58 - 2022-08-16 00:58 - 000500144 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2022-12-02 16:58 - 2022-08-16 00:58 - 000477096 _____ C:\Windows\system32\ze_tracing_layer.dll
2022-12-02 16:58 - 2022-08-16 00:58 - 000382888 _____ C:\Windows\system32\ze_loader.dll
2022-12-02 16:58 - 2022-08-16 00:58 - 000362928 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2022-12-02 16:58 - 2022-08-16 00:58 - 000143784 _____ C:\Windows\system32\ze_validation_layer.dll
2022-12-02 16:57 - 2022-12-08 01:12 - 000000000 ____D C:\Users\Roman MARTINI\AppData\Local\D3DSCache
2022-12-02 16:57 - 2022-12-02 17:14 - 000000000 ____D C:\Windows\system32\DAX2
2022-12-02 16:57 - 2022-12-02 17:14 - 000000000 _____ C:\Windows\system32\fpfftResultsFile.txt
2022-12-02 16:57 - 2022-12-02 17:13 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2022-12-02 16:57 - 2022-12-02 16:57 - 000000000 ____H C:\ProgramData\DP45977C.lfl
2022-12-02 16:57 - 2022-12-02 16:57 - 000000000 ____D C:\Windows\system32\DAX3
2022-12-02 16:57 - 2022-12-02 16:57 - 000000000 ____D C:\Program Files\Realtek
2022-12-02 16:56 - 2019-10-21 01:50 - 000023584 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2022-12-02 16:56 - 2019-02-20 23:43 - 005804772 _____ C:\Windows\system32\Drivers\rtvienna.dat
2022-12-02 16:55 - 2022-12-02 16:56 - 000000000 ____D C:\Windows\system32\MRT
2022-12-02 16:55 - 2022-12-02 16:55 - 000000000 ____D C:\Users\Roman MARTINI\AppData\Local\OneDrive
2022-12-02 16:55 - 2022-12-02 16:55 - 000000000 ____D C:\ProgramData\Timi Personal Computing
2022-12-02 16:55 - 2022-12-02 16:55 - 000000000 ____D C:\ProgramData\MI
2022-12-02 16:55 - 2022-12-02 16:55 - 000000000 ____D C:\Program Files\MI
2022-12-02 16:54 - 2022-12-08 08:45 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2067734800-1198840614-835255823-1001
2022-12-02 16:54 - 2022-12-02 16:54 - 000000000 ___RD C:\Users\Roman MARTINI\OneDrive
2022-12-02 16:48 - 2022-12-07 10:46 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2022-12-02 16:48 - 2022-12-02 16:48 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2022-12-02 16:47 - 2022-12-08 09:57 - 000000000 ____D C:\Users\Roman MARTINI\AppData\Local\Packages
2022-12-02 16:47 - 2022-12-08 09:57 - 000000000 ____D C:\ProgramData\Packages
2022-12-02 16:47 - 2022-12-07 20:01 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-12-02 16:47 - 2022-12-03 08:37 - 000000000 ____D C:\Users\Roman MARTINI
2022-12-02 16:47 - 2022-12-02 18:44 - 000000000 ____D C:\Users\Roman MARTINI\AppData\Local\ConnectedDevicesPlatform
2022-12-02 16:47 - 2022-12-02 17:02 - 000000000 ____D C:\Users\Roman MARTINI\AppData\Local\Publishers
2022-12-02 16:47 - 2022-12-02 16:47 - 000000020 ___SH C:\Users\Roman MARTINI\ntuser.ini
2022-12-02 16:47 - 2022-12-02 16:47 - 000000000 _SHDL C:\Users\Roman MARTINI\Šablony
2022-12-02 16:47 - 2022-12-02 16:47 - 000000000 _SHDL C:\Users\Roman MARTINI\Soubory cookie
2022-12-02 16:47 - 2022-12-02 16:47 - 000000000 _SHDL C:\Users\Roman MARTINI\Poslední
2022-12-02 16:47 - 2022-12-02 16:47 - 000000000 _SHDL C:\Users\Roman MARTINI\Okolní tiskárny
2022-12-02 16:47 - 2022-12-02 16:47 - 000000000 _SHDL C:\Users\Roman MARTINI\Okolní síť
2022-12-02 16:47 - 2022-12-02 16:47 - 000000000 _SHDL C:\Users\Roman MARTINI\Nabídka Start
2022-12-02 16:47 - 2022-12-02 16:47 - 000000000 _SHDL C:\Users\Roman MARTINI\Dokumenty
2022-12-02 16:47 - 2022-12-02 16:47 - 000000000 _SHDL C:\Users\Roman MARTINI\Documents\Obrázky
2022-12-02 16:47 - 2022-12-02 16:47 - 000000000 _SHDL C:\Users\Roman MARTINI\Documents\Hudba
2022-12-02 16:47 - 2022-12-02 16:47 - 000000000 _SHDL C:\Users\Roman MARTINI\Documents\Filmy
2022-12-02 16:47 - 2022-12-02 16:47 - 000000000 _SHDL C:\Users\Roman MARTINI\Data aplikací
2022-12-02 16:47 - 2022-12-02 16:47 - 000000000 _SHDL C:\Users\Roman MARTINI\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2022-12-02 16:47 - 2022-12-02 16:47 - 000000000 _SHDL C:\Users\Roman MARTINI\AppData\Local\Data aplikací
2022-12-02 16:47 - 2022-12-02 16:47 - 000000000 ___RD C:\Users\Roman MARTINI\3D Objects
2022-12-02 16:47 - 2022-12-02 16:47 - 000000000 ____D C:\Users\Roman MARTINI\AppData\Roaming\Adobe
2022-12-02 16:47 - 2022-12-02 16:47 - 000000000 ____D C:\Users\Roman MARTINI\AppData\Local\VirtualStore
2022-12-02 16:43 - 2022-12-02 16:43 - 000000000 _SHDL C:\Users\Public\Documents\Obrázky
2022-12-02 16:43 - 2022-12-02 16:43 - 000000000 _SHDL C:\Users\Public\Documents\Hudba
2022-12-02 16:43 - 2022-12-02 16:43 - 000000000 _SHDL C:\Users\Public\Documents\Filmy
2022-12-02 16:43 - 2022-12-02 16:43 - 000000000 _SHDL C:\Users\Default\Šablony
2022-12-02 16:43 - 2022-12-02 16:43 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2022-12-02 16:43 - 2022-12-02 16:43 - 000000000 _SHDL C:\Users\Default\Poslední
2022-12-02 16:43 - 2022-12-02 16:43 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2022-12-02 16:43 - 2022-12-02 16:43 - 000000000 _SHDL C:\Users\Default\Okolní síť
2022-12-02 16:43 - 2022-12-02 16:43 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2022-12-02 16:43 - 2022-12-02 16:43 - 000000000 _SHDL C:\Users\Default\Dokumenty
2022-12-02 16:43 - 2022-12-02 16:43 - 000000000 _SHDL C:\Users\Default\Documents\Obrázky
2022-12-02 16:43 - 2022-12-02 16:43 - 000000000 _SHDL C:\Users\Default\Documents\Hudba
2022-12-02 16:43 - 2022-12-02 16:43 - 000000000 _SHDL C:\Users\Default\Documents\Filmy
2022-12-02 16:43 - 2022-12-02 16:43 - 000000000 _SHDL C:\Users\Default\Data aplikací
2022-12-02 16:43 - 2022-12-02 16:43 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2022-12-02 16:43 - 2022-12-02 16:43 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2022-12-02 16:43 - 2022-12-02 16:43 - 000000000 _SHDL C:\ProgramData\Šablony
2022-12-02 16:43 - 2022-12-02 16:43 - 000000000 _SHDL C:\ProgramData\Plocha
2022-12-02 16:43 - 2022-12-02 16:43 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2022-12-02 16:43 - 2022-12-02 16:43 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2022-12-02 16:43 - 2022-12-02 16:43 - 000000000 _SHDL C:\ProgramData\Dokumenty
2022-12-02 16:43 - 2022-12-02 16:43 - 000000000 _SHDL C:\ProgramData\Data aplikací
2022-12-02 16:43 - 2022-12-02 16:43 - 000000000 _SHDL C:\Documents and Settings
2022-12-02 16:41 - 2022-12-08 09:39 - 000008192 ___SH C:\DumpStack.log.tmp
2022-12-02 16:41 - 2022-12-08 09:39 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-12-02 16:41 - 2022-12-08 09:10 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-12-02 16:41 - 2022-12-07 16:40 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-12-02 16:41 - 2022-12-05 19:17 - 000003568 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-12-02 16:41 - 2022-12-05 19:17 - 000003344 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-12-02 16:41 - 2022-12-04 21:54 - 000000000 ____D C:\Windows\Panther
2022-12-02 16:41 - 2022-12-02 18:48 - 000438944 _____ C:\Windows\system32\FNTCACHE.DAT
2022-12-02 16:41 - 2022-12-02 16:41 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2022-12-02 16:41 - 2022-12-02 16:41 - 000000000 ____D C:\Windows\system32\Drivers\wd
2022-12-02 16:41 - 2022-12-02 16:41 - 000000000 ____D C:\Windows\ServiceProfiles

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-12-08 09:57 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-12-08 09:57 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2022-12-08 09:57 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-12-08 09:44 - 2019-12-07 10:03 - 000065536 _____ C:\Windows\system32\config\ELAM
2022-12-08 09:39 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2022-12-08 09:39 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2022-12-08 09:38 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2022-12-07 19:44 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2022-12-07 10:46 - 2019-12-07 15:41 - 000683426 _____ C:\Windows\system32\perfh005.dat
2022-12-07 10:46 - 2019-12-07 15:41 - 000137206 _____ C:\Windows\system32\perfc005.dat
2022-12-07 10:46 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2022-12-03 15:44 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2022-12-03 12:46 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2022-12-03 12:46 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2022-12-03 06:07 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2022-12-03 06:01 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2022-12-03 05:35 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\appcompat
2022-12-02 18:43 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-12-02 17:36 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\UNP
2022-12-02 17:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2022-12-02 17:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2022-12-02 17:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2022-12-02 17:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2022-12-02 17:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2022-12-02 17:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-12-02 17:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemApps
2022-12-02 17:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2022-12-02 17:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lv-LV
2022-12-02 17:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lt-LT
2022-12-02 17:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\et-EE
2022-12-02 17:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\es-MX
2022-12-02 17:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2022-12-02 17:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Provisioning
2022-12-02 17:36 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2022-12-02 17:22 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Drivers\DriverData
2022-12-02 17:15 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2022-12-02 17:15 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2022-12-02 17:15 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2022-12-02 17:14 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2022-12-02 17:14 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2022-12-02 17:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2022-12-02 17:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Help
2022-12-02 17:11 - 2019-12-07 15:43 - 000000000 ____D C:\Windows\OCR
2022-12-02 17:10 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\servicing
2022-12-02 16:53 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\PrintDialog
2022-12-02 16:47 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate
2022-12-02 16:45 - 2019-12-07 15:42 - 000000000 ____D C:\Windows\system32\FxsTmp
2022-12-02 16:45 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\spool
2022-12-02 16:43 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows NT
2022-12-02 16:41 - 2019-12-07 10:14 - 000028672 _____ C:\Windows\system32\config\BCD-Template

==================== Files in the root of some directories ========

2022-06-28 09:16 - 2022-06-28 09:16 - 000000270 _____ () C:\ProgramData\fontcacheev1.dat

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================



Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-12-2022
Ran by Roman MARTINI (08-12-2022 10:00:58)
Running from C:\Users\Roman MARTINI\Desktop
Microsoft Windows 10 Home Version 22H2 19045.2311 (X64) (2022-12-02 15:43:19)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2067734800-1198840614-835255823-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2067734800-1198840614-835255823-503 - Limited - Disabled)
Guest (S-1-5-21-2067734800-1198840614-835255823-501 - Limited - Disabled)
Roman MARTINI (S-1-5-21-2067734800-1198840614-835255823-1001 - Administrator - Enabled) => C:\Users\Roman MARTINI
WDAGUtilityAccount (S-1-5-21-2067734800-1198840614-835255823-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Antivirus (Enabled - Up to date) {840E1EB8-082E-3D95-EAAA-FD11CF357A26}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {BC359F9D-4241-3CCD-C1F5-542431E63D5D}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 26.0.1.233 - Bitdefender)
Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 26.0.30.102 - Bitdefender)
Dolby Audio X2 Windows API SDK (HKLM\...\{F290F786-5F69-48D4-B20B-D21C7DE56EF0}) (Version: 0.8.8.88 - Dolby Laboratories, Inc.)
ELAN FingerPrinter 1.23.5.1101_X64_WHQL (HKLM\...\ElanFP) (Version: 1.23.5.1101 - ELAN Microelectronic Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 108.0.5359.99 - Google LLC)
IrfanView 4.60 (64-bit) (HKLM\...\IrfanView64) (Version: 4.60 - Irfan Skiljan)
jetAudio 8.1.x Czech Language Pack (HKLM-x32\...\jetAudio 8.1.x Czech Language Pack) (Version: - )
jetAudio Basic (HKLM-x32\...\{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}) (Version: 8.1.0 - COWON)
Kontrola stavu osobního počítače s Windows (HKLM\...\{95548B78-8547-4E91-B0DA-1CBB82150917}) (Version: 3.7.2204.15001 - Microsoft Corporation)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.15831.20190 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 108.0.1462.42 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 107.0.1418.62 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.248.1127.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{80F1AF52-7AC0-42A3-9AF0-689BFB271D1D}) (Version: 3.68.0.0 - Microsoft Corporation)
Minimal ADB and Fastboot version 1.4.3 (HKLM-x32\...\{B561660D-8B3C-491D-9E3E-293F14FCAADA}_is1) (Version: 1.4.3 - Samuel Rodberg)
NVIDIA Ovladače grafiky 431.87 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 431.87 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15831.20184 - Microsoft Corporation) Hidden
On Screen Display Utility (HKLM\...\OSD Utility) (Version: 1.0.0.155 - Xiaomi Inc.)
Open-Shell (HKLM\...\{D409C74C-5665-4D30-B7F3-C0E8DB2E6DE1}) (Version: 4.4.175 - The Open-Shell Team)
OPPO售后驱动程序 2.0.1 (HKLM\...\{F9CA1F0B-D4A8-41C5-99AD-D39FFA50B09B}_is1) (Version: 2.0.1.1 - 广东欧珀移动通信有限公司)
Prohlížeč Seznam.cz (HKU\S-1-5-21-2067734800-1198840614-835255823-1001\...\Seznam Browser) (Version: 6.22.0 - Seznam.cz a.s.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8777.1 - Realtek Semiconductor Corp.)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.4.6 - Krzysztof Kowalczyk)

Packages:
=========
HP Scan and Capture -> C:\Program Files\WindowsApps\AD2F1837.HPScanandCapture_40.0.245.0_x64__v10z8vjag6ke6 [2022-12-02] (Hewlett-Packard Company)
Mapy.cz -> C:\Program Files\WindowsApps\949FFEAB.Mapy.cz_8.2.1.0_x64__refxrrjvvv3cw [2022-12-02] (Seznam.cz a.s.)
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2211.21001.0_x64__8wekyb3d8bbwe [2022-12-08] (Microsoft Corporation) [Startup Task]
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt [2022-12-02] (INTEL CORP) [Startup Task]
Sysinternals Suite -> C:\Program Files\WindowsApps\Microsoft.SysinternalsSuite_2022.11.2.0_x64__8wekyb3d8bbwe [2022-12-08] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.248.1127.0001\FileSyncShell64.dll [2022-12-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.248.1127.0001\FileSyncShell64.dll [2022-12-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.248.1127.0001\FileSyncShell64.dll [2022-12-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.248.1127.0001\FileSyncShell64.dll [2022-12-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.248.1127.0001\FileSyncShell64.dll [2022-12-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.248.1127.0001\FileSyncShell64.dll [2022-12-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.248.1127.0001\FileSyncShell64.dll [2022-12-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.248.1127.0001\FileSyncShell64.dll [2022-12-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.248.1127.0001\FileSyncShell64.dll [2022-12-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.248.1127.0001\FileSyncShell64.dll [2022-12-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.248.1127.0001\FileSyncShell64.dll [2022-12-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.248.1127.0001\FileSyncShell64.dll [2022-12-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.248.1127.0001\FileSyncShell64.dll [2022-12-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.248.1127.0001\FileSyncShell64.dll [2022-12-08] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.248.1127.0001\FileSyncShell64.dll [2022-12-08] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [PCConnectShellExt] -> {75C1A0A1-00C8-4F1C-A329-EB54EAEC596C} => C:\Program Files\PC Connect\PCConnectShellEx.dll -> No File
ContextMenuHandlers3: [jetAudio] -> {8D1636FD-CA49-4B4E-90E4-0A20E03A15E8} => C:\Program Files (x86)\JetAudio\JetFlExt64.dll [2013-05-09] (JetAudio) [File not signed]
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.248.1127.0001\FileSyncShell64.dll [2022-12-08] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [PCConnectShellExt] -> {75C1A0A1-00C8-4F1C-A329-EB54EAEC596C} => C:\Program Files\PC Connect\PCConnectShellEx.dll -> No File
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.248.1127.0001\FileSyncShell64.dll [2022-12-08] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-08-28] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [jetAudio] -> {8D1636FD-CA49-4B4E-90E4-0A20E03A15E8} => C:\Program Files (x86)\JetAudio\JetFlExt64.dll [2013-05-09] (JetAudio) [File not signed]
ContextMenuHandlers6: [PCConnectShellExt] -> {75C1A0A1-00C8-4F1C-A329-EB54EAEC596C} => C:\Program Files\PC Connect\PCConnectShellEx.dll -> No File
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\Windows\system32\StartMenuHelper64.dll [2022-08-21] (Open-Shell) [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2022-12-02 17:08 - 2013-05-09 18:45 - 000277504 _____ (JetAudio) [File not signed] C:\Program Files (x86)\JetAudio\JetFlExt64.dll
2022-08-21 20:53 - 2022-08-21 20:53 - 002700288 _____ (Open-Shell) [File not signed] C:\Program Files\Open-Shell\StartMenuDLL.dll
2022-08-21 20:52 - 2022-08-21 20:52 - 000412160 _____ (Open-Shell) [File not signed] C:\Windows\system32\StartMenuHelper64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-2067734800-1198840614-835255823-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\bdtbie.dll [2022-12-06] (Bitdefender SRL -> Bitdefender)
BHO: No Name -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2022-12-06] (Bitdefender SRL -> Bitdefender)
BHO-x32: No Name -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2022-12-06] (Bitdefender SRL -> Bitdefender)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-12-02] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - No Name - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2022-12-06] (Bitdefender SRL -> Bitdefender)
Toolbar: HKLM-x32 - No Name - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2022-12-06] (Bitdefender SRL -> Bitdefender)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-08] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2067734800-1198840614-835255823-1001\Control Panel\Desktop\\Wallpaper -> C:\OneDrive\ROMAN_APP\DOCUMENTS\PICTURES\_Probrat\Mi 1920x1080.png
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B2985D10-3ECF-4C13-9AD5-06A737EAD6B7}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{6C1E0CF0-82A9-4595-BB74-F5768E76DE6F}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{253F67D9-CEBC-4A66-A9AC-7DE3B63BE214}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{764015EB-AC65-4380-9D34-D882B4A2F8C3}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{C760DE3C-6F76-449C-AB69-ED484E9ED813}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{2957CA4D-36AD-4EF1-8B03-4A98781AB5BC}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{469D3FAF-890E-4FAB-A12A-72ADCB88F2B2}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{5B32ABB7-87C5-4CD8-8637-4C635FB5972C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

05-12-2022 17:15:59 Naplánovaný kontrolní bod
07-12-2022 10:56:03 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices ============

Name: Adaptér zpětné smyčky Microsoft KM-TEST
Description: Adaptér zpětné smyčky Microsoft KM-TEST
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: kmloop
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (12/08/2022 09:44:15 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: MI)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (12/08/2022 09:38:56 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (12/08/2022 09:38:56 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (12/08/2022 09:37:46 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: MI)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (12/08/2022 09:36:02 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: MI)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (12/08/2022 09:36:00 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: MI)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (12/08/2022 01:58:06 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (12/08/2022 01:58:06 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]


System errors:
=============
Error: (12/07/2022 07:48:25 PM) (Source: WudfUsbccidDriver) (EventID: 1) (User: NT AUTHORITY)
Description: Event-ID 1

Error: (12/07/2022 07:48:25 PM) (Source: WudfUsbccidDriver) (EventID: 1) (User: NT AUTHORITY)
Description: Event-ID 1

Error: (12/07/2022 07:48:25 PM) (Source: WudfUsbccidDriver) (EventID: 1) (User: NT AUTHORITY)
Description: Event-ID 1

Error: (12/07/2022 07:48:25 PM) (Source: WudfUsbccidDriver) (EventID: 1) (User: NT AUTHORITY)
Description: Event-ID 1

Error: (12/07/2022 07:48:25 PM) (Source: WudfUsbccidDriver) (EventID: 1) (User: NT AUTHORITY)
Description: Event-ID 1

Error: (12/07/2022 07:48:25 PM) (Source: WudfUsbccidDriver) (EventID: 1) (User: NT AUTHORITY)
Description: Event-ID 1

Error: (12/07/2022 07:48:25 PM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Čtečka čipových karet GoTrust FIDO2 DEVICE 0 odmítla signál IOCTL POWER: Bylo zadáno zařízení, které neexistuje.. Pokud chyba přetrvává, čipová karta nebo čtečka pravděpodobně nefungují správně.

Záhlaví příkazu: 01 00 00 00

Error: (12/07/2022 07:48:25 PM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Čtečka čipových karet GoTrust FIDO2 DEVICE 0 odmítla signál IOCTL POWER: Bylo zadáno zařízení, které neexistuje.. Pokud chyba přetrvává, čipová karta nebo čtečka pravděpodobně nefungují správně.

Záhlaví příkazu: 01 00 00 00


CodeIntegrity:
===============
Date: 2022-12-08 09:42:34
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdamsi\266104337629762704\antimalware_provider64.dll that did not meet the Microsoft signing level requirements.

Date: 2022-12-08 09:41:33
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdamsi\266104337629762704\antimalware_provider64.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: Insyde Corp. XMAKB3M0P1B13 08/05/2021
Motherboard: Timi TM1703
Processor: Intel(R) Core(TM) i7-8550U CPU @ 1.80GHz
Percentage of memory in use: 72%
Total physical RAM: 8101.22 MB
Available physical RAM: 2267.96 MB
Total Virtual: 10021.22 MB
Available Virtual: 3128.58 MB

==================== Drives ================================

Drive c: (256GB) (Fixed) (Total:237.84 GB) (Free:118.73 GB) (Model: SAMSUNG MZVLB256HAHQ-00000) NTFS

\\?\Volume{6412813b-251c-4426-bed9-ac42d0b361f6}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
\\?\Volume{2937bda6-fed1-45f9-b1e3-e7e6b1af5ce6}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 2AFDB62E)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15192
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: DĚKUJI za kontrolu logů

#2 Příspěvek od JaRon »

ahoj,
mozes prescanovat PC s ADWCleanerom, ale nejake virove problemy tam nevidim
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

608333700
Návštěvník
Návštěvník
Příspěvky: 3
Registrován: 08 pro 2022 11:16

Re: DĚKUJI za kontrolu logů

#3 Příspěvek od 608333700 »

Děkuji ano problémy aktuálně nemám.
Co mi ale nedává smysl je toto: "192.168.38.78" tato adresa je naprosto mimo mísu. Ping na ni nejde.

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5dcccead-1784-4779-84ed-838485763e64}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{cf4f61c2-bbf5-406c-9496-fc713daa1fa8}: [DhcpNameServer] 192.168.38.78

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15192
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: DĚKUJI za kontrolu logů

#4 Příspěvek od JaRon »

moze ist nejake starsie nastavenie routra
ak sa toho chces, zbavit mozes pouzit fixlist:

Kód: Vybrat vše

Start
CloseProcesses:
Tcpip\..\Interfaces\{cf4f61c2-bbf5-406c-9496-fc713daa1fa8}: [DhcpNameServer] 192.168.38.78

EmptyTemp:
Reboot:
End
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

608333700
Návštěvník
Návštěvník
Příspěvky: 3
Registrován: 08 pro 2022 11:16

Re: DĚKUJI za kontrolu logů

#5 Příspěvek od 608333700 »

Děkuji

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15192
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: DĚKUJI za kontrolu logů

#6 Příspěvek od JaRon »

Za malo :)
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Zamčeno