Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu / radu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
marrahouser
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 13 pro 2022 13:33

Prosím o kontrolu logu / radu

#1 Příspěvek od marrahouser »

Dobrý den.

Můj Lenovo Legion notebook se začal chovat divně a prosím tedy o kontrolu logů, zda nenarazíte na nějaký problém. Po spuštění se naplno roztočí ventilátor, jako by byl notebook vytížen, nicméně jsou (alespoň na první pohled) spuštěné pouze Windows a pár základních utilit. Velmi zvláštní je, že se ventilátor (a tím asi i zatížení) uklidní poté, co spustím Správce úloh.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-12-2022
Ran by MARRA (administrator) on MARRA-LEGION (LENOVO 81Y6) (13-12-2022 13:29:05)
Running from C:\Users\MARRA\Downloads
Loaded Profiles: MARRA
Platform: Microsoft Windows 11 Pro Version 22H2 22623.1028 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(DeviceSettingsSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(LenovoGamingSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(LenovoServiceBridgeAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(MultimediaAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files (x86)\Stardock\Start11\Start11Srv.exe ->) (STARDOCK SYSTEMS, INC. -> Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start11\Start11_64.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe <2>
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <3>
(DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxEM.exe
(DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_925ded1d9428eaee\DAX3API.exe ->) (Dolby Laboratories, Inc. -> ) C:\ProgramData\Dolby\DAX3\RADARHOST\DSRHost.exe
(DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_925ded1d9428eaee\DAX3API.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~1.INF\DAX3API.exe
(DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_da914fb427b10059\LenovoUtilityService.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_da914fb427b10059\FnHotkeyUtility.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\68.0.2.0\crashpad_handler.exe <2>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <27>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_925ded1d9428eaee\DAX3API.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_3de4831720bb2934\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_9cf4db1a1fd1b22d\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a953cebc2f0daf9c\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a953cebc2f0daf9c\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_0b214be229a13e84\jhi_service.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_da914fb427b10059\LenovoUtilityService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\Sgrm\SgrmBroker.exe
(services.exe ->) (Native Instruments GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvltig.inf_amd64_03e937c3da958a25\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgc.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(services.exe ->) (SIA AVB Disc Soft -> Disc Soft Ltd) C:\Program Files\reWASD\reWASDService.exe
(services.exe ->) (Software602 a.s. -> Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(services.exe ->) (STARDOCK SYSTEMS, INC. -> Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start11\Start11Srv.exe
(svchost.exe ->) (Infatica pte ltd -> ) C:\Program Files (x86)\Infatica P2B\infatica-service-app.exe
(svchost.exe ->) (IObit CO., LTD -> IObit) C:\Program Files (x86)\Driver Booster\Scheduler.exe
(svchost.exe ->) (Microsoft Corporation) [File not signed] C:\Users\MARRA\AppData\Roaming\Spotify\Apps\AXKTTYFUADTDRMOT.exe <4>
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22102.213.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_422.33900.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
(svchost.exe ->) (OORT Inc. -> oh!soft) C:\Program Files (x86)\oCam\oCamTask.exe
(svchost.exe ->) (WhatsApp Inc.) C:\Program Files\WindowsApps\5319275A.51895FA4EA97F_2.2249.2.0_x64__cv1g1gvanyjgm\WhatsApp.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1084704 2020-05-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3183328 2021-11-30] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [MFNetworkScannerSelector] => C:\Program Files\Canon\Canon MF Network Scanner Selector\CMFNSS6.EXE [459904 2018-01-30] (CANON INC. -> CANON INC.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2022-12-12] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2022-12-12] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\MARRA\AppData\Local\WebEx\WebexHost.exe [7803680 2022-07-14] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2022-12-12] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [7223248 2022-11-14] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2022-12-12] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\CnXP0PP: C:\Windows\System32\spool\prtprocs\x64\CnXP0PP.DLL [655360 2021-04-13] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon MFNP Port: C:\Windows\system32\CNCENPM6.dll [153088 2018-01-29] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\CPCA Language Monitor3b: C:\Windows\system32\CNAS0MOK.DLL [1282048 2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\CPCA Language Monitor4: C:\Windows\system32\CNAS0MPK.DLL [1784320 2021-04-07] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Software602 XPS port monitor: C:\Windows\system32\602localmon.dll [47896 2021-09-23] (Software602 a.s. -> Windows (R) Win 7 DDK provider)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\108.0.5359.99\Installer\chrmstp.exe [2022-12-09] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\Users\MARRA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RuntimeBroker.lnk [2021-11-07]
ShortcutTarget: RuntimeBroker.lnk -> C:\Users\MARRA\AppData\Roaming\Corel User Preferences\Backup files\CorelDRAW Graphics Suite 2021.exe (No File)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0600DD45-FAF2-4131-A006-0B17509B9F78} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\sc.exe start InventorySvc
Task: {063E2175-10DE-480B-B453-7E1F7268A2F9} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {0640839D-ED74-496F-89A9-36EE7AEB2C00} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\8d221ea5-137e-4eea-8a8b-ae1eb2a37bd7 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {07C81256-313A-4394-8180-E802400F0B33} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {0A16CAE1-7947-4C09-90F4-61955828B3A3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26308528 2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {0A4DD3DB-0FF4-4502-AA0B-93E1E65BDE7F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26308528 2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {0DBE9974-68F4-405B-8F6C-A7774AEA1E25} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [64256 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {1AE598B5-7473-4E74-9056-68B4C6A01DA8} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\f36d665d-bb0f-427d-a907-ab34480f66be => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {1D5B83E5-9322-456C-B634-5BB0F00FA801} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {22D10638-6750-4BB5-A974-C355D4D1277A} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2113024 2022-11-12] () [File not signed]
Task: {2D239381-326E-456A-8C90-0266F86845A9} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908856 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {368B8E03-73E8-4971-8D80-980648A604C5} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {39D76B9C-1E4F-4101-AAAB-A2F09167DD5F} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {4972FFD7-36DB-4F9B-B365-8EE70D43285F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4D3144BA-EF72-4CE3-857D-85B3B142C07D} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\3d19a378-329a-4d71-a5ac-95067ac458db => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {50044330-C124-441B-8E96-E221B503A05E} - System32\Tasks\Driver Booster SkipUAC (MARRA) => C:\Program Files (x86)\Driver Booster\DriverBooster.exe [8645120 2022-02-22] (IObit) [File not signed]
Task: {511911D9-79C4-4CB8-92D5-BFE611C9BB9D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144256 2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {54A5869E-13BB-4FA2-BA99-4AC65BDA6A87} - System32\Tasks\Canon\OIPPESP\Canon OIP Product Extended Survey Program => C:\Program Files\Canon\OIPPESP\Cnpspcnt.exe [1826264 2020-07-29] (CANON INC. -> CANON INC.) -> /Config:"C:\Program Files\Canon\OIPPESP\CnpspCfg.xml"
Task: {65A08212-014C-4BFA-9DA8-878A11D28169} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {7389EAC4-87D2-4DE7-B2E5-99216CC425EC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8509392 2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {74A0949D-CFF2-43E9-94DC-0487FB28B188} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {74F497D4-26F7-4076-B163-6795D5628A1B} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {7748CAAC-9D70-4BCC-BD8E-49F1AFBB849C} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {7A97D391-7842-4D68-B1CC-A754C7376E53} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {7EA41311-35A4-412A-B5B8-8F7FA6D0BC50} - System32\Tasks\infatica_p2b => C:\Program Files (x86)\Infatica P2B\infatica-service-app.exe [20072 2021-12-04] (Infatica pte ltd -> )
Task: {817EEC8F-623C-49CC-AEBD-0A2A50FA63E4} - System32\Tasks\infatica_p2b_expire => C:\Program Files (x86)\Infatica P2B\unins000.exe [1202329 2022-11-28] () [File not signed]
Task: {85E021BD-E504-4271-B13C-ADDEEA47F2FD} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => C:\WINDOWS\system32\MusNotification.exe /RunOnBattery ReadyToReboot (No File)
Task: {87ED0DB6-478D-4570-AD26-84887995336D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-11-07] (Google LLC -> Google LLC)
Task: {895ED478-B315-48BC-9D08-CC55568B9B93} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [149280 2022-09-23] (Lenovo -> Lenovo Group Ltd.)
Task: {8C82D4DB-625C-4DB9-955C-8DCC6E0587F6} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908856 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {8F7690D6-5913-47A0-91B4-02436CA82158} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\Driver Booster\AutoUpdate.exe [135704 2022-01-06] (IObit CO., LTD -> IObit)
Task: {9191F6E0-C833-4647-A738-73020A5F4819} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {925B9440-0D9A-4ED2-9AD6-2BB63FEA6635} - System32\Tasks\oCamTask => C:\Program Files (x86)\oCam\oCamTask.exe [156344 2021-06-17] (OORT Inc. -> oh!soft)
Task: {95FF1379-1F33-482C-945C-6E9155CA0085} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9C9BD1A4-013B-47E5-9CE0-B25A2C7273D7} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {9CD4822C-3D07-4C2E-8E43-AE5B5CACEF9F} - System32\Tasks\Lenovo\Vantage\Schedule\SettingsWidgetAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {A5E090A5-D0D0-4CA8-91C1-8BC48EAE063A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A9F95339-4BFB-4589-B85B-127D741446CF} - System32\Tasks\Microsoft\Windows\PI\SecureBootEncodeUEFI => C:\WINDOWS\system32\SecureBootEncodeUEFI.exe [94208 2022-10-03] (Microsoft Windows -> )
Task: {B0332532-9FE3-41F6-B23A-819CEBC0C864} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {C07A0098-27B0-443A-AE63-A48D6211BCD2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8509392 2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {C4C3A925-208D-41C0-8EB9-771D8579E073} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {C7F6C0A1-251E-4776-8220-A07CF1A26241} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [146816 2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {D274D3C0-AE7D-4306-BD23-BFD529F04220} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [28048 2022-05-19] (Garmin International, Inc. -> )
Task: {D3F771E7-01D7-4A4E-9637-A8F4DFDC771E} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\WINDOWS\system32\MusNotification.exe /RunOnAC ReadyToReboot (No File)
Task: {D51E7714-9273-41B0-82E3-40D5DE26F0BD} - System32\Tasks\CorelUpdateHelperTaskCore => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3573024 2020-01-14] (Corel Corporation -> Corel Corporation)
Task: {DF828C33-5812-45FD-B6DC-B726522D1D3F} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\f1c9a118-531f-4d6b-8958-57b544692779 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File)
Task: {E3E2803A-7FCB-42A7-85B4-6B19ED9A9739} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\Driver Booster\Scheduler.exe [156696 2022-01-20] (IObit CO., LTD -> IObit)
Task: {E52759F0-C04F-4A23-8379-2889D71A5BFD} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NoUACCheck
Task: {EA224208-6F03-4B8D-B5B4-8B153DB2681B} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {EAA1E4D0-5B95-4582-A6B0-DFCFC5DF7E68} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-08-30] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {EDA87CBC-EE19-44FC-A100-1FF430958E1A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {EDDBCE98-036E-4C37-9D2C-0B6C32420398} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\0cc6debf-8004-480a-8700-252bd030c133 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {F4FB9E57-8D1F-4248-8B9A-C2D547461A9D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-11-07] (Google LLC -> Google LLC)
Task: {F5D796D2-A32D-4ED0-8F79-461A806C0856} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2022-10-17] (Nvidia Corporation -> NVIDIA Corporation)
Task: {F5FE27CF-8412-4EAD-82D4-5112A1931EDE} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {FA6A80FA-AAB1-48B0-9498-0A9776CE4ACF} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144256 2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {FB477F27-EF83-42A7-A3BF-E62D4AFAF9ED} - System32\Tasks\AXKTTYFUADTDRMOT_run => C:\Users\MARRA\AppData\Roaming\Spotify\Apps\AXKTTYFUADTDRMOT.exe [69632 2022-04-14] (Microsoft Corporation) [File not signed]

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.37.37
Tcpip\..\Interfaces\{4fbf3329-0b7b-4878-b3eb-5f32f3d9d09e}: [DhcpNameServer] 192.168.37.37
Tcpip\..\Interfaces\{9aa5d1b5-8a72-42db-8483-00b8aeaa47ad}: [DhcpNameServer] 192.168.37.37

Edge:
=======
Edge Profile: C:\Users\MARRA\AppData\Local\Microsoft\Edge\User Data\Default [2022-08-01]

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2018-01-08] (Software602 a.s. -> Software602 a.s.)

Chrome:
=======
CHR Profile: C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default [2022-12-13]
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://meet.google.com; hxxps://svetzitrka.eu.teamwork.com
CHR Extension: (Dark Theme for Google Chrome) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\annfbnbieaamhaimclajlajpijgkdblo [2022-02-09]
CHR Extension: (Tampermonkey) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2022-11-29]
CHR Extension: (Copyfish 🐟 Free OCR Software) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\eenjdnjldapjajjofmldgmkjaienebbj [2022-08-17]
CHR Extension: (Samsung Internet) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\epejdmjgfibjaffbmojllapapjejipkh [2022-11-16]
CHR Extension: (Surfer) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\faapilcgnafanfcdhlkjijhoimmlhmjn [2022-09-07]
CHR Extension: (Weebly Dashboard Extension) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkhpeihpgdipchpfmddkfcigllaaiaki [2021-11-07]
CHR Extension: (Chain Reaction) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gemgfpodpjapjhfohdlibagceiknakpa [2021-11-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-30]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-12-01]
CHR Extension: (Bitly | Short links and QR Codes) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\iabeihobmhlgpkcgjiloemdbofjbdcic [2022-12-07]
CHR Extension: (Apex Screen Recorder & Screenshot Master) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkkmokkmlbkkgdnkkancbonkbbmkioc [2022-10-07]
CHR Extension: (WhatFont) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2021-11-07]
CHR Extension: (Cisco Webex Extension) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2022-07-23]
CHR Extension: (View image) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpcmhcelnjdmblfmjabdeclccemkghjk [2022-06-15]
CHR Extension: (Chrome Audio Capture) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfokdmfpdnokpmpbjhjbcabgligoelgp [2022-01-08]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2022-02-23]
CHR Extension: (Kontrola e-mailu Google) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2021-11-07]
CHR Extension: (Clipt) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpicahlgepngcpigiiebnheihgbaenh [2022-06-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-07]
CHR Extension: (Hlídač Shopů) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlonggbfebcjelncogcnclagkmkikk [2022-11-25]
CHR Profile: C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-03-04]
CHR Profile: C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\System Profile [2022-03-04]
CHR HKU\S-1-5-21-590153330-3484553050-3099931381-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s. -> Software602 a.s.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12544456 2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
R2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_925ded1d9428eaee\DAX3API.exe [2205144 2020-12-22] (Dolby Laboratories, Inc. -> Dolby Laboratories)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2021-10-01] (Epic Games Inc. -> Epic Games, Inc.)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [390400 2020-05-22] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
S2 IntelAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_5a9d4e2af428d38d\\AS\\IAS\\IntelAudioService.exe [412160 ] (Intel Corporation -> Intel)
S3 InventorySvc; C:\WINDOWS\system32\inventorysvc.dll [304480 2022-07-20] (Microsoft Windows -> Microsoft Corporation)
R2 LenovoFnAndFunctionKeys; C:\WINDOWS\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_da914fb427b10059\LenovoUtilityService.exe [245968 2022-11-13] (Lenovo -> Lenovo(beijing) Limited)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\\3.13.43.0\LenovoVantageService.exe [32464 ] (Lenovo -> Lenovo Group Ltd.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2563288 2022-02-22] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3481824 2022-02-22] (Electronic Arts, Inc. -> Electronic Arts)
R2 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 reWASDService; C:\Program Files\reWASD\reWASDService.exe [2676472 2021-12-15] (SIA AVB Disc Soft -> Disc Soft Ltd)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [249344 2022-11-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SgrmBroker; C:\WINDOWS\system32\Sgrm\SgrmBroker.exe [414632 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2021-06-23] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [920768 2021-06-23] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 Start11; C:\Program Files (x86)\Stardock\Start11\Start11Srv.exe [251240 2022-10-18] (STARDOCK SYSTEMS, INC. -> Stardock Software, Inc)
R2 TextInputManagementService; C:\WINDOWS\System32\TabSvc.dll [266240 2022-07-20] (Microsoft Windows -> Microsoft Corporation)
R2 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10429808 2021-11-30] (Riot Games, Inc. -> Riot Games, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WsaService; C:\Program Files\WindowsApps\MicrosoftCorporationII.WindowsSubsystemForAndroid_2211.40000.7.0_x64__8wekyb3d8bbwe\WsaService\WsaService.exe [273408 2022-12-08] () [File not signed]
R3 wuauserv; C:\WINDOWS\system32\wuauserv.dll [137560 2022-11-29] (Microsoft Windows -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvltig.inf_amd64_03e937c3da958a25\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvltig.inf_amd64_03e937c3da958a25\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ApkbfiltrService; C:\WINDOWS\System32\drivers\Apkbfiltr.sys [39760 2022-05-11] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
R2 bfs; C:\WINDOWS\system32\drivers\bfs.sys [91504 2022-07-20] (Microsoft Windows -> Microsoft Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 FFUsbAudio; C:\WINDOWS\System32\drivers\ffusbaudio.sys [53080 2011-10-31] (Focusrite Audio Engineering Limited -> Focusrite Audio Engineering Ltd.)
R0 fse; C:\WINDOWS\System32\drivers\fse.sys [218456 2022-10-11] (Microsoft Windows -> Microsoft Corporation)
S0 GenPass; C:\WINDOWS\System32\DriverStore\FileRepository\genpass.inf_amd64_bef88a423225ecdc\genpass.sys [62800 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R0 hidgamemap; C:\WINDOWS\System32\drivers\hidgamemap.sys [344784 2021-12-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 ITEHIDfilter; C:\WINDOWS\System32\drivers\ITEHIDfilter.sys [28104 2022-05-11] (ITE Tech. Inc. -> ITE Tech. Inc.)
S3 kf1avs; C:\WINDOWS\System32\Drivers\kf1avs.sys [357968 2011-09-15] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH)
S3 kf1usb_svc; C:\WINDOWS\System32\Drivers\kf1usb.sys [47696 2011-09-15] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH)
R3 MpKsl02528c0b; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0864BB94-9874-421D-807D-EA7FDF303831}\MpKslDrv.sys [214280 2022-12-13] (Microsoft Windows -> Microsoft Corporation)
S3 niks4m3audio; C:\WINDOWS\System32\Drivers\niks4m3audio.sys [354248 2018-06-28] (Native Instruments GmbH -> Native Instruments GmbH)
S3 niks4m3bd; C:\WINDOWS\System32\drivers\niks4m3bd.sys [35712 2018-10-22] (Native Instruments GmbH -> Native Instruments GmbH)
S3 niks4m3dfu; C:\WINDOWS\System32\drivers\niks4m3dfu.sys [39840 2018-10-22] (Native Instruments GmbH -> Native Instruments GmbH)
S3 niks4m3usb; C:\WINDOWS\System32\drivers\niks4m3usb.sys [75160 2018-06-28] (Native Instruments GmbH -> Native Instruments GmbH)
S3 nita6audio; C:\WINDOWS\System32\Drivers\nita6audio.sys [372608 2015-09-04] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH)
S3 nita6usb; C:\WINDOWS\system32\DRIVERS\nita6usb.sys [95592 2015-09-04] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
S0 pvscsi; C:\WINDOWS\System32\drivers\pvscsii.sys [45408 2022-05-07] (Microsoft Windows -> VMware, Inc.)
S3 RoutePolicy; C:\WINDOWS\System32\drivers\RoutePolicy.sys [98304 2022-05-07] (Microsoft Windows -> )
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [27744 2021-03-09] (Daniel Terhell -> Resplendence Software Projects Sp.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8480608 2021-11-29] (Riot Games, Inc. -> Riot Games, Inc.)
S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [94208 2022-05-07] (Microsoft Windows -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2022-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [473376 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99616 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
R2 wtd; C:\WINDOWS\System32\drivers\wtd.sys [118784 2022-11-08] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-12-13 13:29 - 2022-12-13 13:29 - 000728484 _____ C:\WINDOWS\system32\perfh005.dat
2022-12-13 13:29 - 2022-12-13 13:29 - 000151700 _____ C:\WINDOWS\system32\perfc005.dat
2022-12-13 13:29 - 2022-12-13 13:29 - 000042865 _____ C:\Users\MARRA\Downloads\FRST.txt
2022-12-13 13:28 - 2022-12-13 13:29 - 000000000 ____D C:\FRST
2022-12-13 13:27 - 2022-12-13 13:27 - 002375680 _____ (Farbar) C:\Users\MARRA\Downloads\FRST64.exe
2022-12-13 13:27 - 2022-12-13 13:27 - 002375680 _____ (Farbar) C:\Users\MARRA\Downloads\FRST64 (1).exe
2022-12-13 13:16 - 2022-12-13 13:16 - 008753904 _____ (Lenovo Group Limited ) C:\Users\MARRA\Downloads\efcn57ww.exe
2022-12-13 12:48 - 2022-12-13 12:48 - 000620355 _____ C:\Users\MARRA\Downloads\DrazebnivyhlaskaNVelektronickadrazba(1.kolo)20221026104244.pdf
2022-12-13 12:48 - 2022-12-13 12:48 - 000170903 _____ C:\Users\MARRA\Downloads\0900533208.pdf
2022-12-13 12:47 - 2022-12-13 12:47 - 000489871 _____ C:\Users\MARRA\Downloads\Drazebnivyhlaskaelektronicka2013[signed][signed].pdf
2022-12-10 03:22 - 2022-12-10 03:22 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_nita6usb_01011.Wdf
2022-12-08 09:49 - 2022-12-08 09:49 - 012453928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 010220584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 006514440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 005891112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 005856792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 005816296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 003334696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 002237000 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-12-08 09:49 - 2022-12-08 09:49 - 002237000 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-12-08 09:49 - 2022-12-08 09:49 - 002163752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 001642600 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-12-08 09:49 - 2022-12-08 09:49 - 001642600 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-12-08 09:49 - 2022-12-08 09:49 - 001619984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 001531896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 001444424 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 001444424 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 001227304 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 001191960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 001168992 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 001168992 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 000949736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 000853544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-12-08 09:49 - 2022-12-08 09:49 - 000851984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 000737784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-12-08 09:49 - 2022-12-08 09:49 - 000734720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 000673320 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 000506872 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 000457752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-12-08 09:49 - 2022-12-08 09:49 - 000100741 _____ C:\WINDOWS\system32\nvinfo.pb
2022-12-08 09:47 - 2022-12-08 09:47 - 017388440 _____ C:\WINDOWS\system32\RsEyeContactCorrection_Assets.dll
2022-12-08 09:47 - 2022-12-08 09:47 - 015824792 _____ C:\WINDOWS\system32\RsDMFT_Assets.dll
2022-12-08 09:47 - 2022-12-08 09:47 - 013414320 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RsDMFT64.dll
2022-12-08 09:47 - 2022-12-08 09:47 - 001185640 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2022-12-07 15:28 - 2022-12-07 15:28 - 000016533 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-12-07 15:27 - 2022-12-07 15:27 - 000000000 ___HD C:\$WinREAgent
2022-12-05 23:20 - 2022-12-05 23:27 - 009959556 _____ C:\Users\MARRA\Downloads\dj-profilovka_VRSTVY.psd
2022-12-05 23:05 - 2022-12-05 23:07 - 112431604 _____ C:\Users\MARRA\Downloads\A3_plakat_zijuhudbou.psd
2022-12-05 01:11 - 2022-12-05 01:13 - 000897445 _____ C:\Users\MARRA\Downloads\Stanoveni Usekove mereni (1).pdf
2022-12-04 21:53 - 2022-12-04 21:53 - 000365566 _____ C:\Users\MARRA\Downloads\CJUZSVM_BUH_5637_2022BUHM(1).pdf
2022-12-04 21:52 - 2022-12-04 21:52 - 000105623 _____ C:\Users\MARRA\Downloads\Stanoveni minimalniho poctu clenu okrskove volebni komise.pdf
2022-12-04 21:51 - 2022-12-04 21:51 - 000897445 _____ C:\Users\MARRA\Downloads\Stanoveni Usekove mereni.pdf
2022-12-04 21:50 - 2022-12-04 21:50 - 000100444 _____ C:\Users\MARRA\Downloads\Informace o poctu a sidle volebnich okrsku.pdf
2022-12-04 21:49 - 2022-12-04 21:50 - 001901798 _____ C:\Users\MARRA\Downloads\Zamer mesta na najem v k.u. Uhersky Brod.pdf
2022-12-04 00:55 - 2022-12-04 00:55 - 000000000 ____D C:\Users\MARRA\Documents\Špajza
2022-12-04 00:51 - 2022-12-04 00:51 - 000496110 _____ C:\Users\MARRA\Downloads\20220310102156.pdf
2022-11-28 23:27 - 2022-11-28 23:27 - 000003390 _____ C:\WINDOWS\system32\Tasks\infatica_p2b_expire
2022-11-28 23:27 - 2022-11-28 23:27 - 000003300 _____ C:\WINDOWS\system32\Tasks\klcp_update
2022-11-28 23:27 - 2022-11-28 23:27 - 000003292 _____ C:\WINDOWS\system32\Tasks\infatica_p2b
2022-11-28 23:27 - 2022-11-28 23:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2022-11-28 23:27 - 2022-11-28 23:27 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2022-11-28 23:27 - 2022-11-28 23:27 - 000000000 ____D C:\Program Files (x86)\Infatica P2B
2022-11-28 23:27 - 2019-12-28 11:00 - 000784384 _____ C:\WINDOWS\system32\xvidcore.dll
2022-11-28 23:27 - 2019-12-28 11:00 - 000681984 _____ C:\WINDOWS\SysWOW64\xvidcore.dll
2022-11-28 23:27 - 2019-12-28 11:00 - 000310784 _____ C:\WINDOWS\system32\xvidvfw.dll
2022-11-28 23:27 - 2019-12-28 11:00 - 000284160 _____ C:\WINDOWS\SysWOW64\xvidvfw.dll
2022-11-28 23:27 - 2017-07-30 12:50 - 003850240 _____ (x264vfw project) C:\WINDOWS\SysWOW64\x264vfw.dll
2022-11-28 23:27 - 2017-07-30 12:50 - 003799552 _____ (x264vfw project) C:\WINDOWS\system32\x264vfw64.dll
2022-11-28 23:27 - 2012-07-21 12:55 - 000180736 _____ (fccHandler) C:\WINDOWS\system32\ac3acm.acm
2022-11-28 23:27 - 2012-07-21 12:54 - 000122880 _____ (fccHandler) C:\WINDOWS\SysWOW64\ac3acm.acm
2022-11-28 23:27 - 2011-12-07 19:37 - 000148992 _____ ( ) C:\WINDOWS\system32\lagarith.dll
2022-11-28 23:27 - 2011-12-07 19:32 - 000216064 _____ ( ) C:\WINDOWS\SysWOW64\lagarith.dll
2022-11-28 23:26 - 2022-11-28 23:26 - 061945139 _____ (KLCP ) C:\Users\MARRA\Downloads\K-Lite_Codec_Pack_1730_Mega.exe
2022-11-28 23:23 - 2022-11-28 23:23 - 002379422 _____ C:\Users\MARRA\Downloads\x264vfw_full_44_2851bm_44825.exe
2022-11-25 16:10 - 2022-11-25 16:10 - 002109145 _____ C:\Users\MARRA\Downloads\chytrej výčep prezentace.pdf
2022-11-24 15:59 - 2022-11-24 15:59 - 037433304 _____ C:\WINDOWS\system32\Drivers\Netwfw10.dat
2022-11-24 15:59 - 2022-11-24 15:59 - 005100608 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\Netwtw10.sys
2022-11-24 15:59 - 2022-11-24 15:59 - 001470528 _____ (Intel Corporation) C:\WINDOWS\system32\IntelIHVRouter10.dll
2022-11-23 00:17 - 2022-11-23 00:17 - 000224766 _____ C:\Users\MARRA\Downloads\Koaliční smlouva Napajedla _11.11.2022.pdf
2022-11-20 12:22 - 2022-11-20 12:23 - 060681665 _____ (WarmUpTill ) C:\Users\MARRA\Downloads\advanced-scene-switcher-windows-x64-Installer.exe
2022-11-15 03:23 - 2022-11-15 03:23 - 000017051 _____ C:\Users\MARRA\Downloads\[SkT]Lucky_Louie_(2006)(CZ)_=_CSFD_86%.torrent
2022-11-14 16:49 - 2022-11-14 16:49 - 000000000 ____D C:\Users\MARRA\Documents\Chata
2022-11-14 02:27 - 2022-11-14 02:27 - 000032402 _____ C:\Users\MARRA\Downloads\[SkT]Peaky_Blinders_-_Gangy_z_Birminghamu___Peaky_Blinders_-_1._Serie_(CZ_EN)[1080p]_=_CSFD_91%.torrent

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-12-13 13:29 - 2022-05-14 20:48 - 001718028 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-12-13 13:29 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2022-12-13 13:27 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-12-13 13:24 - 2022-01-19 11:41 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2022-12-13 13:23 - 2021-11-07 02:22 - 000000000 ____D C:\Program Files (x86)\Google
2022-12-13 13:22 - 2021-11-07 02:13 - 000000000 ____D C:\ProgramData\NVIDIA
2022-12-13 13:21 - 2022-05-14 20:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-12-13 13:21 - 2022-05-14 20:34 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2022-12-13 13:21 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState
2022-12-13 13:21 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-12-13 13:21 - 2021-11-07 09:05 - 000012288 ___SH C:\DumpStack.log.tmp
2022-12-13 13:21 - 2021-11-07 02:17 - 000000000 __SHD C:\Users\MARRA\IntelGraphicsProfiles
2022-12-13 13:21 - 2021-11-07 02:16 - 000000000 ____D C:\Intel
2022-12-13 13:17 - 2022-05-07 06:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-12-13 13:16 - 2022-08-03 10:21 - 000000000 ____D C:\WINDOWS\TempInst
2022-12-13 12:02 - 2021-11-08 11:09 - 000000000 ____D C:\Users\MARRA\Documents\1SA
2022-12-13 11:15 - 2022-05-14 20:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-12-13 04:23 - 2021-11-07 14:58 - 000000000 ____D C:\Users\MARRA\AppData\Roaming\AIMP
2022-12-13 01:36 - 2021-12-19 21:00 - 000000000 ____D C:\Users\MARRA\AppData\Roaming\audacity
2022-12-13 01:34 - 2021-11-07 17:44 - 000000871 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2022-12-13 01:34 - 2021-11-07 17:44 - 000000000 ____D C:\Program Files\Audacity
2022-12-12 21:51 - 2021-11-07 18:27 - 000000000 ____D C:\Users\MARRA\AppData\Local\CrashDumps
2022-12-12 17:44 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2022-12-12 17:44 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-12-12 17:39 - 2022-02-23 20:54 - 000002063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2022-12-12 02:03 - 2021-11-08 18:32 - 000000000 ____D C:\Users\MARRA\AppData\Roaming\uTorrent
2022-12-12 02:03 - 2021-11-07 14:52 - 000000000 ____D C:\Users\MARRA\AppData\Roaming\discord
2022-12-12 01:18 - 2021-11-07 14:52 - 000000000 ____D C:\Users\MARRA\AppData\Local\Discord
2022-12-11 00:04 - 2021-11-07 18:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2022-12-11 00:04 - 2021-11-07 18:13 - 000000000 ____D C:\Program Files\Microsoft Office
2022-12-10 16:37 - 2021-11-07 09:05 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-12-09 11:56 - 2021-11-07 09:05 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-12-09 11:54 - 2021-11-09 02:13 - 000000000 ____D C:\Users\MARRA\Documents\FMK
2022-12-09 04:39 - 2021-11-07 02:23 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-12-08 09:49 - 2022-09-17 10:58 - 001487912 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-12-08 09:49 - 2022-05-11 13:08 - 007645912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2022-12-08 08:31 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2022-12-08 02:58 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-12-08 02:03 - 2021-11-07 02:17 - 000000000 ____D C:\Users\MARRA\AppData\Local\Packages
2022-12-07 15:29 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-12-07 15:27 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2022-12-05 23:21 - 2021-11-09 12:57 - 000000000 ____D C:\Users\MARRA\AppData\Local\Adobe
2022-12-04 17:43 - 2021-11-08 00:48 - 000000000 ____D C:\ProgramData\Trackmania
2022-12-04 17:43 - 2021-11-08 00:47 - 000000000 ____D C:\Users\MARRA\Documents\Trackmania
2022-12-04 17:17 - 2021-11-07 23:00 - 000000000 ____D C:\Users\MARRA\AppData\Local\Ubisoft Game Launcher
2022-12-04 16:54 - 2021-11-07 22:40 - 000000000 ____D C:\Users\MARRA\AppData\Roaming\obs-studio
2022-12-04 14:45 - 2021-11-07 14:58 - 000000000 ____D C:\Program Files (x86)\AIMP
2022-12-04 14:16 - 2022-05-11 12:44 - 000018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2022-12-03 22:43 - 2022-09-19 01:15 - 000000440 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2022-11-29 11:44 - 2022-05-14 20:34 - 000408624 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-11-29 04:14 - 2022-05-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-11-29 04:14 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-11-29 04:14 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\UUS
2022-11-29 04:14 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources
2022-11-29 04:14 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemApps
2022-11-29 04:14 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-11-29 04:14 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-11-29 04:14 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\Provisioning
2022-11-29 04:14 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-11-29 02:58 - 2022-05-14 20:34 - 003212288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-11-28 23:27 - 2021-11-30 14:09 - 000000000 ____D C:\Users\MARRA\Documents\Vegas
2022-11-26 22:05 - 2021-11-07 02:17 - 000000000 ____D C:\Users\MARRA\AppData\Local\D3DSCache
2022-11-25 05:17 - 2021-11-07 22:53 - 000000000 ____D C:\Program Files (x86)\Steam
2022-11-24 21:08 - 2021-11-22 17:34 - 000000000 ____D C:\Users\MARRA\Documents\oCam
2022-11-20 12:25 - 2022-10-01 11:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\advanced-scene-switcher
2022-11-20 12:25 - 2021-11-07 22:40 - 000000000 ____D C:\Program Files\obs-studio
2022-11-18 15:10 - 2022-09-12 10:45 - 000000000 ____D C:\Users\MARRA\AppData\Roaming\com.adobe.dunamis
2022-11-18 14:43 - 2022-10-13 12:43 - 000002079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2022-11-18 14:43 - 2022-05-14 20:42 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-11-15 00:37 - 2022-05-14 20:42 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-11-15 00:37 - 2022-05-14 20:42 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

==================== Files in the root of some directories ========

2021-12-15 18:33 - 2022-10-01 10:39 - 000000015 _____ () C:\Users\MARRA\AppData\Roaming\obs-virtualcam.txt

==================== FCheck ================================

(If an entry is included in the fixlist, the file/folder will be moved.)

FCheck: C:\WINDOWS\SysWOW64\version_IObitDel.dll [2022-05-11] <==== ATTENTION (zero byte File/Folder)

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-12-2022
Ran by MARRA (13-12-2022 13:30:33)
Running from C:\Users\MARRA\Downloads
Microsoft Windows 11 Pro Version 22H2 22623.1028 (X64) (2022-05-14 19:42:12)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-590153330-3484553050-3099931381-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-590153330-3484553050-3099931381-503 - Limited - Disabled)
Guest (S-1-5-21-590153330-3484553050-3099931381-501 - Limited - Disabled)
MARRA (S-1-5-21-590153330-3484553050-3099931381-1001 - Administrator - Enabled) => C:\Users\MARRA
WDAGUtilityAccount (S-1-5-21-590153330-3484553050-3099931381-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
8 Ball Pool (HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\com.miniclip.eightballpoolamazon) (Version: 5.9.0 - miniclip.com)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.003.20282 - Adobe)
Adobe Photoshop 2022 (HKLM-x32\...\PHSP_23_2_2) (Version: 23.2.2.325 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Advanced Scene Switcher version 95537f39e44353151b78dde8bf08bc1613fa8772 (HKLM\...\{A4ADDF26-4426-4D2E-B26A-C7C878DA8FC9}_is1) (Version: 95537f39e44353151b78dde8bf08bc1613fa8772 - )
advanced-scene-switcher version 1.19.2 (32-bit) (HKLM-x32\...\{A4ADDF26-4426-4D2E-B26A-C7C878DA8FC9}_is1) (Version: 1.19.2 - WarmUpTill)
AIMP (HKLM-x32\...\AIMP) (Version: 5.10.2414 - Artem Izmaylov)
Amazon Appstore (HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\com.amazon.venezia) (Version: release-60.13.1.0.207502.0_259610 - amazon.com)
ANT Drivers Installer x64 (HKLM\...\{209ECC4B-2A73-48FD-80C9-CDFFA9CA528D}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Atom (HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\atom) (Version: 1.58.0 - GitHub Inc.)
Audacity 3.2.2 (HKLM\...\Audacity_is1) (Version: 3.2.2 - Audacity Team)
Aurora Store (HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\com.aurora.store) (Version: 4.1.1 - aurora.com)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon Laser Printer/Scanner/Fax Extended Survey Program (HKLM\...\{8A16FF47-A5FC-49A8-96B5-31180D317059}) (Version: 3.0.4 - CANON INC.) Hidden
Canon Laser Printer/Scanner/Fax Extended Survey Program (HKLM\...\Canon Laser Printer/Scanner/Fax Extended Survey Program) (Version: 3.0.4.40070 - CANON INC.)
Canon MF645C (HKLM\...\{9651393F-E287-454c-A4D7-E657DF3AE3BE}) (Version: 6.4.0.4 - CANON INC.)
Cisco Webex Meetings (HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\ActiveTouchMeetingClient) (Version: 42.6.0 - Cisco Webex LLC)
Corel Graphics - Windows Shell Extension (HKLM\...\_{4F36AC9B-954C-4C49-8573-D2A9EF8079B4}) (Version: 22.0.0.411 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{4F36AC9B-954C-4C49-8573-D2A9EF8079B4}) (Version: 22.0.411 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (HKLM\...\{C28C908E-0E70-470C-B556-DFDDE9973766}) (Version: 22.0.411 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM (x64) (HKLM\...\{0E0F6EBF-E2BA-4B1A-ADEC-CAF4612B2AC7}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content BR (x64) (HKLM\...\{AE21B6DA-78D3-4772-81EF-9A0163BDB0C6}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content CS (x64) (HKLM\...\{EFAB3BB7-4DD2-428F-B895-F915A689B46B}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content CT (x64) (HKLM\...\{54DADE81-4911-41B9-9FA6-76C57647FB34}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content CZ (x64) (HKLM\...\{2573B4F8-4C8F-4028-A1A9-500EE2ADE30A}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content DE (x64) (HKLM\...\{9A7ABF9B-1CF1-452F-B6A9-1FD425AD12D9}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content EN (x64) (HKLM\...\{C796DB48-473A-4F12-998D-0D690570D633}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content ES (x64) (HKLM\...\{38B83748-7D9B-48DB-94EE-004D49E84BD3}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content FR (x64) (HKLM\...\{E2E7B6E9-3A6F-4421-8D1F-24ED7647B00A}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content IT (x64) (HKLM\...\{EEC60482-484C-4B29-BB56-0C04F086B372}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content JP (x64) (HKLM\...\{7AB150FE-BF0D-44F9-934A-7BC87CB9FB01}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content NL (x64) (HKLM\...\{0A404310-BE95-47B5-BE1C-5C664490EE17}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content PL (x64) (HKLM\...\{5FC18E59-85FC-478D-93C8-266AB375FF1F}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content RU (x64) (HKLM\...\{F015285B-E950-48BF-A4C6-0A1DD2C9739E}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content TR (x64) (HKLM\...\{034009FF-1AB3-4340-A66D-CBF594C1A0F2}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - Writing Tools (x64) (HKLM\...\{F404C086-454C-4485-B5F1-F3C11B8DF452}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 (64-Bit) (HKLM\...\_{7FA269F4-59E4-4399-A239-E9A134D40BED}) (Version: 22.0.0.412 - Corel Corporation)
Cross DJ Free 3.4.0 (HKLM-x32\...\MixVibes Cross DJ Free 3.4.0) (Version: 3.4.0 - MixVibes)
Discord (HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\Discord) (Version: 1.0.9003 - Discord Inc.)
Driver Booster (HKLM-x32\...\IObit Driver Booster Pro 9.2.0.178) (Version: - )
Elevated Installer (HKLM-x32\...\{3213DBEF-7413-4CC2-A3EA-2FB78177482B}) (Version: 7.13.1.0 - Garmin Ltd or its subsidiaries) Hidden
Epic Games Launcher (HKLM-x32\...\{209F4B4B-3DF2-4825-9906-D4D6A80EC09E}) (Version: 1.3.0.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
Equalizer APO (HKLM\...\EqualizerAPO) (Version: 1.2.1 - )
FFmpeg v2.2.2 for Audacity - 64bit (HKLM\...\FFmpeg for Audacity_is1) (Version: - )
FIFA 19 v.1.0-u7 (HKLM-x32\...\FIFA 19_is1) (Version: - )
FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Focusrite USB Audio Driver 1.10 (HKLM\...\Focusrite USB Audio Driver_is1) (Version: 1.10 - Focusrite Audio Engineering Ltd.)
Garmin Express (HKLM-x32\...\{dfe973c2-d1c7-4563-8c84-595f13f8792d}) (Version: 7.13.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{FDE5F9F5-0C9B-4A7A-811B-C7E32195CC2B}) (Version: 7.13.1.0 - Garmin Ltd or its subsidiaries) Hidden
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
GitHub Desktop (HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\GitHubDesktop) (Version: 2.9.4 - GitHub, Inc.)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 68.0.2.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 108.0.5359.99 - Google LLC)
Infatica P2B Network (HKLM-x32\...\{043C71DF-992B-4A8C-B584-DE65480802F8}_is1) (Version: 1.0.6.1 - )
Jpeg Resampler XE (HKLM-x32\...\JpegResamplerXE_is1) (Version: - Jpeg Resampler)
K-Lite Mega Codec Pack 17.3.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 17.3.0 - KLCP)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
LatencyMon 7.20 (HKLM\...\LatencyMon_is1) (Version: 7.20 - Resplendence Software Projects Sp.)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Ledger Live 2.45.1 (HKLM\...\c62032b2-0bca-5abc-b458-fd67cfc9e49b) (Version: 2.45.1 - Ledger Live Team)
Legion Arena (HKLM-x32\...\Legion Arena_is1) (Version: 1.3.1.1 - Lenovo Group Ltd.)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.43.0 - Lenovo Group Ltd.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 108.0.1462.46 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 108.0.1462.46 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Volume - cs-cz) (Version: 16.0.15831.20190 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\Teams) (Version: 1.5.00.11163 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{4812E2CC-BAA9-49AE-B310-DA845882322B}) (Version: 4.66.0.0 - Microsoft Corporation)
Microsoft Visual Basic for Applications 7.1 (x64) (HKLM\...\{90120064-0070-0000-0000-4000000FF1CE}) (Version: 7.1.00.00 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) English (HKLM\...\{90F60409-7000-11D3-8CFE-0150048383C9}) (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31332 (HKLM-x32\...\{3746f21b-c990-4045-bb33-1cf98cff7a68}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31332 (HKLM\...\{F4499EE3-A166-496C-81BB-51D1BCDC70A9}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31332 (HKLM\...\{3407B900-37F5-4CC2-B612-5CD5D580A163}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2019 (HKLM-x32\...\{1edcd8d2-905a-4e93-bfdf-92ed5601528a}) (Version: 16.0.28801 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2019 x64 Hosting Support (HKLM\...\{9D6CE289-E12C-38BB-9999-E2377EC118B7}) (Version: 16.0.28801 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2019 x86 Hosting Support (HKLM-x32\...\{7C931D41-F302-3494-868C-320A4F4DD9F9}) (Version: 16.0.28801 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minimal ADB and Fastboot version 1.4.3 (HKLM-x32\...\{B561660D-8B3C-491D-9E3E-293F14FCAADA}_is1) (Version: 1.4.3 - Samuel Rodberg)
MSVCRT Redists (HKLM\...\{24DB3A5E-0BC8-11E5-9A27-F04DA23A5C58}) (Version: 1.0 - Sony Creative Software Inc.) Hidden
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 2.6.2.547 - Native Instruments)
Native Instruments Native Access (HKLM-x32\...\Native Instruments Native Access) (Version: 1.14.1.156 - Native Instruments)
Native Instruments Traktor Audio 10 Driver (HKLM-x32\...\Native Instruments Traktor Audio 10 Driver) (Version: - Native Instruments)
Native Instruments Traktor Audio 2 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Audio 2 MK2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Audio 6 Driver (HKLM-x32\...\Native Instruments Traktor Audio 6 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol D2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol D2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol F1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol F1 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol S2 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S2 MK2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol S4 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S4 MK2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol S4 MK3 ASIO Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S4 MK3 ASIO Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol S5 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S5 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol S8 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S8 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol X1 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol X1 MK2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol Z1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol Z1 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol Z2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol Z2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Pro 3 (HKLM-x32\...\Native Instruments Traktor Pro 3) (Version: 3.5.2.299 - Native Instruments)
Need For Speed Most Wanted Remaster Edition (HKLM-x32\...\Need For Speed Most Wanted Remaster Edition_is1) (Version: 0.0.0 - DODI-Repacks)
NFS: Most Wanted CZ (HKLM-x32\...\NFS: Most Wanted) (Version: CZ - Sub - Zero)
NVIDIA FrameView SDK 1.3.8107.31782123 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8107.31782123 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.26.0.154 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.26.0.154 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.39.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.16 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 522.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 522.25 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 27.1.3 - OBS Project)
oCam 버전 520.0 (HKLM-x32\...\oCam_is1) (Version: 520.0 - hxxp://ohsoft.net/)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15831.20184 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.11929.20376 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Openplanet for Trackmania (HKLM-x32\...\OpenplanetNext) (Version: - Melissa Geels)
Origin (HKLM-x32\...\Origin) (Version: 10.5.111.50299 - Electronic Arts, Inc.)
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 221102 - Kakao Corp.)
reWASD (HKLM\...\reWASD) (Version: 5.8.1.4765 - Disc Soft Ltd)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
Samsung DeX (HKLM-x32\...\{43409A91-7C1A-4D28-B628-AD78F09DA3F0}) (Version: 2.4.0.27 - Samsung Electronics Co., Ltd.) Hidden
Samsung DeX (HKLM-x32\...\{a306c372-6ec4-43f0-b372-b1de15b0e935}) (Version: 2.4.0.27 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.46.0 - Samsung Electronics Co., Ltd.)
Skype verze 8.78 (HKLM-x32\...\Skype_is1) (Version: 8.78 - Skype Technologies S.A.)
Software602 Form Filler (HKLM-x32\...\{EF8155B1-A395-4AF9-ABB4-88F09FA54DB1}) (Version: 4.80 - Software602 a.s.)
Spotify (HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\Spotify) (Version: 1.1.93.896.g3ae3b4f3 - Spotify AB)
Stardock Start11 (HKLM-x32\...\Stardock Start11) (Version: 1.31 - Stardock Software, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Trackmania (HKLM-x32\...\Uplay Install 5595) (Version: - Ubisoft)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 127.1.10616 - Ubisoft)
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
VALORANT (HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
Vegas Pro 13.0 (64-bit) (HKLM\...\{1EEE0BEE-0BC8-11E5-A19E-F04DA23A5C58}) (Version: 13.0.453 - Sony)
VMS (HKLM-x32\...\VMS1.0.3.1) (Version: 1.0.3.1 - 1.0.3.1)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)

Packages:
=========
Canon Office Printer Utility -> C:\Program Files\WindowsApps\34791E63.CanonOfficePrinterUtility_12.7.0.0_x64__6e5tt8cgb93ep [2022-12-01] (Canon Inc.)
Clipchamp -> C:\Program Files\WindowsApps\Clipchamp.Clipchamp_2.5.13.0_neutral__yxz26nhyzhsrt [2022-12-12] (Microsoft Corp.)
Dolby Atmos for Gaming -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAtmosforGaming_3.20800.804.0_x64__rz1tebttyb220 [2022-10-03] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-10-03] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_141.2.441.0_x64__v10z8vjag6ke6 [2022-12-02] (HP Inc.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2209.2.0_x64__k1h2ywk1493x8 [2022-12-11] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-10-03] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-10-03] (Microsoft Corporation) [MS Ad]
ms-resource:APP_WINDOW_NAME -> C:\Program Files\WindowsApps\MicrosoftCorporationII.QuickAssist_2.0.9.0_x64__8wekyb3d8bbwe [2022-10-03] (Microsoft Corp.)
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.1.32791.0_x64__8wekyb3d8bbwe [2022-10-11] (Microsoft Corporation)
ms-resource:AppxManifest_DisplayName -> C:\Windows\SystemApps\Microsoft.Windows.PrintQueueActionCenter_cw5n1h2txyewy [2022-10-03] (Microsoft Corporation)
ms-resource:ProductPkgDisplayName -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.Core_cw5n1h2txyewy [2022-12-08] (ms-resource:ProductPublisherDisplayName)
ms-resource:System_Item_Title_IntelGraphicsControlPanel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt [2022-10-03] (INTEL CORP) [Startup Task]
ms-resource:WsaDisplayName -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WindowsSubsystemForAndroid_2211.40000.7.0_x64__8wekyb3d8bbwe [2022-12-08] (Microsoft Corp.) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-10-16] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.12.219.0_x64__dt26b99r8h8gj [2022-10-03] (Realtek Semiconductor Corp)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.11210.0_x64__8wekyb3d8bbwe [2022-12-11] (Microsoft Studios) [MS Ad]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2248.9.0_x64__cv1g1gvanyjgm [2022-12-12] (WhatsApp Inc.) [Startup Task]
WhatsApp Beta -> C:\Program Files\WindowsApps\5319275A.51895FA4EA97F_2.2249.2.0_x64__cv1g1gvanyjgm [2022-12-11] (WhatsApp Inc.) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-590153330-3484553050-3099931381-1001_Classes\CLSID\{1019ADC7-17CB-4489-AFD5-6642C7400ACE}\localserver32 -> C:\Users\MARRA\AppData\Local\Webex\Webex\Applications\ptOIEx64.exe (Cisco WebEx LLC -> Cisco WebEx LLC)
CustomCLSID: HKU\S-1-5-21-590153330-3484553050-3099931381-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\MARRA\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.22062.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-590153330-3484553050-3099931381-1001_Classes\CLSID\{32E26FD9-F435-4A20-A561-35D4B987CFDC}\InprocServer32 -> C:\Users\MARRA\AppData\Local\WebEx\WebEx64\Meetings\atucfobj.dll (Cisco WebEx LLC -> Cisco WebEx LLC)
CustomCLSID: HKU\S-1-5-21-590153330-3484553050-3099931381-1001_Classes\CLSID\{86ca1aa0-34aa-4e8b-a509-50c905bae2a2}\InprocServer32 -> => No File
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2022-12-12] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2022-12-12] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2022-12-12] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2022-12-12] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> )
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2022-12-04] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2022-12-12] (Google LLC -> Google, Inc.)
ContextMenuHandlers1-x32: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => C:\Program Files (x86)\JpegResamplerXE\JRcm.dll [2010-08-18] () [File not signed]
ContextMenuHandlers1: [JRcm64] -> {013BF2A8-A4B1-11DF-A865-F509E0D72085} => C:\Program Files (x86)\JpegResamplerXE\JRcm64.dll [2010-09-06] () [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2022-12-04] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2022-12-12] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2022-12-12] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvltig.inf_amd64_03e937c3da958a25\nvshext.dll [2022-12-08] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> )
ContextMenuHandlers6-x32: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => C:\Program Files (x86)\JpegResamplerXE\JRcm.dll [2010-08-18] () [File not signed]
ContextMenuHandlers6: [JRcm64] -> {013BF2A8-A4B1-11DF-A865-F509E0D72085} => C:\Program Files (x86)\JpegResamplerXE\JRcm64.dll [2010-09-06] () [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [310784 2019-12-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284160 2019-12-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\MARRA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VMS\Copy.lnk -> C:\Program Files (x86)\VMS\vms\bin\Copy.bat ()
Shortcut: C:\Users\MARRA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VMS\CopyJW.lnk -> C:\Program Files (x86)\VMS\vms\bin\CopyJW.bat ()

==================== Loaded Modules (Whitelisted) =============

2022-02-22 16:48 - 2022-02-22 16:48 - 000429056 _____ () [File not signed] C:\Program Files (x86)\Driver Booster\madExcept_.bpl
2021-11-07 22:49 - 2010-09-06 18:21 - 000538435 _____ () [File not signed] C:\Program Files (x86)\JpegResamplerXE\JRcm64.dll
2022-12-11 04:09 - 2022-12-11 04:09 - 101119488 _____ () [File not signed] C:\Program Files\WindowsApps\5319275A.51895FA4EA97F_2.2249.2.0_x64__cv1g1gvanyjgm\WhatsApp.dll
2022-12-11 04:09 - 2022-12-11 04:09 - 008540160 _____ () [File not signed] C:\Program Files\WindowsApps\5319275A.51895FA4EA97F_2.2249.2.0_x64__cv1g1gvanyjgm\WhatsAppNative.dll
2022-05-11 13:00 - 2007-04-23 06:00 - 005563392 _____ (ActVer©®™) [File not signed] C:\Program Files (x86)\Driver Booster\version.dll
2022-07-07 21:00 - 2018-01-29 18:26 - 000153088 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNCENPM6.dll
2017-03-02 15:19 - 2017-03-02 15:19 - 000310272 ____N (easyhook.codeplex.com) [File not signed] C:\ProgramData\Dolby\DAX3\RADARHOST\EasyHook64.dll
2022-02-22 16:48 - 2022-02-22 16:48 - 001055232 _____ (IObit.) [File not signed] C:\Program Files (x86)\Driver Booster\Register.dll
2021-11-07 23:09 - 2021-11-07 23:09 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2021-11-07 23:09 - 2021-11-07 23:09 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2021-11-07 23:09 - 2021-11-07 23:09 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2022-03-18 02:22 - 2021-11-07 23:09 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2022-03-18 02:22 - 2021-11-07 23:09 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2022-03-18 02:22 - 2021-11-07 23:09 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2022-03-18 02:22 - 2021-11-07 23:09 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2022-03-18 02:22 - 2021-11-07 23:09 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2022-03-18 02:22 - 2021-11-07 23:09 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk:F20EF51E1F [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk:1DC1525F34 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung DeX.lnk:04BD1844E0 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk:7AD7FA8AB1 [10]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TextInputManagementService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => ""="Memory"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TextInputManagementService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-11] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\sharepoint.com -> hxxps://utbcz-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2022-05-12 09:44 - 000000997 _____ C:\WINDOWS\system32\drivers\etc\hosts

2022-09-19 01:15 - 2022-12-03 22:43 - 000000440 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
172.25.80.1 MARRA-LEGION.mshome.net # 2027 12 4 2 21 43 21 58

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-590153330-3484553050-3099931381-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\MARRA\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.37.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "MFNetworkScannerSelector"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\StartupApproved\Run: => "CiscoMeetingDaemon"
HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\StartupApproved\Run: => "GarminExpress"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{39CD9027-D1DE-4F49-9142-F4E711D3DBF5}] => (Allow) D:\Games\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{963E6E87-2583-434C-B7DB-8BE5B4DC3B47}] => (Allow) D:\Games\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [UDP Query User{E5F6999E-593F-428D-9036-21243FE34B7D}C:\program files (x86)\ipctool\ipctool.exe] => (Allow) C:\program files (x86)\ipctool\ipctool.exe => No File
FirewallRules: [TCP Query User{AAE8F00E-F278-4F58-B66D-CA90F1244B8D}C:\program files (x86)\ipctool\ipctool.exe] => (Allow) C:\program files (x86)\ipctool\ipctool.exe => No File
FirewallRules: [UDP Query User{E4650F95-801B-4A98-ABE5-721760A2C903}C:\program files (x86)\vms\vms\bin\vms.exe] => (Allow) C:\program files (x86)\vms\vms\bin\vms.exe () [File not signed]
FirewallRules: [TCP Query User{4B29C66C-FA61-4379-9868-709774E31A3E}C:\program files (x86)\vms\vms\bin\vms.exe] => (Allow) C:\program files (x86)\vms\vms\bin\vms.exe () [File not signed]
FirewallRules: [UDP Query User{9C12C018-8B8E-4999-9479-B381F56EA1B5}D:\games\cs1.6\hl.exe] => (Allow) D:\games\cs1.6\hl.exe => No File
FirewallRules: [TCP Query User{C67D4C2F-87A6-4AEC-874C-5BEFA3FB323B}D:\games\cs1.6\hl.exe] => (Allow) D:\games\cs1.6\hl.exe => No File
FirewallRules: [UDP Query User{07441542-A9B0-423E-ADA9-5582AB9A4EA2}D:\games\crysisremastered\bin64\crysisremastered.exe] => (Allow) D:\games\crysisremastered\bin64\crysisremastered.exe (Crytek GmbH) [File not signed]
FirewallRules: [TCP Query User{4396677B-F35F-4290-AF12-19202A2CBA0D}D:\games\crysisremastered\bin64\crysisremastered.exe] => (Allow) D:\games\crysisremastered\bin64\crysisremastered.exe (Crytek GmbH) [File not signed]
FirewallRules: [UDP Query User{71E47EFF-9D1C-4ECE-8AE7-AE3AD8B2A304}D:\games\cyberpunk.2077.gog.rip-insaneramzes\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\games\cyberpunk.2077.gog.rip-insaneramzes\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [TCP Query User{74E56D16-DF70-41BF-96AA-2D9A7B2691DD}D:\games\cyberpunk.2077.gog.rip-insaneramzes\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\games\cyberpunk.2077.gog.rip-insaneramzes\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [UDP Query User{72562381-6D49-4E2F-8181-67B947AEAEAC}C:\users\marra\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\marra\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{5A7A9E5D-146E-41C4-A12E-542D2683A75A}C:\users\marra\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\marra\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{CE839D0B-0E61-4F2E-8CE3-2BA07F05D6C8}] => (Allow) C:\Program Files\uTorrent\utorrent.exe => No File
FirewallRules: [{767FB015-96F1-4361-A4C4-18776F34C752}] => (Allow) C:\Program Files\uTorrent\utorrent.exe => No File
FirewallRules: [{88F25B2F-752B-483D-AC16-701BBE5E6E82}] => (Allow) D:\Games\steamapps\common\Unreal Tournament 3\Binaries\UT3.exe (Epic Games Inc. -> ) [File not signed]
FirewallRules: [{A09C9F8F-8DE3-413C-8290-3F3803C4819F}] => (Allow) D:\Games\steamapps\common\Unreal Tournament 3\Binaries\UT3.exe (Epic Games Inc. -> ) [File not signed]
FirewallRules: [{B9396FC7-167E-4CFA-88C0-D2FA696A0FF5}] => (Allow) D:\Games\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe () [File not signed]
FirewallRules: [{B8652551-E4CA-432B-8F2E-0346C0D4A6F3}] => (Allow) D:\Games\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe () [File not signed]
FirewallRules: [{9930E664-4CAB-483A-B0B1-9B53C8E04D05}] => (Allow) D:\Games\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe (CD Projekt RED Sp. z o.o. -> CD Projekt Red)
FirewallRules: [{5516B6F5-A568-4CF1-8859-65BC63C1E554}] => (Allow) D:\Games\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe (CD Projekt RED Sp. z o.o. -> CD Projekt Red)
FirewallRules: [{88F53FFC-3158-4C69-9B11-4F071D69C5D8}] => (Allow) D:\Games\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe (CD Projekt Red) [File not signed]
FirewallRules: [{BCC5263E-FAE6-438A-BEDE-A65E0CACE860}] => (Allow) D:\Games\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe (CD Projekt Red) [File not signed]
FirewallRules: [{42180D00-EB28-4257-BEB4-0271FA640892}] => (Allow) D:\Games\Trackmania\trackmania.exe (NADEO SAS -> Nadeo)
FirewallRules: [{4BD03348-B254-4291-9A05-05AB2276EEF2}] => (Allow) D:\Games\Trackmania\trackmania.exe (NADEO SAS -> Nadeo)
FirewallRules: [{9642C2F2-D143-43B3-86F7-D7E889595AA3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{823DE92B-1696-4FDE-AC43-7F1FD55D2875}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E724E9E9-0304-45E8-A783-42B347332936}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{38B1FF4C-61A4-48A2-A02B-0F65F4A0654D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1D89C447-5157-4E96-B1EA-E3C45AEFB95B}] => (Block) C:\Program Files\Corel\CorelDRAW Graphics Suite 2020\Programs64\CorelPP.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{4E0FB215-5BBB-418D-8E8D-A49ACBF412B2}] => (Block) C:\Program Files\Corel\CorelDRAW Graphics Suite 2020\Programs64\CorelDrw.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [UDP Query User{8B667069-70F5-4C41-A804-E876B330EA11}C:\users\marra\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\marra\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{6BBB1161-E65E-4062-988D-344B9AAF49B7}C:\users\marra\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\marra\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{112E1AC2-34D5-4832-A186-FBE4DE05491D}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5E4934E9-3295-4619-8B19-8E818980FC5D}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DC16197A-54B6-44CB-9A54-4140F1404228}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{3A263379-F133-4EBC-BD28-58B88E25CA8B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{77C0E4CA-7543-4C4F-B4DD-C54273DF6165}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_21302.202.1065.6968_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D903AB93-2608-4F75-A72C-38FAFB9BD99D}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_21302.202.1065.6968_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{1D983511-9620-4479-AE8B-F7E700003E01}C:\users\marra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\marra\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{8A7CAF9E-BC67-4597-8D44-3017CAE15F41}C:\users\marra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\marra\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4E554741-DB92-4AC1-91A5-9E0ED0EA824A}] => (Allow) C:\Program Files\reWASD\reWASDEngine.exe (SIA AVB Disc Soft -> Disc Soft Ltd)
FirewallRules: [{913230A5-BD8C-4ED9-934D-5C5A2333242F}] => (Allow) C:\Program Files\reWASD\reWASDEngine.exe (SIA AVB Disc Soft -> Disc Soft Ltd)
FirewallRules: [{F08FE8CE-3302-44B1-9A72-273182D64C12}] => (Allow) LPort=35474
FirewallRules: [{D1A26F11-4D8E-432A-9F36-007DF7190D92}] => (Allow) LPort=35474
FirewallRules: [{F44C1DD3-2C04-4FE9-89B1-0B502192CF74}] => (Allow) LPort=35475
FirewallRules: [{3940D517-C618-4CFA-8993-17AE8A733CE9}] => (Allow) LPort=35475
FirewallRules: [{5B6EAE54-DAC8-41D2-A128-26A418AB19F4}] => (Allow) LPort=35476
FirewallRules: [{AB3C7D97-DEB8-46CA-BEBB-D2EE07524054}] => (Allow) LPort=35476
FirewallRules: [{8A240337-B96D-4884-91C7-F033E8C2EED0}] => (Allow) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{094DE1D3-A097-467E-886A-054139371914}] => (Allow) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [TCP Query User{17EB4F5B-158C-437D-8F1F-DF9283169623}D:\games\riot games\riot client\riotclientservices.exe] => (Allow) D:\games\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{CCCE83E4-6C99-486E-9C0D-82521E885ECB}D:\games\riot games\riot client\riotclientservices.exe] => (Allow) D:\games\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{BE73EE6D-929F-49CB-9787-E266CF3AF3CD}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [{883ACB19-4304-4098-B596-E51DA4D1E3B3}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [TCP Query User{C3AA0BD9-A41A-4036-8579-9336609899A1}C:\program files\ledger live\ledger live.exe] => (Allow) C:\program files\ledger live\ledger live.exe (LEDGER SAS -> Ledger Live Team)
FirewallRules: [UDP Query User{3B8A81A2-8B38-438A-8CE5-78C2B4A59592}C:\program files\ledger live\ledger live.exe] => (Allow) C:\program files\ledger live\ledger live.exe (LEDGER SAS -> Ledger Live Team)
FirewallRules: [{988C6A73-CC5B-4D9D-A15A-F4F808884B36}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1FB67AE8-25D0-4173-B007-E791D5D6D2A3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8EB4439E-4BB5-4CC3-8244-38E5A5BDC325}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7FD245C6-58F4-4A58-98B7-85A203FCCCDB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{95BC7ED3-110D-4678-870E-AAEFA157CB03}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{826D7578-11DA-46CC-B945-A64B21C3017A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{24B950D9-1C19-4CAA-88A8-52458325AF6F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{9FA978C2-A74B-4A25-8663-89F70084D783}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{801F9544-5DF9-468C-B890-2F8A989D085F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F2086651-4D9F-48CE-AFB4-1BC267B4683F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{61F42AEB-D68B-40C7-9284-00BFFA64C19F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2B55B6DB-97A6-44F8-8D2B-E7F96FC7A78C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C64D011B-8E8A-41CD-A038-2C611FDB3E31}] => (Allow) C:\Program Files\WindowsApps\MicrosoftCorporationII.WindowsSubsystemForAndroid_2211.40000.7.0_x64__8wekyb3d8bbwe\WsaClient\WsaClient.exe () [File not signed]
FirewallRules: [{676C039B-AC55-40AF-B339-D862EF28CE3E}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{0C18FDFD-8BC1-45CC-BC7E-4AF9D430A248}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\108.0.1462.46\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

05-12-2022 22:10:04 Windows Update
08-12-2022 09:47:06 Driver Booster : Auto Update
12-12-2022 17:44:22 Windows Update
12-12-2022 17:44:23 Windows Update

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/13/2022 01:21:47 PM) (Source: NIHardwareService) (EventID: 259) (User: )
Description: MIDIDevice: Unable to unlock BMIDI DLL/driver

Error: (12/12/2022 09:51:01 PM) (Source: Application Error) (EventID: 1000) (User: MARRA-LEGION)
Description: Název chybující aplikace: AXKTTYFUADTDRMOT.exe, verze: 10.0.22593.1, časové razítko: 0xd64c5a80
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000140003be2
ID chybujícího procesu: 0x0x39b0
Čas spuštění chybující aplikace: 0x0x1d90e630d7dc827
Cesta k chybující aplikaci: C:\Users\MARRA\AppData\Roaming\Spotify\Apps\AXKTTYFUADTDRMOT.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 79cf12b9-a7a1-4c94-a6e6-7b1982391098
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/12/2022 08:50:55 PM) (Source: Application Error) (EventID: 1000) (User: MARRA-LEGION)
Description: Název chybující aplikace: AXKTTYFUADTDRMOT.exe, verze: 10.0.22593.1, časové razítko: 0xd64c5a80
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000140003be2
ID chybujícího procesu: 0x0x49f8
Čas spuštění chybující aplikace: 0x0x1d90e524629c92b
Cesta k chybující aplikaci: C:\Users\MARRA\AppData\Roaming\Spotify\Apps\AXKTTYFUADTDRMOT.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 26ec7cbb-44f2-4813-aa66-670344a61d9f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/12/2022 06:50:49 PM) (Source: Application Error) (EventID: 1000) (User: MARRA-LEGION)
Description: Název chybující aplikace: AXKTTYFUADTDRMOT.exe, verze: 10.0.22593.1, časové razítko: 0xd64c5a80
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000140003be2
ID chybujícího procesu: 0x0x2d48
Čas spuštění chybující aplikace: 0x0x1d90e49e0a9cc4b
Cesta k chybující aplikaci: C:\Users\MARRA\AppData\Roaming\Spotify\Apps\AXKTTYFUADTDRMOT.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 73f41fd3-ea37-42cb-ae1d-29a353f53ec6
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/12/2022 05:50:42 PM) (Source: Application Error) (EventID: 1000) (User: MARRA-LEGION)
Description: Název chybující aplikace: AXKTTYFUADTDRMOT.exe, verze: 10.0.22593.1, časové razítko: 0xd64c5a80
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000140003be2
ID chybujícího procesu: 0x0xfe4
Čas spuštění chybující aplikace: 0x0x1d90e3919226655
Cesta k chybující aplikaci: C:\Users\MARRA\AppData\Roaming\Spotify\Apps\AXKTTYFUADTDRMOT.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 09b21f9f-16ca-4b69-9e48-f9f7f9b6d6e0
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/12/2022 03:50:36 PM) (Source: Application Error) (EventID: 1000) (User: MARRA-LEGION)
Description: Název chybující aplikace: AXKTTYFUADTDRMOT.exe, verze: 10.0.22593.1, časové razítko: 0xd64c5a80
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000140003be2
ID chybujícího procesu: 0x0x3f4c
Čas spuštění chybující aplikace: 0x0x1d90e30b36cbbf8
Cesta k chybující aplikaci: C:\Users\MARRA\AppData\Roaming\Spotify\Apps\AXKTTYFUADTDRMOT.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: b2c82826-6597-4c35-a312-14af2f90c506
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/12/2022 02:50:29 PM) (Source: Application Error) (EventID: 1000) (User: MARRA-LEGION)
Description: Název chybující aplikace: AXKTTYFUADTDRMOT.exe, verze: 10.0.22593.1, časové razítko: 0xd64c5a80
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000140003be2
ID chybujícího procesu: 0x0x4704
Čas spuštění chybující aplikace: 0x0x1d90e284def5492
Cesta k chybující aplikaci: C:\Users\MARRA\AppData\Roaming\Spotify\Apps\AXKTTYFUADTDRMOT.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: b011a4cf-8a57-48ae-812f-4e1d106e58c9
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/12/2022 01:50:23 PM) (Source: Application Error) (EventID: 1000) (User: MARRA-LEGION)
Description: Název chybující aplikace: AXKTTYFUADTDRMOT.exe, verze: 10.0.22593.1, časové razítko: 0xd64c5a80
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000140003be2
ID chybujícího procesu: 0x0xd08
Čas spuštění chybující aplikace: 0x0x1d90e1784c35879
Cesta k chybující aplikaci: C:\Users\MARRA\AppData\Roaming\Spotify\Apps\AXKTTYFUADTDRMOT.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 1905fb2d-6b62-456e-bf1a-58301d2f7a85
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (12/11/2022 04:19:58 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba cplspcon byla ukončena s následující chybou:
Nespecifikovaná chyba

Error: (12/11/2022 04:09:38 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NBDXK71NK08-5319275A.51895FA4EA97F.

Error: (12/11/2022 04:02:29 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (12/08/2022 09:51:07 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Intel(R) Content Protection HDCP Service byla ukončena s následující chybou:
Nespecifikovaná chyba

Error: (12/08/2022 09:50:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (12/08/2022 09:50:53 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba NVIDIA LocalSystem Container byla ukončena s následující chybou:
Obecný spustitelný příkaz vrátil výsledek označující selhání.

Error: (12/08/2022 08:15:40 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba cplspcon byla ukončena s následující chybou:
Nespecifikovaná chyba

Error: (12/06/2022 11:24:34 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9MSSGKG348SP-MicrosoftWindows.Client.WebExperience.


Windows Defender:
================
Date: 2022-12-13 12:54:49
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5D236452-20EE-4363-944A-D817597CCB8A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-12-12 13:05:49
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {7EB21E76-A09C-4CB5-A2F8-4B6E25AC19C0}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-12-11 04:00:21
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {9890E01C-5D3D-465F-8196-A11B5258A54E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-12-07 15:27:05
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {DE970729-1524-4954-81D5-B6EB9131C796}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-12-06 14:33:34
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {DD827D5B-4526-4CF9-B906-24C741AE08C7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2022-12-13 13:32:09
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2022-12-13 13:22:21
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO EFCN57WW 09/05/2022
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i5-10300H CPU @ 2.50GHz
Percentage of memory in use: 46%
Total physical RAM: 16251.8 MB
Available physical RAM: 8637.39 MB
Total Virtual: 18683.8 MB
Available Virtual: 6008.22 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:475.76 GB) (Free:141.22 GB) (Model: SKHynix_HFS512GD9TNI-L2A0B) NTFS
Drive d: (Data) (Fixed) (Total:931.5 GB) (Free:410.08 GB) (Model: KINGSTON SA2000M81000G) NTFS
Drive g: (m...@gmail.com - Googl...) (Fixed) (Total:200 GB) (Free:125.79 GB) (Model: KINGSTON SA2000M81000G) FAT32
Drive h: (f...@gmail.com - G...) (Fixed) (Total:15 GB) (Free:14.84 GB) (Model: KINGSTON SA2000M81000G) FAT32

\\?\Volume{e5506172-f637-4348-b35e-771ae04cbe0e}\ () (Fixed) (Total:1.06 GB) (Free:0.08 GB) NTFS
\\?\Volume{1ed93b7f-5be7-4a70-beef-f270ca27c456}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Size: 476.9 GB) (Disk ID: 01F9E3F6)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118193
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu / radu

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

marrahouser
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 13 pro 2022 13:33

Re: Prosím o kontrolu logu / radu

#3 Příspěvek od marrahouser »

Díky. Posílám. Nabízelo to i hození jednoho základního Lenovo nástroje do karantény, ale ten jsem ponechal.

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-14-2022
# Duration: 00:00:00
# OS: Windows 11 (Build 22623.1028)
# Cleaned: 5
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\MARRA\AppData\Roaming\IObit\Advanced SystemCare

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\DRIVER BOOSTER SCHEDULER

***** [ Registry ] *****

Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3E2803A-7FCB-42A7-85B4-6B19ED9A9739}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler

***** [ Chromium (and derivatives) ] *****

Deleted Bitly | Short links and QR Codes - iabeihobmhlgpkcgjiloemdbofjbdcic

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2299 octets] - [14/12/2022 15:33:04]
AdwCleaner[S01].txt - [2360 octets] - [14/12/2022 15:35:04]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118193
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu / radu

#4 Příspěvek od Rudy »

OK. Dejte nové logy FRST+Additzion.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

marrahouser
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 13 pro 2022 13:33

Re: Prosím o kontrolu logu / radu

#5 Příspěvek od marrahouser »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-12-2022
Ran by MARRA (administrator) on MARRA-LEGION (LENOVO 81Y6) (14-12-2022 17:18:38)
Running from C:\Users\MARRA\Downloads
Loaded Profiles: MARRA
Platform: Microsoft Windows 11 Pro Version 22H2 22623.1028 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <32>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\esif_uf.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\Sgrm\SgrmBroker.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvltig.inf_amd64_03e937c3da958a25\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(services.exe ->) (STARDOCK SYSTEMS, INC. -> Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start11\Start11Srv.exe
(STARDOCK SYSTEMS, INC. -> Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start11\Start11_64.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows\UUS\Packages\1022.1108.2012.0\amd64\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22102.213.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(svchost.exe ->) (WhatsApp Inc.) C:\Program Files\WindowsApps\5319275A.51895FA4EA97F_2.2249.2.0_x64__cv1g1gvanyjgm\WhatsApp.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1084704 2020-05-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3183328 2021-11-30] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [MFNetworkScannerSelector] => C:\Program Files\Canon\Canon MF Network Scanner Selector\CMFNSS6.EXE [459904 2018-01-30] (CANON INC. -> CANON INC.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2022-12-12] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2022-12-12] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\MARRA\AppData\Local\WebEx\WebexHost.exe [7803680 2022-07-14] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2022-12-12] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [7223248 2022-11-14] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2022-12-12] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\CnXP0PP: C:\Windows\System32\spool\prtprocs\x64\CnXP0PP.DLL [655360 2021-04-13] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon MFNP Port: C:\Windows\system32\CNCENPM6.dll [153088 2018-01-29] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\CPCA Language Monitor3b: C:\Windows\system32\CNAS0MOK.DLL [1282048 2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\CPCA Language Monitor4: C:\Windows\system32\CNAS0MPK.DLL [1784320 2021-04-07] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Software602 XPS port monitor: C:\Windows\system32\602localmon.dll [47896 2021-09-23] (Software602 a.s. -> Windows (R) Win 7 DDK provider)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\108.0.5359.100\Installer\chrmstp.exe [2022-12-14] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\Users\MARRA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RuntimeBroker.lnk [2021-11-07]
ShortcutTarget: RuntimeBroker.lnk -> C:\Users\MARRA\AppData\Roaming\Corel User Preferences\Backup files\CorelDRAW Graphics Suite 2021.exe (No File)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0600DD45-FAF2-4131-A006-0B17509B9F78} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\sc.exe start InventorySvc
Task: {063E2175-10DE-480B-B453-7E1F7268A2F9} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {0640839D-ED74-496F-89A9-36EE7AEB2C00} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\8d221ea5-137e-4eea-8a8b-ae1eb2a37bd7 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {07C81256-313A-4394-8180-E802400F0B33} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {0A16CAE1-7947-4C09-90F4-61955828B3A3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26308528 2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {0A4DD3DB-0FF4-4502-AA0B-93E1E65BDE7F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26308528 2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {0DBE9974-68F4-405B-8F6C-A7774AEA1E25} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [64256 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {1AE598B5-7473-4E74-9056-68B4C6A01DA8} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\f36d665d-bb0f-427d-a907-ab34480f66be => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {1D5B83E5-9322-456C-B634-5BB0F00FA801} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {22D10638-6750-4BB5-A974-C355D4D1277A} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2113024 2022-11-12] () [File not signed]
Task: {2D239381-326E-456A-8C90-0266F86845A9} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908856 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {368B8E03-73E8-4971-8D80-980648A604C5} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {39D76B9C-1E4F-4101-AAAB-A2F09167DD5F} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {4972FFD7-36DB-4F9B-B365-8EE70D43285F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4D3144BA-EF72-4CE3-857D-85B3B142C07D} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\3d19a378-329a-4d71-a5ac-95067ac458db => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {50044330-C124-441B-8E96-E221B503A05E} - System32\Tasks\Driver Booster SkipUAC (MARRA) => C:\Program Files (x86)\Driver Booster\DriverBooster.exe [8645120 2022-02-22] (IObit) [File not signed]
Task: {511911D9-79C4-4CB8-92D5-BFE611C9BB9D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144256 2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {54A5869E-13BB-4FA2-BA99-4AC65BDA6A87} - System32\Tasks\Canon\OIPPESP\Canon OIP Product Extended Survey Program => C:\Program Files\Canon\OIPPESP\Cnpspcnt.exe [1826264 2020-07-29] (CANON INC. -> CANON INC.) -> /Config:"C:\Program Files\Canon\OIPPESP\CnpspCfg.xml"
Task: {65A08212-014C-4BFA-9DA8-878A11D28169} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {7389EAC4-87D2-4DE7-B2E5-99216CC425EC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8509392 2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {74A0949D-CFF2-43E9-94DC-0487FB28B188} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {74F497D4-26F7-4076-B163-6795D5628A1B} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {7748CAAC-9D70-4BCC-BD8E-49F1AFBB849C} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {7A97D391-7842-4D68-B1CC-A754C7376E53} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {7EA41311-35A4-412A-B5B8-8F7FA6D0BC50} - System32\Tasks\infatica_p2b => C:\Program Files (x86)\Infatica P2B\infatica-service-app.exe [20072 2021-12-04] (Infatica pte ltd -> )
Task: {817EEC8F-623C-49CC-AEBD-0A2A50FA63E4} - System32\Tasks\infatica_p2b_expire => C:\Program Files (x86)\Infatica P2B\unins000.exe [1202329 2022-11-28] () [File not signed]
Task: {85E021BD-E504-4271-B13C-ADDEEA47F2FD} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => C:\WINDOWS\system32\MusNotification.exe /RunOnBattery ReadyToReboot (No File)
Task: {87ED0DB6-478D-4570-AD26-84887995336D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-11-07] (Google LLC -> Google LLC)
Task: {895ED478-B315-48BC-9D08-CC55568B9B93} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [149280 2022-09-23] (Lenovo -> Lenovo Group Ltd.)
Task: {8C82D4DB-625C-4DB9-955C-8DCC6E0587F6} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908856 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {8F7690D6-5913-47A0-91B4-02436CA82158} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\Driver Booster\AutoUpdate.exe [135704 2022-01-06] (IObit CO., LTD -> IObit)
Task: {9191F6E0-C833-4647-A738-73020A5F4819} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {925B9440-0D9A-4ED2-9AD6-2BB63FEA6635} - System32\Tasks\oCamTask => C:\Program Files (x86)\oCam\oCamTask.exe [156344 2021-06-17] (OORT Inc. -> oh!soft)
Task: {95FF1379-1F33-482C-945C-6E9155CA0085} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9C9BD1A4-013B-47E5-9CE0-B25A2C7273D7} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {9CD4822C-3D07-4C2E-8E43-AE5B5CACEF9F} - System32\Tasks\Lenovo\Vantage\Schedule\SettingsWidgetAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {A5E090A5-D0D0-4CA8-91C1-8BC48EAE063A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A9F95339-4BFB-4589-B85B-127D741446CF} - System32\Tasks\Microsoft\Windows\PI\SecureBootEncodeUEFI => C:\WINDOWS\system32\SecureBootEncodeUEFI.exe [94208 2022-10-03] (Microsoft Windows -> )
Task: {B0332532-9FE3-41F6-B23A-819CEBC0C864} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {C07A0098-27B0-443A-AE63-A48D6211BCD2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8509392 2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {C4C3A925-208D-41C0-8EB9-771D8579E073} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {C7F6C0A1-251E-4776-8220-A07CF1A26241} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [146816 2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {D274D3C0-AE7D-4306-BD23-BFD529F04220} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [28048 2022-05-19] (Garmin International, Inc. -> )
Task: {D3F771E7-01D7-4A4E-9637-A8F4DFDC771E} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\WINDOWS\system32\MusNotification.exe /RunOnAC ReadyToReboot (No File)
Task: {D51E7714-9273-41B0-82E3-40D5DE26F0BD} - System32\Tasks\CorelUpdateHelperTaskCore => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3573024 2020-01-14] (Corel Corporation -> Corel Corporation)
Task: {DF828C33-5812-45FD-B6DC-B726522D1D3F} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\f1c9a118-531f-4d6b-8958-57b544692779 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File)
Task: {E52759F0-C04F-4A23-8379-2889D71A5BFD} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NoUACCheck
Task: {EA224208-6F03-4B8D-B5B4-8B153DB2681B} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {EAA1E4D0-5B95-4582-A6B0-DFCFC5DF7E68} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-08-30] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {EDA87CBC-EE19-44FC-A100-1FF430958E1A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {EDDBCE98-036E-4C37-9D2C-0B6C32420398} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\0cc6debf-8004-480a-8700-252bd030c133 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {F4FB9E57-8D1F-4248-8B9A-C2D547461A9D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-11-07] (Google LLC -> Google LLC)
Task: {F5D796D2-A32D-4ED0-8F79-461A806C0856} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2022-10-17] (Nvidia Corporation -> NVIDIA Corporation)
Task: {F5FE27CF-8412-4EAD-82D4-5112A1931EDE} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {FA6A80FA-AAB1-48B0-9498-0A9776CE4ACF} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144256 2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {FB477F27-EF83-42A7-A3BF-E62D4AFAF9ED} - System32\Tasks\AXKTTYFUADTDRMOT_run => C:\Users\MARRA\AppData\Roaming\Spotify\Apps\AXKTTYFUADTDRMOT.exe [69632 2022-04-14] (Microsoft Corporation) [File not signed]

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.37.37
Tcpip\..\Interfaces\{4fbf3329-0b7b-4878-b3eb-5f32f3d9d09e}: [DhcpNameServer] 192.168.37.37
Tcpip\..\Interfaces\{9aa5d1b5-8a72-42db-8483-00b8aeaa47ad}: [DhcpNameServer] 192.168.37.37

Edge:
=======
Edge Profile: C:\Users\MARRA\AppData\Local\Microsoft\Edge\User Data\Default [2022-08-01]

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2018-01-08] (Software602 a.s. -> Software602 a.s.)

Chrome:
=======
CHR Profile: C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default [2022-12-14]
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://meet.google.com; hxxps://svetzitrka.eu.teamwork.com
CHR Extension: (Dark Theme for Google Chrome) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\annfbnbieaamhaimclajlajpijgkdblo [2022-02-09]
CHR Extension: (Tampermonkey) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2022-11-29]
CHR Extension: (Copyfish 🐟 Free OCR Software) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\eenjdnjldapjajjofmldgmkjaienebbj [2022-08-17]
CHR Extension: (Samsung Internet) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\epejdmjgfibjaffbmojllapapjejipkh [2022-11-16]
CHR Extension: (Surfer) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\faapilcgnafanfcdhlkjijhoimmlhmjn [2022-09-07]
CHR Extension: (Weebly Dashboard Extension) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkhpeihpgdipchpfmddkfcigllaaiaki [2021-11-07]
CHR Extension: (Chain Reaction) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gemgfpodpjapjhfohdlibagceiknakpa [2021-11-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-30]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-12-01]
CHR Extension: (Bitly | Short links and QR Codes) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\iabeihobmhlgpkcgjiloemdbofjbdcic [2022-12-14]
CHR Extension: (Apex Screen Recorder & Screenshot Master) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkkmokkmlbkkgdnkkancbonkbbmkioc [2022-10-07]
CHR Extension: (WhatFont) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2021-11-07]
CHR Extension: (Cisco Webex Extension) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2022-07-23]
CHR Extension: (View image) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpcmhcelnjdmblfmjabdeclccemkghjk [2022-06-15]
CHR Extension: (Chrome Audio Capture) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfokdmfpdnokpmpbjhjbcabgligoelgp [2022-01-08]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2022-02-23]
CHR Extension: (Kontrola e-mailu Google) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2021-11-07]
CHR Extension: (Clipt) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpicahlgepngcpigiiebnheihgbaenh [2022-06-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-07]
CHR Extension: (Hlídač Shopů) - C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlonggbfebcjelncogcnclagkmkikk [2022-11-25]
CHR Profile: C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-03-04]
CHR Profile: C:\Users\MARRA\AppData\Local\Google\Chrome\User Data\System Profile [2022-03-04]
CHR HKU\S-1-5-21-590153330-3484553050-3099931381-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s. -> Software602 a.s.)
S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12544456 2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
S2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_925ded1d9428eaee\DAX3API.exe [2205144 2020-12-22] (Dolby Laboratories, Inc. -> Dolby Laboratories)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2021-10-01] (Epic Games Inc. -> Epic Games, Inc.)
S2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [390400 2020-05-22] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
S2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
S2 IntelAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_5a9d4e2af428d38d\\AS\\IAS\\IntelAudioService.exe [412160 ] (Intel Corporation -> Intel)
S3 InventorySvc; C:\WINDOWS\system32\inventorysvc.dll [304480 2022-07-20] (Microsoft Windows -> Microsoft Corporation)
S2 LenovoFnAndFunctionKeys; C:\WINDOWS\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_da914fb427b10059\LenovoUtilityService.exe [245968 2022-11-13] (Lenovo -> Lenovo(beijing) Limited)
S2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\\3.13.43.0\LenovoVantageService.exe [32464 ] (Lenovo -> Lenovo Group Ltd.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2563288 2022-02-22] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3481824 2022-02-22] (Electronic Arts, Inc. -> Electronic Arts)
S2 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S2 reWASDService; C:\Program Files\reWASD\reWASDService.exe [2676472 2021-12-15] (SIA AVB Disc Soft -> Disc Soft Ltd)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [249344 2022-11-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SgrmBroker; C:\WINDOWS\system32\Sgrm\SgrmBroker.exe [414632 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2021-06-23] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [920768 2021-06-23] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 Start11; C:\Program Files (x86)\Stardock\Start11\Start11Srv.exe [251240 2022-12-07] (STARDOCK SYSTEMS, INC. -> Stardock Software, Inc)
R2 TextInputManagementService; C:\WINDOWS\System32\TabSvc.dll [266240 2022-07-20] (Microsoft Windows -> Microsoft Corporation)
S2 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10429808 2021-11-30] (Riot Games, Inc. -> Riot Games, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WsaService; C:\Program Files\WindowsApps\MicrosoftCorporationII.WindowsSubsystemForAndroid_2211.40000.7.0_x64__8wekyb3d8bbwe\WsaService\WsaService.exe [273408 2022-12-08] () [File not signed]
S3 wuauserv; C:\WINDOWS\system32\wuauserv.dll [137560 2022-11-29] (Microsoft Windows -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvltig.inf_amd64_03e937c3da958a25\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvltig.inf_amd64_03e937c3da958a25\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ApkbfiltrService; C:\WINDOWS\System32\drivers\Apkbfiltr.sys [39760 2022-05-11] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
R2 bfs; C:\WINDOWS\system32\drivers\bfs.sys [91504 2022-07-20] (Microsoft Windows -> Microsoft Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 FFUsbAudio; C:\WINDOWS\System32\drivers\ffusbaudio.sys [53080 2011-10-31] (Focusrite Audio Engineering Limited -> Focusrite Audio Engineering Ltd.)
R0 fse; C:\WINDOWS\System32\drivers\fse.sys [218456 2022-10-11] (Microsoft Windows -> Microsoft Corporation)
S0 GenPass; C:\WINDOWS\System32\DriverStore\FileRepository\genpass.inf_amd64_bef88a423225ecdc\genpass.sys [62800 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R0 hidgamemap; C:\WINDOWS\System32\drivers\hidgamemap.sys [344784 2021-12-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 ITEHIDfilter; C:\WINDOWS\System32\drivers\ITEHIDfilter.sys [28104 2022-05-11] (ITE Tech. Inc. -> ITE Tech. Inc.)
S3 kf1avs; C:\WINDOWS\System32\Drivers\kf1avs.sys [357968 2011-09-15] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH)
S3 kf1usb_svc; C:\WINDOWS\System32\Drivers\kf1usb.sys [47696 2011-09-15] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH)
R3 MpKsldd834894; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{334E4029-A171-4C02-A6E8-CD653B4DA7DD}\MpKslDrv.sys [214280 2022-12-14] (Microsoft Windows -> Microsoft Corporation)
S3 niks4m3audio; C:\WINDOWS\System32\Drivers\niks4m3audio.sys [354248 2018-06-28] (Native Instruments GmbH -> Native Instruments GmbH)
S3 niks4m3bd; C:\WINDOWS\System32\drivers\niks4m3bd.sys [35712 2018-10-22] (Native Instruments GmbH -> Native Instruments GmbH)
S3 niks4m3dfu; C:\WINDOWS\System32\drivers\niks4m3dfu.sys [39840 2018-10-22] (Native Instruments GmbH -> Native Instruments GmbH)
S3 niks4m3usb; C:\WINDOWS\System32\drivers\niks4m3usb.sys [75160 2018-06-28] (Native Instruments GmbH -> Native Instruments GmbH)
S3 nita6audio; C:\WINDOWS\System32\Drivers\nita6audio.sys [372608 2015-09-04] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH)
S3 nita6usb; C:\WINDOWS\system32\DRIVERS\nita6usb.sys [95592 2015-09-04] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
S0 pvscsi; C:\WINDOWS\System32\drivers\pvscsii.sys [45408 2022-05-07] (Microsoft Windows -> VMware, Inc.)
S3 RoutePolicy; C:\WINDOWS\System32\drivers\RoutePolicy.sys [98304 2022-05-07] (Microsoft Windows -> )
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [27744 2021-03-09] (Daniel Terhell -> Resplendence Software Projects Sp.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8480608 2021-11-29] (Riot Games, Inc. -> Riot Games, Inc.)
S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [94208 2022-05-07] (Microsoft Windows -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2022-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [473376 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99616 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
R2 wtd; C:\WINDOWS\System32\drivers\wtd.sys [118784 2022-11-08] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-12-14 15:32 - 2022-12-14 15:35 - 000000000 ____D C:\AdwCleaner
2022-12-14 15:31 - 2022-12-14 15:32 - 008791352 _____ (Malwarebytes) C:\Users\MARRA\Downloads\adwcleaner.exe
2022-12-14 13:57 - 2022-12-14 13:57 - 000728484 _____ C:\WINDOWS\system32\perfh005.dat
2022-12-14 13:57 - 2022-12-14 13:57 - 000151700 _____ C:\WINDOWS\system32\perfc005.dat
2022-12-13 13:29 - 2022-12-14 17:19 - 000036523 _____ C:\Users\MARRA\Downloads\FRST.txt
2022-12-13 13:28 - 2022-12-14 17:18 - 000000000 ____D C:\FRST
2022-12-13 13:27 - 2022-12-13 13:27 - 002375680 _____ (Farbar) C:\Users\MARRA\Downloads\FRST64.exe
2022-12-13 13:16 - 2022-12-13 13:16 - 008753904 _____ (Lenovo Group Limited ) C:\Users\MARRA\Downloads\efcn57ww.exe
2022-12-13 12:48 - 2022-12-13 12:48 - 000620355 _____ C:\Users\MARRA\Downloads\DrazebnivyhlaskaNVelektronickadrazba(1.kolo)20221026104244.pdf
2022-12-13 12:48 - 2022-12-13 12:48 - 000170903 _____ C:\Users\MARRA\Downloads\0900533208.pdf
2022-12-13 12:47 - 2022-12-13 12:47 - 000489871 _____ C:\Users\MARRA\Downloads\Drazebnivyhlaskaelektronicka2013[signed][signed].pdf
2022-12-10 03:22 - 2022-12-10 03:22 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_nita6usb_01011.Wdf
2022-12-08 09:49 - 2022-12-08 09:49 - 012453928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 010220584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 006514440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 005891112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 005856792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 005816296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 003334696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 002237000 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-12-08 09:49 - 2022-12-08 09:49 - 002237000 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-12-08 09:49 - 2022-12-08 09:49 - 002163752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 001642600 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-12-08 09:49 - 2022-12-08 09:49 - 001642600 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-12-08 09:49 - 2022-12-08 09:49 - 001619984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 001531896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 001444424 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 001444424 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 001227304 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 001191960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 001168992 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 001168992 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 000949736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 000853544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-12-08 09:49 - 2022-12-08 09:49 - 000851984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 000737784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-12-08 09:49 - 2022-12-08 09:49 - 000734720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 000673320 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 000506872 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-12-08 09:49 - 2022-12-08 09:49 - 000457752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-12-08 09:49 - 2022-12-08 09:49 - 000100741 _____ C:\WINDOWS\system32\nvinfo.pb
2022-12-08 09:47 - 2022-12-08 09:47 - 017388440 _____ C:\WINDOWS\system32\RsEyeContactCorrection_Assets.dll
2022-12-08 09:47 - 2022-12-08 09:47 - 015824792 _____ C:\WINDOWS\system32\RsDMFT_Assets.dll
2022-12-08 09:47 - 2022-12-08 09:47 - 013414320 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RsDMFT64.dll
2022-12-08 09:47 - 2022-12-08 09:47 - 001185640 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2022-12-07 15:28 - 2022-12-07 15:28 - 000016533 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-12-07 15:27 - 2022-12-07 15:27 - 000000000 ___HD C:\$WinREAgent
2022-12-05 23:20 - 2022-12-05 23:27 - 009959556 _____ C:\Users\MARRA\Downloads\dj-profilovka_VRSTVY.psd
2022-12-05 23:05 - 2022-12-05 23:07 - 112431604 _____ C:\Users\MARRA\Downloads\A3_plakat_zijuhudbou.psd
2022-12-05 01:11 - 2022-12-05 01:13 - 000897445 _____ C:\Users\MARRA\Downloads\Stanoveni Usekove mereni (1).pdf
2022-12-04 21:53 - 2022-12-04 21:53 - 000365566 _____ C:\Users\MARRA\Downloads\CJUZSVM_BUH_5637_2022BUHM(1).pdf
2022-12-04 21:52 - 2022-12-04 21:52 - 000105623 _____ C:\Users\MARRA\Downloads\Stanoveni minimalniho poctu clenu okrskove volebni komise.pdf
2022-12-04 21:51 - 2022-12-04 21:51 - 000897445 _____ C:\Users\MARRA\Downloads\Stanoveni Usekove mereni.pdf
2022-12-04 21:50 - 2022-12-04 21:50 - 000100444 _____ C:\Users\MARRA\Downloads\Informace o poctu a sidle volebnich okrsku.pdf
2022-12-04 21:49 - 2022-12-04 21:50 - 001901798 _____ C:\Users\MARRA\Downloads\Zamer mesta na najem v k.u. Uhersky Brod.pdf
2022-12-04 00:55 - 2022-12-04 00:55 - 000000000 ____D C:\Users\MARRA\Documents\Špajza
2022-12-04 00:51 - 2022-12-04 00:51 - 000496110 _____ C:\Users\MARRA\Downloads\20220310102156.pdf
2022-11-28 23:27 - 2022-11-28 23:27 - 000003390 _____ C:\WINDOWS\system32\Tasks\infatica_p2b_expire
2022-11-28 23:27 - 2022-11-28 23:27 - 000003300 _____ C:\WINDOWS\system32\Tasks\klcp_update
2022-11-28 23:27 - 2022-11-28 23:27 - 000003292 _____ C:\WINDOWS\system32\Tasks\infatica_p2b
2022-11-28 23:27 - 2022-11-28 23:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2022-11-28 23:27 - 2022-11-28 23:27 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2022-11-28 23:27 - 2022-11-28 23:27 - 000000000 ____D C:\Program Files (x86)\Infatica P2B
2022-11-28 23:27 - 2019-12-28 11:00 - 000784384 _____ C:\WINDOWS\system32\xvidcore.dll
2022-11-28 23:27 - 2019-12-28 11:00 - 000681984 _____ C:\WINDOWS\SysWOW64\xvidcore.dll
2022-11-28 23:27 - 2019-12-28 11:00 - 000310784 _____ C:\WINDOWS\system32\xvidvfw.dll
2022-11-28 23:27 - 2019-12-28 11:00 - 000284160 _____ C:\WINDOWS\SysWOW64\xvidvfw.dll
2022-11-28 23:27 - 2017-07-30 12:50 - 003850240 _____ (x264vfw project) C:\WINDOWS\SysWOW64\x264vfw.dll
2022-11-28 23:27 - 2017-07-30 12:50 - 003799552 _____ (x264vfw project) C:\WINDOWS\system32\x264vfw64.dll
2022-11-28 23:27 - 2012-07-21 12:55 - 000180736 _____ (fccHandler) C:\WINDOWS\system32\ac3acm.acm
2022-11-28 23:27 - 2012-07-21 12:54 - 000122880 _____ (fccHandler) C:\WINDOWS\SysWOW64\ac3acm.acm
2022-11-28 23:27 - 2011-12-07 19:37 - 000148992 _____ ( ) C:\WINDOWS\system32\lagarith.dll
2022-11-28 23:27 - 2011-12-07 19:32 - 000216064 _____ ( ) C:\WINDOWS\SysWOW64\lagarith.dll
2022-11-28 23:26 - 2022-11-28 23:26 - 061945139 _____ (KLCP ) C:\Users\MARRA\Downloads\K-Lite_Codec_Pack_1730_Mega.exe
2022-11-28 23:23 - 2022-11-28 23:23 - 002379422 _____ C:\Users\MARRA\Downloads\x264vfw_full_44_2851bm_44825.exe
2022-11-25 16:10 - 2022-11-25 16:10 - 002109145 _____ C:\Users\MARRA\Downloads\chytrej výčep prezentace.pdf
2022-11-24 15:59 - 2022-11-24 15:59 - 037433304 _____ C:\WINDOWS\system32\Drivers\Netwfw10.dat
2022-11-24 15:59 - 2022-11-24 15:59 - 005100608 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\Netwtw10.sys
2022-11-24 15:59 - 2022-11-24 15:59 - 001470528 _____ (Intel Corporation) C:\WINDOWS\system32\IntelIHVRouter10.dll
2022-11-23 00:17 - 2022-11-23 00:17 - 000224766 _____ C:\Users\MARRA\Downloads\Koaliční smlouva Napajedla _11.11.2022.pdf
2022-11-20 12:22 - 2022-11-20 12:23 - 060681665 _____ (WarmUpTill ) C:\Users\MARRA\Downloads\advanced-scene-switcher-windows-x64-Installer.exe
2022-11-15 03:23 - 2022-11-15 03:23 - 000017051 _____ C:\Users\MARRA\Downloads\[SkT]Lucky_Louie_(2006)(CZ)_=_CSFD_86%.torrent
2022-11-14 16:49 - 2022-11-14 16:49 - 000000000 ____D C:\Users\MARRA\Documents\Chata
2022-11-14 02:27 - 2022-11-14 02:27 - 000032402 _____ C:\Users\MARRA\Downloads\[SkT]Peaky_Blinders_-_Gangy_z_Birminghamu___Peaky_Blinders_-_1._Serie_(CZ_EN)[1080p]_=_CSFD_91%.torrent

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-12-14 17:04 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-12-14 16:43 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState
2022-12-14 16:40 - 2021-11-29 12:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
2022-12-14 16:37 - 2021-11-07 02:22 - 000000000 ____D C:\Program Files (x86)\Google
2022-12-14 15:36 - 2021-11-07 02:13 - 000000000 ____D C:\ProgramData\NVIDIA
2022-12-14 15:35 - 2022-05-11 12:32 - 000000000 ____D C:\Users\MARRA\AppData\Roaming\IObit
2022-12-14 15:32 - 2021-11-07 18:27 - 000000000 ____D C:\Users\MARRA\AppData\Local\CrashDumps
2022-12-14 14:03 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-12-14 13:57 - 2022-05-14 20:48 - 001718028 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-12-14 13:57 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2022-12-14 13:52 - 2022-01-19 11:41 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2022-12-14 13:50 - 2021-11-07 02:17 - 000000000 __SHD C:\Users\MARRA\IntelGraphicsProfiles
2022-12-14 13:49 - 2022-05-14 20:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-12-14 13:49 - 2021-11-07 09:05 - 000012288 ___SH C:\DumpStack.log.tmp
2022-12-14 13:49 - 2021-11-07 02:16 - 000000000 ____D C:\Intel
2022-12-14 05:15 - 2022-05-07 06:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-12-14 05:03 - 2021-11-08 11:09 - 000000000 ____D C:\Users\MARRA\Documents\1SA
2022-12-14 02:53 - 2021-11-07 11:38 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-12-14 02:51 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-12-14 02:51 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-12-14 02:51 - 2021-11-07 11:38 - 148633544 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-12-14 02:38 - 2021-11-07 02:23 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-12-14 02:05 - 2021-11-07 14:58 - 000000000 ____D C:\Users\MARRA\AppData\Roaming\AIMP
2022-12-13 13:21 - 2022-05-14 20:34 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2022-12-13 13:16 - 2022-08-03 10:21 - 000000000 ____D C:\WINDOWS\TempInst
2022-12-13 11:15 - 2022-05-14 20:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-12-13 01:36 - 2021-12-19 21:00 - 000000000 ____D C:\Users\MARRA\AppData\Roaming\audacity
2022-12-13 01:34 - 2021-11-07 17:44 - 000000871 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2022-12-13 01:34 - 2021-11-07 17:44 - 000000000 ____D C:\Program Files\Audacity
2022-12-12 17:44 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2022-12-12 17:39 - 2022-02-23 20:54 - 000002063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2022-12-12 02:03 - 2021-11-08 18:32 - 000000000 ____D C:\Users\MARRA\AppData\Roaming\uTorrent
2022-12-12 02:03 - 2021-11-07 14:52 - 000000000 ____D C:\Users\MARRA\AppData\Roaming\discord
2022-12-12 01:18 - 2021-11-07 14:52 - 000000000 ____D C:\Users\MARRA\AppData\Local\Discord
2022-12-11 00:04 - 2021-11-07 18:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2022-12-11 00:04 - 2021-11-07 18:13 - 000000000 ____D C:\Program Files\Microsoft Office
2022-12-10 16:37 - 2021-11-07 09:05 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-12-09 11:56 - 2021-11-07 09:05 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-12-09 11:54 - 2021-11-09 02:13 - 000000000 ____D C:\Users\MARRA\Documents\FMK
2022-12-08 09:49 - 2022-09-17 10:58 - 001487912 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-12-08 09:49 - 2022-05-11 13:08 - 007645912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2022-12-08 08:31 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2022-12-08 02:58 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-12-08 02:03 - 2021-11-07 02:17 - 000000000 ____D C:\Users\MARRA\AppData\Local\Packages
2022-12-07 15:27 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2022-12-05 23:21 - 2021-11-09 12:57 - 000000000 ____D C:\Users\MARRA\AppData\Local\Adobe
2022-12-04 17:43 - 2021-11-08 00:48 - 000000000 ____D C:\ProgramData\Trackmania
2022-12-04 17:43 - 2021-11-08 00:47 - 000000000 ____D C:\Users\MARRA\Documents\Trackmania
2022-12-04 17:17 - 2021-11-07 23:00 - 000000000 ____D C:\Users\MARRA\AppData\Local\Ubisoft Game Launcher
2022-12-04 16:54 - 2021-11-07 22:40 - 000000000 ____D C:\Users\MARRA\AppData\Roaming\obs-studio
2022-12-04 14:45 - 2021-11-07 14:58 - 000000000 ____D C:\Program Files (x86)\AIMP
2022-12-04 14:16 - 2022-05-11 12:44 - 000018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2022-12-03 22:43 - 2022-09-19 01:15 - 000000440 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2022-11-29 11:44 - 2022-05-14 20:34 - 000408624 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-11-29 04:14 - 2022-05-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-11-29 04:14 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-11-29 04:14 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\UUS
2022-11-29 04:14 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources
2022-11-29 04:14 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemApps
2022-11-29 04:14 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-11-29 04:14 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-11-29 04:14 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\Provisioning
2022-11-29 04:14 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-11-29 02:58 - 2022-05-14 20:34 - 003212288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-11-28 23:27 - 2021-11-30 14:09 - 000000000 ____D C:\Users\MARRA\Documents\Vegas
2022-11-26 22:05 - 2021-11-07 02:17 - 000000000 ____D C:\Users\MARRA\AppData\Local\D3DSCache
2022-11-25 05:17 - 2021-11-07 22:53 - 000000000 ____D C:\Program Files (x86)\Steam
2022-11-24 21:08 - 2021-11-22 17:34 - 000000000 ____D C:\Users\MARRA\Documents\oCam
2022-11-20 12:25 - 2022-10-01 11:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\advanced-scene-switcher
2022-11-20 12:25 - 2021-11-07 22:40 - 000000000 ____D C:\Program Files\obs-studio
2022-11-18 15:10 - 2022-09-12 10:45 - 000000000 ____D C:\Users\MARRA\AppData\Roaming\com.adobe.dunamis
2022-11-18 14:43 - 2022-10-13 12:43 - 000002079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2022-11-18 14:43 - 2022-05-14 20:42 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-11-15 00:37 - 2022-05-14 20:42 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-11-15 00:37 - 2022-05-14 20:42 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

==================== Files in the root of some directories ========

2021-12-15 18:33 - 2022-10-01 10:39 - 000000015 _____ () C:\Users\MARRA\AppData\Roaming\obs-virtualcam.txt

==================== FCheck ================================

(If an entry is included in the fixlist, the file/folder will be moved.)

FCheck: C:\WINDOWS\SysWOW64\version_IObitDel.dll [2022-05-11] <==== ATTENTION (zero byte File/Folder)

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-12-2022
Ran by MARRA (14-12-2022 17:19:42)
Running from C:\Users\MARRA\Downloads
Microsoft Windows 11 Pro Version 22H2 22623.1028 (X64) (2022-05-14 19:42:12)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-590153330-3484553050-3099931381-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-590153330-3484553050-3099931381-503 - Limited - Disabled)
Guest (S-1-5-21-590153330-3484553050-3099931381-501 - Limited - Disabled)
MARRA (S-1-5-21-590153330-3484553050-3099931381-1001 - Administrator - Enabled) => C:\Users\MARRA
WDAGUtilityAccount (S-1-5-21-590153330-3484553050-3099931381-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
8 Ball Pool (HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\com.miniclip.eightballpoolamazon) (Version: 5.9.0 - miniclip.com)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.003.20282 - Adobe)
Adobe Photoshop 2022 (HKLM-x32\...\PHSP_23_2_2) (Version: 23.2.2.325 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Advanced Scene Switcher version 95537f39e44353151b78dde8bf08bc1613fa8772 (HKLM\...\{A4ADDF26-4426-4D2E-B26A-C7C878DA8FC9}_is1) (Version: 95537f39e44353151b78dde8bf08bc1613fa8772 - )
advanced-scene-switcher version 1.19.2 (32-bit) (HKLM-x32\...\{A4ADDF26-4426-4D2E-B26A-C7C878DA8FC9}_is1) (Version: 1.19.2 - WarmUpTill)
AIMP (HKLM-x32\...\AIMP) (Version: 5.10.2414 - Artem Izmaylov)
Amazon Appstore (HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\com.amazon.venezia) (Version: release-60.13.1.0.207502.0_259610 - amazon.com)
ANT Drivers Installer x64 (HKLM\...\{209ECC4B-2A73-48FD-80C9-CDFFA9CA528D}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Atom (HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\atom) (Version: 1.58.0 - GitHub Inc.)
Audacity 3.2.2 (HKLM\...\Audacity_is1) (Version: 3.2.2 - Audacity Team)
Aurora Store (HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\com.aurora.store) (Version: 4.1.1 - aurora.com)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon Laser Printer/Scanner/Fax Extended Survey Program (HKLM\...\{8A16FF47-A5FC-49A8-96B5-31180D317059}) (Version: 3.0.4 - CANON INC.) Hidden
Canon Laser Printer/Scanner/Fax Extended Survey Program (HKLM\...\Canon Laser Printer/Scanner/Fax Extended Survey Program) (Version: 3.0.4.40070 - CANON INC.)
Canon MF645C (HKLM\...\{9651393F-E287-454c-A4D7-E657DF3AE3BE}) (Version: 6.4.0.4 - CANON INC.)
Cisco Webex Meetings (HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\ActiveTouchMeetingClient) (Version: 42.6.0 - Cisco Webex LLC)
Corel Graphics - Windows Shell Extension (HKLM\...\_{4F36AC9B-954C-4C49-8573-D2A9EF8079B4}) (Version: 22.0.0.411 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{4F36AC9B-954C-4C49-8573-D2A9EF8079B4}) (Version: 22.0.411 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (HKLM\...\{C28C908E-0E70-470C-B556-DFDDE9973766}) (Version: 22.0.411 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM (x64) (HKLM\...\{0E0F6EBF-E2BA-4B1A-ADEC-CAF4612B2AC7}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content BR (x64) (HKLM\...\{AE21B6DA-78D3-4772-81EF-9A0163BDB0C6}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content CS (x64) (HKLM\...\{EFAB3BB7-4DD2-428F-B895-F915A689B46B}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content CT (x64) (HKLM\...\{54DADE81-4911-41B9-9FA6-76C57647FB34}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content CZ (x64) (HKLM\...\{2573B4F8-4C8F-4028-A1A9-500EE2ADE30A}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content DE (x64) (HKLM\...\{9A7ABF9B-1CF1-452F-B6A9-1FD425AD12D9}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content EN (x64) (HKLM\...\{C796DB48-473A-4F12-998D-0D690570D633}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content ES (x64) (HKLM\...\{38B83748-7D9B-48DB-94EE-004D49E84BD3}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content FR (x64) (HKLM\...\{E2E7B6E9-3A6F-4421-8D1F-24ED7647B00A}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content IT (x64) (HKLM\...\{EEC60482-484C-4B29-BB56-0C04F086B372}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content JP (x64) (HKLM\...\{7AB150FE-BF0D-44F9-934A-7BC87CB9FB01}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content NL (x64) (HKLM\...\{0A404310-BE95-47B5-BE1C-5C664490EE17}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content PL (x64) (HKLM\...\{5FC18E59-85FC-478D-93C8-266AB375FF1F}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content RU (x64) (HKLM\...\{F015285B-E950-48BF-A4C6-0A1DD2C9739E}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - IPM Content TR (x64) (HKLM\...\{034009FF-1AB3-4340-A66D-CBF594C1A0F2}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 - Writing Tools (x64) (HKLM\...\{F404C086-454C-4485-B5F1-F3C11B8DF452}) (Version: 22.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2020 (64-Bit) (HKLM\...\_{7FA269F4-59E4-4399-A239-E9A134D40BED}) (Version: 22.0.0.412 - Corel Corporation)
Cross DJ Free 3.4.0 (HKLM-x32\...\MixVibes Cross DJ Free 3.4.0) (Version: 3.4.0 - MixVibes)
Discord (HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\Discord) (Version: 1.0.9003 - Discord Inc.)
Driver Booster (HKLM-x32\...\IObit Driver Booster Pro 9.2.0.178) (Version: - )
Elevated Installer (HKLM-x32\...\{3213DBEF-7413-4CC2-A3EA-2FB78177482B}) (Version: 7.13.1.0 - Garmin Ltd or its subsidiaries) Hidden
Epic Games Launcher (HKLM-x32\...\{209F4B4B-3DF2-4825-9906-D4D6A80EC09E}) (Version: 1.3.0.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
Equalizer APO (HKLM\...\EqualizerAPO) (Version: 1.2.1 - )
FFmpeg v2.2.2 for Audacity - 64bit (HKLM\...\FFmpeg for Audacity_is1) (Version: - )
FIFA 19 v.1.0-u7 (HKLM-x32\...\FIFA 19_is1) (Version: - )
FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Focusrite USB Audio Driver 1.10 (HKLM\...\Focusrite USB Audio Driver_is1) (Version: 1.10 - Focusrite Audio Engineering Ltd.)
Garmin Express (HKLM-x32\...\{dfe973c2-d1c7-4563-8c84-595f13f8792d}) (Version: 7.13.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{FDE5F9F5-0C9B-4A7A-811B-C7E32195CC2B}) (Version: 7.13.1.0 - Garmin Ltd or its subsidiaries) Hidden
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
GitHub Desktop (HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\GitHubDesktop) (Version: 2.9.4 - GitHub, Inc.)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 68.0.2.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 108.0.5359.100 - Google LLC)
Infatica P2B Network (HKLM-x32\...\{043C71DF-992B-4A8C-B584-DE65480802F8}_is1) (Version: 1.0.6.1 - )
Jpeg Resampler XE (HKLM-x32\...\JpegResamplerXE_is1) (Version: - Jpeg Resampler)
K-Lite Mega Codec Pack 17.3.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 17.3.0 - KLCP)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
LatencyMon 7.20 (HKLM\...\LatencyMon_is1) (Version: 7.20 - Resplendence Software Projects Sp.)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Ledger Live 2.45.1 (HKLM\...\c62032b2-0bca-5abc-b458-fd67cfc9e49b) (Version: 2.45.1 - Ledger Live Team)
Legion Arena (HKLM-x32\...\Legion Arena_is1) (Version: 1.3.1.1 - Lenovo Group Ltd.)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.43.0 - Lenovo Group Ltd.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 108.0.1462.46 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 108.0.1462.46 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Volume - cs-cz) (Version: 16.0.15831.20190 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\Teams) (Version: 1.5.00.11163 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{4812E2CC-BAA9-49AE-B310-DA845882322B}) (Version: 4.66.0.0 - Microsoft Corporation)
Microsoft Visual Basic for Applications 7.1 (x64) (HKLM\...\{90120064-0070-0000-0000-4000000FF1CE}) (Version: 7.1.00.00 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) English (HKLM\...\{90F60409-7000-11D3-8CFE-0150048383C9}) (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31332 (HKLM-x32\...\{3746f21b-c990-4045-bb33-1cf98cff7a68}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31332 (HKLM\...\{F4499EE3-A166-496C-81BB-51D1BCDC70A9}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31332 (HKLM\...\{3407B900-37F5-4CC2-B612-5CD5D580A163}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2019 (HKLM-x32\...\{1edcd8d2-905a-4e93-bfdf-92ed5601528a}) (Version: 16.0.28801 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2019 x64 Hosting Support (HKLM\...\{9D6CE289-E12C-38BB-9999-E2377EC118B7}) (Version: 16.0.28801 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2019 x86 Hosting Support (HKLM-x32\...\{7C931D41-F302-3494-868C-320A4F4DD9F9}) (Version: 16.0.28801 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minimal ADB and Fastboot version 1.4.3 (HKLM-x32\...\{B561660D-8B3C-491D-9E3E-293F14FCAADA}_is1) (Version: 1.4.3 - Samuel Rodberg)
MSVCRT Redists (HKLM\...\{24DB3A5E-0BC8-11E5-9A27-F04DA23A5C58}) (Version: 1.0 - Sony Creative Software Inc.) Hidden
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 2.6.2.547 - Native Instruments)
Native Instruments Native Access (HKLM-x32\...\Native Instruments Native Access) (Version: 1.14.1.156 - Native Instruments)
Native Instruments Traktor Audio 10 Driver (HKLM-x32\...\Native Instruments Traktor Audio 10 Driver) (Version: - Native Instruments)
Native Instruments Traktor Audio 2 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Audio 2 MK2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Audio 6 Driver (HKLM-x32\...\Native Instruments Traktor Audio 6 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol D2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol D2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol F1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol F1 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol S2 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S2 MK2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol S4 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S4 MK2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol S4 MK3 ASIO Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S4 MK3 ASIO Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol S5 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S5 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol S8 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S8 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol X1 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol X1 MK2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol Z1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol Z1 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol Z2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol Z2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Pro 3 (HKLM-x32\...\Native Instruments Traktor Pro 3) (Version: 3.5.2.299 - Native Instruments)
Need For Speed Most Wanted Remaster Edition (HKLM-x32\...\Need For Speed Most Wanted Remaster Edition_is1) (Version: 0.0.0 - DODI-Repacks)
NFS: Most Wanted CZ (HKLM-x32\...\NFS: Most Wanted) (Version: CZ - Sub - Zero)
NVIDIA FrameView SDK 1.3.8107.31782123 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8107.31782123 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.26.0.154 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.26.0.154 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.39.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.16 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 522.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 522.25 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 27.1.3 - OBS Project)
oCam 버전 520.0 (HKLM-x32\...\oCam_is1) (Version: 520.0 - hxxp://ohsoft.net/)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15831.20184 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.11929.20376 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Openplanet for Trackmania (HKLM-x32\...\OpenplanetNext) (Version: - Melissa Geels)
Origin (HKLM-x32\...\Origin) (Version: 10.5.111.50299 - Electronic Arts, Inc.)
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 221102 - Kakao Corp.)
reWASD (HKLM\...\reWASD) (Version: 5.8.1.4765 - Disc Soft Ltd)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
Samsung DeX (HKLM-x32\...\{43409A91-7C1A-4D28-B628-AD78F09DA3F0}) (Version: 2.4.0.27 - Samsung Electronics Co., Ltd.) Hidden
Samsung DeX (HKLM-x32\...\{a306c372-6ec4-43f0-b372-b1de15b0e935}) (Version: 2.4.0.27 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.46.0 - Samsung Electronics Co., Ltd.)
Skype verze 8.78 (HKLM-x32\...\Skype_is1) (Version: 8.78 - Skype Technologies S.A.)
Software602 Form Filler (HKLM-x32\...\{EF8155B1-A395-4AF9-ABB4-88F09FA54DB1}) (Version: 4.80 - Software602 a.s.)
Spotify (HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\Spotify) (Version: 1.1.93.896.g3ae3b4f3 - Spotify AB)
Stardock Start11 (HKLM-x32\...\Stardock Start11) (Version: 1.3.6.0 - Stardock Software, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Trackmania (HKLM-x32\...\Uplay Install 5595) (Version: - Ubisoft)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 127.1.10616 - Ubisoft)
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
VALORANT (HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
Vegas Pro 13.0 (64-bit) (HKLM\...\{1EEE0BEE-0BC8-11E5-A19E-F04DA23A5C58}) (Version: 13.0.453 - Sony)
VMS (HKLM-x32\...\VMS1.0.3.1) (Version: 1.0.3.1 - 1.0.3.1)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)

Packages:
=========
Canon Office Printer Utility -> C:\Program Files\WindowsApps\34791E63.CanonOfficePrinterUtility_12.7.0.0_x64__6e5tt8cgb93ep [2022-12-01] (Canon Inc.)
Clipchamp -> C:\Program Files\WindowsApps\Clipchamp.Clipchamp_2.5.13.0_neutral__yxz26nhyzhsrt [2022-12-12] (Microsoft Corp.)
Dolby Atmos for Gaming -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAtmosforGaming_3.20800.804.0_x64__rz1tebttyb220 [2022-10-03] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-10-03] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_141.2.441.0_x64__v10z8vjag6ke6 [2022-12-02] (HP Inc.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2209.2.0_x64__k1h2ywk1493x8 [2022-12-11] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-10-03] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-10-03] (Microsoft Corporation) [MS Ad]
ms-resource:APP_WINDOW_NAME -> C:\Program Files\WindowsApps\MicrosoftCorporationII.QuickAssist_2.0.9.0_x64__8wekyb3d8bbwe [2022-10-03] (Microsoft Corp.)
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.1.32791.0_x64__8wekyb3d8bbwe [2022-10-11] (Microsoft Corporation)
ms-resource:AppxManifest_DisplayName -> C:\Windows\SystemApps\Microsoft.Windows.PrintQueueActionCenter_cw5n1h2txyewy [2022-10-03] (Microsoft Corporation)
ms-resource:ProductPkgDisplayName -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.Core_cw5n1h2txyewy [2022-12-08] (ms-resource:ProductPublisherDisplayName)
ms-resource:System_Item_Title_IntelGraphicsControlPanel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt [2022-10-03] (INTEL CORP) [Startup Task]
ms-resource:WsaDisplayName -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WindowsSubsystemForAndroid_2211.40000.7.0_x64__8wekyb3d8bbwe [2022-12-08] (Microsoft Corp.) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-10-16] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.12.219.0_x64__dt26b99r8h8gj [2022-10-03] (Realtek Semiconductor Corp)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.11210.0_x64__8wekyb3d8bbwe [2022-12-11] (Microsoft Studios) [MS Ad]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2248.9.0_x64__cv1g1gvanyjgm [2022-12-12] (WhatsApp Inc.) [Startup Task]
WhatsApp Beta -> C:\Program Files\WindowsApps\5319275A.51895FA4EA97F_2.2249.2.0_x64__cv1g1gvanyjgm [2022-12-11] (WhatsApp Inc.) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-590153330-3484553050-3099931381-1001_Classes\CLSID\{1019ADC7-17CB-4489-AFD5-6642C7400ACE}\localserver32 -> C:\Users\MARRA\AppData\Local\Webex\Webex\Applications\ptOIEx64.exe (Cisco WebEx LLC -> Cisco WebEx LLC)
CustomCLSID: HKU\S-1-5-21-590153330-3484553050-3099931381-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\MARRA\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.22062.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-590153330-3484553050-3099931381-1001_Classes\CLSID\{32E26FD9-F435-4A20-A561-35D4B987CFDC}\InprocServer32 -> C:\Users\MARRA\AppData\Local\WebEx\WebEx64\Meetings\atucfobj.dll (Cisco WebEx LLC -> Cisco WebEx LLC)
CustomCLSID: HKU\S-1-5-21-590153330-3484553050-3099931381-1001_Classes\CLSID\{86ca1aa0-34aa-4e8b-a509-50c905bae2a2}\InprocServer32 -> => No File
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2022-12-12] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2022-12-12] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2022-12-12] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2022-12-12] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> )
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2022-12-04] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2022-12-12] (Google LLC -> Google, Inc.)
ContextMenuHandlers1-x32: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => C:\Program Files (x86)\JpegResamplerXE\JRcm.dll [2010-08-18] () [File not signed]
ContextMenuHandlers1: [JRcm64] -> {013BF2A8-A4B1-11DF-A865-F509E0D72085} => C:\Program Files (x86)\JpegResamplerXE\JRcm64.dll [2010-09-06] () [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2022-12-04] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2022-12-12] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2022-12-12] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvltig.inf_amd64_03e937c3da958a25\nvshext.dll [2022-12-08] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> )
ContextMenuHandlers6-x32: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => C:\Program Files (x86)\JpegResamplerXE\JRcm.dll [2010-08-18] () [File not signed]
ContextMenuHandlers6: [JRcm64] -> {013BF2A8-A4B1-11DF-A865-F509E0D72085} => C:\Program Files (x86)\JpegResamplerXE\JRcm64.dll [2010-09-06] () [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [310784 2019-12-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284160 2019-12-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\MARRA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VMS\Copy.lnk -> C:\Program Files (x86)\VMS\vms\bin\Copy.bat ()
Shortcut: C:\Users\MARRA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VMS\CopyJW.lnk -> C:\Program Files (x86)\VMS\vms\bin\CopyJW.bat ()

==================== Loaded Modules (Whitelisted) =============

2021-11-07 22:49 - 2010-09-06 18:21 - 000538435 _____ () [File not signed] C:\Program Files (x86)\JpegResamplerXE\JRcm64.dll
2022-12-11 04:09 - 2022-12-11 04:09 - 101119488 _____ () [File not signed] C:\Program Files\WindowsApps\5319275A.51895FA4EA97F_2.2249.2.0_x64__cv1g1gvanyjgm\WhatsApp.dll
2022-12-11 04:09 - 2022-12-11 04:09 - 008540160 _____ () [File not signed] C:\Program Files\WindowsApps\5319275A.51895FA4EA97F_2.2249.2.0_x64__cv1g1gvanyjgm\WhatsAppNative.dll
2022-07-07 21:00 - 2018-01-29 18:26 - 000153088 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNCENPM6.dll
2021-11-07 23:09 - 2021-11-07 23:09 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2021-11-07 23:09 - 2021-11-07 23:09 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2021-11-07 23:09 - 2021-11-07 23:09 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2022-03-18 02:22 - 2021-11-07 23:09 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2022-03-18 02:22 - 2021-11-07 23:09 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2022-03-18 02:22 - 2021-11-07 23:09 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2022-03-18 02:22 - 2021-11-07 23:09 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2022-03-18 02:22 - 2021-11-07 23:09 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2022-03-18 02:22 - 2021-11-07 23:09 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk:F20EF51E1F [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk:1DC1525F34 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung DeX.lnk:04BD1844E0 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk:7AD7FA8AB1 [10]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TextInputManagementService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => ""="Memory"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TextInputManagementService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-11] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\sharepoint.com -> hxxps://utbcz-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2022-09-19 01:15 - 2022-12-03 22:43 - 000000440 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
172.25.80.1 MARRA-LEGION.mshome.net # 2027 12 4 2 21 43 21 58

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-590153330-3484553050-3099931381-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\MARRA\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.37.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "MFNetworkScannerSelector"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\StartupApproved\Run: => "CiscoMeetingDaemon"
HKU\S-1-5-21-590153330-3484553050-3099931381-1001\...\StartupApproved\Run: => "GarminExpress"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{39CD9027-D1DE-4F49-9142-F4E711D3DBF5}] => (Allow) D:\Games\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{963E6E87-2583-434C-B7DB-8BE5B4DC3B47}] => (Allow) D:\Games\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [UDP Query User{E5F6999E-593F-428D-9036-21243FE34B7D}C:\program files (x86)\ipctool\ipctool.exe] => (Allow) C:\program files (x86)\ipctool\ipctool.exe => No File
FirewallRules: [TCP Query User{AAE8F00E-F278-4F58-B66D-CA90F1244B8D}C:\program files (x86)\ipctool\ipctool.exe] => (Allow) C:\program files (x86)\ipctool\ipctool.exe => No File
FirewallRules: [UDP Query User{E4650F95-801B-4A98-ABE5-721760A2C903}C:\program files (x86)\vms\vms\bin\vms.exe] => (Allow) C:\program files (x86)\vms\vms\bin\vms.exe () [File not signed]
FirewallRules: [TCP Query User{4B29C66C-FA61-4379-9868-709774E31A3E}C:\program files (x86)\vms\vms\bin\vms.exe] => (Allow) C:\program files (x86)\vms\vms\bin\vms.exe () [File not signed]
FirewallRules: [UDP Query User{9C12C018-8B8E-4999-9479-B381F56EA1B5}D:\games\cs1.6\hl.exe] => (Allow) D:\games\cs1.6\hl.exe => No File
FirewallRules: [TCP Query User{C67D4C2F-87A6-4AEC-874C-5BEFA3FB323B}D:\games\cs1.6\hl.exe] => (Allow) D:\games\cs1.6\hl.exe => No File
FirewallRules: [UDP Query User{07441542-A9B0-423E-ADA9-5582AB9A4EA2}D:\games\crysisremastered\bin64\crysisremastered.exe] => (Allow) D:\games\crysisremastered\bin64\crysisremastered.exe (Crytek GmbH) [File not signed]
FirewallRules: [TCP Query User{4396677B-F35F-4290-AF12-19202A2CBA0D}D:\games\crysisremastered\bin64\crysisremastered.exe] => (Allow) D:\games\crysisremastered\bin64\crysisremastered.exe (Crytek GmbH) [File not signed]
FirewallRules: [UDP Query User{71E47EFF-9D1C-4ECE-8AE7-AE3AD8B2A304}D:\games\cyberpunk.2077.gog.rip-insaneramzes\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\games\cyberpunk.2077.gog.rip-insaneramzes\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [TCP Query User{74E56D16-DF70-41BF-96AA-2D9A7B2691DD}D:\games\cyberpunk.2077.gog.rip-insaneramzes\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\games\cyberpunk.2077.gog.rip-insaneramzes\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [UDP Query User{72562381-6D49-4E2F-8181-67B947AEAEAC}C:\users\marra\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\marra\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{5A7A9E5D-146E-41C4-A12E-542D2683A75A}C:\users\marra\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\marra\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{CE839D0B-0E61-4F2E-8CE3-2BA07F05D6C8}] => (Allow) C:\Program Files\uTorrent\utorrent.exe => No File
FirewallRules: [{767FB015-96F1-4361-A4C4-18776F34C752}] => (Allow) C:\Program Files\uTorrent\utorrent.exe => No File
FirewallRules: [{88F25B2F-752B-483D-AC16-701BBE5E6E82}] => (Allow) D:\Games\steamapps\common\Unreal Tournament 3\Binaries\UT3.exe (Epic Games Inc. -> ) [File not signed]
FirewallRules: [{A09C9F8F-8DE3-413C-8290-3F3803C4819F}] => (Allow) D:\Games\steamapps\common\Unreal Tournament 3\Binaries\UT3.exe (Epic Games Inc. -> ) [File not signed]
FirewallRules: [{B9396FC7-167E-4CFA-88C0-D2FA696A0FF5}] => (Allow) D:\Games\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe () [File not signed]
FirewallRules: [{B8652551-E4CA-432B-8F2E-0346C0D4A6F3}] => (Allow) D:\Games\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe () [File not signed]
FirewallRules: [{9930E664-4CAB-483A-B0B1-9B53C8E04D05}] => (Allow) D:\Games\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe (CD Projekt RED Sp. z o.o. -> CD Projekt Red)
FirewallRules: [{5516B6F5-A568-4CF1-8859-65BC63C1E554}] => (Allow) D:\Games\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe (CD Projekt RED Sp. z o.o. -> CD Projekt Red)
FirewallRules: [{88F53FFC-3158-4C69-9B11-4F071D69C5D8}] => (Allow) D:\Games\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe (CD Projekt Red) [File not signed]
FirewallRules: [{BCC5263E-FAE6-438A-BEDE-A65E0CACE860}] => (Allow) D:\Games\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe (CD Projekt Red) [File not signed]
FirewallRules: [{42180D00-EB28-4257-BEB4-0271FA640892}] => (Allow) D:\Games\Trackmania\trackmania.exe (NADEO SAS -> Nadeo)
FirewallRules: [{4BD03348-B254-4291-9A05-05AB2276EEF2}] => (Allow) D:\Games\Trackmania\trackmania.exe (NADEO SAS -> Nadeo)
FirewallRules: [{9642C2F2-D143-43B3-86F7-D7E889595AA3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{823DE92B-1696-4FDE-AC43-7F1FD55D2875}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E724E9E9-0304-45E8-A783-42B347332936}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{38B1FF4C-61A4-48A2-A02B-0F65F4A0654D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1D89C447-5157-4E96-B1EA-E3C45AEFB95B}] => (Block) C:\Program Files\Corel\CorelDRAW Graphics Suite 2020\Programs64\CorelPP.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{4E0FB215-5BBB-418D-8E8D-A49ACBF412B2}] => (Block) C:\Program Files\Corel\CorelDRAW Graphics Suite 2020\Programs64\CorelDrw.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [UDP Query User{8B667069-70F5-4C41-A804-E876B330EA11}C:\users\marra\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\marra\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{6BBB1161-E65E-4062-988D-344B9AAF49B7}C:\users\marra\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\marra\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{112E1AC2-34D5-4832-A186-FBE4DE05491D}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5E4934E9-3295-4619-8B19-8E818980FC5D}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DC16197A-54B6-44CB-9A54-4140F1404228}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{3A263379-F133-4EBC-BD28-58B88E25CA8B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{77C0E4CA-7543-4C4F-B4DD-C54273DF6165}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_21302.202.1065.6968_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D903AB93-2608-4F75-A72C-38FAFB9BD99D}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_21302.202.1065.6968_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{1D983511-9620-4479-AE8B-F7E700003E01}C:\users\marra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\marra\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{8A7CAF9E-BC67-4597-8D44-3017CAE15F41}C:\users\marra\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\marra\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4E554741-DB92-4AC1-91A5-9E0ED0EA824A}] => (Allow) C:\Program Files\reWASD\reWASDEngine.exe (SIA AVB Disc Soft -> Disc Soft Ltd)
FirewallRules: [{913230A5-BD8C-4ED9-934D-5C5A2333242F}] => (Allow) C:\Program Files\reWASD\reWASDEngine.exe (SIA AVB Disc Soft -> Disc Soft Ltd)
FirewallRules: [{F08FE8CE-3302-44B1-9A72-273182D64C12}] => (Allow) LPort=35474
FirewallRules: [{D1A26F11-4D8E-432A-9F36-007DF7190D92}] => (Allow) LPort=35474
FirewallRules: [{F44C1DD3-2C04-4FE9-89B1-0B502192CF74}] => (Allow) LPort=35475
FirewallRules: [{3940D517-C618-4CFA-8993-17AE8A733CE9}] => (Allow) LPort=35475
FirewallRules: [{5B6EAE54-DAC8-41D2-A128-26A418AB19F4}] => (Allow) LPort=35476
FirewallRules: [{AB3C7D97-DEB8-46CA-BEBB-D2EE07524054}] => (Allow) LPort=35476
FirewallRules: [{8A240337-B96D-4884-91C7-F033E8C2EED0}] => (Allow) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{094DE1D3-A097-467E-886A-054139371914}] => (Allow) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [TCP Query User{17EB4F5B-158C-437D-8F1F-DF9283169623}D:\games\riot games\riot client\riotclientservices.exe] => (Allow) D:\games\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{CCCE83E4-6C99-486E-9C0D-82521E885ECB}D:\games\riot games\riot client\riotclientservices.exe] => (Allow) D:\games\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{BE73EE6D-929F-49CB-9787-E266CF3AF3CD}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [{883ACB19-4304-4098-B596-E51DA4D1E3B3}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [TCP Query User{C3AA0BD9-A41A-4036-8579-9336609899A1}C:\program files\ledger live\ledger live.exe] => (Allow) C:\program files\ledger live\ledger live.exe (LEDGER SAS -> Ledger Live Team)
FirewallRules: [UDP Query User{3B8A81A2-8B38-438A-8CE5-78C2B4A59592}C:\program files\ledger live\ledger live.exe] => (Allow) C:\program files\ledger live\ledger live.exe (LEDGER SAS -> Ledger Live Team)
FirewallRules: [{988C6A73-CC5B-4D9D-A15A-F4F808884B36}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1FB67AE8-25D0-4173-B007-E791D5D6D2A3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8EB4439E-4BB5-4CC3-8244-38E5A5BDC325}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7FD245C6-58F4-4A58-98B7-85A203FCCCDB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{95BC7ED3-110D-4678-870E-AAEFA157CB03}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{826D7578-11DA-46CC-B945-A64B21C3017A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{24B950D9-1C19-4CAA-88A8-52458325AF6F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{9FA978C2-A74B-4A25-8663-89F70084D783}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{801F9544-5DF9-468C-B890-2F8A989D085F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F2086651-4D9F-48CE-AFB4-1BC267B4683F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{61F42AEB-D68B-40C7-9284-00BFFA64C19F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2B55B6DB-97A6-44F8-8D2B-E7F96FC7A78C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C64D011B-8E8A-41CD-A038-2C611FDB3E31}] => (Allow) C:\Program Files\WindowsApps\MicrosoftCorporationII.WindowsSubsystemForAndroid_2211.40000.7.0_x64__8wekyb3d8bbwe\WsaClient\WsaClient.exe () [File not signed]
FirewallRules: [{0C18FDFD-8BC1-45CC-BC7E-4AF9D430A248}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\108.0.1462.46\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9735F2A2-06DA-4106-998E-7ACAE9FAF3FE}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

08-12-2022 09:47:06 Driver Booster : Auto Update
12-12-2022 17:44:22 Windows Update
12-12-2022 17:44:23 Windows Update

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/14/2022 03:32:08 PM) (Source: Application Error) (EventID: 1000) (User: MARRA-LEGION)
Description: Název chybující aplikace: Explorer.EXE, verze: 10.0.22621.1028, časové razítko: 0x3c33c94b
Název chybujícího modulu: Microsoft.UI.Xaml.dll, verze: 2.8.2207.29001, časové razítko: 0x4f068674
Kód výjimky: 0xc000008e
Posun chyby: 0x000000000037101b
ID chybujícího procesu: 0x0x2854
Čas spuštění chybující aplikace: 0x0x1d90fba940e805c
Cesta k chybující aplikaci: C:\WINDOWS\Explorer.EXE
Cesta k chybujícímu modulu: C:\WINDOWS\SystemApps\Microsoft.UI.Xaml.CBS_8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
ID zprávy: 91301aff-16a9-475b-b3a4-fab4cb0d5a1e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/14/2022 01:49:52 PM) (Source: NIHardwareService) (EventID: 259) (User: )
Description: MIDIDevice: Unable to unlock BMIDI DLL/driver

Error: (12/13/2022 01:21:47 PM) (Source: NIHardwareService) (EventID: 259) (User: )
Description: MIDIDevice: Unable to unlock BMIDI DLL/driver

Error: (12/12/2022 09:51:01 PM) (Source: Application Error) (EventID: 1000) (User: MARRA-LEGION)
Description: Název chybující aplikace: AXKTTYFUADTDRMOT.exe, verze: 10.0.22593.1, časové razítko: 0xd64c5a80
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000140003be2
ID chybujícího procesu: 0x0x39b0
Čas spuštění chybující aplikace: 0x0x1d90e630d7dc827
Cesta k chybující aplikaci: C:\Users\MARRA\AppData\Roaming\Spotify\Apps\AXKTTYFUADTDRMOT.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 79cf12b9-a7a1-4c94-a6e6-7b1982391098
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/12/2022 08:50:55 PM) (Source: Application Error) (EventID: 1000) (User: MARRA-LEGION)
Description: Název chybující aplikace: AXKTTYFUADTDRMOT.exe, verze: 10.0.22593.1, časové razítko: 0xd64c5a80
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000140003be2
ID chybujícího procesu: 0x0x49f8
Čas spuštění chybující aplikace: 0x0x1d90e524629c92b
Cesta k chybující aplikaci: C:\Users\MARRA\AppData\Roaming\Spotify\Apps\AXKTTYFUADTDRMOT.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 26ec7cbb-44f2-4813-aa66-670344a61d9f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/12/2022 06:50:49 PM) (Source: Application Error) (EventID: 1000) (User: MARRA-LEGION)
Description: Název chybující aplikace: AXKTTYFUADTDRMOT.exe, verze: 10.0.22593.1, časové razítko: 0xd64c5a80
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000140003be2
ID chybujícího procesu: 0x0x2d48
Čas spuštění chybující aplikace: 0x0x1d90e49e0a9cc4b
Cesta k chybující aplikaci: C:\Users\MARRA\AppData\Roaming\Spotify\Apps\AXKTTYFUADTDRMOT.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 73f41fd3-ea37-42cb-ae1d-29a353f53ec6
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/12/2022 05:50:42 PM) (Source: Application Error) (EventID: 1000) (User: MARRA-LEGION)
Description: Název chybující aplikace: AXKTTYFUADTDRMOT.exe, verze: 10.0.22593.1, časové razítko: 0xd64c5a80
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000140003be2
ID chybujícího procesu: 0x0xfe4
Čas spuštění chybující aplikace: 0x0x1d90e3919226655
Cesta k chybující aplikaci: C:\Users\MARRA\AppData\Roaming\Spotify\Apps\AXKTTYFUADTDRMOT.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 09b21f9f-16ca-4b69-9e48-f9f7f9b6d6e0
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/12/2022 03:50:36 PM) (Source: Application Error) (EventID: 1000) (User: MARRA-LEGION)
Description: Název chybující aplikace: AXKTTYFUADTDRMOT.exe, verze: 10.0.22593.1, časové razítko: 0xd64c5a80
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000140003be2
ID chybujícího procesu: 0x0x3f4c
Čas spuštění chybující aplikace: 0x0x1d90e30b36cbbf8
Cesta k chybující aplikaci: C:\Users\MARRA\AppData\Roaming\Spotify\Apps\AXKTTYFUADTDRMOT.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: b2c82826-6597-4c35-a312-14af2f90c506
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (12/14/2022 03:35:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba System Interface Foundation Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/14/2022 03:35:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (12/14/2022 03:35:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba LenovoVantageService byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/14/2022 03:35:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (12/14/2022 03:35:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba vgc byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/14/2022 03:35:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Dolby DAX API Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/14/2022 03:35:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/14/2022 03:35:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Content Protection HDCP Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
================
Date: 2022-12-13 12:54:49
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5D236452-20EE-4363-944A-D817597CCB8A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-12-12 13:05:49
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {7EB21E76-A09C-4CB5-A2F8-4B6E25AC19C0}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-12-11 04:00:21
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {9890E01C-5D3D-465F-8196-A11B5258A54E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-12-07 15:27:05
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {DE970729-1524-4954-81D5-B6EB9131C796}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-12-06 14:33:34
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {DD827D5B-4526-4CF9-B906-24C741AE08C7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2022-12-14 17:17:55
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.

Date: 2022-12-14 17:10:17
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO EFCN57WW 09/05/2022
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i5-10300H CPU @ 2.50GHz
Percentage of memory in use: 44%
Total physical RAM: 16251.8 MB
Available physical RAM: 9054.69 MB
Total Virtual: 18683.8 MB
Available Virtual: 9628.51 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:475.76 GB) (Free:141.2 GB) (Model: SKHynix_HFS512GD9TNI-L2A0B) NTFS
Drive d: (Data) (Fixed) (Total:931.5 GB) (Free:410.08 GB) (Model: KINGSTON SA2000M81000G) NTFS

\\?\Volume{e5506172-f637-4348-b35e-771ae04cbe0e}\ () (Fixed) (Total:1.06 GB) (Free:0.08 GB) NTFS
\\?\Volume{1ed93b7f-5be7-4a70-beef-f270ca27c456}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Size: 476.9 GB) (Disk ID: 01F9E3F6)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118193
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu / radu

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {85E021BD-E504-4271-B13C-ADDEEA47F2FD} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => C:\WINDOWS\system32\MusNotification.exe /RunOnBattery ReadyToReboot (No File)
ask: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {D3F771E7-01D7-4A4E-9637-A8F4DFDC771E} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\WINDOWS\system32\MusNotification.exe /RunOnAC ReadyToReboot (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File)
FCheck: C:\WINDOWS\SysWOW64\version_IObitDel.dll [2022-05-11] <==== ATTENTION (zero byte File/Folder)
CustomCLSID: HKU\S-1-5-21-590153330-3484553050-3099931381-1001_Classes\CLSID\{86ca1aa0-34aa-4e8b-a509-50c905bae2a2}\InprocServer32 -> => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk:F20EF51E1F [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk:1DC1525F34 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung DeX.lnk:04BD1844E0 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk:7AD7FA8AB1 [10]
FirewallRules: [UDP Query User{E5F6999E-593F-428D-9036-21243FE34B7D}C:\program files (x86)\ipctool\ipctool.exe] => (Allow) C:\program files (x86)\ipctool\ipctool.exe => No File
FirewallRules: [TCP Query User{AAE8F00E-F278-4F58-B66D-CA90F1244B8D}C:\program files (x86)\ipctool\ipctool.exe] => (Allow) C:\program files (x86)\ipctool\ipctool.exe => No File
FirewallRules: [UDP Query User{9C12C018-8B8E-4999-9479-B381F56EA1B5}D:\games\cs1.6\hl.exe] => (Allow) D:\games\cs1.6\hl.exe => No File
FirewallRules: [TCP Query User{C67D4C2F-87A6-4AEC-874C-5BEFA3FB323B}D:\games\cs1.6\hl.exe] => (Allow) D:\games\cs1.6\hl.exe => No File
FirewallRules: [{CE839D0B-0E61-4F2E-8CE3-2BA07F05D6C8}] => (Allow) C:\Program Files\uTorrent\utorrent.exe => No File
FirewallRules: [{767FB015-96F1-4361-A4C4-18776F34C752}] => (Allow) C:\Program Files\uTorrent\utorrent.exe => No File

EmptyTemp:
End
Uložte do C:\Users\MARRA\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

marrahouser
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 13 pro 2022 13:33

Re: Prosím o kontrolu logu / radu

#7 Příspěvek od marrahouser »

Fix result of Farbar Recovery Scan Tool (x64) Version: 11-12-2022
Ran by MARRA (14-12-2022 18:30:24) Run:1
Running from C:\Users\MARRA\Downloads
Loaded Profiles: MARRA
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {85E021BD-E504-4271-B13C-ADDEEA47F2FD} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => C:\WINDOWS\system32\MusNotification.exe /RunOnBattery ReadyToReboot (No File)
ask: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {D3F771E7-01D7-4A4E-9637-A8F4DFDC771E} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\WINDOWS\system32\MusNotification.exe /RunOnAC ReadyToReboot (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File)
FCheck: C:\WINDOWS\SysWOW64\version_IObitDel.dll [2022-05-11] <==== ATTENTION (zero byte File/Folder)
CustomCLSID: HKU\S-1-5-21-590153330-3484553050-3099931381-1001_Classes\CLSID\{86ca1aa0-34aa-4e8b-a509-50c905bae2a2}\InprocServer32 -> => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk:F20EF51E1F [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk:1DC1525F34 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung DeX.lnk:04BD1844E0 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk:7AD7FA8AB1 [10]
FirewallRules: [UDP Query User{E5F6999E-593F-428D-9036-21243FE34B7D}C:\program files (x86)\ipctool\ipctool.exe] => (Allow) C:\program files (x86)\ipctool\ipctool.exe => No File
FirewallRules: [TCP Query User{AAE8F00E-F278-4F58-B66D-CA90F1244B8D}C:\program files (x86)\ipctool\ipctool.exe] => (Allow) C:\program files (x86)\ipctool\ipctool.exe => No File
FirewallRules: [UDP Query User{9C12C018-8B8E-4999-9479-B381F56EA1B5}D:\games\cs1.6\hl.exe] => (Allow) D:\games\cs1.6\hl.exe => No File
FirewallRules: [TCP Query User{C67D4C2F-87A6-4AEC-874C-5BEFA3FB323B}D:\games\cs1.6\hl.exe] => (Allow) D:\games\cs1.6\hl.exe => No File
FirewallRules: [{CE839D0B-0E61-4F2E-8CE3-2BA07F05D6C8}] => (Allow) C:\Program Files\uTorrent\utorrent.exe => No File
FirewallRules: [{767FB015-96F1-4361-A4C4-18776F34C752}] => (Allow) C:\Program Files\uTorrent\utorrent.exe => No File

EmptyTemp:
End
*****************

Processes closed successfully.
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{85E021BD-E504-4271-B13C-ADDEEA47F2FD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{85E021BD-E504-4271-B13C-ADDEEA47F2FD}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery" => removed successfully
ask: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File) => Error: No automatic fix found for this entry.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D3F771E7-01D7-4A4E-9637-A8F4DFDC771E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D3F771E7-01D7-4A4E-9637-A8F4DFDC771E}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_AC" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
C:\WINDOWS\SysWOW64\version_IObitDel.dll => moved successfully
HKU\S-1-5-21-590153330-3484553050-3099931381-1001_Classes\CLSID\{86ca1aa0-34aa-4e8b-a509-50c905bae2a2} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk => ":BE32D07BC5" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk => ":B96E9B8455" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk => ":F20EF51E1F" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk => ":1DC1525F34" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung DeX.lnk => ":04BD1844E0" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk => ":7AD7FA8AB1" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E5F6999E-593F-428D-9036-21243FE34B7D}C:\program files (x86)\ipctool\ipctool.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{AAE8F00E-F278-4F58-B66D-CA90F1244B8D}C:\program files (x86)\ipctool\ipctool.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9C12C018-8B8E-4999-9479-B381F56EA1B5}D:\games\cs1.6\hl.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C67D4C2F-87A6-4AEC-874C-5BEFA3FB323B}D:\games\cs1.6\hl.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CE839D0B-0E61-4F2E-8CE3-2BA07F05D6C8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{767FB015-96F1-4361-A4C4-18776F34C752}" => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1048576 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 427790996 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 743590111 B
Windows/system/drivers => 11449989 B
Edge => 0 B
Chrome => 3952605303 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 530848 B
MARRA => 110415225 B

RecycleBin => 1449781537 B
EmptyTemp: => 6.2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:40:48 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118193
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu / radu

#8 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

marrahouser
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 13 pro 2022 13:33

Re: Prosím o kontrolu logu / radu

#9 Příspěvek od marrahouser »

Větrák se stále chová nějak podezřele chaoticky, ale víc budu vědět po delším testování. Zatím každopádně díky za Váš čas.

PS: Chtěl jsem fórum podpořit, nicméně nechce se mi úplně opisovat číslo účtu atd. a možná je to překážka i pro další potenciální dárce. Zvažovali jste umístit na stránku s dary QR kód? :)

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118193
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu / radu

#10 Příspěvek od Rudy »

Donate je věcí majitele, upozorním ho na to. Nedějí se ty vaše problémy po nějaké aktualizaci systému?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

marrahouser
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 13 pro 2022 13:33

Re: Prosím o kontrolu logu / radu

#11 Příspěvek od marrahouser »

Děje se to už tak dlouho, že už ani nevím, co významného se kolem toho data v PC událo. Jsem zapojený v programu Windows Insider, ale nikdo další s ním tento divný jev nespojuje a taky už za tu dobu byla spousta různých aktualizací a na tomto problému se nic nezměnilo. Nicméně děje se tak podle všeho dál i po našem zdejším zásahu. Jakmile vypnu Správce úloh, rozfučí se větrák, ačkoli se v systému (minimálně ne z mé strany) jinak nic jiného neděje. Možná jsem paranoidní, ale celé mi to smrdí například nějakým skriptem, který těží kryptoměnu výkonem mého PC a jakmile zapnu Správce úloh, tak se "schová". Nenapadá mě nic jiného, co by takto podezřele na toho Správce reagovalo. Samotné Windows to budou těžko.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118193
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu / radu

#12 Příspěvek od Rudy »

Vidím to tak, že to buď nějak souvisí se systémem, nebo je to vlastnost HW, popř. jste někdy něco nainstaloval, co to způsobuje. Nedokážu ale odhadnout, co by to mohlo být. Ještě můžete nainstalovat HWMonitor: https://www.instaluj.cz/hwmonitor , spustit a po ustálení hodnot sem dát screen okna HWM. Možná z něj něco vyčtu.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

marrahouser
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 13 pro 2022 13:33

Re: Prosím o kontrolu logu / radu

#13 Příspěvek od marrahouser »

OK, zkusím. Současně procházím dodatečně ještě fóra s relevantními klíčovými slovy a zdá se, že by na vině mohl být nějaký běžný (ale evidentně teda dost invazivní) program, který se zapne hned po spuštění Win.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118193
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu / radu

#14 Příspěvek od Rudy »

Dost možná.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět