Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Myš reaguje divně, sám se mačká enter stisknutím myši

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
keyfor4
Návštěvník
Návštěvník
Příspěvky: 58
Registrován: 30 kvě 2014 22:25

Myš reaguje divně, sám se mačká enter stisknutím myši

#1 Příspěvek od keyfor4 »

Dobrý den,
mám podezření na nějaký malware, prosím o kontrolu logu. Moc díky!

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-12-2022
Ran by Uzivatel (administrator) on MICHALA (LENOVO 80WK) (05-01-2023 12:32:38)
Running from C:\Users\Uzivatel\Desktop
Loaded Profiles: Uzivatel
Platform: Microsoft Windows 10 Home Version 22H2 19045.2364 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Qustodio\qapp\QUpdateService.exe ->) (Qustodio Technologies SL -> ) C:\Program Files (x86)\Qustodio\qapp\crashpad_handler.exe <3>
(C:\Program Files (x86)\Qustodio\qproxy\qengine.exe ->) (Qustodio Technologies SL -> Qustodio Technologies) C:\Program Files (x86)\Qustodio\qapp\QAppTray.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxEM.exe
(explorer.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4232.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <31>
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\Family First\DDnsChecker\DnsCheckerService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c2ac023763d5d3ad\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_e3f96af62737a898\RstMwService.exe
(services.exe ->) (LENOVO -> Lenovo(beijing) Limited) C:\Program Files\Lenovo\Nerve Center\bin\x64\PluginLoaderSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
(services.exe ->) (Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvltig.inf_amd64_0d04d46e99e0e8d9\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Qustodio Technologies SL -> Qustodio Technologies) C:\Program Files (x86)\Qustodio\qapp\QUpdateService.exe
(services.exe ->) (Qustodio Technologies SL -> Qustodio Technologies) C:\Program Files (x86)\Qustodio\qproxy\qengine.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4232.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (LENOVO -> Lenovo(beijing) Limited) C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenterUpdateAgent.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22102.229.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19677688 2021-10-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617784 2021-10-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617784 2021-10-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [194480 2022-11-03] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11327200 2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [QAppTray] => C:\Program Files (x86)\Qustodio\qapp\QAppTray.exe [5817888 2022-09-23] (Qustodio Technologies SL -> Qustodio Technologies)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [279240 2016-12-09] (Canon Inc. -> CANON INC.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\Run: [launchOnStartup] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [13799776 2022-03-21] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\Run: [Steam] => D:\Steam\steam.exe [4246376 2022-12-15] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38916432 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\Run: [com.squirrel.slack.slack] => C:\Users\Uzivatel\AppData\Local\slack\slack.exe [309040 2022-08-31] (Slack Technologies, Inc. -> Slack Technologies Inc.)
HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\MountPoints2: {4fbf8dc8-fa2c-11ec-adc3-54e1ad4b7247} - "E:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\Canon G3010 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDEI.DLL [482816 2017-08-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon TS5000 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDF.DLL [30720 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor G3010 series: C:\WINDOWS\system32\CNMLMEI.DLL [1303040 2017-08-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5300 series: CNMLMAT.DLL (No File)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS5000 series: C:\WINDOWS\system32\CNMLMDF.DLL [485376 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS5000 series XPS: C:\WINDOWS\system32\CNMXLMDF.DLL [487424 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [359936 2012-06-14] (CANON INC.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\108.0.5359.125\Installer\chrmstp.exe [2022-12-16] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\108.1.46.144\Installer\chrmstp.exe [2022-12-15] (Brave Software, Inc. -> Brave Software, Inc.)
GroupPolicy\User: Restriction ? <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02276FA8-2F26-4150-B8BF-51C0AD1C7BEB} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {0FDAAC7E-54CC-42D3-81C8-64B220F6E612} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2567049384-1476051938-1418897080-1002 => C:\Users\Uzivatel\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File)
Task: {1001AFA4-6FD5-41D1-9947-F6D1D6608426} - System32\Tasks\Opera scheduled assistant Autoupdate 1656611901 => C:\Users\Uzivatel\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Uzivatel\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {1683CC96-F947-4DAD-8D7F-C388FBFFAEE2} - System32\Tasks\Opera scheduled Autoupdate 1656611895 => C:\Users\Uzivatel\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {19FCE532-E3E3-4CD5-B322-2898E6A1F1A6} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {29A72C34-32DC-4F07-9604-57EEE19E599C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {3070743D-48EF-4580-9B8D-7AF2BFE073BE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {37DF3989-B35D-416D-97D6-955BF6B40BA0} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {3A83F326-857D-4092-9692-A2F8CDF072E3} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-12-09] (Piriform Software Ltd -> Piriform)
Task: {3EA38098-76CC-487A-BB78-4C3025E80648} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3077448 2021-12-13] (Intel Corporation -> Intel Corporation)
Task: {4A318BEE-B304-4FB7-A059-DE978439D427} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {4FD19FF7-92AD-44BE-A093-191FE9511092} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {509436D4-DAAA-4C40-B6C5-9CD48C4A7AE9} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "1351fa5c-2ac1-4f85-a3a0-4de5e77ad4ec" --version "6.07.10191" --silent
Task: {518F092C-C398-4788-8D59-2E58EABE786B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-01] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {51ADEE62-7337-4038-9DF3-674806DAF427} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {58BD1CEE-AFAD-472D-9CF9-7B229E424DBC} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2567049384-1476051938-1418897080-1002 => C:\Users\Uzivatel\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {5D9E662D-407A-4E94-BF2E-7294BDA7B4F8} - System32\Tasks\CCleanerSkipUAC - Uzivatel => C:\Program Files\CCleaner\CCleaner.exe [32602448 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {63CC4E57-26E7-44F9-9E8B-DEE607E1D013} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {65A96F5D-1447-475D-8177-EAFB2E46939B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {67506DFB-2FDD-4999-8DA5-2773D83BE552} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe /CM -search R -action INSTALL -includerebootpackages 1,3,4 -noicon -noreboot -nolicense -defaultupdate -schtask (No File)
Task: {74EA52C1-1E75-45EB-BDD8-F6EA087AB992} - System32\Tasks\GoogleUpdateTaskMachineCore{79EC1C55-1C31-40FC-A573-A9D45B7262A9} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-10-11] (Google Inc -> Google LLC)
Task: {794177E9-F5AC-44DE-90E7-8D46F9FC3186} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {79D2EFCE-7F3B-4458-9433-2C285FAC211D} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {7EE6C38D-C04B-42CA-BAA2-A3202D4B969B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342080 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {8B746C94-F7D0-400F-92C9-530B45939C15} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {9D326BD3-C485-460B-ACD8-655979BCEE16} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162456 2021-12-18] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {9D8250B7-30FE-418F-AEF2-AD6D95BE7FAC} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {A17FCD6C-655F-4518-AFF1-D625717A0664} - System32\Tasks\GoogleUpdateTaskMachineUA{840A3A40-9A02-4585-B354-6E9D393B94AA} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-10-11] (Google Inc -> Google LLC)
Task: {A724C4B6-C811-4825-A025-204E820A767D} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {A7986DE1-334C-4A42-A6AA-FDCA819193C4} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162456 2021-12-18] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {AB5DF58E-66C9-4610-8103-9EC70023DFC0} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3077448 2021-12-13] (Intel Corporation -> Intel Corporation)
Task: {D9B587DE-F8F3-4A01-8754-D67AE9F6054A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646344 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {E218548D-EF9E-47ED-A06D-BB5A4ADA92BF} - System32\Tasks\NerveCenterUpdate => C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenterUpdateAgent.exe [744800 2017-04-28] (LENOVO -> Lenovo(beijing) Limited)
Task: {F7866A90-CE98-4729-8EC4-6FABEDEA486E} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {F7920DBF-32FC-4719-85C6-C245E9DF19A0} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe PendingTask (No File)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{048e9000-5619-41aa-b32e-01d2d585c78b}: [DhcpNameServer] 192.168.2.1 0.0.0.0
Tcpip\..\Interfaces\{e5ea96d8-3994-4a08-886a-d1c2a3fe2cbc}: [DhcpNameServer] 192.168.1.1

Edge:
=======
DownloadDir: C:\Users\Uzivatel\Downloads
Edge Profile: C:\Users\Uzivatel\AppData\Local\Microsoft\Edge\User Data\Default [2022-12-22]
Edge DownloadDir: Default -> C:\Users\Uzivatel\Downloads
Edge StartupUrls: Default -> "hxxps://r-pass.cz/"

FireFox:
========
FF DefaultProfile: 37tql1uz.default
FF ProfilePath: C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\37tql1uz.default [2023-01-05]
FF ProfilePath: C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\vp2ps7ar.default-release-1630156417128 [2023-01-05]
FF Notifications: Mozilla\Firefox\Profiles\vp2ps7ar.default-release-1630156417128 -> hxxps://aukro.cz; hxxps://voyo.nova.cz; hxxps://jaknaletenky.cz; hxxps://meet.google.com
FF Extension: (LastPass: Free Password Manager) - C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\vp2ps7ar.default-release-1630156417128\Extensions\support@lastpass.com.xpi [2022-12-20]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2023-01-05]

Chrome:
=======
CHR Profile: C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default [2023-01-03]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR StartupUrls: Default -> "hxxp://www.r-pass.cz/"
CHR Extension: (Dokumenty Google offline) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-12-23]
CHR Extension: (Vysor) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gidgenkbbabolejbgbpnhbimgjbffefm [2021-12-29]
CHR Extension: (Story Saver) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafcolokinicfdmlidhaebadidhdehpk [2023-01-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]

Brave:
=======
BRA Profile: C:\Users\Uzivatel\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2022-12-13]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\Uzivatel\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2022-11-07]
BRA Extension: (Brave NTP background images) - C:\Users\Uzivatel\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2022-08-30]
BRA Extension: (Wallet Data Files Updater) - C:\Users\Uzivatel\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2022-10-15]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\Uzivatel\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2022-11-07]
BRA Extension: (Brave NTP sponsored images) - C:\Users\Uzivatel\AppData\Local\BraveSoftware\Brave-Browser\User Data\efkihffiamafhbhefjaljejgdpkelpal [2022-11-07]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\Uzivatel\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2022-03-30]
BRA Extension: (Brave Ad Block Updater (CZE, SVK: EasyList Czech and Slovak)) - C:\Users\Uzivatel\AppData\Local\BraveSoftware\Brave-Browser\User Data\omkkefoeihpbpebhhbhmjekpnegokpbj [2022-11-07]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\Uzivatel\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2022-11-07]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162456 2021-12-18] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162456 2021-12-18] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1003344 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
R2 DnsCheckerService; C:\Program Files (x86)\Family First\DDnsChecker\DnsCheckerService.exe [13824 2021-01-19] () [File not signed]
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2019-01-21] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
S3 EHttpSrv; C:\Program Files\ESET\ESET Security\ehttpsrv.exe [53880 2022-11-03] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3428784 2022-11-03] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3428784 2022-11-03] (ESET, spol. s r.o. -> ESET)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1959776 2022-03-21] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6484832 2022-03-21] (GOG Sp. z o.o. -> GOG.com)
S3 GameRecorderSVC; C:\Program Files\Lenovo\Nerve Center\bin\x86\GameRecorderSVC.exe [392032 2017-04-28] (LENOVO -> Lenovo(beijing) Limited)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [445432 2021-04-19] (Canon Inc. -> )
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2562776 2022-01-31] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3481312 2022-01-31] (Electronic Arts, Inc. -> Electronic Arts)
R2 PluginLoaderSvc; C:\Program Files\Lenovo\Nerve Center\bin\x64\PluginLoaderSvc.exe [966496 2017-04-28] (LENOVO -> Lenovo(beijing) Limited)
R2 qengine; C:\Program Files (x86)\Qustodio\qproxy\qengine.exe [5621288 2022-09-22] (Qustodio Technologies SL -> Qustodio Technologies)
R2 qupdate; C:\Program Files (x86)\Qustodio\qapp\QUpdateService.exe [2348064 2022-09-23] (Qustodio Technologies SL -> Qustodio Technologies)
S3 Rockstar Service; D:\Rockstar Games\Launcher\RockstarService.exe [2703192 2022-12-12] (Rockstar Games, Inc. -> Rockstar Games)
R2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [12288 2021-11-19] (Microsoft) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\NisSrv.exe [2372048 2020-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MsMpEng.exe [128376 2020-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [20480 2021-11-19] (Microsoft) [File not signed]
S3 BraveElevationService; "C:\Program Files\BraveSoftware\Brave-Browser\Application\108.1.46.144\elevation_service.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvltig.inf_amd64_0d04d46e99e0e8d9\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvltig.inf_amd64_0d04d46e99e0e8d9\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 BHTPCRDR; C:\WINDOWS\System32\drivers\bhtpcrdr.sys [174496 2021-10-16] (BayHub Technology Inc. -> BayHubTech/O2Micro)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [194336 2022-11-03] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [118400 2022-11-03] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [16336 2022-08-31] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [235632 2022-11-03] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [80664 2022-11-03] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [121000 2022-11-03] (ESET, spol. s r.o. -> ESET)
S3 FBNetFilter; C:\Windows\system32\Drivers\FBNetFlt.sys [46576 2017-04-28] (Lenovo (Beijing) Co., Ltd. -> Lenovo(beijing) Limited)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S3 pelmouse; C:\WINDOWS\system32\DRIVERS\pelmouse.sys [26880 2016-07-11] (WDKTestCert idd,131110062695071623 -> TPMX Electronics Ltd.)
S3 pelusblf; C:\WINDOWS\system32\DRIVERS\pelusblf.sys [33048 2016-07-11] (WDKTestCert idd,131110062695071623 -> )
R1 qwdf64; C:\WINDOWS\system32\Drivers\qwdf64.sys [41872 2022-06-28] (Qustodio Technologies, SL -> Qustodio Technologies)
R1 qwdr64; C:\WINDOWS\system32\Drivers\qwdr64.sys [55696 2022-06-28] (Qustodio Technologies, SL -> Qustodio Technologies)
R2 qwfp; C:\WINDOWS\system32\Drivers\qwfp64.sys [47640 2022-06-28] (Microsoft Windows Hardware Compatibility Publisher -> Qustodio Technologies)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [428264 2020-11-03] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69864 2020-11-03] (Microsoft Windows -> Microsoft Corporation)
U3 avgbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-01-05 12:33 - 2023-01-05 12:33 - 001222144 _____ C:\Users\Uzivatel\Desktop\RSITx64.exe
2023-01-05 12:32 - 2023-01-05 12:33 - 000032527 _____ C:\Users\Uzivatel\Desktop\FRST.txt
2023-01-05 12:31 - 2023-01-05 12:31 - 002376192 _____ (Farbar) C:\Users\Uzivatel\Desktop\FRST64.exe
2023-01-04 15:08 - 2023-01-04 15:08 - 000018777 _____ C:\Users\Uzivatel\Desktop\planovaci-kalendar-vyska zdroj-web.xlsx
2023-01-04 13:26 - 2023-01-04 14:47 - 000018785 _____ C:\Users\Uzivatel\Downloads\planovaci-kalendar-vyska zdroj-web.xlsx
2023-01-04 09:19 - 2023-01-04 09:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2023-01-03 10:48 - 2023-01-03 10:48 - 001300377 _____ C:\Users\Uzivatel\Downloads\potvrzení_Equip-1.pdf
2023-01-03 10:47 - 2023-01-03 10:47 - 001300377 _____ C:\Users\Uzivatel\Downloads\potvrzení_Equip.pdf
2023-01-03 10:46 - 2023-01-03 10:46 - 001300377 _____ C:\Users\Uzivatel\Desktop\potvrzení_Equip.pdf
2023-01-03 09:21 - 2023-01-03 09:21 - 000107523 _____ C:\Users\Uzivatel\Downloads\hb_potvrzeni_uroky_587995-1_20230101_009.pdf
2023-01-03 08:33 - 2023-01-03 08:33 - 000768068 _____ C:\Users\Uzivatel\Desktop\KoloemociCZ.pdf
2022-12-25 00:54 - 2022-12-25 00:54 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2022-12-20 19:20 - 2022-12-20 19:58 - 000000000 ____D C:\Users\Uzivatel\Documents\Mount&Blade Savegames
2022-12-20 19:19 - 2022-12-20 20:11 - 000000000 ____D C:\Users\Uzivatel\AppData\Roaming\Mount&Blade
2022-12-20 19:01 - 2022-12-20 19:01 - 000116165 _____ C:\Users\Uzivatel\Downloads\2022123083.pdf
2022-12-20 18:09 - 2022-12-20 18:09 - 000000000 ____D C:\Users\Uzivatel\Documents\Mount&Blade Warband Savegames
2022-12-20 18:08 - 2022-12-20 20:43 - 000000000 ____D C:\Users\Uzivatel\Documents\Mount&Blade Warband
2022-12-20 18:08 - 2022-12-20 18:08 - 000000000 ____D C:\Users\Uzivatel\AppData\Roaming\Mount&Blade Warband
2022-12-18 12:57 - 2022-12-18 12:57 - 000048745 _____ C:\Users\Uzivatel\Downloads\Pohyb_25826003110_na_uctu_2000340629.pdf
2022-12-18 08:19 - 2022-12-18 08:19 - 000000000 ___HD C:\$WinREAgent
2022-12-06 13:21 - 2022-12-06 13:21 - 000100698 _____ C:\Users\Uzivatel\Downloads\AC-Statistika-CITYHOUSE-2022(1).xlsx
2022-12-06 12:27 - 2022-12-06 12:27 - 000010745 _____ C:\Users\Uzivatel\Downloads\Leadership Conference, Vienna 2022 - Timetable & Sesisons.xlsx

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-01-05 12:33 - 2021-04-11 09:16 - 000013104 _____ C:\WINDOWS\SysWOW64\qengineOff.ini
2023-01-05 12:33 - 2021-04-11 09:16 - 000013104 _____ C:\WINDOWS\system32\qengineOff.ini
2023-01-05 12:32 - 2021-10-30 10:56 - 000000000 ____D C:\FRST
2023-01-05 12:31 - 2021-04-12 13:31 - 000000000 ____D C:\ProgramData\Qustodio
2023-01-05 12:30 - 2022-02-11 10:23 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-01-05 12:30 - 2021-12-11 09:21 - 000000000 ____D C:\Program Files\CCleaner
2023-01-05 12:30 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-01-05 12:30 - 2019-10-11 08:29 - 000000000 ____D C:\Program Files (x86)\Google
2023-01-05 12:29 - 2020-04-22 15:14 - 000000000 ____D C:\Users\Uzivatel\AppData\LocalLow\Mozilla
2023-01-05 12:28 - 2022-04-17 19:28 - 000000000 __SHD C:\Users\Uzivatel\IntelGraphicsProfiles
2023-01-05 12:28 - 2022-04-15 08:57 - 000000000 ____D C:\ProgramData\NVIDIA
2023-01-05 12:28 - 2021-12-11 10:55 - 000008192 ___SH C:\DumpStack.log.tmp
2023-01-05 12:28 - 2021-04-11 09:16 - 000000000 ____D C:\ProgramData\boost_interprocess
2023-01-05 12:28 - 2020-08-04 17:47 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-01-05 12:28 - 2019-10-11 08:30 - 000000000 ____D C:\Intel
2023-01-05 12:26 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-01-05 12:25 - 2020-04-29 12:48 - 000000000 ____D C:\Users\Uzivatel\AppData\Roaming\vlc
2023-01-05 12:01 - 2020-08-04 17:44 - 001693268 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-01-05 12:01 - 2019-12-07 15:41 - 000718024 _____ C:\WINDOWS\system32\perfh005.dat
2023-01-05 12:01 - 2019-12-07 15:41 - 000145166 _____ C:\WINDOWS\system32\perfc005.dat
2023-01-05 12:01 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-01-05 11:27 - 2020-08-04 14:11 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-01-05 08:56 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-01-05 08:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-01-04 22:58 - 2021-12-11 09:21 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-01-04 14:46 - 2019-10-11 08:25 - 000000000 ____D C:\Users\Uzivatel\AppData\Local\Packages
2023-01-04 12:39 - 2021-03-18 07:30 - 000000000 ____D C:\Users\Uzivatel\AppData\Roaming\Evernote
2023-01-04 09:20 - 2022-03-30 09:56 - 000000000 ____D C:\Users\Uzivatel\AppData\Roaming\DropboxElectron
2023-01-04 09:19 - 2021-03-18 07:23 - 000000000 ____D C:\Users\Uzivatel\AppData\Local\Dropbox
2023-01-04 09:19 - 2021-03-18 07:23 - 000000000 ____D C:\Program Files (x86)\Dropbox
2023-01-04 09:01 - 2020-08-04 17:47 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-01-04 09:01 - 2020-08-04 17:47 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-01-03 22:20 - 2022-10-03 03:07 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-01-02 23:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-12-28 11:06 - 2022-02-23 16:56 - 000000000 ____D C:\ProgramData\CanonIJPLM
2022-12-23 15:52 - 2022-04-17 19:29 - 000000000 ____D C:\Users\Uzivatel\AppData\Local\D3DSCache
2022-12-23 09:56 - 2022-10-03 03:07 - 000003476 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2022-12-23 09:56 - 2022-01-24 22:45 - 000000000 ____D C:\Users\Uzivatel\AppData\Local\CrashDumps
2022-12-20 19:27 - 2021-03-18 07:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-12-20 19:27 - 2020-07-07 14:36 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-12-20 09:29 - 2021-10-10 19:45 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-12-20 09:29 - 2021-03-18 07:21 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-12-18 14:59 - 2020-08-04 14:11 - 000450512 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemApps
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-12-18 08:29 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-12-18 08:26 - 2020-08-04 17:43 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-12-18 08:16 - 2020-04-22 19:03 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-12-18 08:13 - 2020-04-22 19:03 - 148633544 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-12-17 11:35 - 2020-08-03 10:30 - 000000000 ____D C:\Users\Uzivatel
2022-12-16 13:03 - 2019-10-11 08:30 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-12-16 12:13 - 2020-07-09 09:25 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-12-15 08:20 - 2021-12-18 17:48 - 000002364 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2022-12-15 08:20 - 2021-12-18 17:48 - 000002323 _____ C:\Users\Public\Desktop\Brave.lnk
2022-12-10 22:18 - 2022-02-19 14:17 - 000014263 _____ C:\Users\Uzivatel\Desktop\inverness.xlsx
2022-12-10 18:35 - 2021-03-18 07:23 - 000000928 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2022-12-10 18:35 - 2021-03-18 07:23 - 000000924 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job

==================== Files in the root of some directories ========

2022-02-11 15:34 - 2022-02-11 15:34 - 000000204 _____ () C:\Users\Uzivatel\AppData\Roaming\359a9ea7-9833-4059-bf05-b7eefa6ef5b7.tmp
2022-01-26 17:49 - 2022-01-26 17:49 - 000000371 _____ () C:\Users\Uzivatel\AppData\Roaming\5daa97cb-195f-4dd7-9cbf-c06510b65b3e.tmp
2020-09-03 11:54 - 2020-09-03 12:18 - 047902775 _____ () C:\Users\Uzivatel\AppData\Roaming\gta5_patch.bin
2020-09-03 11:54 - 2020-09-03 11:54 - 000332800 _____ () C:\Users\Uzivatel\AppData\Roaming\patcher.dll
2021-04-04 19:19 - 2022-03-21 00:40 - 000000081 _____ () C:\Users\Uzivatel\AppData\Local\.bidstack.fault
2020-04-22 16:57 - 2022-01-25 23:02 - 000007597 _____ () C:\Users\Uzivatel\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================



Addition:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-12-2022
Ran by Uzivatel (05-01-2023 12:33:57)
Running from C:\Users\Uzivatel\Desktop
Microsoft Windows 10 Home Version 22H2 19045.2364 (X64) (2020-08-04 16:47:59)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2567049384-1476051938-1418897080-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2567049384-1476051938-1418897080-503 - Limited - Disabled)
Guest (S-1-5-21-2567049384-1476051938-1418897080-501 - Limited - Disabled)
Uzivatel (S-1-5-21-2567049384-1476051938-1418897080-1001 - Administrator - Enabled) => C:\Users\Uzivatel
WDAGUtilityAccount (S-1-5-21-2567049384-1476051938-1418897080-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {DF8BEACB-94C9-218A-73AD-A78362A8C516}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.003.20282 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Assassin's Creed Odyssey (HKLM-x32\...\Uplay Install 5059) (Version: - Ubisoft)
Assassin's Creed Origins (HKLM-x32\...\Uplay Install 3539) (Version: - Ubisoft)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 108.1.46.144 - Autoři prohlížeče Brave)
Brother iPrint&Scan (HKLM-x32\...\{566A27C1-043E-4A17-AC78-338559A4953B}) (Version: 10.0.0.120 - Brother Industries, Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{7ef8cf92-cb09-4d1f-a0ed-8c84f4e7a478}) (Version: 10.0.0.120 - Brother Industries, Ltd.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon G3010 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_G3010_series) (Version: 1.01 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.5.3 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.05.1.51 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.4.0.16 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.4.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
Canon TS5000 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS5000_series) (Version: 1.03 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.07 - Piriform)
Dolby Audio X2 Windows API SDK (HKLM\...\{F290F786-5F69-48D4-B20B-D21C7DE56EF0}) (Version: 0.8.8.88 - Dolby Laboratories, Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 164.4.7914 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.685.1 - Dropbox, Inc.) Hidden
ESET Endpoint Antivirus (HKLM\...\{F8DE2A0C-AE50-4915-9F99-12A9B1DFCADA}) (Version: 9.1.2060.0 - ESET, spol. s r.o.)
Evernote 10.49.4 (HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\e4251011-875e-51f3-a464-121adaff5aaa) (Version: 10.49.4 - Evernote Corporation)
FIFA 18 (HKLM-x32\...\{213CC10A-B8CB-4EBA-B277-6B08B7C22A65}) (Version: 1.0.57.57320 - Electronic Arts)
FIFA 19 (HKLM-x32\...\{3391E07D-8484-4124-817E-FCBDA859FD62}) (Version: 1.0.61.54442 - Electronic Arts)
Flawless Widescreen version 1.0.15 (HKLM-x32\...\{7348D82E-8C68-48FF-BA2D-8C97B5B4B3D8}_is1) (Version: 1.0.15 - Flawless Widescreen)
FM Genie Scout 22 version 1.0 22.4.1 beta 13 (HKLM\...\FM Genie Scout 22_is1) (Version: 1.0 22.4.1 beta 13 - )
FMRTE 20.4.4.47 (HKLM-x32\...\{14A58A15-B038-4C19-A024-3B6016F86A14}_is1) (Version: 20.4.4.47 - FMRTE)
FMRTE 22.4.1.23 (HKLM-x32\...\{34EDE299-09F3-48D9-95E9-92EFF3265F81}_is1) (Version: 22.4.1.23 - FMRTE)
FormatFactory 5.4.5.0 (HKLM-x32\...\FormatFactory) (Version: 5.4.5.0 - Free Time)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM\...\{6A6D3422-8127-3867-A83C-56B555636ECA}) (Version: 108.0.5359.125 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.101.0 - Google LLC) Hidden
HttpToUsbBridge (HKLM-x32\...\{3F9BB162-F826-4EBC-AA60-42020CA134CD}) (Version: 2.0.10.1 - Brother Industries Ltd.)
Intel(R) Computing Improvement Program (HKLM\...\{EFE4A88A-FF8B-4D0E-8354-E0B7C3ED9E50}) (Version: 2.4.08840 - Intel Corporation)
Krtek a jeho veliké dobrodružství (HKLM-x32\...\{5DF18D93-076F-4E90-B6CF-3CF96110F1D4}_is1) (Version: - Play sp. z o. o.)
Lenovo Nerve Sense (HKLM\...\{DCB4DFB5-93CA-4BDD-9D08-CE880626B46E}_is1) (Version: 2.6.11.8 - Lenovo)
Microsoft .NET Core Host - 3.1.28 (x64) (HKLM\...\{26ECE92F-518E-40AF-9108-7B7B444A46DE}) (Version: 24.112.31513 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.28 (x64) (HKLM\...\{CDEA72F4-1367-4E0A-AC5F-0EBAF7C6825A}) (Version: 24.112.31513 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.28 (x64) (HKLM\...\{3691148D-EF42-4812-8956-AE11FC413B8D}) (Version: 24.112.31513 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.28 (x64) (HKLM-x32\...\{231e3b76-4d0f-4e60-9d69-f11c9c448630}) (Version: 3.1.28.31513 - Microsoft Corporation)
Microsoft Access MUI (Czech) 2013 (HKLM\...\{90150000-0015-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft DCF MUI (Czech) 2013 (HKLM\...\{90150000-0090-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 108.0.1462.54 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 108.0.1462.54 - Microsoft Corporation)
Microsoft Excel MUI (Czech) 2013 (HKLM\...\{90150000-0016-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (Czech) 2013 (HKLM\...\{90150000-00BA-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Czech) 2013 (HKLM\...\{90150000-0044-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (Czech) 2013 (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Czech) 2013 (HKLM\...\{90150000-00E1-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Czech) 2013 (HKLM\...\{90150000-00E2-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Proofing (Czech) 2013 (HKLM\...\{90150000-002C-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (Czech) 2013 (HKLM\...\{90150000-00C1-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2013 (HKLM\...\{90150000-006E-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (Czech) 2013 (HKLM\...\{90150000-00A1-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Czech) 2013 (HKLM\...\{90150000-001A-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Czech) 2013 (HKLM\...\{90150000-0018-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Czech) 2013 (HKLM\...\{90150000-0019-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Update Health Tools (HKLM\...\{80F1AF52-7AC0-42A3-9AF0-689BFB271D1D}) (Version: 3.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31332 (HKLM-x32\...\{3746f21b-c990-4045-bb33-1cf98cff7a68}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31332 (HKLM\...\{F4499EE3-A166-496C-81BB-51D1BCDC70A9}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31332 (HKLM\...\{3407B900-37F5-4CC2-B612-5CD5D580A163}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Word MUI (Czech) 2013 (HKLM\...\{90150000-001B-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mount and Blade: Warband (HKLM-x32\...\1207666913_is1) (Version: 2.059 - GOG.com)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 108.0.1 (x64 cs)) (Version: 108.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 86.0.1 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
NVIDIA FrameView SDK 1.2.7521.31103277 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.7521.31103277 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.25.1.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.25.1.27 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 512.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 512.15 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.110.50000 - Electronic Arts, Inc.)
Qustodio (HKLM-x32\...\Qustodio) (Version: 185.0.1170.0 - Qustodio)
Red Dead Redemption 2 (HKLM-x32\...\Red Dead Redemption 2) (Version: 1.0.1491.16 - Rockstar Games)
Registrace tiskárny (HKLM-x32\...\Canon EISRegistration) (Version: 1.8.0 - Canon Inc.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.67.1178 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.1.6.5 - Rockstar Games)
Slack (HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\slack) (Version: 4.28.171 - Slack Technologies Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Witcher 3: Wild Hunt - Game of the Year Edition (HKLM-x32\...\1495134320_is1) (Version: 1.32 - GOG.com)
Theophilos 3 (HKLM-x32\...\Theophilos_is1) (Version: - )
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 123.1.10526 - Ubisoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Zoom (HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\ZoomUMX) (Version: 5.11.4 (7185) - Zoom Video Communications, Inc.)

Packages:
=========
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2022-04-12] (Canon Inc.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-01-25] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_141.2.441.0_x64__v10z8vjag6ke6 [2022-12-06] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-01-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-01-25] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-20] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-10-16] (NVIDIA Corp.)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4232.0_x64__8j3eq9eme6ctt [2022-12-20] (INTEL CORP) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2567049384-1476051938-1418897080-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Uzivatel\Dropbox [2021-03-18 07:26]
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-11-03] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files\FormatFactory\ShellEx_108.dll [2020-08-04] (Free Time) [File not signed]
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-11-03] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files\FormatFactory\ShellEx_108.dll [2020-08-04] (Free Time) [File not signed]
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvltig.inf_amd64_0d04d46e99e0e8d9\nvshext.dll [2022-03-18] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-11-03] (ESET, spol. s r.o. -> ESET)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Vysor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=gidgenkbbabolejbgbpnhbimgjbffefm

==================== Loaded Modules (Whitelisted) =============

2020-04-22 16:53 - 2012-06-14 16:18 - 000359936 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2020-08-04 10:46 - 2020-08-04 10:46 - 000341504 _____ (Free Time) [File not signed] C:\Program Files\FormatFactory\ShellEx_108.dll
2019-10-11 08:30 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2022-12-15 09:45 - 2022-12-15 09:45 - 041845248 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4232.0_x64__8j3eq9eme6ctt\IGCC.dll
2022-02-05 21:03 - 2022-02-05 21:03 - 002122240 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll
2019-07-31 17:28 - 2019-07-31 17:28 - 005112440 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Qustodio\qapp\Qt5Core.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Uzivatel\Desktop\slawek.txt:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Uzivatel\Downloads\jeststar.JPG:com.dropbox.attrs [54]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\qwfp => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2019-08-19] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Uzivatel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "iPSNotifier.lnk"
HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX2"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "QAppTray"
HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\StartupApproved\Run: => "launchOnStartup"
HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\StartupApproved\Run: => "com.squirrel.slack.slack"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{00735113-238B-4D55-B5BF-FA74B81163DB}] => (Allow) D:\Steam\steamapps\common\Gothic 3\Gothic3.exe (Pluto 13 GmbH) [File not signed]
FirewallRules: [{C0930574-F9F1-4CD8-B630-D4EB21DDC8B5}] => (Allow) D:\Steam\steamapps\common\Gothic 3\Gothic3.exe (Pluto 13 GmbH) [File not signed]
FirewallRules: [UDP Query User{644E18D1-1B61-4EA3-BF24-05A0167CA5F4}D:\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\rockstar games\grand theft auto v\gta5.exe => No File
FirewallRules: [TCP Query User{C6881EB2-ADD8-4CF3-A74A-6AF1BC34328F}D:\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\rockstar games\grand theft auto v\gta5.exe => No File
FirewallRules: [{82DFF841-3DBD-4F28-AAD8-0B2CA12BAA34}] => (Allow) D:\Steam\steamapps\common\Risen 3\system\Risen3.exe (Piranha Bytes) [File not signed]
FirewallRules: [{C5667492-043F-4C53-8A4F-DE3E2BA93DAD}] => (Allow) D:\Steam\steamapps\common\Risen 3\system\Risen3.exe (Piranha Bytes) [File not signed]
FirewallRules: [{766C82F3-9D99-474F-90A4-D61EB53F8D48}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{221ECB11-F95C-4DFE-8113-8B4A29028802}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{236872B9-42B6-4AF3-88CC-26D235F7FFA8}D:\fifa 18\fifa18.exe] => (Allow) D:\fifa 18\fifa18.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [TCP Query User{6524545F-07A5-4666-B077-0086B3B82660}D:\fifa 18\fifa18.exe] => (Allow) D:\fifa 18\fifa18.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{E2FB3F5D-97B8-4E5D-839B-DC41D359D472}] => (Allow) D:\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{9C4431C4-9C06-450B-978A-2837075984DB}] => (Allow) D:\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1C74673D-BF51-4CF8-9F38-389FE2E7DC88}] => (Allow) C:\Users\Uzivatel\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{8E9D4316-6F0E-4566-A0DA-238A236B19B8}] => (Allow) C:\Users\Uzivatel\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{4B742B35-886E-46C3-8A4D-655C374106C7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{773FC684-73C2-40E6-BB6F-9FB8FD7AA2E4}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [{2E07F165-71F8-4BC5-AFF4-CFA0847D4DEC}] => (Allow) D:\Steam\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{FCE38A7E-68CD-4F6F-AE19-87D0287201D7}] => (Allow) D:\Steam\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{F637B890-FBCA-4D32-8E20-823B347FE805}] => (Allow) D:\FIFA 18\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{40573400-EA71-4A1B-B808-41B48F02984B}] => (Allow) D:\FIFA 18\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [TCP Query User{49022A4D-8ACE-4715-974A-4E6D53981A00}D:\fifa 19\fifa 19\fifa19.exe] => (Allow) D:\fifa 19\fifa 19\fifa19.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [UDP Query User{AB6AB948-FFD7-418B-AB04-01A1D9EE4DBF}D:\fifa 19\fifa 19\fifa19.exe] => (Allow) D:\fifa 19\fifa 19\fifa19.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{F9F85BB8-7F06-477C-93DB-DA82F136ABAD}] => (Allow) D:\FIFA 19\FIFA 19\FIFASetup\fifaconfig.exe () [File not signed]
FirewallRules: [{CB5873C6-A3E7-4B89-A635-45BB4CD40584}] => (Allow) D:\FIFA 19\FIFA 19\FIFASetup\fifaconfig.exe () [File not signed]
FirewallRules: [{DEB3BFF9-370C-42E1-A9BA-78F3D73BB8F2}] => (Allow) D:\Steam\steamapps\common\Football Manager 2020 Touch\fm.exe (Sports Interactive) [File not signed]
FirewallRules: [{2A5BE423-7356-423B-A12C-FB71FAB89C6E}] => (Allow) D:\Steam\steamapps\common\Football Manager 2020 Touch\fm.exe (Sports Interactive) [File not signed]
FirewallRules: [{81DCE5DE-A739-4D8E-8632-3A99DAE5428D}] => (Allow) D:\Steam\steamapps\common\Football Manager 2020\fm.exe (Sports Interactive) [File not signed]
FirewallRules: [{210E095D-BC8C-45FF-8C94-6713336DDABE}] => (Allow) D:\Steam\steamapps\common\Football Manager 2020\fm.exe (Sports Interactive) [File not signed]
FirewallRules: [{0F333F60-50AF-42BE-A30E-5BB034C29303}] => (Allow) D:\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe (WB Games, Inc.) [File not signed]
FirewallRules: [{88FFAB28-128A-4BC8-A9BF-807D07B10BB2}] => (Allow) D:\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe (WB Games, Inc.) [File not signed]
FirewallRules: [{BF168841-42B5-42FC-B265-30D7CBEC7EB1}] => (Allow) D:\Steam\steamapps\common\ShadowOfWar\x64\ShadowOfWar.exe (WB Games Inc. -> WB Games, Inc.) [File not signed]
FirewallRules: [{22BCD8F0-2BFC-418B-9BFB-D9167A7CB430}] => (Allow) D:\Steam\steamapps\common\ShadowOfWar\x64\ShadowOfWar.exe (WB Games Inc. -> WB Games, Inc.) [File not signed]
FirewallRules: [{12E07712-A987-4C11-A08C-2EA50EABBE66}] => (Allow) D:\UPlay\Assassin's Creed Origins\ACOrigins_plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{716B9874-62AF-463B-B4BF-4A5DD3902733}] => (Allow) D:\UPlay\Assassin's Creed Origins\ACOrigins_plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [TCP Query User{D48F1406-913C-4F80-A8C2-040B63D888BE}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{BCB72D83-E59E-4A0B-B182-251BD7F03B99}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6A5E991B-B25D-4951-A11B-3E5C64DE98A6}] => (Allow) D:\UPlay\Assassin's Creed Odyssey\ACOdyssey_plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{9108980F-D7A1-4F71-8A7F-5BCA048FF9F9}] => (Allow) D:\UPlay\Assassin's Creed Odyssey\ACOdyssey_plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{031762BA-2BA5-4C92-838C-0D4E609CDE4C}] => (Allow) D:\Steam\steamapps\common\Catan Universe\CatanUniverse.exe () [File not signed]
FirewallRules: [{D009F778-D698-41CC-A819-FBF04BA9A199}] => (Allow) D:\Steam\steamapps\common\Catan Universe\CatanUniverse.exe () [File not signed]
FirewallRules: [{CC914DF9-0017-42BD-AC9B-32E17C1B2F70}] => (Allow) D:\Rockstar Games\Red Dead Redemption 2\RDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{0976C554-E931-42C1-AF79-8D95C6AE71F6}] => (Allow) D:\Rockstar Games\Red Dead Redemption 2\RDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{1B0DDD8E-D95D-4F0B-B922-8A6AE143C15B}] => (Allow) LPort=54950
FirewallRules: [{AC175C69-731E-41C3-98DD-43D15D67FF79}] => (Allow) LPort=54955
FirewallRules: [{508A7BC4-7250-41F5-8AD0-57996D813EBB}] => (Allow) D:\Steam\steamapps\common\Risen 2\system\Risen2.exe (Valve Corp. -> Piranha Bytes) [File not signed]
FirewallRules: [{2ECE0799-6FA3-461F-9A53-4C0A439BEF5A}] => (Allow) D:\Steam\steamapps\common\Risen 2\system\Risen2.exe (Valve Corp. -> Piranha Bytes) [File not signed]
FirewallRules: [{5492A6DF-E14B-4E43-B2D4-9A2B5E25EBA9}] => (Allow) D:\Steam\steamapps\common\Medieval Dynasty\Medieval_Dynasty.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{BA974E4C-2B94-4633-AE13-1E9F09D19899}] => (Allow) D:\Steam\steamapps\common\Medieval Dynasty\Medieval_Dynasty.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{C4D29110-C13B-4C44-BD76-A37233CFBC03}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe => No File
FirewallRules: [{A450FA28-EF3C-40F6-B555-49C237BB5B80}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe => No File
FirewallRules: [{1369DEFB-766C-4F1A-8ADF-7649CCAF04A5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{C526FAE7-C0CB-44BB-B7F5-3D2553C46247}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{6726ED58-D550-43E7-8774-E656E4E4344F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{6BD08E7D-8737-4AE3-AE04-559BF63AD53B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{81636135-2429-4DA0-9210-BBD9B62D56FC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{25707C2B-F9F9-433A-8720-C35BFEFAD1C9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{3F400233-B679-45B4-BDBB-65A3BEB2C3ED}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{9D7D09E2-9E06-48BD-92C8-ED54420F97E4}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{95F21196-616E-4AFC-846E-3B213EC3C4F4}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{4797DE98-8E7C-48F8-B6FE-43DB0CB675AF}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{C30672CE-34ED-484C-A09F-7661F04C3024}] => (Allow) D:\Rockstar Games\Red Dead Redemption 2\RDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{56FEB94E-F5DB-4780-8A5A-90A0AE5A3C5E}] => (Allow) D:\Rockstar Games\Red Dead Redemption 2\RDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{6930E813-A37D-409E-B9E6-1E8F3CBCB955}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe => No File
FirewallRules: [{9C376D9E-E3A2-4667-8BA9-C7FD8A08723F}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe => No File
FirewallRules: [{56A2A261-92EE-41A5-8694-0FE9A88EDEB8}] => (Allow) D:\Steam\steamapps\common\Football Manager 2022\fm.exe (Sports Interactive) [File not signed]
FirewallRules: [{F566C02B-9337-4BFB-BC90-291C2976A6A3}] => (Allow) D:\Steam\steamapps\common\Football Manager 2022\fm.exe (Sports Interactive) [File not signed]
FirewallRules: [{9751D6EB-47B5-42F6-AB6D-6F10E4AE4555}] => (Allow) C:\Users\Uzivatel\AppData\Local\Programs\Opera\79.0.4143.22\opera.exe => No File
FirewallRules: [{67CB8CCB-CD66-4B34-9E24-3BC6D9684849}] => (Allow) D:\Steam\steamapps\common\Football Manager 2022 Editor\editor.exe (Sports Interactive) [File not signed]
FirewallRules: [{C3F4BB73-7B00-46B2-9724-6EE17C03101F}] => (Allow) D:\Steam\steamapps\common\Football Manager 2022 Editor\editor.exe (Sports Interactive) [File not signed]
FirewallRules: [{006DEAF7-F4E7-47EE-9046-A2AF220634F8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0796CF7E-01D3-433A-9E70-3001AE5109E1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F8C6246F-952F-4BD1-9012-2A3C97526FB1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{847274F3-A417-4A5B-BCA8-BE757BE3DE14}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CFA7EBAB-2409-4052-89FA-1083C42D78BA}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{39872C3A-4842-4DDB-8384-29AB685BCB3D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{ABD3A1D8-0745-40A7-8B60-2AD16AFAF987}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\108.0.1462.54\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6143D70D-FC79-4AB3-BABB-1D4E32AA07B6}] => (Allow) D:\Steam\steamapps\common\Mount and Blade\runme.exe () [File not signed]
FirewallRules: [{F87A277F-F011-4371-B796-47E6122CF7B0}] => (Allow) D:\Steam\steamapps\common\Mount and Blade\runme.exe () [File not signed]
FirewallRules: [{7762CBE7-084D-4923-93EF-267BB4DAC99A}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{AC950703-FF4E-4EA0-9ED9-2D02C8F4DED9}] => (Allow) %programfiles%\Qustodio\qapp\qwelcomewzd.exe => No File
FirewallRules: [{6843848A-D26D-4258-81F1-ED2F8B35589D}] => (Allow) %programfiles%\Qustodio\qapp\QUpdateService.exe => No File
FirewallRules: [{D5C61116-E139-4514-B74A-16037B0A4F88}] => (Allow) %programfiles%\Qustodio\qapp\QReport.exe => No File
FirewallRules: [{D44972D9-C0A0-4860-A902-ACEAD8130725}] => (Allow) %programfiles%\Qustodio\qproxy\qengine.exe => No File
FirewallRules: [{31651338-5E56-4711-9E2D-911682A06427}] => (Allow) %programfiles%\Qustodio\qapp\QAppTray.exe => No File

==================== Restore Points =========================

25-12-2022 22:08:06 Naplánovaný kontrolní bod
02-01-2023 16:53:55 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/05/2023 12:32:29 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: MICHALA)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (01/05/2023 12:28:30 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Broadcast Receiver Server...

Error: (01/05/2023 12:28:30 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Wait Workflow Commands request from device.

Error: (01/05/2023 12:28:30 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...

Error: (01/05/2023 12:28:30 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...

Error: (01/05/2023 12:28:30 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[1]: 127.0.0.1

Error: (01/05/2023 12:28:30 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[0]: ::1

Error: (01/05/2023 12:28:30 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList.Length: 2


System errors:
=============
Error: (01/05/2023 11:50:58 AM) (Source: DCOM) (EventID: 10010) (User: MICHALA)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/05/2023 11:50:58 AM) (Source: DCOM) (EventID: 10010) (User: MICHALA)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/05/2023 11:50:58 AM) (Source: DCOM) (EventID: 10010) (User: MICHALA)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/05/2023 11:50:58 AM) (Source: DCOM) (EventID: 10010) (User: MICHALA)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/05/2023 11:50:57 AM) (Source: DCOM) (EventID: 10010) (User: MICHALA)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/05/2023 11:50:57 AM) (Source: DCOM) (EventID: 10010) (User: MICHALA)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/05/2023 11:50:57 AM) (Source: DCOM) (EventID: 10010) (User: MICHALA)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/05/2023 11:50:57 AM) (Source: DCOM) (EventID: 10010) (User: MICHALA)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
================Event[0]:

Date: 2022-01-25 20:13:40
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.327.251.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x800706d9
Popis chyby: Pro mapovač koncových bodů nejsou k dispozici další koncové body.

Date: 2022-01-25 20:13:40
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.327.251.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x800706d9
Popis chyby: Pro mapovač koncových bodů nejsou k dispozici další koncové body.

Date: 2022-01-25 20:13:40
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.327.251.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x800706d9
Popis chyby: Pro mapovač koncových bodů nejsou k dispozici další koncové body.

Date: 2022-01-25 20:13:40
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.327.251.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x800706d9
Popis chyby: Pro mapovač koncových bodů nejsou k dispozici další koncové body.

Date: 2022-01-25 20:13:40
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.327.251.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x800706d9
Popis chyby: Pro mapovač koncových bodů nejsou k dispozici další koncové body.

CodeIntegrity:
===============
Date: 2023-01-05 12:32:39
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2023-01-05 12:30:42
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume5\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO 4KCN45WW 01/11/2019
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i5-7300HQ CPU @ 2.50GHz
Percentage of memory in use: 42%
Total physical RAM: 16276.16 MB
Available physical RAM: 9428.21 MB
Total Virtual: 30964.16 MB
Available Virtual: 23160.13 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:118.61 GB) (Free:18.83 GB) (Model: NVMe SAMSUNG MZVLW128) NTFS
Drive d: (Nový svazek) (Fixed) (Total:931.51 GB) (Free:74.03 GB) (Model: WDC WD10SPZX-24Z10T0) NTFS

\\?\Volume{bf75a89a-4757-4644-acd6-1ed682d5a1d4}\ () (Fixed) (Total:0.52 GB) (Free:0.04 GB) NTFS
\\?\Volume{9baaef05-ab17-4428-90f5-e209f4afca61}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 9786842D)

Partition: GPT.

==========================================================
Disk: 1 (Size: 119.2 GB) (Disk ID: 4BA21061)

Partition: GPT.

==================== End of Addition.txt =======================

keyfor4
Návštěvník
Návštěvník
Příspěvky: 58
Registrován: 30 kvě 2014 22:25

Re: Myš reaguje divně, sám se mačká enter stisknutím myši

#2 Příspěvek od keyfor4 »

RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Uzivatel at 2023-01-05 12:40:30
Microsoft Windows 10 Home
System drive C: has 19 GB (16%) free of 121 GB
Total RAM: 16276 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:40:32, on 05.01.2023
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.19041.1566)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Qustodio\qapp\qapptray.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\Qustodio\qapp\crashpad_handler.exe
C:\Program Files\trend micro\Uzivatel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\108.0.1462.54\BHO\ie_to_edge_bho.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [QAppTray] "C:\Program Files (x86)\Qustodio\qapp\QAppTray.exe"
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX2] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe /FORCE
O4 - HKCU\..\Run: [launchOnStartup] C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe /launchViaAutoStart
O4 - HKCU\..\Run: [Steam] "D:\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [com.squirrel.slack.slack] "C:\Users\Uzivatel\AppData\Local\slack\slack.exe" --process-start-args --startup
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Služba Aktualizace Brave (brave) (brave) - BraveSoftware Inc. - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe
O23 - Service: Brave Elevation Service (BraveElevationService) (BraveElevationService) - Unknown owner - C:\Program Files\BraveSoftware\Brave-Browser\Application\108.1.46.144\elevation_service.exe (file missing)
O23 - Service: Služba Aktualizace Brave (bravem) (bravem) - BraveSoftware Inc. - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe
O23 - Service: CCleaner Performance Optimizer Service (CCleanerPerformanceOptimizerService) - Piriform Software Ltd - C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHDCPSvc.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_4309b - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Unknown owner - C:\WINDOWS\system32\DbxSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: DnsCheckerService - Unknown owner - C:\Program Files (x86)\Family First\DDnsChecker\DnsCheckerService.exe
O23 - Service: Dolby DAX2 API Service - Dolby Laboratories, Inc. - C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EHttpSrv) - ESET - C:\Program Files\ESET\ESET Security\ehttpsrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service: ESET Firewall Helper (ekrnEpfw) - ESET - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA FrameView SDK service (FvSvc) - NVIDIA - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe
O23 - Service: GalaxyClientService - GOG.com - C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe
O23 - Service: GalaxyCommunication - GOG.com - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
O23 - Service: GameRecorderSVC - Lenovo(beijing) Limited - C:\Program Files\Lenovo\Nerve Center\bin\x86\GameRecorderSVC.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\108.0.5359.125\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem67.inf,%iaStorAfsWindowsService.Name%;Intel(R) Optane(TM) Memory Service (iaStorAfsService) - Unknown owner - C:\WINDOWS\System32\iaStorAfsService.exe (file missing)
O23 - Service: Intel(R) Graphics Command Center Service (igccservice) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c2ac023763d5d3ad\OneApp.IGCC.WinService.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @oem49.inf,%SocketHECIServiceName%;Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) - Intel(R) Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\SocketHeciServer.exe
O23 - Service: Intel(R) SUR QC Software Asset Manager (Intel(R) SUR QC SAM) - Intel Corporation - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
O23 - Service: @oem49.inf,%TPMProvisioningServiceName%;Intel(R) TPM Provisioning Service (Intel(R) TPM Provisioning Service) - Intel(R) Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\TPMProvisioningService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\nvltig.inf_amd64_0d04d46e99e0e8d9\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: PluginLoaderSvc - Lenovo(beijing) Limited - C:\Program Files\Lenovo\Nerve Center\bin\x64\PluginLoaderSvc.exe
O23 - Service: qengine - Qustodio Technologies - C:\Program Files (x86)\Qustodio\qproxy\qengine.exe
O23 - Service: qupdate - Qustodio Technologies - C:\Program Files (x86)\Qustodio\qapp\QUpdateService.exe
O23 - Service: Rockstar Game Library Service (Rockstar Service) - Rockstar Games - D:\Rockstar Games\Launcher\RockstarService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @oem67.inf,%RstMwService.Name%;Intel(R) Storage Middleware Service (RstMwService) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iastorac.inf_amd64_e3f96af62737a898\RstMwService.exe
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK (SystemUsageReportSvc_QUEENCREEK) - Unknown owner - C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: User Energy Server Service queencreek (USER_ESRV_SVC_QUEENCREEK) - Unknown owner - C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Intel(R) Management Engine WMI Provider Registration (WMIRegistrationService) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15887 bytes

======Listing Processes======









C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM
winlogon.exe
"fontdrvhost.exe"
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -s BTAGService
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s bthserv
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHDCPSvc.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s PhoneSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHeciSvc.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
dashost.exe {029382d9-1bb2-49f3-9742991823283a55}
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository

C:\WINDOWS\system32\svchost.exe -k LocalService -p -s DispBrokerDesktopSvc
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s NlaSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s netprofm
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\WINDOWS\System32\DriverStore\FileRepository\nvltig.inf_amd64_0d04d46e99e0e8d9\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvltig.inf_amd64_0d04d46e99e0e8d9\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Themes
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s EventSystem
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s FontCache
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\WINDOWS\System32\DriverStore\FileRepository\nvltig.inf_amd64_0d04d46e99e0e8d9\Display.NvContainer\NVDisplay.Container.exe" -f %ProgramData%\NVIDIA\DisplaySessionContainer%d.log -d C:\WINDOWS\System32\DriverStore\FileRepository\nvltig.inf_amd64_0d04d46e99e0e8d9\Display.NvContainer\plugins\Session -r -l 3 -p 30000 -cfg NVDisplay.ContainerLocalSystem\Session -c
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
dashost.exe {0a716a23-27ea-4175-8cd8284474d21fdc}
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
C:\WINDOWS\system32\svchost.exe -k BthAppGroup -p -s BluetoothUserService
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s TokenBroker
"C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe" /c
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
"C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenterUpdateAgent.exe"
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
"C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxEM.exe"
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
"ctfmon.exe"
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CDPSvc
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -s RmSvc
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\WINDOWS\system32\DbxSvc.exe
"C:\Program Files (x86)\Family First\DDnsChecker\DnsCheckerService.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c2ac023763d5d3ad\OneApp.IGCC.WinService.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s IKEEXT
C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files\Elantech\ETDService.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s LanmanServer
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
"C:\Program Files\Lenovo\Nerve Center\bin\x64\PluginLoaderSvc.exe"
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s TapiSrv
"C:\Program Files (x86)\Qustodio\qproxy\qengine.exe"
"C:\Program Files (x86)\Qustodio\qapp\QUpdateService.exe"
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s WpnService
"C:\Program Files\Elantech\ETDCtrl.exe"
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s SstpSvc
"C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe"
C:\WINDOWS\System32\DriverStore\FileRepository\iastorac.inf_amd64_e3f96af62737a898\RstMwService.exe
"C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe"
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s WdiServiceHost
"C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe"
C:\WINDOWS\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted -p -s PolicyAgent
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\system32\WLANExt.exe 1470938913920
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
rundll32.exe "c:\program files\nvidia corporation\nvstreamsrv\rxdiag.dll" RxDiagSetRuntimeMessagePump
"C:\Program Files\Elantech\ETDIntelligent.exe"
"C:\Program Files (x86)\Qustodio\qapp/crashpad_handler.exe" --no-periodic-tasks --database=C:\ProgramData\Qustodio/crashpad_db --metrics-dir=C:\ProgramData\Qustodio/crashpad_db --url=https://sentry.io/api/180537/minidump/? ... 0ed5fbc2d7 --annotation=format=minidump --annotation=token=X-Sentry-Token:d492e092f78511e7a9b04201c0a8d03a --initial-client-data=0x2a4,0x2a8,0x2ac,0x2a0,0xd8,0x1166728,0x1166738,0x1166748
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%dSPUser.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\SPUser" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Qustodio\qapp/crashpad_handler.exe" --no-periodic-tasks --database=C:\ProgramData\Qustodio/crashpad_db --metrics-dir=C:\ProgramData\Qustodio/crashpad_db --url=https://sentry.io/api/180537/minidump/? ... 0ed5fbc2d7 --annotation=format=minidump --annotation=token=X-Sentry-Token:d492e092f78511e7a9b04201c0a8d03a --initial-client-data=0x8f4,0x8f8,0x8fc,0x8c8,0x900,0x6ebeeb50,0x6ebeeb60,0x6ebeeb70
C:\WINDOWS\system32\svchost.exe -k LocalService -s W32Time
"C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe"
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe"
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=gpu-process --field-trial-handle=2120,7970274440983759455,15503263104693405791,131072 --disable-features=VizDisplayCompositor --no-sandbox --log-file="C:\Users\Uzivatel\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --lang=en-US --gpu-preferences=KAAAAAAAAACACwAAAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --log-file="C:\Users\Uzivatel\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --service-request-channel-token=1076902598686824302 --mojo-platform-channel-handle=2184 /prefetch:2
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Qustodio\qapp\qapptray.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Qustodio\qapp/crashpad_handler.exe" --no-periodic-tasks --database=C:\ProgramData\Qustodio/crashpad_db --metrics-dir=C:\ProgramData\Qustodio/crashpad_db --url=https://sentry.io/api/180537/minidump/? ... 0ed5fbc2d7 --annotation=format=minidump --annotation=token=X-Sentry-Token:d492e092f78511e7a9b04201c0a8d03a --initial-client-data=0x380,0x384,0x388,0x358,0x38c,0x1273904,0x1273914,0x1273924
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=renderer --no-sandbox --autoplay-policy=no-user-gesture-required --log-file="C:\Users\Uzivatel\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --field-trial-handle=2120,7970274440983759455,15503263104693405791,131072 --disable-features=VizDisplayCompositor --service-pipe-token=5272104985061003302 --lang=en-US --log-file="C:\Users\Uzivatel\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=5272104985061003302 --renderer-client-id=3 --mojo-platform-channel-handle=2800 /prefetch:1
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22102.229.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe" -ComServer:Background -Embedding
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Windows\System32\SecurityHealthSystray.exe"

"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_DOLBYDRAGON
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\ESET\ESET Security\eguiproxy.exe" /hide
"C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4232.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe"
"C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4232.0_x64__8j3eq9eme6ctt\IGCC.exe" -ServerName:App.AppXxq4ar3drev924dxqnatpa4s48c4zrxd1.mca
"C:\Program Files\Mozilla Firefox\firefox.exe"
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="12764.0.577565560\1977512993" -parentBuildID 20221215175817 -prefsHandle 1752 -prefMapHandle 1572 -prefsLen 30955 -prefMapSize 251648 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6306a6e1-ceaa-4088-9271-9d1ec30be052} 12764 "\\.\pipe\gecko-crash-server-pipe.12764" 1828 2707ca2b458 gpu
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="12764.1.813643982\1755580667" -parentBuildID 20221215175817 -prefsHandle 2152 -prefMapHandle 2156 -prefsLen 30955 -prefMapSize 251648 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {80227ddc-90c8-4d93-bd87-c6b012a17d93} 12764 "\\.\pipe\gecko-crash-server-pipe.12764" 2168 2707da3bb58 socket
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="12764.2.1172326106\1883364793" -childID 1 -isForBrowser -prefsHandle 3816 -prefMapHandle 3812 -prefsLen 31269 -prefMapSize 251648 -jsInitHandle 1488 -jsInitLen 246772 -a11yResourceId 64 -parentBuildID 20221215175817 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {19a4b345-69f0-4b28-a150-a7d458dc7688} 12764 "\\.\pipe\gecko-crash-server-pipe.12764" 3828 27081eb5758 tab
"C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe" -ServerName:InputApp.AppXjd5de1g66v206tj52m9d0dtpppx4cgpn.mca
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="12764.3.1908219353\1756184752" -childID 2 -isForBrowser -prefsHandle 4408 -prefMapHandle 4404 -prefsLen 36747 -prefMapSize 251648 -jsInitHandle 1488 -jsInitLen 246772 -a11yResourceId 64 -parentBuildID 20221215175817 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {6c000704-9320-4c3e-a342-8ac0aa6ac3af} 12764 "\\.\pipe\gecko-crash-server-pipe.12764" 4420 27070575f58 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="12764.5.804340027\405204432" -childID 4 -isForBrowser -prefsHandle 5340 -prefMapHandle 5344 -prefsLen 36743 -prefMapSize 251648 -jsInitHandle 1488 -jsInitLen 246772 -a11yResourceId 64 -parentBuildID 20221215175817 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e95bbf4a-8b1f-4768-b129-6efae565a915} 12764 "\\.\pipe\gecko-crash-server-pipe.12764" 5332 2708a7fdf58 tab
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s BDESVC
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
taskhostw.exe USER
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s lfsvc
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="12764.11.2081004383\169678884" -childID 10 -isForBrowser -prefsHandle 10232 -prefMapHandle 10208 -prefsLen 36756 -prefMapSize 251648 -jsInitHandle 1488 -jsInitLen 246772 -a11yResourceId 64 -parentBuildID 20221215175817 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {48f5321d-8a64-46a8-8d72-895ba572f6f0} 12764 "\\.\pipe\gecko-crash-server-pipe.12764" 10256 2708e0f2158 tab
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe"

C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UsoSvc

C:\WINDOWS\System32\svchost.exe -k LocalService -p -s LicenseManager
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="12764.21.417301203\272625628" -parentBuildID 20221215175817 -prefsHandle 9288 -prefMapHandle 5548 -prefsLen 36757 -prefMapSize 251648 -appDir "C:\Program Files\Mozilla Firefox\browser" - {32aedfad-667a-4952-85fd-779f46d6b5f1} 12764 "\\.\pipe\gecko-crash-server-pipe.12764" 8604 27085878958 rdd
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="12764.22.1657307242\946430880" -parentBuildID 20221215175817 -sandboxingKind 1 -prefsHandle 9292 -prefMapHandle 9296 -prefsLen 36757 -prefMapSize 251648 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {515fa818-56fa-4c33-986c-ce9f33274cd4} 12764 "\\.\pipe\gecko-crash-server-pipe.12764" 9276 27085878058 utility
C:\WINDOWS\System32\svchost.exe -k swprv
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe" "--start" "--start_options_handle" "1064"
C:\WINDOWS\system32\AUDIODG.EXE 0x4b4
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="12764.41.1713591025\1117642579" -childID 38 -isForBrowser -prefsHandle 6188 -prefMapHandle 5012 -prefsLen 36757 -prefMapSize 251648 -jsInitHandle 1488 -jsInitLen 246772 -a11yResourceId 64 -parentBuildID 20221215175817 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b107af25-2e38-4562-b449-340e73a43acc} 12764 "\\.\pipe\gecko-crash-server-pipe.12764" 11268 27089aac158 tab
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "D:\serialy\Naši kluci (Our Boys) S01E02 Mohamed a Toto [audio original, tit. CZ, 1080p] JackRIPper.mp4"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wuauserv
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-2567049384-1476051938-1418897080-10016_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-2567049384-1476051938-1418897080-10016 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:ShellFeedsUI.AppX88fpyyrd21w8wqe62wzsjh5agex7tf1e.mca
C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="12764.42.1941531723\686784449" -childID 39 -isForBrowser -prefsHandle 11728 -prefMapHandle 11740 -prefsLen 36757 -prefMapSize 251648 -jsInitHandle 1488 -jsInitLen 246772 -a11yResourceId 64 -parentBuildID 20221215175817 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5a5c9ad3-ccc4-460b-a2f0-75f1e54e8da4} 12764 "\\.\pipe\gecko-crash-server-pipe.12764" 4776 27086f48e58 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="12764.43.1835535447\159933466" -childID 40 -isForBrowser -prefsHandle 8816 -prefMapHandle 5288 -prefsLen 36757 -prefMapSize 251648 -jsInitHandle 1488 -jsInitLen 246772 -a11yResourceId 64 -parentBuildID 20221215175817 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1e9cb42d-9ef5-4e85-a314-bd9d6a90b02a} 12764 "\\.\pipe\gecko-crash-server-pipe.12764" 11736 27094715858 tab
C:\WINDOWS\servicing\TrustedInstaller.exe
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.2300_none_7e14edbc7c88b7d5\TiWorker.exe -Embedding
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 800 804 812 8192 808 784

"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --slMode
"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1544,17321902031451930293,9710979480025335046,131072 --enable-features=CastMediaRouteProvider --disable-features=CalculateNativeWinOcclusion --lang=en-US --service-sandbox-type=utility --disable-pack-loading --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --log-severity=disable --product-version="ReaderServices/22.3.20282 Chrome/80.0.0.0" --lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2084 --allow-no-sandbox-job /prefetch:8
"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1544,17321902031451930293,9710979480025335046,131072 --enable-features=CastMediaRouteProvider --disable-features=CalculateNativeWinOcclusion --lang=en-US --service-sandbox-type=network --disable-pack-loading --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --log-severity=disable --product-version="ReaderServices/22.3.20282 Chrome/80.0.0.0" --lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2108 --allow-no-sandbox-job /prefetch:8
"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=renderer --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --touch-events=enabled --field-trial-handle=1544,17321902031451930293,9710979480025335046,131072 --enable-features=CastMediaRouteProvider --disable-features=CalculateNativeWinOcclusion --lang=en-US --disable-pack-loading --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --log-severity=disable --product-version="ReaderServices/22.3.20282 Chrome/80.0.0.0" --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2248 --allow-no-sandbox-job /prefetch:1
"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=gpu-process --field-trial-handle=1544,17321902031451930293,9710979480025335046,131072 --enable-features=CastMediaRouteProvider --disable-features=CalculateNativeWinOcclusion --disable-pack-loading --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --log-severity=disable --product-version="ReaderServices/22.3.20282 Chrome/80.0.0.0" --lang=en-US --gpu-preferences=OAAAAAAAAADgACAwAAAAAAAAAAAAAAAAAABgAAAAAAAYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAABQAAABAAAAAAAAAAAAAAAAYAAAAQAAAAAAAAAAEAAAAFAAAAEAAAAAAAAAABAAAABgAAAA== --use-gl=swiftshader-webgl --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2608 --allow-no-sandbox-job /prefetch:2
C:\WINDOWS\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
"C:\Users\Uzivatel\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\CCleanerCrashReporting.job - C:\Program Files\CCleaner\CCleanerBugReport.exe --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "1351fa5c-2ac1-4f85-a3a0-4de5e77ad4ec" --version "6.07.10191" --silent
C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe /NoUACCheck
C:\WINDOWS\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\WINDOWS\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\vp2ps7ar.default-release-1630156417128

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll


C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\vp2ps7ar.default-release-1630156417128\extensions\
staged

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\108.0.1462.54\BHO\ie_to_edge_bho_64.dll [2022-12-15 595400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23 217784]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\108.0.1462.54\BHO\ie_to_edge_bho.dll [2022-12-15 457160]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23 184488]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2018-07-18 1744672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23 6149288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23 4452504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2019-12-07 86016]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2021-10-16 19677688]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2021-10-16 3617784]
"RtHDVBg_LENOVO_DOLBYDRAGON"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2021-10-16 3617784]
"egui"=C:\Program Files\ESET\ESET Security\ecmds.exe [2022-11-03 194480]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"launchOnStartup"=C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [2022-03-21 13799776]
"Steam"=D:\Steam\steam.exe [2022-12-15 4246376]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2022-12-09 38916432]
"com.squirrel.slack.slack"=C:\Users\Uzivatel\AppData\Local\slack\slack.exe [2022-08-31 309040]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2011-01-15 452016]
"CanonQuickMenu"=C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2017-07-05 1313408]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2022-12-25 11327200]
"QAppTray"=C:\Program Files (x86)\Qustodio\qapp\QAppTray.exe [2022-09-23 5817888]
"IJNetworkScannerSelectorEX2"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [2016-12-09 279240]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcCtnrSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsQuic]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcCtnrSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\qwfp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"aux2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave2"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave3"=wdmaud.drv
"aux1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave1"=wdmaud.drv

======File associations======

.inf - install -
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2022-12-25 00:54:52 ----A---- C:\WINDOWS\system32\drivers\dbx-stable.sys
2022-12-25 00:54:52 ----A---- C:\WINDOWS\system32\drivers\dbx-dev.sys
2022-12-25 00:54:52 ----A---- C:\WINDOWS\system32\drivers\dbx-canary.sys
2022-12-25 00:54:52 ----A---- C:\WINDOWS\system32\DbxSvc.exe
2022-12-20 19:19:14 ----D---- C:\Users\Uzivatel\AppData\Roaming\Mount&Blade
2022-12-20 18:08:23 ----D---- C:\Users\Uzivatel\AppData\Roaming\Mount&Blade Warband
2022-12-18 08:27:03 ----A---- C:\WINDOWS\system32\WFSR.dll
2022-12-18 08:27:03 ----A---- C:\WINDOWS\system32\FXSUTILITY.dll
2022-12-18 08:27:03 ----A---- C:\WINDOWS\system32\FXSCOVER.exe
2022-12-18 08:27:03 ----A---- C:\WINDOWS\system32\FXSCOMPOSERES.dll
2022-12-18 08:27:03 ----A---- C:\WINDOWS\system32\FXSCOMPOSE.dll
2022-12-18 08:27:02 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2022-12-18 08:27:02 ----A---- C:\WINDOWS\system32\WFS.exe
2022-12-18 08:27:01 ----A---- C:\WINDOWS\SYSWOW64\quickassist.exe
2022-12-18 08:27:01 ----A---- C:\WINDOWS\system32\cdp.dll
2022-12-18 08:27:00 ----A---- C:\WINDOWS\system32\quickassist.exe
2022-12-18 08:26:55 ----A---- C:\WINDOWS\SYSWOW64\WMVCORE.DLL
2022-12-18 08:26:55 ----A---- C:\WINDOWS\SYSWOW64\DolbyDecMFT.dll
2022-12-18 08:26:53 ----A---- C:\WINDOWS\SYSWOW64\WMVDECOD.DLL
2022-12-18 08:26:53 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2022-12-18 08:26:53 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2022-12-18 08:26:53 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2022-12-18 08:26:53 ----A---- C:\WINDOWS\SYSWOW64\mfasfsrcsnk.dll
2022-12-18 08:26:53 ----A---- C:\WINDOWS\SYSWOW64\mf.dll
2022-12-18 08:26:53 ----A---- C:\WINDOWS\system32\DolbyDecMFT.dll
2022-12-18 08:26:52 ----A---- C:\WINDOWS\system32\Hydrogen.dll
2022-12-18 08:26:51 ----A---- C:\WINDOWS\system32\WMVDECOD.DLL
2022-12-18 08:26:51 ----A---- C:\WINDOWS\system32\WMVCORE.DLL
2022-12-18 08:26:51 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2022-12-18 08:26:51 ----A---- C:\WINDOWS\system32\MSMPEG2ENC.DLL
2022-12-18 08:26:51 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2022-12-18 08:26:51 ----A---- C:\WINDOWS\system32\mfcore.dll
2022-12-18 08:26:51 ----A---- C:\WINDOWS\system32\HologramWorld.dll
2022-12-18 08:26:50 ----A---- C:\WINDOWS\SYSWOW64\wsp_health.dll
2022-12-18 08:26:50 ----A---- C:\WINDOWS\SYSWOW64\wsp_fs.dll
2022-12-18 08:26:50 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2022-12-18 08:26:50 ----A---- C:\WINDOWS\SYSWOW64\CPFilters.dll
2022-12-18 08:26:50 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2022-12-18 08:26:50 ----A---- C:\WINDOWS\system32\mf.dll
2022-12-18 08:26:49 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2022-12-18 08:26:49 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2022-12-18 08:26:48 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2022-12-18 08:26:48 ----A---- C:\WINDOWS\SYSWOW64\dswave.dll
2022-12-18 08:26:48 ----A---- C:\WINDOWS\SYSWOW64\dmusic.dll
2022-12-18 08:26:48 ----A---- C:\WINDOWS\SYSWOW64\dmsynth.dll
2022-12-18 08:26:48 ----A---- C:\WINDOWS\SYSWOW64\dmloader.dll
2022-12-18 08:26:46 ----A---- C:\WINDOWS\system32\wslapi.dll
2022-12-18 08:26:46 ----A---- C:\WINDOWS\system32\wsl.exe
2022-12-18 08:26:46 ----A---- C:\WINDOWS\system32\wpnpinst.exe
2022-12-18 08:26:46 ----A---- C:\WINDOWS\system32\SIHClient.exe
2022-12-18 08:26:46 ----A---- C:\WINDOWS\system32\RDXTaskFactory.dll
2022-12-18 08:26:46 ----A---- C:\WINDOWS\system32\inetppui.dll
2022-12-18 08:26:46 ----A---- C:\WINDOWS\system32\inetpp.dll
2022-12-18 08:26:46 ----A---- C:\WINDOWS\system32\CPFilters.dll
2022-12-18 08:26:45 ----A---- C:\WINDOWS\system32\wsp_health.dll
2022-12-18 08:26:45 ----A---- C:\WINDOWS\system32\wsp_fs.dll
2022-12-18 08:26:45 ----A---- C:\WINDOWS\system32\mmc.exe
2022-12-18 08:26:44 ----A---- C:\WINDOWS\system32\mshtml.dll
2022-12-18 08:26:43 ----A---- C:\WINDOWS\system32\vmdevicehost.dll
2022-12-18 08:26:43 ----A---- C:\WINDOWS\system32\edgehtml.dll
2022-12-18 08:26:43 ----A---- C:\WINDOWS\system32\dswave.dll
2022-12-18 08:26:43 ----A---- C:\WINDOWS\system32\dosettings.dll
2022-12-18 08:26:43 ----A---- C:\WINDOWS\system32\dmusic.dll
2022-12-18 08:26:43 ----A---- C:\WINDOWS\system32\dmsynth.dll
2022-12-18 08:26:43 ----A---- C:\WINDOWS\system32\dmloader.dll
2022-12-18 08:26:43 ----A---- C:\WINDOWS\system32\computecore.dll
2022-12-18 08:26:43 ----A---- C:\WINDOWS\system32\ClipUp.exe
2022-12-18 08:26:41 ----A---- C:\WINDOWS\SYSWOW64\xpsservices.dll
2022-12-18 08:26:41 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2022-12-18 08:26:41 ----A---- C:\WINDOWS\SYSWOW64\npmproxy.dll
2022-12-18 08:26:41 ----A---- C:\WINDOWS\SYSWOW64\nlmsprep.dll
2022-12-18 08:26:41 ----A---- C:\WINDOWS\SYSWOW64\nlmproxy.dll
2022-12-18 08:26:41 ----A---- C:\WINDOWS\SYSWOW64\newdev.exe
2022-12-18 08:26:41 ----A---- C:\WINDOWS\SYSWOW64\newdev.dll
2022-12-18 08:26:41 ----A---- C:\WINDOWS\SYSWOW64\netprofm.dll
2022-12-18 08:26:41 ----A---- C:\WINDOWS\SYSWOW64\ndadmin.exe
2022-12-18 08:26:41 ----A---- C:\WINDOWS\system32\tcbloader.dll
2022-12-18 08:26:41 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2022-12-18 08:26:41 ----A---- C:\WINDOWS\system32\skci.dll
2022-12-18 08:26:41 ----A---- C:\WINDOWS\system32\SgrmEnclave_secure.dll
2022-12-18 08:26:41 ----A---- C:\WINDOWS\system32\SgrmEnclave.dll
2022-12-18 08:26:41 ----A---- C:\WINDOWS\system32\kdhvcom.dll
2022-12-18 08:26:41 ----A---- C:\WINDOWS\system32\hvloader.dll
2022-12-18 08:26:41 ----A---- C:\WINDOWS\system32\hvix64.exe
2022-12-18 08:26:41 ----A---- C:\WINDOWS\system32\hvax64.exe
2022-12-18 08:26:41 ----A---- C:\WINDOWS\system32\drivers\hvservice.sys
2022-12-18 08:26:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2022-12-18 08:26:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Sensors.dll
2022-12-18 08:26:39 ----A---- C:\WINDOWS\SYSWOW64\netjoin.dll
2022-12-18 08:26:39 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2022-12-18 08:26:39 ----A---- C:\WINDOWS\SYSWOW64\enrollmentapi.dll
2022-12-18 08:26:39 ----A---- C:\WINDOWS\SYSWOW64\dmenrollengine.dll
2022-12-18 08:26:39 ----A---- C:\WINDOWS\SYSWOW64\d3d9.dll
2022-12-18 08:26:39 ----A---- C:\WINDOWS\SYSWOW64\d3d8thk.dll
2022-12-18 08:26:38 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2022-12-18 08:26:38 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2022-12-18 08:26:38 ----A---- C:\WINDOWS\SYSWOW64\wldp.dll
2022-12-18 08:26:38 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2022-12-18 08:26:38 ----A---- C:\WINDOWS\SYSWOW64\Windows.Storage.ApplicationData.dll
2022-12-18 08:26:38 ----A---- C:\WINDOWS\SYSWOW64\wincorlib.dll
2022-12-18 08:26:38 ----A---- C:\WINDOWS\SYSWOW64\win32u.dll
2022-12-18 08:26:38 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2022-12-18 08:26:38 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2022-12-18 08:26:38 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2022-12-18 08:26:38 ----A---- C:\WINDOWS\SYSWOW64\WerFaultSecure.exe
2022-12-18 08:26:38 ----A---- C:\WINDOWS\SYSWOW64\WerFault.exe
2022-12-18 08:26:38 ----A---- C:\WINDOWS\SYSWOW64\weretw.dll
2022-12-18 08:26:38 ----A---- C:\WINDOWS\SYSWOW64\WerEnc.dll
2022-12-18 08:26:38 ----A---- C:\WINDOWS\SYSWOW64\werdiagcontroller.dll
2022-12-18 08:26:38 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2022-12-18 08:26:38 ----A---- C:\WINDOWS\SYSWOW64\virtdisk.dll
2022-12-18 08:26:38 ----A---- C:\WINDOWS\SYSWOW64\usoapi.dll
2022-12-18 08:26:38 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2022-12-18 08:26:38 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2022-12-18 08:26:38 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll
2022-12-18 08:26:38 ----A---- C:\WINDOWS\SYSWOW64\tzautoupdate.dll
2022-12-18 08:26:38 ----A---- C:\WINDOWS\SYSWOW64\srpapi.dll
2022-12-18 08:26:38 ----A---- C:\WINDOWS\SYSWOW64\SensorsNativeApi.V2.dll
2022-12-18 08:26:38 ----A---- C:\WINDOWS\SYSWOW64\SensorsNativeApi.dll
2022-12-18 08:26:38 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2022-12-18 08:26:38 ----A---- C:\WINDOWS\SYSWOW64\PCShellCommonProxyStub.dll
2022-12-18 08:26:38 ----A---- C:\WINDOWS\SYSWOW64\OneSettingsClient.dll
2022-12-18 08:26:38 ----A---- C:\WINDOWS\SYSWOW64\Faultrep.dll
2022-12-18 08:26:38 ----A---- C:\WINDOWS\SYSWOW64\EnterpriseAppMgmtClient.dll
2022-12-18 08:26:38 ----A---- C:\WINDOWS\SYSWOW64\deviceaccess.dll
2022-12-18 08:26:38 ----A---- C:\WINDOWS\SYSWOW64\dbgcore.dll
2022-12-18 08:26:38 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2022-12-18 08:26:38 ----A---- C:\WINDOWS\SYSWOW64\cryptui.dll
2022-12-18 08:26:38 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2022-12-18 08:26:38 ----A---- C:\WINDOWS\SYSWOW64\AppLockerCSP.dll
2022-12-18 08:26:38 ----A---- C:\WINDOWS\SYSWOW64\appidtel.exe
2022-12-18 08:26:37 ----A---- C:\WINDOWS\SYSWOW64\wpnapps.dll
2022-12-18 08:26:37 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2022-12-18 08:26:37 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2022-12-18 08:26:37 ----A---- C:\WINDOWS\SYSWOW64\OneCoreUAPCommonProxyStub.dll
2022-12-18 08:26:37 ----A---- C:\WINDOWS\SYSWOW64\MapRouter.dll
2022-12-18 08:26:37 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2022-12-18 08:26:37 ----A---- C:\WINDOWS\SYSWOW64\InstallServiceTasks.dll
2022-12-18 08:26:37 ----A---- C:\WINDOWS\SYSWOW64\InstallService.dll
2022-12-18 08:26:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.HostName.dll
2022-12-18 08:26:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Connectivity.dll
2022-12-18 08:26:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.Preview.DOSettings.dll
2022-12-18 08:26:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.dll
2022-12-18 08:26:36 ----A---- C:\WINDOWS\SYSWOW64\ShareHost.dll
2022-12-18 08:26:36 ----A---- C:\WINDOWS\SYSWOW64\OnDemandConnRouteHelper.dll
2022-12-18 08:26:36 ----A---- C:\WINDOWS\SYSWOW64\GameInput.dll
2022-12-18 08:26:36 ----A---- C:\WINDOWS\SYSWOW64\dxgi.dll
2022-12-18 08:26:36 ----A---- C:\WINDOWS\SYSWOW64\CloudExperienceHostCommon.dll
2022-12-18 08:26:36 ----A---- C:\WINDOWS\SYSWOW64\cdprt.dll
2022-12-18 08:26:36 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2022-12-18 08:26:36 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2022-12-18 08:26:36 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2022-12-18 08:26:35 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2022-12-18 08:26:35 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2022-12-18 08:26:35 ----A---- C:\WINDOWS\SYSWOW64\usercpl.dll
2022-12-18 08:26:35 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2022-12-18 08:26:35 ----A---- C:\WINDOWS\SYSWOW64\TSWorkspace.dll
2022-12-18 08:26:35 ----A---- C:\WINDOWS\SYSWOW64\sxstrace.exe
2022-12-18 08:26:35 ----A---- C:\WINDOWS\SYSWOW64\sxs.dll
2022-12-18 08:26:35 ----A---- C:\WINDOWS\SYSWOW64\ShellCommonCommonProxyStub.dll
2022-12-18 08:26:35 ----A---- C:\WINDOWS\SYSWOW64\sfc_os.dll
2022-12-18 08:26:35 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2022-12-18 08:26:35 ----A---- C:\WINDOWS\SYSWOW64\LicensingDiagSpp.dll
2022-12-18 08:26:35 ----A---- C:\WINDOWS\SYSWOW64\kernel32.dll
2022-12-18 08:26:35 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2022-12-18 08:26:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.ConversationalAgent.dll
2022-12-18 08:26:34 ----A---- C:\WINDOWS\SYSWOW64\FlightSettings.dll
2022-12-18 08:26:34 ----A---- C:\WINDOWS\SYSWOW64\ContentDeliveryManager.Utilities.dll
2022-12-18 08:26:34 ----A---- C:\WINDOWS\system32\wudriver.dll
2022-12-18 08:26:34 ----A---- C:\WINDOWS\system32\windowsudk.shellcommon.dll
2022-12-18 08:26:34 ----A---- C:\WINDOWS\system32\usercpl.dll
2022-12-18 08:26:34 ----A---- C:\WINDOWS\system32\twinui.dll
2022-12-18 08:26:34 ----A---- C:\WINDOWS\system32\sfc_os.dll
2022-12-18 08:26:34 ----A---- C:\WINDOWS\system32\newdev.exe
2022-12-18 08:26:34 ----A---- C:\WINDOWS\system32\newdev.dll
2022-12-18 08:26:34 ----A---- C:\WINDOWS\system32\ndadmin.exe
2022-12-18 08:26:34 ----A---- C:\WINDOWS\system32\LsaIso.exe
2022-12-18 08:26:34 ----A---- C:\WINDOWS\system32\kernel32.dll
2022-12-18 08:26:34 ----A---- C:\WINDOWS\system32\iumcrypt.dll
2022-12-18 08:26:34 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2022-12-18 08:26:34 ----A---- C:\WINDOWS\system32\icsunattend.exe
2022-12-18 08:26:34 ----A---- C:\WINDOWS\system32\drvinst.exe
2022-12-18 08:26:34 ----A---- C:\WINDOWS\system32\drivers\rassstp.sys
2022-12-18 08:26:33 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2022-12-18 08:26:33 ----A---- C:\WINDOWS\system32\npmproxy.dll
2022-12-18 08:26:33 ----A---- C:\WINDOWS\system32\nlmsprep.dll
2022-12-18 08:26:33 ----A---- C:\WINDOWS\system32\nlmproxy.dll
2022-12-18 08:26:33 ----A---- C:\WINDOWS\system32\netprofmsvc.dll
2022-12-18 08:26:33 ----A---- C:\WINDOWS\system32\netprofm.dll
2022-12-18 08:26:33 ----A---- C:\WINDOWS\system32\netjoin.dll
2022-12-18 08:26:33 ----A---- C:\WINDOWS\system32\CustomInstallExec.exe
2022-12-18 08:26:33 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2022-12-18 08:26:33 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2022-12-18 08:26:33 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2022-12-18 08:26:33 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2022-12-18 08:26:33 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2022-12-18 08:26:33 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2022-12-18 08:26:31 ----A---- C:\WINDOWS\system32\WsmSvc.dll
2022-12-18 08:26:31 ----A---- C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2022-12-18 08:26:31 ----A---- C:\WINDOWS\system32\sxstrace.exe
2022-12-18 08:26:31 ----A---- C:\WINDOWS\system32\sxssrv.dll
2022-12-18 08:26:31 ----A---- C:\WINDOWS\system32\sxs.dll
2022-12-18 08:26:31 ----A---- C:\WINDOWS\system32\sppwinob.dll
2022-12-18 08:26:31 ----A---- C:\WINDOWS\system32\profsvcext.dll
2022-12-18 08:26:31 ----A---- C:\WINDOWS\system32\policymanager.dll
2022-12-18 08:26:31 ----A---- C:\WINDOWS\system32\mdmmigrator.dll
2022-12-18 08:26:31 ----A---- C:\WINDOWS\system32\MdmDiagnostics.dll
2022-12-18 08:26:31 ----A---- C:\WINDOWS\system32\LocationFramework.dll
2022-12-18 08:26:31 ----A---- C:\WINDOWS\system32\LicensingDiagSpp.dll
2022-12-18 08:26:31 ----A---- C:\WINDOWS\system32\gdi32full.dll
2022-12-18 08:26:31 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2022-12-18 08:26:31 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2022-12-18 08:26:31 ----A---- C:\WINDOWS\system32\drivers\mskssrv.sys
2022-12-18 08:26:31 ----A---- C:\WINDOWS\system32\drivers\ks.sys
2022-12-18 08:26:31 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2022-12-18 08:26:31 ----A---- C:\WINDOWS\system32\declaredconfiguration.dll
2022-12-18 08:26:31 ----A---- C:\WINDOWS\system32\dcsvc.dll
2022-12-18 08:26:31 ----A---- C:\WINDOWS\system32\d3d9.dll
2022-12-18 08:26:31 ----A---- C:\WINDOWS\system32\d3d8thk.dll
2022-12-18 08:26:30 ----A---- C:\WINDOWS\system32\sppsvc.exe
2022-12-18 08:26:30 ----A---- C:\WINDOWS\system32\sppobjs.dll
2022-12-18 08:26:30 ----A---- C:\WINDOWS\system32\SppExtComObj.Exe
2022-12-18 08:26:30 ----A---- C:\WINDOWS\system32\sppcext.dll
2022-12-18 08:26:29 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2022-12-18 08:26:29 ----A---- C:\WINDOWS\system32\wuuhext.dll
2022-12-18 08:26:29 ----A---- C:\WINDOWS\system32\shell32.dll
2022-12-18 08:26:29 ----A---- C:\WINDOWS\system32\KernelBase.dll
2022-12-18 08:26:29 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2022-12-18 08:26:29 ----A---- C:\WINDOWS\system32\drivers\mup.sys
2022-12-18 08:26:29 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2022-12-18 08:26:29 ----A---- C:\WINDOWS\system32\drivers\dfsc.sys
2022-12-18 08:26:29 ----A---- C:\WINDOWS\system32\cryptui.dll
2022-12-18 08:26:28 ----A---- C:\WINDOWS\system32\wmsgapi.dll
2022-12-18 08:26:28 ----A---- C:\WINDOWS\system32\wininit.exe
2022-12-18 08:26:28 ----A---- C:\WINDOWS\system32\wermgr.exe
2022-12-18 08:26:28 ----A---- C:\WINDOWS\system32\WerFaultSecure.exe
2022-12-18 08:26:28 ----A---- C:\WINDOWS\system32\WerFault.exe
2022-12-18 08:26:28 ----A---- C:\WINDOWS\system32\weretw.dll
2022-12-18 08:26:28 ----A---- C:\WINDOWS\system32\WerEnc.dll
2022-12-18 08:26:28 ----A---- C:\WINDOWS\system32\werdiagcontroller.dll
2022-12-18 08:26:28 ----A---- C:\WINDOWS\system32\wer.dll
2022-12-18 08:26:28 ----A---- C:\WINDOWS\system32\tzres.dll
2022-12-18 08:26:28 ----A---- C:\WINDOWS\system32\samlib.dll
2022-12-18 08:26:28 ----A---- C:\WINDOWS\system32\OneSettingsClient.dll
2022-12-18 08:26:28 ----A---- C:\WINDOWS\system32\offlinesam.dll
2022-12-18 08:26:28 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2022-12-18 08:26:28 ----A---- C:\WINDOWS\system32\Faultrep.dll
2022-12-18 08:26:28 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2022-12-18 08:26:28 ----A---- C:\WINDOWS\system32\dbgcore.dll
2022-12-18 08:26:28 ----A---- C:\WINDOWS\system32\basesrv.dll
2022-12-18 08:26:27 ----A---- C:\WINDOWS\system32\wldp.dll
2022-12-18 08:26:27 ----A---- C:\WINDOWS\system32\WinTypes.dll
2022-12-18 08:26:27 ----A---- C:\WINDOWS\system32\winload.exe
2022-12-18 08:26:27 ----A---- C:\WINDOWS\system32\wincorlib.dll
2022-12-18 08:26:27 ----A---- C:\WINDOWS\system32\srpapi.dll
2022-12-18 08:26:27 ----A---- C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2022-12-18 08:26:27 ----A---- C:\WINDOWS\system32\samsrv.dll
2022-12-18 08:26:27 ----A---- C:\WINDOWS\system32\NotificationControllerPS.dll
2022-12-18 08:26:27 ----A---- C:\WINDOWS\system32\NotificationController.dll
2022-12-18 08:26:27 ----A---- C:\WINDOWS\system32\dwmcore.dll
2022-12-18 08:26:27 ----A---- C:\WINDOWS\system32\drivers\applockerfltr.sys
2022-12-18 08:26:27 ----A---- C:\WINDOWS\system32\drivers\appid.sys
2022-12-18 08:26:27 ----A---- C:\WINDOWS\system32\combase.dll
2022-12-18 08:26:27 ----A---- C:\WINDOWS\system32\ci.dll
2022-12-18 08:26:27 ----A---- C:\WINDOWS\system32\AppLockerCSP.dll
2022-12-18 08:26:27 ----A---- C:\WINDOWS\system32\appidtel.exe
2022-12-18 08:26:26 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2022-12-18 08:26:26 ----A---- C:\WINDOWS\system32\wups2.dll
2022-12-18 08:26:26 ----A---- C:\WINDOWS\system32\wuauclt.exe
2022-12-18 08:26:26 ----A---- C:\WINDOWS\system32\virtdisk.dll
2022-12-18 08:26:26 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2022-12-18 08:26:26 ----A---- C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2022-12-18 08:26:26 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2022-12-18 08:26:26 ----A---- C:\WINDOWS\system32\PCShellCommonProxyStub.dll
2022-12-18 08:26:26 ----A---- C:\WINDOWS\system32\convertvhd.exe
2022-12-18 08:26:25 ----A---- C:\WINDOWS\system32\wups.dll
2022-12-18 08:26:25 ----A---- C:\WINDOWS\system32\wuaueng.dll
2022-12-18 08:26:25 ----A---- C:\WINDOWS\system32\wuapi.dll
2022-12-18 08:26:25 ----A---- C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2022-12-18 08:26:25 ----A---- C:\WINDOWS\system32\win32u.dll
2022-12-18 08:26:25 ----A---- C:\WINDOWS\system32\win32kfull.sys
2022-12-18 08:26:25 ----A---- C:\WINDOWS\system32\win32k.sys
2022-12-18 08:26:25 ----A---- C:\WINDOWS\system32\usosvc.dll
2022-12-18 08:26:25 ----A---- C:\WINDOWS\system32\usocoreworker.exe
2022-12-18 08:26:25 ----A---- C:\WINDOWS\system32\UsoClient.exe
2022-12-18 08:26:25 ----A---- C:\WINDOWS\system32\usoapi.dll
2022-12-18 08:26:25 ----A---- C:\WINDOWS\system32\user32.dll
2022-12-18 08:26:25 ----A---- C:\WINDOWS\system32\upshared.dll
2022-12-18 08:26:25 ----A---- C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2022-12-18 08:26:25 ----A---- C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2022-12-18 08:26:25 ----A---- C:\WINDOWS\system32\SensorsNativeApi.dll
2022-12-18 08:26:25 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2022-12-18 08:26:25 ----A---- C:\WINDOWS\system32\MusNotifyIcon.exe
2022-12-18 08:26:25 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2022-12-18 08:26:25 ----A---- C:\WINDOWS\system32\MusNotification.exe
2022-12-18 08:26:25 ----A---- C:\WINDOWS\system32\musdialoghandlers.dll
2022-12-18 08:26:25 ----A---- C:\WINDOWS\system32\MoUsoCoreWorker.exe
2022-12-18 08:26:25 ----A---- C:\WINDOWS\system32\HttpsDataSource.dll
2022-12-18 08:26:25 ----A---- C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2022-12-18 08:26:25 ----A---- C:\WINDOWS\system32\EnterpriseAppMgmtClient.dll
2022-12-18 08:26:24 ----A---- C:\WINDOWS\system32\wpnapps.dll
2022-12-18 08:26:24 ----A---- C:\WINDOWS\system32\wintrust.dll
2022-12-18 08:26:24 ----A---- C:\WINDOWS\system32\windows.storage.dll
2022-12-18 08:26:24 ----A---- C:\WINDOWS\system32\WaaSMedicCapsule.dll
2022-12-18 08:26:24 ----A---- C:\WINDOWS\system32\kerberos.dll
2022-12-18 08:26:22 ----A---- C:\WINDOWS\system32\wuapihost.exe
2022-12-18 08:26:22 ----A---- C:\WINDOWS\system32\WaaSMedicSvc.dll
2022-12-18 08:26:22 ----A---- C:\WINDOWS\system32\WaaSMedicPS.dll
2022-12-18 08:26:22 ----A---- C:\WINDOWS\system32\WaaSMedicAgent.exe
2022-12-18 08:26:22 ----A---- C:\WINDOWS\system32\storewuauth.dll
2022-12-18 08:26:22 ----A---- C:\WINDOWS\system32\MapRouter.dll
2022-12-18 08:26:22 ----A---- C:\WINDOWS\system32\MapGeocoder.dll
2022-12-18 08:26:22 ----A---- C:\WINDOWS\system32\ISM.dll
2022-12-18 08:26:22 ----A---- C:\WINDOWS\system32\InstallServiceTasks.dll
2022-12-18 08:26:22 ----A---- C:\WINDOWS\system32\InstallService.dll
2022-12-18 08:26:21 ----A---- C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2022-12-18 08:26:21 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.Preview.DOSettings.dll
2022-12-18 08:26:21 ----A---- C:\WINDOWS\system32\win32kbase.sys
2022-12-18 08:26:21 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2022-12-18 08:26:21 ----A---- C:\WINDOWS\system32\tzautoupdate.dll
2022-12-18 08:26:21 ----A---- C:\WINDOWS\system32\oemlicense.dll
2022-12-18 08:26:21 ----A---- C:\WINDOWS\system32\licensingdiag.exe
2022-12-18 08:26:21 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2022-12-18 08:26:21 ----A---- C:\WINDOWS\system32\dxgi.dll
2022-12-18 08:26:21 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2022-12-18 08:26:21 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2022-12-18 08:26:21 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2022-12-18 08:26:21 ----A---- C:\WINDOWS\system32\drivers\ClipSp.sys
2022-12-18 08:26:21 ----A---- C:\WINDOWS\system32\dosvc.dll
2022-12-18 08:26:21 ----A---- C:\WINDOWS\system32\domgmt.dll
2022-12-18 08:26:21 ----A---- C:\WINDOWS\system32\deviceaccess.dll
2022-12-18 08:26:21 ----A---- C:\WINDOWS\system32\ClipSVC.dll
2022-12-18 08:26:21 ----A---- C:\WINDOWS\system32\Clipc.dll
2022-12-18 08:26:21 ----A---- C:\WINDOWS\system32\cdd.dll
2022-12-18 08:26:21 ----A---- C:\WINDOWS\system32\BingMaps.dll
2022-12-18 08:26:20 ----A---- C:\WINDOWS\system32\Windows.Networking.HostName.dll
2022-12-18 08:26:20 ----A---- C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2022-12-18 08:26:20 ----A---- C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2022-12-18 08:26:20 ----A---- C:\WINDOWS\system32\Windows.CloudStore.dll
2022-12-18 08:26:20 ----A---- C:\WINDOWS\system32\smartscreenps.dll
2022-12-18 08:26:20 ----A---- C:\WINDOWS\system32\smartscreen.exe
2022-12-18 08:26:20 ----A---- C:\WINDOWS\system32\qmgr.dll
2022-12-18 08:26:20 ----A---- C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2022-12-18 08:26:20 ----A---- C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2022-12-18 08:26:20 ----A---- C:\WINDOWS\system32\GameInput.dll
2022-12-18 08:26:20 ----A---- C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2022-12-18 08:26:20 ----A---- C:\WINDOWS\system32\aadtb.dll
2022-12-18 08:26:19 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2022-12-18 08:26:19 ----A---- C:\WINDOWS\system32\Windows.CloudStore.Schema.Shell.dll
2022-12-18 08:26:19 ----A---- C:\WINDOWS\system32\w32time.dll
2022-12-18 08:26:19 ----A---- C:\WINDOWS\system32\usbmon.dll
2022-12-18 08:26:19 ----A---- C:\WINDOWS\system32\ShellCommonCommonProxyStub.dll
2022-12-18 08:26:19 ----A---- C:\WINDOWS\system32\ShareHost.dll
2022-12-18 08:26:19 ----A---- C:\WINDOWS\system32\pkeyhelper.dll
2022-12-18 08:26:19 ----A---- C:\WINDOWS\system32\localui.dll
2022-12-18 08:26:19 ----A---- C:\WINDOWS\system32\drivers\WdiWiFi.sys
2022-12-18 08:26:19 ----A---- C:\WINDOWS\system32\cdpusersvc.dll
2022-12-18 08:26:19 ----A---- C:\WINDOWS\system32\cdprt.dll
2022-12-18 08:26:19 ----A---- C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2022-12-18 08:26:19 ----A---- C:\WINDOWS\explorer.exe
2022-12-18 08:26:18 ----A---- C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2022-12-18 08:26:18 ----A---- C:\WINDOWS\system32\Windows.Management.Service.dll
2022-12-18 08:26:18 ----A---- C:\WINDOWS\system32\Windows.Management.ModernDeployment.ConfigProviders.dll
2022-12-18 08:26:18 ----A---- C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-12-18 08:26:18 ----A---- C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2022-12-18 08:26:18 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2022-12-18 08:26:18 ----A---- C:\WINDOWS\system32\win32spl.dll
2022-12-18 08:26:18 ----A---- C:\WINDOWS\system32\TpmTasks.dll
2022-12-18 08:26:18 ----A---- C:\WINDOWS\system32\TaskFlowDataEngine.dll
2022-12-18 08:26:18 ----A---- C:\WINDOWS\system32\spoolsv.exe
2022-12-18 08:26:18 ----A---- C:\WINDOWS\system32\SpeechPal.dll
2022-12-18 08:26:18 ----A---- C:\WINDOWS\system32\PrinterCleanupTask.dll
2022-12-18 08:26:18 ----A---- C:\WINDOWS\system32\localspl.dll
2022-12-18 08:26:18 ----A---- C:\WINDOWS\system32\FlightSettings.dll
2022-12-18 08:26:18 ----A---- C:\WINDOWS\system32\FaxPrinterInstaller.dll
2022-12-18 08:26:18 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2022-12-18 08:26:18 ----A---- C:\WINDOWS\system32\drivers\fsdepends.sys
2022-12-18 08:26:18 ----A---- C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2022-12-18 08:26:18 ----A---- C:\WINDOWS\system32\autopilotdiag.dll
2022-12-18 08:26:18 ----A---- C:\WINDOWS\system32\autopilot.dll
2022-12-18 08:26:18 ----A---- C:\WINDOWS\system32\AudioSes.dll
2022-12-18 08:26:18 ----A---- C:\WINDOWS\system32\AppListBackupLauncher.dll
2022-12-18 08:26:18 ----A---- C:\WINDOWS\splwow64.exe
2022-12-18 08:26:17 ----A---- C:\WINDOWS\system32\drivers\Vid.sys
2022-12-18 08:26:17 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2022-12-18 08:26:17 ----A---- C:\WINDOWS\system32\drivers\BTHUSB.SYS
2022-12-18 08:26:17 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2022-12-18 08:26:17 ----A---- C:\WINDOWS\system32\drivers\BthMini.SYS
2022-12-18 08:26:17 ----A---- C:\WINDOWS\system32\drivers\bthenum.sys
2022-12-18 08:26:16 ----A---- C:\WINDOWS\system32\drivers\xinputhid.sys
2022-12-18 08:19:51 ----HD---- C:\$WinREAgent
2022-12-18 08:19:41 ----A---- C:\WINDOWS\SYSWOW64\poqexec.exe
2022-12-18 08:19:40 ----A---- C:\WINDOWS\system32\poqexec.exe

======List of files/folders modified in the last 1 month======

2023-01-05 12:40:33 ----A---- C:\WINDOWS\SYSWOW64\qengineOff.ini
2023-01-05 12:40:31 ----D---- C:\Program Files\trend micro
2023-01-05 12:40:31 ----A---- C:\WINDOWS\system32\qengineOff.ini
2023-01-05 12:39:38 ----D---- C:\WINDOWS\Temp
2023-01-05 12:39:21 ----D---- C:\ProgramData\Qustodio
2023-01-05 12:35:39 ----D---- C:\WINDOWS\System32
2023-01-05 12:35:39 ----D---- C:\WINDOWS\INF
2023-01-05 12:35:39 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2023-01-05 12:35:23 ----D---- C:\Users\Uzivatel\AppData\Roaming\vlc
2023-01-05 12:34:05 ----D---- C:\rsit
2023-01-05 12:32:59 ----D---- C:\FRST
2023-01-05 12:32:57 ----SHD---- C:\System Volume Information
2023-01-05 12:30:40 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2023-01-05 12:30:39 ----D---- C:\Program Files (x86)\Google
2023-01-05 12:30:25 ----D---- C:\Program Files\CCleaner
2023-01-05 12:30:08 ----D---- C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-01-05 12:28:41 ----D---- C:\ProgramData\NVIDIA
2023-01-05 12:28:29 ----D---- C:\ProgramData\boost_interprocess
2023-01-05 12:28:23 ----D---- C:\Intel
2023-01-05 12:28:20 ----ASH---- C:\DumpStack.log.tmp
2023-01-05 12:26:10 ----D---- C:\WINDOWS\system32\sru
2023-01-05 11:51:02 ----D---- C:\WINDOWS\system32\catroot2
2023-01-05 11:27:29 ----D---- C:\WINDOWS\system32\SleepStudy
2023-01-05 08:57:00 ----RD---- C:\WINDOWS\Microsoft.NET
2023-01-05 08:56:43 ----HD---- C:\Program Files\WindowsApps
2023-01-05 08:56:43 ----D---- C:\WINDOWS\AppReadiness
2023-01-04 12:39:17 ----D---- C:\Users\Uzivatel\AppData\Roaming\Evernote
2023-01-04 10:31:31 ----D---- C:\WINDOWS\Logs
2023-01-04 09:20:00 ----D---- C:\Users\Uzivatel\AppData\Roaming\DropboxElectron
2023-01-04 09:19:34 ----D---- C:\Program Files (x86)\Dropbox
2023-01-04 09:19:29 ----D---- C:\WINDOWS\system32\drivers
2023-01-03 06:00:02 ----D---- C:\WINDOWS\system32\LogFiles
2023-01-02 23:10:39 ----D---- C:\WINDOWS\LiveKernelReports
2023-01-01 14:33:15 ----D---- C:\WINDOWS\system32\config
2022-12-28 11:06:41 ----D---- C:\ProgramData\CanonIJPLM
2022-12-23 09:56:50 ----D---- C:\WINDOWS\Tasks
2022-12-23 09:56:50 ----D---- C:\WINDOWS\system32\Tasks
2022-12-20 19:27:30 ----D---- C:\Program Files\Mozilla Firefox
2022-12-20 19:27:30 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2022-12-20 09:16:48 ----RSD---- C:\WINDOWS\assembly
2022-12-18 15:00:48 ----D---- C:\WINDOWS\WinSxS
2022-12-18 15:00:02 ----D---- C:\WINDOWS\system32\DriverStore
2022-12-18 14:55:28 ----SD---- C:\WINDOWS\system32\UNP
2022-12-18 14:55:28 ----D---- C:\WINDOWS\SYSWOW64\zh-TW
2022-12-18 14:55:28 ----D---- C:\WINDOWS\SYSWOW64\zh-CN
2022-12-18 14:55:28 ----D---- C:\WINDOWS\SYSWOW64\WinMetadata
2022-12-18 14:55:28 ----D---- C:\WINDOWS\SYSWOW64\uk-UA
2022-12-18 14:55:28 ----D---- C:\WINDOWS\SYSWOW64\tr-TR
2022-12-18 14:55:28 ----D---- C:\WINDOWS\SYSWOW64\th-TH
2022-12-18 14:55:28 ----D---- C:\WINDOWS\SYSWOW64\sv-SE
2022-12-18 14:55:28 ----D---- C:\WINDOWS\SYSWOW64\sr-Latn-RS
2022-12-18 14:55:28 ----D---- C:\WINDOWS\SYSWOW64\sl-SI
2022-12-18 14:55:28 ----D---- C:\WINDOWS\SYSWOW64\sk-SK
2022-12-18 14:55:28 ----D---- C:\WINDOWS\SYSWOW64\ru-RU
2022-12-18 14:55:28 ----D---- C:\WINDOWS\SYSWOW64\ro-RO
2022-12-18 14:55:28 ----D---- C:\WINDOWS\SYSWOW64\pt-PT
2022-12-18 14:55:28 ----D---- C:\WINDOWS\SYSWOW64\pt-BR
2022-12-18 14:55:28 ----D---- C:\WINDOWS\SYSWOW64\pl-PL
2022-12-18 14:55:28 ----D---- C:\WINDOWS\SYSWOW64\nl-NL
2022-12-18 14:55:28 ----D---- C:\WINDOWS\SYSWOW64\nb-NO
2022-12-18 14:55:28 ----D---- C:\WINDOWS\SYSWOW64\migration
2022-12-18 14:55:28 ----D---- C:\WINDOWS\SYSWOW64\lv-LV
2022-12-18 14:55:28 ----D---- C:\WINDOWS\SYSWOW64\lt-LT
2022-12-18 14:55:28 ----D---- C:\WINDOWS\SYSWOW64\ko-KR
2022-12-18 14:55:28 ----D---- C:\WINDOWS\SYSWOW64\ja-JP
2022-12-18 14:55:28 ----D---- C:\WINDOWS\SYSWOW64\it-IT
2022-12-18 14:55:28 ----D---- C:\WINDOWS\SYSWOW64\hu-HU
2022-12-18 14:55:28 ----D---- C:\WINDOWS\SYSWOW64\hr-HR
2022-12-18 14:55:28 ----D---- C:\WINDOWS\SYSWOW64\he-IL
2022-12-18 14:55:28 ----D---- C:\WINDOWS\SYSWOW64\fr-FR
2022-12-18 14:55:28 ----D---- C:\WINDOWS\SYSWOW64\fr-CA
2022-12-18 14:55:28 ----D---- C:\WINDOWS\SYSWOW64\fi-FI
2022-12-18 14:55:28 ----D---- C:\WINDOWS\SYSWOW64\et-EE
2022-12-18 14:55:28 ----D---- C:\WINDOWS\SYSWOW64\es-MX
2022-12-18 14:55:28 ----D---- C:\WINDOWS\SYSWOW64\es-ES
2022-12-18 14:55:28 ----D---- C:\WINDOWS\SYSWOW64\en-US
2022-12-18 14:55:28 ----D---- C:\WINDOWS\SYSWOW64\en-GB
2022-12-18 14:55:28 ----D---- C:\WINDOWS\SYSWOW64\el-GR
2022-12-18 14:55:28 ----D---- C:\WINDOWS\SYSWOW64\Dism
2022-12-18 14:55:28 ----D---- C:\WINDOWS\SYSWOW64\de-DE
2022-12-18 14:55:28 ----D---- C:\WINDOWS\SYSWOW64\da-DK
2022-12-18 14:55:28 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2022-12-18 14:55:28 ----D---- C:\WINDOWS\SYSWOW64\bg-BG
2022-12-18 14:55:28 ----D---- C:\WINDOWS\SYSWOW64\ar-SA
2022-12-18 14:55:28 ----D---- C:\WINDOWS\SysWOW64
2022-12-18 14:55:28 ----D---- C:\WINDOWS\SystemResources
2022-12-18 14:55:28 ----D---- C:\WINDOWS\system32\zh-TW
2022-12-18 14:55:28 ----D---- C:\WINDOWS\system32\zh-CN
2022-12-18 14:55:28 ----D---- C:\WINDOWS\system32\WinMetadata
2022-12-18 14:55:28 ----D---- C:\WINDOWS\system32\wbem
2022-12-18 14:55:28 ----D---- C:\WINDOWS\system32\uk-UA
2022-12-18 14:55:28 ----D---- C:\WINDOWS\system32\tr-TR
2022-12-18 14:55:28 ----D---- C:\WINDOWS\system32\th-TH
2022-12-18 14:55:28 ----D---- C:\WINDOWS\system32\sv-SE
2022-12-18 14:55:28 ----D---- C:\WINDOWS\system32\sr-Latn-RS
2022-12-18 14:55:28 ----D---- C:\WINDOWS\system32\sl-SI
2022-12-18 14:55:28 ----D---- C:\WINDOWS\system32\sk-SK
2022-12-18 14:55:28 ----D---- C:\WINDOWS\system32\ru-RU
2022-12-18 14:55:28 ----D---- C:\WINDOWS\system32\ro-RO
2022-12-18 14:55:28 ----D---- C:\WINDOWS\system32\pt-PT
2022-12-18 14:55:28 ----D---- C:\WINDOWS\system32\pt-BR
2022-12-18 14:55:28 ----D---- C:\WINDOWS\system32\pl-PL
2022-12-18 14:55:28 ----D---- C:\WINDOWS\system32\nl-NL
2022-12-18 14:55:28 ----D---- C:\WINDOWS\system32\nb-NO
2022-12-18 14:55:28 ----D---- C:\WINDOWS\system32\migration
2022-12-18 14:55:28 ----D---- C:\WINDOWS\system32\lv-LV
2022-12-18 14:55:28 ----D---- C:\WINDOWS\system32\lt-LT
2022-12-18 14:55:28 ----D---- C:\WINDOWS\system32\ko-KR
2022-12-18 14:55:28 ----D---- C:\WINDOWS\system32\ja-jp
2022-12-18 14:55:27 ----D---- C:\WINDOWS\system32\it-IT
2022-12-18 14:55:27 ----D---- C:\WINDOWS\system32\hu-HU
2022-12-18 14:55:27 ----D---- C:\WINDOWS\system32\hr-HR
2022-12-18 14:55:27 ----D---- C:\WINDOWS\system32\he-IL
2022-12-18 14:55:27 ----D---- C:\WINDOWS\system32\fr-FR
2022-12-18 14:55:27 ----D---- C:\WINDOWS\system32\fr-CA
2022-12-18 14:55:27 ----D---- C:\WINDOWS\system32\fi-FI
2022-12-18 14:55:27 ----D---- C:\WINDOWS\system32\et-EE
2022-12-18 14:55:27 ----D---- C:\WINDOWS\system32\es-MX
2022-12-18 14:55:27 ----D---- C:\WINDOWS\system32\es-ES
2022-12-18 14:55:27 ----D---- C:\WINDOWS\system32\en-US
2022-12-18 14:55:27 ----D---- C:\WINDOWS\system32\en-GB
2022-12-18 14:55:27 ----D---- C:\WINDOWS\system32\el-GR
2022-12-18 14:55:27 ----D---- C:\WINDOWS\system32\Dism
2022-12-18 14:55:27 ----D---- C:\WINDOWS\system32\de-DE
2022-12-18 14:55:27 ----D---- C:\WINDOWS\system32\da-DK
2022-12-18 14:55:27 ----D---- C:\WINDOWS\system32\cs-CZ
2022-12-18 14:55:27 ----D---- C:\WINDOWS\system32\Boot
2022-12-18 14:55:27 ----D---- C:\WINDOWS\system32\bg-BG
2022-12-18 14:55:27 ----D---- C:\WINDOWS\system32\ar-SA
2022-12-18 14:55:26 ----D---- C:\WINDOWS\Provisioning
2022-12-18 14:55:26 ----D---- C:\WINDOWS\cs-CZ
2022-12-18 14:55:26 ----D---- C:\WINDOWS\bcastdvr
2022-12-18 14:55:26 ----D---- C:\WINDOWS\apppatch
2022-12-18 14:55:26 ----D---- C:\Windows
2022-12-18 14:55:26 ----D---- C:\Program Files\Windows Mail
2022-12-18 14:55:26 ----D---- C:\Program Files\Common Files\System
2022-12-18 14:55:26 ----D---- C:\Program Files (x86)\Windows Mail
2022-12-18 14:55:25 ----D---- C:\WINDOWS\SystemApps
2022-12-18 14:55:25 ----D---- C:\WINDOWS\system32\CodeIntegrity
2022-12-18 08:29:22 ----D---- C:\WINDOWS\CbsTemp
2022-12-18 08:26:17 ----A---- C:\WINDOWS\SYSWOW64\PrintConfig.dll
2022-12-18 08:16:04 ----D---- C:\WINDOWS\system32\MRT
2022-12-18 08:13:53 ----AC---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2022-11-03 118400]
R0 iaStorAC;@oem67.inf,%iaStorAC.DeviceDesc%;Intel(R) Chipset SATA/PCIe RST Premium Controller; C:\WINDOWS\System32\drivers\iaStorAC.sys [2020-03-04 1338336]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2021-06-10 57168]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2022-08-10 44032]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2019-12-07 78136]
R1 CimFS;CimFS; C:\WINDOWS\system32\drivers\CimFS.sys [2022-09-14 98816]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2022-11-03 194336]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2022-11-03 235632]
R1 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2022-11-03 80664]
R1 epfwwfp;epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [2022-11-03 121000]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2019-12-07 59392]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2019-12-07 8704]
R1 qwdf64;qwdf64 service; \??\C:\WINDOWS\system32\Drivers\qwdf64.sys [2022-06-28 41872]
R1 qwdr64;qwdr64 service; \??\C:\WINDOWS\system32\Drivers\qwdr64.sys [2022-06-28 55696]
R2 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2022-11-10 145760]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2022-11-10 496128]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2020-10-16 53248]
R2 qwfp;qwfp; \??\C:\WINDOWS\system32\Drivers\qwfp64.sys [2022-06-28 47640]
R3 ACPIVPC;@oem89.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2022-08-31 48896]
R3 BHTPCRDR;BHTPCRDR; C:\WINDOWS\System32\drivers\bhtpcrdr.sys [2021-10-16 174496]
R3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2022-10-16 280064]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2022-12-18 113664]
R3 BthHFAud;@microsoft_bluetooth_hfp.inf,%BTHHFAUD_DISPLAY_NAME%;Microsoft Bluetooth Hands-Free Audio driver; C:\WINDOWS\System32\drivers\BthHfAud.sys [2022-04-15 65536]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2020-09-12 106496]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2019-12-07 133632]
R3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2022-12-18 1565184]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2022-12-18 110592]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2019-12-07 66576]
R3 ETD;@oem80.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2021-10-16 615976]
R3 ETDSMBus;ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [2022-01-25 53200]
R3 iaLPSS2_GPIO2;@oem73.inf,%iaLPSS2_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_skl.inf_amd64_e79b9f98409084db\iaLPSS2_GPIO2.sys [2021-10-16 95632]
R3 ibtusb;@oem64.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\System32\DriverStore\FileRepository\ibtusb.inf_amd64_b535a610da41fa51\ibtusb.sys [2022-04-06 1081936]
R3 ICCWDT;@oem65.inf,%ICCWDT.SVCDESC%;Intel(R) Watchdog Timer Driver (Intel(R) WDT); C:\WINDOWS\System32\drivers\ICCWDT.sys [2017-10-17 39504]
R3 igfx;igfx; C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\igdkmd64.sys [2022-08-15 44233280]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2022-04-06 6601312]
R3 IntcDAud;@oem96.inf,%IntcAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\System32\DriverStore\FileRepository\intcdaud.inf_amd64_718877413f6508de\IntcDAud.sys [2022-08-15 348720]
R3 MEIx64;@oem11.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\DriverStore\FileRepository\heci.inf_amd64_649c7923a043d3be\x64\TeeDriverW10x64.sys [2022-03-17 309888]
R3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-12-07 65024]
R3 MsQuic;@%SystemRoot%\system32\drivers\msquic.sys,-1; C:\WINDOWS\system32\drivers\msquic.sys [2020-09-12 322376]
R3 Netwtw06;___ Ovladač adaptéru Intel(R) Wireless pro systém Windows 10 64 Bit; C:\WINDOWS\System32\drivers\Netwtw06.sys [2022-04-06 8899176]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvltig.inf_amd64_0d04d46e99e0e8d9\nvlddmkm.sys [2022-03-18 42310288]
R3 NvModuleTracker;@oem57.inf,%ServiceName%;NvModuleTracker; C:\WINDOWS\System32\drivers\NvModuleTracker.sys [2022-03-16 50272]
R3 nvvad_WaveExtensible;@oem28.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2021-11-01 48552]
R3 nvvhci;@oem59.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2021-06-02 67464]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2019-12-07 43832]
S0 eelam;eelam; C:\WINDOWS\system32\DRIVERS\eelam.sys [2022-08-31 16336]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2019-12-07 319800]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2019-12-07 884752]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2019-12-07 172344]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2019-12-07 124216]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2019-12-07 135992]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2019-12-07 81720]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2019-12-07 105480]
S0 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2019-12-07 168464]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2019-12-07 58680]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2019-12-07 68408]
S0 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2022-09-14 142176]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2019-12-07 42296]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2019-12-07 23040]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2022-02-11 694272]
S3 amdgpio2;@amdgpio2.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys [2019-12-07 18432]
S3 amdi2c;@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys [2019-12-07 45568]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2022-12-18 18432]
S3 bertreader;@oem2.inf,%bertreader.SVCDESC%;BERT Reader Service; C:\WINDOWS\System32\drivers\bertreader.sys [2022-02-05 40320]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2022-12-18 45568]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2019-12-07 44032]
S3 dg_ssudbus;@oem25.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [2021-10-08 160376]
S3 FBNetFilter;FBNetFilter; \??\C:\Windows\system32\Drivers\FBNetFlt.sys [2017-04-28 46576]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys [2019-12-07 23040]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2019-12-07 55824]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2019-12-07 66560]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2022-12-18 96080]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2019-12-07 30208]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2019-12-07 1853752]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2019-12-07 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2019-12-07 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2019-12-07 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2019-12-07 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2019-12-07 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2019-12-07 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2019-12-07 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2019-12-07 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2019-12-07 177152]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2019-12-07 177664]
S3 iaStorAfs;@oem67.inf,%iaStorAfs.DisplayName%;iaStorAfs; C:\WINDOWS\System32\drivers\iaStorAfs.sys [2020-03-04 74208]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2019-12-07 558904]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2020-10-16 47104]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel(R) Dynamic Device Peak Power Manager Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2019-12-07 30720]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2019-12-07 59704]
S3 LHidFilt;@oem79.inf,%LHidFilt.SvcDesc%;Logicool SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2021-10-16 86648]
S3 LMouFilt;@oem78.inf,%LMouFilt.SvcDesc%;Logicool SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2021-10-16 69240]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2019-12-07 537608]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2019-12-07 64016]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2022-04-15 386048]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2019-12-07 1131320]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2019-12-07 146232]
S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys [2019-12-07 72720]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2022-04-15 210944]
S3 pelmouse;Mouse Suite Driver; C:\WINDOWS\system32\DRIVERS\pelmouse.sys [2016-07-11 26880]
S3 pelusblf;USB Mouse Low Filter Driver; C:\WINDOWS\system32\DRIVERS\pelusblf.sys [2016-07-11 33048]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2022-11-10 131424]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2019-12-07 17408]
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2019-12-07 27136]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2019-12-07 35128]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2022-09-26 173040]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
R2 CDPUserSvc_4309b;CDPUserSvc_4309b; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
R2 cplspcon;Intel(R) Content Protection HDCP Service; C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHDCPSvc.exe [2022-08-15 343096]
R2 DbxSvc;DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [2022-12-25 46824]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2022-07-13 55320]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
R2 DnsCheckerService;DnsCheckerService; C:\Program Files (x86)\Family First\DDnsChecker\DnsCheckerService.exe [2021-01-19 13824]
R2 Dolby DAX2 API Service;Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [2019-01-21 189464]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2022-07-13 55320]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Security\ekrn.exe [2022-11-03 3428784]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2021-10-16 142944]
R2 igccservice;Intel(R) Graphics Command Center Service; C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c2ac023763d5d3ad\OneApp.IGCC.WinService.exe [2022-08-15 84024]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe [2022-08-15 400440]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2021-04-19 445432]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe [2021-06-16 628616]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2022-03-01 1003128]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\WINDOWS\System32\DriverStore\FileRepository\nvltig.inf_amd64_0d04d46e99e0e8d9\Display.NvContainer\NVDisplay.Container.exe [2022-03-18 1013696]
R2 OneSyncSvc_4309b;OneSyncSvc_4309b; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
R2 PluginLoaderSvc;PluginLoaderSvc; C:\Program Files\Lenovo\Nerve Center\bin\x64\PluginLoaderSvc.exe [2017-04-28 966496]
R2 qengine;qengine; C:\Program Files (x86)\Qustodio\qproxy\qengine.exe [2022-09-22 5621288]
R2 qupdate;qupdate; C:\Program Files (x86)\Qustodio\qapp\QUpdateService.exe [2022-09-23 2348064]
R3 BluetoothUserService_4309b;BluetoothUserService_4309b; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
R3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
R3 cbdhsvc_4309b;cbdhsvc_4309b; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
R3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHeciSvc.exe [2022-08-15 518720]
R3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
R3 ekrnEpfw;ESET Firewall Helper; C:\Program Files\ESET\ESET Security\ekrn.exe [2022-11-03 3428784]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2019-11-08 46184]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2022-07-13 55320]
R3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
S2 brave;Služba Aktualizace Brave (brave); C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [2021-12-18 162456]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2021-11-12 130320]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2022-07-13 55320]
S2 edgeupdate;Služba Microsoft Edge Update (edgeupdate); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-07-09 224160]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-10-11 155432]
S2 Intel(R) TPM Provisioning Service;@oem49.inf,%TPMProvisioningServiceName%;Intel(R) TPM Provisioning Service; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\TPMProvisioningService.exe [2021-09-15 729944]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2022-07-13 55320]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
S2 Origin Web Helper Service;Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2022-01-31 3481312]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
S3 AarSvc_4309b;AarSvc_4309b; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
S3 BcastDVRUserService_4309b;BcastDVRUserService_4309b; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
S3 BraveElevationService;Brave Elevation Service (BraveElevationService); C:\Program Files\BraveSoftware\Brave-Browser\Application\108.1.46.144\elevation_service.exe []
S3 bravem;Služba Aktualizace Brave (bravem); C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [2021-12-18 162456]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
S3 CaptureService_4309b;CaptureService_4309b; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
S3 CCleanerPerformanceOptimizerService;CCleaner Performance Optimizer Service; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [2022-12-09 1003344]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2022-07-13 55320]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
S3 ConsentUxUserSvc_4309b;ConsentUxUserSvc_4309b; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2021-09-17 382696]
S3 CredentialEnrollmentManagerUserSvc_4309b;CredentialEnrollmentManagerUserSvc_4309b; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2021-09-17 382696]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2021-11-12 130320]
S3 dcsvc;@%systemroot%\system32\dcsvc,-100; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
S3 DeviceAssociationBrokerSvc_4309b;DeviceAssociationBrokerSvc_4309b; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
S3 DevicePickerUserSvc_4309b;DevicePickerUserSvc_4309b; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
S3 DevicesFlowUserSvc_4309b;DevicesFlowUserSvc_4309b; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2022-01-13 94208]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2022-07-13 55320]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2022-07-13 55320]
S3 edgeupdatem;Služba Microsoft Edge Update (edgeupdatem); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-07-09 224160]
S3 EHttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Security\ehttpsrv.exe [2022-11-03 53880]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2022-07-13 55320]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2022-07-13 55320]
S3 FvSvc;NVIDIA FrameView SDK service; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [2022-03-21 410232]
S3 GalaxyClientService;GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2022-03-21 1959776]
S3 GalaxyCommunication;GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [2022-03-21 6484832]
S3 GameRecorderSVC;GameRecorderSVC; C:\Program Files\Lenovo\Nerve Center\bin\x86\GameRecorderSVC.exe [2017-04-28 392032]
S3 GoogleChromeElevationService;Google Chrome Elevation Service (GoogleChromeElevationService); C:\Program Files (x86)\Google\Chrome\Application\108.0.5359.125\elevation_service.exe [2022-12-13 1722136]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2022-07-13 55320]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-10-11 155432]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
S3 iaStorAfsService;@oem67.inf,%iaStorAfsWindowsService.Name%;Intel(R) Optane(TM) Memory Service; C:\WINDOWS\System32\iaStorAfsService.exe [2020-03-04 2899424]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2022-07-13 55320]
S3 Intel(R) Capability Licensing Service TCP IP Interface;@oem49.inf,%SocketHECIServiceName%;Intel(R) Capability Licensing Service TCP IP Interface; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\SocketHeciServer.exe [2021-09-15 785240]
S3 Intel(R) SUR QC SAM;Intel(R) SUR QC Software Asset Manager; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2021-12-13 3077448]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2022-07-13 55320]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
S3 McpManagementService;@%SystemRoot%\system32\McpManagementService.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
S3 MessagingService_4309b;MessagingService_4309b; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
S3 MicrosoftEdgeElevationService;Microsoft Edge Elevation Service (MicrosoftEdgeElevationService); C:\Program Files (x86)\Microsoft\Edge\Application\108.0.1462.54\elevation_service.exe [2022-12-15 1739208]
S3 MixedRealityOpenXRSvc;@%SystemRoot%\system32\MixedRealityRuntime.dll,-101; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2022-12-20 247200]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2022-07-13 55320]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2022-01-31 2562776]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-06-12 189640]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2021-01-13 106496]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
S3 PimIndexMaintenanceSvc_4309b;PimIndexMaintenanceSvc_4309b; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
S3 PrintWorkflowUserSvc_4309b;PrintWorkflowUserSvc_4309b; C:\WINDOWS\system32\svchost.exe [2022-07-13 55320]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2022-07-13 55320]
S4 ESRV_SVC_QUEENCREEK;Energy Server Service queencreek; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [2022-02-05 1098160]
S4 HfcDisableService;@oem67.inf,%HfcDisableService.DisplayName%;Intel(R) RST HFC Disable Service; C:\WINDOWS\System32\DriverStore\FileRepository\iastorac.inf_amd64_e3f96af62737a898\HfcDisableService.exe [2020-03-04 1916384]

-----------------EOF-----------------

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Myš reaguje divně, sám se mačká enter stisknutím myši

#3 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Log RSIT u 64b systémů není třeba dávat, není s nimi zcela kompatibilní.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

keyfor4
Návštěvník
Návštěvník
Příspěvky: 58
Registrován: 30 kvě 2014 22:25

Re: Myš reaguje divně, sám se mačká enter stisknutím myši

#4 Příspěvek od keyfor4 »

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-05-2023
# Duration: 00:00:00
# OS: Windows 10 (Build 19045.2364)
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\Uzivatel\AppData\Roaming\IObit\Advanced SystemCare

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1761 octets] - [31/10/2021 21:00:45]
AdwCleaner[S01].txt - [1822 octets] - [31/10/2021 21:01:32]
AdwCleaner[S02].txt - [1883 octets] - [31/10/2021 21:04:34]
AdwCleaner[C02].txt - [2090 octets] - [31/10/2021 21:05:08]
AdwCleaner[S03].txt - [1872 octets] - [05/01/2023 17:01:54]
AdwCleaner[S04].txt - [1933 octets] - [05/01/2023 17:02:49]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C04].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Myš reaguje divně, sám se mačká enter stisknutím myši

#5 Příspěvek od Rudy »

OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

keyfor4
Návštěvník
Návštěvník
Příspěvky: 58
Registrován: 30 kvě 2014 22:25

Re: Myš reaguje divně, sám se mačká enter stisknutím myši

#6 Příspěvek od keyfor4 »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-12-2022
Ran by Uzivatel (administrator) on MICHALA (LENOVO 80WK) (06-01-2023 13:51:55)
Running from C:\Users\Uzivatel\Desktop
Loaded Profiles: Uzivatel
Platform: Microsoft Windows 10 Home Version 22H2 19045.2364 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Qustodio\qproxy\qengine.exe ->) (Qustodio Technologies SL -> ) C:\Program Files (x86)\Qustodio\qapp\crashpad_handler.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(explorer.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4232.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <15>
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (LENOVO -> Lenovo(beijing) Limited) C:\Program Files\Lenovo\Nerve Center\bin\x64\PluginLoaderSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvltig.inf_amd64_0d04d46e99e0e8d9\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Qustodio Technologies SL -> Qustodio Technologies) C:\Program Files (x86)\Qustodio\qproxy\qengine.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4232.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (LENOVO -> Lenovo(beijing) Limited) C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenterUpdateAgent.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22102.229.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.2300_none_7e14edbc7c88b7d5\TiWorker.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19677688 2021-10-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617784 2021-10-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617784 2021-10-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [194480 2022-11-03] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11327200 2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [QAppTray] => C:\Program Files (x86)\Qustodio\qapp\QAppTray.exe [5817888 2022-09-23] (Qustodio Technologies SL -> Qustodio Technologies)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [279240 2016-12-09] (Canon Inc. -> CANON INC.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\Run: [launchOnStartup] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [13799776 2022-03-21] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\Run: [Steam] => D:\Steam\steam.exe [4246376 2022-12-15] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38916432 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\Run: [com.squirrel.slack.slack] => C:\Users\Uzivatel\AppData\Local\slack\slack.exe [309040 2022-08-31] (Slack Technologies, Inc. -> Slack Technologies Inc.)
HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\MountPoints2: {4fbf8dc8-fa2c-11ec-adc3-54e1ad4b7247} - "E:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\Canon G3010 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDEI.DLL [482816 2017-08-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon TS5000 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDF.DLL [30720 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor G3010 series: C:\WINDOWS\system32\CNMLMEI.DLL [1303040 2017-08-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5300 series: CNMLMAT.DLL (No File)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS5000 series: C:\WINDOWS\system32\CNMLMDF.DLL [485376 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS5000 series XPS: C:\WINDOWS\system32\CNMXLMDF.DLL [487424 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [359936 2012-06-14] (CANON INC.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\108.0.5359.125\Installer\chrmstp.exe [2022-12-16] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\108.1.46.144\Installer\chrmstp.exe [2022-12-15] (Brave Software, Inc. -> Brave Software, Inc.)
GroupPolicy\User: Restriction ? <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02276FA8-2F26-4150-B8BF-51C0AD1C7BEB} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {0FDAAC7E-54CC-42D3-81C8-64B220F6E612} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2567049384-1476051938-1418897080-1002 => C:\Users\Uzivatel\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File)
Task: {1001AFA4-6FD5-41D1-9947-F6D1D6608426} - System32\Tasks\Opera scheduled assistant Autoupdate 1656611901 => C:\Users\Uzivatel\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Uzivatel\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {1683CC96-F947-4DAD-8D7F-C388FBFFAEE2} - System32\Tasks\Opera scheduled Autoupdate 1656611895 => C:\Users\Uzivatel\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {19FCE532-E3E3-4CD5-B322-2898E6A1F1A6} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {29A72C34-32DC-4F07-9604-57EEE19E599C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {3070743D-48EF-4580-9B8D-7AF2BFE073BE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {37DF3989-B35D-416D-97D6-955BF6B40BA0} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {3A83F326-857D-4092-9692-A2F8CDF072E3} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-12-09] (Piriform Software Ltd -> Piriform)
Task: {3EA38098-76CC-487A-BB78-4C3025E80648} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3077448 2021-12-13] (Intel Corporation -> Intel Corporation)
Task: {4A318BEE-B304-4FB7-A059-DE978439D427} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {4FD19FF7-92AD-44BE-A093-191FE9511092} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {509436D4-DAAA-4C40-B6C5-9CD48C4A7AE9} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "1351fa5c-2ac1-4f85-a3a0-4de5e77ad4ec" --version "6.07.10191" --silent
Task: {518F092C-C398-4788-8D59-2E58EABE786B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-01] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {51ADEE62-7337-4038-9DF3-674806DAF427} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {58BD1CEE-AFAD-472D-9CF9-7B229E424DBC} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2567049384-1476051938-1418897080-1002 => C:\Users\Uzivatel\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {5D9E662D-407A-4E94-BF2E-7294BDA7B4F8} - System32\Tasks\CCleanerSkipUAC - Uzivatel => C:\Program Files\CCleaner\CCleaner.exe [32602448 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {63CC4E57-26E7-44F9-9E8B-DEE607E1D013} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {65A96F5D-1447-475D-8177-EAFB2E46939B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {67506DFB-2FDD-4999-8DA5-2773D83BE552} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe /CM -search R -action INSTALL -includerebootpackages 1,3,4 -noicon -noreboot -nolicense -defaultupdate -schtask (No File)
Task: {74EA52C1-1E75-45EB-BDD8-F6EA087AB992} - System32\Tasks\GoogleUpdateTaskMachineCore{79EC1C55-1C31-40FC-A573-A9D45B7262A9} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-10-11] (Google Inc -> Google LLC)
Task: {794177E9-F5AC-44DE-90E7-8D46F9FC3186} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {79D2EFCE-7F3B-4458-9433-2C285FAC211D} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {7EE6C38D-C04B-42CA-BAA2-A3202D4B969B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342080 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {8B746C94-F7D0-400F-92C9-530B45939C15} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {9D326BD3-C485-460B-ACD8-655979BCEE16} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162456 2021-12-18] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {9D8250B7-30FE-418F-AEF2-AD6D95BE7FAC} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {A17FCD6C-655F-4518-AFF1-D625717A0664} - System32\Tasks\GoogleUpdateTaskMachineUA{840A3A40-9A02-4585-B354-6E9D393B94AA} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-10-11] (Google Inc -> Google LLC)
Task: {A724C4B6-C811-4825-A025-204E820A767D} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {A7986DE1-334C-4A42-A6AA-FDCA819193C4} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162456 2021-12-18] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {AB5DF58E-66C9-4610-8103-9EC70023DFC0} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3077448 2021-12-13] (Intel Corporation -> Intel Corporation)
Task: {D9B587DE-F8F3-4A01-8754-D67AE9F6054A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646344 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {E218548D-EF9E-47ED-A06D-BB5A4ADA92BF} - System32\Tasks\NerveCenterUpdate => C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenterUpdateAgent.exe [744800 2017-04-28] (LENOVO -> Lenovo(beijing) Limited)
Task: {F7866A90-CE98-4729-8EC4-6FABEDEA486E} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {F7920DBF-32FC-4719-85C6-C245E9DF19A0} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe PendingTask (No File)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{048e9000-5619-41aa-b32e-01d2d585c78b}: [DhcpNameServer] 192.168.2.1 0.0.0.0
Tcpip\..\Interfaces\{e5ea96d8-3994-4a08-886a-d1c2a3fe2cbc}: [DhcpNameServer] 192.168.1.1

Edge:
=======
DownloadDir: C:\Users\Uzivatel\Downloads
Edge Profile: C:\Users\Uzivatel\AppData\Local\Microsoft\Edge\User Data\Default [2023-01-05]
Edge DownloadDir: Default -> C:\Users\Uzivatel\Downloads
Edge StartupUrls: Default -> "hxxps://r-pass.cz/"

FireFox:
========
FF DefaultProfile: 37tql1uz.default
FF ProfilePath: C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\37tql1uz.default [2023-01-05]
FF ProfilePath: C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\vp2ps7ar.default-release-1630156417128 [2023-01-06]
FF Notifications: Mozilla\Firefox\Profiles\vp2ps7ar.default-release-1630156417128 -> hxxps://aukro.cz; hxxps://voyo.nova.cz; hxxps://jaknaletenky.cz; hxxps://meet.google.com
FF Extension: (LastPass: Free Password Manager) - C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\vp2ps7ar.default-release-1630156417128\Extensions\support@lastpass.com.xpi [2022-12-20]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2023-01-06]

Chrome:
=======
CHR Profile: C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default [2023-01-03]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR StartupUrls: Default -> "hxxp://www.r-pass.cz/"
CHR Extension: (Dokumenty Google offline) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-12-23]
CHR Extension: (Vysor) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gidgenkbbabolejbgbpnhbimgjbffefm [2021-12-29]
CHR Extension: (Story Saver) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafcolokinicfdmlidhaebadidhdehpk [2023-01-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]

Brave:
=======
BRA Profile: C:\Users\Uzivatel\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2022-12-13]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\Uzivatel\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2022-11-07]
BRA Extension: (Brave NTP background images) - C:\Users\Uzivatel\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2022-08-30]
BRA Extension: (Wallet Data Files Updater) - C:\Users\Uzivatel\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2022-10-15]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\Uzivatel\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2022-11-07]
BRA Extension: (Brave NTP sponsored images) - C:\Users\Uzivatel\AppData\Local\BraveSoftware\Brave-Browser\User Data\efkihffiamafhbhefjaljejgdpkelpal [2022-11-07]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\Uzivatel\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2022-03-30]
BRA Extension: (Brave Ad Block Updater (CZE, SVK: EasyList Czech and Slovak)) - C:\Users\Uzivatel\AppData\Local\BraveSoftware\Brave-Browser\User Data\omkkefoeihpbpebhhbhmjekpnegokpbj [2022-11-07]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\Uzivatel\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2022-11-07]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162456 2021-12-18] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162456 2021-12-18] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1003344 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
S2 DnsCheckerService; C:\Program Files (x86)\Family First\DDnsChecker\DnsCheckerService.exe [13824 2021-01-19] () [File not signed]
S2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2019-01-21] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
S3 EHttpSrv; C:\Program Files\ESET\ESET Security\ehttpsrv.exe [53880 2022-11-03] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3428784 2022-11-03] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3428784 2022-11-03] (ESET, spol. s r.o. -> ESET)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1959776 2022-03-21] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6484832 2022-03-21] (GOG Sp. z o.o. -> GOG.com)
S3 GameRecorderSVC; C:\Program Files\Lenovo\Nerve Center\bin\x86\GameRecorderSVC.exe [392032 2017-04-28] (LENOVO -> Lenovo(beijing) Limited)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [445432 2021-04-19] (Canon Inc. -> )
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2562776 2022-01-31] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3481312 2022-01-31] (Electronic Arts, Inc. -> Electronic Arts)
R2 PluginLoaderSvc; C:\Program Files\Lenovo\Nerve Center\bin\x64\PluginLoaderSvc.exe [966496 2017-04-28] (LENOVO -> Lenovo(beijing) Limited)
R2 qengine; C:\Program Files (x86)\Qustodio\qproxy\qengine.exe [5621288 2022-09-22] (Qustodio Technologies SL -> Qustodio Technologies)
S2 qupdate; C:\Program Files (x86)\Qustodio\qapp\QUpdateService.exe [2348064 2022-09-23] (Qustodio Technologies SL -> Qustodio Technologies)
S3 Rockstar Service; D:\Rockstar Games\Launcher\RockstarService.exe [2703192 2022-12-12] (Rockstar Games, Inc. -> Rockstar Games)
S2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [12288 2021-11-19] (Microsoft) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\NisSrv.exe [2372048 2020-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MsMpEng.exe [128376 2020-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [20480 2021-11-19] (Microsoft) [File not signed]
S3 BraveElevationService; "C:\Program Files\BraveSoftware\Brave-Browser\Application\108.1.46.144\elevation_service.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvltig.inf_amd64_0d04d46e99e0e8d9\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvltig.inf_amd64_0d04d46e99e0e8d9\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 BHTPCRDR; C:\WINDOWS\System32\drivers\bhtpcrdr.sys [174496 2021-10-16] (BayHub Technology Inc. -> BayHubTech/O2Micro)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [194336 2022-11-03] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [118400 2022-11-03] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [16336 2022-08-31] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [235632 2022-11-03] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [80664 2022-11-03] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [121000 2022-11-03] (ESET, spol. s r.o. -> ESET)
R3 FBNetFilter; C:\Windows\system32\Drivers\FBNetFlt.sys [46576 2017-04-28] (Lenovo (Beijing) Co., Ltd. -> Lenovo(beijing) Limited)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S3 pelmouse; C:\WINDOWS\system32\DRIVERS\pelmouse.sys [26880 2016-07-11] (WDKTestCert idd,131110062695071623 -> TPMX Electronics Ltd.)
S3 pelusblf; C:\WINDOWS\system32\DRIVERS\pelusblf.sys [33048 2016-07-11] (WDKTestCert idd,131110062695071623 -> )
R1 qwdf64; C:\WINDOWS\system32\Drivers\qwdf64.sys [41872 2022-06-28] (Qustodio Technologies, SL -> Qustodio Technologies)
R1 qwdr64; C:\WINDOWS\system32\Drivers\qwdr64.sys [55696 2022-06-28] (Qustodio Technologies, SL -> Qustodio Technologies)
R2 qwfp; C:\WINDOWS\system32\Drivers\qwfp64.sys [47640 2022-06-28] (Microsoft Windows Hardware Compatibility Publisher -> Qustodio Technologies)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [428264 2020-11-03] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69864 2020-11-03] (Microsoft Windows -> Microsoft Corporation)
U3 avgbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-01-06 10:25 - 2023-01-06 11:19 - 000018507 ____H C:\Users\Uzivatel\Desktop\~WRL3679.tmp
2023-01-05 17:07 - 2023-01-05 17:07 - 000001959 _____ C:\Users\Uzivatel\Desktop\AdwCleaner[C04].txt
2023-01-05 17:00 - 2023-01-05 17:01 - 008791352 _____ (Malwarebytes) C:\Users\Uzivatel\Downloads\adwcleaner.exe
2023-01-05 16:53 - 2023-01-05 16:53 - 000343900 _____ C:\Users\Uzivatel\Downloads\Základy křesťanství_1_Bůh a evangelium.pages
2023-01-05 16:50 - 2023-01-05 16:50 - 000177378 _____ C:\Users\Uzivatel\Downloads\Brno-CityH_Rozhodnutí mzdy sbor 2023(1).xlsx
2023-01-05 16:47 - 2023-01-05 16:48 - 000177378 _____ C:\Users\Uzivatel\Downloads\Brno-CityH_Rozhodnutí mzdy sbor 2023.xlsx
2023-01-05 13:03 - 2023-01-05 13:03 - 005349945 _____ C:\Users\Uzivatel\Downloads\lml_rdr_beta_10_1.zip
2023-01-05 12:59 - 2023-01-05 12:59 - 000292404 _____ C:\Users\Uzivatel\Downloads\Scripthook RDR2 (Alexander Blade)-1017-v1-0-1644524357.zip
2023-01-05 12:58 - 2023-01-05 12:58 - 000013447 _____ C:\Users\Uzivatel\Downloads\SaveTime_Gambler_8_and_9_RDR2-1017-v1-0-1633203454.zip
2023-01-05 12:32 - 2023-01-06 13:52 - 000029649 _____ C:\Users\Uzivatel\Desktop\FRST.txt
2023-01-05 12:31 - 2023-01-05 12:31 - 002376192 _____ (Farbar) C:\Users\Uzivatel\Desktop\FRST64.exe
2023-01-04 15:08 - 2023-01-04 15:08 - 000018777 _____ C:\Users\Uzivatel\Desktop\planovaci-kalendar-vyska zdroj-web.xlsx
2023-01-04 13:26 - 2023-01-04 14:47 - 000018785 _____ C:\Users\Uzivatel\Downloads\planovaci-kalendar-vyska zdroj-web.xlsx
2023-01-04 09:19 - 2023-01-04 09:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2023-01-03 10:48 - 2023-01-03 10:48 - 001300377 _____ C:\Users\Uzivatel\Downloads\potvrzení_Equip-1.pdf
2023-01-03 10:47 - 2023-01-03 10:47 - 001300377 _____ C:\Users\Uzivatel\Downloads\potvrzení_Equip.pdf
2023-01-03 10:46 - 2023-01-03 10:46 - 001300377 _____ C:\Users\Uzivatel\Desktop\potvrzení_Equip.pdf
2023-01-03 09:21 - 2023-01-03 09:21 - 000107523 _____ C:\Users\Uzivatel\Downloads\hb_potvrzeni_uroky_587995-1_20230101_009.pdf
2023-01-03 08:33 - 2023-01-03 08:33 - 000768068 _____ C:\Users\Uzivatel\Desktop\KoloemociCZ.pdf
2022-12-25 00:54 - 2022-12-25 00:54 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2022-12-20 19:20 - 2022-12-20 19:58 - 000000000 ____D C:\Users\Uzivatel\Documents\Mount&Blade Savegames
2022-12-20 19:19 - 2022-12-20 20:11 - 000000000 ____D C:\Users\Uzivatel\AppData\Roaming\Mount&Blade
2022-12-20 19:01 - 2022-12-20 19:01 - 000116165 _____ C:\Users\Uzivatel\Downloads\2022123083.pdf
2022-12-20 18:09 - 2022-12-20 18:09 - 000000000 ____D C:\Users\Uzivatel\Documents\Mount&Blade Warband Savegames
2022-12-20 18:08 - 2022-12-20 20:43 - 000000000 ____D C:\Users\Uzivatel\Documents\Mount&Blade Warband
2022-12-20 18:08 - 2022-12-20 18:08 - 000000000 ____D C:\Users\Uzivatel\AppData\Roaming\Mount&Blade Warband
2022-12-18 12:57 - 2022-12-18 12:57 - 000048745 _____ C:\Users\Uzivatel\Downloads\Pohyb_25826003110_na_uctu_2000340629.pdf
2022-12-18 08:19 - 2022-12-18 08:19 - 000000000 ___HD C:\$WinREAgent

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-01-06 13:52 - 2021-10-30 10:56 - 000000000 ____D C:\FRST
2023-01-06 13:52 - 2021-04-11 09:16 - 000013104 _____ C:\WINDOWS\SysWOW64\qengineOff.ini
2023-01-06 13:52 - 2021-04-11 09:16 - 000013104 _____ C:\WINDOWS\system32\qengineOff.ini
2023-01-06 13:51 - 2022-02-11 10:23 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-01-06 13:50 - 2022-04-15 08:57 - 000000000 ____D C:\ProgramData\NVIDIA
2023-01-06 13:50 - 2020-04-22 15:14 - 000000000 ____D C:\Users\Uzivatel\AppData\LocalLow\Mozilla
2023-01-06 13:50 - 2019-10-11 08:29 - 000000000 ____D C:\Program Files (x86)\Google
2023-01-06 11:59 - 2020-08-04 14:11 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-01-06 11:12 - 2021-04-12 13:31 - 000000000 ____D C:\ProgramData\Qustodio
2023-01-06 09:59 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-01-06 09:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-01-06 09:52 - 2021-12-11 09:21 - 000000000 ____D C:\Program Files\CCleaner
2023-01-06 09:51 - 2020-07-09 09:25 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-01-05 17:07 - 2021-10-16 08:57 - 000000000 ____D C:\Users\Uzivatel\AppData\Roaming\IObit
2023-01-05 17:06 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-01-05 16:54 - 2019-10-11 08:25 - 000000000 ____D C:\Users\Uzivatel\AppData\Local\Packages
2023-01-05 14:12 - 2022-04-17 19:28 - 000000000 __SHD C:\Users\Uzivatel\IntelGraphicsProfiles
2023-01-05 12:47 - 2020-04-29 12:48 - 000000000 ____D C:\Users\Uzivatel\AppData\Roaming\vlc
2023-01-05 12:40 - 2021-10-30 11:06 - 000000000 ____D C:\Program Files\trend micro
2023-01-05 12:35 - 2020-08-04 17:44 - 001693268 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-01-05 12:35 - 2019-12-07 15:41 - 000718024 _____ C:\WINDOWS\system32\perfh005.dat
2023-01-05 12:35 - 2019-12-07 15:41 - 000145166 _____ C:\WINDOWS\system32\perfc005.dat
2023-01-05 12:35 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-01-05 12:34 - 2021-10-30 11:06 - 000000000 ____D C:\rsit
2023-01-05 12:28 - 2021-12-11 10:55 - 000008192 ___SH C:\DumpStack.log.tmp
2023-01-05 12:28 - 2021-04-11 09:16 - 000000000 ____D C:\ProgramData\boost_interprocess
2023-01-05 12:28 - 2020-08-04 17:47 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-01-05 12:28 - 2019-10-11 08:30 - 000000000 ____D C:\Intel
2023-01-05 12:26 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-01-04 22:58 - 2021-12-11 09:21 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-01-04 12:39 - 2021-03-18 07:30 - 000000000 ____D C:\Users\Uzivatel\AppData\Roaming\Evernote
2023-01-04 09:20 - 2022-03-30 09:56 - 000000000 ____D C:\Users\Uzivatel\AppData\Roaming\DropboxElectron
2023-01-04 09:19 - 2021-03-18 07:23 - 000000000 ____D C:\Users\Uzivatel\AppData\Local\Dropbox
2023-01-04 09:19 - 2021-03-18 07:23 - 000000000 ____D C:\Program Files (x86)\Dropbox
2023-01-04 09:01 - 2020-08-04 17:47 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-01-04 09:01 - 2020-08-04 17:47 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-01-03 22:20 - 2022-10-03 03:07 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-01-02 23:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-12-28 11:06 - 2022-02-23 16:56 - 000000000 ____D C:\ProgramData\CanonIJPLM
2022-12-23 15:52 - 2022-04-17 19:29 - 000000000 ____D C:\Users\Uzivatel\AppData\Local\D3DSCache
2022-12-23 09:56 - 2022-10-03 03:07 - 000003476 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2022-12-23 09:56 - 2022-01-24 22:45 - 000000000 ____D C:\Users\Uzivatel\AppData\Local\CrashDumps
2022-12-20 19:27 - 2021-03-18 07:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-12-20 19:27 - 2020-07-07 14:36 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-12-20 09:29 - 2021-10-10 19:45 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-12-20 09:29 - 2021-03-18 07:21 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-12-18 14:59 - 2020-08-04 14:11 - 000450512 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemApps
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-12-18 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-12-18 08:29 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-12-18 08:26 - 2020-08-04 17:43 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-12-18 08:16 - 2020-04-22 19:03 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-12-18 08:13 - 2020-04-22 19:03 - 148633544 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-12-17 11:35 - 2020-08-03 10:30 - 000000000 ____D C:\Users\Uzivatel
2022-12-16 13:03 - 2019-10-11 08:30 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-12-15 08:20 - 2021-12-18 17:48 - 000002364 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2022-12-15 08:20 - 2021-12-18 17:48 - 000002323 _____ C:\Users\Public\Desktop\Brave.lnk
2022-12-10 22:18 - 2022-02-19 14:17 - 000014263 _____ C:\Users\Uzivatel\Desktop\inverness.xlsx
2022-12-10 18:35 - 2021-03-18 07:23 - 000000928 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2022-12-10 18:35 - 2021-03-18 07:23 - 000000924 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job

==================== Files in the root of some directories ========

2022-02-11 15:34 - 2022-02-11 15:34 - 000000204 _____ () C:\Users\Uzivatel\AppData\Roaming\359a9ea7-9833-4059-bf05-b7eefa6ef5b7.tmp
2022-01-26 17:49 - 2022-01-26 17:49 - 000000371 _____ () C:\Users\Uzivatel\AppData\Roaming\5daa97cb-195f-4dd7-9cbf-c06510b65b3e.tmp
2020-09-03 11:54 - 2020-09-03 12:18 - 047902775 _____ () C:\Users\Uzivatel\AppData\Roaming\gta5_patch.bin
2020-09-03 11:54 - 2020-09-03 11:54 - 000332800 _____ () C:\Users\Uzivatel\AppData\Roaming\patcher.dll
2021-04-04 19:19 - 2022-03-21 00:40 - 000000081 _____ () C:\Users\Uzivatel\AppData\Local\.bidstack.fault
2020-04-22 16:57 - 2022-01-25 23:02 - 000007597 _____ () C:\Users\Uzivatel\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-12-2022
Ran by Uzivatel (06-01-2023 13:53:09)
Running from C:\Users\Uzivatel\Desktop
Microsoft Windows 10 Home Version 22H2 19045.2364 (X64) (2020-08-04 16:47:59)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2567049384-1476051938-1418897080-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2567049384-1476051938-1418897080-503 - Limited - Disabled)
Guest (S-1-5-21-2567049384-1476051938-1418897080-501 - Limited - Disabled)
Uzivatel (S-1-5-21-2567049384-1476051938-1418897080-1001 - Administrator - Enabled) => C:\Users\Uzivatel
WDAGUtilityAccount (S-1-5-21-2567049384-1476051938-1418897080-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {DF8BEACB-94C9-218A-73AD-A78362A8C516}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.003.20282 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Assassin's Creed Odyssey (HKLM-x32\...\Uplay Install 5059) (Version: - Ubisoft)
Assassin's Creed Origins (HKLM-x32\...\Uplay Install 3539) (Version: - Ubisoft)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 108.1.46.144 - Autoři prohlížeče Brave)
Brother iPrint&Scan (HKLM-x32\...\{566A27C1-043E-4A17-AC78-338559A4953B}) (Version: 10.0.0.120 - Brother Industries, Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{7ef8cf92-cb09-4d1f-a0ed-8c84f4e7a478}) (Version: 10.0.0.120 - Brother Industries, Ltd.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon G3010 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_G3010_series) (Version: 1.01 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.5.3 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.05.1.51 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.4.0.16 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.4.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
Canon TS5000 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS5000_series) (Version: 1.03 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.07 - Piriform)
Dolby Audio X2 Windows API SDK (HKLM\...\{F290F786-5F69-48D4-B20B-D21C7DE56EF0}) (Version: 0.8.8.88 - Dolby Laboratories, Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 164.4.7914 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.685.1 - Dropbox, Inc.) Hidden
ESET Endpoint Antivirus (HKLM\...\{F8DE2A0C-AE50-4915-9F99-12A9B1DFCADA}) (Version: 9.1.2060.0 - ESET, spol. s r.o.)
Evernote 10.49.4 (HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\e4251011-875e-51f3-a464-121adaff5aaa) (Version: 10.49.4 - Evernote Corporation)
FIFA 18 (HKLM-x32\...\{213CC10A-B8CB-4EBA-B277-6B08B7C22A65}) (Version: 1.0.57.57320 - Electronic Arts)
FIFA 19 (HKLM-x32\...\{3391E07D-8484-4124-817E-FCBDA859FD62}) (Version: 1.0.61.54442 - Electronic Arts)
Flawless Widescreen version 1.0.15 (HKLM-x32\...\{7348D82E-8C68-48FF-BA2D-8C97B5B4B3D8}_is1) (Version: 1.0.15 - Flawless Widescreen)
FM Genie Scout 22 version 1.0 22.4.1 beta 13 (HKLM\...\FM Genie Scout 22_is1) (Version: 1.0 22.4.1 beta 13 - )
FMRTE 20.4.4.47 (HKLM-x32\...\{14A58A15-B038-4C19-A024-3B6016F86A14}_is1) (Version: 20.4.4.47 - FMRTE)
FMRTE 22.4.1.23 (HKLM-x32\...\{34EDE299-09F3-48D9-95E9-92EFF3265F81}_is1) (Version: 22.4.1.23 - FMRTE)
FormatFactory 5.4.5.0 (HKLM-x32\...\FormatFactory) (Version: 5.4.5.0 - Free Time)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM\...\{6A6D3422-8127-3867-A83C-56B555636ECA}) (Version: 108.0.5359.125 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.101.0 - Google LLC) Hidden
HttpToUsbBridge (HKLM-x32\...\{3F9BB162-F826-4EBC-AA60-42020CA134CD}) (Version: 2.0.10.1 - Brother Industries Ltd.)
Intel(R) Computing Improvement Program (HKLM\...\{EFE4A88A-FF8B-4D0E-8354-E0B7C3ED9E50}) (Version: 2.4.08840 - Intel Corporation)
Krtek a jeho veliké dobrodružství (HKLM-x32\...\{5DF18D93-076F-4E90-B6CF-3CF96110F1D4}_is1) (Version: - Play sp. z o. o.)
Lenovo Nerve Sense (HKLM\...\{DCB4DFB5-93CA-4BDD-9D08-CE880626B46E}_is1) (Version: 2.6.11.8 - Lenovo)
Microsoft .NET Core Host - 3.1.28 (x64) (HKLM\...\{26ECE92F-518E-40AF-9108-7B7B444A46DE}) (Version: 24.112.31513 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.28 (x64) (HKLM\...\{CDEA72F4-1367-4E0A-AC5F-0EBAF7C6825A}) (Version: 24.112.31513 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.28 (x64) (HKLM\...\{3691148D-EF42-4812-8956-AE11FC413B8D}) (Version: 24.112.31513 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.28 (x64) (HKLM-x32\...\{231e3b76-4d0f-4e60-9d69-f11c9c448630}) (Version: 3.1.28.31513 - Microsoft Corporation)
Microsoft Access MUI (Czech) 2013 (HKLM\...\{90150000-0015-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft DCF MUI (Czech) 2013 (HKLM\...\{90150000-0090-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 108.0.1462.76 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 108.0.1462.54 - Microsoft Corporation)
Microsoft Excel MUI (Czech) 2013 (HKLM\...\{90150000-0016-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (Czech) 2013 (HKLM\...\{90150000-00BA-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Czech) 2013 (HKLM\...\{90150000-0044-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (Czech) 2013 (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Czech) 2013 (HKLM\...\{90150000-00E1-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Czech) 2013 (HKLM\...\{90150000-00E2-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Proofing (Czech) 2013 (HKLM\...\{90150000-002C-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (Czech) 2013 (HKLM\...\{90150000-00C1-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2013 (HKLM\...\{90150000-006E-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (Czech) 2013 (HKLM\...\{90150000-00A1-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Czech) 2013 (HKLM\...\{90150000-001A-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Czech) 2013 (HKLM\...\{90150000-0018-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Czech) 2013 (HKLM\...\{90150000-0019-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Update Health Tools (HKLM\...\{80F1AF52-7AC0-42A3-9AF0-689BFB271D1D}) (Version: 3.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31332 (HKLM-x32\...\{3746f21b-c990-4045-bb33-1cf98cff7a68}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31332 (HKLM\...\{F4499EE3-A166-496C-81BB-51D1BCDC70A9}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31332 (HKLM\...\{3407B900-37F5-4CC2-B612-5CD5D580A163}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Word MUI (Czech) 2013 (HKLM\...\{90150000-001B-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mount and Blade: Warband (HKLM-x32\...\1207666913_is1) (Version: 2.059 - GOG.com)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 108.0.1 (x64 cs)) (Version: 108.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 86.0.1 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
NVIDIA FrameView SDK 1.2.7521.31103277 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.7521.31103277 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.25.1.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.25.1.27 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 512.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 512.15 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.110.50000 - Electronic Arts, Inc.)
Qustodio (HKLM-x32\...\Qustodio) (Version: 185.0.1170.0 - Qustodio)
Red Dead Redemption 2 (HKLM-x32\...\Red Dead Redemption 2) (Version: 1.0.1491.16 - Rockstar Games)
Registrace tiskárny (HKLM-x32\...\Canon EISRegistration) (Version: 1.8.0 - Canon Inc.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.67.1178 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.1.6.5 - Rockstar Games)
Slack (HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\slack) (Version: 4.28.171 - Slack Technologies Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Witcher 3: Wild Hunt - Game of the Year Edition (HKLM-x32\...\1495134320_is1) (Version: 1.32 - GOG.com)
Theophilos 3 (HKLM-x32\...\Theophilos_is1) (Version: - )
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 123.1.10526 - Ubisoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Zoom (HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\ZoomUMX) (Version: 5.11.4 (7185) - Zoom Video Communications, Inc.)

Packages:
=========
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2022-04-12] (Canon Inc.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-01-25] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_141.2.441.0_x64__v10z8vjag6ke6 [2022-12-06] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-01-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-01-25] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-20] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-10-16] (NVIDIA Corp.)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4232.0_x64__8j3eq9eme6ctt [2022-12-20] (INTEL CORP) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2567049384-1476051938-1418897080-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Uzivatel\Dropbox [2021-03-18 07:26]
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-11-03] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files\FormatFactory\ShellEx_108.dll [2020-08-04] (Free Time) [File not signed]
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-11-03] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files\FormatFactory\ShellEx_108.dll [2020-08-04] (Free Time) [File not signed]
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.58.0.dll [2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvltig.inf_amd64_0d04d46e99e0e8d9\nvshext.dll [2022-03-18] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-11-03] (ESET, spol. s r.o. -> ESET)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Vysor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=gidgenkbbabolejbgbpnhbimgjbffefm

==================== Loaded Modules (Whitelisted) =============

2020-04-22 16:53 - 2012-06-14 16:18 - 000359936 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2020-08-04 10:46 - 2020-08-04 10:46 - 000341504 _____ (Free Time) [File not signed] C:\Program Files\FormatFactory\ShellEx_108.dll
2019-10-11 08:30 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2022-12-15 09:45 - 2022-12-15 09:45 - 041845248 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4232.0_x64__8j3eq9eme6ctt\IGCC.dll
2022-02-05 21:03 - 2022-02-05 21:03 - 002122240 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Uzivatel\Desktop\slawek.txt:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Uzivatel\Downloads\jeststar.JPG:com.dropbox.attrs [54]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\qwfp => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2019-08-19] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Uzivatel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "iPSNotifier.lnk"
HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX2"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "QAppTray"
HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\StartupApproved\Run: => "launchOnStartup"
HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\StartupApproved\Run: => "com.squirrel.slack.slack"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{00735113-238B-4D55-B5BF-FA74B81163DB}] => (Allow) D:\Steam\steamapps\common\Gothic 3\Gothic3.exe (Pluto 13 GmbH) [File not signed]
FirewallRules: [{C0930574-F9F1-4CD8-B630-D4EB21DDC8B5}] => (Allow) D:\Steam\steamapps\common\Gothic 3\Gothic3.exe (Pluto 13 GmbH) [File not signed]
FirewallRules: [UDP Query User{644E18D1-1B61-4EA3-BF24-05A0167CA5F4}D:\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\rockstar games\grand theft auto v\gta5.exe => No File
FirewallRules: [TCP Query User{C6881EB2-ADD8-4CF3-A74A-6AF1BC34328F}D:\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\rockstar games\grand theft auto v\gta5.exe => No File
FirewallRules: [{82DFF841-3DBD-4F28-AAD8-0B2CA12BAA34}] => (Allow) D:\Steam\steamapps\common\Risen 3\system\Risen3.exe (Piranha Bytes) [File not signed]
FirewallRules: [{C5667492-043F-4C53-8A4F-DE3E2BA93DAD}] => (Allow) D:\Steam\steamapps\common\Risen 3\system\Risen3.exe (Piranha Bytes) [File not signed]
FirewallRules: [{766C82F3-9D99-474F-90A4-D61EB53F8D48}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{221ECB11-F95C-4DFE-8113-8B4A29028802}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{236872B9-42B6-4AF3-88CC-26D235F7FFA8}D:\fifa 18\fifa18.exe] => (Allow) D:\fifa 18\fifa18.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [TCP Query User{6524545F-07A5-4666-B077-0086B3B82660}D:\fifa 18\fifa18.exe] => (Allow) D:\fifa 18\fifa18.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{E2FB3F5D-97B8-4E5D-839B-DC41D359D472}] => (Allow) D:\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{9C4431C4-9C06-450B-978A-2837075984DB}] => (Allow) D:\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1C74673D-BF51-4CF8-9F38-389FE2E7DC88}] => (Allow) C:\Users\Uzivatel\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{8E9D4316-6F0E-4566-A0DA-238A236B19B8}] => (Allow) C:\Users\Uzivatel\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{4B742B35-886E-46C3-8A4D-655C374106C7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{773FC684-73C2-40E6-BB6F-9FB8FD7AA2E4}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [{2E07F165-71F8-4BC5-AFF4-CFA0847D4DEC}] => (Allow) D:\Steam\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{FCE38A7E-68CD-4F6F-AE19-87D0287201D7}] => (Allow) D:\Steam\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{F637B890-FBCA-4D32-8E20-823B347FE805}] => (Allow) D:\FIFA 18\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{40573400-EA71-4A1B-B808-41B48F02984B}] => (Allow) D:\FIFA 18\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [TCP Query User{49022A4D-8ACE-4715-974A-4E6D53981A00}D:\fifa 19\fifa 19\fifa19.exe] => (Allow) D:\fifa 19\fifa 19\fifa19.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [UDP Query User{AB6AB948-FFD7-418B-AB04-01A1D9EE4DBF}D:\fifa 19\fifa 19\fifa19.exe] => (Allow) D:\fifa 19\fifa 19\fifa19.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{F9F85BB8-7F06-477C-93DB-DA82F136ABAD}] => (Allow) D:\FIFA 19\FIFA 19\FIFASetup\fifaconfig.exe () [File not signed]
FirewallRules: [{CB5873C6-A3E7-4B89-A635-45BB4CD40584}] => (Allow) D:\FIFA 19\FIFA 19\FIFASetup\fifaconfig.exe () [File not signed]
FirewallRules: [{DEB3BFF9-370C-42E1-A9BA-78F3D73BB8F2}] => (Allow) D:\Steam\steamapps\common\Football Manager 2020 Touch\fm.exe (Sports Interactive) [File not signed]
FirewallRules: [{2A5BE423-7356-423B-A12C-FB71FAB89C6E}] => (Allow) D:\Steam\steamapps\common\Football Manager 2020 Touch\fm.exe (Sports Interactive) [File not signed]
FirewallRules: [{81DCE5DE-A739-4D8E-8632-3A99DAE5428D}] => (Allow) D:\Steam\steamapps\common\Football Manager 2020\fm.exe (Sports Interactive) [File not signed]
FirewallRules: [{210E095D-BC8C-45FF-8C94-6713336DDABE}] => (Allow) D:\Steam\steamapps\common\Football Manager 2020\fm.exe (Sports Interactive) [File not signed]
FirewallRules: [{0F333F60-50AF-42BE-A30E-5BB034C29303}] => (Allow) D:\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe (WB Games, Inc.) [File not signed]
FirewallRules: [{88FFAB28-128A-4BC8-A9BF-807D07B10BB2}] => (Allow) D:\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe (WB Games, Inc.) [File not signed]
FirewallRules: [{BF168841-42B5-42FC-B265-30D7CBEC7EB1}] => (Allow) D:\Steam\steamapps\common\ShadowOfWar\x64\ShadowOfWar.exe (WB Games Inc. -> WB Games, Inc.) [File not signed]
FirewallRules: [{22BCD8F0-2BFC-418B-9BFB-D9167A7CB430}] => (Allow) D:\Steam\steamapps\common\ShadowOfWar\x64\ShadowOfWar.exe (WB Games Inc. -> WB Games, Inc.) [File not signed]
FirewallRules: [{12E07712-A987-4C11-A08C-2EA50EABBE66}] => (Allow) D:\UPlay\Assassin's Creed Origins\ACOrigins_plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{716B9874-62AF-463B-B4BF-4A5DD3902733}] => (Allow) D:\UPlay\Assassin's Creed Origins\ACOrigins_plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [TCP Query User{D48F1406-913C-4F80-A8C2-040B63D888BE}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{BCB72D83-E59E-4A0B-B182-251BD7F03B99}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6A5E991B-B25D-4951-A11B-3E5C64DE98A6}] => (Allow) D:\UPlay\Assassin's Creed Odyssey\ACOdyssey_plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{9108980F-D7A1-4F71-8A7F-5BCA048FF9F9}] => (Allow) D:\UPlay\Assassin's Creed Odyssey\ACOdyssey_plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{031762BA-2BA5-4C92-838C-0D4E609CDE4C}] => (Allow) D:\Steam\steamapps\common\Catan Universe\CatanUniverse.exe () [File not signed]
FirewallRules: [{D009F778-D698-41CC-A819-FBF04BA9A199}] => (Allow) D:\Steam\steamapps\common\Catan Universe\CatanUniverse.exe () [File not signed]
FirewallRules: [{CC914DF9-0017-42BD-AC9B-32E17C1B2F70}] => (Allow) D:\Rockstar Games\Red Dead Redemption 2\RDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{0976C554-E931-42C1-AF79-8D95C6AE71F6}] => (Allow) D:\Rockstar Games\Red Dead Redemption 2\RDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{1B0DDD8E-D95D-4F0B-B922-8A6AE143C15B}] => (Allow) LPort=54950
FirewallRules: [{AC175C69-731E-41C3-98DD-43D15D67FF79}] => (Allow) LPort=54955
FirewallRules: [{508A7BC4-7250-41F5-8AD0-57996D813EBB}] => (Allow) D:\Steam\steamapps\common\Risen 2\system\Risen2.exe (Valve Corp. -> Piranha Bytes) [File not signed]
FirewallRules: [{2ECE0799-6FA3-461F-9A53-4C0A439BEF5A}] => (Allow) D:\Steam\steamapps\common\Risen 2\system\Risen2.exe (Valve Corp. -> Piranha Bytes) [File not signed]
FirewallRules: [{5492A6DF-E14B-4E43-B2D4-9A2B5E25EBA9}] => (Allow) D:\Steam\steamapps\common\Medieval Dynasty\Medieval_Dynasty.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{BA974E4C-2B94-4633-AE13-1E9F09D19899}] => (Allow) D:\Steam\steamapps\common\Medieval Dynasty\Medieval_Dynasty.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{C4D29110-C13B-4C44-BD76-A37233CFBC03}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe => No File
FirewallRules: [{A450FA28-EF3C-40F6-B555-49C237BB5B80}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe => No File
FirewallRules: [{1369DEFB-766C-4F1A-8ADF-7649CCAF04A5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{C526FAE7-C0CB-44BB-B7F5-3D2553C46247}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{6726ED58-D550-43E7-8774-E656E4E4344F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{6BD08E7D-8737-4AE3-AE04-559BF63AD53B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{81636135-2429-4DA0-9210-BBD9B62D56FC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{25707C2B-F9F9-433A-8720-C35BFEFAD1C9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{3F400233-B679-45B4-BDBB-65A3BEB2C3ED}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{9D7D09E2-9E06-48BD-92C8-ED54420F97E4}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{95F21196-616E-4AFC-846E-3B213EC3C4F4}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{4797DE98-8E7C-48F8-B6FE-43DB0CB675AF}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{C30672CE-34ED-484C-A09F-7661F04C3024}] => (Allow) D:\Rockstar Games\Red Dead Redemption 2\RDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{56FEB94E-F5DB-4780-8A5A-90A0AE5A3C5E}] => (Allow) D:\Rockstar Games\Red Dead Redemption 2\RDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{6930E813-A37D-409E-B9E6-1E8F3CBCB955}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe => No File
FirewallRules: [{9C376D9E-E3A2-4667-8BA9-C7FD8A08723F}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe => No File
FirewallRules: [{56A2A261-92EE-41A5-8694-0FE9A88EDEB8}] => (Allow) D:\Steam\steamapps\common\Football Manager 2022\fm.exe (Sports Interactive) [File not signed]
FirewallRules: [{F566C02B-9337-4BFB-BC90-291C2976A6A3}] => (Allow) D:\Steam\steamapps\common\Football Manager 2022\fm.exe (Sports Interactive) [File not signed]
FirewallRules: [{9751D6EB-47B5-42F6-AB6D-6F10E4AE4555}] => (Allow) C:\Users\Uzivatel\AppData\Local\Programs\Opera\79.0.4143.22\opera.exe => No File
FirewallRules: [{67CB8CCB-CD66-4B34-9E24-3BC6D9684849}] => (Allow) D:\Steam\steamapps\common\Football Manager 2022 Editor\editor.exe (Sports Interactive) [File not signed]
FirewallRules: [{C3F4BB73-7B00-46B2-9724-6EE17C03101F}] => (Allow) D:\Steam\steamapps\common\Football Manager 2022 Editor\editor.exe (Sports Interactive) [File not signed]
FirewallRules: [{CFA7EBAB-2409-4052-89FA-1083C42D78BA}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{39872C3A-4842-4DDB-8384-29AB685BCB3D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{ABD3A1D8-0745-40A7-8B60-2AD16AFAF987}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\108.0.1462.54\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6143D70D-FC79-4AB3-BABB-1D4E32AA07B6}] => (Allow) D:\Steam\steamapps\common\Mount and Blade\runme.exe () [File not signed]
FirewallRules: [{F87A277F-F011-4371-B796-47E6122CF7B0}] => (Allow) D:\Steam\steamapps\common\Mount and Blade\runme.exe () [File not signed]
FirewallRules: [{7762CBE7-084D-4923-93EF-267BB4DAC99A}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{66538B6E-68E4-4DB0-BB84-28A28BA4FFE2}] => (Allow) %programfiles%\Qustodio\qapp\qwelcomewzd.exe => No File
FirewallRules: [{BC170311-F786-42D4-B33C-6A8EA2791FEB}] => (Allow) %programfiles%\Qustodio\qapp\QUpdateService.exe => No File
FirewallRules: [{389A7A44-5623-47C8-A502-F2F251A1A608}] => (Allow) %programfiles%\Qustodio\qapp\QReport.exe => No File
FirewallRules: [{8F7A387F-99A3-4DB7-A33D-F65FDBD8564A}] => (Allow) %programfiles%\Qustodio\qproxy\qengine.exe => No File
FirewallRules: [{629546A8-CB52-4154-90DF-F12C22633DCB}] => (Allow) %programfiles%\Qustodio\qapp\QAppTray.exe => No File
FirewallRules: [{78461C77-C5BC-4848-AC83-37CEB2A5B8AD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1928BDA3-C726-4B0F-8FCA-9B44580963E7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F9900284-92B0-47E3-918A-4EA7555702BF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{30F304E5-3BC9-429A-93F0-B25DECB22A2F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

25-12-2022 22:08:06 Naplánovaný kontrolní bod
02-01-2023 16:53:55 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/06/2023 10:15:49 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program theophil.exe verze 3.1.6.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1d14

Čas spuštění: 01d921af6ccb849e

Čas ukončení: 17

Cesta k aplikaci: C:\Program Files\theo30\theophil.exe

ID hlášení: f695a622-87ed-41a9-bca9-28b1ce955f7e

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Cross-process

Error: (01/05/2023 02:54:49 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program theophil.exe verze 3.1.6.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: b1c

Čas spuštění: 01d9210d3e881697

Čas ukončení: 7

Cesta k aplikaci: C:\Program Files\theo30\theophil.exe

ID hlášení: 08957f44-0360-4db8-a128-fb90a7a57857

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Cross-process

Error: (01/05/2023 02:16:36 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: MICHALA)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (01/05/2023 12:32:29 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: MICHALA)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (01/05/2023 12:28:30 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Broadcast Receiver Server...

Error: (01/05/2023 12:28:30 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Wait Workflow Commands request from device.

Error: (01/05/2023 12:28:30 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...

Error: (01/05/2023 12:28:30 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...


System errors:
=============
Error: (01/05/2023 05:07:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/05/2023 05:07:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (01/05/2023 05:07:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Brother Workflow Application Controller byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/05/2023 05:07:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba qupdate byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/05/2023 05:07:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba PluginLoaderSvc byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/05/2023 05:07:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba qengine byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (01/05/2023 05:07:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Graphics Command Center Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/05/2023 05:07:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba DbxSvc byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.


Windows Defender:
================Event[0]:

Date: 2022-01-25 20:13:40
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.327.251.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x800706d9
Popis chyby: Pro mapovač koncových bodů nejsou k dispozici další koncové body.

Date: 2022-01-25 20:13:40
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.327.251.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x800706d9
Popis chyby: Pro mapovač koncových bodů nejsou k dispozici další koncové body.

Date: 2022-01-25 20:13:40
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.327.251.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x800706d9
Popis chyby: Pro mapovač koncových bodů nejsou k dispozici další koncové body.

Date: 2022-01-25 20:13:40
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.327.251.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x800706d9
Popis chyby: Pro mapovač koncových bodů nejsou k dispozici další koncové body.

Date: 2022-01-25 20:13:40
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.327.251.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x800706d9
Popis chyby: Pro mapovač koncových bodů nejsou k dispozici další koncové body.

CodeIntegrity:
===============
Date: 2023-01-06 11:19:01
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume5\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO 4KCN45WW 01/11/2019
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i5-7300HQ CPU @ 2.50GHz
Percentage of memory in use: 37%
Total physical RAM: 16276.16 MB
Available physical RAM: 10209.36 MB
Total Virtual: 30964.16 MB
Available Virtual: 24245.04 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:118.61 GB) (Free:17.2 GB) (Model: NVMe SAMSUNG MZVLW128) NTFS
Drive d: (Nový svazek) (Fixed) (Total:931.51 GB) (Free:74.01 GB) (Model: WDC WD10SPZX-24Z10T0) NTFS

\\?\Volume{bf75a89a-4757-4644-acd6-1ed682d5a1d4}\ () (Fixed) (Total:0.52 GB) (Free:0.04 GB) NTFS
\\?\Volume{9baaef05-ab17-4428-90f5-e209f4afca61}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 9786842D)

Partition: GPT.

==========================================================
Disk: 1 (Size: 119.2 GB) (Disk ID: 4BA21061)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Myš reaguje divně, sám se mačká enter stisknutím myši

#7 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2567049384-1476051938-1418897080-1001\...\MountPoints2: {4fbf8dc8-fa2c-11ec-adc3-54e1ad4b7247} - "E:\HiSuiteDownLoader.exe"
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5300 series: CNMLMAT.DLL (No File)
GroupPolicy\User: Restriction ? <==== ATTENTION
Task: {0FDAAC7E-54CC-42D3-81C8-64B220F6E612} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2567049384-1476051938-1418897080-1002 => C:\Users\Uzivatel\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File)
Task: {58BD1CEE-AFAD-472D-9CF9-7B229E424DBC} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2567049384-1476051938-1418897080-1002 => C:\Users\Uzivatel\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {74EA52C1-1E75-45EB-BDD8-F6EA087AB992} - System32\Tasks\GoogleUpdateTaskMachineCore{79EC1C55-1C31-40FC-A573-A9D45B7262A9} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-10-11] (Google Inc -> Google LLC)
Task: {A17FCD6C-655F-4518-AFF1-D625717A0664} - System32\Tasks\GoogleUpdateTaskMachineUA{840A3A40-9A02-4585-B354-6E9D393B94AA} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-10-11] (Google Inc -> Google LLC)
Task: {F7866A90-CE98-4729-8EC4-6FABEDEA486E} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {F7920DBF-32FC-4719-85C6-C245E9DF19A0} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe PendingTask (No File)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
U3 avgbdisk; no ImagePath
C:\Users\Uzivatel\Desktop\~WRL3679.tmp
C:\Users\Uzivatel\AppData\Roaming\359a9ea7-9833-4059-bf05-b7eefa6ef5b7.tmp
C:\Users\Uzivatel\AppData\Roaming\5daa97cb-195f-4dd7-9cbf-c06510b65b3e.tmp
AlternateDataStreams: C:\Users\Uzivatel\Desktop\slawek.txt:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Uzivatel\Downloads\jeststar.JPG:com.dropbox.attrs [54]
FirewallRules: [UDP Query User{644E18D1-1B61-4EA3-BF24-05A0167CA5F4}D:\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\rockstar games\grand theft auto v\gta5.exe => No File
FirewallRules: [TCP Query User{C6881EB2-ADD8-4CF3-A74A-6AF1BC34328F}D:\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\rockstar games\grand theft auto v\gta5.exe => No File
FirewallRules: [{C4D29110-C13B-4C44-BD76-A37233CFBC03}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe => No File
FirewallRules: [{A450FA28-EF3C-40F6-B555-49C237BB5B80}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe => No File
FirewallRules: [{6930E813-A37D-409E-B9E6-1E8F3CBCB955}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe => No File
FirewallRules: [{9C376D9E-E3A2-4667-8BA9-C7FD8A08723F}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe => No File
FirewallRules: [{9751D6EB-47B5-42F6-AB6D-6F10E4AE4555}] => (Allow) C:\Users\Uzivatel\AppData\Local\Programs\Opera\79.0.4143.22\opera.exe => No File
FirewallRules: [{66538B6E-68E4-4DB0-BB84-28A28BA4FFE2}] => (Allow) %programfiles%\Qustodio\qapp\qwelcomewzd.exe => No File
FirewallRules: [{BC170311-F786-42D4-B33C-6A8EA2791FEB}] => (Allow) %programfiles%\Qustodio\qapp\QUpdateService.exe => No File
FirewallRules: [{389A7A44-5623-47C8-A502-F2F251A1A608}] => (Allow) %programfiles%\Qustodio\qapp\QReport.exe => No File
FirewallRules: [{8F7A387F-99A3-4DB7-A33D-F65FDBD8564A}] => (Allow) %programfiles%\Qustodio\qproxy\qengine.exe => No File
FirewallRules: [{629546A8-CB52-4154-90DF-F12C22633DCB}] => (Allow) %programfiles%\Qustodio\qapp\QAppTray.exe => No File

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět