VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

pokus o login na router

https://forum.viry.cz:443/viewtopic.php?t=159069

Stránka 1 z 2

pokus o login na router

Napsal: 10 bře 2023 09:23
od JardaB
Zaregistroval jsem naštěstí zatím jednorázový pokus o neautorizované přihlášení na router ze stanice v domácí síti. Na počítači je relativně čerstvá instalace Windows 10 Home, její uživatel nemá gramotnost pro používání SSH a za roky dozadu si nezpůsobil zavirování počítače. Přikládám část záznamu o útoku

Kód: Vybrat vše

Mar  6 07:17:18 Turris_JB sshd[26452]: Disconnected from invalid user  192.168.2.104 port 53530 [preauth]
Mar  6 07:17:18 Turris_JB sshd[26456]: Invalid user admin from 192.168.2.104 port 53534
Mar  6 07:17:18 Turris_JB sshd[26456]: error: Could not get shadow information for NOUSER
Mar  6 07:17:18 Turris_JB sshd[26456]: Failed password for invalid user admin from 192.168.2.104 port 53534 ssh2
Mar  6 07:17:18 Turris_JB sshd[26456]: Received disconnect from 192.168.2.104 port 53534:11:  [preauth]
Mar  6 07:17:18 Turris_JB sshd[26456]: Disconnected from invalid user admin 192.168.2.104 port 53534 [preauth]
Mar  6 07:17:18 Turris_JB sshd[26458]: Connection closed by 192.168.2.104 port 53535 [preauth]
Mar  6 07:17:18 Turris_JB sshd[26460]: Failed password for root from 192.168.2.104 port 53536 ssh2
Mar  6 07:17:18 Turris_JB sshd[26460]: Received disconnect from 192.168.2.104 port 53536:11:  [preauth]
Mar  6 07:17:18 Turris_JB sshd[26460]: Disconnected from authenticating user root 192.168.2.104 port 53536 [preauth]
Mar  6 07:17:19 Turris_JB sshd[26462]: Invalid user sysadm from 192.168.2.104 port 53537
Mar  6 07:17:19 Turris_JB sshd[26462]: error: Could not get shadow information for NOUSER
Mar  6 07:17:19 Turris_JB sshd[26462]: Failed password for invalid user sysadm from 192.168.2.104 port 53537 ssh2
Mar  6 07:17:19 Turris_JB sshd[26462]: Received disconnect from 192.168.2.104 port 53537:11:  [preauth]
Mar  6 07:17:19 Turris_JB sshd[26462]: Disconnected from invalid user sysadm 192.168.2.104 port 53537 [preauth]
Mar  6 07:17:19 Turris_JB sshd[26464]: Invalid user user from 192.168.2.104 port 53538
Mar  6 07:17:19 Turris_JB sshd[26464]: error: Could not get shadow information for NOUSER

FSRT

Kód: Vybrat vše

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-03-2023
Ran by admin (administrator) on POKOJ (10-03-2023 09:04:05)
Running from D:\Util\Antivir\FRST
Loaded Profiles: admin & Jiřina
Platform: Microsoft Windows 10 Home Version 22H2 19045.2673 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <5>
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Google\Drive File Stream\71.0.3.0\GoogleDriveFS.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\72.0.2.0\GoogleDriveFS.exe <6>
(C:\Program Files\Google\Drive File Stream\72.0.2.0\GoogleDriveFS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\72.0.2.0\crashpad_handler.exe <2>
(C:\Program Files\Logitech\SetPointP\SetPoint.exe ->) (Logitech Inc -> Logitech) C:\Program Files\Logitech\SetPointP\Campaign\LogiCampaignNotifier.exe
(C:\Program Files\Logitech\SetPointP\SetPoint.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1790.13.81.0_x64__8xx8rvfyw5nnt\app\Messenger.exe ->) 0 C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1790.13.81.0_x64__8xx8rvfyw5nnt\app\CrashpadHandlerWindows.exe
(C:\Users\Jiřina\AppData\Local\Programs\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\Jiřina\AppData\Local\Programs\Opera\95.0.4635.46\opera_crashreporter.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxEM.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <7>
(explorer.exe ->) (F.lux Software LLC -> f.lux Software LLC) C:\Users\Jiřina\AppData\Local\FluxSoftware\Flux\flux.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\71.0.3.0\crashpad_handler.exe <2>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\71.0.3.0\GoogleDriveFS.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(explorer.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe <3>
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIJBE.EXE
(explorer.exe ->) (SourceForge.net) [File not signed] D:\Util\Password Safe\pwsafe.exe
(explorer.exe ->) 0 C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1790.13.81.0_x64__8xx8rvfyw5nnt\app\Messenger.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Luis Cobian, CobianSoft) [File not signed] C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Internet Explorer\ielowutil.exe
(Opera Norway AS -> Opera Software) C:\Users\Jiřina\AppData\Local\Programs\Opera\opera.exe <21>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (CobianSoft, Luis Cobian) [File not signed] C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c2ac023763d5d3ad\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHeciSvc.exe
(services.exe ->) (Luis Cobian, CobianSoft) [File not signed] C:\Program Files (x86)\Cobian Backup 11\cbService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.1271.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.1271.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23012.167.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.2664_none_7dfa24947c9c0a36\TiWorker.exe
(svchost.exe ->) 0 C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4628.0_x64__8j3eq9eme6ctt\IGCC.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8838400 2016-06-07] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3138560 2023-01-11] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [219032 2023-02-22] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11327200 2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Cobian Backup 11 interface] => C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe [4407808 2013-03-07] (Luis Cobian, CobianSoft) [File not signed]
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\72.0.2.0\GoogleDriveFS.exe [52902168 2023-03-09] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\72.0.2.0\GoogleDriveFS.exe [52902168 2023-03-09] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-4216665273-3776275124-125719893-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\72.0.2.0\GoogleDriveFS.exe [52902168 2023-03-09] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-4216665273-3776275124-125719893-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\jirin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-4216665273-3776275124-125719893-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\jirin\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-4216665273-3776275124-125719893-1001\...\RunOnce: [Uninstall 23.028.0205.0002] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\jirin\AppData\Local\Microsoft\OneDrive\23.028.0205.0002" (No File)
HKU\S-1-5-21-4216665273-3776275124-125719893-1002\...\Run: [MicrosoftEdgeAutoLaunch_217ECE64B23A39A877E79428C627369D] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4243408 2023-03-02] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4216665273-3776275124-125719893-1002\...\Run: [Opera Stable] => C:\Users\Jiřina\AppData\Local\Programs\Opera\launcher.exe [2635208 2023-02-15] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-4216665273-3776275124-125719893-1002\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\72.0.2.0\GoogleDriveFS.exe [52902168 2023-03-09] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-4216665273-3776275124-125719893-1002\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [7280080 2023-02-14] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-4216665273-3776275124-125719893-1002\...\Run: [Avast Browser] => C:\Users\Jiřina\AppData\Local\AVAST Software\Browser\Update\1.8.1579.3\AvastBrowserUpdateCore.exe [507752 2023-02-22] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-4216665273-3776275124-125719893-1002\...\Run: [f.lux] => C:\Users\Jiřina\AppData\Local\FluxSoftware\Flux\flux.exe [1515848 2021-06-18] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-4216665273-3776275124-125719893-1002\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIJBE.EXE [283232 2012-02-29] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-4216665273-3776275124-125719893-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [154624 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\72.0.2.0\GoogleDriveFS.exe [52902168 2023-03-09] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKLM\...\Print\Monitors\EPSON XP-700 Series 64MonitorBE: C:\WINDOWS\system32\E_ILMJBE.DLL [120320 2011-04-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\110.0.5481.180\Installer\chrmstp.exe [2023-03-10] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {15FF5E87-898B-490F-B81C-30C9A7E4966E} - System32\Tasks\AvastUpdateTaskUserS-1-5-21-4216665273-3776275124-125719893-1002Core => C:\Users\Jiřina\AppData\Local\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-02-22] (Avast Software s.r.o. -> AVAST Software)
Task: {41DDA3C8-0BD1-45F7-A656-4E20A487CDE5} - System32\Tasks\GoogleUpdateTaskMachineUA{34046CB5-0878-441F-82D3-2BED1C4D4F8D} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-02-22] (Google LLC -> Google LLC)
Task: {4D7EE67A-4ADD-46D7-857E-13C847315009} - System32\Tasks\GoogleUpdateTaskMachineCore{26097684-3595-477D-B3AB-B738AEDD4D01} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-02-22] (Google LLC -> Google LLC)
Task: {5C006CB7-AAB8-4618-B0D3-C3E7C93354FA} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) S-1-5-21-4216665273-3776275124-125719893-1002 => C:\Users\Jiřina\AppData\Local\AVAST Software\Browser\Application\AvastBrowser.exe [3434448 2023-03-03] (Avast Software s.r.o. -> AVAST Software)
Task: {91BAD838-577E-4BC7-A492-001E4051AD8E} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4867992 2023-02-22] (Avast Software s.r.o. -> AVAST Software)
Task: {9C59DC44-3D02-46D2-BFA9-DC52A6B70177} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2023-02-22] (Dropbox, Inc -> Dropbox, Inc.)
Task: {A6916886-708B-4D61-9DAE-54CCCB3E3A91} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2295192 2023-02-22] (Avast Software s.r.o. -> Avast Software)
Task: {BC35AFEF-902D-4289-B7B9-EFC87DE713D4} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Jiřina\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2023-03-07] (ESET, spol. s r.o. -> ESET)
Task: {CDECD56C-487D-43EC-8847-2398DE7F12BF} - System32\Tasks\AvastUpdateTaskUserS-1-5-21-4216665273-3776275124-125719893-1002UA => C:\Users\Jiřina\AppData\Local\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-02-22] (Avast Software s.r.o. -> AVAST Software)
Task: {D517E2E4-D150-4FAB-A3DD-EE858FEBAEC7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1560056 2023-02-01] (Adobe Inc. -> Adobe Inc.)
Task: {DBEEB474-8628-4321-BE22-2306DAE9BB8E} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2023-02-22] (Dropbox, Inc -> Dropbox, Inc.)
Task: {DC1B1AC7-092B-48C9-9505-1FEB1E9022AA} - System32\Tasks\Meta\Messenger-WSP-Helper-S-1-5-21-4216665273-3776275124-125719893-1002 => C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1790.13.81.0_x64__8xx8rvfyw5nnt\app\MessengerHelper.exe [2157816 2023-02-25] (Facebook, Inc. -> Meta Platforms, Inc.)
Task: {DC8C9BDC-8223-490F-BC76-AF0C39396AFD} - System32\Tasks\Opera scheduled Autoupdate 1677071222 => C:\Users\Jiřina\AppData\Local\Programs\Opera\launcher.exe [2635208 2023-02-15] (Opera Norway AS -> Opera Software)
Task: {ECDDB716-8293-44B5-BC7E-FE7DBCB3F003} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Jiřina\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2023-03-07] (ESET, spol. s r.o. -> ESET)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{7bb4ccdb-8644-435d-98fc-3d0effb41184}: [DhcpNameServer] 192.168.2.1

Edge: 
=======
Edge Profile: C:\Users\jirin\AppData\Local\Microsoft\Edge\User Data\Default [2023-03-06]
Edge Extension: (Edge relevant text changes) - C:\Users\jirin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-02-23]

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2023-02-22] [not signed]
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-02-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google Inc -> Google, Inc.)
FF Plugin HKU\S-1-5-21-4216665273-3776275124-125719893-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-4216665273-3776275124-125719893-1002: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Users\Jiřina\AppData\Local\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2023-02-22] (Avast Software s.r.o. -> AVAST Software)
FF Plugin HKU\S-1-5-21-4216665273-3776275124-125719893-1002: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Users\Jiřina\AppData\Local\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2023-02-22] (Avast Software s.r.o. -> AVAST Software)

Chrome: 
=======
CHR Profile: C:\Users\jirin\AppData\Local\Google\Chrome\User Data\Default [2023-03-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\jirin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-02-22]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\jirin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-02-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\jirin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-02-22]
CHR HKU\S-1-5-21-4216665273-3776275124-125719893-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKU\S-1-5-21-4216665273-3776275124-125719893-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-02-01] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8603544 2023-02-22] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [576408 2023-02-22] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [575896 2023-02-22] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2023-02-22] (Avast Software s.r.o. -> AVAST Software)
R2 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2013-03-07] (CobianSoft, Luis Cobian) [File not signed]
R2 CobianBackup11; C:\Program Files (x86)\Cobian Backup 11\cbService.exe [1131008 2013-03-07] (Luis Cobian, CobianSoft) [File not signed]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2023-02-22] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2023-02-22] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2301.6-0\NisSrv.exe [3191256 2023-02-22] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2301.6-0\MsMpEng.exe [133576 2023-02-22] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [31392 2023-02-22] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [231800 2023-02-22] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [391264 2023-02-22] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [297848 2023-02-22] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [95928 2023-02-22] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2023-02-22] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [39600 2023-02-22] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [268448 2023-02-22] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [556080 2023-02-22] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [105216 2023-02-22] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [80392 2023-02-22] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [852016 2023-02-22] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [696016 2023-02-22] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [212632 2023-02-22] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [319016 2023-02-22] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 googledrivefs31092; C:\WINDOWS\System32\DRIVERS\googledrivefs31092.sys [384600 2023-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
S3 MDA_NTDRV; C:\WINDOWS\system32\MDA_NTDRV.sys [35712 2023-02-23] (北京铠信神州科技有限责任公司 -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49576 2023-02-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [473336 2023-02-22] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99576 2023-02-22] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Three months (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-03-10 09:03 - 2023-03-10 09:04 - 000000000 ____D C:\FRST
2023-03-09 14:31 - 2023-03-09 14:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2023-03-07 09:53 - 2023-03-07 09:53 - 000003840 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2023-03-07 09:53 - 2023-03-07 09:53 - 000003398 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2023-03-07 09:26 - 2023-03-07 09:26 - 000001574 _____ C:\Users\jirin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2023-03-07 09:26 - 2023-03-07 09:26 - 000000000 ____D C:\Users\jirin\AppData\Local\ESET
2023-03-07 09:25 - 2023-03-07 09:25 - 000001385 _____ C:\Users\Jiřina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2023-03-07 09:25 - 2023-03-07 09:25 - 000000000 ____D C:\Users\Jiřina\AppData\Local\ESET
2023-03-05 14:27 - 2023-03-05 14:27 - 000000000 ____D C:\Users\Jiřina\AppData\Local\Microsoft Help
2023-03-05 12:05 - 2023-03-05 12:05 - 000067736 _____ C:\Users\Jiřina\AppData\Local\GDIPFONTCACHEV1.DAT
2023-03-04 16:54 - 2023-03-04 16:54 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2023-02-25 20:12 - 2023-02-25 20:12 - 000000000 ____D C:\WINDOWS\system32\Tasks\Meta
2023-02-24 18:06 - 2023-02-24 18:06 - 000000000 ____D C:\Users\Jiřina\AppData\LocalLow\Temp
2023-02-23 18:10 - 2023-02-23 18:10 - 000000000 ____D C:\Users\jirin\AppData\Roaming\vlc
2023-02-23 14:43 - 2023-02-23 14:43 - 000000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2023-02-23 13:07 - 2023-02-23 13:07 - 000785920 _____ C:\WINDOWS\system32\nb-fre.exe
2023-02-23 13:07 - 2023-02-23 13:07 - 000035712 _____ C:\WINDOWS\system32\MDA_NTDRV.sys
2023-02-23 13:04 - 2023-02-23 13:04 - 009184018 _____ C:\Users\jirin\Downloads\portable_free.zip
2023-02-23 11:34 - 2023-02-24 17:08 - 000000000 ____D C:\ProgramData\EPSON
2023-02-23 11:34 - 2023-02-23 11:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2023-02-23 11:34 - 2023-02-23 11:34 - 000000000 ____D C:\Program Files\Common Files\EPSON
2023-02-23 11:34 - 2011-04-20 03:03 - 000120320 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_ILMJBE.DLL
2023-02-23 11:34 - 2011-03-15 03:03 - 000083968 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_ID4BJBE.DLL
2023-02-23 11:34 - 2007-04-10 01:06 - 000010752 _____ (SEIKO EPSON CORP.) C:\WINDOWS\system32\E_GCINST.DLL
2023-02-23 11:29 - 2023-02-23 11:29 - 000032493 _____ C:\Users\Jiřina\Downloads\contacts (1).csv
2023-02-23 11:28 - 2023-02-23 11:28 - 000035043 _____ C:\Users\Jiřina\Downloads\contacts.csv
2023-02-23 09:30 - 2023-02-23 09:30 - 000976768 _____ C:\Users\Jiřina\Downloads\NavodPortalObcana_v2.pdf
2023-02-22 19:08 - 2023-02-22 19:08 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2023-02-22 19:08 - 2023-02-22 19:08 - 000000000 ____D C:\Program Files\Reference Assemblies
2023-02-22 19:08 - 2023-02-22 19:08 - 000000000 ____D C:\Program Files\MSBuild
2023-02-22 19:08 - 2023-02-22 19:08 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2023-02-22 19:08 - 2023-02-22 19:08 - 000000000 ____D C:\Program Files (x86)\MSBuild
2023-02-22 18:32 - 2023-02-22 18:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cobian Backup 11
2023-02-22 18:30 - 2023-02-22 18:30 - 000000000 ____D C:\Users\jirin\AppData\Roaming\Opera Software
2023-02-22 17:39 - 2023-02-22 18:32 - 000000000 ____D C:\Program Files (x86)\Cobian Backup 11
2023-02-22 17:36 - 2023-02-22 17:36 - 000002167 _____ C:\Users\Jiřina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\f.lux.lnk
2023-02-22 17:36 - 2023-02-22 17:36 - 000000000 ____D C:\Users\Jiřina\AppData\Local\FluxSoftware
2023-02-22 17:10 - 2023-02-22 17:10 - 000000000 ____D C:\Users\jirin\AppData\Local\Avast Software
2023-02-22 17:03 - 2023-02-22 18:59 - 000000000 ____D C:\UTIL
2023-02-22 16:52 - 2023-02-23 14:45 - 000000000 ____D C:\Program Files (x86)\Microsoft Works
2023-02-22 16:52 - 2023-02-22 16:52 - 000000000 ____D C:\WINDOWS\PCHEALTH
2023-02-22 16:52 - 2023-02-22 16:52 - 000000000 ____D C:\Users\jirin\AppData\Roaming\com.adobe.dunamis
2023-02-22 16:52 - 2023-02-22 16:52 - 000000000 ____D C:\Users\jirin\AppData\LocalLow\Adobe
2023-02-22 16:52 - 2023-02-22 16:52 - 000000000 ____D C:\Users\jirin\AppData\Local\SolidDocuments
2023-02-22 16:52 - 2023-02-22 16:52 - 000000000 ____D C:\Users\jirin\.ms-ad
2023-02-22 16:52 - 2023-02-22 16:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2023-02-22 16:52 - 2023-02-22 16:52 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2023-02-22 16:51 - 2023-02-24 11:21 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-02-22 16:51 - 2023-02-22 16:51 - 000000000 ____D C:\WINDOWS\SHELLNEW
2023-02-22 16:51 - 2023-02-22 16:51 - 000000000 ____D C:\Users\jirin\AppData\Local\Microsoft Help
2023-02-22 16:51 - 2023-02-22 16:51 - 000000000 ____D C:\Program Files\Microsoft Office
2023-02-22 16:41 - 2023-02-22 16:41 - 000000000 ____D C:\Users\jirin\AppData\Roaming\Avast Software
2023-02-22 16:41 - 2023-02-22 16:41 - 000000000 ____D C:\Users\jirin\AppData\Local\Apps\2.0
2023-02-22 16:40 - 2023-02-22 16:40 - 000000000 ____D C:\Users\jirin\AppData\Roaming\Logitech
2023-02-22 16:40 - 2023-02-22 16:40 - 000000000 ____D C:\Users\jirin\AppData\Local\CEF
2023-02-22 16:26 - 2023-03-07 09:29 - 000000000 ____D C:\Users\Jiřina\AppData\Local\CrashDumps
2023-02-22 16:26 - 2023-03-06 18:32 - 000002706 _____ C:\Users\Jiřina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2023-02-22 16:26 - 2023-02-22 16:26 - 000004068 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) S-1-5-21-4216665273-3776275124-125719893-1002
2023-02-22 16:25 - 2023-02-22 16:25 - 000003772 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskUserS-1-5-21-4216665273-3776275124-125719893-1002UA
2023-02-22 16:25 - 2023-02-22 16:25 - 000003504 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskUserS-1-5-21-4216665273-3776275124-125719893-1002Core
2023-02-22 16:25 - 2023-02-22 16:25 - 000002094 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2023-02-22 16:25 - 2023-02-22 16:25 - 000000000 ____D C:\Users\Jiřina\AppData\Roaming\Avast Software
2023-02-22 16:25 - 2023-02-22 16:25 - 000000000 ____D C:\Users\Jiřina\AppData\Local\Avast Software
2023-02-22 16:24 - 2023-03-07 06:51 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2023-02-22 16:24 - 2023-02-27 15:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2023-02-22 16:24 - 2023-02-22 16:24 - 000288664 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2023-02-22 16:24 - 2023-02-22 16:24 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2023-02-22 16:23 - 2023-03-07 09:14 - 000000000 ____D C:\ProgramData\Avast Software
2023-02-22 16:23 - 2023-02-22 16:23 - 000000000 ____D C:\Program Files\Avast Software
2023-02-22 15:56 - 2023-03-02 19:20 - 000000000 ____D C:\Users\Jiřina\AppData\Roaming\vlc
2023-02-22 15:56 - 2023-02-22 15:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2023-02-22 15:55 - 2023-02-22 15:55 - 000000000 ____D C:\Program Files\VideoLAN
2023-02-22 15:51 - 2023-02-22 15:51 - 000000000 ____D C:\Users\Jiřina\AppData\Roaming\com.adobe.dunamis
2023-02-22 15:48 - 2023-03-10 09:03 - 000004192 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{243D5F1A-F889-41F7-9AAF-D3A1E7C59EBC}
2023-02-22 15:47 - 2023-02-22 15:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2023-02-22 15:21 - 2023-02-22 15:22 - 000000000 ___RD C:\Users\Jiřina\Dropbox
2023-02-22 15:15 - 2023-02-22 15:15 - 000002079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-02-22 15:13 - 2023-02-27 15:44 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-02-22 15:13 - 2023-02-22 15:13 - 000000000 ____D C:\Users\Jiřina\AppData\LocalLow\Adobe
2023-02-22 15:13 - 2023-02-22 15:13 - 000000000 ____D C:\Users\Jiřina\AppData\Local\SolidDocuments
2023-02-22 15:13 - 2023-02-22 15:13 - 000000000 ____D C:\Users\Jiřina\.ms-ad
2023-02-22 15:12 - 2023-02-22 15:13 - 000000000 ____D C:\ProgramData\Adobe
2023-02-22 15:12 - 2023-02-22 15:12 - 000000000 ____D C:\Program Files\Common Files\Adobe
2023-02-22 15:12 - 2023-02-22 15:12 - 000000000 ____D C:\Program Files\Adobe
2023-02-22 15:11 - 2023-02-22 15:12 - 000000000 ___HD C:\$WinREAgent
2023-02-22 15:10 - 2023-02-22 16:52 - 000000000 ____D C:\Users\jirin\AppData\Local\Adobe
2023-02-22 15:10 - 2023-02-22 15:51 - 000000000 ____D C:\Users\Jiřina\AppData\Local\Adobe
2023-02-22 15:09 - 2023-02-22 15:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer
2023-02-22 15:09 - 2023-02-22 15:09 - 000000000 ____D C:\Program Files\Tracker Software
2023-02-22 14:55 - 2023-03-09 14:31 - 000000000 ____D C:\Users\Jiřina\AppData\Roaming\DropboxElectron
2023-02-22 14:54 - 2023-03-09 14:31 - 000000000 ____D C:\Users\Jiřina\AppData\Local\Dropbox
2023-02-22 14:54 - 2023-03-09 14:31 - 000000000 ____D C:\Program Files (x86)\Dropbox
2023-02-22 14:54 - 2023-03-06 09:38 - 000000000 ____D C:\Users\jirin\AppData\Local\Dropbox
2023-02-22 14:54 - 2023-03-01 10:29 - 000000918 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2023-02-22 14:54 - 2023-03-01 10:29 - 000000914 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2023-02-22 14:54 - 2023-03-01 07:55 - 000003978 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2023-02-22 14:54 - 2023-03-01 07:55 - 000003746 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2023-02-22 14:54 - 2023-02-22 14:54 - 000000000 ____D C:\Users\jirin\AppData\Roaming\Dropbox
2023-02-22 14:54 - 2023-02-22 14:54 - 000000000 ____D C:\ProgramData\Dropbox
2023-02-22 14:45 - 2023-03-09 14:31 - 000002063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2023-02-22 14:45 - 2023-02-22 18:43 - 000000000 ____D C:\Users\jirin\AppData\Local\Google
2023-02-22 14:45 - 2023-02-22 14:45 - 000000000 ____D C:\Users\Jiřina\AppData\Local\CEF
2023-02-22 14:31 - 2023-03-09 18:55 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-02-22 14:31 - 2023-03-09 18:54 - 000000000 ____D C:\Users\Jiřina\AppData\LocalLow\Mozilla
2023-02-22 14:31 - 2023-02-22 14:31 - 000000000 ____D C:\Users\Jiřina\AppData\Roaming\Thunderbird
2023-02-22 14:31 - 2023-02-22 14:31 - 000000000 ____D C:\Users\Jiřina\AppData\Roaming\Mozilla
2023-02-22 14:31 - 2023-02-22 14:31 - 000000000 ____D C:\Users\Jiřina\AppData\Local\Thunderbird
2023-02-22 14:29 - 2023-02-22 14:29 - 000001061 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2023-02-22 14:29 - 2023-02-22 14:29 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2023-02-22 14:29 - 2023-02-22 14:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-02-22 14:22 - 2023-03-07 09:35 - 000000000 ____D C:\Users\Jiřina\AppData\Local\PasswordSafe
2023-02-22 14:20 - 2023-02-22 14:20 - 000000000 ____D C:\Users\Jiřina\AppData\Local\OneDrive
2023-02-22 14:07 - 2023-02-27 15:44 - 000003478 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1677071222
2023-02-22 14:07 - 2023-02-22 14:07 - 000001468 _____ C:\Users\Jiřina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2023-02-22 14:07 - 2023-02-22 14:07 - 000000000 ____D C:\Users\Jiřina\AppData\Local\Opera Software
2023-02-22 14:06 - 2023-02-22 14:06 - 000000000 ____D C:\Users\Jiřina\AppData\Roaming\Opera Software
2023-02-22 14:01 - 2023-02-22 14:01 - 000000000 __RHD C:\MSOCache
2023-02-22 13:43 - 2023-03-10 09:00 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-02-22 13:43 - 2023-03-10 09:00 - 000000000 ____D C:\Program Files (x86)\Google
2023-02-22 13:43 - 2023-02-27 15:44 - 000003478 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{34046CB5-0878-441F-82D3-2BED1C4D4F8D}
2023-02-22 13:43 - 2023-02-27 15:44 - 000003254 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{26097684-3595-477D-B3AB-B738AEDD4D01}
2023-02-22 13:43 - 2023-02-22 15:47 - 000000000 ____D C:\Users\Jiřina\AppData\Local\Google
2023-02-22 13:43 - 2023-02-22 14:45 - 000000000 ____D C:\Program Files\Google
2023-02-22 13:41 - 2023-02-22 16:55 - 000000000 ____D C:\Users\Jiřina\AppData\Local\GHISLER
2023-02-22 13:39 - 2023-02-22 18:30 - 000000000 ____D C:\Users\jirin\AppData\Local\GHISLER
2023-02-22 12:53 - 2023-02-22 13:39 - 000000000 ____D C:\Program Files\totalcmd
2023-02-22 12:53 - 2023-02-22 12:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Commander
2023-02-22 12:45 - 2023-02-22 12:45 - 000018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2023-02-22 12:45 - 2023-02-22 12:45 - 000000000 ____D C:\Users\jirin\AppData\Roaming\Logishrd
2023-02-22 12:45 - 2023-02-22 12:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2023-02-22 12:45 - 2023-02-22 12:45 - 000000000 ____D C:\ProgramData\Logitech
2023-02-22 12:45 - 2023-02-22 12:45 - 000000000 ____D C:\ProgramData\Logishrd
2023-02-22 12:45 - 2023-02-22 12:45 - 000000000 ____D C:\Program Files\Logitech
2023-02-22 12:45 - 2023-02-22 12:45 - 000000000 ____D C:\Program Files\Common Files\Logishrd
2023-02-22 12:44 - 2023-02-22 12:45 - 000000000 ____D C:\Users\Jiřina\AppData\Roaming\Logitech
2023-02-22 12:44 - 2023-02-22 12:44 - 000000000 ____D C:\Users\Jiřina\AppData\Roaming\Logishrd
2023-02-22 12:26 - 2023-02-22 12:26 - 000000000 ____H C:\ProgramData\DP45977C.lfl
2023-02-22 12:26 - 2023-02-22 12:26 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2023-02-22 12:26 - 2023-02-22 12:26 - 000000000 ____D C:\WINDOWS\system32\DAX2
2023-02-22 12:26 - 2023-02-22 12:26 - 000000000 ____D C:\Program Files\Realtek
2023-02-22 12:25 - 2016-06-07 05:48 - 003299824 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll
2023-02-22 12:25 - 2016-06-07 05:48 - 002190992 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2023-02-22 12:25 - 2016-06-07 05:48 - 001336544 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaeapo64.dll
2023-02-22 12:25 - 2016-06-07 05:48 - 000962056 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tosasfapo64.dll
2023-02-22 12:25 - 2016-06-07 05:48 - 000873464 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2023-02-22 12:25 - 2016-06-07 05:48 - 000582016 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaemaxapo64.dll
2023-02-22 12:25 - 2016-06-07 05:48 - 000447104 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\toseaeapo64.dll
2023-02-22 12:25 - 2016-06-07 05:48 - 000075544 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2023-02-22 12:25 - 2016-06-07 05:47 - 002706864 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2023-02-22 12:25 - 2016-06-07 05:47 - 002203752 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2023-02-22 12:25 - 2016-06-07 05:47 - 001041744 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2023-02-22 12:25 - 2016-06-07 05:47 - 000467160 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2023-02-22 12:25 - 2016-06-07 05:47 - 000381416 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2023-02-22 12:25 - 2016-06-07 05:47 - 000341160 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2023-02-22 12:25 - 2016-06-07 05:47 - 000341160 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2023-02-22 12:25 - 2016-06-07 05:47 - 000221968 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2023-02-22 12:25 - 2016-06-07 05:47 - 000209544 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2023-02-22 12:25 - 2016-06-07 05:47 - 000166208 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2023-02-22 12:25 - 2016-06-07 05:47 - 000158704 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2023-02-22 12:25 - 2016-06-07 05:46 - 003283248 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2023-02-22 12:25 - 2016-06-07 05:46 - 000965032 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2023-02-22 12:25 - 2016-06-07 05:46 - 000927424 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2023-02-22 12:25 - 2016-06-07 05:46 - 000716112 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2023-02-22 12:25 - 2016-06-07 05:46 - 000689888 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2023-02-22 12:25 - 2016-06-07 05:46 - 000589072 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.DLL
2023-02-22 12:25 - 2016-06-07 05:46 - 000450128 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2023-02-22 12:25 - 2016-06-07 05:46 - 000387320 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2023-02-22 12:25 - 2016-06-07 05:46 - 000343712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2023-02-22 12:25 - 2016-06-07 05:46 - 000214840 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2023-02-22 12:25 - 2016-06-07 05:46 - 000192992 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2023-02-22 12:25 - 2016-06-07 05:46 - 000110992 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2023-02-22 12:25 - 2016-06-07 05:46 - 000090920 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2023-02-22 12:25 - 2016-06-07 05:46 - 000088352 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2023-02-22 12:25 - 2016-06-07 05:46 - 000088328 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2023-02-22 12:25 - 2016-06-07 05:46 - 000083624 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2023-02-22 12:25 - 2016-06-07 05:45 - 006402440 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV3apo.dll
2023-02-22 12:25 - 2016-06-07 05:45 - 005593624 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOlfx.dll
2023-02-22 12:25 - 2016-06-07 05:45 - 003096248 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2023-02-22 12:25 - 2016-06-07 05:45 - 002726416 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll
2023-02-22 12:25 - 2016-06-07 05:45 - 001355616 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2023-02-22 12:25 - 2016-06-07 05:45 - 000447728 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2023-02-22 12:25 - 2016-06-07 05:45 - 000321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2023-02-22 12:25 - 2016-06-07 05:45 - 000321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2023-02-22 12:25 - 2016-06-07 05:45 - 000151792 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2023-02-22 12:25 - 2016-06-07 05:45 - 000134208 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2023-02-22 12:25 - 2016-06-07 05:45 - 000084624 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2023-02-22 12:25 - 2016-06-07 05:44 - 013122584 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO3064.dll
2023-02-22 12:25 - 2016-06-07 05:44 - 012988352 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO4064.dll
2023-02-22 12:25 - 2016-06-07 05:44 - 000923744 _____ (Sony Corporation) C:\WINDOWS\system32\MISS_APO.dll
2023-02-22 12:25 - 2016-06-07 05:44 - 000677680 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2023-02-22 12:25 - 2016-06-07 05:43 - 001334384 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxSpeechAPO64.dll
2023-02-22 12:25 - 2016-06-07 05:43 - 000999864 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO2064.dll
2023-02-22 12:25 - 2016-06-07 05:41 - 002825104 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO7064.dll
2023-02-22 12:25 - 2016-06-07 05:41 - 001422936 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO6064.dll
2023-02-22 12:25 - 2016-06-07 05:41 - 001213664 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO5064.dll
2023-02-22 12:25 - 2016-06-07 05:41 - 000678192 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2023-02-22 12:25 - 2016-06-07 05:41 - 000330568 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2023-02-22 12:25 - 2016-06-07 05:40 - 010512448 _____ (Intel Corporation) C:\WINDOWS\system32\IntelSSTAPO.dll
2023-02-22 12:25 - 2016-06-07 05:40 - 000618192 _____ (Knowles Acoustics ) C:\WINDOWS\system32\KAAPORT64.dll
2023-02-22 12:25 - 2016-06-07 05:40 - 000472312 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll
2023-02-22 12:25 - 2016-06-07 05:40 - 000366128 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\HMAPO.dll
2023-02-22 12:25 - 2016-06-07 05:40 - 000360352 _____ (Harman) C:\WINDOWS\system32\HMClariFi.dll
2023-02-22 12:25 - 2016-06-07 05:40 - 000203848 _____ (Harman) C:\WINDOWS\system32\HMHVS.dll
2023-02-22 12:25 - 2016-06-07 05:40 - 000190936 _____ (Harman) C:\WINDOWS\system32\HMEQ_Voice.dll
2023-02-22 12:25 - 2016-06-07 05:40 - 000190936 _____ (Harman) C:\WINDOWS\system32\HMEQ.dll
2023-02-22 12:25 - 2016-06-07 05:40 - 000179600 _____ (Harman) C:\WINDOWS\system32\HMLimiter.dll
2023-02-22 12:25 - 2016-06-07 05:39 - 005339560 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2023-02-22 12:25 - 2016-06-07 05:39 - 002437760 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv201.dll
2023-02-22 12:25 - 2016-06-07 05:39 - 001508936 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2023-02-22 12:25 - 2016-06-07 05:39 - 000743968 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2023-02-22 12:25 - 2016-06-07 05:39 - 000727440 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2023-02-22 12:25 - 2016-06-07 05:39 - 000708320 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2023-02-22 12:25 - 2016-06-07 05:39 - 000514528 _____ (DTS) C:\WINDOWS\system32\DTSU2PLFX64.dll
2023-02-22 12:25 - 2016-06-07 05:39 - 000504312 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2023-02-22 12:25 - 2016-06-07 05:39 - 000500560 _____ (DTS) C:\WINDOWS\system32\DTSU2PGFX64.dll
2023-02-22 12:25 - 2016-06-07 05:39 - 000445408 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2023-02-22 12:25 - 2016-06-07 05:39 - 000441272 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2023-02-22 12:25 - 2016-06-07 05:39 - 000428232 _____ (DTS) C:\WINDOWS\system32\DTSU2PREC64.dll
2023-02-22 12:25 - 2016-06-07 05:39 - 000253904 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2023-02-22 12:25 - 2016-06-07 05:39 - 000253872 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2023-02-22 12:25 - 2016-06-07 05:39 - 000252880 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2023-02-22 12:25 - 2016-06-07 05:38 - 001965816 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2023-02-22 12:25 - 2016-06-07 05:38 - 001959608 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2023-02-22 12:25 - 2016-06-07 05:38 - 001608128 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
2023-02-22 12:25 - 2016-06-07 05:38 - 000574760 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2023-02-22 12:25 - 2016-06-07 05:38 - 000362064 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2023-02-22 12:25 - 2016-06-07 05:38 - 000327464 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2023-02-22 12:25 - 2016-06-07 05:38 - 000310432 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2023-02-22 12:25 - 2016-06-07 05:38 - 000272720 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2023-02-22 12:25 - 2016-06-07 05:38 - 000118600 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2023-02-22 12:25 - 2016-06-07 05:30 - 003199744 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2023-02-22 12:25 - 2016-06-07 05:30 - 002895104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2023-02-22 12:25 - 2016-06-07 05:30 - 000023704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2023-02-22 12:25 - 2016-06-07 05:29 - 002060032 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2023-02-22 12:25 - 2016-06-07 05:28 - 014057256 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll
2023-02-22 12:25 - 2016-06-07 05:28 - 007172920 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2023-02-22 12:25 - 2016-06-07 05:28 - 001003864 _____ (Nahimic Inc) C:\WINDOWS\system32\NahimicAPONSControl.dll
2023-02-22 12:25 - 2016-06-07 05:27 - 006264640 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2023-02-22 12:25 - 2016-06-07 05:27 - 002050176 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2023-02-22 12:25 - 2016-06-07 05:27 - 001186824 _____ (Intel Corporation) C:\WINDOWS\system32\IntelSstCApoPropPage.dll
2023-02-22 12:25 - 2016-06-07 05:27 - 001061120 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2023-02-22 12:25 - 2016-06-07 05:27 - 000931624 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2023-02-22 12:25 - 2016-06-07 05:27 - 000416512 _____ (Harman) C:\WINDOWS\system32\HMUI.dll
2023-02-22 12:25 - 2016-06-07 05:27 - 000371456 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll
2023-02-22 12:25 - 2016-06-07 05:27 - 000154368 _____ (Harman) C:\WINDOWS\system32\HarmanAudioInterface.dll
2023-02-22 12:25 - 2016-06-07 05:26 - 007096192 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2023-02-22 12:25 - 2016-06-07 05:26 - 000122328 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2023-02-22 12:25 - 2016-06-07 05:26 - 000118592 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2023-02-22 12:25 - 2016-06-07 05:26 - 000105312 _____ C:\WINDOWS\system32\audioLibVc.dll
2023-02-22 12:25 - 2016-06-07 05:19 - 005776968 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV2apo.dll
2023-02-22 12:25 - 2016-06-07 05:19 - 003282544 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2023-02-22 12:25 - 2016-06-07 05:19 - 001780624 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2023-02-22 12:25 - 2016-06-07 05:19 - 001591064 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2023-02-22 12:25 - 2016-06-07 05:19 - 001435144 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2023-02-22 12:25 - 2016-06-07 05:19 - 001382240 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2023-02-22 12:25 - 2016-06-07 05:19 - 001166160 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll
2023-02-22 12:25 - 2016-06-07 05:19 - 000532384 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2023-02-22 12:25 - 2016-06-07 05:19 - 000231920 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2023-02-22 12:25 - 2016-06-07 05:16 - 005118208 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2023-02-22 12:25 - 2016-06-07 05:16 - 002110600 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2023-02-22 12:25 - 2016-06-07 05:16 - 000258864 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2023-02-22 12:16 - 2023-02-22 12:16 - 000000000 ____D C:\Users\Jiřina\AppData\Local\Comms
2023-02-22 12:14 - 2023-03-09 14:33 - 000000000 ____D C:\Users\Jiřina\AppData\Local\D3DSCache
2023-02-22 12:14 - 2023-02-25 20:11 - 000000000 ____D C:\Users\Jiřina\AppData\Local\PlaceholderTileLogoFolder
2023-02-22 12:14 - 2023-02-22 14:48 - 000000000 ___RD C:\Users\Jiřina\OneDrive
2023-02-22 12:13 - 2023-02-22 12:31 - 000000000 ____D C:\Users\Jiřina\AppData\Local\Publishers
2023-02-22 12:12 - 2023-03-07 09:13 - 000000000 __SHD C:\Users\Jiřina\IntelGraphicsProfiles
2023-02-22 12:12 - 2023-03-07 06:59 - 000000000 ____D C:\Users\Jiřina
2023-02-22 12:12 - 2023-02-25 20:11 - 000000000 ____D C:\Users\Jiřina\AppData\Local\Packages
2023-02-22 12:12 - 2023-02-22 15:32 - 000000000 ____D C:\Users\Jiřina\AppData\Local\VirtualStore
2023-02-22 12:12 - 2023-02-22 15:13 - 000000000 ____D C:\Users\Jiřina\AppData\Roaming\Adobe
2023-02-22 12:12 - 2023-02-22 12:30 - 000000000 ____D C:\Users\Jiřina\AppData\Local\ConnectedDevicesPlatform
2023-02-22 12:12 - 2023-02-22 12:12 - 000000020 ___SH C:\Users\Jiřina\ntuser.ini
2023-02-22 12:12 - 2023-02-22 12:12 - 000000000 _SHDL C:\Users\Jiřina\Šablony
2023-02-22 12:12 - 2023-02-22 12:12 - 000000000 _SHDL C:\Users\Jiřina\Soubory cookie
2023-02-22 12:12 - 2023-02-22 12:12 - 000000000 _SHDL C:\Users\Jiřina\Poslední
2023-02-22 12:12 - 2023-02-22 12:12 - 000000000 _SHDL C:\Users\Jiřina\Okolní tiskárny
2023-02-22 12:12 - 2023-02-22 12:12 - 000000000 _SHDL C:\Users\Jiřina\Okolní síť
2023-02-22 12:12 - 2023-02-22 12:12 - 000000000 _SHDL C:\Users\Jiřina\Nabídka Start
2023-02-22 12:12 - 2023-02-22 12:12 - 000000000 _SHDL C:\Users\Jiřina\Dokumenty
2023-02-22 12:12 - 2023-02-22 12:12 - 000000000 _SHDL C:\Users\Jiřina\Data aplikací
2023-02-22 12:12 - 2023-02-22 12:12 - 000000000 _SHDL C:\Users\Jiřina\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2023-02-22 12:12 - 2023-02-22 12:12 - 000000000 _SHDL C:\Users\Jiřina\AppData\Local\Data aplikací
2023-02-22 12:12 - 2023-02-22 12:12 - 000000000 ___RD C:\Users\Jiřina\3D Objects
2023-02-22 12:12 - 2023-02-22 12:12 - 000000000 ____D C:\Users\Jiřina\AppData\LocalLow\Intel
2023-02-22 11:57 - 2023-02-22 11:58 - 000004643 _____ C:\WINDOWS\diagerr.xml
2023-02-22 11:57 - 2023-02-22 11:58 - 000003813 _____ C:\WINDOWS\diagwrn.xml
2023-02-22 11:57 - 2023-02-22 11:57 - 000000000 ____D C:\Users\jirin\AppData\Local\Microsoft_Corporation
2023-02-22 11:39 - 2023-02-22 11:39 - 000000000 ____D C:\Users\jirin\AppData\Local\Comms
2023-02-22 11:34 - 2023-02-22 11:35 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-02-22 11:34 - 2023-02-22 11:34 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-02-22 11:28 - 2023-02-22 11:28 - 000000000 ____D C:\Users\jirin\AppData\Local\OneDrive
2023-02-22 11:26 - 2023-02-22 18:36 - 000000000 ____D C:\Users\jirin\AppData\Local\D3DSCache
2023-02-22 11:24 - 2023-03-06 09:38 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4216665273-3776275124-125719893-1001
2023-02-22 11:24 - 2023-03-06 09:38 - 000003358 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4216665273-3776275124-125719893-1001
2023-02-22 11:24 - 2023-02-27 16:40 - 000000000 ___RD C:\Users\jirin\OneDrive
2023-02-22 11:24 - 2023-02-22 19:06 - 000000000 ____D C:\Users\jirin\AppData\Local\PlaceholderTileLogoFolder
2023-02-22 11:24 - 2023-02-22 12:31 - 000000000 ___HD C:\OneDriveTemp
2023-02-22 11:24 - 2023-02-22 11:24 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2023-02-22 11:23 - 2023-02-22 16:52 - 000000000 ____D C:\Users\jirin\AppData\Roaming\Adobe
2023-02-22 11:23 - 2023-02-22 12:22 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-02-22 11:23 - 2023-02-22 11:39 - 000000000 ____D C:\Users\jirin\AppData\Local\Publishers
2023-02-22 11:23 - 2023-02-22 11:23 - 000000000 ___RD C:\Users\jirin\3D Objects
2023-02-22 11:23 - 2023-02-22 11:23 - 000000000 ____D C:\Users\jirin\AppData\LocalLow\Intel
2023-02-22 11:22 - 2023-03-06 09:38 - 000000000 ____D C:\Users\jirin\AppData\Local\Packages
2023-02-22 11:22 - 2023-02-22 12:21 - 000000000 ____D C:\Users\jirin\AppData\Local\ConnectedDevicesPlatform
2023-02-22 11:22 - 2023-02-22 12:04 - 000000000 __SHD C:\Users\jirin\IntelGraphicsProfiles
2023-02-22 11:22 - 2023-02-22 11:22 - 000000000 ____D C:\Users\jirin\AppData\Local\VirtualStore
2023-02-22 11:21 - 2023-03-07 09:20 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-02-22 11:21 - 2023-03-07 09:13 - 000000000 ____D C:\Intel
2023-02-22 11:21 - 2023-02-26 15:33 - 000000000 ____D C:\ProgramData\Packages
2023-02-22 11:21 - 2023-02-22 12:03 - 000000000 ____D C:\ProgramData\Intel
2023-02-22 11:21 - 2023-02-22 11:21 - 000000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2023-02-22 11:20 - 2023-03-07 06:59 - 000000000 ____D C:\Users\jirin
2023-02-22 11:20 - 2023-03-06 09:38 - 000002383 _____ C:\Users\jirin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-02-22 11:20 - 2023-02-22 11:20 - 000000020 ___SH C:\Users\jirin\ntuser.ini
2023-02-22 11:20 - 2023-02-22 11:20 - 000000000 _SHDL C:\Users\jirin\Šablony
2023-02-22 11:20 - 2023-02-22 11:20 - 000000000 _SHDL C:\Users\jirin\Soubory cookie
2023-02-22 11:20 - 2023-02-22 11:20 - 000000000 _SHDL C:\Users\jirin\Poslední
2023-02-22 11:20 - 2023-02-22 11:20 - 000000000 _SHDL C:\Users\jirin\Okolní tiskárny
2023-02-22 11:20 - 2023-02-22 11:20 - 000000000 _SHDL C:\Users\jirin\Okolní síť
2023-02-22 11:20 - 2023-02-22 11:20 - 000000000 _SHDL C:\Users\jirin\Nabídka Start
2023-02-22 11:20 - 2023-02-22 11:20 - 000000000 _SHDL C:\Users\jirin\Dokumenty
2023-02-22 11:20 - 2023-02-22 11:20 - 000000000 _SHDL C:\Users\jirin\Data aplikací
2023-02-22 11:20 - 2023-02-22 11:20 - 000000000 _SHDL C:\Users\jirin\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2023-02-22 11:20 - 2023-02-22 11:20 - 000000000 _SHDL C:\Users\jirin\AppData\Local\Data aplikací
2023-02-22 11:19 - 2022-08-16 01:00 - 000514552 _____ (Intel) C:\WINDOWS\system32\libvpl.dll
2023-02-22 11:19 - 2022-08-16 01:00 - 000455176 _____ (Intel) C:\WINDOWS\SysWOW64\libvpl.dll
2023-02-22 11:19 - 2022-08-16 00:59 - 000948464 _____ (Intel Corporation) C:\WINDOWS\system32\libmfxhw64.dll
2023-02-22 11:19 - 2022-08-16 00:59 - 000709280 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\libmfxhw32.dll
2023-02-22 11:19 - 2022-08-16 00:59 - 000594184 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll
2023-02-22 11:19 - 2022-08-16 00:59 - 000454448 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll
2023-02-22 11:19 - 2022-08-16 00:58 - 001969712 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2023-02-22 11:19 - 2022-08-16 00:58 - 001969712 _____ C:\WINDOWS\system32\vulkaninfo.exe
2023-02-22 11:19 - 2022-08-16 00:58 - 001526320 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-02-22 11:19 - 2022-08-16 00:58 - 001526320 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2023-02-22 11:19 - 2022-08-16 00:58 - 001432304 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2023-02-22 11:19 - 2022-08-16 00:58 - 001432304 _____ C:\WINDOWS\system32\vulkan-1.dll
2023-02-22 11:19 - 2022-08-16 00:58 - 001145584 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2023-02-22 11:19 - 2022-08-16 00:58 - 001145584 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2023-02-22 11:15 - 2023-02-22 11:15 - 000000000 _SHDL C:\Users\Default\Šablony
2023-02-22 11:15 - 2023-02-22 11:15 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2023-02-22 11:15 - 2023-02-22 11:15 - 000000000 _SHDL C:\Users\Default\Poslední
2023-02-22 11:15 - 2023-02-22 11:15 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2023-02-22 11:15 - 2023-02-22 11:15 - 000000000 _SHDL C:\Users\Default\Okolní síť
2023-02-22 11:15 - 2023-02-22 11:15 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2023-02-22 11:15 - 2023-02-22 11:15 - 000000000 _SHDL C:\Users\Default\Dokumenty
2023-02-22 11:15 - 2023-02-22 11:15 - 000000000 _SHDL C:\Users\Default\Data aplikací
2023-02-22 11:15 - 2023-02-22 11:15 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2023-02-22 11:15 - 2023-02-22 11:15 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2023-02-22 11:15 - 2023-02-22 11:15 - 000000000 _SHDL C:\ProgramData\Šablony
2023-02-22 11:15 - 2023-02-22 11:15 - 000000000 _SHDL C:\ProgramData\Plocha
2023-02-22 11:15 - 2023-02-22 11:15 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2023-02-22 11:15 - 2023-02-22 11:15 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2023-02-22 11:15 - 2023-02-22 11:15 - 000000000 _SHDL C:\ProgramData\Dokumenty
2023-02-22 11:15 - 2023-02-22 11:15 - 000000000 _SHDL C:\ProgramData\Data aplikací
2023-02-22 11:15 - 2023-02-22 11:15 - 000000000 _SHDL C:\Documents and Settings
2023-02-22 11:14 - 2023-03-10 09:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-02-22 11:14 - 2023-03-08 10:35 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-02-22 11:14 - 2023-03-08 10:35 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-02-22 11:14 - 2023-03-07 09:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-02-22 11:14 - 2023-03-04 20:20 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-02-22 11:14 - 2023-02-22 12:24 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-02-22 11:14 - 2023-02-22 11:14 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2023-02-22 11:14 - 2023-02-22 11:14 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2023-02-22 11:13 - 2023-03-07 09:13 - 000008192 ___SH C:\DumpStack.log.tmp
2023-02-22 11:13 - 2023-02-24 17:23 - 000000000 ____D C:\WINDOWS\Panther
2023-02-22 11:13 - 2023-02-24 11:13 - 000352448 _____ C:\WINDOWS\system32\FNTCACHE.DAT

==================== Three months (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-03-09 20:27 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-03-09 18:38 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-03-09 18:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-03-07 09:20 - 2019-12-07 15:41 - 000716764 _____ C:\WINDOWS\system32\perfh005.dat
2023-03-07 09:20 - 2019-12-07 15:41 - 000144942 _____ C:\WINDOWS\system32\perfc005.dat
2023-03-07 09:20 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-03-07 09:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-03-07 09:01 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-02-27 16:15 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-02-27 16:12 - 2022-09-08 04:06 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\telnet.exe
2023-02-27 16:12 - 2019-12-07 10:09 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\simptcp.dll
2023-02-23 14:43 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-02-23 08:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\appcompat
2023-02-22 19:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2023-02-22 19:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\MUI
2023-02-22 17:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-02-22 16:24 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-02-22 15:37 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-02-22 15:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-02-22 15:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-02-22 15:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-02-22 12:29 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-02-22 12:24 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2023-02-22 12:00 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-02-22 12:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-02-22 12:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-02-22 12:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2023-02-22 12:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2023-02-22 12:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2023-02-22 12:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-02-22 12:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-02-22 12:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-02-22 12:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-02-22 12:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-02-22 12:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-02-22 12:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2023-02-22 12:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2023-02-22 12:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2023-02-22 12:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-02-22 12:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-02-22 12:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-02-22 11:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemApps
2023-02-22 11:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2023-02-22 11:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-02-22 11:59 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-02-22 11:58 - 2019-12-07 10:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2023-02-22 11:46 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2023-02-22 11:46 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2023-02-22 11:45 - 2019-12-07 15:43 - 000000000 ____D C:\WINDOWS\OCR
2023-02-22 11:44 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2023-02-22 11:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-02-22 11:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-02-22 11:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2023-02-22 11:15 - 2019-12-07 15:42 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2023-02-22 11:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\spool
2023-02-22 11:15 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate
2023-02-22 11:15 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows NT
2023-02-22 11:14 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM

==================== SigCheckExt =========================

2023-02-23 13:07 - 2023-02-23 13:07 - 000785920 _____ C:\WINDOWS\system32\nb-fre.exe
2006-10-26 13:45 - 2006-10-26 13:45 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WISPTIS.EXE

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


==================== BCD ================================

Firmware Boot Manager
---------------------
identifier              {fwbootmgr}
displayorder            {bootmgr}
                        {745d5c10-b2a0-11ed-9936-806e6f6e6963}
                        {9e796a90-b2cd-11ed-9939-806e6f6e6963}
                        {745d5c0f-b2a0-11ed-9936-806e6f6e6963}
                        {745d5c0e-b2a0-11ed-9936-806e6f6e6963}
timeout                 1

Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=\Device\HarddiskVolume4
path                    \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI
description             Windows Boot Manager
locale                  cs-CZ
inherit                 {globalsettings}
default                 {current}
resumeobject            {d16945d9-b29f-11ed-9935-d017c28901ad}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30

Firmware Application (101fffff)
-------------------------------
identifier              {745d5c0e-b2a0-11ed-9936-806e6f6e6963}
description             CD/DVD Drive

Firmware Application (101fffff)
-------------------------------
identifier              {745d5c0f-b2a0-11ed-9936-806e6f6e6963}
description             Hard Drive

Firmware Application (101fffff)
-------------------------------
identifier              {745d5c10-b2a0-11ed-9936-806e6f6e6963}
device                  partition=\Device\HarddiskVolume4
path                    \EFI\Microsoft\Boot\bootmgfw.efi
description             UEFI: IP4 Realtek PCIe GBE Family Controller

Firmware Application (101fffff)
-------------------------------
identifier              {9e796a90-b2cd-11ed-9939-806e6f6e6963}
description             UEFI: IP6 Realtek PCIe GBE Family Controller

Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \WINDOWS\system32\winload.efi
description             Windows 10
locale                  cs-CZ
inherit                 {bootloadersettings}
recoverysequence        {d172ceb0-b29f-11ed-9935-d017c28901ad}
recoveryenabled         Yes
isolatedcontext         Yes
allowedinmemorysettings 0x15000075
osdevice                partition=C:
systemroot              \WINDOWS
resumeobject            {d16945d9-b29f-11ed-9935-d017c28901ad}
nx                      OptIn
bootmenupolicy          Standard

Windows Boot Loader
-------------------
identifier              {d172ceb0-b29f-11ed-9935-d017c28901ad}
device                  ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{d172ceb1-b29f-11ed-9935-d017c28901ad}
path                    \windows\system32\winload.efi
description             Windows Recovery Environment
locale                  cs-CZ
inherit                 {bootloadersettings}
displaymessage          Recovery
osdevice                ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{d172ceb1-b29f-11ed-9935-d017c28901ad}
systemroot              \windows
nx                      OptIn
bootmenupolicy          Standard
winpe                   Yes

Windows Boot Loader
-------------------
identifier              {d172ceb3-b29f-11ed-9935-d017c28901ad}
device                  ramdisk=[C:]\ProgramData\Avast Software\Avast\bootimescan\boottimescan.wim,{d172ceb2-b29f-11ed-9935-d017c28901ad}
path                    \windows\system32\winload.efi
description             Avast Boot-Time Scan
osdevice                ramdisk=[C:]\ProgramData\Avast Software\Avast\bootimescan\boottimescan.wim,{d172ceb2-b29f-11ed-9935-d017c28901ad}
systemroot              \windows
nx                      OptIn
detecthal               Yes
winpe                   Yes

Resume from Hibernate
---------------------
identifier              {d16945d9-b29f-11ed-9935-d017c28901ad}
device                  partition=C:
path                    \WINDOWS\system32\winresume.efi
description             Windows Resume Application
locale                  cs-CZ
inherit                 {resumeloadersettings}
recoverysequence        {d172ceb0-b29f-11ed-9935-d017c28901ad}
recoveryenabled         Yes
isolatedcontext         Yes
allowedinmemorysettings 0x15000075
filedevice              partition=C:
filepath                \hiberfil.sys
bootmenupolicy          Standard
debugoptionenabled      No

Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=\Device\HarddiskVolume4
path                    \EFI\Microsoft\Boot\memtest.efi
description             Diagnostika pamŘti syst‚mu Windows
locale                  cs-CZ
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS Settings
------------
identifier              {emssettings}
bootems                 No

Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Local

RAM Defects
-----------
identifier              {badmemory}

Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}

Device options
--------------
identifier              {d172ceb1-b29f-11ed-9935-d017c28901ad}
description             Windows Recovery
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\WindowsRE\boot.sdi

Device options
--------------
identifier              {d172ceb2-b29f-11ed-9935-d017c28901ad}
description             Avast Ramdisk options
ramdisksdidevice        partition=C:
ramdisksdipath          \ProgramData\Avast Software\Avast\bootimescan\boot.sdi

==================== End of FRST.txt ========================

ADDITION

Kód: Vybrat vše

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-03-2023
Ran by admin (10-03-2023 09:06:54)
Running from D:\Util\Antivir\FRST
Microsoft Windows 10 Home Version 22H2 19045.2673 (X64) (2023-02-22 10:15:41)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

admin (S-1-5-21-4216665273-3776275124-125719893-1001 - Administrator - Enabled) => C:\Users\jirin
Administrator (S-1-5-21-4216665273-3776275124-125719893-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4216665273-3776275124-125719893-503 - Limited - Disabled)
Guest (S-1-5-21-4216665273-3776275124-125719893-501 - Limited - Enabled)
Jiřina (S-1-5-21-4216665273-3776275124-125719893-1002 - Limited - Enabled) => C:\Users\Jiřina
WDAGUtilityAccount (S-1-5-21-4216665273-3776275124-125719893-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.003.20322 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601042}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version:  - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version:  - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version:  - Microsoft)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 23.1.6049 - Avast Software)
Cobian Backup 11 Gravity (HKLM-x32\...\CobBackup11) (Version:  - )
Dropbox (HKLM-x32\...\Dropbox) (Version: 169.4.5684 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.733.1 - Dropbox, Inc.) Hidden
f.lux (HKU\S-1-5-21-4216665273-3776275124-125719893-1002\...\Flux) (Version:  - f.lux Software LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 72.0.2.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 110.0.5481.180 - Google LLC)
Logitech SetPoint 6.90 (HKLM\...\sp6) (Version: 6.90.66 - Logitech)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 110.0.1587.63 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 110.0.1587.63 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
Microsoft Office Access MUI (Czech) 2007 (HKLM-x32\...\{90120000-0015-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Excel MUI (Czech) 2007 (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (Czech) 2007 (HKLM-x32\...\{90120000-00BA-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2007 (HKLM-x32\...\{90120000-0044-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (HKLM\...\{90120000-002A-0000-1000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2007 (HKLM-x32\...\{90120000-00A1-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2007 (HKLM-x32\...\{90120000-001A-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2007 (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Czech) 2007 (HKLM-x32\...\{90120000-001F-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2007 (HKLM-x32\...\{90120000-001F-041B-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2007 (HKLM-x32\...\{90120000-002C-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}) (Version:  - Microsoft) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}) (Version:  - Microsoft) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version:  - Microsoft) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}) (Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (Czech) 2007 (HKLM-x32\...\{90120000-0019-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2007 (HKLM\...\{90120000-002A-0405-1000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2007 (HKLM-x32\...\{90120000-006E-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2007 (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-4216665273-3776275124-125719893-1001\...\OneDriveSetup.exe) (Version: 23.033.0212.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 102.8.0 - Mozilla)
Mozilla Thunderbird (x64 cs) (HKLM\...\Mozilla Thunderbird 102.8.0 (x64 cs)) (Version: 102.8.0 - Mozilla)
Odinstalace tiskárny EPSON XP-700 Series (HKLM\...\EPSON XP-700 Series) (Version:  - SEIKO EPSON Corporation)
Opera Stable 95.0.4635.46 (HKU\S-1-5-21-4216665273-3776275124-125719893-1002\...\Opera 95.0.4635.46) (Version: 95.0.4635.46 - Opera Software)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.322.10 - Tracker Software Products Ltd)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7841 - Realtek Semiconductor Corp.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 10.52 - Ghisler Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)

Packages:
=========
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2023-03-06] (Microsoft Studios) [MS Ad]
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x64__8wekyb3d8bbwe [2023-03-01] (Microsoft Corporation)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x86__8wekyb3d8bbwe [2023-03-01] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4216665273-3776275124-125719893-1002_Classes\CLSID\{167FD956-39C3-374C-927A-1D3C47CB6663}\InprocServer32 -> C:\Users\Jiřina\AppData\Local\AVAST Software\Browser\Update\1.8.1579.3\psuser_64.dll (Avast Software s.r.o. -> AVAST Software)
CustomCLSID: HKU\S-1-5-21-4216665273-3776275124-125719893-1002_Classes\CLSID\{2E24E477-2918-49F5-A00B-7D12B16A879A}\InprocServer32 -> C:\Users\Jiřina\AppData\Local\AVAST Software\Browser\Update\1.8.1579.3\psuser_64.dll (Avast Software s.r.o. -> AVAST Software)
CustomCLSID: HKU\S-1-5-21-4216665273-3776275124-125719893-1002_Classes\CLSID\{CEA41856-DAAB-4EE7-9731-0DB1BCD5E0F4}\localserver32 -> C:\Users\Jiřina\AppData\Local\AVAST Software\Browser\Application\110.0.20395.178\notification_helper.exe (Avast Software s.r.o. -> AVAST Software)
CustomCLSID: HKU\S-1-5-21-4216665273-3776275124-125719893-1002_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => E:\Dropbox [2023-02-23 16:29]
ShellIconOverlayIdentifiers: [    GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\72.0.2.0\drivefsext.dll [2023-03-09] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\72.0.2.0\drivefsext.dll [2023-03-09] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\72.0.2.0\drivefsext.dll [2023-03-09] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\72.0.2.0\drivefsext.dll [2023-03-09] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-02-28] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-02-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-02-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\72.0.2.0\drivefsext.dll [2023-03-09] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-02-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\72.0.2.0\drivefsext.dll [2023-03-09] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\72.0.2.0\drivefsext.dll [2023-03-09] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-02-28] (Avast Software s.r.o. -> AVAST Software)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2023-03-09 18:38 - 2023-03-09 18:38 - 039165440 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4628.0_x64__8j3eq9eme6ctt\IGCC.dll
2023-02-22 18:32 - 2013-03-07 23:07 - 000009728 _____ (Luis Cobian) [File not signed] C:\Program Files (x86)\Cobian Backup 11\CobStringList.dll
2023-02-22 18:32 - 2013-03-07 23:27 - 002684928 _____ (Luis Cobian, CobianSoft) [File not signed] C:\Program Files (x86)\Cobian Backup 11\cbEngine.dll
2023-02-20 08:25 - 2016-02-15 18:19 - 000072704 _____ (SourceForge.net) [File not signed] D:\Util\Password Safe\pws_at.dll
2023-02-20 08:25 - 2016-02-15 18:26 - 000526336 _____ (SourceForge.net) [File not signed] D:\Util\Password Safe\pwsafeCZ.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2023-01-11] (Logitech Inc -> Logitech, Inc.)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2023-01-11] (Logitech Inc -> Logitech, Inc.)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4216665273-3776275124-125719893-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-4216665273-3776275124-125719893-1002\Control Panel\Desktop\\Wallpaper -> E:\FOTOALBUM PICASSA\20220319_20212311 - PRODEJ PLNICÍH PER\Unique-Colombia-website-Cabo-de-la-Vela-2-dias.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{31E4BF15-AA04-43C9-A2EF-5700B0AFDB1B}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{3A6793C5-A8BD-4044-8E66-B2B0D09F3360}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{C94D04B9-1177-4255-8DD1-67F86EE0CC61}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{DC396D6B-3E65-49FC-A490-9ED8367810AF}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{50C6FA45-596D-4C30-8026-34FC32862826}C:\users\jiřina\appdata\local\programs\opera\opera.exe] => (Block) C:\users\jiřina\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{81AFFAA1-D78E-45CF-A14E-4A39CBEAB50C}C:\users\jiřina\appdata\local\programs\opera\opera.exe] => (Block) C:\users\jiřina\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{2CB512B4-E6DD-4203-A75E-54F3B81FD8A2}C:\users\jiřina\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\jiřina\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{1A00F290-AC9B-4832-ABB6-B7588580D87B}C:\users\jiřina\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\jiřina\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{F981FA43-970E-4FBB-8F6C-1E19AE7B44E6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6C6F4FA7-51BC-4948-9A18-26893D2F6A19}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{208ABDCD-D370-482F-8F87-89DC5778AC88}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{69776334-7D34-4509-AB1E-0DC6E11C1E0A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{57866E40-C391-4613-8944-E7AF9FA6CCED}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.63\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9A695E59-3BFC-4FBA-845A-D68F54A41031}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{847DDE7B-BF90-431C-8E7C-E367F4B872E7}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

27-02-2023 16:12:13 Instalační služba modulů systému Windows
09-03-2023 15:03:51 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/09/2023 04:25:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: overseer.exe, verze: 1.0.465.0, časové razítko: 0x63b6c96b
Název chybujícího modulu: overseer.exe, verze: 1.0.465.0, časové razítko: 0x63b6c96b
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000264a5
ID chybujícího procesu: 0x19ec
Čas spuštění chybující aplikace: 0x01d9529b403a90a7
Cesta k chybující aplikaci: C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe
Cesta k chybujícímu modulu: C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe
ID zprávy: fef360c0-7696-4085-b57f-87f20e878f6e
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (03/09/2023 03:03:45 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Sklad (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/09/2023 02:31:35 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Objekt nebo vlastnost nebyly nalezeny.

Error: (03/09/2023 02:31:35 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Objekt nebo vlastnost nebyly nalezeny.

Error: (03/08/2023 07:25:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: overseer.exe, verze: 1.0.465.0, časové razítko: 0x63b6c96b
Název chybujícího modulu: overseer.exe, verze: 1.0.465.0, časové razítko: 0x63b6c96b
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000000f911
ID chybujícího procesu: 0x3968
Čas spuštění chybující aplikace: 0x01d951eb335dabe0
Cesta k chybující aplikaci: C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe
Cesta k chybujícímu modulu: C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe
ID zprávy: 4bb9e82f-d397-4e7c-a974-ecfb96fcac67
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (03/07/2023 04:25:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: overseer.exe, verze: 1.0.465.0, časové razítko: 0x63b6c96b
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.2130, časové razítko: 0xb5ced1c6
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000ff6a9
ID chybujícího procesu: 0x3684
Čas spuštění chybující aplikace: 0x01d95108ebea3e85
Cesta k chybující aplikaci: C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: f8e65818-03a0-493d-ac6b-39ccfee501d6
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (03/07/2023 09:51:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: overseer.exe, verze: 1.0.465.0, časové razítko: 0x63b6c96b
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.2130, časové razítko: 0xb5ced1c6
Kód výjimky: 0xc0000409
Posun chyby: 0x0000000000012111
ID chybujícího procesu: 0xca4
Čas spuštění chybující aplikace: 0x01d950d1ed904180
Cesta k chybující aplikaci: C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 9ad8e0b4-d418-435d-8b0d-f947bdaa28bf
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (03/07/2023 09:29:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: laclient.exe, verze: 2.0.209.0, časové razítko: 0x5dbcbadc
Název chybujícího modulu: laclient.exe, verze: 2.0.209.0, časové razítko: 0x5dbcbadc
Kód výjimky: 0xc0000409
Posun chyby: 0x0000000000104c07
ID chybujícího procesu: 0x85c
Čas spuštění chybující aplikace: 0x01d950cedf0f812c
Cesta k chybující aplikaci: C:\Program Files\Common Files\LogiShrd\LAClient\laclient.exe
Cesta k chybujícímu modulu: C:\Program Files\Common Files\LogiShrd\LAClient\laclient.exe
ID zprávy: 757dec8b-13b6-4004-8955-69e29492f1d4
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (03/07/2023 09:31:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby: 
Načtení tohoto ovladače je blokováno.

Error: (03/07/2023 09:31:46 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\jirin\AppData\Local\Temp\ehdrv.sys

Error: (03/07/2023 09:31:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby: 
Načtení tohoto ovladače je blokováno.

Error: (03/07/2023 09:31:45 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\jirin\AppData\Local\Temp\ehdrv.sys

Error: (03/07/2023 09:31:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby: 
Načtení tohoto ovladače je blokováno.

Error: (03/07/2023 09:31:45 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\jirin\AppData\Local\Temp\ehdrv.sys

Error: (03/07/2023 09:31:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby: 
Načtení tohoto ovladače je blokováno.

Error: (03/07/2023 09:31:45 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\jirin\AppData\Local\Temp\ehdrv.sys


Windows Defender:
================
Date: 2023-02-22 11:48:03
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/ProductKey&threatid=2147658877&enterprise=0
Název: HackTool:Win32/ProductKey
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_D:\Util\System - disk - register\Produktové číslo MS Windows nebo Office\ProductKey\ProduKey.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-JB0Q30G\jirin
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.383.423.0, AS: 1.383.423.0, NIS: 1.383.423.0
Verze modulu: AM: 1.1.20000.2, NIS: 1.1.20000.2

CodeIntegrity:
===============
Date: 2023-03-10 09:01:42
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2023-03-10 09:01:04
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.


==================== Memory info =========================== 

BIOS: American Megatrends Inc. 0602 01/25/2016
Motherboard: ASUSTeK COMPUTER INC. B150M-A
Processor: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz
Percentage of memory in use: 31%
Total physical RAM: 24447.88 MB
Available physical RAM: 16809.18 MB
Total Virtual: 28031.88 MB
Available Virtual: 19496.45 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:96.04 GB) (Free:26.23 GB) (Model: KINGSTON SH103S3120G) NTFS
Drive d: (Data) (Fixed) (Total:15.16 GB) (Free:9.77 GB) (Model: KINGSTON SH103S3120G) NTFS
Drive e: (Sklad) (Fixed) (Total:698.63 GB) (Free:525.87 GB) (Model: SAMSUNG HD753LJ) NTFS
Drive k: () (Fixed) (Total:0 GB) (Free:0 GB) (Model: SAMSUNG HD753LJ) 

\\?\Volume{a2392449-b7af-4320-98ad-9d46b3c8b4eb}\ (Nový svazek) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{2b0aa4e5-b29a-11ed-9935-d017c28901ad}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
\\?\Volume{b3632189-be7e-11ed-9943-d017c28901ad}\ () () (Total:0 GB) (Free:0 GB) 

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 00000001)
Partition 1: (Not Active) - (Size=698.6 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Size: 111.8 GB) (Disk ID: B95CB95C)

Partition: GPT.

==================== End of Addition.txt =======================

Re: pokus o login na router

Napsal: 10 bře 2023 10:25
od Rudy
Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: pokus o login na router

Napsal: 10 bře 2023 16:57
od JardaB

Kód: Vybrat vše

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build:    08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    03-10-2023
# Duration: 00:00:00
# OS:       Windows 10 (Build 19045.2673)
# Cleaned:  0
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1420 octets] - [10/03/2023 16:55:18]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Re: pokus o login na router

Napsal: 10 bře 2023 18:08
od Rudy
Titi je OK. Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {41DDA3C8-0BD1-45F7-A656-4E20A487CDE5} - System32\Tasks\GoogleUpdateTaskMachineUA{34046CB5-0878-441F-82D3-2BED1C4D4F8D} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-02-22] (Google LLC -> Google LLC)
Task: {4D7EE67A-4ADD-46D7-857E-13C847315009} - System32\Tasks\GoogleUpdateTaskMachineCore{26097684-3595-477D-B3AB-B738AEDD4D01} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-02-22] (Google LLC -> Google LLC)

EmptyTemp:
End
Uložte do D:\Util\Antivir\FRST jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: pokus o login na router

Napsal: 11 bře 2023 10:04
od JardaB
*** The first erroneous "no admin"

Kód: Vybrat vše

Fix result of Farbar Recovery Scan Tool (x64) Version: 05-03-2023
Ran by Jiřina (11-03-2023 09:46:41) Run:1
Running from D:\Util\Antivir\FRST
Loaded Profiles: admin & Jiřina
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {41DDA3C8-0BD1-45F7-A656-4E20A487CDE5} - System32\Tasks\GoogleUpdateTaskMachineUA{34046CB5-0878-441F-82D3-2BED1C4D4F8D} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-02-22] (Google LLC -> Google LLC)
Task: {4D7EE67A-4ADD-46D7-857E-13C847315009} - System32\Tasks\GoogleUpdateTaskMachineCore{26097684-3595-477D-B3AB-B738AEDD4D01} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-02-22] (Google LLC -> Google LLC)

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\DisableAntiSpyware => Error setting value.
HKLM\SOFTWARE\Microsoft\Windows Defender\\DisableAntiVirus => Error setting value.
HKLM\SOFTWARE\Policies\Mozilla => could not remove. Access Denied.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{41DDA3C8-0BD1-45F7-A656-4E20A487CDE5} => could not remove. Access Denied.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{41DDA3C8-0BD1-45F7-A656-4E20A487CDE5} => could not remove. Access Denied.
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA{34046CB5-0878-441F-82D3-2BED1C4D4F8D}" => not found
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA{34046CB5-0878-441F-82D3-2BED1C4D4F8D} => could not remove. Access Denied.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4D7EE67A-4ADD-46D7-857E-13C847315009} => could not remove. Access Denied.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D7EE67A-4ADD-46D7-857E-13C847315009} => could not remove. Access Denied.
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore{26097684-3595-477D-B3AB-B738AEDD4D01}" => not found
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{26097684-3595-477D-B3AB-B738AEDD4D01} => could not remove. Access Denied.

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 46181919 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 0 B
Edge => 0 B
Chrome => 25938622 B
Firefox => 0 B
Opera => 411783614 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
LocalService => 0 B
NetworkService => 0 B
jirin => 0 B
Jiřina => 1152125088 B

RecycleBin => 750945186 B
EmptyTemp: => 2.2 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 11-03-2023 09:51:10)


Result of scheduled keys to remove after reboot:

HKLM\SOFTWARE\Policies\Mozilla => could not remove. Access Denied.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{41DDA3C8-0BD1-45F7-A656-4E20A487CDE5} => could not remove. Access Denied.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{41DDA3C8-0BD1-45F7-A656-4E20A487CDE5} => could not remove. Access Denied.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA{34046CB5-0878-441F-82D3-2BED1C4D4F8D} => could not remove. Access Denied.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4D7EE67A-4ADD-46D7-857E-13C847315009} => could not remove. Access Denied.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D7EE67A-4ADD-46D7-857E-13C847315009} => could not remove. Access Denied.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{26097684-3595-477D-B3AB-B738AEDD4D01} => could not remove. Access Denied.

==== End of Fixlog 09:51:10 ====

*** Second attempt as admin

Kód: Vybrat vše

Fix result of Farbar Recovery Scan Tool (x64) Version: 05-03-2023
Ran by admin (11-03-2023 09:55:44) Run:2
Running from D:\Util\Antivir\FRST
Loaded Profiles: admin & Jiřina
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {41DDA3C8-0BD1-45F7-A656-4E20A487CDE5} - System32\Tasks\GoogleUpdateTaskMachineUA{34046CB5-0878-441F-82D3-2BED1C4D4F8D} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-02-22] (Google LLC -> Google LLC)
Task: {4D7EE67A-4ADD-46D7-857E-13C847315009} - System32\Tasks\GoogleUpdateTaskMachineCore{26097684-3595-477D-B3AB-B738AEDD4D01} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-02-22] (Google LLC -> Google LLC)

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{41DDA3C8-0BD1-45F7-A656-4E20A487CDE5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{41DDA3C8-0BD1-45F7-A656-4E20A487CDE5}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA{34046CB5-0878-441F-82D3-2BED1C4D4F8D} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA{34046CB5-0878-441F-82D3-2BED1C4D4F8D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4D7EE67A-4ADD-46D7-857E-13C847315009}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D7EE67A-4ADD-46D7-857E-13C847315009}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore{26097684-3595-477D-B3AB-B738AEDD4D01} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{26097684-3595-477D-B3AB-B738AEDD4D01}" => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 23398294 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 2291117 B
Edge => 0 B
Chrome => 260058392 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 54696 B
NetworkService => 59950 B
jirin => 326629904 B
Jiřina => 338417243 B

RecycleBin => 3278638 B
EmptyTemp: => 911.5 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 09:55:52 ====

Re: pokus o login na router

Napsal: 11 bře 2023 11:14
od Rudy
Smazáno, log by již měl být OK.

Re: pokus o login na router

Napsal: 11 bře 2023 12:10
od JardaB
Zajímalo by mne mne, zde jste indikoval nějaký konktrétní problém případně jaký (+ stručný popis)

děkuji

Re: pokus o login na router

Napsal: 11 bře 2023 12:19
od Rudy
V logu byly pouze zbytečnosti. Pokus o prolomení hesla nevyšel z tohoto PC.

Re: pokus o login na router

Napsal: 11 bře 2023 13:33
od JardaB
V LAN mám pouze vyhrazené fixní IP - dva desktopy s Windows, tiskárna, TV, Popcorn, SAT tuner, NAS Synology

Zvažoval jsem že podle použitých login je to nějaký regulerní test sítě via Avast nebo Microsoft

Tady je celý log "útoku"

Kód: Vybrat vše

Mar  6 07:17:04 Turris_JB sshd[26386]: Received disconnect from 192.168.2.104 port 53526:11:  [preauth]
Mar  6 07:17:04 Turris_JB sshd[26386]: Disconnected from 192.168.2.104 port 53526 [preauth]
Mar  6 07:17:18 Turris_JB sshd[26452]: Invalid user  from 192.168.2.104 port 53530
Mar  6 07:17:18 Turris_JB sshd[26452]: Failed none for invalid user  from 192.168.2.104 port 53530 ssh2
Mar  6 07:17:18 Turris_JB sshd[26452]: Received disconnect from 192.168.2.104 port 53530:11:  [preauth]
Mar  6 07:17:18 Turris_JB sshd[26452]: Disconnected from invalid user  192.168.2.104 port 53530 [preauth]
Mar  6 07:17:18 Turris_JB sshd[26456]: Invalid user admin from 192.168.2.104 port 53534
Mar  6 07:17:18 Turris_JB sshd[26456]: error: Could not get shadow information for NOUSER
Mar  6 07:17:18 Turris_JB sshd[26456]: Failed password for invalid user admin from 192.168.2.104 port 53534 ssh2
Mar  6 07:17:18 Turris_JB sshd[26456]: Received disconnect from 192.168.2.104 port 53534:11:  [preauth]
Mar  6 07:17:18 Turris_JB sshd[26456]: Disconnected from invalid user admin 192.168.2.104 port 53534 [preauth]
Mar  6 07:17:18 Turris_JB sshd[26458]: Connection closed by 192.168.2.104 port 53535 [preauth]
Mar  6 07:17:18 Turris_JB sshd[26460]: Failed password for root from 192.168.2.104 port 53536 ssh2
Mar  6 07:17:18 Turris_JB sshd[26460]: Received disconnect from 192.168.2.104 port 53536:11:  [preauth]
Mar  6 07:17:18 Turris_JB sshd[26460]: Disconnected from authenticating user root 192.168.2.104 port 53536 [preauth]
Mar  6 07:17:19 Turris_JB sshd[26462]: Invalid user sysadm from 192.168.2.104 port 53537
Mar  6 07:17:19 Turris_JB sshd[26462]: error: Could not get shadow information for NOUSER
Mar  6 07:17:19 Turris_JB sshd[26462]: Failed password for invalid user sysadm from 192.168.2.104 port 53537 ssh2
Mar  6 07:17:19 Turris_JB sshd[26462]: Received disconnect from 192.168.2.104 port 53537:11:  [preauth]
Mar  6 07:17:19 Turris_JB sshd[26462]: Disconnected from invalid user sysadm 192.168.2.104 port 53537 [preauth]
Mar  6 07:17:19 Turris_JB sshd[26464]: Invalid user user from 192.168.2.104 port 53538
Mar  6 07:17:19 Turris_JB sshd[26464]: error: Could not get shadow information for NOUSER
Mar  6 07:17:19 Turris_JB sshd[26464]: Failed password for invalid user user from 192.168.2.104 port 53538 ssh2
Mar  6 07:17:19 Turris_JB sshd[26464]: Received disconnect from 192.168.2.104 port 53538:11:  [preauth]
Mar  6 07:17:19 Turris_JB sshd[26464]: Disconnected from invalid user user 192.168.2.104 port 53538 [preauth]
Mar  6 07:17:19 Turris_JB sshd[26475]: Invalid user admin from 192.168.2.104 port 53539
Mar  6 07:17:19 Turris_JB sshd[26475]: error: Could not get shadow information for NOUSER
Mar  6 07:17:19 Turris_JB sshd[26475]: Failed password for invalid user admin from 192.168.2.104 port 53539 ssh2
Mar  6 07:17:19 Turris_JB sshd[26475]: Received disconnect from 192.168.2.104 port 53539:11:  [preauth]
Mar  6 07:17:19 Turris_JB sshd[26475]: Disconnected from invalid user admin 192.168.2.104 port 53539 [preauth]
Mar  6 07:17:20 Turris_JB sshd[26477]: Invalid user admin from 192.168.2.104 port 53540
Mar  6 07:17:20 Turris_JB sshd[26477]: Failed none for invalid user admin from 192.168.2.104 port 53540 ssh2
Mar  6 07:17:20 Turris_JB sshd[26477]: Received disconnect from 192.168.2.104 port 53540:11:  [preauth]
Mar  6 07:17:20 Turris_JB sshd[26477]: Disconnected from invalid user admin 192.168.2.104 port 53540 [preauth]
Mar  6 07:17:20 Turris_JB sshd[26479]: Invalid user  from 192.168.2.104 port 53541
Mar  6 07:17:20 Turris_JB sshd[26479]: error: Could not get shadow information for NOUSER
Mar  6 07:17:20 Turris_JB sshd[26479]: Failed password for invalid user  from 192.168.2.104 port 53541 ssh2
Mar  6 07:17:20 Turris_JB sshd[26479]: Received disconnect from 192.168.2.104 port 53541:11:  [preauth]
Mar  6 07:17:20 Turris_JB sshd[26479]: Disconnected from invalid user  192.168.2.104 port 53541 [preauth]
Mar  6 07:17:20 Turris_JB sshd[26481]: Connection closed by 192.168.2.104 port 53542 [preauth]
Mar  6 07:17:20 Turris_JB sshd[26483]: Invalid user admin from 192.168.2.104 port 53543
Mar  6 07:17:20 Turris_JB sshd[26483]: error: Could not get shadow information for NOUSER
Mar  6 07:17:20 Turris_JB sshd[26483]: Failed password for invalid user admin from 192.168.2.104 port 53543 ssh2
Mar  6 07:17:21 Turris_JB sshd[26483]: Received disconnect from 192.168.2.104 port 53543:11:  [preauth]
Mar  6 07:17:21 Turris_JB sshd[26483]: Disconnected from invalid user admin 192.168.2.104 port 53543 [preauth]
Mar  6 07:17:21 Turris_JB sshd[26485]: Invalid user Admin from 192.168.2.104 port 53544
Mar  6 07:17:21 Turris_JB sshd[26485]: Failed none for invalid user Admin from 192.168.2.104 port 53544 ssh2
Mar  6 07:17:21 Turris_JB sshd[26485]: Received disconnect from 192.168.2.104 port 53544:11:  [preauth]
Mar  6 07:17:21 Turris_JB sshd[26485]: Disconnected from invalid user Admin 192.168.2.104 port 53544 [preauth]
Mar  6 07:17:21 Turris_JB sshd[26487]: Failed password for root from 192.168.2.104 port 53545 ssh2
Mar  6 07:17:21 Turris_JB sshd[26487]: Received disconnect from 192.168.2.104 port 53545:11:  [preauth]
Mar  6 07:17:21 Turris_JB sshd[26487]: Disconnected from authenticating user root 192.168.2.104 port 53545 [preauth]
Mar  6 07:17:21 Turris_JB sshd[26498]: Invalid user admin from 192.168.2.104 port 53546
Mar  6 07:17:21 Turris_JB sshd[26498]: error: Could not get shadow information for NOUSER
Mar  6 07:17:21 Turris_JB sshd[26498]: Failed password for invalid user admin from 192.168.2.104 port 53546 ssh2
Mar  6 07:17:21 Turris_JB sshd[26498]: Received disconnect from 192.168.2.104 port 53546:11:  [preauth]
Mar  6 07:17:21 Turris_JB sshd[26498]: Disconnected from invalid user admin 192.168.2.104 port 53546 [preauth]
Mar  6 07:17:22 Turris_JB sshd[26500]: Invalid user guest from 192.168.2.104 port 53547
Mar  6 07:17:22 Turris_JB sshd[26500]: error: Could not get shadow information for NOUSER
Mar  6 07:17:22 Turris_JB sshd[26500]: Failed password for invalid user guest from 192.168.2.104 port 53547 ssh2
Mar  6 07:17:22 Turris_JB sshd[26500]: Received disconnect from 192.168.2.104 port 53547:11:  [preauth]
Mar  6 07:17:22 Turris_JB sshd[26500]: Disconnected from invalid user guest 192.168.2.104 port 53547 [preauth]
Mar  6 07:17:22 Turris_JB sshd[26502]: Invalid user Administrator from 192.168.2.104 port 53548
Mar  6 07:17:22 Turris_JB sshd[26502]: Failed none for invalid user Administrator from 192.168.2.104 port 53548 ssh2
Mar  6 07:17:22 Turris_JB sshd[26502]: Received disconnect from 192.168.2.104 port 53548:11:  [preauth]
Mar  6 07:17:22 Turris_JB sshd[26502]: Disconnected from invalid user Administrator 192.168.2.104 port 53548 [preauth]
Mar  6 07:17:22 Turris_JB sshd[26504]: Failed password for root from 192.168.2.104 port 53549 ssh2
Mar  6 07:17:22 Turris_JB sshd[26504]: Received disconnect from 192.168.2.104 port 53549:11:  [preauth]
Mar  6 07:17:22 Turris_JB sshd[26504]: Disconnected from authenticating user root 192.168.2.104 port 53549 [preauth]
Mar  6 07:17:23 Turris_JB sshd[26506]: Invalid user meo from 192.168.2.104 port 53550
Mar  6 07:17:23 Turris_JB sshd[26506]: error: Could not get shadow information for NOUSER
Mar  6 07:17:23 Turris_JB sshd[26506]: Failed password for invalid user meo from 192.168.2.104 port 53550 ssh2
Mar  6 07:17:23 Turris_JB sshd[26506]: Received disconnect from 192.168.2.104 port 53550:11:  [preauth]
Mar  6 07:17:23 Turris_JB sshd[26506]: Disconnected from invalid user meo 192.168.2.104 port 53550 [preauth]
Mar  6 07:17:23 Turris_JB sshd[26508]: Invalid user Admin from 192.168.2.104 port 53551
Mar  6 07:17:23 Turris_JB sshd[26508]: error: Could not get shadow information for NOUSER
Mar  6 07:17:23 Turris_JB sshd[26508]: Failed password for invalid user Admin from 192.168.2.104 port 53551 ssh2
Mar  6 07:17:23 Turris_JB sshd[26508]: Received disconnect from 192.168.2.104 port 53551:11:  [preauth]
Mar  6 07:17:23 Turris_JB sshd[26508]: Disconnected from invalid user Admin 192.168.2.104 port 53551 [preauth]
Mar  6 07:17:23 Turris_JB sshd[26510]: Invalid user admin from 192.168.2.104 port 53552
Mar  6 07:17:23 Turris_JB sshd[26510]: error: Could not get shadow information for NOUSER
Mar  6 07:17:23 Turris_JB sshd[26510]: Failed password for invalid user admin from 192.168.2.104 port 53552 ssh2
Mar  6 07:17:23 Turris_JB sshd[26510]: Received disconnect from 192.168.2.104 port 53552:11:  [preauth]
Mar  6 07:17:23 Turris_JB sshd[26510]: Disconnected from invalid user admin 192.168.2.104 port 53552 [preauth]
Mar  6 07:17:23 Turris_JB haas-proxy-start[5519]: 2023-03-06T08:17:23 CRITICAL twisted 'channel open failed, direct-tcpip is not allowed'
Mar  6 07:17:23 Turris_JB haas-proxy-start[5519]: 2023-03-06T08:17:23 CRITICAL twisted 'channel open failed, direct-tcpip is not allowed'
Mar  6 07:17:23 Turris_JB sshd[26521]: Invalid user ubnt from 192.168.2.104 port 53553
Mar  6 07:17:23 Turris_JB sshd[26521]: error: Could not get shadow information for NOUSER
Mar  6 07:17:24 Turris_JB sshd[26521]: Failed password for invalid user ubnt from 192.168.2.104 port 53553 ssh2
Mar  6 07:17:24 Turris_JB sshd[26521]: Received disconnect from 192.168.2.104 port 53553:11:  [preauth]
Mar  6 07:17:24 Turris_JB sshd[26521]: Disconnected from invalid user ubnt 192.168.2.104 port 53553 [preauth]
Mar  6 07:17:24 Turris_JB sshd[26523]: Failed password for root from 192.168.2.104 port 53554 ssh2
Mar  6 07:17:24 Turris_JB sshd[26523]: Received disconnect from 192.168.2.104 port 53554:11:  [preauth]
Mar  6 07:17:24 Turris_JB sshd[26523]: Disconnected from authenticating user root 192.168.2.104 port 53554 [preauth]
Mar  6 07:17:24 Turris_JB sshd[26525]: Invalid user admin from 192.168.2.104 port 53555
Mar  6 07:17:24 Turris_JB sshd[26525]: error: Could not get shadow information for NOUSER
Mar  6 07:17:24 Turris_JB sshd[26525]: Failed password for invalid user admin from 192.168.2.104 port 53555 ssh2
Mar  6 07:17:24 Turris_JB sshd[26525]: Received disconnect from 192.168.2.104 port 53555:11:  [preauth]
Mar  6 07:17:24 Turris_JB sshd[26525]: Disconnected from invalid user admin 192.168.2.104 port 53555 [preauth]
Mar  6 07:17:24 Turris_JB sshd[26527]: Invalid user vodafone from 192.168.2.104 port 53556
Mar  6 07:17:24 Turris_JB sshd[26527]: error: Could not get shadow information for NOUSER
Mar  6 07:17:24 Turris_JB sshd[26527]: Failed password for invalid user vodafone from 192.168.2.104 port 53556 ssh2
Mar  6 07:17:25 Turris_JB sshd[26527]: Received disconnect from 192.168.2.104 port 53556:11:  [preauth]
Mar  6 07:17:25 Turris_JB sshd[26527]: Disconnected from invalid user vodafone 192.168.2.104 port 53556 [preauth]
Mar  6 07:17:25 Turris_JB sshd[26529]: Invalid user admin from 192.168.2.104 port 53557
Mar  6 07:17:25 Turris_JB sshd[26529]: error: Could not get shadow information for NOUSER
Mar  6 07:17:25 Turris_JB sshd[26529]: Failed password for invalid user admin from 192.168.2.104 port 53557 ssh2
Mar  6 07:17:25 Turris_JB sshd[26529]: Received disconnect from 192.168.2.104 port 53557:11:  [preauth]
Mar  6 07:17:25 Turris_JB sshd[26529]: Disconnected from invalid user admin 192.168.2.104 port 53557 [preauth]
Mar  6 07:17:25 Turris_JB sshd[26531]: Invalid user Administrator from 192.168.2.104 port 53558
Mar  6 07:17:25 Turris_JB sshd[26531]: error: Could not get shadow information for NOUSER
Mar  6 07:17:25 Turris_JB sshd[26531]: Failed password for invalid user Administrator from 192.168.2.104 port 53558 ssh2
Mar  6 07:17:25 Turris_JB sshd[26531]: Received disconnect from 192.168.2.104 port 53558:11:  [preauth]
Mar  6 07:17:25 Turris_JB sshd[26531]: Disconnected from invalid user Administrator 192.168.2.104 port 53558 [preauth]
Mar  6 07:17:25 Turris_JB sshd[26542]: Failed password for root from 192.168.2.104 port 53559 ssh2
Mar  6 07:17:25 Turris_JB sshd[26542]: Received disconnect from 192.168.2.104 port 53559:11:  [preauth]
Mar  6 07:17:25 Turris_JB sshd[26542]: Disconnected from authenticating user root 192.168.2.104 port 53559 [preauth]
Mar  6 07:17:26 Turris_JB sshd[26544]: Invalid user Admin from 192.168.2.104 port 53560
Mar  6 07:17:26 Turris_JB sshd[26544]: error: Could not get shadow information for NOUSER
Mar  6 07:17:26 Turris_JB sshd[26544]: Failed password for invalid user Admin from 192.168.2.104 port 53560 ssh2
Mar  6 07:17:26 Turris_JB sshd[26544]: Received disconnect from 192.168.2.104 port 53560:11:  [preauth]
Mar  6 07:17:26 Turris_JB sshd[26544]: Disconnected from invalid user Admin 192.168.2.104 port 53560 [preauth]
Mar  6 07:17:26 Turris_JB sshd[26546]: Invalid user admim from 192.168.2.104 port 53561
Mar  6 07:17:26 Turris_JB sshd[26546]: error: Could not get shadow information for NOUSER
Mar  6 07:17:26 Turris_JB sshd[26546]: Failed password for invalid user admim from 192.168.2.104 port 53561 ssh2
Mar  6 07:17:26 Turris_JB sshd[26546]: Received disconnect from 192.168.2.104 port 53561:11:  [preauth]
Mar  6 07:17:26 Turris_JB sshd[26546]: Disconnected from invalid user admim 192.168.2.104 port 53561 [preauth]
Mar  6 07:17:26 Turris_JB sshd[26548]: Invalid user webadmin from 192.168.2.104 port 53562
Mar  6 07:17:26 Turris_JB sshd[26548]: error: Could not get shadow information for NOUSER
Mar  6 07:17:26 Turris_JB sshd[26548]: Failed password for invalid user webadmin from 192.168.2.104 port 53562 ssh2
Mar  6 07:17:26 Turris_JB sshd[26548]: Received disconnect from 192.168.2.104 port 53562:11:  [preauth]
Mar  6 07:17:26 Turris_JB sshd[26548]: Disconnected from invalid user webadmin 192.168.2.104 port 53562 [preauth]
Mar  6 07:17:27 Turris_JB sshd[26550]: Invalid user tech from 192.168.2.104 port 53563
Mar  6 07:17:27 Turris_JB sshd[26550]: error: Could not get shadow information for NOUSER
Mar  6 07:17:27 Turris_JB sshd[26550]: Failed password for invalid user tech from 192.168.2.104 port 53563 ssh2
Mar  6 07:17:27 Turris_JB sshd[26550]: Received disconnect from 192.168.2.104 port 53563:11:  [preauth]
Mar  6 07:17:27 Turris_JB sshd[26550]: Disconnected from invalid user tech 192.168.2.104 port 53563 [preauth]
Mar  6 07:17:27 Turris_JB sshd[26552]: Invalid user administrator from 192.168.2.104 port 53564
Mar  6 07:17:27 Turris_JB sshd[26552]: error: Could not get shadow information for NOUSER
Mar  6 07:17:27 Turris_JB sshd[26552]: Failed password for invalid user administrator from 192.168.2.104 port 53564 ssh2
Mar  6 07:17:27 Turris_JB sshd[26552]: Received disconnect from 192.168.2.104 port 53564:11:  [preauth]
Mar  6 07:17:27 Turris_JB sshd[26552]: Disconnected from invalid user administrator 192.168.2.104 port 53564 [preauth]
Mar  6 07:17:27 Turris_JB sshd[26563]: Invalid user manager from 192.168.2.104 port 53566
Mar  6 07:17:27 Turris_JB sshd[26563]: error: Could not get shadow information for NOUSER
Mar  6 07:17:27 Turris_JB sshd[26563]: Failed password for invalid user manager from 192.168.2.104 port 53566 ssh2
Mar  6 07:17:27 Turris_JB sshd[26563]: Received disconnect from 192.168.2.104 port 53566:11:  [preauth]
Mar  6 07:17:27 Turris_JB sshd[26563]: Disconnected from invalid user manager 192.168.2.104 port 53566 [preauth]
Mar  6 07:17:28 Turris_JB sshd[26565]: Received disconnect from 192.168.2.104 port 53567:11:  [preauth]
Mar  6 07:17:28 Turris_JB sshd[26565]: Disconnected from authenticating user root 192.168.2.104 port 53567 [preauth]
Mar  6 07:17:28 Turris_JB sshd[26567]: Invalid user sysadmin from 192.168.2.104 port 53568
Mar  6 07:17:28 Turris_JB sshd[26567]: error: Could not get shadow information for NOUSER
Mar  6 07:17:28 Turris_JB sshd[26567]: Failed password for invalid user sysadmin from 192.168.2.104 port 53568 ssh2
Mar  6 07:17:28 Turris_JB sshd[26567]: Received disconnect from 192.168.2.104 port 53568:11:  [preauth]
Mar  6 07:17:28 Turris_JB sshd[26567]: Disconnected from invalid user sysadmin 192.168.2.104 port 53568 [preauth]
Mar  6 07:17:28 Turris_JB sshd[26569]: Invalid user login from 192.168.2.104 port 53569
Mar  6 07:17:28 Turris_JB sshd[26569]: error: Could not get shadow information for NOUSER
Mar  6 07:17:28 Turris_JB sshd[26569]: Failed password for invalid user login from 192.168.2.104 port 53569 ssh2
Mar  6 07:17:28 Turris_JB sshd[26569]: Received disconnect from 192.168.2.104 port 53569:11:  [preauth]
Mar  6 07:17:28 Turris_JB sshd[26569]: Disconnected from invalid user login 192.168.2.104 port 53569 [preauth]
Mar  6 07:17:28 Turris_JB sshd[26571]: Invalid user guest from 192.168.2.104 port 53570
Mar  6 07:17:28 Turris_JB sshd[26571]: error: Could not get shadow information for NOUSER
Mar  6 07:17:28 Turris_JB sshd[26571]: Failed password for invalid user guest from 192.168.2.104 port 53570 ssh2
Mar  6 07:17:29 Turris_JB sshd[26571]: Received disconnect from 192.168.2.104 port 53570:11:  [preauth]
Mar  6 07:17:29 Turris_JB sshd[26571]: Disconnected from invalid user guest 192.168.2.104 port 53570 [preauth]
Mar  6 07:17:29 Turris_JB sshd[26573]: Invalid user admin2 from 192.168.2.104 port 53571
Mar  6 07:17:29 Turris_JB sshd[26573]: error: Could not get shadow information for NOUSER
Mar  6 07:17:29 Turris_JB sshd[26573]: Failed password for invalid user admin2 from 192.168.2.104 port 53571 ssh2
Mar  6 07:17:29 Turris_JB sshd[26573]: Received disconnect from 192.168.2.104 port 53571:11:  [preauth]
Mar  6 07:17:29 Turris_JB sshd[26573]: Disconnected from invalid user admin2 192.168.2.104 port 53571 [preauth]
Mar  6 07:17:29 Turris_JB sshd[26575]: Invalid user user from 192.168.2.104 port 53572
Mar  6 07:17:29 Turris_JB sshd[26575]: error: Could not get shadow information for NOUSER
Mar  6 07:17:29 Turris_JB sshd[26575]: Failed password for invalid user user from 192.168.2.104 port 53572 ssh2
Mar  6 07:17:29 Turris_JB sshd[26575]: Received disconnect from 192.168.2.104 port 53572:11:  [preauth]
Mar  6 07:17:29 Turris_JB sshd[26575]: Disconnected from invalid user user 192.168.2.104 port 53572 [preauth].
Mar  6 07:17:29 Turris_JB sshd[26586]: Failed password for root from 192.168.2.104 port 53573 ssh2
Mar  6 07:17:29 Turris_JB sshd[26586]: Received disconnect from 192.168.2.104 port 53573:11:  [preauth]
Mar  6 07:17:29 Turris_JB sshd[26586]: Disconnected from authenticating user root 192.168.2.104 port 53573 [preauth]
Mar  6 07:17:30 Turris_JB sshd[26588]: Failed password for root from 192.168.2.104 port 53574 ssh2
Mar  6 07:17:30 Turris_JB sshd[26588]: Received disconnect from 192.168.2.104 port 53574:11:  [preauth]
Mar  6 07:17:30 Turris_JB sshd[26588]: Disconnected from authenticating user root 192.168.2.104 port 53574 [preauth]
Mar  6 07:17:30 Turris_JB sshd[26590]: Failed password for root from 192.168.2.104 port 53575 ssh2
Mar  6 07:17:30 Turris_JB sshd[26590]: Received disconnect from 192.168.2.104 port 53575:11:  [preauth]
Mar  6 07:17:30 Turris_JB sshd[26590]: Disconnected from authenticating user root 192.168.2.104 port 53575 [preauth]
Mar  6 07:17:30 Turris_JB sshd[26592]: Invalid user support from 192.168.2.104 port 53576
Mar  6 07:17:30 Turris_JB sshd[26592]: error: Could not get shadow information for NOUSER
Mar  6 07:17:30 Turris_JB sshd[26592]: Failed password for invalid user support from 192.168.2.104 port 53576 ssh2
Mar  6 07:17:30 Turris_JB sshd[26592]: Received disconnect from 192.168.2.104 port 53576:11:  [preauth]
Mar  6 07:17:30 Turris_JB sshd[26592]: Disconnected from invalid user support 192.168.2.104 port 53576 [preauth]
Mar  6 07:17:31 Turris_JB sshd[26594]: Failed password for root from 192.168.2.104 port 53577 ssh2
Mar  6 07:17:31 Turris_JB sshd[26594]: Received disconnect from 192.168.2.104 port 53577:11:  [preauth]
Mar  6 07:17:31 Turris_JB sshd[26594]: Disconnected from authenticating user root 192.168.2.104 port 53577 [preauth]
Mar  6 07:17:31 Turris_JB sshd[26596]: Failed password for root from 192.168.2.104 port 53578 ssh2
Mar  6 07:17:31 Turris_JB sshd[26596]: Received disconnect from 192.168.2.104 port 53578:11:  [preauth]
Mar  6 07:17:31 Turris_JB sshd[26596]: Disconnected from authenticating user root 192.168.2.104 port 53578 [preauth]
Mar  6 07:17:31 Turris_JB sshd[26598]: Invalid user admin from 192.168.2.104 port 53579
Mar  6 07:17:31 Turris_JB sshd[26598]: error: Could not get shadow information for NOUSER
Mar  6 07:17:31 Turris_JB sshd[26598]: Failed password for invalid user admin from 192.168.2.104 port 53579 ssh2
Mar  6 07:17:31 Turris_JB sshd[26598]: Received disconnect from 192.168.2.104 port 53579:11:  [preauth]
Mar  6 07:17:31 Turris_JB sshd[26598]: Disconnected from invalid user admin 192.168.2.104 port 53579 [preauth]
Mar  6 07:17:31 Turris_JB sshd[26609]: Invalid user admin from 192.168.2.104 port 53580
Mar  6 07:17:31 Turris_JB sshd[26609]: error: Could not get shadow information for NOUSER
Mar  6 07:17:31 Turris_JB sshd[26609]: Failed password for invalid user admin from 192.168.2.104 port 53580 ssh2
Mar  6 07:17:31 Turris_JB sshd[26609]: Received disconnect from 192.168.2.104 port 53580:11:  [preauth]
Mar  6 07:17:31 Turris_JB sshd[26609]: Disconnected from invalid user admin 192.168.2.104 port 53580 [preauth]
Mar  6 07:17:32 Turris_JB sshd[26611]: Failed password for root from 192.168.2.104 port 53581 ssh2
Mar  6 07:17:32 Turris_JB sshd[26611]: Received disconnect from 192.168.2.104 port 53581:11:  [preauth]
Mar  6 07:17:32 Turris_JB sshd[26611]: Disconnected from authenticating user root 192.168.2.104 port 53581 [preauth]
Mar  6 07:17:32 Turris_JB sshd[26613]: Connection closed by 192.168.2.104 port 53582 [preauth]
Mar  6 07:17:32 Turris_JB sshd[26615]: Invalid user admin from 192.168.2.104 port 53583
Mar  6 07:17:32 Turris_JB sshd[26615]: error: Could not get shadow information for NOUSER
Mar  6 07:17:32 Turris_JB sshd[26615]: Failed password for invalid user admin from 192.168.2.104 port 53583 ssh2
Mar  6 07:17:32 Turris_JB sshd[26615]: Received disconnect from 192.168.2.104 port 53583:11:  [preauth]
Mar  6 07:17:32 Turris_JB sshd[26615]: Disconnected from invalid user admin 192.168.2.104 port 53583 [preauth]
Mar  6 07:17:32 Turris_JB sshd[26617]: Invalid user enablediag from 192.168.2.104 port 53584
Mar  6 07:17:32 Turris_JB sshd[26617]: error: Could not get shadow information for NOUSER
Mar  6 07:17:33 Turris_JB sshd[26617]: Failed password for invalid user enablediag from 192.168.2.104 port 53584 ssh2
Mar  6 07:17:33 Turris_JB sshd[26617]: Received disconnect from 192.168.2.104 port 53584:11:  [preauth]
Mar  6 07:17:33 Turris_JB sshd[26617]: Disconnected from invalid user enablediag 192.168.2.104 port 53584 [preauth]
Mar  6 07:17:33 Turris_JB sshd[26619]: Invalid user  from 192.168.2.104 port 53585
Mar  6 07:17:33 Turris_JB sshd[26619]: error: Could not get shadow information for NOUSER
Mar  6 07:17:33 Turris_JB sshd[26619]: Failed password for invalid user  from 192.168.2.104 port 53585 ssh2
Mar  6 07:17:33 Turris_JB sshd[26619]: Received disconnect from 192.168.2.104 port 53585:11:  [preauth]
Mar  6 07:17:33 Turris_JB sshd[26619]: Disconnected from invalid user  192.168.2.104 port 53585 [preauth]
Mar  6 07:17:33 Turris_JB sshd[26621]: Invalid user HPSupport from 192.168.2.104 port 53586
Mar  6 07:17:33 Turris_JB sshd[26621]: error: Could not get shadow information for NOUSER
Mar  6 07:17:33 Turris_JB sshd[26621]: Failed password for invalid user HPSupport from 192.168.2.104 port 53586 ssh2
Mar  6 07:17:33 Turris_JB sshd[26621]: Received disconnect from 192.168.2.104 port 53586:11:  [preauth]
Mar  6 07:17:33 Turris_JB sshd[26621]: Disconnected from invalid user HPSupport 192.168.2.104 port 53586 [preauth]
Mar  6 07:17:33 Turris_JB sshd[26632]: Failed password for root from 192.168.2.104 port 53587 ssh2
Mar  6 07:17:33 Turris_JB sshd[26632]: Received disconnect from 192.168.2.104 port 53587:11:  [preauth]
Mar  6 07:17:33 Turris_JB sshd[26632]: Disconnected from authenticating user root 192.168.2.104 port 53587 [preauth]
Mar  6 07:17:34 Turris_JB sshd[26634]: Failed password for root from 192.168.2.104 port 53588 ssh2
Mar  6 07:17:34 Turris_JB sshd[26634]: Received disconnect from 192.168.2.104 port 53588:11:  [preauth]
Mar  6 07:17:34 Turris_JB sshd[26634]: Disconnected from authenticating user root 192.168.2.104 port 53588 [preauth]
Mar  6 07:17:34 Turris_JB sshd[26636]: Failed password for root from 192.168.2.104 port 53589 ssh2
Mar  6 07:17:34 Turris_JB sshd[26636]: Received disconnect from 192.168.2.104 port 53589:11:  [preauth]
Mar  6 07:17:34 Turris_JB sshd[26636]: Disconnected from authenticating user root 192.168.2.104 port 53589 [preauth]
Mar  6 07:17:34 Turris_JB sshd[26638]: Invalid user  from 192.168.2.104 port 53590
Mar  6 07:17:34 Turris_JB sshd[26638]: error: Could not get shadow information for NOUSER
Mar  6 07:17:34 Turris_JB sshd[26638]: Failed password for invalid user  from 192.168.2.104 port 53590 ssh2
Mar  6 07:17:34 Turris_JB sshd[26638]: Received disconnect from 192.168.2.104 port 53590:11:  [preauth]
Mar  6 07:17:34 Turris_JB sshd[26638]: Disconnected from invalid user  192.168.2.104 port 53590 [preauth]
Mar  6 07:17:34 Turris_JB sshd[26640]: Invalid user  from 192.168.2.104 port 53591
Mar  6 07:17:34 Turris_JB sshd[26640]: error: Could not get shadow information for NOUSER
Mar  6 07:17:34 Turris_JB sshd[26640]: Failed password for invalid user  from 192.168.2.104 port 53591 ssh2
Mar  6 07:17:34 Turris_JB sshd[26640]: Received disconnect from 192.168.2.104 port 53591:11:  [preauth]
Mar  6 07:17:34 Turris_JB sshd[26640]: Disconnected from invalid user  192.168.2.104 port 53591 [preauth]
Mar  6 07:17:35 Turris_JB sshd[26642]: Failed password for root from 192.168.2.104 port 53592 ssh2
Mar  6 07:17:35 Turris_JB sshd[26642]: Received disconnect from 192.168.2.104 port 53592:11:  [preauth]
Mar  6 07:17:35 Turris_JB sshd[26642]: Disconnected from authenticating user root 192.168.2.104 port 53592 [preauth]
Mar  6 07:17:35 Turris_JB sshd[26644]: Invalid user  from 192.168.2.104 port 53593
Mar  6 07:17:35 Turris_JB sshd[26644]: error: Could not get shadow information for NOUSER
Mar  6 07:17:35 Turris_JB sshd[26644]: Failed password for invalid user  from 192.168.2.104 port 53593 ssh2
Mar  6 07:17:35 Turris_JB sshd[26644]: Received disconnect from 192.168.2.104 port 53593:11:  [preauth]
Mar  6 07:17:35 Turris_JB sshd[26644]: Disconnected from invalid user  192.168.2.104 port 53593 [preauth]
Mar  6 07:17:35 Turris_JB sshd[26646]: Invalid user admin from 192.168.2.104 port 53594
Mar  6 07:17:35 Turris_JB sshd[26646]: error: Could not get shadow information for NOUSER
Mar  6 07:17:35 Turris_JB sshd[26646]: Failed password for invalid user admin from 192.168.2.104 port 53594 ssh2
Mar  6 07:17:35 Turris_JB sshd[26646]: Received disconnect from 192.168.2.104 port 53594:11:  [preauth]
Mar  6 07:17:35 Turris_JB sshd[26646]: Disconnected from invalid user admin 192.168.2.104 port 53594 [preauth]
Mar  6 07:17:36 Turris_JB sshd[26657]: Failed password for root from 192.168.2.104 port 53595 ssh2
Mar  6 07:17:36 Turris_JB sshd[26657]: Received disconnect from 192.168.2.104 port 53595:11:  [preauth]
Mar  6 07:17:36 Turris_JB sshd[26657]: Disconnected from authenticating user root 192.168.2.104 port 53595 [preauth]
Mar  6 07:17:36 Turris_JB sshd[26659]: Invalid user login from 192.168.2.104 port 53596
Mar  6 07:17:36 Turris_JB sshd[26659]: error: Could not get shadow information for NOUSER
Mar  6 07:17:36 Turris_JB sshd[26659]: Failed password for invalid user login from 192.168.2.104 port 53596 ssh2
Mar  6 07:17:36 Turris_JB sshd[26659]: Received disconnect from 192.168.2.104 port 53596:11:  [preauth]
Mar  6 07:17:36 Turris_JB sshd[26659]: Disconnected from invalid user login 192.168.2.104 port 53596 [preauth]
Mar  6 07:17:36 Turris_JB sshd[26661]: Invalid user  from 192.168.2.104 port 53597
Mar  6 07:17:36 Turris_JB sshd[26661]: error: Could not get shadow information for NOUSER
Mar  6 07:17:36 Turris_JB sshd[26661]: Failed password for invalid user  from 192.168.2.104 port 53597 ssh2
Mar  6 07:17:36 Turris_JB sshd[26661]: Received disconnect from 192.168.2.104 port 53597:11:  [preauth]
Mar  6 07:17:36 Turris_JB sshd[26661]: Disconnected from invalid user  192.168.2.104 port 53597 [preauth]
Mar  6 07:17:36 Turris_JB sshd[26663]: Invalid user  from 192.168.2.104 port 53598
Mar  6 07:17:36 Turris_JB sshd[26663]: error: Could not get shadow information for NOUSER
Mar  6 07:17:37 Turris_JB sshd[26663]: Failed password for invalid user  from 192.168.2.104 port 53598 ssh2
Mar  6 07:17:37 Turris_JB sshd[26663]: Received disconnect from 192.168.2.104 port 53598:11:  [preauth]
Mar  6 07:17:37 Turris_JB sshd[26663]: Disconnected from invalid user  192.168.2.104 port 53598 [preauth]
Mar  6 07:17:37 Turris_JB sshd[26665]: Invalid user admin from 192.168.2.104 port 53599
Mar  6 07:17:37 Turris_JB sshd[26665]: error: Could not get shadow information for NOUSER
Mar  6 07:17:37 Turris_JB sshd[26665]: Failed password for invalid user admin from 192.168.2.104 port 53599 ssh2
Mar  6 07:17:37 Turris_JB sshd[26665]: Received disconnect from 192.168.2.104 port 53599:11:  [preauth]
Mar  6 07:17:37 Turris_JB sshd[26665]: Disconnected from invalid user admin 192.168.2.104 port 53599 [preauth]
Mar  6 07:17:37 Turris_JB sshd[26667]: Invalid user guest from 192.168.2.104 port 53600
Mar  6 07:17:37 Turris_JB sshd[26667]: error: Could not get shadow information for NOUSER
Mar  6 07:17:37 Turris_JB sshd[26667]: Failed password for invalid user guest from 192.168.2.104 port 53600 ssh2
Mar  6 07:17:37 Turris_JB sshd[26667]: Received disconnect from 192.168.2.104 port 53600:11:  [preauth]
Mar  6 07:17:37 Turris_JB sshd[26667]: Disconnected from invalid user guest 192.168.2.104 port 53600 [preauth]
Mar  6 07:17:37 Turris_JB sshd[26678]: Failed password for root from 192.168.2.104 port 53601 ssh2
Mar  6 07:17:37 Turris_JB sshd[26678]: Received disconnect from 192.168.2.104 port 53601:11:  [preauth]
Mar  6 07:17:37 Turris_JB sshd[26678]: Disconnected from authenticating user root 192.168.2.104 port 53601 [preauth]
Mar  6 07:17:38 Turris_JB sshd[26680]: Invalid user admin from 192.168.2.104 port 53602
Mar  6 07:17:38 Turris_JB sshd[26680]: error: Could not get shadow information for NOUSER
Mar  6 07:17:38 Turris_JB sshd[26680]: Failed password for invalid user admin from 192.168.2.104 port 53602 ssh2
Mar  6 07:17:38 Turris_JB sshd[26680]: Received disconnect from 192.168.2.104 port 53602:11:  [preauth]
Mar  6 07:17:38 Turris_JB sshd[26680]: Disconnected from invalid user admin 192.168.2.104 port 53602 [preauth]
Mar  6 07:17:38 Turris_JB sshd[26682]: Failed password for root from 192.168.2.104 port 53603 ssh2
Mar  6 07:17:38 Turris_JB sshd[26682]: Received disconnect from 192.168.2.104 port 53603:11:  [preauth]
Mar  6 07:17:38 Turris_JB sshd[26682]: Disconnected from authenticating user root 192.168.2.104 port 53603 [preauth]
Mar  6 07:17:38 Turris_JB sshd[26684]: Invalid user admin from 192.168.2.104 port 53604
Mar  6 07:17:38 Turris_JB sshd[26684]: error: Could not get shadow information for NOUSER
Mar  6 07:17:38 Turris_JB sshd[26684]: Failed password for invalid user admin from 192.168.2.104 port 53604 ssh2
Mar  6 07:17:38 Turris_JB sshd[26684]: Received disconnect from 192.168.2.104 port 53604:11:  [preauth]
Mar  6 07:17:38 Turris_JB sshd[26684]: Disconnected from invalid user admin 192.168.2.104 port 53604 [preauth]
Mar  6 07:17:39 Turris_JB sshd[26686]: Invalid user admin from 192.168.2.104 port 53605
Mar  6 07:17:39 Turris_JB sshd[26686]: error: Could not get shadow information for NOUSER
Mar  6 07:17:39 Turris_JB sshd[26686]: Failed password for invalid user admin from 192.168.2.104 port 53605 ssh2
Mar  6 07:17:39 Turris_JB sshd[26686]: Received disconnect from 192.168.2.104 port 53605:11:  [preauth]
Mar  6 07:17:39 Turris_JB sshd[26686]: Disconnected from invalid user admin 192.168.2.104 port 53605 [preauth]
Mar  6 07:17:39 Turris_JB sshd[26688]: Invalid user admin from 192.168.2.104 port 53606
Mar  6 07:17:39 Turris_JB sshd[26688]: error: Could not get shadow information for NOUSER
Mar  6 07:17:39 Turris_JB sshd[26688]: Failed password for invalid user admin from 192.168.2.104 port 53606 ssh2
Mar  6 07:17:39 Turris_JB sshd[26688]: Received disconnect from 192.168.2.104 port 53606:11:  [preauth]
Mar  6 07:17:39 Turris_JB sshd[26688]: Disconnected from invalid user admin 192.168.2.104 port 53606 [preauth]
Mar  6 07:17:39 Turris_JB sshd[26690]: Failed password for root from 192.168.2.104 port 53608 ssh2
Mar  6 07:17:39 Turris_JB sshd[26690]: Received disconnect from 192.168.2.104 port 53608:11:  [preauth]
Mar  6 07:17:39 Turris_JB sshd[26690]: Disconnected from authenticating user root 192.168.2.104 port 53608 [preauth]
Mar  6 07:17:40 Turris_JB sshd[26701]: Invalid user tech from 192.168.2.104 port 53610
Mar  6 07:17:40 Turris_JB sshd[26701]: error: Could not get shadow information for NOUSER
Mar  6 07:17:40 Turris_JB sshd[26701]: Failed password for invalid user tech from 192.168.2.104 port 53610 ssh2
Mar  6 07:17:40 Turris_JB sshd[26701]: Received disconnect from 192.168.2.104 port 53610:11:  [preauth]
Mar  6 07:17:40 Turris_JB sshd[26701]: Disconnected from invalid user tech 192.168.2.104 port 53610 [preauth]
Mar  6 07:17:40 Turris_JB sshd[26703]: Invalid user webadmin from 192.168.2.104 port 53613
Mar  6 07:17:40 Turris_JB sshd[26703]: error: Could not get shadow information for NOUSER
Mar  6 07:17:40 Turris_JB sshd[26703]: Failed password for invalid user webadmin from 192.168.2.104 port 53613 ssh2
Mar  6 07:17:40 Turris_JB sshd[26703]: Received disconnect from 192.168.2.104 port 53613:11:  [preauth]
Mar  6 07:17:40 Turris_JB sshd[26703]: Disconnected from invalid user webadmin 192.168.2.104 port 53613 [preauth]
Přikládám pro jistotu logy druhého desktopu 192.168.2.120 Lenovo Windows 11

FRST

Kód: Vybrat vše

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-03-2023
Ran by admin (administrator) on LENOVO (LENOVO 11YU001RCK) (11-03-2023 12:51:51)
Running from D:\Util\Antivir\FRST
Loaded Profiles: admin & buchtik
Platform: Microsoft Windows 11 Pro Version 22H2 22621.1344 (X64) Language: Angličtina (Spojené státy) -> Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <6>
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(LenovoBoostAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(LenovoBoostSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(SmartDisplayAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logi_crashpad_handler.exe <2>
(C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_appbroker.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.5900.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.63\msedgewebview2.exe <6>
(C:\Users\admin\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\admin\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe
(C:\Users\buchtik\AppData\Local\Programs\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\buchtik\AppData\Local\Programs\Opera\96.0.4693.50\opera_crashreporter.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(cmd.exe ->) (Lenovo (Beijing) Limited -> Lenovo Group Limited) C:\Users\buchtik\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
(DriverStore\FileRepository\ipf_cpu.inf_amd64_552f6da0f811dc67\ipf_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_552f6da0f811dc67\ipf_helper.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <7>
(explorer.exe ->) (Bitvise Limited -> Bitvise Limited) C:\Program Files (x86)\Bitvise SSH Client\BvSsh.exe
(explorer.exe ->) (F.lux Software LLC -> f.lux Software LLC) C:\Users\buchtik\AppData\Local\FluxSoftware\Flux\flux.exe
(explorer.exe ->) (Ghisler Software GmbH -> Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE
(explorer.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe <3>
(explorer.exe ->) (Open Source Developer, Ron Shapiro -> Rony Shapiro) D:\Util\Password Safe\pwsafe.exe
(explorer.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\Epson Software\Download Navigator\EPSDNMON.EXE
(explorer.exe ->) (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIJBE.EXE
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelManagementandSecurityStatus_2219.3.0.0_x64__8j3eq9eme6ctt\PrivacyIconClientGui\PrivacyIconClient.exe
(Lenovo -> Lenovo Group Ltd.) C:\ProgramData\Lenovo\Vantage\Addins\LenovoBatteryGaugeAddin\1.0.0.62\x64\QSHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Opera Norway AS -> Opera Software) C:\Users\buchtik\AppData\Local\Programs\Opera\opera.exe <19>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (CobianSoft, Luis Cobian) [File not signed] C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dtt_sw.inf_amd64_92455b7686ca5a0e\ipfsvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c3bfb56a1230fdfd\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_6058730ce1946468\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_552f6da0f811dc67\ipf_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_9949412f65718dfe\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_670360bdb5a40a0d\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_93f91a5aeb02f2b0\Intel_PIE_Service.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_d7062aaa5ea58bcd\AS\IAS\IntelAudioService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\System32\drivers\Lenovo\udc\Service\UDClientService.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe
(services.exe ->) (Luis Cobian, CobianSoft) [File not signed] C:\Program Files (x86)\Cobian Backup 11\cbService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_9.74.15001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_9.74.15001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\Sgrm\SgrmBroker.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvle.inf_amd64_7119698042c67814\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_1e9988599adb3e80\RtkAudUService64.exe <2>
(services.exe ->) (SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(services.exe ->) (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(services.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\admin\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe
(sihost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2302.1001.13.0_x64__8wekyb3d8bbwe\XboxAppServices.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4628.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23012.167.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.5900.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_1e9988599adb3e80\RtkAudUService64.exe [1622896 2022-11-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [219032 2023-02-14] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11327200 2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [Cobian Backup 11 interface] => C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe [4407808 2013-03-07] (Luis Cobian, CobianSoft) [File not signed]
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1125630280-1235911553-1431502420-1001\...\Run: [LenovoVantageToolbar] => C:\ProgramData\Lenovo\Vantage\Addins\LenovoBatteryGaugeAddin\1.0.0.62\x64\QSHelper.exe [108832 2023-01-04] (Lenovo -> Lenovo Group Ltd.)
HKU\S-1-5-21-1125630280-1235911553-1431502420-1001\...\Run: [LenovoVantage] => C:\ProgramData\Lenovo\Vantage\Addins\LenovoCompanionAppAddin\1.0.0.20\LenovoVantage.exe (No File)
HKU\S-1-5-21-1125630280-1235911553-1431502420-1001\...\Run: [CS Dispatch] => C:\Users\admin\AppData\Roaming\OTi\MacKMLink1579\FunctModules\{92EEDB7D-755A-4a90-A79D-C0BD0ACF1A7F}\SmartData.exe [627096 2022-04-07] (Ours Technology Inc. -> Lenovo)
HKU\S-1-5-21-1125630280-1235911553-1431502420-1001\...\Run: [EPSDNMON] => C:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNMON.EXE [350032 2022-07-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-1125630280-1235911553-1431502420-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31298328 2022-11-03] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-1125630280-1235911553-1431502420-1001\...\Run: [MicrosoftEdgeAutoLaunch_29EBC4579851B72EE312C449CF839B1A] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4242384 2023-03-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1125630280-1235911553-1431502420-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-1125630280-1235911553-1431502420-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\admin\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-1125630280-1235911553-1431502420-1001\...\RunOnce: [Uninstall 23.038.0219.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\admin\AppData\Local\Microsoft\OneDrive\23.038.0219.0001" (No File)
HKU\S-1-5-21-1125630280-1235911553-1431502420-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [180224 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1125630280-1235911553-1431502420-1004\...\Run: [LenovoVantageToolbar] => C:\ProgramData\Lenovo\Vantage\Addins\LenovoBatteryGaugeAddin\1.0.0.62\x64\QSHelper.exe [108832 2023-01-04] (Lenovo -> Lenovo Group Ltd.)
HKU\S-1-5-21-1125630280-1235911553-1431502420-1004\...\Run: [Opera Stable] => C:\Users\buchtik\AppData\Local\Programs\Opera\launcher.exe [2701216 2023-03-08] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-1125630280-1235911553-1431502420-1004\...\Run: [EPSDNMON] => C:\Program Files (x86)\Epson Software\Download Navigator\EPSDNMON.EXE [350032 2022-07-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-1125630280-1235911553-1431502420-1004\...\Run: [f.lux] => C:\Users\buchtik\AppData\Local\FluxSoftware\Flux\flux.exe [1515848 2021-06-18] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-1125630280-1235911553-1431502420-1004\...\Run: [LenovoVantage] => C:\ProgramData\Lenovo\Vantage\Addins\LenovoCompanionAppAddin\1.0.0.23\LenovoVantage.exe [22816 2023-02-02] (Lenovo -> Lenovo Group Ltd.)
HKU\S-1-5-21-1125630280-1235911553-1431502420-1004\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIJBE.EXE [283232 2012-02-29] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1125630280-1235911553-1431502420-1004\...\Run: [MicrosoftEdgeAutoLaunch_B091FC71F8FC7C8A0DB84B81365E5C72] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4242384 2023-03-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1125630280-1235911553-1431502420-1004\...\Run: [Opera Browser Assistant] => C:\Users\buchtik\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4140448 2023-03-08] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-1125630280-1235911553-1431502420-1004\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [180224 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKLM\...\Print\Monitors\EPSON XP-600 Series 64MonitorBE: C:\Windows\system32\E_ILMJCE.DLL [187392 2018-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\EPSON XP-700 Series 64MonitorBE: C:\Windows\system32\E_ILMJBE.DLL [187392 2018-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\Windows\system32\enppmon.dll [558592 2012-11-12] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\110.0.5481.180\Installer\chrmstp.exe [2023-03-10] (Google LLC -> Google LLC)
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2023-01-16]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (No File)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04E0EBA0-56C0-40B4-898A-7048C5CA2F60} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {0600DD45-FAF2-4131-A006-0B17509B9F78} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\sc.exe start InventorySvc
Task: {11F96C6B-1F65-4C7E-B579-811B93A673FE} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [4475136 2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
Task: {17C2E889-287F-4C23-8BDE-FE24796FF506} - System32\Tasks\GoogleUpdateTaskMachineCore{9E03EF5D-B963-418B-8E6B-9CFD01C1F082} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-01-19] (Google LLC -> Google LLC)
Task: {1D637029-A0BB-4871-9F9F-FFE71F05C97B} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5000600 2023-03-09] (Avast Software s.r.o. -> AVAST Software)
Task: {1FF49959-B7FA-4ECD-A03C-9E35AA08F856} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {22FB654B-2B83-4C15-B4A9-903E11C5B79E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2295192 2023-01-30] (Avast Software s.r.o. -> Avast Software)
Task: {232D716A-2DD9-4C14-88F8-655E08589897} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {2504001A-788A-4B20-9DEB-9E8E5E990A33} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {273DE949-8584-4BFB-B52A-884A137E0553} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1900320 2023-01-19] (Lenovo -> )
Task: {2AF286CB-A474-4D1D-B623-2CEE4F7A3D3D} - System32\Tasks\{39D3B75E-4DCA-4C6E-BE9E-E3532104CBDC} => c:\program files (x86)\microsoft\edge\application\msedge.exe [4242384 2023-03-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {2E3E31B3-5F81-40D7-9FEA-C7A8A9D52FCE} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [74952 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {37F1D6AC-4E28-45B4-82CC-1BE6111232A0} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {5C9D35CA-EDDD-4FD4-8376-3D5707739DE7} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1125630280-1235911553-1431502420-1004 => C:\Users\buchtik\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [89096 2022-10-19] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {7113131D-8B71-480C-ACE3-27292B8B9578} - System32\Tasks\Opera scheduled Autoupdate 1674237221 => C:\Users\buchtik\AppData\Local\Programs\Opera\launcher.exe [2701216 2023-03-08] (Opera Norway AS -> Opera Software)
Task: {71D5609A-218F-4B7D-99D2-B629726BA22E} - System32\Tasks\Lenovo\UDC\Lenovo UDC Monitor => C:\WINDOWS\system32\drivers\lenovo\udc\data\InfBackup\UdcInfInstaller.exe [186568 2022-11-17] (Lenovo -> Lenovo Group Ltd.)
Task: {72F5B3A9-5EAA-4730-88D7-E38B57FF893A} - System32\Tasks\Calliope_Keyboard => C:\Program Files (x86)\Lenovo\Calliope_Keyboard\Calliope_Keyboard.exe [6385880 2021-06-28] (LITE-ON TECHNOLOGY CORP. -> Lenovo Inc.)
Task: {7822A875-E415-463C-BB23-80506409EDB8} - System32\Tasks\Meta\Messenger-WSP-Helper-S-1-5-21-1125630280-1235911553-1431502420-1004 => MessengerHelper.exe --lassie (No File)
Task: {787B6CDF-FE21-4C58-ADAD-B7385BCCEC73} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [29464 2022-11-03] (Garmin International, Inc. -> )
Task: {82AC48AF-F8D9-4800-A142-07671069D2B4} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {858C9559-BB71-4E68-ABC3-A1C4D47A4D41} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2023-01-24] (Dropbox, Inc -> Dropbox, Inc.)
Task: {8A4C405B-48B2-4AB5-AC3C-B7EE127AB733} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\4a98dca2-b65b-48a9-b1bf-a5f414fd5527 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {905000E2-45FE-4068-BC01-2BAD804FFF92} - System32\Tasks\Opera scheduled assistant Autoupdate 1674237222 => C:\Users\buchtik\AppData\Local\Programs\Opera\launcher.exe [2701216 2023-03-08] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\buchtik\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {9C38D444-B5B1-4408-9000-BC5BA2417FAB} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {9DEFDEF2-FAB6-4EEB-9C95-A8B6ED817A57} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {AEA6CD8A-3416-4F75-8554-F1C95F7FFC5C} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {BE162818-776D-4935-A6EA-BA4DCC32A57B} - System32\Tasks\Core Temp Autostart admin => D:\Util\System - disk - register\Core Temp\Core Temp.exe [1040648 2022-12-04] (ALCPU -> ALCPU)
Task: {C5E02E36-DB1E-4A21-91D3-21839022F76F} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1900320 2023-01-19] (Lenovo -> )
Task: {CDDCBC64-92D3-4CA1-8011-96A652D03C8B} - System32\Tasks\Lenovo\UDC\Lenovo UDC Idle Monitor => C:\windows\system32\drivers\Lenovo\udc\Service\UDCUserAgent.exe [90832 2022-11-17] (Lenovo -> Lenovo Group Ltd.)
Task: {D0F9C3A5-950B-468D-A993-09B0116D2AEF} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {DAF0F523-3791-4DB2-93E3-0CE9942CF165} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\fe2ba933-f89c-486c-9a89-944e29a82ec3 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File)
Task: {E1951287-52BB-44A7-94CB-7F9112CAA69D} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\2827eb7f-7a82-4cc5-88a0-3980f10441e2 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {EEF0892E-8128-42B8-B00E-A0D7F2EB013A} - System32\Tasks\GoogleUpdateTaskMachineUA{0BA58ECC-9EFA-4C2A-B728-12D36FC165E5} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-01-19] (Google LLC -> Google LLC)
Task: {EF056C72-B04E-46EE-B208-5A5846FD1C7D} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2023-01-24] (Dropbox, Inc -> Dropbox, Inc.)
Task: {FE842F28-55AF-4653-BDEF-3024C1BA012D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1560056 2023-02-01] (Adobe Inc. -> Adobe Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe-CheckUpdate(Tracker Software Products (Canada) Ltd.Kee

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{1aba08f1-0c6f-4255-98d2-316440024f50}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{a62e5130-27de-4a21-bbc7-a338bcb83af9}: [DhcpNameServer] 192.168.2.1

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default [2023-03-10]
Edge Notifications: Default -> hxxps://www.facebook.com
Edge HKU\S-1-5-21-1125630280-1235911553-1431502420-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [kagpabjoboikccfdghpdlaaopmgpgfdc]
Edge HKU\S-1-5-21-1125630280-1235911553-1431502420-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [njjljiblognghfjfpcdpdbpbfcmhgafg]
Edge HKU\S-1-5-21-1125630280-1235911553-1431502420-1004\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [kagpabjoboikccfdghpdlaaopmgpgfdc]

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => not found
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-02-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google Inc -> Google, Inc.)
FF Plugin HKU\S-1-5-21-1125630280-1235911553-1431502420-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)

Chrome: 
=======
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default [2023-03-10]
CHR Notifications: Default -> hxxps://filmora.wondershare.net
CHR Extension: (Dokumenty Google offline) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-03-10]
CHR Extension: (Microsoft Power Automate (Zastaralé)) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjgfobnenmnljakmhboildkafdkicala [2023-02-07]
CHR Extension: (Microsoft Power Automate) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljglajjnnkapghbckkcmodicjhacbfhk [2023-02-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-01-24]
CHR HKU\S-1-5-21-1125630280-1235911553-1431502420-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gjgfobnenmnljakmhboildkafdkicala]
CHR HKU\S-1-5-21-1125630280-1235911553-1431502420-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ljglajjnnkapghbckkcmodicjhacbfhk]
CHR HKU\S-1-5-21-1125630280-1235911553-1431502420-1004\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ljglajjnnkapghbckkcmodicjhacbfhk]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-02-01] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8603544 2023-02-14] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [576408 2023-02-14] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [575896 2023-02-14] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2023-01-16] (Avast Software s.r.o. -> AVAST Software)
R2 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2013-03-07] (CobianSoft, Luis Cobian) [File not signed]
R2 CobianBackup11; C:\Program Files (x86)\Cobian Backup 11\cbService.exe [1131008 2013-03-07] (Luis Cobian, CobianSoft) [File not signed]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2023-01-24] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2023-01-24] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
R2 dptftcs; C:\WINDOWS\System32\DriverStore\FileRepository\dtt_sw.inf_amd64_92455b7686ca5a0e\ipfsvc.exe [543376 2021-11-11] (Intel Corporation -> Intel Corporation)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2011-12-12] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
S2 Intel(R) Platform License Manager Service; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_45efd8a6478e15ce\lib\PlatformLicenseManagerService.exe [746984 2022-07-29] (Intel Corporation -> Intel(R) Corporation)
R2 IntelAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_d7062aaa5ea58bcd\\AS\\IAS\\IntelAudioService.exe [532024 ] (Intel Corporation -> Intel)
S3 InventorySvc; C:\WINDOWS\system32\inventorysvc.dll [304480 2023-01-16] (Microsoft Windows -> Microsoft Corporation)
R2 ipfsvc; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_552f6da0f811dc67\ipf_uf.exe [2423456 2021-11-12] (Intel Corporation -> Intel Corporation)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\\3.13.43.0\LenovoVantageService.exe [32464 ] (Lenovo -> Lenovo Group Ltd.)
R2 NativePushService; C:\Users\admin\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe [755600 2022-09-17] (Wondershare Technology Group Co.,Ltd -> Wondershare)
R2 OptionsPlusUpdaterService; C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe [17870592 2023-02-28] (Logitech Inc -> Logitech, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [252176 2023-03-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SgrmBroker; C:\WINDOWS\system32\Sgrm\SgrmBroker.exe [414632 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TextInputManagementService; C:\WINDOWS\System32\TabSvc.dll [266240 2023-03-01] (Microsoft Windows -> Microsoft Corporation)
R2 UDCService; C:\WINDOWS\system32\DRIVERS\Lenovo\udc\Service\UDClientService.exe [72912 2022-11-17] (Lenovo -> Lenovo Group Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2023-01-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2023-01-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 wuauserv; C:\WINDOWS\system32\wuauserv.dll [140376 2023-03-01] (Microsoft Windows -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvle.inf_amd64_7119698042c67814\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvle.inf_amd64_7119698042c67814\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AcxHdAudio; C:\WINDOWS\System32\drivers\AcxHdAudio.sys [565248 2023-03-01] (Microsoft Windows -> Microsoft Corporation)
R3 ALSysIO; C:\Users\admin\AppData\Local\Temp\ALSysIO64.sys [43528 2023-03-10] (Microsoft Windows Hardware Compatibility Publisher -> Arthur Liberman) <==== ATTENTION
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [31424 2023-03-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [231808 2023-03-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [391856 2023-03-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [297880 2023-03-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [95960 2023-03-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2023-01-16] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [39648 2023-03-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [268480 2023-03-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [557136 2023-03-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [105248 2023-03-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [80416 2023-03-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [941928 2023-03-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [699624 2023-03-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [212632 2023-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [319056 2023-03-09] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 bfs; C:\WINDOWS\system32\drivers\bfs.sys [91480 2023-01-16] (Microsoft Windows -> Microsoft Corporation)
R3 e1dexpress; C:\WINDOWS\System32\DriverStore\FileRepository\e1d.inf_amd64_f3c6513565231a23\e1d.sys [609456 2022-11-14] (Intel Corporation -> Intel Corporation)
S3 esihdrv; C:\Users\admin\AppData\Local\Temp\esihdrv.sys [205464 2023-02-28] (ESET, spol. s r.o. -> ESET) <==== ATTENTION
S0 GenPass; C:\WINDOWS\System32\DriverStore\FileRepository\genpass.inf_amd64_bef88a423225ecdc\genpass.sys [62800 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R3 ipf_acpi; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_acpi.inf_amd64_1f763f598e10c9b8\ipf_acpi.sys [85664 2021-11-12] (Intel Corporation -> Intel Corporation)
R3 ipf_cpu; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_552f6da0f811dc67\ipf_cpu.sys [79520 2021-11-12] (Intel Corporation -> Intel Corporation)
R3 ipf_lf; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_552f6da0f811dc67\ipf_lf.sys [425616 2021-11-12] (Intel Corporation -> Intel Corporation)
S3 LenovoBoost; C:\WINDOWS\system32\DRIVERS\vanboost.sys [47888 2022-12-22] (Lenovo -> Lenovo Group Ltd.)
S0 pvscsi; C:\WINDOWS\System32\drivers\pvscsii.sys [45408 2022-05-07] (Microsoft Windows -> VMware, Inc.)
S3 RoutePolicy; C:\WINDOWS\System32\drivers\RoutePolicy.sys [98304 2022-05-07] (Microsoft Windows -> )
R3 vddbus; C:\WINDOWS\System32\drivers\mcvddbus.sys [40216 2022-03-06] (MAGIC CONTROL TECHNOLOGY CORPORATION -> Magic Control Technology Corp.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49568 2023-01-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [473376 2023-01-16] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99616 2023-01-16] (Microsoft Windows -> Microsoft Corporation)
R3 WiManHu; C:\WINDOWS\System32\DriverStore\FileRepository\wiman.inf_amd64_367f6ef053419fd6\WiManHu\WiManHu.sys [212040 2022-09-13] (Intel Corporation -> Intel Corporation)
S3 WinFsp; C:\WINDOWS\system32\drivers\BvWinFsp.sys [172744 2023-01-29] (NAVIMATICS LLC -> Navimatics LLC)
R2 wtd; C:\WINDOWS\System32\drivers\wtd.sys [118784 2023-03-01] (Microsoft Windows -> Microsoft Corporation)
S3 敌牃摵㐶; C:\SWTOOLS\FLASH\M40JY3EUSA\LeCrud64.sys [18664 2021-06-30] (LENOVO -> ) [File not signed]
S0 RapportKE64; System32\Drivers\RapportKE64.sys [X]
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Three months (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-03-11 12:29 - 2023-03-11 12:29 - 000000000 ___HD C:\avast! sandbox
2023-03-10 16:49 - 2023-03-10 16:49 - 000000000 ____D C:\AdwCleaner
2023-03-10 15:40 - 2023-03-10 15:40 - 000000758 _____ C:\Users\admin\Desktop\www_d.lnk
2023-03-10 10:31 - 2023-03-10 10:31 - 000727230 _____ C:\WINDOWS\system32\perfh005.dat
2023-03-10 10:31 - 2023-03-10 10:31 - 000151482 _____ C:\WINDOWS\system32\perfc005.dat
2023-03-10 08:49 - 2023-03-10 08:49 - 000000000 ____D C:\rsit
2023-03-10 08:49 - 2023-03-10 08:49 - 000000000 ____D C:\Program Files\trend micro
2023-03-10 08:45 - 2023-03-11 12:51 - 000000000 ____D C:\FRST
2023-03-09 15:11 - 2023-03-09 15:11 - 000308120 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2023-03-08 09:29 - 2023-03-08 09:29 - 000000000 ____D C:\Users\buchtik\.swt
2023-03-08 07:22 - 2023-03-08 07:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2023-03-04 16:54 - 2023-03-04 16:54 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2023-03-04 12:16 - 2023-03-08 20:24 - 000000191 _____ C:\Users\admin\AppData\Local\Support.ini
2023-03-04 12:16 - 2023-03-08 20:19 - 000000000 ____D C:\Users\admin\AppData\Local\AvastSupport
2023-03-02 20:09 - 2023-03-02 20:10 - 000000690 _____ C:\Users\admin\Desktop\Total Commander 64 bit.lnk
2023-03-01 20:08 - 2023-03-01 20:09 - 000000000 ___HD C:\$WinREAgent
2023-02-28 18:51 - 2023-02-28 18:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2023-02-28 18:51 - 2023-02-28 18:51 - 000000000 ____D C:\Program Files\LogiOptionsPlus
2023-02-27 19:30 - 2023-02-27 19:30 - 000000000 ____D C:\Users\admin\AppData\Local\Logishrd
2023-02-26 12:51 - 2023-02-26 12:52 - 000031599 _____ C:\Users\admin\Documents\cpuz.cvf
2023-02-25 11:02 - 2023-02-25 11:02 - 000000000 ____D C:\WINDOWS\system32\Tasks\Meta
2023-02-22 10:15 - 2023-03-01 20:31 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2023-02-21 18:25 - 2023-03-08 17:13 - 000002530 _____ C:\WINDOWS\system32\Tasks\{39D3B75E-4DCA-4C6E-BE9E-E3532104CBDC}
2023-02-20 14:54 - 2023-02-20 14:54 - 000000000 ___HD C:\$Windows.~WS
2023-02-19 13:41 - 2023-02-20 15:42 - 000000000 ____D C:\ESD
2023-02-19 13:32 - 2023-02-19 13:32 - 000000000 ____D C:\$WINDOWS.~BT
2023-02-17 16:28 - 2023-02-17 16:28 - 000000000 ____D C:\Users\buchtik\AppData\Local\Trusteer
2023-02-17 16:27 - 2023-02-17 16:54 - 000000000 ____D C:\ProgramData\Trusteer
2023-02-15 20:59 - 2022-10-18 16:11 - 005100608 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\Netwtw10.sys
2023-02-15 20:59 - 2022-10-18 16:11 - 001470576 _____ (Intel Corporation) C:\WINDOWS\system32\IntelIHVRouter10.dll
2023-02-15 18:01 - 2023-02-15 18:01 - 000000000 ____D C:\Users\buchtik\AppData\Local\FirmwareUpdateTool
2023-02-13 19:47 - 2023-02-13 19:47 - 000093360 _____ C:\Users\buchtik\AppData\Local\GDIPFONTCACHEV1.DAT
2023-02-13 11:29 - 2023-02-13 11:29 - 000000000 ____D C:\Users\admin\AppData\Local\OneDrive
2023-02-13 09:38 - 2023-02-13 09:38 - 000000000 ____D C:\Users\buchtik\AppData\LocalLow\Temp
2023-02-12 21:49 - 2023-02-12 21:49 - 000000000 ____D C:\Users\buchtik\Games
2023-02-12 21:48 - 2023-02-12 21:48 - 000000000 ____D C:\Program Files (x86)\AOE URL Helper
2023-02-12 20:30 - 2023-02-12 20:30 - 000000000 ____D C:\Users\buchtik\AppData\Local\INetHistory
2023-02-12 20:08 - 2023-02-25 10:20 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2023-02-12 20:08 - 2023-02-12 20:08 - 000000028 ____H C:\.GamingRoot
2023-02-12 20:08 - 2023-02-12 20:08 - 000000000 ____D C:\XboxGames
2023-02-12 20:08 - 2023-02-12 20:08 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2023-02-12 20:08 - 2023-02-12 20:08 - 000000000 ____D C:\Program Files (x86)\Microsoft GameInput
2023-02-12 00:59 - 2023-02-12 01:05 - 000000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NVIDIA Demos
2023-02-11 14:52 - 2023-02-11 14:52 - 000000000 _____ C:\Users\buchtik\AppData\Roaming\Exif Fixer Prefs.txt
2023-02-10 18:59 - 2023-02-10 18:59 - 000000000 ____D C:\Users\Default\AppData\Local\Tvsukernel
2023-02-10 18:57 - 2023-02-10 18:57 - 000000277 _____ C:\WINDOWS\SysWOW64\InstallUtil.InstallLog
2023-02-10 18:57 - 2023-02-10 18:57 - 000000000 ____D C:\WINDOWS\SysWOW64\%LOCALAPPDATA%
2023-02-10 18:57 - 2023-02-10 18:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\lenovo
2023-02-09 19:55 - 2023-02-16 21:38 - 000000000 ____D C:\Users\admin\AppData\Roaming\QuickMemoryTestOK
2023-02-09 19:54 - 2023-02-09 19:54 - 000000000 ____D C:\Users\buchtik\AppData\Roaming\QuickMemoryTestOK
2023-02-09 19:18 - 2023-02-09 19:18 - 000000017 _____ C:\Users\buchtik\AppData\Local\resmon.resmoncfg
2023-02-08 21:31 - 2023-02-10 18:57 - 000000000 ____D C:\WINDOWS\system32\Tasks\TVT
2023-02-08 21:31 - 2023-02-08 21:31 - 000000000 ____D C:\Users\buchtik\AppData\Local\LenovoServiceBridge
2023-02-08 19:21 - 2023-02-08 19:24 - 000000000 ____D C:\Program Files\ImageMagick-7.1.0-Q8
2023-02-08 07:10 - 2023-02-08 07:10 - 000000000 ____D C:\Users\buchtik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2023-02-07 18:02 - 2023-02-07 18:02 - 001462560 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tdrpman.sys
2023-02-07 18:02 - 2023-02-07 18:02 - 001120032 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib.sys
2023-02-07 18:02 - 2023-02-07 18:02 - 000367200 ____N (Acronis) C:\WINDOWS\system32\Drivers\afcdp.sys
2023-02-07 18:02 - 2023-02-07 18:02 - 000233760 _____ (Acronis) C:\WINDOWS\system32\Drivers\snapman.sys
2023-02-07 18:02 - 2023-02-07 18:02 - 000183224 _____ (Acronis) C:\WINDOWS\system32\Drivers\tib_mounter.sys
2023-02-07 18:02 - 2023-02-07 18:02 - 000108832 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv.sys
2023-02-07 18:02 - 2023-02-07 18:02 - 000000000 ____D C:\Users\admin\AppData\Roaming\CE22C88F-2351-4A15-A8A6-8459903F9910
2023-02-05 14:58 - 2023-02-05 14:58 - 000000000 ____D C:\Users\admin\AppData\Local\Microsoft_Corporation
2023-02-05 09:12 - 2023-02-05 09:12 - 000000000 ____D C:\Users\buchtik\AppData\Local\HddLed Indicator
2023-02-05 00:44 - 2023-02-05 00:44 - 000000000 ____D C:\Users\admin\AppData\Roaming\HD Tune Pro
2023-02-04 17:43 - 2023-02-04 17:43 - 000000000 ____D C:\Users\buchtik\AppData\Local\Microsoft Help
2023-02-04 17:20 - 2023-02-27 19:30 - 000000000 ____D C:\Users\Public\Documents\Logishrd
2023-02-04 17:20 - 2023-02-18 17:56 - 000018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2023-02-04 17:19 - 2023-02-04 17:20 - 000000000 ____D C:\Users\admin\AppData\Roaming\Logitech
2023-02-04 17:18 - 2023-02-27 19:30 - 000000000 ____D C:\Users\buchtik\AppData\Roaming\Logishrd
2023-02-04 17:18 - 2023-02-05 00:37 - 000000000 ____D C:\Users\buchtik\AppData\Roaming\Logitech
2023-02-04 17:18 - 2023-02-04 17:20 - 000000000 ____D C:\Users\admin\AppData\Roaming\Logishrd
2023-02-04 12:46 - 2023-03-08 16:54 - 000000000 ____D C:\Users\buchtik\AppData\Local\Deployment
2023-02-04 12:46 - 2023-02-04 12:46 - 000000000 ____D C:\Users\buchtik\AppData\Local\Apps\2.0
2023-02-02 18:10 - 2023-02-02 18:10 - 000000000 ____D C:\Users\buchtik\AppData\LocalLow\Lenovo
2023-01-31 18:25 - 2023-03-01 20:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-01-31 18:25 - 2023-02-23 10:18 - 000001061 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2023-01-31 18:25 - 2023-01-31 18:25 - 000001049 _____ C:\Users\Public\Desktop\Thunderbird.lnk
2023-01-31 18:25 - 2023-01-31 18:25 - 000000000 ____D C:\Users\buchtik\AppData\Roaming\Thunderbird
2023-01-31 18:25 - 2023-01-31 18:25 - 000000000 ____D C:\Users\buchtik\AppData\Local\Thunderbird
2023-01-31 09:19 - 2023-01-31 09:19 - 004417898 _____ C:\Users\buchtik\Downloads\linka_17_od_1_1_2023_klokoty-_sez_usti_ii.pdf
2023-01-29 18:01 - 2023-02-19 15:11 - 000000000 ____D C:\Users\admin\AppData\Local\PasswordSafe
2023-01-29 18:01 - 2023-01-29 18:01 - 000000000 ____D C:\Users\admin\Documents\My Safes
2023-01-29 17:54 - 2023-03-10 15:47 - 000000000 ____D C:\Users\admin\AppData\Local\LogiOptionsPlus
2023-01-29 17:53 - 2023-03-10 15:56 - 000000000 ____D C:\Users\buchtik\AppData\Roaming\vlc
2023-01-29 17:52 - 2023-01-29 17:52 - 000000922 _____ C:\Users\Public\Desktop\VLC media player.lnk
2023-01-29 17:52 - 2023-01-29 17:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2023-01-29 17:52 - 2023-01-29 17:52 - 000000000 ____D C:\Program Files\VideoLAN
2023-01-29 17:28 - 2023-03-11 12:36 - 000000000 ____D C:\Users\buchtik\AppData\Local\LogiOptionsPlus
2023-01-29 17:28 - 2023-03-09 08:09 - 000000000 ____D C:\Users\buchtik\AppData\Roaming\logioptionsplus
2023-01-29 17:28 - 2023-02-28 18:51 - 000000859 _____ C:\Users\Public\Desktop\Logi Options+.lnk
2023-01-29 17:28 - 2023-02-28 18:51 - 000000000 ____D C:\ProgramData\LogiOptionsPlus
2023-01-29 17:28 - 2023-02-27 19:45 - 000000000 ____D C:\ProgramData\Logishrd
2023-01-29 17:23 - 2023-01-29 17:23 - 000000000 ____D C:\Users\buchtik\AppData\Roaming\Ancestry
2023-01-29 17:08 - 2023-03-10 21:03 - 000000000 ____D C:\Users\buchtik\AppData\Local\Bitvise
2023-01-29 17:08 - 2023-01-29 17:08 - 000495016 _____ (Bitvise Limited) C:\WINDOWS\BvWinFspMgr.exe
2023-01-29 17:08 - 2023-01-29 17:08 - 000186392 _____ (Navimatics LLC) C:\WINDOWS\system32\BvWinFsp.dll
2023-01-29 17:08 - 2023-01-29 17:08 - 000186392 _____ (Navimatics LLC) C:\WINDOWS\BvWinFsp64.dll
2023-01-29 17:08 - 2023-01-29 17:08 - 000172744 _____ (Navimatics LLC) C:\WINDOWS\system32\Drivers\BvWinFsp.sys
2023-01-29 17:08 - 2023-01-29 17:08 - 000172744 _____ (Navimatics LLC) C:\WINDOWS\BvWinFsp.sys
2023-01-29 17:08 - 2023-01-29 17:08 - 000155160 _____ (Navimatics LLC) C:\WINDOWS\SysWOW64\BvWinFsp.dll
2023-01-29 17:08 - 2023-01-29 17:08 - 000155160 _____ (Navimatics LLC) C:\WINDOWS\BvWinFsp32.dll
2023-01-29 17:08 - 2023-01-29 17:08 - 000082392 _____ (Bitvise Limited) C:\WINDOWS\MstscTitle64.dll
2023-01-29 17:08 - 2023-01-29 17:08 - 000074200 _____ (Bitvise Limited) C:\WINDOWS\MstscTitle32.dll
2023-01-29 17:08 - 2023-01-29 17:08 - 000002487 _____ C:\Users\Public\Desktop\Bitvise SSH Client.lnk
2023-01-29 17:08 - 2023-01-29 17:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitvise SSH Client
2023-01-29 17:08 - 2023-01-29 17:08 - 000000000 ____D C:\Program Files (x86)\Bitvise SSH Client
2023-01-29 17:07 - 2023-01-29 17:07 - 000085896 _____ (Bitvise Limited) C:\WINDOWS\system32\BvEventSource.exe
2023-01-29 11:42 - 2023-01-29 11:42 - 000000000 ____D C:\Users\buchtik\AppData\Roaming\cPicture
2023-01-29 11:38 - 2023-01-29 11:39 - 000000000 ____D C:\Users\buchtik\AppData\Local\Tawbaware
2023-01-28 17:28 - 2023-01-28 17:28 - 000000000 ____D C:\Users\buchtik\Downloads\CoreTempGadget
2023-01-28 13:02 - 2023-01-28 13:02 - 000418351 _____ C:\Users\buchtik\Downloads\CoreTempGadget.zip
2023-01-28 13:00 - 2023-03-08 17:13 - 000002246 _____ C:\WINDOWS\system32\Tasks\Core Temp Autostart admin
2023-01-27 19:22 - 1997-08-26 12:06 - 000315904 _____ (InstallShield Software Corporation) C:\WINDOWS\IsUninst.exe
2023-01-27 19:14 - 2023-01-27 19:14 - 000000000 ____D C:\Users\buchtik\AppData\Roaming\WinRAR
2023-01-26 20:52 - 2023-01-26 20:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cobian Backup 11
2023-01-25 17:42 - 2023-01-25 17:42 - 000000000 ____D C:\Users\admin\AppData\Local\Garmin_Ltd._or_its_subsid
2023-01-25 17:42 - 2023-01-25 17:42 - 000000000 ____D C:\Users\admin\AppData\Local\Garmin
2023-01-25 17:39 - 2023-01-25 17:39 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2023-01-25 17:39 - 2023-01-25 17:39 - 000000000 ____D C:\Program Files\Reference Assemblies
2023-01-25 17:39 - 2023-01-25 17:39 - 000000000 ____D C:\Program Files\MSBuild
2023-01-25 17:39 - 2023-01-25 17:39 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2023-01-25 17:39 - 2023-01-25 17:39 - 000000000 ____D C:\Program Files (x86)\MSBuild
2023-01-25 17:34 - 2023-01-25 17:34 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2023-01-25 17:33 - 2023-03-08 17:13 - 000002702 _____ C:\WINDOWS\system32\Tasks\GarminUpdaterTask
2023-01-25 17:33 - 2023-01-25 17:34 - 000000000 ____D C:\Users\buchtik\AppData\Local\Garmin
2023-01-25 17:33 - 2023-01-25 17:34 - 000000000 ____D C:\ProgramData\Garmin
2023-01-25 17:33 - 2023-01-25 17:33 - 000001969 _____ C:\Users\Public\Desktop\Garmin Express.lnk
2023-01-25 17:33 - 2023-01-25 17:33 - 000000000 ____D C:\Users\buchtik\AppData\Local\Garmin_Ltd._or_its_subsid
2023-01-25 17:33 - 2023-01-25 17:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2023-01-25 17:33 - 2023-01-25 17:33 - 000000000 ____D C:\Program Files\DIFX
2023-01-25 17:33 - 2023-01-25 17:33 - 000000000 ____D C:\Program Files (x86)\Garmin
2023-01-25 16:56 - 2023-01-25 16:56 - 000000000 _____ C:\WINDOWS\SysWOW64\wsmand.log.lock
2023-01-25 07:44 - 2023-01-25 07:44 - 000000000 ____D C:\Users\admin\AppData\Roaming\DropboxElectron
2023-01-24 20:12 - 2023-02-20 15:42 - 000000000 ____D C:\WINDOWS\Panther
2023-01-24 19:53 - 2023-01-31 19:17 - 000000000 ____D C:\Users\admin\AppData\LocalLow\Mozilla
2023-01-24 19:53 - 2023-01-24 19:53 - 000000000 ____D C:\Users\admin\AppData\Roaming\Thunderbird
2023-01-24 19:53 - 2023-01-24 19:53 - 000000000 ____D C:\Users\admin\AppData\Roaming\Mozilla
2023-01-24 19:53 - 2023-01-24 19:53 - 000000000 ____D C:\Users\admin\AppData\Local\Thunderbird
2023-01-24 17:24 - 2023-01-24 17:24 - 000000000 ____D C:\Users\admin\AppData\Roaming\com.adobe.dunamis
2023-01-24 15:14 - 2023-01-24 15:14 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_hidtelephony_02_15_00.Wdf
2023-01-24 11:58 - 2023-01-24 11:58 - 000000000 ____D C:\Program Files\chrome_BITS_15420_5163615
2023-01-24 11:58 - 2023-01-24 11:58 - 000000000 ____D C:\Program Files\chrome_BITS_15420_427442288
2023-01-24 11:58 - 2023-01-24 11:58 - 000000000 ____D C:\Program Files\chrome_BITS_15420_2111623774
2023-01-24 11:58 - 2023-01-24 11:58 - 000000000 ____D C:\Program Files\chrome_BITS_15420_1996258189
2023-01-24 11:58 - 2023-01-24 11:58 - 000000000 ____D C:\Program Files\chrome_BITS_15420_1900096021
2023-01-24 11:58 - 2023-01-24 11:58 - 000000000 ____D C:\Program Files\chrome_BITS_15420_1819132439
2023-01-24 11:58 - 2023-01-24 11:58 - 000000000 ____D C:\Program Files\chrome_BITS_15420_1817847539
2023-01-24 11:58 - 2023-01-24 11:58 - 000000000 ____D C:\Program Files\chrome_BITS_15420_1746078431
2023-01-24 11:58 - 2023-01-24 11:58 - 000000000 ____D C:\Program Files\chrome_BITS_15420_1720833282
2023-01-24 11:58 - 2023-01-24 11:58 - 000000000 ____D C:\Program Files\chrome_BITS_15420_1635738605
2023-01-24 11:57 - 2023-01-24 11:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2023-01-24 11:49 - 2023-01-24 12:00 - 000000000 ____D C:\Users\buchtik\AppData\Local\Wondershare
2023-01-24 11:49 - 2023-01-24 11:49 - 000000016 _____ C:\ProgramData\mntemp
2023-01-24 11:49 - 2023-01-24 11:49 - 000000000 ____D C:\Users\buchtik\AppData\Roaming\NVIDIA
2023-01-24 11:48 - 2023-03-02 20:43 - 000000000 ____D C:\ProgramData\Wondershare Filmora
2023-01-24 11:48 - 2023-01-24 11:56 - 000000000 ____D C:\Users\admin\AppData\Local\Wondershare
2023-01-24 11:48 - 2023-01-24 11:50 - 000000000 ____D C:\ProgramData\Wondershare
2023-01-24 11:48 - 2023-01-24 11:49 - 000000000 ____D C:\Users\buchtik\AppData\Roaming\Wondershare
2023-01-24 11:48 - 2023-01-24 11:48 - 000000000 ____D C:\Users\admin\Documents\Wondershare
2023-01-24 11:48 - 2023-01-24 11:48 - 000000000 ____D C:\Users\admin\AppData\Roaming\Wondershare
2023-01-24 11:46 - 2023-02-13 11:27 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2023-01-24 11:38 - 2023-01-29 17:28 - 000000000 ____D C:\ProgramData\Package Cache
2023-01-24 11:38 - 2023-01-24 11:44 - 000000000 ____D C:\ProgramData\Google
2023-01-24 11:29 - 2023-01-24 11:29 - 000000000 ____D C:\Users\buchtik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image Composite Editor
2023-01-24 11:29 - 2023-01-24 11:29 - 000000000 ____D C:\Program Files\Microsoft Research
2023-01-24 11:09 - 2023-01-24 11:09 - 000001189 _____ C:\Users\Public\Desktop\Picasa 3.lnk
2023-01-24 11:09 - 2023-01-24 11:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2023-01-24 10:59 - 2023-01-24 10:59 - 000000000 __SHD C:\Users\buchtik\.dropbox_bi
2023-01-24 10:45 - 2023-03-10 08:58 - 000000000 ____D C:\Users\buchtik\AppData\Roaming\DropboxElectron
2023-01-24 10:44 - 2023-03-10 15:39 - 000000000 ____D C:\Users\admin\AppData\Local\Dropbox
2023-01-24 10:44 - 2023-03-10 08:58 - 000000000 ____D C:\Users\buchtik\AppData\Local\Dropbox
2023-01-24 10:44 - 2023-03-08 17:59 - 000000920 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2023-01-24 10:44 - 2023-03-08 17:59 - 000000916 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2023-01-24 10:44 - 2023-03-08 17:13 - 000003434 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2023-01-24 10:44 - 2023-03-08 17:13 - 000003210 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2023-01-24 10:44 - 2023-03-08 07:22 - 000000000 ____D C:\Program Files (x86)\Dropbox
2023-01-24 10:44 - 2023-01-24 10:44 - 000000000 ____D C:\Users\admin\AppData\Roaming\Dropbox
2023-01-24 10:44 - 2023-01-24 10:44 - 000000000 ____D C:\ProgramData\Dropbox
2023-01-23 20:06 - 2023-01-25 20:23 - 000000000 ____D C:\Users\buchtik\AppData\Local\Notepad
2023-01-23 20:01 - 2023-01-24 11:58 - 000000000 ____D C:\Users\admin\AppData\Local\Google
2023-01-23 19:58 - 2023-01-23 19:58 - 000002214 _____ C:\Users\buchtik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\f.lux.lnk
2023-01-23 19:58 - 2023-01-23 19:58 - 000000000 ____D C:\Users\buchtik\AppData\Local\FluxSoftware
2023-01-23 18:11 - 2023-01-23 18:11 - 000000000 ____D C:\Program Files\EpsonNet
2023-01-23 18:11 - 2012-11-12 20:41 - 000535552 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppui.dll
2023-01-23 18:11 - 2012-11-12 20:41 - 000535552 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppui.dll
2023-01-23 18:11 - 2012-11-12 15:15 - 000558592 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppmon.dll
2023-01-23 18:11 - 2012-11-12 15:15 - 000558592 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppmon.dll
2023-01-23 18:11 - 2012-10-22 17:19 - 000219648 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enspres.dll
2023-01-23 18:11 - 2012-10-22 17:19 - 000219648 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enpres.dll
2023-01-23 17:24 - 2023-01-23 17:24 - 000175493 _____ C:\Users\buchtik\Downloads\421013.pdf
2023-01-23 09:59 - 2023-01-23 09:59 - 018726865 _____ C:\Users\buchtik\Downloads\Lenovo Thinkcentre neo  70t  Gen  3  user guide.pdf
2023-01-21 19:33 - 2023-01-21 19:33 - 000000000 ____D C:\Users\buchtik\AppData\Roaming\com.adobe.dunamis
2023-01-21 14:48 - 2023-01-21 14:48 - 000000000 ____D C:\Users\admin\AppData\Local\Apps\2.0
2023-01-21 11:46 - 2023-01-21 11:46 - 000000000 ____D C:\Users\buchtik\AppData\Roaming\EPSON
2023-01-21 11:24 - 2023-03-10 09:09 - 000000000 ____D C:\Users\buchtik\AppData\Local\PasswordSafe
2023-01-21 09:53 - 2023-01-21 09:53 - 000000000 ____D C:\Users\buchtik\AppData\Local\OneDrive
2023-01-20 19:40 - 2023-03-10 15:53 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-01-20 19:40 - 2023-03-10 15:52 - 000000000 ____D C:\Users\buchtik\AppData\LocalLow\Mozilla
2023-01-20 19:40 - 2023-01-20 19:40 - 000000000 ____D C:\Users\buchtik\AppData\Roaming\Mozilla
2023-01-20 18:53 - 2023-03-10 08:59 - 000004168 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1674237221
2023-01-20 18:53 - 2023-03-10 08:59 - 000001459 _____ C:\Users\buchtik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2023-01-20 18:53 - 2023-03-09 19:11 - 000004426 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1674237222
2023-01-20 18:53 - 2023-01-20 18:53 - 000000000 ____D C:\Users\buchtik\AppData\Roaming\Opera Software
2023-01-20 18:53 - 2023-01-20 18:53 - 000000000 ____D C:\Users\buchtik\AppData\Local\Opera Software
2023-01-20 18:52 - 2023-01-20 18:52 - 000000000 ____D C:\Users\buchtik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome
2023-01-19 22:28 - 2023-03-11 12:33 - 000000000 ____D C:\Program Files (x86)\Google
2023-01-19 22:28 - 2023-03-10 08:35 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-01-19 22:28 - 2023-03-10 08:35 - 000002212 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-01-19 22:28 - 2023-03-08 17:13 - 000003478 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{0BA58ECC-9EFA-4C2A-B728-12D36FC165E5}
2023-01-19 22:28 - 2023-03-08 17:13 - 000003254 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{9E03EF5D-B963-418B-8E6B-9CFD01C1F082}
2023-01-19 22:28 - 2023-01-24 11:58 - 000000000 ____D C:\Program Files\Google
2023-01-19 22:27 - 2023-02-19 14:26 - 000002079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-01-19 22:27 - 2023-02-19 14:26 - 000002067 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-01-19 22:27 - 2023-01-24 11:44 - 000000000 ____D C:\Users\buchtik\AppData\Local\Google
2023-01-19 20:07 - 2023-02-15 22:19 - 000000000 ____D C:\Users\buchtik\AppData\Local\GHISLER
2023-01-19 20:03 - 2023-01-19 20:03 - 000000000 ___HD C:\OneDriveTemp
2023-01-19 20:00 - 2023-01-19 20:01 - 000002739 _____ C:\Users\admin\Desktop\Microsoft Office Word 2007.lnk
2023-01-19 20:00 - 2023-01-19 20:01 - 000002657 _____ C:\Users\admin\Desktop\Microsoft Office Excel 2007.lnk
2023-01-19 19:59 - 2023-01-19 19:59 - 000000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2023-01-19 19:57 - 2023-02-05 08:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2023-01-19 19:57 - 2023-01-20 20:18 - 000000000 ____D C:\Program Files (x86)\Microsoft Works
2023-01-19 19:57 - 2023-01-19 19:57 - 000000000 ____D C:\WINDOWS\PCHEALTH
2023-01-19 19:56 - 2023-01-24 15:14 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-01-19 19:56 - 2023-01-19 19:56 - 000000000 __RHD C:\MSOCache
2023-01-19 19:56 - 2023-01-19 19:56 - 000000000 ____D C:\WINDOWS\SHELLNEW
2023-01-19 19:56 - 2023-01-19 19:56 - 000000000 ____D C:\Users\admin\AppData\Local\Microsoft Help
2023-01-19 19:35 - 2023-01-19 19:35 - 000000000 ____D C:\Users\admin\AppData\Local\GHISLER
2023-01-19 19:34 - 2023-01-21 12:18 - 000000000 ____D C:\totalcmd
2023-01-19 19:34 - 2023-01-19 19:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Commander
2023-01-19 19:25 - 2023-01-23 18:11 - 000001013 _____ C:\Users\Public\Desktop\EPSON Scan.lnk
2023-01-19 19:25 - 2011-12-12 00:00 - 000135824 _____ (Seiko Epson Corporation) C:\WINDOWS\system32\escsvc64.exe
2023-01-19 19:20 - 2023-01-19 19:20 - 000000000 ____D C:\Users\admin\AppData\LocalLow\Adobe
2023-01-19 19:20 - 2023-01-19 19:20 - 000000000 ____D C:\Users\admin\AppData\Local\SolidDocuments
2023-01-19 19:20 - 2023-01-19 19:20 - 000000000 ____D C:\Users\admin\.ms-ad
2023-01-19 18:50 - 2023-03-08 17:58 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2023-01-19 18:45 - 2023-01-19 18:45 - 000314158 _____ C:\Users\admin\Documents\EpsonScan002.pdf
2023-01-19 18:43 - 2023-01-19 18:43 - 000311874 _____ C:\Users\admin\Documents\EpsonScan001.pdf
2023-01-19 18:40 - 2023-01-19 18:40 - 000000000 ____D C:\Program Files\Common Files\EPSON
2023-01-19 18:40 - 2007-09-07 17:33 - 000135168 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\SysWOW64\EEBAPI.dll
2023-01-19 18:40 - 2007-03-28 18:26 - 000065536 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\SysWOW64\EEBUtil.dll
2023-01-19 18:40 - 2006-12-19 18:31 - 000110592 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\SysWOW64\EEBDSCVR.dll
2023-01-19 18:40 - 2006-12-19 18:20 - 000077824 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\SysWOW64\EBAPI.dll
2023-01-19 18:40 - 2003-12-17 01:01 - 000055808 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\SysWOW64\EEBSDKIF.dll
2023-01-19 18:36 - 2023-01-19 18:36 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2023-01-19 18:32 - 2023-01-19 18:41 - 000000000 ____D C:\Users\admin\AppData\Roaming\Epson
2023-01-19 18:29 - 2023-01-23 18:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
2023-01-19 18:25 - 2023-01-19 19:25 - 000000000 ____D C:\Program Files (x86)\epson
2023-01-19 18:22 - 2023-01-23 18:14 - 000000000 ____D C:\Program Files (x86)\Epson Software
2023-01-19 17:57 - 2023-01-23 18:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2023-01-19 17:57 - 2023-01-19 17:57 - 000000000 ____D C:\Program Files\EPSON
2023-01-19 17:55 - 2023-01-23 18:14 - 000000000 ____D C:\ProgramData\EPSON
2023-01-19 17:21 - 2023-01-26 20:52 - 000000000 ____D C:\Program Files (x86)\Cobian Backup 11
2023-01-19 17:10 - 2023-03-08 17:59 - 000000638 _____ C:\WINDOWS\Tasks\TrackerAutoUpdate.job
2023-01-19 17:10 - 2023-03-08 17:13 - 000002882 _____ C:\WINDOWS\system32\Tasks\TrackerAutoUpdate
2023-01-19 17:10 - 2023-01-19 17:10 - 000001070 _____ C:\Users\Public\Desktop\PDF-Viewer.lnk
2023-01-19 17:10 - 2023-01-19 17:10 - 000000000 ____D C:\ProgramData\Tracker Software
2023-01-19 17:10 - 2023-01-19 17:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer
2023-01-19 17:10 - 2023-01-19 17:10 - 000000000 ____D C:\Program Files\Tracker Software
2023-01-19 17:08 - 2023-01-19 17:08 - 000000000 ____D C:\Users\buchtik\AppData\LocalLow\NVIDIA
2023-01-19 17:06 - 2023-03-09 19:20 - 000000000 ____D C:\Users\buchtik\AppData\Local\CrashDumps
2023-01-19 17:06 - 2023-03-08 17:13 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-01-19 17:06 - 2023-01-19 17:06 - 000000000 ____D C:\Users\buchtik\AppData\LocalLow\Adobe
2023-01-19 17:06 - 2023-01-19 17:06 - 000000000 ____D C:\Users\buchtik\AppData\Local\SolidDocuments
2023-01-19 17:06 - 2023-01-19 17:06 - 000000000 ____D C:\Users\buchtik\.ms-ad
2023-01-19 17:06 - 2023-01-19 17:06 - 000000000 ____D C:\Program Files\Adobe
2023-01-19 17:05 - 2023-01-19 17:07 - 000000000 ____D C:\ProgramData\Adobe
2023-01-19 17:05 - 2023-01-19 17:06 - 000000000 ____D C:\Program Files\Common Files\Adobe
2023-01-19 17:04 - 2023-01-19 22:27 - 000000000 ____D C:\Users\buchtik\AppData\Local\Adobe
2023-01-19 17:00 - 2023-01-19 19:20 - 000000000 ____D C:\Users\admin\AppData\Local\Adobe
2023-01-19 08:42 - 2023-01-19 08:42 - 000000000 ____D C:\Users\buchtik\AppData\Local\Comms
2023-01-19 08:40 - 2023-01-19 08:40 - 000000000 ____D C:\Users\buchtik\AppData\Local\Avast Software
2023-01-19 08:25 - 2023-01-19 08:25 - 000000000 ____D C:\Users\buchtik\AppData\Local\Publishers
2023-01-19 08:19 - 2023-01-23 18:18 - 000000000 ____D C:\Users\buchtik\AppData\Local\VirtualStore
2023-01-19 08:12 - 2023-01-19 08:19 - 000000000 ____D C:\Users\buchtik\AppData\Local\Lenovo
2023-01-19 08:11 - 2023-01-19 08:11 - 000000000 ____D C:\Users\buchtik\AppData\LocalLow\Intel
2023-01-19 08:10 - 2023-03-08 17:59 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1125630280-1235911553-1431502420-1004
2023-01-19 08:10 - 2023-03-08 17:59 - 000003366 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1125630280-1235911553-1431502420-1004
2023-01-19 08:10 - 2023-03-08 17:59 - 000002431 _____ C:\Users\buchtik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-01-19 08:10 - 2023-01-19 08:10 - 000000000 ____D C:\Users\buchtik\AppData\Roaming\Avast Software
2023-01-19 08:10 - 2023-01-19 08:10 - 000000000 ____D C:\Users\buchtik\AppData\Local\CEF
2023-01-19 08:09 - 2023-02-27 12:34 - 000000000 ____D C:\Users\buchtik\AppData\Local\Packages
2023-01-19 08:09 - 2023-02-26 11:50 - 000000000 ____D C:\Users\buchtik\AppData\Local\PlaceholderTileLogoFolder
2023-01-19 08:09 - 2023-02-25 17:55 - 000000000 ____D C:\Users\buchtik\AppData\Local\D3DSCache
2023-01-19 08:09 - 2023-01-24 11:38 - 000000000 ____D C:\Users\buchtik\AppData\Roaming\Adobe
2023-01-19 08:08 - 2023-03-08 09:29 - 000000000 ____D C:\Users\buchtik
2023-01-19 08:08 - 2023-02-12 01:00 - 000000000 ____D C:\Users\buchtik\AppData\Local\NVIDIA
2023-01-19 08:08 - 2023-01-19 20:02 - 000000000 ____D C:\Users\buchtik\AppData\Local\ConnectedDevicesPlatform
2023-01-19 08:08 - 2023-01-19 08:08 - 000000020 ___SH C:\Users\buchtik\ntuser.ini
2023-01-19 08:08 - 2023-01-19 08:08 - 000000000 _SHDL C:\Users\buchtik\Šablony
2023-01-19 08:08 - 2023-01-19 08:08 - 000000000 _SHDL C:\Users\buchtik\Soubory cookie
2023-01-19 08:08 - 2023-01-19 08:08 - 000000000 _SHDL C:\Users\buchtik\Poslední
2023-01-19 08:08 - 2023-01-19 08:08 - 000000000 _SHDL C:\Users\buchtik\Okolní tiskárny
2023-01-19 08:08 - 2023-01-19 08:08 - 000000000 _SHDL C:\Users\buchtik\Okolní síť
2023-01-19 08:08 - 2023-01-19 08:08 - 000000000 _SHDL C:\Users\buchtik\Nabídka Start
2023-01-19 08:08 - 2023-01-19 08:08 - 000000000 _SHDL C:\Users\buchtik\Dokumenty
2023-01-19 08:08 - 2023-01-19 08:08 - 000000000 _SHDL C:\Users\buchtik\Documents\Obrázky
2023-01-19 08:08 - 2023-01-19 08:08 - 000000000 _SHDL C:\Users\buchtik\Documents\Hudba
2023-01-19 08:08 - 2023-01-19 08:08 - 000000000 _SHDL C:\Users\buchtik\Documents\Filmy
2023-01-19 08:08 - 2023-01-19 08:08 - 000000000 _SHDL C:\Users\buchtik\Data aplikací
2023-01-19 08:08 - 2023-01-19 08:08 - 000000000 _SHDL C:\Users\buchtik\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2023-01-19 08:08 - 2023-01-19 08:08 - 000000000 _SHDL C:\Users\buchtik\AppData\Local\Data aplikací
2023-01-19 08:08 - 2023-01-19 08:08 - 000000000 ____D C:\Users\buchtik\AppData\Local\PeerDistRepub
2023-01-16 14:02 - 2023-01-16 14:02 - 000000000 ____D C:\Users\admin\Documents\Onenotové poznámkové bloky
2023-01-16 10:17 - 2023-01-16 10:17 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2023-01-16 10:16 - 2023-03-10 10:31 - 001718028 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-01-16 10:15 - 2023-03-10 15:39 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1125630280-1235911553-1431502420-1001
2023-01-16 10:15 - 2023-03-10 15:39 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1125630280-1235911553-1431502420-1001
2023-01-16 10:15 - 2023-03-09 15:11 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2023-01-16 10:15 - 2023-03-08 17:59 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-01-16 10:15 - 2023-03-08 17:13 - 000003568 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-01-16 10:15 - 2023-03-08 17:13 - 000003344 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-01-16 10:15 - 2023-03-08 17:13 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1125630280-1235911553-1431502420-500
2023-01-16 10:15 - 2023-03-08 17:13 - 000002182 _____ C:\WINDOWS\system32\Tasks\Calliope_Keyboard
2023-01-16 10:15 - 2023-03-08 17:13 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2023-01-16 10:15 - 2023-02-08 07:10 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2023-01-16 10:15 - 2023-01-16 10:15 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2023-01-16 10:15 - 2023-01-16 10:15 - 000011433 _____ C:\WINDOWS\diagerr.xml
2023-01-16 10:15 - 2023-01-16 10:15 - 000000020 ___SH C:\Users\admin\ntuser.ini
2023-01-16 10:15 - 2023-01-16 10:15 - 000000000 _SHDL C:\Users\Public\Documents\Obrázky
2023-01-16 10:15 - 2023-01-16 10:15 - 000000000 _SHDL C:\Users\Public\Documents\Hudba
2023-01-16 10:15 - 2023-01-16 10:15 - 000000000 _SHDL C:\Users\Public\Documents\Filmy
2023-01-16 10:15 - 2023-01-16 10:15 - 000000000 _SHDL C:\Users\Default\Šablony
2023-01-16 10:15 - 2023-01-16 10:15 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2023-01-16 10:15 - 2023-01-16 10:15 - 000000000 _SHDL C:\Users\Default\Poslední
2023-01-16 10:15 - 2023-01-16 10:15 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2023-01-16 10:15 - 2023-01-16 10:15 - 000000000 _SHDL C:\Users\Default\Okolní síť
2023-01-16 10:15 - 2023-01-16 10:15 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2023-01-16 10:15 - 2023-01-16 10:15 - 000000000 _SHDL C:\Users\Default\Dokumenty
2023-01-16 10:15 - 2023-01-16 10:15 - 000000000 _SHDL C:\Users\Default\Documents\Obrázky
2023-01-16 10:15 - 2023-01-16 10:15 - 000000000 _SHDL C:\Users\Default\Documents\Hudba
2023-01-16 10:15 - 2023-01-16 10:15 - 000000000 _SHDL C:\Users\Default\Documents\Filmy
2023-01-16 10:15 - 2023-01-16 10:15 - 000000000 _SHDL C:\Users\Default\Data aplikací
2023-01-16 10:15 - 2023-01-16 10:15 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2023-01-16 10:15 - 2023-01-16 10:15 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2023-01-16 10:15 - 2023-01-16 10:15 - 000000000 _SHDL C:\ProgramData\Šablony
2023-01-16 10:15 - 2023-01-16 10:15 - 000000000 _SHDL C:\ProgramData\Plocha
2023-01-16 10:15 - 2023-01-16 10:15 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2023-01-16 10:15 - 2023-01-16 10:15 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2023-01-16 10:15 - 2023-01-16 10:15 - 000000000 _SHDL C:\ProgramData\Dokumenty
2023-01-16 10:15 - 2023-01-16 10:15 - 000000000 _SHDL C:\ProgramData\Data aplikací
2023-01-16 10:15 - 2022-08-11 02:33 - 000003388 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-51709891-524309586-2262530275-500
2023-01-16 10:13 - 2023-03-11 11:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-01-16 10:13 - 2023-03-10 08:35 - 000002282 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-01-16 10:13 - 2023-03-01 20:31 - 000489272 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-01-16 10:13 - 2023-01-16 10:13 - 000000000 ____D C:\WINDOWS\system32\config\BFS
2023-01-16 09:56 - 2023-01-16 10:12 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2023-01-16 09:55 - 2023-02-07 16:50 - 000000000 ____D C:\Users\admin
2023-01-16 09:55 - 2023-01-16 09:55 - 000000000 _SHDL C:\Users\admin\Šablony
2023-01-16 09:55 - 2023-01-16 09:55 - 000000000 _SHDL C:\Users\admin\Soubory cookie
2023-01-16 09:55 - 2023-01-16 09:55 - 000000000 _SHDL C:\Users\admin\Poslední
2023-01-16 09:55 - 2023-01-16 09:55 - 000000000 _SHDL C:\Users\admin\Okolní tiskárny
2023-01-16 09:55 - 2023-01-16 09:55 - 000000000 _SHDL C:\Users\admin\Okolní síť
2023-01-16 09:55 - 2023-01-16 09:55 - 000000000 _SHDL C:\Users\admin\Nabídka Start
2023-01-16 09:55 - 2023-01-16 09:55 - 000000000 _SHDL C:\Users\admin\Dokumenty
2023-01-16 09:55 - 2023-01-16 09:55 - 000000000 _SHDL C:\Users\admin\Documents\Obrázky
2023-01-16 09:55 - 2023-01-16 09:55 - 000000000 _SHDL C:\Users\admin\Documents\Hudba
2023-01-16 09:55 - 2023-01-16 09:55 - 000000000 _SHDL C:\Users\admin\Documents\Filmy
2023-01-16 09:55 - 2023-01-16 09:55 - 000000000 _SHDL C:\Users\admin\Data aplikací
2023-01-16 09:55 - 2023-01-16 09:55 - 000000000 _SHDL C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2023-01-16 09:55 - 2023-01-16 09:55 - 000000000 _SHDL C:\Users\admin\AppData\Local\Data aplikací
2023-01-16 09:52 - 2023-01-16 09:56 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2023-01-16 09:52 - 2023-01-16 09:52 - 000000000 ____D C:\WINDOWS\system32\Drivers\Lenovo
2023-01-16 09:52 - 2023-01-16 09:52 - 000000000 ____D C:\WINDOWS\Lenovo
2023-01-16 09:52 - 2023-01-16 09:52 - 000000000 ____D C:\WINDOWS\Firmware
2023-01-16 09:45 - 2023-03-10 14:21 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2023-01-16 09:45 - 2023-01-16 09:45 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2023-01-16 09:45 - 2023-01-16 09:45 - 000000000 ____D C:\WINDOWS\addins
2023-01-16 09:42 - 2023-01-16 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2023-01-16 09:42 - 2023-01-16 09:42 - 000000000 ____D C:\WINDOWS\system32\cs
2023-01-16 09:35 - 2023-01-16 09:35 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2023-01-16 02:50 - 2023-02-05 00:49 - 000000000 ____D C:\Users\admin\AppData\Local\CrashDumps
2023-01-16 02:48 - 2023-01-21 13:42 - 000007682 _____ C:\Users\admin\AppData\Local\Resmon.ResmonCfg
2023-01-16 02:46 - 2023-01-19 10:58 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-01-16 02:46 - 2023-01-16 10:12 - 000000000 ____D C:\WINDOWS\system32\gf2engine
2023-01-16 02:45 - 2023-02-15 20:41 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-01-16 02:37 - 2023-01-16 10:13 - 000002095 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2023-01-16 02:37 - 2023-01-16 10:13 - 000002083 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2023-01-16 02:37 - 2023-01-16 02:37 - 000000000 ____D C:\Users\admin\AppData\Roaming\Avast Software
2023-01-16 02:37 - 2023-01-16 02:37 - 000000000 ____D C:\Users\admin\AppData\Local\CEF
2023-01-16 02:37 - 2023-01-16 02:37 - 000000000 ____D C:\Users\admin\AppData\Local\Avast Software
2023-01-16 02:36 - 2023-03-08 17:59 - 000000000 ____D C:\ProgramData\Avast Software
2023-01-16 02:36 - 2023-01-16 02:36 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2023-01-16 02:36 - 2023-01-16 02:36 - 000000000 ____D C:\Program Files\Avast Software
2023-01-16 02:07 - 2023-01-16 02:07 - 000000000 ____D C:\SWTOOLS
2023-01-16 01:46 - 2022-10-11 14:12 - 001979360 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2023-01-16 01:46 - 2022-10-11 14:12 - 001979360 _____ C:\WINDOWS\system32\vulkaninfo.exe
2023-01-16 01:46 - 2022-10-11 14:12 - 001535968 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-01-16 01:46 - 2022-10-11 14:12 - 001535968 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2023-01-16 01:46 - 2022-10-11 14:12 - 001441952 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2023-01-16 01:46 - 2022-10-11 14:12 - 001441952 _____ C:\WINDOWS\system32\vulkan-1.dll
2023-01-16 01:46 - 2022-10-11 14:12 - 001155248 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2023-01-16 01:46 - 2022-10-11 14:12 - 001155248 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2023-01-16 01:46 - 2022-10-11 14:12 - 000966336 _____ (Intel Corporation) C:\WINDOWS\system32\libmfxhw64.dll
2023-01-16 01:46 - 2022-10-11 14:12 - 000725048 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\libmfxhw32.dll
2023-01-16 01:46 - 2022-10-11 14:12 - 000537000 _____ (Intel) C:\WINDOWS\system32\libvpl.dll
2023-01-16 01:46 - 2022-10-11 14:12 - 000475704 _____ (Intel) C:\WINDOWS\SysWOW64\libvpl.dll
2023-01-16 01:46 - 2022-10-11 14:11 - 000609008 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll
2023-01-16 01:46 - 2022-10-11 14:11 - 000468000 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll
2023-01-16 01:46 - 2022-10-11 14:11 - 000412336 _____ C:\WINDOWS\SysWOW64\IntelControlLib32.dll
2023-01-16 01:46 - 2022-10-11 14:10 - 000254824 _____ C:\WINDOWS\system32\ControlLib.dll
2023-01-16 01:46 - 2022-10-11 14:10 - 000206944 _____ C:\WINDOWS\SysWOW64\ControlLib32.dll
2023-01-16 01:46 - 2022-10-11 14:10 - 000206944 _____ C:\WINDOWS\system32\ControlLib32.dll
2023-01-16 01:45 - 2022-08-22 17:45 - 001467992 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2023-01-16 01:45 - 2022-08-22 17:45 - 001208536 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2023-01-16 01:45 - 2022-08-22 17:45 - 000134832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2023-01-16 01:45 - 2022-08-22 17:45 - 000047792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2023-01-16 01:44 - 2022-08-22 17:44 - 007612400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2023-01-16 01:44 - 2022-08-22 17:44 - 006964304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2023-01-16 01:44 - 2022-08-22 17:44 - 006459976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2023-01-16 01:44 - 2022-08-22 17:44 - 006226656 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2023-01-16 01:44 - 2022-08-22 17:44 - 005729872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2023-01-16 01:44 - 2022-08-22 17:44 - 005101648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2023-01-16 01:44 - 2022-08-22 17:44 - 002933840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2023-01-16 01:44 - 2022-08-22 17:44 - 002120928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2023-01-16 01:44 - 2022-08-22 17:44 - 001601760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2023-01-16 01:44 - 2022-08-22 17:44 - 001529944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2023-01-16 01:44 - 2022-08-22 17:44 - 001177664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2023-01-16 01:44 - 2022-08-22 17:44 - 000851160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2023-01-16 01:44 - 2022-08-22 17:44 - 000730336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2023-01-16 01:44 - 2022-08-22 17:44 - 000725080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2023-01-16 01:44 - 2022-08-22 17:44 - 000712392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2023-01-16 01:44 - 2022-08-22 17:44 - 000587328 _____ C:\WINDOWS\system32\nvofapi64.dll
2023-01-16 01:44 - 2022-08-22 17:44 - 000582744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2023-01-16 01:44 - 2022-08-22 17:44 - 000460512 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2023-01-16 01:44 - 2022-08-22 17:44 - 000293088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2023-01-16 01:44 - 2022-08-22 17:44 - 000089492 _____ C:\WINDOWS\system32\nvinfo.pb
2023-01-16 01:44 - 2022-08-16 09:31 - 006185768 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2023-01-16 01:25 - 2023-01-16 01:25 - 000000000 ____D C:\Users\admin\AppData\LocalLow\Intel
2023-01-16 01:07 - 2023-03-01 19:46 - 000058732 _____ C:\WINDOWS\storelibdebug.txt
2023-01-16 01:05 - 2023-01-25 07:44 - 000000000 ____D C:\Users\admin\AppData\Local\NVIDIA
2023-01-16 00:50 - 2023-01-16 00:50 - 000000000 ____D C:\Users\admin\AppData\Local\Comms
2023-01-16 00:48 - 2023-01-18 21:22 - 000000000 ____D C:\Users\admin\AppData\Local\PlaceholderTileLogoFolder
2023-01-16 00:43 - 2023-02-10 18:58 - 000000000 ____D C:\Users\admin\AppData\Local\ElevatedDiagnostics
2023-01-16 00:29 - 2023-03-10 15:39 - 000002425 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-01-16 00:29 - 2023-02-19 14:03 - 000000000 ____D C:\Users\admin\AppData\Local\VirtualStore
2023-01-16 00:29 - 2023-01-16 01:58 - 000000000 ___RD C:\Users\admin\OneDrive
2023-01-16 00:27 - 2023-03-02 19:53 - 000000000 ____D C:\Users\admin\AppData\Local\Packages
2023-01-16 00:27 - 2023-03-01 10:40 - 000000000 ____D C:\Users\admin\AppData\Local\D3DSCache
2023-01-16 00:27 - 2023-02-26 12:32 - 000000000 ____D C:\ProgramData\Packages
2023-01-16 00:27 - 2023-01-19 19:20 - 000000000 ____D C:\Users\admin\AppData\Roaming\Adobe
2023-01-16 00:27 - 2023-01-16 02:00 - 000000000 ____D C:\Users\admin\AppData\Local\Lenovo
2023-01-16 00:27 - 2023-01-16 00:43 - 000000000 ____D C:\Users\admin\AppData\Local\Publishers
2023-01-16 00:27 - 2023-01-16 00:27 - 000000000 ____D C:\Users\admin\AppData\Local\PeerDistRepub
2023-01-16 00:27 - 2023-01-16 00:27 - 000000000 ____D C:\Users\admin\AppData\Local\ConnectedDevicesPlatform
2023-01-16 00:13 - 2023-01-16 00:13 - 000000000 _SHDL C:\Documents and Settings
2023-01-15 23:00 - 2023-01-15 23:00 - 000000000 ____D C:\Users\admin\AppData\Roaming\OTi
2023-01-15 23:00 - 2022-03-06 18:36 - 000040216 _____ (Magic Control Technology Corp.) C:\WINDOWS\system32\Drivers\mcvddbus.sys
2023-01-15 22:48 - 2023-01-15 22:48 - 1416626896 _____ C:\WINDOWS\MEMORY.DMP
2023-01-15 20:16 - 2023-01-15 20:16 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2022-12-22 01:58 - 2022-12-22 01:58 - 000328976 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\libboost.dll
2022-12-22 01:58 - 2022-12-22 01:58 - 000047888 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\Drivers\vanboost.sys

==================== Three months (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-03-11 11:56 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-03-11 11:00 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-03-11 11:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-03-11 10:59 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-03-10 15:47 - 2022-08-11 02:38 - 000000000 ____D C:\ProgramData\NVIDIA
2023-03-10 15:47 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-03-10 10:31 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2023-03-10 08:35 - 2021-09-29 22:09 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-03-09 15:11 - 2022-05-07 06:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-03-08 17:59 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState
2023-03-08 17:58 - 2021-09-29 22:08 - 000012288 ___SH C:\DumpStack.log.tmp
2023-03-08 17:42 - 2022-05-07 06:17 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-03-08 17:40 - 2022-08-11 02:31 - 000000000 ____D C:\WINDOWS\TempInst
2023-03-01 20:29 - 2022-05-07 08:39 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-03-01 20:29 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-03-01 20:29 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\UUS
2023-03-01 20:29 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-03-01 20:29 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources
2023-03-01 20:29 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-03-01 20:29 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-03-01 20:29 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-03-01 20:29 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-03-01 20:29 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-03-01 20:29 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-03-01 20:29 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\Provisioning
2023-03-01 20:29 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-03-01 20:29 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-02-26 12:35 - 2022-08-11 02:31 - 000000000 ____D C:\Program Files\Microsoft Office
2023-02-26 12:35 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-02-15 21:48 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\setup
2023-02-13 16:29 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-02-12 01:05 - 2022-08-11 02:38 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2023-02-10 19:07 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\Registration
2023-02-10 18:57 - 2022-08-11 03:16 - 000000000 ____D C:\ProgramData\Lenovo
2023-02-10 18:57 - 2022-08-11 02:42 - 000000000 ____D C:\Program Files (x86)\Lenovo

==================== Files in the root of some directories ========

2023-02-20 13:20 - 2023-02-20 13:20 - 010080448 _____ (Microsoft Corporation) C:\Users\buchtik\mediacreationtool.exe
2023-01-16 02:48 - 2023-01-21 13:42 - 000007682 _____ () C:\Users\admin\AppData\Local\Resmon.ResmonCfg
2023-03-04 12:16 - 2023-03-08 20:24 - 000000191 _____ () C:\Users\admin\AppData\Local\Support.ini

==================== SigCheckExt =========================

2023-01-23 18:11 - 2012-11-12 15:15 - 000558592 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppmon.dll
2023-01-23 18:11 - 2012-11-12 20:41 - 000535552 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppui.dll
2023-01-23 18:11 - 2012-10-22 17:19 - 000219648 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enpres.dll
2023-01-23 18:11 - 2012-11-12 15:15 - 000558592 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppmon.dll
2023-01-23 18:11 - 2012-11-12 20:41 - 000535552 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppui.dll
2023-01-23 18:11 - 2012-10-22 17:19 - 000219648 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enspres.dll
2023-02-12 20:08 - 2023-02-25 10:20 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2023-01-27 19:22 - 1997-08-26 12:06 - 000315904 _____ (InstallShield Software Corporation) C:\WINDOWS\IsUninst.exe
2023-01-19 18:40 - 2006-12-19 18:20 - 000077824 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\SysWOW64\EBAPI.dll
2023-01-19 18:40 - 2007-09-07 17:33 - 000135168 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\SysWOW64\EEBAPI.dll
2023-01-19 18:40 - 2006-12-19 18:31 - 000110592 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\SysWOW64\EEBDSCVR.dll
2023-01-19 18:40 - 2003-12-17 01:01 - 000055808 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\SysWOW64\EEBSDKIF.dll
2023-01-19 18:40 - 2007-03-28 18:26 - 000065536 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\SysWOW64\EEBUtil.dll
2008-08-25 22:50 - 2008-08-25 22:50 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBAME.DLL
2006-10-26 13:45 - 2006-10-26 13:45 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WISPTIS.EXE

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


==================== BCD ================================

Firmware Boot Manager
---------------------
identifier              {fwbootmgr}
displayorder            {bootmgr}
                        {2d167d1b-952a-11ed-9ef5-806e6f6e6963}
                        {2d167d1c-952a-11ed-9ef5-806e6f6e6963}
                        {1959faa4-191d-11ed-9d59-d8bbc1ece906}
                        {1959faa5-191d-11ed-9d59-d8bbc1ece906}
                        {21fbcadc-ad72-11ed-9f1e-806e6f6e6963}
                        {21fbcadd-ad72-11ed-9f1e-806e6f6e6963}
                        {21fbcade-ad72-11ed-9f1e-806e6f6e6963}
timeout                 1

Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=\Device\HarddiskVolume3
path                    \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI
description             Windows Boot Manager
locale                  cs-CZ
inherit                 {globalsettings}
default                 {current}
resumeobject            {d7c5273d-957d-11ed-9efe-d8bbc1ece906}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 0

Firmware Application (101fffff)
-------------------------------
identifier              {1959faa4-191d-11ed-9d59-d8bbc1ece906}
description             Generic Usb Device

Firmware Application (101fffff)
-------------------------------
identifier              {1959faa5-191d-11ed-9d59-d8bbc1ece906}
description             CD/DVD Device

Firmware Application (101fffff)
-------------------------------
identifier              {21fbcadc-ad72-11ed-9f1e-806e6f6e6963}
description             UEFI:CD/DVD Drive

Firmware Application (101fffff)
-------------------------------
identifier              {21fbcadd-ad72-11ed-9f1e-806e6f6e6963}
description             UEFI:Removable Device

Firmware Application (101fffff)
-------------------------------
identifier              {21fbcade-ad72-11ed-9f1e-806e6f6e6963}
description             UEFI:Network Device

Firmware Application (101fffff)
-------------------------------
identifier              {2d167d1b-952a-11ed-9ef5-806e6f6e6963}
description             UEFI: PXE IPv4 Intel(R) Ethernet Connection (17) I219-LM

Firmware Application (101fffff)
-------------------------------
identifier              {2d167d1c-952a-11ed-9ef5-806e6f6e6963}
description             UEFI: PXE IPv6 Intel(R) Ethernet Connection (17) I219-LM

Windows Boot Loader
-------------------
identifier              {d03318d7-bcba-11ed-9f21-7cb5666c8c92}
device                  ramdisk=[C:]\ProgramData\Avast Software\Avast\bootimescan\boottimescan.wim,{d03318d6-bcba-11ed-9f21-7cb5666c8c92}
path                    \windows\system32\winload.efi
description             Avast Boot-Time Scan
osdevice                ramdisk=[C:]\ProgramData\Avast Software\Avast\bootimescan\boottimescan.wim,{d03318d6-bcba-11ed-9f21-7cb5666c8c92}
systemroot              \windows
nx                      OptIn
detecthal               Yes
winpe                   Yes

Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \WINDOWS\system32\winload.efi
description             Windows 11
locale                  cs-CZ
inherit                 {bootloadersettings}
recoverysequence        {d7c52740-957d-11ed-9efe-d8bbc1ece906}
displaymessageoverride  Recovery
recoveryenabled         Yes
isolatedcontext         Yes
allowedinmemorysettings 0x15000075
osdevice                partition=C:
systemroot              \WINDOWS
resumeobject            {d7c5273d-957d-11ed-9efe-d8bbc1ece906}
nx                      OptIn
bootmenupolicy          Standard

Windows Boot Loader
-------------------
identifier              {d7c52740-957d-11ed-9efe-d8bbc1ece906}
device                  ramdisk=[\Device\HarddiskVolume7]\Recovery\WindowsRE\Winre.wim,{d7c52741-957d-11ed-9efe-d8bbc1ece906}
path                    \windows\system32\winload.efi
description             Windows Recovery Environment
locale                  en-US
inherit                 {bootloadersettings}
displaymessage          Recovery
osdevice                ramdisk=[\Device\HarddiskVolume7]\Recovery\WindowsRE\Winre.wim,{d7c52741-957d-11ed-9efe-d8bbc1ece906}
systemroot              \windows
nx                      OptIn
bootmenupolicy          Standard
winpe                   Yes

Windows Boot Loader
-------------------
identifier              {d7c52743-957d-11ed-9efe-d8bbc1ece906}
device                  ramdisk=[C:]\ProgramData\Avast Software\Avast\bootimescan\boottimescan.wim,{d7c52742-957d-11ed-9efe-d8bbc1ece906}
path                    \windows\system32\winload.efi
description             Avast Boot-Time Scan
osdevice                ramdisk=[C:]\ProgramData\Avast Software\Avast\bootimescan\boottimescan.wim,{d7c52742-957d-11ed-9efe-d8bbc1ece906}
systemroot              \windows
nx                      OptIn
detecthal               Yes
winpe                   Yes

Resume from Hibernate
---------------------
identifier              {d7c5273d-957d-11ed-9efe-d8bbc1ece906}
device                  partition=C:
path                    \WINDOWS\system32\winresume.efi
description             Windows Resume Application
locale                  cs-CZ
inherit                 {resumeloadersettings}
recoverysequence        {d7c52740-957d-11ed-9efe-d8bbc1ece906}
recoveryenabled         Yes
isolatedcontext         Yes
allowedinmemorysettings 0x15000075
filedevice              partition=C:
custom:21000026         partition=C:
filepath                \hiberfil.sys
bootmenupolicy          Standard
debugoptionenabled      No

Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=\Device\HarddiskVolume3
path                    \EFI\Microsoft\Boot\memtest.efi
description             Windows Memory Diagnostic
locale                  cs-CZ
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS Settings
------------
identifier              {emssettings}
bootems                 No

Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Local

RAM Defects
-----------
identifier              {badmemory}

Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}

Device options
--------------
identifier              {d03318d6-bcba-11ed-9f21-7cb5666c8c92}
description             Avast Ramdisk options
ramdisksdidevice        partition=C:
ramdisksdipath          \ProgramData\Avast Software\Avast\bootimescan\boot.sdi

Device options
--------------
identifier              {d7c52741-957d-11ed-9efe-d8bbc1ece906}
description             Windows Recovery
ramdisksdidevice        partition=\Device\HarddiskVolume7
ramdisksdipath          \Recovery\WindowsRE\boot.sdi

Device options
--------------
identifier              {d7c52742-957d-11ed-9efe-d8bbc1ece906}
description             Avast Ramdisk options
ramdisksdidevice        partition=C:
ramdisksdipath          \ProgramData\Avast Software\Avast\bootimescan\boot.sdi

==================== End of FRST.txt ========================

Junkware - ni nenalezl

Re: pokus o login na router

Napsal: 11 bře 2023 13:34
od JardaB
ADDITION

Kód: Vybrat vše

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2023
Ran by admin (11-03-2023 12:52:55)
Running from D:\Util\Antivir\FRST
Microsoft Windows 11 Pro Version 22H2 22621.1344 (X64) (2023-01-16 09:15:43)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

admin (S-1-5-21-1125630280-1235911553-1431502420-1001 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-1125630280-1235911553-1431502420-500 - Administrator - Disabled)
buchtik (S-1-5-21-1125630280-1235911553-1431502420-1004 - Limited - Enabled) => C:\Users\buchtik
DefaultAccount (S-1-5-21-1125630280-1235911553-1431502420-503 - Limited - Disabled)
Guest (S-1-5-21-1125630280-1235911553-1431502420-501 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-1125630280-1235911553-1431502420-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.003.20322 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601042}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version:  - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version:  - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version:  - Microsoft)
ANT Drivers Installer x64 (HKLM\...\{AE17953F-B52A-4D8E-8A6A-8409F127E0B4}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 23.2.6053 - Avast Software)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Bitvise SSH Client - FlowSshNet (x64) (HKLM\...\{6234CF5E-1A00-4443-8B8A-877C0D20FEDD}) (Version: 9.26.0.0 - Bitvise Limited) Hidden
Bitvise SSH Client - FlowSshNet (x86) (HKLM-x32\...\{EA7EC9CA-E19A-459A-8DBF-20BF8A72E828}) (Version: 9.26.0.0 - Bitvise Limited) Hidden
Bitvise SSH Client 9.26 (remove only) (HKLM-x32\...\BvSshClient) (Version: 9.26 - Bitvise Limited)
Calliope_Keyboard (HKLM-x32\...\{ABAF0FD5-B68C-4932-B72E-7B7D40B6DA40}_is1) (Version: 1.00.08 - Lenovo)
Cobian Backup 11 Gravity (HKLM-x32\...\CobBackup11) (Version:  - )
Dropbox (HKLM-x32\...\Dropbox) (Version: 169.4.5684 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.733.1 - Dropbox, Inc.) Hidden
Elevated Installer (HKLM-x32\...\{0794CCAE-DAB3-4FAC-85C2-4B9F5DCCF614}) (Version: 7.15.2.0 - Garmin Ltd or its subsidiaries) Hidden
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{26A9B753-4B5D-46D8-A329-5CEF96FC22D2}) (Version: 4.6.5 - Seiko Epson Corporation)
EPSON XP-700 Series Printer Uninstall (HKLM\...\EPSON XP-700 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
f.lux (HKU\S-1-5-21-1125630280-1235911553-1431502420-1004\...\Flux) (Version:  - f.lux Software LLC)
Garmin Express (HKLM-x32\...\{799EBEC4-CDFD-41D8-904A-4B968C64DF51}) (Version: 7.15.2.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{bde189fe-7f26-4da7-9c02-f68549544aff}) (Version: 7.15.2.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 110.0.5481.180 - Google LLC)
Image Composite Editor (HKLM\...\{92AB5708-1AAA-4B1B-A8D5-45CF3AD77519}) (Version: 2.0.3 - Microsoft Corporation)
Lenovo Service Bridge (HKU\S-1-5-21-1125630280-1235911553-1431502420-1004\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 5.0.2.13 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.08.01.0009 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.43.0 - Lenovo Group Ltd.)
Logi Options+ (HKLM\...\{850cdc16-85df-4052-b06e-4e3e9e83c5c6}) (Version: 1.34.376143 - Logitech)
LogiOptionsPlusExcelAddin (HKU\S-1-5-21-1125630280-1235911553-1431502420-1004\...\E851B750DE4EBCD11654EC6A1890DA1BA8051BAA) (Version: 1.34.6143.0 - Logitech)
LogiOptionsPlusPowerPointAddin (HKU\S-1-5-21-1125630280-1235911553-1431502420-1004\...\FD770E72BBBBFBEC1465E9692703E7B29AC4D1B4) (Version: 1.34.6143.0 - Logitech)
LogiOptionsPlusWordAddin (HKU\S-1-5-21-1125630280-1235911553-1431502420-1004\...\6DA7071EEB6DD445E841EA1453492347BE71CFA4) (Version: 1.34.6143.0 - Logitech)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 110.0.1587.69 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 110.0.1587.63 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{6BBE9278-659F-FA16-E4B8-C2D60DE0DCC7}) (Version: 10.1.22621.1863 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
Microsoft Office Access MUI (Czech) 2007 (HKLM-x32\...\{90120000-0015-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Excel MUI (Czech) 2007 (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (Czech) 2007 (HKLM-x32\...\{90120000-00BA-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2007 (HKLM-x32\...\{90120000-0044-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (HKLM\...\{90120000-002A-0000-1000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2007 (HKLM-x32\...\{90120000-00A1-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2007 (HKLM-x32\...\{90120000-001A-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2007 (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Czech) 2007 (HKLM-x32\...\{90120000-001F-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2007 (HKLM-x32\...\{90120000-001F-041B-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2007 (HKLM-x32\...\{90120000-002C-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}) (Version:  - Microsoft) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}) (Version:  - Microsoft) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version:  - Microsoft) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}) (Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (Czech) 2007 (HKLM-x32\...\{90120000-0019-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2007 (HKLM\...\{90120000-002A-0405-1000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2007 (HKLM-x32\...\{90120000-006E-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2007 (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-1125630280-1235911553-1431502420-1001\...\OneDriveSetup.exe) (Version: 23.043.0226.0001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1125630280-1235911553-1431502420-1004\...\OneDriveSetup.exe) (Version: 23.043.0226.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{EF9EBC42-6969-45CE-A8D2-B9249B00C838}) (Version: 5.69.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.24.28127 (HKLM\...\{8678BA04-D161-45BE-ACA4-CC5D13073F35}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.24.28127 (HKLM\...\{7DC387B8-E6A2-480C-8EF9-A6E51AE81C19}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.23.27820 (HKLM-x32\...\{86BE78D9-65A1-4E69-86F8-C1F5281F8553}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.23.27820 (HKLM-x32\...\{00AC3934-26B4-406E-807C-1692AC7329EC}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{7C0242A3-8B66-35D1-9FE0-13B426ACB609}) (Version: 10.0.60729 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.60724 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 102.7.0 - Mozilla)
Mozilla Thunderbird (x64 cs) (HKLM\...\Mozilla Thunderbird 102.8.0 (x64 cs)) (Version: 102.8.0 - Mozilla)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
NVIDIA Ovladač HD audia 1.3.39.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.3 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 512.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 512.52 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Odinstalace tiskárny EPSON Remote Print (HKLM\...\EPSON Remote Print) (Version:  - SEIKO EPSON Corporation)
Odinstalace tiskárny EPSON XP-600 Series (HKLM\...\EPSON XP-600 Series) (Version:  - SEIKO EPSON Corporation)
Opera Stable 96.0.4693.50 (HKU\S-1-5-21-1125630280-1235911553-1431502420-1004\...\Opera 96.0.4693.50) (Version: 96.0.4693.50 - Opera Software)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.322.10 - Tracker Software Products Ltd)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9376.1 - Realtek Semiconductor Corp.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.12 - Ghisler Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
WinFsp installed by Bitvise SSH Client (remove only) (HKLM-x32\...\BvWinFsp) (Version: 1.9.21096 - Bitvise Limited)
Wondershare Filmora 12(Build 12.0.9.1382) (HKU\S-1-5-21-1125630280-1235911553-1431502420-1001\...\Wondershare Filmora 12_is1) (Version:  - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Wondershare NativePush(Build 1.0.0.7) (HKU\S-1-5-21-1125630280-1235911553-1431502420-1001\...\Wondershare NativePush_is1) (Version:  - )

Packages:
=========
Clipchamp -> C:\Program Files\WindowsApps\Clipchamp.Clipchamp_2.5.15.0_neutral__yxz26nhyzhsrt [2023-01-24] (Microsoft Corp.)
Intel(R) Management and Security Status -> C:\Program Files\WindowsApps\AppUp.IntelManagementandSecurityStatus_2219.3.0.0_x64__8j3eq9eme6ctt [2023-01-24] (INTEL CORP) [Startup Task]
Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2301.8.0_x64__k1h2ywk1493x8 [2023-02-13] (LENOVO INC.)
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_53.10126.517.0_x64__8wekyb3d8bbwe [2023-02-16] (Microsoft Corporation)
ms-resource://MicrosoftCorporationII.QuickAssist/resources/APP_WINDOW_NAME -> C:\Program Files\WindowsApps\MicrosoftCorporationII.QuickAssist_2.0.19.0_x64__8wekyb3d8bbwe [2023-03-02] (Microsoft Corp.)
ms-resource:app_name_ms_todo -> C:\Program Files\WindowsApps\Microsoft.Todos_2.91.6552.0_x64__8wekyb3d8bbwe [2023-03-07] (Microsoft Corporation) [Startup Task]
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.52851.0_x64__8wekyb3d8bbwe [2023-01-24] (Microsoft Corporation)
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2023-01-24] (Microsoft Corporation)
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.1.40041.0_x64__8wekyb3d8bbwe [2023-01-25] (Microsoft Corporation)
ms-resource:AppxManifest_DisplayName -> C:\Windows\SystemApps\Microsoft.Windows.PrintQueueActionCenter_cw5n1h2txyewy [2023-01-19] (Microsoft Corporation)
ms-resource:System_Item_Title_IntelGraphicsControlPanel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4628.0_x64__8j3eq9eme6ctt [2023-03-10] (INTEL CORP) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-03-10] (NVIDIA Corp.)
Power Automate -> C:\Program Files\WindowsApps\Microsoft.PowerAutomateDesktop_10.0.5878.0_x64__8wekyb3d8bbwe [2023-03-02] (Microsoft Corporation) [Startup Task]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.40.285.0_x64__dt26b99r8h8gj [2023-02-13] (Realtek Semiconductor Corp)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2023-01-24] (Microsoft Studios) [MS Ad]
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.Core_cw5n1h2txyewy [2023-03-01] (Microsoft Windows)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x64__8wekyb3d8bbwe [2023-02-23] (Microsoft Corporation)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x86__8wekyb3d8bbwe [2023-02-23] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1125630280-1235911553-1431502420-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> C:\Users\admin\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
CustomCLSID: HKU\S-1-5-21-1125630280-1235911553-1431502420-1001_Classes\CLSID\{23B3E3D8-C162-4A8B-AB0C-0905DCB1DF19}\InprocServer32 -> C:\Users\admin\AppData\Local\Packages\Microsoft.PowerAutomateDesktop_8wekyb3d8bbwe\TempState\RDP\DVCPlugin\x64\Microsoft.Flow.RPA.Desktop.UIAutomation.RDP.DVC.Plugin.dll (Microsoft Corporation -> )
CustomCLSID: HKU\S-1-5-21-1125630280-1235911553-1431502420-1001_Classes\CLSID\{D3E34B21-9D75-101A-8C3D-00AA001A1652}\localserver32 -> C:\Program Files\WindowsApps\Microsoft.Paint_11.2301.22.0_x64__8wekyb3d8bbwe\PaintApp\mspaint.exe () [File not signed]
CustomCLSID: HKU\S-1-5-21-1125630280-1235911553-1431502420-1004_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> C:\Users\admin\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
CustomCLSID: HKU\S-1-5-21-1125630280-1235911553-1431502420-1004_Classes\CLSID\{1AC77AE9-9EC6-405A-9F9B-C06AB3C10B71}\InprocServer32 -> C:\Program Files\Microsoft Research\Image Composite Editor\ShellExtension.dll (Microsoft Corporation) [File not signed]
CustomCLSID: HKU\S-1-5-21-1125630280-1235911553-1431502420-1004_Classes\CLSID\{23B3E3D8-C162-4A8B-AB0C-0905DCB1DF19}\InprocServer32 -> C:\Users\buchtik\AppData\Local\Packages\Microsoft.PowerAutomateDesktop_8wekyb3d8bbwe\TempState\RDP\DVCPlugin\x64\Microsoft.Flow.RPA.Desktop.UIAutomation.RDP.DVC.Plugin.dll => No File
CustomCLSID: HKU\S-1-5-21-1125630280-1235911553-1431502420-1004_Classes\CLSID\{D3E34B21-9D75-101A-8C3D-00AA001A1652}\localserver32 -> C:\Program Files\WindowsApps\Microsoft.Paint_11.2301.22.0_x64__8wekyb3d8bbwe\PaintApp\mspaint.exe () [File not signed]
CustomCLSID: HKU\S-1-5-21-1125630280-1235911553-1431502420-1004_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => D:\Dropbox [2023-01-25 17:57]
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-02-28] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-02-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-02-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-02-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvle.inf_amd64_7119698042c67814\nvshext.dll [2022-08-22] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-02-28] (Avast Software s.r.o. -> AVAST Software)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2023-01-24 11:48 - 2016-07-21 10:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2023-01-24 11:48 - 2017-09-12 10:34 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2023-01-19 17:25 - 2013-03-07 23:07 - 000056320 _____ (Alphaleonis) [File not signed] C:\Program Files (x86)\Cobian Backup 11\AlphaVSS.Common.dll
2023-01-19 17:25 - 2013-03-07 23:07 - 000166400 _____ (Alphaleonis) [File not signed] C:\Program Files (x86)\Cobian Backup 11\AlphaVSS.Win2008.x64.dll
2023-03-10 10:41 - 2023-03-10 10:41 - 039165440 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4628.0_x64__8j3eq9eme6ctt\IGCC.dll
2023-01-19 17:25 - 2013-03-07 23:07 - 000009728 _____ (Luis Cobian) [File not signed] C:\Program Files (x86)\Cobian Backup 11\CobStringList.dll
2023-01-19 17:25 - 2013-03-07 23:27 - 002684928 _____ (Luis Cobian, CobianSoft) [File not signed] C:\Program Files (x86)\Cobian Backup 11\cbEngine.dll
2015-02-24 14:49 - 2015-02-24 14:49 - 000236544 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Microsoft Research\Image Composite Editor\ShellExtension.dll
2023-01-19 18:40 - 2007-09-18 16:44 - 000421888 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBIPDev.dll
2023-01-19 18:40 - 2007-09-10 15:03 - 000110592 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBLPBidiDev.dll
2023-01-19 18:40 - 2006-12-26 14:58 - 000233544 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBMSDev.dll
2023-01-19 18:40 - 2004-11-17 16:56 - 000286720 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBNWDev.dll
2023-01-19 18:40 - 2007-09-10 15:32 - 000135168 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBRSVC.dll
2023-01-19 18:40 - 2006-08-30 01:02 - 000106496 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\epLocalBidi.dll
2023-01-23 18:11 - 2012-11-12 15:15 - 000558592 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enppmon.dll
2023-01-23 18:11 - 2012-10-22 17:19 - 000219648 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enpres.dll
2023-01-24 11:48 - 2017-09-12 10:36 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TextInputManagementService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => ""="Memory"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TextInputManagementService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2021-06-05 13:08 - 2021-06-05 13:08 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> ;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Bitvise SSH Client;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\
HKU\S-1-5-21-1125630280-1235911553-1431502420-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-1125630280-1235911553-1431502420-1004\Control Panel\Desktop\\Wallpaper -> d:\onedrive\dokumenty\směs - různé\pozadí\chinese-painting-horses-couple-tree-wood-nature-yellow-background-chinese-painting-painting.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1125630280-1235911553-1431502420-1004\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_B091FC71F8FC7C8A0DB84B81365E5C72"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A6165498-AB96-492E-8CC6-ED47A0B6E28F}] => (Allow) C:\Users\admin\AppData\Roaming\OTi\MacKMLink1579\FunctModules\{92EEDB7D-755A-4a90-A79D-C0BD0ACF1A7F}\nExtClient.exe (MAGIC CONTROL TECHNOLOGY CORPORATION -> Magic Control Technology Corp.)
FirewallRules: [{06C64EC2-8E35-40C3-9C30-629102E18FF1}] => (Allow) C:\Users\admin\AppData\Roaming\OTi\MacKMLink1579\FunctModules\{92EEDB7D-755A-4a90-A79D-C0BD0ACF1A7F}\nExtClient.exe (MAGIC CONTROL TECHNOLOGY CORPORATION -> Magic Control Technology Corp.)
FirewallRules: [{10FD15C7-EDCF-46FB-928A-42AEC70AF122}] => (Allow) LPort=56001
FirewallRules: [{7D789C35-3FD4-4341-BE29-0800E8E040ED}] => (Allow) C:\Users\admin\AppData\Roaming\OTi\MacKMLink1579\FunctModules\{92EEDB7D-755A-4a90-A79D-C0BD0ACF1A7F}\mExtSrv.exe (MAGIC CONTROL TECHNOLOGY CORPORATION -> Magic Control Technology Corp.)
FirewallRules: [{E9D34FA9-99FD-448F-B3CC-212653E950B2}] => (Allow) C:\Users\admin\AppData\Roaming\OTi\MacKMLink1579\FunctModules\{92EEDB7D-755A-4a90-A79D-C0BD0ACF1A7F}\mExtSrv.exe (MAGIC CONTROL TECHNOLOGY CORPORATION -> Magic Control Technology Corp.)
FirewallRules: [{7AE4ECB5-D9B0-455A-841F-4CF03587C675}] => (Allow) LPort=57688
FirewallRules: [{B87F9846-E355-4E09-B374-40CAE56AE6F5}] => (Allow) LPort=55798
FirewallRules: [{B597A9BD-7EDD-49B5-926E-57BFB43F18C3}] => (Allow) LPort=55797
FirewallRules: [{74357A27-F9A6-4BD5-B547-CCD8089B0A7F}] => (Allow) LPort=55796
FirewallRules: [{5B1BDF3E-AA47-4CF2-897E-41814A118F4F}] => (Allow) LPort=55795
FirewallRules: [{C750F6E3-FFEB-4E7E-865A-77501AB916A1}] => (Allow) LPort=55794
FirewallRules: [{1CED1776-4C3D-4F0B-A0FD-0C31EF4B6495}] => (Allow) LPort=55793
FirewallRules: [{C34AF50B-BCFC-4349-9F69-474B728D4186}] => (Allow) LPort=55792
FirewallRules: [{542B398C-14E6-4E62-BCAA-04701623BED5}] => (Allow) LPort=55791
FirewallRules: [{ABCE7411-CFE9-4966-81E3-4FD21536F848}] => (Allow) LPort=55790
FirewallRules: [{B6FF3D25-2727-4D2D-B416-497A742682C0}] => (Allow) LPort=55789
FirewallRules: [{142B2ACB-ADBB-44C6-A4BE-527060606BB4}] => (Allow) LPort=55788
FirewallRules: [{6B2BC438-7AAB-4A4F-A511-BBF2D62C2A42}] => (Allow) LPort=55787
FirewallRules: [{2E1E558D-B9CF-44BB-8241-5F9329F6F653}] => (Allow) LPort=55786
FirewallRules: [{6465D796-4B8E-41D1-BDFF-F384FB7650E4}] => (Allow) LPort=55785
FirewallRules: [{FD0C9642-4D12-45F6-A08B-C9F07CD4EC43}] => (Allow) LPort=55784
FirewallRules: [{AF12A515-261C-42F8-B12E-6908B35538AE}] => (Allow) LPort=55783
FirewallRules: [{6C3CF521-7FCB-4F46-BE18-23DF34B2F191}] => (Allow) LPort=55782
FirewallRules: [{F285B87A-8ABA-4805-B563-ECB56BBD2FC3}] => (Allow) LPort=55781
FirewallRules: [{F32578C6-9845-43B7-9310-AE164E5AF4DC}] => (Allow) LPort=55780
FirewallRules: [{CA99E932-EB3F-47E1-8CE1-535106CFA7B6}] => (Allow) LPort=55779
FirewallRules: [{7399577E-D822-4B8A-9872-E2E24B2686DB}] => (Allow) LPort=55778
FirewallRules: [{EFDD0762-B42F-4987-8E7C-E90AD4A66313}] => (Allow) LPort=55777
FirewallRules: [{9642E0CF-F040-450C-A041-513A6B14E67F}] => (Allow) LPort=55776
FirewallRules: [{C23B7DE8-9C21-4CC5-B4C0-2EE9A1EA09C6}] => (Allow) LPort=55775
FirewallRules: [{04DF6017-4FAF-4AF6-8B73-8778FD4D6D56}] => (Allow) LPort=55774
FirewallRules: [{89F96EA8-EA21-4626-A3E5-DF23628FA2D6}] => (Allow) LPort=55773
FirewallRules: [{6883C0C5-30BF-4614-90EA-A6AB423EC8AD}] => (Allow) LPort=55772
FirewallRules: [{F7A38D75-BB6C-4817-831C-91435C7E53DA}] => (Allow) LPort=55771
FirewallRules: [{EA2C7847-DB2A-4009-9737-8ECF9ED47AC0}] => (Allow) LPort=55770
FirewallRules: [{956231F3-33B1-4084-8BE4-AB94E2C93E56}] => (Allow) LPort=55769
FirewallRules: [{06C79DE2-44E1-4978-9A2A-9B7B8EFD97E3}] => (Allow) LPort=55768
FirewallRules: [{5F96D016-08EC-4D21-8B59-45BE14D1BD93}] => (Allow) LPort=55767
FirewallRules: [{6090E64A-67F4-47E6-B895-C2F303C731DD}] => (Allow) LPort=55766
FirewallRules: [{81C54E8C-CC2D-4108-A10E-856E1CE9BC7D}] => (Allow) LPort=55765
FirewallRules: [{9297F47E-8C02-42DC-A155-5CB4C61715CC}] => (Allow) LPort=55764
FirewallRules: [{0054B38C-E259-4B93-91E0-540D2BF1F0B0}] => (Allow) LPort=55763
FirewallRules: [{7F2EB7BB-B6BA-406C-95DA-9C5F8B823484}] => (Allow) LPort=55762
FirewallRules: [{81E38318-7462-4B32-9755-606B1B60BBC3}] => (Allow) LPort=55761
FirewallRules: [{28F96C5E-D324-45E1-9D0B-B2387534BF8B}] => (Allow) LPort=55760
FirewallRules: [{01155619-4FDE-439E-9FE2-B53C3D36BF3F}] => (Allow) LPort=55759
FirewallRules: [{F74BF2AC-C7AB-4ECF-96C2-A8E5D8ABBEEE}] => (Allow) LPort=55758
FirewallRules: [{410CC535-6CBB-4D48-8FD4-B7FF7DBC1FFF}] => (Allow) LPort=55757
FirewallRules: [{70134448-05A7-4A8E-A9B7-842A7D906583}] => (Allow) LPort=55756
FirewallRules: [{2B005F78-BE35-460F-A80E-DEA68EE46E61}] => (Allow) LPort=55755
FirewallRules: [{471B22A7-DDB0-4B6A-B97F-51C4F073BA3B}] => (Allow) LPort=55754
FirewallRules: [{198FBC2D-D678-449E-832F-102CD25C3C05}] => (Allow) LPort=55753
FirewallRules: [{BC2FD8AF-2E32-4C4B-9F5E-229529C866C3}] => (Allow) LPort=55752
FirewallRules: [{345AC68C-AA9A-4956-B173-8996EFEE6857}] => (Allow) LPort=55751
FirewallRules: [{2F3B2F4E-952A-47CE-9A67-F6983168F873}] => (Allow) LPort=55750
FirewallRules: [{BBD8FF0A-7E45-4688-91C7-8D112F358C3A}] => (Allow) LPort=55749
FirewallRules: [{C030B4F0-CB90-42D8-A632-B73AB1E27E4E}] => (Allow) LPort=55748
FirewallRules: [{D2E92330-F199-4FB9-8E15-133CAD97D15A}] => (Allow) LPort=55747
FirewallRules: [{1C8350A0-3734-4097-BA98-6EDC99AF0D19}] => (Allow) LPort=55746
FirewallRules: [{B16345E0-1FD0-457F-9B97-92EC7380A49B}] => (Allow) LPort=55745
FirewallRules: [{802D5C2C-E7AB-40C8-BE97-5952886ED853}] => (Allow) LPort=55744
FirewallRules: [{B7FC3479-F188-4CB7-8C11-39ACC48571EE}] => (Allow) LPort=55743
FirewallRules: [{75D7AC85-4927-47AE-BBEC-E0A1EBF82B3B}] => (Allow) LPort=55742
FirewallRules: [{8972ED3E-F423-4B04-A78C-CA33307B9BDA}] => (Allow) LPort=55741
FirewallRules: [{F705793B-107F-409C-92E4-7A396692D824}] => (Allow) LPort=55740
FirewallRules: [{12594B09-2686-4B94-BE34-2597A2D290B4}] => (Allow) LPort=55739
FirewallRules: [{1D2B499E-5BFD-488E-8DA5-F553865C9779}] => (Allow) LPort=55738
FirewallRules: [{754E30C7-2048-4CC9-B8B8-DA4D16CA04CD}] => (Allow) LPort=55737
FirewallRules: [{3273275C-1EA5-41C5-855D-762B11B1ABC6}] => (Allow) LPort=55736
FirewallRules: [{B5EE5349-1150-4002-BDB0-FF25EB12DFEA}] => (Allow) LPort=55735
FirewallRules: [{01112444-E9A7-4FDF-9373-6CCF1AA2EB56}] => (Allow) LPort=55734
FirewallRules: [{B0881324-AA8C-4575-BC57-D32CEDA7D50D}] => (Allow) LPort=55733
FirewallRules: [{223E887B-BF51-4969-9620-3F8B313CD356}] => (Allow) LPort=55732
FirewallRules: [{38160E04-6F92-4013-8732-9420148186EB}] => (Allow) LPort=55731
FirewallRules: [{C1781851-1879-4025-9E55-CDE77C30728E}] => (Allow) LPort=55730
FirewallRules: [{C83516DA-614C-4C65-A78C-77F2AE109DA5}] => (Allow) LPort=55729
FirewallRules: [{5FC8AE36-C3BC-420D-AD5F-25A5E13F4CA5}] => (Allow) LPort=55728
FirewallRules: [{D7F8D0DB-019C-499D-BB9C-27FFB64C5035}] => (Allow) LPort=55727
FirewallRules: [{8C6ECB07-8DA7-4FBE-B9FB-26605C770BD6}] => (Allow) LPort=55726
FirewallRules: [{B0A31D16-93D4-40C6-ADF4-DCDFBE893789}] => (Allow) LPort=55725
FirewallRules: [{F7BB2DA3-5A18-4952-A4B5-30FFEC85F2D8}] => (Allow) LPort=55724
FirewallRules: [{BF4428A3-E61B-4532-9170-AEBFF8839A42}] => (Allow) LPort=55723
FirewallRules: [{9690BB9D-88B5-42AF-BBA5-0098A91A1C6A}] => (Allow) LPort=55722
FirewallRules: [{8D437817-C15C-4772-94E4-FF508B0A0655}] => (Allow) LPort=55721
FirewallRules: [{DE821403-BA65-4614-87A6-87DA71918A69}] => (Allow) LPort=55720
FirewallRules: [{316A33C3-35CE-4324-BCA1-6D38D9082820}] => (Allow) LPort=55719
FirewallRules: [{C636BBD7-7EF3-4F52-96F1-1C372B89ABE3}] => (Allow) LPort=55718
FirewallRules: [{1BEADB94-EE12-4CBA-920F-2A990BD2FD55}] => (Allow) LPort=55717
FirewallRules: [{BEF600E5-9475-47CF-ADCF-3D2E404F4DC9}] => (Allow) LPort=55716
FirewallRules: [{A104B61E-BD53-4473-828C-3B058AD77FC8}] => (Allow) LPort=55715
FirewallRules: [{F943CF73-08F7-456D-A4B5-0B9FDC0A5615}] => (Allow) LPort=55714
FirewallRules: [{1C896FEA-7A67-4D59-BAD4-507A9CF3B7CC}] => (Allow) LPort=55713
FirewallRules: [{9B30EE20-9C2C-4973-A694-02F896CE1719}] => (Allow) LPort=55712
FirewallRules: [{BC863DAE-420F-41FC-A5DD-BE66CFFF0D1C}] => (Allow) LPort=55711
FirewallRules: [{74C2AE1D-D498-4E20-B485-FF046A09D034}] => (Allow) LPort=55710
FirewallRules: [{64A4DE2E-3CBC-4E43-8ECB-034E6D30F6F1}] => (Allow) LPort=55709
FirewallRules: [{31CEA06D-19DB-4B7B-A1F4-D4DB7EA327B4}] => (Allow) LPort=55708
FirewallRules: [{AFDD7CA6-C49D-4944-8176-00D8CBD0256C}] => (Allow) LPort=55707
FirewallRules: [{F18307E6-8C92-494C-8B0A-33A5A2F1067E}] => (Allow) LPort=55706
FirewallRules: [{833A0786-D470-40C7-A1DE-5EBE2B6EB2D8}] => (Allow) LPort=55705
FirewallRules: [{42459990-B407-4884-A5B1-69941A0B8559}] => (Allow) LPort=55704
FirewallRules: [{3CB456CA-C9F5-4806-902D-95F759DBAE5E}] => (Allow) LPort=55703
FirewallRules: [{5E463518-6366-4B66-908A-76B2EC075375}] => (Allow) LPort=55702
FirewallRules: [{790E2FF6-D12A-40A3-8BA0-9B186D752D7E}] => (Allow) LPort=55701
FirewallRules: [{00C4792D-3972-44AD-AA28-1988A66143D4}] => (Allow) LPort=55799
FirewallRules: [{13E2496D-7A03-412B-9F27-0FCDC51C67C6}] => (Allow) C:\Users\admin\AppData\Roaming\OTi\MacKMLink1579\FunctModules\{92EEDB7D-755A-4a90-A79D-C0BD0ACF1A7F}\VSManager.exe (MAGIC CONTROL TECHNOLOGY CORPORATION -> MCT)
FirewallRules: [{23C09397-9C8F-4207-A9D9-409CABBE13B3}] => (Allow) C:\Users\admin\AppData\Roaming\OTi\MacKMLink1579\FunctModules\{92EEDB7D-755A-4a90-A79D-C0BD0ACF1A7F}\VSManager.exe (MAGIC CONTROL TECHNOLOGY CORPORATION -> MCT)
FirewallRules: [{999CD7FA-57F2-493A-AC87-5CA04B3FE4C9}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{9F003521-DD28-41A0-AA24-75B420BB5C98}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{73995057-041D-4507-9FC0-052D9BA71052}] => (Allow) C:\Program Files (x86)\Epson Software\ECPrinterSetup\ENPApp.exe => No File
FirewallRules: [{411761AB-A8BE-4516-A56F-C4076AF5263D}] => (Allow) C:\Program Files (x86)\Epson Software\ECPrinterSetup\ENPApp.exe => No File
FirewallRules: [{300A4334-278D-4598-89A4-B23441FE1CCA}] => (Allow) C:\Users\admin\AppData\Local\Temp\EPSON XP-600 Series_Home\Network\EpsonNetSetup\Data\ENEasyApp.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [{072224CD-4EC4-4B4B-BFB4-93EEF30FF727}] => (Allow) C:\Users\admin\AppData\Local\Temp\EPSON XP-600 Series_Home\Network\EpsonNetSetup\Data\ENEasyApp.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [{C20D8ECF-0503-45D8-AA28-348A877444CC}] => (Allow) C:\Users\admin\AppData\Local\Temp\EPSON XP-700 Series_Home\Network\EpsonNetSetup\Data\ENEasyApp.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [{662F9DD2-3502-427C-BD72-1E83355145D2}] => (Allow) C:\Users\admin\AppData\Local\Temp\EPSON XP-700 Series_Home\Network\EpsonNetSetup\Data\ENEasyApp.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [TCP Query User{24070CB3-7DF6-41D8-B9DD-69912C7A049E}D:\util\winamp\winamp.exe] => (Allow) D:\util\winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [UDP Query User{BB1D4AB6-0742-42A4-91AF-5238EA6D1A46}D:\util\winamp\winamp.exe] => (Allow) D:\util\winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [TCP Query User{A8CDC26C-6F0F-474F-8398-8DE842635C46}C:\users\buchtik\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\buchtik\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{A0845B71-D062-4EF8-9262-390CA9604FA2}C:\users\buchtik\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\buchtik\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{6421F2D1-35A3-4E91-82AB-FDF87806A3BA}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{9EB86F3D-0E66-4EA5-BB50-9DDA7A81D8A4}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{54EB850D-ADDC-4A5F-A5EF-A5F9EB699959}] => (Allow) C:\Users\admin\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
FirewallRules: [TCP Query User{0F55354C-FA5E-46D8-9E07-3AAA56892D2E}C:\users\buchtik\appdata\local\programs\opera\opera.exe] => (Block) C:\users\buchtik\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{28973EB1-AE89-4F91-B0D7-399969E3D0D6}C:\users\buchtik\appdata\local\programs\opera\opera.exe] => (Block) C:\users\buchtik\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{9BC5F7B3-E5AA-4FCC-8792-310D36C809CC}] => (Allow) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{F6FD07E8-E962-417F-8E6D-04455833C9E3}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{344EA591-59E5-42F9-A6D2-C535EC05E94F}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [TCP Query User{E665BB32-8F7A-4E96-A668-F5B8C19D62F0}C:3\game\aoe2de.exe] => (Allow) C:3\game\aoe2de.exe => No File
FirewallRules: [UDP Query User{5CF35535-667D-4D9E-BCE2-F46A57589E57}C:3\game\aoe2de.exe] => (Allow) C:3\game\aoe2de.exe => No File
FirewallRules: [TCP Query User{9AD04571-41ED-4925-ACB2-8ECFEC3BA52B}C:3\game\battleserver\battleserver.exe] => (Allow) C:3\game\battleserver\battleserver.exe => No File
FirewallRules: [UDP Query User{DA56BA18-9EB1-45CC-A14D-192FB0963FDC}C:3\game\battleserver\battleserver.exe] => (Allow) C:3\game\battleserver\battleserver.exe => No File
FirewallRules: [{380C7EFF-EF81-47F9-BEE6-61BCDDE27D7D}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.63\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4CAA6050-09DC-46F0-A2D8-6399D771CFB2}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{8D845C99-D807-4AF6-90BD-6912E3155149}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23047.400.1873.7204_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8A09429E-E746-4149-A9AC-2661E755BF19}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23047.400.1873.7204_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B34932AB-074D-4895-9B9B-44EC0B89DAFD}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

11-03-2023 11:00:12 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/10/2023 03:41:54 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: express.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: kód výjimky c0000005, adresa výjimky 62C65D4E
Zásobník:

Error: (03/10/2023 03:12:14 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: overseer.exe, verze: 1.0.465.0, časové razítko: 0x63b6c96b
Název chybujícího modulu: overseer.exe, verze: 1.0.465.0, časové razítko: 0x63b6c96b
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000000f911
ID chybujícího procesu: 0x0x3b98
Čas spuštění chybující aplikace: 0x0x1d9535a2b9f3e06
Cesta k chybující aplikaci: C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe
Cesta k chybujícímu modulu: C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe
ID zprávy: 0ec26112-13c9-4811-ae15-3d5abfa84fd1
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (03/09/2023 09:18:04 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
   Shromažďování dat modulu pro zápis

Kontext:
   ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
   Název modulu pro zápis: System Writer
   ID instance modulu pro zápis: {61937bfd-5fb0-4cbf-b34d-f30e7a8a0eac}

Error: (03/09/2023 07:45:03 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
   Shromažďování dat modulu pro zápis

Kontext:
   ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
   Název modulu pro zápis: System Writer
   ID instance modulu pro zápis: {61937bfd-5fb0-4cbf-b34d-f30e7a8a0eac}

Error: (03/09/2023 07:20:07 PM) (Source: Application Error) (EventID: 1000) (User: LENOVO)
Description: Název chybující aplikace: logioptionsplus_agent.exe, verze: 1.34.6143.0, časové razítko: 0x63f8dcd1
Název chybujícího modulu: ntdll.dll, verze: 10.0.22621.1344, časové razítko: 0x8381da15
Kód výjimky: 0xc0000374
Posun chyby: 0x000000000010be19
ID chybujícího procesu: 0x0xb08
Čas spuštění chybující aplikace: 0x0x1d951ea7334a4aa
Cesta k chybující aplikaci: C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 25df62dc-71eb-420d-a498-95704f2971e3
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (03/09/2023 03:57:04 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
   Shromažďování dat modulu pro zápis

Kontext:
   ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
   Název modulu pro zápis: System Writer
   ID instance modulu pro zápis: {61937bfd-5fb0-4cbf-b34d-f30e7a8a0eac}

Error: (03/09/2023 08:59:03 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
   Shromažďování dat modulu pro zápis

Kontext:
   ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
   Název modulu pro zápis: System Writer
   ID instance modulu pro zápis: {61937bfd-5fb0-4cbf-b34d-f30e7a8a0eac}

Error: (03/08/2023 08:26:15 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: overseer.exe, verze: 1.0.465.0, časové razítko: 0x63b6c96b
Název chybujícího modulu: overseer.exe, verze: 1.0.465.0, časové razítko: 0x63b6c96b
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000000f911
ID chybujícího procesu: 0x0x4f0c
Čas spuštění chybující aplikace: 0x0x1d951e47382ac70
Cesta k chybující aplikaci: C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe
Cesta k chybujícímu modulu: C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe
ID zprávy: a1837932-8a4e-42e2-86ee-0b8a044e89ea
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (03/10/2023 03:39:55 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO)
Description: Server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/10/2023 10:41:22 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9PLFNLNT3G5G-AppUp.IntelGraphicsExperience.

Error: (03/10/2023 09:00:24 AM) (Source: DCOM) (EventID: 10010) (User: LENOVO)
Description: Server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/07/2023 08:51:52 AM) (Source: DCOM) (EventID: 10010) (User: LENOVO)
Description: Server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/07/2023 08:47:45 AM) (Source: DCOM) (EventID: 10010) (User: LENOVO)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/06/2023 09:03:28 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9MSSGKG348SP-MicrosoftWindows.Client.WebExperience.

Error: (03/05/2023 10:34:35 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9MSSGKG348SP-MicrosoftWindows.Client.WebExperience.

Error: (03/04/2023 11:42:56 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9MSSGKG348SP-MicrosoftWindows.Client.WebExperience.


CodeIntegrity:
===============
Date: 2023-03-09 15:11:08
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2023-03-09 14:16:58
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume5\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.


==================== Memory info =========================== 

BIOS: LENOVO M40KT3EA 02/15/2023
Motherboard: LENOVO 32C8
Processor: 12th Gen Intel(R) Core(TM) i7-12700
Percentage of memory in use: 58%
Total physical RAM: 16097.4 MB
Available physical RAM: 6751.13 MB
Total Virtual: 17121.4 MB
Available Virtual: 4414.96 MB

==================== Drives ================================

Drive c: (SYSTEM) (Fixed) (Total:213.66 GB) (Free:128.95 GB) (Model: Micron MTFDKBA512TFK) NTFS
Drive d: (DATA) (Fixed) (Total:261.06 GB) (Free:237.27 GB) (Model: Micron MTFDKBA512TFK) NTFS
Drive i: (SKLAD) (Fixed) (Total:1863 GB) (Free:1160.8 GB) (Model: WDC WD20EZAZ-00L9GB0) NTFS

\\?\Volume{ef3ec713-5961-477d-98b8-ea0b55b79324}\ (WinRE_DRV) (Fixed) (Total:1.95 GB) (Free:1.18 GB) NTFS
\\?\Volume{baa6d248-0f4b-4242-83c9-f46a2bd17bb7}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: CA191010)

Partition: GPT.

==========================================================
Disk: 1 (Size: 476.9 GB) (Disk ID: A4EA1909)

Partition: GPT.

==================== End of Addition.txt =======================

FIXLOG

Kód: Vybrat vše

Fix result of Farbar Recovery Scan Tool (x64) Version: 11-03-2023
Ran by admin (11-03-2023 13:18:58) Run:1
Running from D:\Util\Antivir\FRST
Loaded Profiles: admin & buchtik
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {41DDA3C8-0BD1-45F7-A656-4E20A487CDE5} - System32\Tasks\GoogleUpdateTaskMachineUA{34046CB5-0878-441F-82D3-2BED1C4D4F8D} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-02-22] (Google LLC -> Google LLC)
Task: {4D7EE67A-4ADD-46D7-857E-13C847315009} - System32\Tasks\GoogleUpdateTaskMachineCore{26097684-3595-477D-B3AB-B738AEDD4D01} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-02-22] (Google LLC -> Google LLC)

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{41DDA3C8-0BD1-45F7-A656-4E20A487CDE5}" => not found
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA{34046CB5-0878-441F-82D3-2BED1C4D4F8D}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA{34046CB5-0878-441F-82D3-2BED1C4D4F8D}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D7EE67A-4ADD-46D7-857E-13C847315009}" => not found
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore{26097684-3595-477D-B3AB-B738AEDD4D01}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{26097684-3595-477D-B3AB-B738AEDD4D01}" => not found

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 21653746 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 215045815 B
Edge => 0 B
Chrome => 380904871 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 12288 B
ProgramData => 12288 B
Public => 12288 B
systemprofile => 35796 B
systemprofile32 => 35796 B
LocalService => 849546 B
NetworkService => 850710 B
admin => 515037787 B
buchtik => 1559026698 B

RecycleBin => 274695611 B
EmptyTemp: => 2.8 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 13:19:37 ====

Re: pokus o login na router

Napsal: 11 bře 2023 15:43
od Rudy
K čemu je ten fixlog. To je z předchozího, nebo jste si hrál s FRST sám?

Re: pokus o login na router

Napsal: 11 bře 2023 16:21
od JardaB
Mechanický z předchozího

Re: pokus o login na router

Napsal: 11 bře 2023 17:17
od Rudy
Aha. Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
FirewallRules: [{73995057-041D-4507-9FC0-052D9BA71052}] => (Allow) C:\Program Files (x86)\Epson Software\ECPrinterSetup\ENPApp.exe => No File
FirewallRules: [{411761AB-A8BE-4516-A56F-C4076AF5263D}] => (Allow) C:\Program Files (x86)\Epson Software\ECPrinterSetup\ENPApp.exe => No File
FirewallRules: [TCP Query User{E665BB32-8F7A-4E96-A668-F5B8C19D62F0}C:3\game\aoe2de.exe] => (Allow) C:3\game\aoe2de.exe => No File
FirewallRules: [UDP Query User{5CF35535-667D-4D9E-BCE2-F46A57589E57}C:3\game\aoe2de.exe] => (Allow) C:3\game\aoe2de.exe => No File
FirewallRules: [TCP Query User{9AD04571-41ED-4925-ACB2-8ECFEC3BA52B}C:3\game\battleserver\battleserver.exe] => (Allow) C:3\game\battleserver\battleserver.exe => No File
FirewallRules: [UDP Query User{DA56BA18-9EB1-45CC-A14D-192FB0963FDC}C:3\game\battleserver\battleserver.exe] => (Allow) C:3\game\battleserver\battleserver.exe => No File
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-1125630280-1235911553-1431502420-1001\...\Run: [LenovoVantage] => C:\ProgramData\Lenovo\Vantage\Addins\LenovoCompanionAppAddin\1.0.0.20\LenovoVantage.exe (No File)
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (No File)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {7822A875-E415-463C-BB23-80506409EDB8} - System32\Tasks\Meta\Messenger-WSP-Helper-S-1-5-21-1125630280-1235911553-1431502420-1004 => MessengerHelper.exe --lassie (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File)
S3 esihdrv; C:\Users\admin\AppData\Local\Temp\esihdrv.sys [205464 2023-02-28] (ESET, spol. s r.o. -> ESET) <==== ATTENTION

EmptyTemp:
End
Uložte do D:\Util\Antivir\FRST jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: pokus o login na router

Napsal: 11 bře 2023 17:31
od JardaB
Fixlist.txt

Kód: Vybrat vše

Fix result of Farbar Recovery Scan Tool (x64) Version: 11-03-2023
Ran by admin (11-03-2023 17:25:18) Run:2
Running from D:\Util\Antivir\FRST
Loaded Profiles: admin & buchtik
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
FirewallRules: [{73995057-041D-4507-9FC0-052D9BA71052}] => (Allow) C:\Program Files (x86)\Epson Software\ECPrinterSetup\ENPApp.exe => No File
FirewallRules: [{411761AB-A8BE-4516-A56F-C4076AF5263D}] => (Allow) C:\Program Files (x86)\Epson Software\ECPrinterSetup\ENPApp.exe => No File
FirewallRules: [TCP Query User{E665BB32-8F7A-4E96-A668-F5B8C19D62F0}C:3\game\aoe2de.exe] => (Allow) C:3\game\aoe2de.exe => No File
FirewallRules: [UDP Query User{5CF35535-667D-4D9E-BCE2-F46A57589E57}C:3\game\aoe2de.exe] => (Allow) C:3\game\aoe2de.exe => No File
FirewallRules: [TCP Query User{9AD04571-41ED-4925-ACB2-8ECFEC3BA52B}C:3\game\battleserver\battleserver.exe] => (Allow) C:3\game\battleserver\battleserver.exe => No File
FirewallRules: [UDP Query User{DA56BA18-9EB1-45CC-A14D-192FB0963FDC}C:3\game\battleserver\battleserver.exe] => (Allow) C:3\game\battleserver\battleserver.exe => No File
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-1125630280-1235911553-1431502420-1001\...\Run: [LenovoVantage] => C:\ProgramData\Lenovo\Vantage\Addins\LenovoCompanionAppAddin\1.0.0.20\LenovoVantage.exe (No File)
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (No File)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {7822A875-E415-463C-BB23-80506409EDB8} - System32\Tasks\Meta\Messenger-WSP-Helper-S-1-5-21-1125630280-1235911553-1431502420-1004 => MessengerHelper.exe --lassie (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File)
S3 esihdrv; C:\Users\admin\AppData\Local\Temp\esihdrv.sys [205464 2023-02-28] (ESET, spol. s r.o. -> ESET) <==== ATTENTION

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{73995057-041D-4507-9FC0-052D9BA71052}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{411761AB-A8BE-4516-A56F-C4076AF5263D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E665BB32-8F7A-4E96-A668-F5B8C19D62F0}C:3\game\aoe2de.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5CF35535-667D-4D9E-BCE2-F46A57589E57}C:3\game\aoe2de.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9AD04571-41ED-4925-ACB2-8ECFEC3BA52B}C:3\game\battleserver\battleserver.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DA56BA18-9EB1-45CC-A14D-192FB0963FDC}C:3\game\battleserver\battleserver.exe" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
"HKU\S-1-5-21-1125630280-1235911553-1431502420-1001\Software\Microsoft\Windows\CurrentVersion\Run\\LenovoVantage" => removed successfully
"C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE" => not found
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7822A875-E415-463C-BB23-80506409EDB8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7822A875-E415-463C-BB23-80506409EDB8}" => removed successfully
C:\WINDOWS\System32\Tasks\Meta\Messenger-WSP-Helper-S-1-5-21-1125630280-1235911553-1431502420-1004 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Meta\Messenger-WSP-Helper-S-1-5-21-1125630280-1235911553-1431502420-1004" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
HKLM\System\CurrentControlSet\Services\esihdrv => removed successfully
esihdrv => service removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 2104856 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 27145 B
Edge => 0 B
Chrome => 0 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 12048 B
NetworkService => 12048 B
admin => 266903 B
buchtik => 844392 B

RecycleBin => 0 B
EmptyTemp: => 3.1 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 17:25:23 ====

Re: pokus o login na router

Napsal: 11 bře 2023 17:58
od Rudy
Smazáno, log by již měl být OK.
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz