VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Ukradnuté hesla, prosím o kontrolu

https://forum.viry.cz:443/viewtopic.php?t=159086

Stránka 1 z 1

Ukradnuté hesla, prosím o kontrolu

Napsal: 20 bře 2023 17:05
od Lacko12345
Dobrý den, minulý týden se mi někdo naboural do emailu a dnes manželce. Oba emaily měli uložené hesla na PC (win11). Prosím o kontrolu logu, nevím zda máme v PC nějakou havěť nebo nám někde unikly hesla. Mockrát díky

Re: Ukradnuté hesla, prosím o kontrolu

Napsal: 20 bře 2023 18:01
od Rudy
Zdravím!
Dejte lpgy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 .

Re: Ukradnuté hesla, prosím o kontrolu

Napsal: 20 bře 2023 20:27
od Lacko12345
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-03-2023
Ran by urban (administrator) on LACKŢVPC (Micro-Star International Co., Ltd MS-7C02) (20-03-2023 16:56:08)
Running from C:\Users\urban\Desktop
Loaded Profiles: urban
Platform: Microsoft Windows 11 Pro Version 22H2 22621.1413 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Autodesk, Inc. -> Autodesk, Inc.) C:\Users\urban\AppData\Roaming\Autodesk\ADPSDK\bin\ADPClientService.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\12.1.0.7121\AdskLicensingService\AdskLicensingService.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessServiceHost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_10.75.13001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_10.75.13001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\Sgrm\SgrmBroker.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_1c0a31316508effa\RtkAudUService64.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_1c0a31316508effa\RtkAudUService64.exe [1596776 2022-09-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [26327864 2021-04-08] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [MSIRegister] => C:\Program Files (x86)\MSI\MSIRegister\MSIRegister.exe [1266864 2019-08-28] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2022-12-20] (Adobe Inc. -> )
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [589840 2022-07-13] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\Program Files\Autodesk\Genuine Service\x64\GenuineService.exe [3741704 2022-09-27] (Autodesk, Inc. -> Autodesk)
HKLM-x32\...\Run: [M17A] => C:\Windows\twain_32\Brimm17a\Common\TwDsUiLaunch.exe [85912 2021-09-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2017-04-05] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3146752 2022-02-07] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrotherSoftwareUpdateNotification] => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3588608 2021-04-02] (Brother Industries, Ltd.) [File not signed]
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-894658081-3701612317-1664743181-1001\...\Run: [MicrosoftEdgeAutoLaunch_71ACF99E3915FFAEC8629BFDDF63CDF0] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4056016 2023-03-16] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-894658081-3701612317-1664743181-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4361576 2023-03-17] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-894658081-3701612317-1664743181-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2148016 2022-11-23] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-894658081-3701612317-1664743181-1001\...\Run: [f.lux] => C:\Users\urban\AppData\Local\FluxSoftware\Flux\flux.exe [1515848 2021-06-18] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-894658081-3701612317-1664743181-1001\...\Run: [AMDNoiseSuppression] => C:\Windows\system32\AMD\ANR\AMDNoiseSuppression.exe [155544 2022-08-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\111.0.5563.65\Installer\chrmstp.exe [2023-03-14] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RocketDock.lnk [2023-02-17]
ShortcutTarget: RocketDock.lnk -> C:\Program Files (x86)\RocketDock\RocketDock.exe () [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0600DD45-FAF2-4131-A006-0B17509B9F78} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\sc.exe start InventorySvc
Task: {167EBFDA-959A-4E98-BABB-A5C4609476F2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {226A6FB3-82E2-4364-BF72-0F84B5B813F6} - System32\Tasks\MSI Task Host - LEDKeeper2_Host => C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe [2446456 2023-02-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {3C48A60F-68B6-4438-934A-D4FBA0440721} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [183736 2023-03-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {58A5CD92-3F37-475B-AD8C-4E06D78ACCF6} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1024440 2023-03-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {6686483B-1307-459A-9729-F4F333E6CDB4} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [804312 2022-11-17] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {86AB15BA-01C0-426E-B791-BF82760E3FD0} - System32\Tasks\MSI_Toast_Server => C:\Program Files (x86)\MSI\MSI Toast Server\MSIToastServer.exe [31904 2019-03-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
Task: {8E06041E-22D6-4760-8DEC-874F2A9A4496} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1024440 2023-03-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {AC804391-F858-4A34-B2A8-8404CA219953} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C288EBBF-503A-4EA1-9518-3F40CF87B5DE} - System32\Tasks\GoogleUpdateTaskMachineCore{0D7563E2-44E9-4EB7-8A1B-4267BDDC23A6} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-11-25] (Google LLC -> Google LLC)
Task: {DB23F17A-46EA-464A-9860-AD8BBE9F35B9} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1024440 2023-03-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\Windows\system32\MusNotification.exe (No File)
Task: {F22BE561-248F-48A6-A6B1-2FE4BC043DF5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F34D8F95-35C1-42AA-8D00-24576437315D} - System32\Tasks\GoogleUpdateTaskMachineUA{0B175071-EF0B-4CCB-93C5-9E7F917212A2} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-11-25] (Google LLC -> Google LLC)
Task: {F7FCD57F-CDA3-4C68-AC58-46EBC6900A5E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{5d5d3228-8ef8-41bd-bfa7-a08deaba790f}: [DhcpNameServer] 62.129.50.20 85.135.32.100

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\urban\AppData\Local\Microsoft\Edge\User Data\Default [2023-03-20]
Edge HomePage: Default -> hxxps://securesearch.org/homepage?hp=2&pId=BT170902&iDate=2021-11-04 05:57:11&iid=8e6001bc-0285-45f3-90b0-14b924c3d8dd&bName=
Edge Extension: (Překladač Google) - C:\Users\urban\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-03-15]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\urban\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2023-03-15]
Edge Extension: (Adblock Plus - free ad blocker) - C:\Users\urban\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2023-03-15]
Edge Extension: (Hlídač Shopů) - C:\Users\urban\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\plmlonggbfebcjelncogcnclagkmkikk [2023-03-15]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\urban\AppData\Local\Google\Chrome\User Data\Default [2023-03-20]
CHR Notifications: Default -> hxxps://drive.google.com; hxxps://fixgroupfactor.com; hxxps://www25.davisonbarker.pro; hxxps://www58.davisonbarker.pro
CHR Session Restore: Default -> is enabled.
CHR Extension: (Překladač Google) - C:\Users\urban\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-11-25]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\urban\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2023-03-09]
CHR Extension: (Dark Reader) - C:\Users\urban\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2023-01-09]
CHR Extension: (I don't care about cookies) - C:\Users\urban\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2023-02-15]
CHR Extension: (Word Online) - C:\Users\urban\AppData\Local\Google\Chrome\User Data\Default\Extensions\fiombgjlkfpdpkbhfioofeeinbehmajg [2022-11-25]
CHR Extension: (Hamty.cz doplněk) - C:\Users\urban\AppData\Local\Google\Chrome\User Data\Default\Extensions\gccfnphpieojibjmnodiiobdapckkkfb [2022-11-29]
CHR Extension: (Return YouTube Dislike) - C:\Users\urban\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebbhagfogifgggkldgodflihgfeippi [2023-02-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\urban\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-02-14]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\urban\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-03-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\urban\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-11-25]
CHR Extension: (Hlídač Shopů) - C:\Users\urban\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlonggbfebcjelncogcnclagkmkikk [2023-02-24]
CHR Profile: C:\Users\urban\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-03-20]
CHR Profile: C:\Users\urban\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-03-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\urban\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-02-14]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\urban\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-02-23]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\urban\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-03-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\urban\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-12-20]
CHR Profile: C:\Users\urban\AppData\Local\Google\Chrome\User Data\System Profile [2023-03-20]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1166352 2022-07-13] (Autodesk, Inc. -> Autodesk Inc.)
R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [13915208 2022-03-24] (Autodesk, Inc. -> Autodesk)
R2 Autodesk Access Service Host; C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessServiceHost.exe [8895776 2023-03-08] (Autodesk, Inc. -> Autodesk, Inc.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [321536 2022-01-26] (Brother Industries, Ltd.) [File not signed]
R3 InventorySvc; C:\Windows\system32\inventorysvc.dll [304480 2022-11-25] (Microsoft Windows -> Microsoft Corporation)
S2 LightKeeperService; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LightKeeperService.exe [86776 2020-12-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9084512 2023-03-15] (Malwarebytes Inc. -> Malwarebytes)
S2 MSIREGISTER_MR; C:\Program Files (x86)\MSI\MSIRegister\MSIRegisterService.exe [2019504 2019-08-28] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
S2 MSI_Case_Service; C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe [69240 2023-01-16] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
S2 MSI_Center_Service; C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe [150176 2022-08-04] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
S2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2210104 2021-04-08] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
S2 MSI_VoiceControl_Service; C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe [34032 2022-05-12] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
S2 Mystic_Light_Service; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Mystic_Light_Service.exe [37616 2022-04-28] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [252176 2023-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SgrmBroker; C:\Windows\system32\Sgrm\SgrmBroker.exe [414632 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TextInputManagementService; C:\Windows\System32\TabSvc.dll [266240 2023-03-15] (Microsoft Windows -> Microsoft Corporation)
S2 tmInstall; C:\Program Files\Thrustmaster\FFB Racing wheel\drivers\amd64\tmInstall.EXE [281160 2022-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Thrustmaster®)
S2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [12288 2022-11-10] () [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe [3191256 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe [133576 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [19456 2022-11-10] () [File not signed]
R3 wuauserv; C:\Windows\system32\wuauserv.dll [140376 2023-03-15] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\Windows\System32\drivers\amdfendrmgr.sys [36248 2022-10-14] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R2 AMDRyzenMasterDriverV20; C:\Windows\system32\AMDRyzenMasterDriver.sys [48328 2023-03-01] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 AMDSAFD; C:\Windows\System32\DriverStore\FileRepository\amdsafd.inf_amd64_1a1a381a2c0e293c\amdsafd.sys [113056 2022-08-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 amdwddmg; C:\Windows\System32\DriverStore\FileRepository\u0389089.inf_amd64_707d4e7f9968e2d8\B389045\amdkmdag.sys [100028824 2023-03-06] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\Windows\System32\drivers\amdxe.sys [59920 2022-05-31] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R2 bfs; C:\Windows\system32\drivers\bfs.sys [91480 2022-11-25] (Microsoft Windows -> Microsoft Corporation)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [532480 2022-09-25] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [184320 2022-09-25] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
S0 GenPass; C:\Windows\System32\DriverStore\FileRepository\genpass.inf_amd64_bef88a423225ecdc\genpass.sys [62800 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S3 logi_joy_vir_hid; C:\Windows\system32\drivers\logi_joy_vir_hid.sys [32080 2022-12-24] (Logitech Inc -> Logitech)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2023-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2023-03-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 NTIOLib_CC_Clock; C:\Program Files (x86)\MSI\MSI Center\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_COMM; C:\Program Files (x86)\MSI\MSI Center\Lib\SYS\NTIOLib_X64.sys [28480 2022-04-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Lib\NTIOLib_X64.sys [14288 2017-07-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S0 pvscsi; C:\Windows\System32\drivers\pvscsii.sys [45408 2022-05-07] (Microsoft Windows -> VMware, Inc.)
S3 RoutePolicy; C:\Windows\System32\drivers\RoutePolicy.sys [98304 2022-05-07] (Microsoft Windows -> )
S3 rtcx21; C:\Windows\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
S3 tmhidusb; C:\Windows\system32\DRIVERS\tmhidusb.sys [513096 2022-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Thrustmaster)
S3 tmwbulk; C:\Windows\System32\Drivers\tmwbulk.sys [383008 2022-09-08] (Microsoft Windows Hardware Compatibility Publisher -> © Guillemot R&D, 2022. All rights reserved.)
S3 UsbNcm; C:\Windows\System32\drivers\UsbNcm.sys [167936 2022-05-07] (Microsoft Windows -> )
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49576 2023-02-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [473336 2023-02-15] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99576 2023-02-15] (Microsoft Windows -> Microsoft Corporation)
R2 wtd; C:\Windows\System32\drivers\wtd.sys [118784 2023-03-15] (Microsoft Windows -> Microsoft Corporation)
S4 AmdTools64; \SystemRoot\System32\drivers\AmdTools64.sys [X]
U3 aswbdisk; no ImagePath
S3 atillk64; \??\C:\Windows\Temp\Atiflash\atillk64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-03-20 16:56 - 2023-03-20 16:56 - 000023264 _____ C:\Users\urban\Desktop\FRST.txt
2023-03-20 16:54 - 2023-03-20 16:56 - 000000000 ____D C:\FRST
2023-03-20 16:54 - 2023-03-20 16:54 - 002378752 _____ (Farbar) C:\Users\urban\Desktop\FRST64.exe
2023-03-20 16:37 - 2023-03-20 16:37 - 008791352 _____ (Malwarebytes) C:\Users\urban\Downloads\adwcleaner.exe
2023-03-20 16:37 - 2023-03-20 16:37 - 000000000 ____D C:\AdwCleaner
2023-03-19 16:56 - 2023-03-19 16:56 - 000739302 _____ C:\Windows\system32\perfh005.dat
2023-03-19 16:56 - 2023-03-19 16:56 - 000155208 _____ C:\Windows\system32\perfc005.dat
2023-03-17 12:57 - 2023-03-17 12:57 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2023-03-17 12:57 - 2023-03-17 12:57 - 000000000 ____D C:\Program Files (x86)\Microsoft GameInput
2023-03-17 12:54 - 2023-03-17 12:54 - 108030112 _____ C:\Users\urban\Downloads\pasksladdenelmia.rar
2023-03-17 12:54 - 2023-03-17 12:54 - 050824399 _____ C:\Users\urban\Downloads\gymkhana_drift.rar
2023-03-17 12:54 - 2023-03-17 12:54 - 046381789 _____ C:\Users\urban\Downloads\gymkhana_drift (1).rar
2023-03-17 12:54 - 2023-03-17 12:54 - 033479399 _____ C:\Users\urban\Downloads\Klutmark.zip
2023-03-17 12:52 - 2023-03-17 12:52 - 000099907 _____ C:\Users\urban\Downloads\Ai-lines Meihan.zip
2023-03-17 12:52 - 2023-03-17 12:52 - 000099907 _____ C:\Users\urban\Downloads\Ai-lines Meihan (1).zip
2023-03-17 12:52 - 2023-03-17 12:52 - 000091981 _____ C:\Users\urban\Downloads\ai.zip
2023-03-17 12:51 - 2023-03-17 12:51 - 144484851 _____ C:\Users\urban\Downloads\slideBotFile.rar
2023-03-17 12:49 - 2023-03-17 12:51 - 1655423853 _____ C:\Users\urban\Downloads\Slideboizz Cars.zip
2023-03-16 17:26 - 2023-03-16 17:28 - 1032536291 _____ C:\Users\urban\Downloads\DEATH WISH GARAGE V2.0.zip
2023-03-16 17:24 - 2023-03-16 17:24 - 141987678 _____ C:\Users\urban\Downloads\acdfr23_bikernieki.rar
2023-03-16 17:24 - 2023-03-16 17:24 - 056935582 _____ C:\Users\urban\Downloads\acdfr_karpacz_2020 (1).rar
2023-03-16 17:23 - 2023-03-16 17:24 - 151886960 _____ C:\Users\urban\Downloads\acdfr_laquais_drift.rar
2023-03-16 17:23 - 2023-03-16 17:23 - 084298470 _____ C:\Users\urban\Downloads\acdfr_okuibuki_motor_park.rar
2023-03-16 17:23 - 2023-03-16 17:23 - 056935582 _____ C:\Users\urban\Downloads\acdfr_karpacz_2020.rar
2023-03-16 17:23 - 2023-03-16 17:23 - 040592598 _____ C:\Users\urban\Downloads\acdfr_deriphill_2023 .rar
2023-03-16 17:22 - 2023-03-16 17:22 - 081525256 _____ C:\Users\urban\Downloads\acdfr_road_atlanta_2021.rar
2023-03-16 17:22 - 2023-03-16 17:22 - 023615842 _____ C:\Users\urban\Downloads\acdfr_rockingham.rar
2023-03-16 17:17 - 2023-03-16 17:19 - 1229547175 _____ C:\Users\urban\Downloads\ACDFR_PACK_REV_2.zip
2023-03-16 14:36 - 2023-03-16 14:39 - 1385372285 _____ C:\Users\urban\Downloads\DWG S13 Pack 1.75.zip
2023-03-16 14:36 - 2023-03-16 14:37 - 615034780 _____ C:\Users\urban\Downloads\DWG 3.0 Teaser Public 2023.zip
2023-03-16 14:34 - 2023-03-16 14:34 - 191795636 _____ C:\Users\urban\Downloads\grassroots_circuit.7z
2023-03-16 14:25 - 2023-03-16 14:25 - 088437883 _____ C:\Users\urban\Downloads\asw-bmw-328i-e36-rb26.zip
2023-03-15 19:01 - 2023-03-15 19:01 - 000000000 ____D C:\Windows\Microsoft Antimalware
2023-03-15 17:53 - 2023-03-15 17:53 - 000888600 _____ (Google LLC) C:\Users\Public\Documents\gcapi.dll
2023-03-15 17:49 - 2023-03-15 17:49 - 000263008 _____ (AVAST Software) C:\Users\urban\Downloads\avast_free_antivirus_setup_online.exe
2023-03-15 14:13 - 2023-03-15 14:15 - 000000000 ___HD C:\$WinREAgent
2023-03-15 13:26 - 2023-03-15 13:26 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-03-15 13:26 - 2023-03-15 13:26 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-03-15 13:26 - 2023-03-15 13:26 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-03-14 19:30 - 2023-03-14 19:31 - 000017408 _____ C:\Users\urban\AppData\Local\WebpageIcons.db
2023-03-14 19:29 - 2023-03-17 23:39 - 000000000 ____D C:\Program Files (x86)\3uTools
2023-03-14 19:29 - 2023-03-14 19:29 - 000001222 _____ C:\Users\Public\Desktop\3uTools.lnk
2023-03-14 19:29 - 2023-03-14 19:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3uTools
2023-03-14 19:27 - 2023-03-14 19:27 - 000684984 _____ (Mozilla Foundation) C:\Users\urban\AppData\LocalLow\freebl3.dll
2023-03-14 19:27 - 2023-03-14 19:27 - 000627128 _____ (Mozilla Foundation) C:\Users\urban\AppData\LocalLow\mozglue.dll
2023-03-14 19:27 - 2023-03-14 19:27 - 000254392 _____ (Mozilla Foundation) C:\Users\urban\AppData\LocalLow\softokn3.dll
2023-03-14 19:20 - 2023-03-14 19:20 - 000000000 ____D C:\Users\urban\AppData\Roaming\Apple Computer
2023-03-14 19:19 - 2023-03-14 19:19 - 000000000 ____D C:\Users\urban\AppData\Roaming\TSMonitor
2023-03-14 19:19 - 2023-03-14 19:19 - 000000000 ____D C:\Program Files (x86)\Tenorshare
2023-03-14 17:18 - 2023-03-14 17:18 - 000000000 ____D C:\Users\urban\Apple
2023-03-09 15:49 - 2023-03-09 15:49 - 000693985 _____ C:\Users\urban\Desktop\Výpověď.pdf
2023-03-08 17:06 - 2023-03-19 16:49 - 000003128 _____ C:\Windows\system32\Tasks\MSIAfterburner
2023-03-08 16:58 - 2023-03-15 17:50 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2023-03-08 16:58 - 2023-03-08 16:59 - 000000000 ____D C:\Windows\SysWOW64\directx
2023-03-08 16:58 - 2023-03-08 16:58 - 000001155 _____ C:\Users\urban\Desktop\MSI Afterburner.lnk
2023-03-08 16:58 - 2023-03-08 16:58 - 000000000 ____D C:\Users\urban\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2023-03-08 16:58 - 2023-03-08 16:58 - 000000000 ____D C:\Users\urban\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2023-03-08 16:58 - 2023-03-08 16:58 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2023-03-08 16:35 - 2023-03-08 16:35 - 000003176 _____ C:\Windows\system32\Tasks\MSI Task Host - LEDKeeper2_Host
2023-03-08 16:35 - 2023-03-08 16:35 - 000000000 ____D C:\Program Files\WD
2023-03-08 16:35 - 2023-03-08 16:35 - 000000000 ____D C:\Program Files\Verbatim
2023-03-08 16:35 - 2023-03-08 16:35 - 000000000 ____D C:\Program Files\ENE
2023-03-08 16:18 - 2023-03-19 17:19 - 000000000 ____D C:\Users\urban\AppData\Local\D3DSCache
2023-03-08 16:18 - 2023-03-08 17:22 - 000000000 ____D C:\Users\urban\AppData\Local\AMD_Common
2023-03-08 16:16 - 2023-03-08 16:18 - 000000000 ____D C:\ProgramData\AMD
2023-03-08 16:16 - 2023-03-08 16:16 - 000002620 _____ C:\Windows\system32\Tasks\AMDRyzenMasterSDKTask
2023-03-08 16:16 - 2023-03-08 16:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Software꞉ Adrenalin Edition
2023-03-08 16:16 - 2023-03-08 16:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2023-03-08 16:14 - 2023-03-08 16:14 - 000000000 ____D C:\Users\urban\AppData\Local\AMDSoftwareInstaller
2023-03-08 16:07 - 2023-03-20 16:15 - 000003104 _____ C:\Windows\system32\Tasks\AMDInstallLauncher
2023-03-08 16:07 - 2023-03-08 16:07 - 000001292 _____ C:\Users\urban\Desktop\Display Driver Uninstaller.lnk
2023-03-08 16:07 - 2023-03-08 16:07 - 000000000 ____D C:\Users\urban\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Display Driver Uninstaller
2023-03-08 16:07 - 2023-03-08 16:07 - 000000000 ____D C:\Program Files (x86)\Display Driver Uninstaller
2023-03-08 16:04 - 2023-03-20 16:15 - 000003096 _____ C:\Windows\system32\Tasks\AMDLinkUpdate
2023-03-08 16:04 - 2023-03-08 16:16 - 000003484 _____ C:\Windows\system32\Tasks\ModifyLinkUpdate
2023-03-08 15:41 - 2023-03-08 15:42 - 000000000 ____D C:\ProgramData\MSI
2023-03-08 15:41 - 2023-03-08 15:41 - 000000000 ____D C:\Users\urban\AppData\Local\Downloaded Installations
2023-03-08 14:40 - 2023-03-08 16:26 - 4020033382 _____ C:\Users\urban\Desktop\GX014256_stabilized.mp4
2023-03-08 14:39 - 2022-10-08 07:35 - 4007278847 _____ C:\Users\urban\Desktop\GX014256.MP4
2023-03-07 18:32 - 2023-03-07 18:32 - 000000000 ____D C:\Users\urban\Downloads\Gyroflow-windows64
2023-03-06 19:46 - 2023-03-06 19:46 - 002238352 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2023-03-06 19:46 - 2023-03-06 19:46 - 002238352 _____ C:\Windows\system32\vulkaninfo.exe
2023-03-06 19:46 - 2023-03-06 19:46 - 001644944 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-03-06 19:46 - 2023-03-06 19:46 - 001644944 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2023-03-06 19:46 - 2023-03-06 19:46 - 001463272 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2023-03-06 19:46 - 2023-03-06 19:46 - 001463272 _____ C:\Windows\system32\vulkan-1.dll
2023-03-06 19:46 - 2023-03-06 19:46 - 001186648 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2023-03-06 19:46 - 2023-03-06 19:46 - 001186648 _____ C:\Windows\SysWOW64\vulkan-1.dll
2023-03-06 19:46 - 2023-03-06 19:46 - 000791488 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Rapidfire64.dll
2023-03-06 19:46 - 2023-03-06 19:46 - 000704960 _____ C:\Windows\system32\hiprt0200064.dll
2023-03-06 19:46 - 2023-03-06 19:46 - 000668560 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\Rapidfire.dll
2023-03-06 19:46 - 2023-03-06 19:46 - 000596416 _____ C:\Windows\system32\GameManager64.dll
2023-03-06 19:46 - 2023-03-06 19:46 - 000538048 _____ C:\Windows\system32\libsmi_guest.dll
2023-03-06 19:46 - 2023-03-06 19:46 - 000532368 _____ C:\Windows\system32\dgtrayicon.exe
2023-03-06 19:46 - 2023-03-06 19:46 - 000531344 _____ C:\Windows\system32\libsmi_host.dll
2023-03-06 19:46 - 2023-03-06 19:46 - 000492480 _____ C:\Windows\system32\EEURestart.exe
2023-03-06 19:46 - 2023-03-06 19:46 - 000449944 _____ C:\Windows\SysWOW64\GameManager32.dll
2023-03-06 19:46 - 2023-03-06 19:46 - 000351120 _____ C:\Windows\system32\clinfo.exe
2023-03-06 19:46 - 2023-03-06 19:46 - 000196544 _____ C:\Windows\system32\mantle64.dll
2023-03-06 19:46 - 2023-03-06 19:46 - 000176064 _____ C:\Windows\system32\mantleaxl64.dll
2023-03-06 19:46 - 2023-03-06 19:46 - 000153536 _____ C:\Windows\SysWOW64\mantle32.dll
2023-03-06 19:46 - 2023-03-06 19:46 - 000137664 _____ C:\Windows\SysWOW64\mantleaxl32.dll
2023-03-06 19:46 - 2023-03-06 19:46 - 000041360 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\RapidFireServer64.dll
2023-03-06 19:46 - 2023-03-06 19:46 - 000038296 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\RapidFireServer.dll
2023-03-06 19:44 - 2023-03-06 19:44 - 000256400 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2023-03-06 19:44 - 2023-03-06 19:44 - 000216984 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2023-03-06 19:44 - 2023-03-06 19:44 - 000186256 _____ (AMD) C:\Windows\system32\atimuixx.dll
2023-03-06 19:44 - 2023-03-06 19:44 - 000173968 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2023-03-06 19:44 - 2023-03-06 19:44 - 000137152 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2023-03-06 19:43 - 2023-03-06 19:43 - 084656576 _____ C:\Windows\SysWOW64\amd_comgr32.dll
2023-03-06 19:43 - 2023-03-06 19:43 - 002018712 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2023-03-06 19:43 - 2023-03-06 19:43 - 001537936 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2023-03-06 19:43 - 2023-03-06 19:43 - 001537936 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2023-03-06 19:43 - 2023-03-06 19:43 - 000938384 _____ (AMD) C:\Windows\system32\atieclxx.exe
2023-03-06 19:43 - 2023-03-06 19:43 - 000525712 _____ C:\Windows\system32\atieah64.exe
2023-03-06 19:43 - 2023-03-06 19:43 - 000514456 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2023-03-06 19:43 - 2023-03-06 19:43 - 000463256 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2023-03-06 19:43 - 2023-03-06 19:43 - 000394640 _____ C:\Windows\SysWOW64\atieah32.exe
2023-03-06 19:43 - 2023-03-06 19:43 - 000379840 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2023-03-06 19:43 - 2023-03-06 19:43 - 000200384 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2023-03-06 19:43 - 2023-03-06 19:43 - 000163280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2023-03-06 19:43 - 2023-03-06 19:43 - 000134552 _____ C:\Windows\system32\atidxx64.dll
2023-03-06 19:43 - 2023-03-06 19:43 - 000132544 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amfrt64.dll
2023-03-06 19:43 - 2023-03-06 19:43 - 000108480 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amfrt32.dll
2023-03-06 19:43 - 2023-03-06 19:43 - 000108432 _____ C:\Windows\SysWOW64\atidxx32.dll
2023-03-06 19:43 - 2023-03-06 19:43 - 000064912 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ati2erec.dll
2023-03-06 19:42 - 2023-03-06 19:42 - 100644800 _____ C:\Windows\system32\amd_comgr.dll
2023-03-06 19:40 - 2023-03-06 19:40 - 000128408 _____ C:\Windows\system32\amdxc64.dll
2023-03-06 19:40 - 2023-03-06 19:40 - 000103824 _____ C:\Windows\SysWOW64\amdxc32.dll
2023-03-06 19:39 - 2023-03-06 19:39 - 007190504 _____ C:\Windows\system32\amdsmi.exe
2023-03-06 19:38 - 2023-03-06 19:38 - 002256272 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdsasrv64.dll
2023-03-06 19:38 - 2023-03-06 19:38 - 001701048 _____ (AMD) C:\Windows\system32\amf-mft-mjpeg-decoder64.dll
2023-03-06 19:38 - 2023-03-06 19:38 - 001378312 _____ (AMD) C:\Windows\SysWOW64\amf-mft-mjpeg-decoder32.dll
2023-03-06 19:38 - 2023-03-06 19:38 - 001310608 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdsacli64.dll
2023-03-06 19:38 - 2023-03-06 19:38 - 001039256 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdsacli32.dll
2023-03-06 19:38 - 2023-03-06 19:38 - 000933264 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2023-03-06 19:38 - 2023-03-06 19:38 - 000761232 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2023-03-06 19:38 - 2023-03-06 19:38 - 000461200 _____ C:\Windows\system32\amdlogum.exe
2023-03-06 19:38 - 2023-03-06 19:38 - 000155936 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2023-03-06 19:38 - 2023-03-06 19:38 - 000125696 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2023-03-06 19:37 - 2023-03-06 19:37 - 000222080 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdihk64.dll
2023-03-06 19:37 - 2023-03-06 19:37 - 000177760 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdihk32.dll
2023-03-06 19:36 - 2023-03-06 19:36 - 016165824 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdhip64.dll
2023-03-06 19:36 - 2023-03-06 19:36 - 004349376 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdadlx64.dll
2023-03-06 19:36 - 2023-03-06 19:36 - 004155792 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdadlx32.dll
2023-03-06 19:36 - 2023-03-06 19:36 - 000558528 _____ C:\Windows\system32\amdgfxinfo64.dll
2023-03-06 19:36 - 2023-03-06 19:36 - 000553304 _____ C:\Windows\system32\amdmiracast.dll
2023-03-06 19:36 - 2023-03-06 19:36 - 000422336 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2023-03-06 19:36 - 2023-03-06 19:36 - 000165832 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2023-03-06 19:36 - 2023-03-06 19:36 - 000155976 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2023-03-06 19:36 - 2023-03-06 19:36 - 000140264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2023-03-06 19:36 - 2023-03-06 19:36 - 000125744 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2023-03-06 19:26 - 2023-03-09 18:25 - 114772595 _____ C:\Users\urban\Desktop\obraz.psd
2023-03-06 18:46 - 2023-03-06 18:46 - 030284712 _____ C:\Windows\system32\hiprt02000_amd.hipfb
2023-03-06 18:46 - 2023-03-06 18:46 - 022879832 _____ C:\Windows\system32\hiprt02000_nv.fatbin
2023-03-06 18:46 - 2023-03-06 18:46 - 002170168 _____ C:\Windows\system32\oro_compiled_kernels.fatbin
2023-03-06 18:46 - 2023-03-06 18:46 - 001464232 _____ C:\Windows\system32\oro_compiled_kernels.hipfb
2023-03-06 18:46 - 2023-03-06 18:46 - 000154384 _____ C:\Windows\system32\samu_krnl_ci.sbin
2023-03-06 18:46 - 2023-03-06 18:46 - 000138832 _____ C:\Windows\system32\samu_krnl_isv_ci.sbin
2023-03-06 18:46 - 2023-03-06 18:46 - 000128048 _____ C:\Windows\system32\kapp_ci.sbin
2023-03-06 18:46 - 2023-03-06 18:46 - 000121168 _____ C:\Windows\system32\kapp_si.sbin
2023-03-06 18:45 - 2023-03-06 18:45 - 094816128 _____ C:\Windows\system32\amdxc64.so
2023-03-06 17:08 - 2023-03-06 17:08 - 000074716 _____ C:\Users\urban\Desktop\59d5e8383832e-belajar-dari-kerasnya-perjuangan-steve-jobs-mendirikan-apple_1265_711.webp
2023-03-06 17:07 - 2023-03-06 17:07 - 000013004 _____ C:\Users\urban\Desktop\steve_jobs_stay_hungry.jpg.webp
2023-03-06 16:12 - 2023-03-06 16:12 - 001502201 _____ C:\Users\urban\Desktop\Scan2023-03-06_161159.pdf
2023-03-06 16:04 - 2023-03-06 16:04 - 000744897 _____ C:\Users\urban\Documents\Scan2023-03-06_160424.pdf
2023-03-05 19:11 - 2023-03-05 19:11 - 000535425 _____ C:\Users\urban\Downloads\IMG_2556.jpeg
2023-03-05 14:39 - 2023-03-05 14:39 - 000856504 _____ (Advanced Micro Devices) C:\Windows\system32\Device.dll
2023-03-05 14:39 - 2023-03-05 14:39 - 000061368 _____ (Advanced Micro Devices) C:\Windows\system32\Platform.dll
2023-03-04 11:17 - 2023-03-04 11:17 - 001487160 _____ C:\Users\urban\Documents\Scan2023-03-04_111735.pdf
2023-03-04 10:48 - 2023-03-04 10:48 - 001494259 _____ C:\Users\urban\Documents\Karta zaměstnance_Urbániková.pdf
2023-03-04 10:48 - 2023-03-04 10:48 - 001494259 _____ C:\Users\urban\Desktop\Karta zaměstnance_Urbániková.pdf
2023-03-01 18:21 - 2023-03-01 18:22 - 090069109 _____ C:\Users\urban\Desktop\GX010022.mp4
2023-03-01 18:21 - 2023-03-01 18:21 - 219753080 _____ C:\Users\urban\Desktop\GX010026.mp4
2023-03-01 18:21 - 2023-03-01 18:21 - 164569086 _____ C:\Users\urban\Desktop\GX010025.mp4
2023-03-01 18:20 - 2023-03-01 18:21 - 302046068 _____ C:\Users\urban\Desktop\GX010028.mp4
2023-03-01 18:20 - 2023-03-01 18:20 - 486034844 _____ C:\Users\urban\Desktop\GX010029.mp4
2023-03-01 18:19 - 2023-03-01 18:20 - 194743695 _____ C:\Users\urban\Desktop\GX010024.mp4
2023-03-01 04:42 - 2023-03-01 04:42 - 000048328 _____ (Advanced Micro Devices) C:\Windows\system32\AMDRyzenMasterDriver.sys
2023-02-24 19:45 - 2023-02-24 19:45 - 000000000 ____D C:\Users\urban\AppData\LocalLow\AMD
2023-02-21 19:01 - 2023-02-21 19:01 - 000507273 _____ C:\Users\urban\Downloads\2931049177 (1).pdf
2023-02-21 19:00 - 2023-02-21 19:00 - 000507270 _____ C:\Users\urban\Downloads\2931049177.pdf
2023-02-21 19:00 - 2023-02-21 19:00 - 000437053 _____ C:\Users\urban\Downloads\3230188138.pdf
2023-02-19 15:43 - 2023-02-19 15:43 - 000001341 _____ C:\Users\urban\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoshopPortable.lnk
2023-02-19 15:16 - 2023-02-19 15:16 - 000057721 _____ C:\Users\urban\Downloads\[SkT]Adobe_Photoshop_2023_v24.1.1.238_(x64)_Multilingual_CZ_(portable).torrent
2023-02-19 15:14 - 2023-02-19 15:14 - 000079113 _____ C:\Users\urban\Downloads\[SkT]Adobe_Photoshop_2023_24.1.1.238_(x64) (1).torrent
2023-02-19 15:13 - 2023-02-19 15:13 - 002410256 _____ (PortableApps.com) C:\Users\urban\Downloads\uTorrentPortable_3.5.5.46348_online.paf.exe
2023-02-19 15:11 - 2023-02-19 15:11 - 000079113 _____ C:\Users\urban\Downloads\[SkT]Adobe_Photoshop_2023_24.1.1.238_(x64).torrent
2023-02-19 15:06 - 2023-02-19 15:48 - 000000000 ____D C:\Users\urban\Desktop\Kryty foto

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-03-20 16:54 - 2022-11-25 12:17 - 000000000 ____D C:\Program Files (x86)\Google
2023-03-20 16:38 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SystemTemp
2023-03-20 16:38 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-03-20 16:29 - 2022-11-25 12:18 - 000000000 ____D C:\Program Files (x86)\Steam
2023-03-20 16:15 - 2022-11-25 11:58 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-03-19 19:40 - 2022-12-29 12:38 - 000000000 ____D C:\Users\urban\AppData\Local\AcTools Content Manager
2023-03-19 16:56 - 2022-11-25 12:05 - 001744746 _____ C:\Windows\system32\PerfStringBackup.INI
2023-03-19 16:56 - 2022-05-07 06:22 - 000000000 ____D C:\Windows\INF
2023-03-19 16:49 - 2022-11-26 10:52 - 000000000 ____D C:\MSI
2023-03-19 16:49 - 2022-11-25 11:58 - 000012288 ___SH C:\DumpStack.log.tmp
2023-03-19 16:49 - 2022-11-25 11:58 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-03-19 12:02 - 2022-05-07 06:17 - 000524288 _____ C:\Windows\system32\config\BBI
2023-03-19 11:02 - 2022-12-27 18:48 - 000000000 ____D C:\Users\urban\AppData\Local\CrashDumps
2023-03-19 08:24 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-03-19 08:24 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\AppReadiness
2023-03-19 08:09 - 2022-11-25 11:58 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-03-19 08:09 - 2022-11-25 11:58 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-03-17 21:25 - 2022-11-25 12:16 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-894658081-3701612317-1664743181-1001
2023-03-17 21:25 - 2022-11-25 12:16 - 000003364 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-894658081-3701612317-1664743181-1001
2023-03-17 21:25 - 2022-11-25 12:16 - 000002377 _____ C:\Users\urban\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-03-17 12:56 - 2022-11-27 10:32 - 002786768 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll
2023-03-17 12:56 - 2022-11-27 10:32 - 000476624 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll
2023-03-17 12:56 - 2022-11-27 10:32 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\gamingservicesproxy.dll
2023-03-17 12:56 - 2022-11-27 10:32 - 000202192 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll
2023-03-17 12:56 - 2022-11-27 10:32 - 000165328 _____ (Microsoft Corporation) C:\Windows\system32\gamelaunchhelper.dll
2023-03-17 12:56 - 2022-11-27 10:32 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
2023-03-17 12:56 - 2022-11-27 10:32 - 000079352 _____ (Microsoft Corporation) C:\Windows\system32\xgamehelper.exe
2023-03-17 12:56 - 2022-11-27 10:32 - 000062928 _____ (Microsoft Corporation) C:\Windows\system32\xgamecontrol.exe
2023-03-16 17:38 - 2022-11-25 12:14 - 000000000 ____D C:\Users\urban\AppData\Roaming\Adobe
2023-03-16 16:00 - 2022-11-25 12:14 - 000000000 ____D C:\Users\urban\AppData\Local\Packages
2023-03-16 16:00 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\SecurityHealth
2023-03-15 18:25 - 2023-01-22 11:02 - 000000000 ____D C:\ProgramData\Avast Software
2023-03-15 18:25 - 2022-11-25 11:58 - 000432960 _____ C:\Windows\system32\FNTCACHE.DAT
2023-03-15 18:25 - 2022-05-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-03-15 18:25 - 2022-05-07 06:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-03-15 18:25 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\UUS
2023-03-15 18:25 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\Dism
2023-03-15 18:25 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SystemResources
2023-03-15 18:25 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\oobe
2023-03-15 18:25 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\es-MX
2023-03-15 18:25 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\Dism
2023-03-15 18:25 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\appraiser
2023-03-15 18:25 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ShellExperiences
2023-03-15 18:25 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ShellComponents
2023-03-15 18:25 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\Provisioning
2023-03-15 18:25 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-03-15 18:25 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\bcastdvr
2023-03-15 18:20 - 2022-05-07 06:17 - 000032768 _____ C:\Windows\system32\config\ELAM
2023-03-15 18:11 - 2022-11-25 12:45 - 000000000 ____D C:\Windows\system32\MRT
2023-03-15 18:09 - 2022-11-25 12:44 - 153620824 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-03-15 17:54 - 2022-05-07 06:24 - 000000000 ___HD C:\Windows\ELAMBKUP
2023-03-15 14:19 - 2022-05-07 06:17 - 000000000 ____D C:\Windows\CbsTemp
2023-03-15 14:17 - 2022-11-25 12:01 - 003211264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-03-15 13:26 - 2023-01-21 20:32 - 000000000 ____D C:\Program Files\Malwarebytes
2023-03-15 13:11 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ServiceState
2023-03-14 17:18 - 2022-11-25 12:10 - 000000000 ____D C:\Users\urban
2023-03-14 14:43 - 2022-11-25 12:18 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-03-14 14:43 - 2022-11-25 12:18 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-03-11 19:37 - 2023-01-07 21:38 - 000000000 ____D C:\Users\urban\AppData\Local\ImageMagick
2023-03-08 20:04 - 2022-12-29 18:57 - 000000000 ____D C:\Users\urban\Documents\Euro Truck Simulator 2
2023-03-08 16:35 - 2022-11-25 12:56 - 000000000 ____D C:\ProgramData\Package Cache
2023-03-08 16:32 - 2022-11-25 12:11 - 000000000 ____D C:\Program Files\AMD
2023-03-08 16:31 - 2022-11-26 10:52 - 000000000 ____D C:\Program Files (x86)\MSI
2023-03-08 16:31 - 2022-11-25 12:01 - 000000000 ____D C:\ProgramData\Packages
2023-03-08 16:26 - 2022-11-25 12:14 - 000000000 ____D C:\Users\urban\AppData\Local\AMD
2023-03-08 16:15 - 2022-11-25 12:11 - 000000000 ____D C:\Windows\system32\AMD
2023-03-08 16:13 - 2022-11-25 13:23 - 000000000 ____D C:\AMD
2023-03-08 15:55 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\OCR
2023-03-08 15:50 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\Globalization
2023-03-08 14:57 - 2022-11-25 12:11 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2023-03-07 05:33 - 2022-11-26 10:58 - 000000000 ____D C:\Windows\Minidump
2023-03-07 05:33 - 2022-11-25 11:58 - 000376894 ____N C:\Windows\Minidump\030723-10109-01.dmp
2023-03-05 20:52 - 2022-11-25 13:35 - 003034248 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\AMDBugReportTool.exe
2023-03-05 18:25 - 2022-11-25 11:58 - 000568760 ____N C:\Windows\Minidump\030523-12453-01.dmp
2023-03-05 18:25 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\LiveKernelReports
2023-03-03 07:32 - 2022-11-25 11:58 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-03-03 07:32 - 2022-11-25 11:58 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-02-28 17:26 - 2023-01-13 19:47 - 000000000 ____D C:\Users\urban\AppData\Roaming\substancelinkopentcp
2023-02-28 17:26 - 2023-01-13 19:45 - 000000000 ____D C:\Users\urban\Documents\3ds Max 2023
2023-02-26 04:39 - 2022-11-27 10:32 - 000370176 _____ (Microsoft Corporation) C:\Windows\system32\GameInputRedist.dll
2023-02-26 03:11 - 2022-11-27 10:32 - 000242168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GameInputRedist.dll
2023-02-19 15:13 - 2023-01-13 18:59 - 000000000 ____D C:\Users\urban\Downloads\uTorrentPortable
2023-02-18 11:30 - 2023-02-14 15:31 - 000000000 ____D C:\ProgramData\Epic
2023-02-18 11:30 - 2023-02-14 15:31 - 000000000 ____D C:\Program Files (x86)\Epic Games

==================== Files in the root of some directories ========

2023-03-14 19:30 - 2023-03-14 19:31 - 000017408 _____ () C:\Users\urban\AppData\Local\WebpageIcons.db

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Re: Ukradnuté hesla, prosím o kontrolu

Napsal: 20 bře 2023 20:28
od Lacko12345
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-03-2023
Ran by urban (20-03-2023 16:57:29)
Running from C:\Users\urban\Desktop
Microsoft Windows 11 Pro Version 22H2 22621.1413 (X64) (2022-11-25 11:01:17)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-894658081-3701612317-1664743181-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-894658081-3701612317-1664743181-503 - Limited - Disabled)
Guest (S-1-5-21-894658081-3701612317-1664743181-501 - Limited - Disabled)
urban (S-1-5-21-894658081-3701612317-1664743181-1001 - Administrator - Enabled) => C:\Users\urban
WDAGUtilityAccount (S-1-5-21-894658081-3701612317-1664743181-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-894658081-3701612317-1664743181-1001\...\uTorrent) (Version: 3.5.5.46348 - BitTorrent Inc.)
3uTools (HKLM-x32\...\3uTools) (Version: 2.65.003 - ShangHai ZhangZheng Network Technology Co., Ltd.)
Adobe Premiere Pro 2022 (HKLM-x32\...\PPRO_22_5) (Version: 22.5 - Adobe Inc.)
Adobe Substance 3D for 3ds Max 2023 (HKLM\...\{674EBC7E-7B64-4959-9EBC-5CFBBF664242}) (Version: 2.4.6 - Adobe)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 3.10.22.706 - Advanced Micro Devices, Inc.)
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.83 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.17.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 7.0.4.4 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Master SDK (HKLM\...\{DBD50508-5F75-416B-995D-C42433A00944}) (Version: 2.10.0.2198 - Advanced Micro Devices, Inc.)
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 23.3.1 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{cf77cf6b-71ff-4a71-802d-43adb9b271b7}) (Version: 3.10.22.706 - Advanced Micro Devices, Inc.) Hidden
AppLogLibSetup (HKLM-x32\...\{52FB0C8F-DF05-4C61-AEB6-18C55F8C385F}) (Version: 1.0.3.0 - Brother Industries Ltd.) Hidden
Autodesk 3ds Max 2023 (HKLM\...\{6989C3C4-EF95-49D2-9650-1E700097D9FD}) (Version: 25.0.0.997 - Autodesk) Hidden
Autodesk 3ds Max 2023 (HKLM\...\{96DD678F-C87E-3029-9ACE-7176F9175685}) (Version: 25.0.0.997 - Autodesk, Inc.)
Autodesk 3ds Max 2023 CivilView 1.2.0.0 (HKLM\...\{DF6B8562-ACB4-4D7D-99E5-36B5C8567440}) (Version: 1.2.0.0 - Autodesk) Hidden
Autodesk Advanced Material Library Base Resolution Image Library 2023 (HKLM-x32\...\{C90A4CC0-0862-4FC3-A07F-31F903659946}) (Version: 21.0.1.1 - Autodesk)
Autodesk Advanced Material Library Low Resolution Image Library 2023 (HKLM-x32\...\{93A8D797-F224-4238-8E87-EE673E0BAC8A}) (Version: 21.0.1.1 - Autodesk)
Autodesk Advanced Material Library Medium Resolution Image Library 2023 (HKLM-x32\...\{489B5559-69A0-4165-A044-CEB510C6CBBF}) (Version: 21.0.1.1 - Autodesk)
Autodesk Genuine Service (HKLM\...\{F8C64551-A826-4185-9699-FAC37661A7EB}) (Version: 5.1.0.135 - Autodesk)
Autodesk Interoperability Engine Manager (HKLM\...\{C4EFAB73-D98A-3676-A3F8-142FC78E0EF3}) (Version: 1.0.0.11 - Autodesk.com) Hidden
Autodesk Inventor Interoperability 2023 (HKLM\...\{E2B54F9E-FF26-47AE-9AE1-D7AFBC32DE0C}) (Version: 27.0.13400.0000 - Autodesk) Hidden
Autodesk Material Library 2023 (HKLM-x32\...\{8E133591-B0FD-4DB0-B60E-FB593CAF72B0}) (Version: 21.0.1.1 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2023 (HKLM-x32\...\{3B564A94-BA47-4E42-ACD6-B5C35291210B}) (Version: 21.0.1.1 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2023 (HKLM-x32\...\{2ED470F3-3989-458D-AF24-8B2C4364A8CC}) (Version: 21.0.1.1 - Autodesk)
Autodesk Revit Engine 2023 (HKLM\...\{DA6E3B72-3088-2023-9993-45D9FF1AD8D0}) (Version: 23.0.0.296 - Autodesk, Inc.)
Autodesk Revit Unit Schemas 2023 (HKLM\...\{CDCC6F31-2023-4900-8E9B-D562B70697B6}) (Version: 23.0.0.296 - Autodesk, Inc.)
Autodesk Single Sign On Component (HKLM\...\{278F16D8-5131-4663-9D5A-630806286A98}) (Version: 13.4.4.1804 - Autodesk)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
blender (HKLM\...\{447524DE-DB18-4E94-8D90-4FD62C00212F}) (Version: 3.4.1 - Blender Foundation)
Branding64 (HKLM\...\{0DB6E0DC-607A-42C1-A3CE-7567A9F85AF4}) (Version: 1.00.0008 - Advanced Micro Devices, Inc.) Hidden
BrLauncher (HKLM-x32\...\{42D26B47-887C-45FC-BCAE-0BE485C5C0BB}) (Version: 2.0.11.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{3DEA56AB-0899-41DF-8C4F-0A608FD36904}) (Version: 10.5.0.74 - Brother Industries, Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{d0c84829-3b3f-46d1-b292-e3fb77d972c2}) (Version: 10.5.0.74 - Brother Industries, Ltd.)
Brother Printer Driver (HKLM-x32\...\{D9164C2E-91BA-4D5D-B49A-604BB0A127FE}) (Version: 1.9.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{45E4523F-2842-410D-90C6-6D19974B8E57}) (Version: 1.0.28.1 - Brother Industries Ltd.) Hidden
BrSupportTools (HKLM-x32\...\{32F47565-84B1-42CC-B09A-4CDDD9A32F94}) (Version: 1.0.20.0 - Brother Industries Ltd.) Hidden
ControlCenter4 (HKLM-x32\...\{9091B952-8719-49C3-9CC7-6E20EC61081F}) (Version: 4.6.6.1 - Brother Industries, Ltd.) Hidden
ControlCenter4 CSDK (HKLM-x32\...\{FD8A9511-BFC9-43B5-BB75-9CEC0EA03CF0}) (Version: 4.6.1.1 - Brother Industries, Ltd.) Hidden
Display Driver Uninstaller 18.0.6.1 (HKLM-x32\...\Display Driver Uninstaller) (Version: 18.0.6.1 - Wagnardsoft)
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.10.1 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{6b617af3-c8f4-45a8-bf47-b32ffb4da1cc}) (Version: 1.0.10.1 - ENE TECHNOLOGY INC.) Hidden
ENE_External_Device_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.10.4 - ENE Tech) Hidden
ENE_External_Device_HAL (HKLM-x32\...\{38581c7d-8a6c-4129-9046-8f5df621478b}) (Version: 1.0.10.4 - ENE Tech) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{c2c794a4-7986-4c45-884d-d4ca43b88df9}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
f.lux (HKU\S-1-5-21-894658081-3701612317-1664743181-1001\...\Flux) (Version: - f.lux Software LLC)
FFB Racing Wheel drivers (HKLM-x32\...\{28B758EA-5C83-48B1-B352-C70F12C73F5A}) (Version: 2.TTRS.2022 - Thrustmaster)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 111.0.5563.65 - Google LLC)
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
HttpToUsbBridge (HKLM-x32\...\{E2D35939-25BF-4EC8-BF6D-F9C0AF8ECC11}) (Version: 2.0.30.1 - Brother Industries Ltd.)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.5.24.248 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.24.248 - Malwarebytes)
MAXtoA for 3ds Max 2023 (HKLM\...\{E570E1E6-4982-488F-8D20-F6DD5E306E6F}) (Version: 5.1.0.41 - Autodesk)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 111.0.1661.44 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 111.0.1661.44 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-894658081-3701612317-1664743181-1001\...\OneDriveSetup.exe) (Version: 23.043.0226.0001 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{BAF67399-85CD-4555-9B49-1F80EB921C35}) (Version: 12.3.6024.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{EF9EBC42-6969-45CE-A8D2-B9249B00C838}) (Version: 5.69.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133 (HKLM-x32\...\{295d1583-fdb9-414b-a4c8-da539362a26b}) (Version: 14.29.30133.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30133 (HKLM-x32\...\{38b2c744-ad08-4d5b-91a2-3fb6f739ff3e}) (Version: 14.29.30133.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.31.31103 (HKLM-x32\...\{2aaf1df0-eb13-4099-9992-962bb4e596d1}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.31.31103 (HKLM-x32\...\{41d7b770-418a-43b7-95a5-f925fff05789}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.31.31103 (HKLM\...\{A977984B-9244-49E3-BD24-43F0A8009667}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.31.31103 (HKLM\...\{A181A302-3F6D-4BAD-97A8-A426A6499D78}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.31.31103 (HKLM-x32\...\{5720EC03-F26F-40B7-980C-50B5D420B5DE}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.31.31103 (HKLM-x32\...\{799E3FFF-705C-461F-B400-6DE27398B3E5}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
MSI Afterburner 4.6.5 Beta 4 (HKLM-x32\...\Afterburner) (Version: 4.6.5 Beta 4 - MSI Co., LTD)
MSI Center SDK (HKLM-x32\...\{15289038-41BE-48F8-B8B9-0B1021D3089E}}_is1) (Version: 3.2023.0208.01 - MSI)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.74 - MSI)
MSIRegister (HKLM-x32\...\{80B995A4-3A86-4690-98A6-563F1A788835}_is1) (Version: 2.0.0.21 - MSI)
NetworkRepairTool (HKLM-x32\...\{86E68F57-FAFE-4052-BDD4-3B90C38236AE}) (Version: 1.2.16.0 - Brother Industries, Ltd.) Hidden
Počítačová aplikace Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 8.5.0.17 - Autodesk)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 2.0.1.0 - Advanced Micro Devices, Inc.) Hidden
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9414.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.053.1001.2021 - Realtek)
Retopology Tools for 3ds Max 2023 (HKLM\...\{8B64FC5A-8A21-4A4B-8D1C-5A3BE7D13660}) (Version: 1.2.0.589 - Autodesk, Inc.)
RivaTuner Statistics Server 7.3.4 Beta 6 (HKLM-x32\...\RTSS) (Version: 7.3.4 Beta 6 - Unwinder)
RyzenMasterSDK (HKLM\...\{1402BEE2-FF5A-419E-988E-253BE2F5BAC0}) (Version: 1.2.3.5 - Advanced Micro Devices, Inc.) Hidden
ScannerUtilityInstaller (HKLM-x32\...\{D94DD953-F38C-4220-A17C-9217106510A6}) (Version: 1.20.0.1 - Brother) Hidden
ScreenStyler 0.2.3 (HKLM\...\ca7cbbf8-0d6f-5c45-8df4-959cbc5a6e63) (Version: 0.2.3 - Blumont Interactive)
SoftwareUpdateNotification (HKLM-x32\...\{E28A6F15-BFBE-4D20-8B5F-6EABAA1E545E}) (Version: 1.0.14.0 - Brother Industries, Ltd.) Hidden
StatusMonitor (HKLM-x32\...\{EBAC9324-2CBC-4DFC-BD9F-6CDC01DCADB4}) (Version: 1.32.1.0 - Brother Industries, Ltd.) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
UE Prerequisites (x64) (HKLM\...\{E171B21A-DA58-432D-A74B-D13B204BA477}) (Version: 1.0.16.0 - Epic Games, Inc.) Hidden
UE Prerequisites (x64) (HKLM-x32\...\{aad8a4b2-74da-409d-abb6-79a299008692}) (Version: 1.0.16.0 - Epic Games, Inc.) Hidden
UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
Verbatim_SureFireGaming_Product (HKLM\...\{35CB65C6-A7E3-4EE7-AD40-738D70A72164}) (Version: 1.0.3.11 - Verbatim) Hidden
Verbatim_SureFireGaming_Product (HKLM-x32\...\{d601832a-0d94-46ce-9b19-78e8a5887313}) (Version: 1.0.3.11 - Verbatim) Hidden
Wargaming.net Game Center (HKU\S-1-5-21-894658081-3701612317-1664743181-1001\...\Wargaming.net Game Center) (Version: 22.5.0.733 - Wargaming.net)
WD P40 Game Drive (HKLM\...\{EE55DBAE-ECDD-4ADD-AAB5-23DE848B0996}) (Version: 1.0.2.18 - Western Digital Corporation) Hidden
WD P40 Game Drive (HKLM-x32\...\{72b1a866-fc31-4381-bff3-fa6cd8823777}) (Version: 1.0.2.18 - Western Digital Corporation) Hidden
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{9c94735f-73fd-4b0f-9ddb-8be7b3cc4681}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM-x32\...\{a1d1ba00-92b7-4a99-8ebd-65b25c0e9e44}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WinRAR 6.10 beta 3 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.10.3 - win.rar GmbH)
World of Tanks EU (HKU\S-1-5-21-894658081-3701612317-1664743181-1001\...\WOT.EU.PRODUCTION) (Version: - Wargaming.net)

Packages:
=========
AMD Radeon Software -> C:\Program Files\AMD\CNext\CNext [2023-03-08] (0)
Forza Horizon 5 -> C:\Program Files\WindowsApps\Microsoft.624F8B84B80_3.567.563.0_x64__8wekyb3d8bbwe [2023-03-09] (Microsoft Studios)
Forza Horizon 5 Expansion 2 -> C:\Program Files\WindowsApps\Microsoft.Expansion2FH5_1.0.0.0_x64__8wekyb3d8bbwe [2022-11-28] (Microsoft Studios)
Forza Horizon 5: Hot Wheels -> C:\Program Files\WindowsApps\Microsoft.Expansion1FH5_3.484.939.0_x64__8wekyb3d8bbwe [2022-11-28] (Microsoft Studios)
GoPro Player -> C:\Program Files\WindowsApps\GoPro.GoProPlayer_2.1.16.0_x64__1h9vz9xjm6b8c [2023-02-17] (GoPro)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa [2022-12-16] (Apple Inc.) [Startup Task]
Lively Wallpaper -> C:\Program Files\WindowsApps\12030rocksdanister.LivelyWallpaper_1.0.131.0_x86__97hta09mmv6hy [2023-03-18] (rocksdanister) [Startup Task]
MSI Center -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICenter_2.0.10.0_x64__kzh8wxbdkxb8p [2023-03-08] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
ms-resource://MicrosoftCorporationII.QuickAssist/resources/APP_WINDOW_NAME -> C:\Program Files\WindowsApps\MicrosoftCorporationII.QuickAssist_2.0.19.0_x64__8wekyb3d8bbwe [2023-02-28] (Microsoft Corp.)
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.1.40041.0_x64__8wekyb3d8bbwe [2023-01-20] (Microsoft Corporation)
ms-resource:AppxManifest_DisplayName -> C:\Windows\SystemApps\Microsoft.Windows.PrintQueueActionCenter_cw5n1h2txyewy [2022-11-25] (Microsoft Corporation)
ms-resource:ProductPkgDisplayName -> C:\Windows\SystemApps\MicrosoftWindows.Client.Core_cw5n1h2txyewy [2023-03-15] (ms-resource:ProductPublisherDisplayName)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.39.279.0_x64__dt26b99r8h8gj [2022-11-26] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.207.1277.0_x86__zpdnekdrzrea0 [2023-03-18] (Spotify AB) [Startup Task]
TranslucentTB -> C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_2022.1.0.0_x64__v826wp6bftszj [2023-02-17] (Charles Milette) [Startup Task]
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.747.1945.0_x86__8wekyb3d8bbwe [2023-02-05] (Microsoft Corporation)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x86__8wekyb3d8bbwe [2023-02-24] (Microsoft Corporation)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.802.31.0_x64__8wekyb3d8bbwe [2023-03-17] (Microsoft Corporation)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.802.31.0_x86__8wekyb3d8bbwe [2023-03-17] (Microsoft Corporation)
WinRAR -> C:\Program Files\WinRAR [2022-12-27] (0)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-894658081-3701612317-1664743181-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Common Files\Autodesk Shared\Inventor Interoperability 2023\Bin\TestServer.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-894658081-3701612317-1664743181-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Common Files\Autodesk Shared\Inventor Interoperability 2023\Bin\TestServer.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-894658081-3701612317-1664743181-1001_Classes\CLSID\{D3E34B21-9D75-101A-8C3D-00AA001A1652}\localserver32 -> C:\Program Files\WindowsApps\Microsoft.Paint_11.2301.22.0_x64__8wekyb3d8bbwe\PaintApp\mspaint.exe () [File not signed]
CustomCLSID: HKU\S-1-5-21-894658081-3701612317-1664743181-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Common Files\Autodesk Shared\Inventor Interoperability 2023\Bin\TestServer.dll (Autodesk, Inc. -> Autodesk, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-15] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-15] (Malwarebytes Inc. -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\urban\Desktop\Ladislav (Lacko) - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"

==================== Loaded Modules (Whitelisted) =============

2023-02-09 11:33 - 2005-04-22 13:36 - 000143360 _____ () [File not signed] C:\Windows\system32\BrSNMP64.dll
2023-02-09 11:33 - 2016-11-01 11:27 - 000090112 _____ (Brother Industries, Ltd.) [File not signed] C:\Windows\system32\BrNetSti.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TextInputManagementService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => ""="Memory"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TextInputManagementService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2022-05-07 06:24 - 2022-05-07 06:22 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-894658081-3701612317-1664743181-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\urban\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\pier-in-starry-night_3840x2160_xtrafondos.com.jpg
DNS Servers: 62.129.50.20 - 85.135.32.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "RocketDock.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKLM\...\StartupApproved\Run32: => "MSIRegister"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKLM\...\StartupApproved\Run32: => "Autodesk Genuine Service "
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "BrotherSoftwareUpdateNotification"
HKLM\...\StartupApproved\Run32: => "M17A"
HKU\S-1-5-21-894658081-3701612317-1664743181-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_71ACF99E3915FFAEC8629BFDDF63CDF0"
HKU\S-1-5-21-894658081-3701612317-1664743181-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-894658081-3701612317-1664743181-1001\...\StartupApproved\Run: => "Wargaming.net Game Center"
HKU\S-1-5-21-894658081-3701612317-1664743181-1001\...\StartupApproved\Run: => "AMDNoiseSuppression"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A55BA846-46EC-428C-9267-CDFB6B547D76}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{D9DBE3B6-F7C3-4EF6-AB11-FE1F0DA0543A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{684F9A5C-9CA4-4772-B7D4-3202ADDA3FEF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1EE4A7A5-3551-409E-B13F-87CBFBCF354D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{AC58EB07-BEE8-4C94-B7DE-24C1D3ECBCA6}] => (Allow) D:1\SteamLibrary\steamapps\common\CarX Drift Racing Online\Drift Racing Online.exe => No File
FirewallRules: [{D51E5E55-E4A2-4455-9562-D95A70F67592}] => (Allow) D:1\SteamLibrary\steamapps\common\CarX Drift Racing Online\Drift Racing Online.exe => No File
FirewallRules: [TCP Query User{99C149A8-307C-414A-AD2C-58FBC45EBF95}C:\xboxgames\forza horizon 5\content\forzahorizon5.exe] => (Allow) C:\xboxgames\forza horizon 5\content\forzahorizon5.exe => No File
FirewallRules: [UDP Query User{18633D69-C8ED-4FF9-847E-79A280395513}C:\xboxgames\forza horizon 5\content\forzahorizon5.exe] => (Allow) C:\xboxgames\forza horizon 5\content\forzahorizon5.exe => No File
FirewallRules: [TCP Query User{C79DAB1E-AD39-4192-B2BC-FA877C6835D5}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{B346E5EE-EDC4-4AA8-926B-6267A82067F5}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{9A26BBD8-A7FA-4278-81AF-66BF34268897}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0FC7177A-0830-4836-A7FB-BFC7AE3BF670}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9A2E94DF-39C2-4D6F-8ED0-9DFA299B2549}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{089694BF-0D86-421C-A86A-7E76B2A864D4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9F97AB07-4722-41CE-8BC1-BECF50DB87FF}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BE45D94A-8277-489E-961C-CEF431DF683B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{49FA4965-D622-43C6-B92A-6B3C166EFBEB}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{787A000E-B1D5-43DD-8915-C61C6BD41830}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{F551B5A0-E80A-4F33-B8C6-6983847D0EDC}E:\battle.net\call of duty\_retail_\cod.exe] => (Allow) E:\battle.net\call of duty\_retail_\cod.exe => No File
FirewallRules: [UDP Query User{E0FB1F0B-9B9F-4387-B348-F011CA29ED81}E:\battle.net\call of duty\_retail_\cod.exe] => (Allow) E:\battle.net\call of duty\_retail_\cod.exe => No File
FirewallRules: [TCP Query User{723E31A7-B043-41CE-969B-AEDF3426197E}C:\users\urban\downloads\utorrentportable\app\utorrent\utorrent.exe] => (Allow) C:\users\urban\downloads\utorrentportable\app\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{059327CB-7DB7-46FA-A7D5-A98BA879A94C}C:\users\urban\downloads\utorrentportable\app\utorrent\utorrent.exe] => (Allow) C:\users\urban\downloads\utorrentportable\app\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{23045D91-5B7D-4D3F-A8AC-2F79E23023CF}] => (Block) E:\Games\Detroit Become Human\DetroitBecomeHuman.exe => No File
FirewallRules: [{26BD5E59-961F-4A7F-AB80-23CCFFCF1802}] => (Block) E:\Games\Detroit Become Human\DetroitBecomeHuman.exe => No File
FirewallRules: [{327D1B77-E106-4BC3-B8E5-1E823911EEFF}] => (Allow) E:\SteamLibrary\steamapps\common\assettocorsa\AssettoCorsa.exe => No File
FirewallRules: [{21E6F172-534C-49C7-AB8C-B1AFA8CC0EC9}] => (Allow) E:\SteamLibrary\steamapps\common\assettocorsa\AssettoCorsa.exe => No File
FirewallRules: [TCP Query User{D09BCAB4-637E-4710-BE90-5A40B1F791FF}E:\steamlibrary\steamapps\common\assettocorsa\acs.exe] => (Allow) E:\steamlibrary\steamapps\common\assettocorsa\acs.exe => No File
FirewallRules: [UDP Query User{83324A54-331B-4AFE-950E-B4D906292306}E:\steamlibrary\steamapps\common\assettocorsa\acs.exe] => (Allow) E:\steamlibrary\steamapps\common\assettocorsa\acs.exe => No File
FirewallRules: [{9C581100-25FF-4BE3-9263-461F951474BA}] => (Allow) F:\SteamLibrary\steamapps\common\Euro Truck Simulator 2 Demo\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{4D5D7359-9FF9-4806-BE49-0449B1AE77E4}] => (Allow) F:\SteamLibrary\steamapps\common\Euro Truck Simulator 2 Demo\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{07340726-55D7-41EE-A1B4-42D24128AA29}] => (Allow) F:\SteamLibrary\steamapps\common\CarX Drift Racing Online\Drift Racing Online.exe () [File not signed]
FirewallRules: [{3BC2E1F4-379E-426F-B461-46A7BB6FC9A5}] => (Allow) F:\SteamLibrary\steamapps\common\CarX Drift Racing Online\Drift Racing Online.exe () [File not signed]
FirewallRules: [{841A7F00-F234-4BAF-B0FC-4C64512DEFA1}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23002.403.1788.1930_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{055A5640-8B07-42B0-A0AD-91BC6C7BD0B5}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23002.403.1788.1930_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{8018AFFB-6E07-473B-8A73-4AF777E80705}F:\xboxgames\forza horizon 5\content\forzahorizon5.exe] => (Allow) F:\xboxgames\forza horizon 5\content\forzahorizon5.exe (Access Denied) [File not signed]
FirewallRules: [UDP Query User{1CE2C330-24EE-4A5D-BCD1-D24E9ECC79F1}F:\xboxgames\forza horizon 5\content\forzahorizon5.exe] => (Allow) F:\xboxgames\forza horizon 5\content\forzahorizon5.exe (Access Denied) [File not signed]
FirewallRules: [{111F8EDA-5BCB-4AB5-ADC0-EE8F1D3AFF20}] => (Allow) LPort=54925
FirewallRules: [{FFB08117-C946-43E0-BE88-81B7080D5D71}] => (Allow) LPort=54950
FirewallRules: [{A65FE5F1-2BDC-40DD-85F1-F841544ACC6B}] => (Allow) LPort=54955
FirewallRules: [{202F6875-083B-49DC-8005-CD9E61A9F679}] => (Allow) C:\Program Files (x86)\Browny02\Brother\BrPrintFinishNotice\BrPrintFinishNotice.exe (Brother Industries, Ltd. -> )
FirewallRules: [{A4BEF2FE-0B9C-4356-94AB-C2B987DFD17E}] => (Allow) C:\Program Files (x86)\Browny02\Brother\BrPrintFinishNotice\BrPrintFinishNotice.exe (Brother Industries, Ltd. -> )
FirewallRules: [TCP Query User{5198903F-79B0-4A80-93B8-6DAC104BB4DD}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe => No File
FirewallRules: [UDP Query User{296386AB-FE0E-48C2-9342-DF5637940BD3}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe => No File
FirewallRules: [TCP Query User{DA012848-AD3C-4791-9F6B-D65DA3AC924C}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe => No File
FirewallRules: [UDP Query User{6A8D1B3E-2E76-4AF0-8500-C01D371EB9C0}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe => No File
FirewallRules: [TCP Query User{C73AEB56-D9C3-4A68-A716-A331815152A0}C:\users\urban\appdata\local\unrealengine\common\unrealtrace\bin\0001000c\unrealtraceserver.exe] => (Allow) C:\users\urban\appdata\local\unrealengine\common\unrealtrace\bin\0001000c\unrealtraceserver.exe (Epic Games Inc. -> Epic Games)
FirewallRules: [UDP Query User{B05A192F-0F5C-42C9-B2DC-83550BEB1DD2}C:\users\urban\appdata\local\unrealengine\common\unrealtrace\bin\0001000c\unrealtraceserver.exe] => (Allow) C:\users\urban\appdata\local\unrealengine\common\unrealtrace\bin\0001000c\unrealtraceserver.exe (Epic Games Inc. -> Epic Games)
FirewallRules: [TCP Query User{C9E5AA40-BCF8-4C3B-928D-E1FA318458FC}C:\program files\epic games\ue_5.1\engine\binaries\win64\unrealeditor.exe] => (Allow) C:\program files\epic games\ue_5.1\engine\binaries\win64\unrealeditor.exe => No File
FirewallRules: [UDP Query User{97B3633F-A51C-4E6B-81A5-394C79E8286A}C:\program files\epic games\ue_5.1\engine\binaries\win64\unrealeditor.exe] => (Allow) C:\program files\epic games\ue_5.1\engine\binaries\win64\unrealeditor.exe => No File
FirewallRules: [TCP Query User{476B30FD-F091-4B69-AE2B-5C75D18BDAE4}C:\program files\amd\cnext\cnext\radeonsoftware.exe] => (Allow) C:\program files\amd\cnext\cnext\radeonsoftware.exe (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [UDP Query User{1240EE47-6633-42CE-8778-70436F82D6E6}C:\program files\amd\cnext\cnext\radeonsoftware.exe] => (Allow) C:\program files\amd\cnext\cnext\radeonsoftware.exe (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [{BDB76FA6-4714-4F79-A393-F454774E14CC}] => (Allow) C:\Program Files\AMD\CNext\CNext\amddvr.exe => No File
FirewallRules: [{892651D3-3265-4362-92F1-40D591A851F0}] => (Allow) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [{2C2978ED-15C8-4CA6-A81D-CA608AB863D9}] => (Allow) C:\Program Files\AMD\CNext\CNext\Radeonsoftware.exe (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [{AF417983-17BC-4DB8-9BF0-23EF673B2757}] => (Allow) C:\Program Files\AMD\CNext\CNext\AMDLink.exe => No File
FirewallRules: [{0974A1E0-0D3F-4B2C-8735-A622097C8073}] => (Allow) F:\SteamLibrary\steamapps\common\assettocorsa\AssettoCorsa.exe (Kunos Simulazioni) [File not signed]
FirewallRules: [{687DB401-0643-481F-9D5A-1F93EC5DC0DB}] => (Allow) F:\SteamLibrary\steamapps\common\assettocorsa\AssettoCorsa.exe (Kunos Simulazioni) [File not signed]
FirewallRules: [TCP Query User{9FB3A9C5-9A01-4299-8B57-55D0CBDA0E47}F:\steamlibrary\steamapps\common\assettocorsa\acs.exe] => (Allow) F:\steamlibrary\steamapps\common\assettocorsa\acs.exe () [File not signed]
FirewallRules: [UDP Query User{9CAF4407-5DB4-4C9B-BA7F-43479EBCDCF8}F:\steamlibrary\steamapps\common\assettocorsa\acs.exe] => (Allow) F:\steamlibrary\steamapps\common\assettocorsa\acs.exe () [File not signed]
FirewallRules: [{B96C6E51-1C8A-46E4-B901-BADCA6B568F6}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{B5563737-9BB3-4465-B553-03B5D92D3948}] => (Allow) C:\Users\urban\Downloads\reiboot.exe => No File
FirewallRules: [{D496C090-C3BD-4CF1-B399-95E20641AFD2}] => (Allow) C:\Users\urban\Downloads\reiboot.exe => No File
FirewallRules: [{02CD3FF6-C1B1-4749-8801-0406B180D509}] => (Allow) C:\Program Files (x86)\3uTools\libXunlei\Download\MiniThunderPlatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [{755DCBD9-FE2B-4EE8-A2B5-47390FDB67D0}] => (Allow) C:\Program Files (x86)\3uTools\libXunlei\Download\MiniThunderPlatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [{A350A27E-AE46-41E3-BFC2-31D9794E98E8}] => (Allow) LPort=80
FirewallRules: [TCP Query User{B59CCFF5-B7AC-4CFC-8FAC-B9476688DDFD}F:\steamlibrary\steamapps\common\assettocorsa\acs.exe] => (Allow) F:\steamlibrary\steamapps\common\assettocorsa\acs.exe () [File not signed]
FirewallRules: [UDP Query User{12A69DB2-1E36-4C32-9E03-AEF3FEB51779}F:\steamlibrary\steamapps\common\assettocorsa\acs.exe] => (Allow) F:\steamlibrary\steamapps\common\assettocorsa\acs.exe () [File not signed]
FirewallRules: [{0D4726DD-6D37-40C4-96B0-93920079AC11}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.207.1277.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9FA609BC-DEAA-443E-8841-AE3C8862ED26}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.207.1277.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4A6728D5-142A-421D-A9AF-91B2237636EB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.207.1277.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6052F9CA-6AF5-4293-905B-A6A51E17C554}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.207.1277.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{98C906F2-A4AC-4B58-8FBD-22BC5FE3AD95}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.207.1277.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{506C7C91-34DF-42B3-BCBF-5248CC6D7AF3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.207.1277.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E2794FC4-AE80-42CF-94C8-4A94F2A9599F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.207.1277.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8B59D511-01CD-404C-91E6-8000C702E0FE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.207.1277.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{85E49D38-9445-4C06-BFF5-FF5C2B9B95ED}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\111.0.1661.44\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EA97ED2D-A743-4385-956D-CE57F9DEDC3D}] => (Allow) LPort=32683
FirewallRules: [{B0D5358F-55F7-407E-A55E-0EBF980BBDE5}] => (Allow) LPort=26822

==================== Restore Points =========================

13-03-2023 15:52:07 Naplánovaný kontrolní bod
15-03-2023 14:15:37 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/19/2023 04:49:15 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LACKŢVPC$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sun, 19 Mar 2023 15:49:14 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: ffe32077-e6bd-41e8-8153-45c54885e243

Metoda: GET(219ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (03/19/2023 04:49:15 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro Místní systém přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sun, 19 Mar 2023 15:49:13 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 268db5d5-5a27-4402-bf05-34a9917bb19c

Metoda: GET(328ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (03/19/2023 04:49:07 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Wait Workflow Commands request from device.

Error: (03/19/2023 04:49:07 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Broadcast Receiver Server...

Error: (03/19/2023 04:49:07 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...

Error: (03/19/2023 04:49:07 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...

Error: (03/19/2023 04:49:07 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[3]: 192.168.100.7

Error: (03/19/2023 04:49:07 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[2]: 2a00:ca8:a17:1fe:dbe1:5b97:7f40:ef4e


System errors:
=============
Error: (03/20/2023 04:38:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Steam Client Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/20/2023 04:38:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Autodesk Desktop App Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/20/2023 04:38:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba MSI Live Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/20/2023 04:38:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba MSI Center Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/20/2023 04:38:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba FlexNet Licensing Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/20/2023 04:38:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba MSI_Case_Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/20/2023 04:38:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba MSIREGISTER_MR byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/20/2023 04:38:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Brother Workflow Application Controller byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
================
Date: 2023-03-19 18:37:58
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F714512C-F545-49C8-8640-8CCB8D1B33D7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-03-17 21:05:17
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {4198FF6A-950E-4BDE-93F3-903B55C3076C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-03-15 20:33:41
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\urban\Downloads\Slideboizz_car_pack_v1.1.rar
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: LACKŢVPC\urban
Název procesu: C:\Users\urban\AppData\Local\AcTools Content Manager\Plugins\7Zip\7z.exe
Verze bezpečnostních informací: AV: 1.385.98.0, AS: 1.385.98.0, NIS: 1.385.98.0
Verze modulu: AM: 1.1.20100.6, NIS: 1.1.20100.6

Date: 2023-03-15 18:39:57
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {16414281-2B13-4230-8A6A-5F09CD329428}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-03-15 14:12:16
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {74AE5B35-35E8-4CCB-B6FB-E7C4FA62FB0F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2023-03-19 16:49:08
Description:
Code Integrity determined that a process (System) attempted to load \Device\HarddiskVolume7\Windows\Temp\Atiflash\atillk64.sys that did not meet the Authenticode signing level requirements or violated code integrity policy (Policy ID:{d2bda982-ccf6-4344-ac5b-0b44427b6816}).

Date: 2023-03-19 16:49:08
Description:
The driver \Device\HarddiskVolume7\Windows\Temp\Atiflash\atillk64.sys is blocked from loading as the driver has been revoked by Microsoft.


==================== Memory info ===========================

BIOS: American Megatrends International, LLC. 1.H6 09/30/2021
Motherboard: Micro-Star International Co., Ltd B450 TOMAHAWK (MS-7C02)
Processor: AMD Ryzen 5 2600 Six-Core Processor
Percentage of memory in use: 12%
Total physical RAM: 32693.61 MB
Available physical RAM: 28503.62 MB
Total Virtual: 34741.61 MB
Available Virtual: 30006.58 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.87 GB) (Free:109.98 GB) (Model: CT250MX500SSD4) NTFS
Drive d: (Data) (Fixed) (Total:1863.01 GB) (Free:773.6 GB) (Model: WDC WD20EZBX-00AYRA0) NTFS
Drive e: (Nový svazek) (Fixed) (Total:223.47 GB) (Free:180.57 GB) (Model: WDC WDS240G1G0A-00SS50) NTFS
Drive f: (DAtat) (Fixed) (Total:1863 GB) (Free:354.5 GB) (Model: WDC WD20EZBX-00AYRA0) NTFS

\\?\Volume{9fc23b3e-641b-4db7-bde2-9ac78b688d6d}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: CA0A544B)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Size: 223.6 GB) (Disk ID: 38931AB8)

Partition: GPT.

==========================================================
Disk: 2 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 3 (Size: 232.9 GB) (Disk ID: 7DE976B0)

Partition: GPT.

==================== End of Addition.txt =======================

Re: Ukradnuté hesla, prosím o kontrolu

Napsal: 20 bře 2023 21:23
od Rudy
Teď spusťte tuto utilit:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz