Prosím o kontrolu mého systému. Přikládám log ze RSIT, při spuštění FRST přišla hláška, že Defender zabránil spuštní...
Logfile of random's system information tool 1.10 (written by random/random)
Run by Pavel at 2023-08-02 19:21:51
Microsoft Windows 10 Pro
System drive C: has 188 GB (77%) free of 244 GB
Total RAM: 8169 MB (63% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:21:57, on 02.08.2023
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.19041.1566)
Boot mode: Normal
Running processes:
C:\Utility\Volumouse\volumouse32.exe
C:\Utility\caps-unlocker\CapsUnlocker.exe
E:\Abacus\Aplikace\HotkeyP\HotkeyP.exe
C:\Program Files\trend micro\Pavel.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\115.0.1901.188\BHO\ie_to_edge_bho.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [M17A] C:\Windows\twain_32\Brimm17a\Common\TwDsUiLaunch.exe
O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
O4 - HKLM\..\Run: [BrotherSoftwareUpdateNotification] C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe /Autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Pavel\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [MicrosoftEdgeAutoLaunch_D188F7EFD71EAC8DC2AE49F95230A1B7] "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
O4 - HKCU\..\Run: [$Volumouse$] "C:\Utility\Volumouse\volumouse.exe" /nodlg
O4 - HKCU\..\Run: [CapsUnlocker] C:\Utility\caps-unlocker\CapsUnlocker.exe
O4 - HKCU\..\Run: [HotkeyP] E:\Abacus\Aplikace\HotkeyP\HotkeyP.exe 0
O4 - HKCU\..\Run: [PureText] "Z:\Install\Puretext\PureText.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ToolwizTimeFreeze] "C:\Program Files\Toolwiz Time Freeze 2017\ToolwizTimeFreeze.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: MEGAsync.lnk = C:\ProgramData\MEGAsync\MEGAsync.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~2\MICROS~2\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést cíl vazby do existujícího PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést vybrané vazby do Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést vybrané vazby do existujícího PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Převést výběr do Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést výběr do existujícího PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Přidat do stávajícího PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AOMEI Backupper Scheduler Service (Backupper Service) - AOMEI International Network Limited - C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.3.0\ABService.exe
O23 - Service: Box Sync Update Service (BoxSyncUpdateService) - Box, Inc. - C:\Program Files\Box\Box Sync\SyncUpdaterService.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\Windows\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_55607 - Unknown owner - C:\Windows\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: DisplayFusionService - Binary Fortress Software - C:\Program Files\DisplayFusion\DisplayFusionService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - Firebird Project - C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Firebird Project - C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GlUsbFltService - Unknown owner - C:\Windows\system32\GlHubFltService.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files\Google\Chrome\Application\115.0.5790.110\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sandboxie (SbieSvc) - Unknown owner - E:\Stahy\Sandboxie-Plus\SbieSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\Windows\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\Windows\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SyncBackFree Schedules Monitor (SyncBackFreeSchedulesMonitor) - 2BrightSparks Pte Ltd - C:\Program Files (x86)\2BrightSparks\SyncBackFree\SchedulesMonitor.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: Brother USB Application Controller (USBAppControl) - Unknown owner - C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Brother Workflow Application Controller (WorkflowAppControl) - Unknown owner - C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
--
End of file - 12586 bytes
======Listing Processes======
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
"fontdrvhost.exe"
C:\Windows\system32\svchost.exe -k RPCSS -p
C:\Windows\system32\svchost.exe -k DcomLaunch -p -s LSM
"dwm.exe"
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\Windows\system32\svchost.exe -k LocalService -p -s bthserv
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -s BTAGService
C:\Windows\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
C:\Windows\system32\svchost.exe -k netsvcs -p -s Schedule
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
C:\Windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k netsvcs -p -s UserManager
C:\Windows\system32\svchost.exe -k LocalService -p -s nsi
C:\Windows\system32\svchost.exe -k LocalService -p -s DispBrokerDesktopSvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-84a19b12-f18d-43f2-b5e8-bbd2b90a1be9 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-6d73750e-0996-439f-85a4-e1eb19c9d8e3 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-60066b1d-e823-4de9-8143-00169a7910c0 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-9935b05d-3bd9-46e6-b456-29fc215dd3f3 -LifetimeId:f7ff70b1-eb70-48c6-8780-cfe4c156a6b2 -DeviceGroupId:WpdFsGroup -HostArg:0
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k NetworkService -p -s NlaSvc
atieclxx
C:\Windows\System32\svchost.exe -k netsvcs -p -s Themes
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\Windows\system32\svchost.exe -k LocalService -p -s EventSystem
C:\Windows\System32\svchost.exe -k LocalService -p -s netprofm
C:\Windows\system32\svchost.exe -k netsvcs -p -s SENS
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\Windows\system32\svchost.exe -k LocalService -p -s FontCache
dashost.exe {d49f229a-648c-44df-b090adf0f096298e}
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork -p -s NcdAutoSetup
C:\Windows\system32\svchost.exe -k LocalService -p -s fdPHost
C:\Windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s FDResPub
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\Windows\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\Windows\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\Windows\system32\svchost.exe -k appmodel -p -s StateRepository
C:\Windows\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\Windows\system32\AUDIODG.EXE 0x56c
C:\Windows\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
C:\Windows\System32\svchost.exe -k utcsvc -p
C:\Windows\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\Windows\system32\GlHubFltService.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
"C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe" -s DefaultInstance
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
C:\Windows\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
C:\Windows\system32\svchost.exe -k netsvcs -p -s WpnService
C:\Windows\system32\svchost.exe -k LocalService -p -s SstpSvc
"C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe"
"C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe"
"C:\Program Files (x86)\2BrightSparks\SyncBackFree\SchedulesMonitor.exe"
C:\Windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\Windows\System32\svchost.exe -k NetworkService -p -s TapiSrv
C:\Windows\System32\svchost.exe -k LocalService -p -s WdiServiceHost
dashost.exe {21344101-8357-41a3-9ff28c018a94e078}
"C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe" -s DefaultInstance
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted -p -s PolicyAgent
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -s RmSvc
C:\Windows\System32\svchost.exe -k netsvcs
sihost.exe
C:\Windows\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
C:\Windows\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
C:\Windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
"ctfmon.exe"
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\Windows\system32\svchost.exe -k LocalService -p -s CDPSvc
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\system32\svchost.exe -k netsvcs -p -s UsoSvc
C:\Windows\system32\svchost.exe -k netsvcs -p -s wuauserv
"C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23052.125.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe" -ComServer:Background -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\smartscreen.exe -Embedding
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
"C:\Program Files\Box\Box Sync\BoxSync.exe" -m
"C:\Utility\Volumouse\volumouse.exe" /nodlg
"C:\Utility\Volumouse\volumouse32.exe" /loadvlm 131898 "C:\Utility\Volumouse\volumouse.cfg"
"C:\Utility\caps-unlocker\CapsUnlocker.exe"
"E:\Abacus\Aplikace\HotkeyP\HotkeyP.exe" 0
C:\Windows\system32\wbem\wmiprvse.exe
"Z:\Install\Puretext\PureText.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\ProgramData\MEGAsync\MEGAsync.exe"
"C:\Program Files\Box\Box Sync\BoxSyncMonitor.exe" -l 75 -p 8964
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
C:\Windows\system32\ApplicationFrameHost.exe -Embedding
C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe" -ServerName:InputApp.AppXjd5de1g66v206tj52m9d0dtpppx4cgpn.mca
C:\Windows\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
C:\Windows\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\Windows\System32\svchost.exe -k LocalService -p -s LicenseManager
C:\Windows\System32\svchost.exe -k UnistackSvcGroup
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
"C:\Program Files\DisplayFusion\DisplayFusionService.exe"
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc
C:\Windows\system32\svchost.exe -k LocalService -s W32Time
"C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.3.0\ABService.exe"
C:\Windows\System32\svchost.exe -k netsvcs -p
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
"C:\Program Files\Google\Chrome\Application\chrome.exe"
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Pavel\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=115.0.5790.110 --initial-client-data=0x1f8,0x1fc,0x200,0x1a4,0x204,0x7ff91d51e9e0,0x7ff91d51e9f0,0x7ff91d51ea00
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1952 --field-trial-handle=1956,i,1317815715511762087,5804733623509035633,262144 /prefetch:2
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=cs --service-sandbox-type=none --mojo-platform-channel-handle=2156 --field-trial-handle=1956,i,1317815715511762087,5804733623509035633,262144 /prefetch:8
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=cs --service-sandbox-type=service --mojo-platform-channel-handle=2300 --field-trial-handle=1956,i,1317815715511762087,5804733623509035633,262144 /prefetch:8
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --origin-trial-disabled-features=WebGPU --first-renderer-process --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --time-ticks-at-unix-epoch=-1690996303132634 --launch-time-ticks=246478447 --mojo-platform-channel-handle=3164 --field-trial-handle=1956,i,1317815715511762087,5804733623509035633,262144 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --origin-trial-disabled-features=WebGPU --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --time-ticks-at-unix-epoch=-1690996303132634 --launch-time-ticks=246672189 --mojo-platform-channel-handle=4324 --field-trial-handle=1956,i,1317815715511762087,5804733623509035633,262144 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --origin-trial-disabled-features=WebGPU --disable-gpu-compositing --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --time-ticks-at-unix-epoch=-1690996303132634 --launch-time-ticks=246692865 --mojo-platform-channel-handle=4688 --field-trial-handle=1956,i,1317815715511762087,5804733623509035633,262144 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --origin-trial-disabled-features=WebGPU --disable-gpu-compositing --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --time-ticks-at-unix-epoch=-1690996303132634 --launch-time-ticks=275495991 --mojo-platform-channel-handle=5764 --field-trial-handle=1956,i,1317815715511762087,5804733623509035633,262144 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --origin-trial-disabled-features=WebGPU --disable-gpu-compositing --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --time-ticks-at-unix-epoch=-1690996303132634 --launch-time-ticks=275997900 --mojo-platform-channel-handle=6116 --field-trial-handle=1956,i,1317815715511762087,5804733623509035633,262144 /prefetch:1
"C:\totalcmd\TOTALCMD64.EXE"
"E:\Stahy\RSITx64.exe"
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --origin-trial-disabled-features=WebGPU --disable-gpu-compositing --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --time-ticks-at-unix-epoch=-1690996303132634 --launch-time-ticks=545474387 --mojo-platform-channel-handle=5152 --field-trial-handle=1956,i,1317815715511762087,5804733623509035633,262144 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=cs --service-sandbox-type=audio --mojo-platform-channel-handle=6496 --field-trial-handle=1956,i,1317815715511762087,5804733623509035633,262144 /prefetch:8
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\CreateExplorerShellUnelevatedTask.job - C:\Windows\explorer.exe
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosba o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosba o kontrolu
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\115.0.1901.188\BHO\ie_to_edge_bho_64.dll [2023-07-27 587712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\PROGRA~1\MICROS~1\Office16\GROOVEEX.DLL [2015-07-31 2165976]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\115.0.1901.188\BHO\ie_to_edge_bho.dll [2023-07-27 456128]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23 321120]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23 321120]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Windows\system32\SecurityHealthSystray.exe [2019-12-07 86016]
"KeePass 2 PreLoad"=C:\Program Files\KeePass Password Safe 2\KeePass.exe [2023-02-08 3246992]
"BoxSync"=C:\Program Files\Box\Box Sync\BoxSync.exe [2022-06-08 5932720]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Pavel\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2023-07-29 2607520]
"MicrosoftEdgeAutoLaunch_D188F7EFD71EAC8DC2AE49F95230A1B7"=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe [2023-07-27 4088256]
"$Volumouse$"=C:\Utility\Volumouse\volumouse.exe [2011-06-21 88576]
"CapsUnlocker"=C:\Utility\caps-unlocker\CapsUnlocker.exe [2013-08-17 253952]
"HotkeyP"=E:\Abacus\Aplikace\HotkeyP\HotkeyP.exe [2016-04-26 258048]
"PureText"=Z:\Install\Puretext\PureText.exe [2018-03-01 117704]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2013-10-02 1475072]
"ToolwizTimeFreeze"=C:\Program Files\Toolwiz Time Freeze 2017\ToolwizTimeFreeze.exe [2023-04-26 1623896]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2015-11-04 767176]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [2006-10-23 620152]
""= []
"M17A"=C:\Windows\twain_32\Brimm17a\Common\TwDsUiLaunch.exe [2020-03-27 86128]
"ControlCenter4"=C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [2019-07-26 145344]
"BrotherSoftwareUpdateNotification"=C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [2022-10-09 3591168]
"BrStsMon00"=C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2022-02-07 3146752]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"usbfltrb"= []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Acrobat Speed Launcher.lnk - C:\Windows\Installer\{AC76BA86-1029-0000-7760-000000000003}\_SC_Acrobat.exe
Adobe Acrobat Synchronizer.lnk - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
MEGAsync.lnk - C:\ProgramData\MEGAsync\MEGAsync.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HidSpiCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcCtnrSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HidSpiCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsQuic]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcCtnrSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"aux1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave1"=wdmaud.drv
"aux2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave2"=wdmaud.drv
======File associations======
.inf - install -
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2023-08-02 19:21:52 ----D---- C:\Program Files\trend micro
2023-08-02 19:21:51 ----D---- C:\rsit
2023-08-02 19:14:21 ----A---- C:\Windows\system32\amwrtdrv.sys
2023-08-02 19:14:21 ----A---- C:\Windows\system32\ammntdrv.sys
2023-08-02 19:14:21 ----A---- C:\Windows\system32\ambakdrv.sys
2023-08-02 19:14:12 ----D---- C:\Program Files (x86)\AOMEI
2023-07-23 14:58:36 ----D---- C:\Windows\system32\appmgmt
2023-07-22 11:38:31 ----D---- C:\Users\Pavel\AppData\Roaming\znote
2023-07-20 21:04:20 ----D---- C:\Users\Pavel\AppData\Roaming\com.adobe.dunamis
2023-07-20 21:02:26 ----D---- C:\Program Files\Common Files\Adobe
2023-07-20 08:49:55 ----D---- C:\Users\Pavel\AppData\Roaming\smart-control
2023-07-20 08:49:52 ----A---- C:\Windows\system32\GlHubFltService.exe
2023-07-20 08:49:52 ----A---- C:\Windows\system32\drivers\glusbflt.sys
2023-07-20 08:49:37 ----D---- C:\SmartControlBeta
2023-07-19 20:41:01 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2023-07-19 20:32:03 ----D---- C:\Users\Pavel\AppData\Roaming\Macromedia
2023-07-18 07:15:23 ----A---- C:\Windows\SYSWOW64\wmp.dll
2023-07-18 07:15:23 ----A---- C:\Windows\system32\wmpps.dll
2023-07-18 07:15:23 ----A---- C:\Windows\system32\wmp.dll
2023-07-18 07:15:22 ----A---- C:\Windows\SYSWOW64\quickassist.exe
2023-07-18 07:15:21 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2023-07-18 07:15:21 ----A---- C:\Windows\SYSWOW64\mfsvr.dll
2023-07-18 07:15:21 ----A---- C:\Windows\SYSWOW64\mfps.dll
2023-07-18 07:15:21 ----A---- C:\Windows\SYSWOW64\MFPlay.dll
2023-07-18 07:15:21 ----A---- C:\Windows\SYSWOW64\MFMediaEngine.dll
2023-07-18 07:15:21 ----A---- C:\Windows\SYSWOW64\mfcore.dll
2023-07-18 07:15:21 ----A---- C:\Windows\SYSWOW64\DolbyDecMFT.dll
2023-07-18 07:15:21 ----A---- C:\Windows\SYSWOW64\dlnashext.dll
2023-07-18 07:15:21 ----A---- C:\Windows\system32\quickassist.exe
2023-07-18 07:15:21 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2023-07-18 07:15:21 ----A---- C:\Windows\system32\mfsvr.dll
2023-07-18 07:15:21 ----A---- C:\Windows\system32\mfps.dll
2023-07-18 07:15:21 ----A---- C:\Windows\system32\MFMediaEngine.dll
2023-07-18 07:15:21 ----A---- C:\Windows\system32\DolbyDecMFT.dll
2023-07-18 07:15:21 ----A---- C:\Windows\system32\dlnashext.dll
2023-07-18 07:15:20 ----A---- C:\Windows\SYSWOW64\Microsoft.Uev.AppAgent.dll
2023-07-18 07:15:20 ----A---- C:\Windows\system32\Microsoft.Uev.ModernAppAgent.dll
2023-07-18 07:15:20 ----A---- C:\Windows\system32\Microsoft.Uev.CommonBridge.dll
2023-07-18 07:15:20 ----A---- C:\Windows\system32\Microsoft.Uev.AppAgent.dll
2023-07-18 07:15:20 ----A---- C:\Windows\system32\MFPlay.dll
2023-07-18 07:15:20 ----A---- C:\Windows\system32\mfcore.dll
2023-07-18 07:15:20 ----A---- C:\Windows\system32\CustomShellHost.exe
2023-07-18 07:15:20 ----A---- C:\Windows\system32\AgentService.exe
2023-07-18 07:15:19 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2023-07-18 07:15:19 ----A---- C:\Windows\SYSWOW64\SessEnv.dll
2023-07-18 07:15:19 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2023-07-18 07:15:19 ----A---- C:\Windows\SYSWOW64\lsmproxy.dll
2023-07-18 07:15:19 ----A---- C:\Windows\SYSWOW64\drttransport.dll
2023-07-18 07:15:19 ----A---- C:\Windows\SYSWOW64\drtprov.dll
2023-07-18 07:15:19 ----A---- C:\Windows\SYSWOW64\drt.dll
2023-07-18 07:15:19 ----A---- C:\Windows\system32\drivers\AppvVfs.sys
2023-07-18 07:15:19 ----A---- C:\Windows\system32\drivers\AppvVemgr.sys
2023-07-18 07:15:19 ----A---- C:\Windows\system32\drivers\AppVStrm.sys
2023-07-18 07:15:19 ----A---- C:\Windows\system32\AppVEntVirtualization.dll
2023-07-18 07:15:19 ----A---- C:\Windows\system32\AppVClient.exe
2023-07-18 07:15:18 ----A---- C:\Windows\SYSWOW64\wsp_health.dll
2023-07-18 07:15:18 ----A---- C:\Windows\SYSWOW64\wsp_fs.dll
2023-07-18 07:15:18 ----A---- C:\Windows\SYSWOW64\sqlsrv32.dll
2023-07-18 07:15:18 ----A---- C:\Windows\SYSWOW64\offreg.dll
2023-07-18 07:15:18 ----A---- C:\Windows\SYSWOW64\odbc32.dll
2023-07-18 07:15:18 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2023-07-18 07:15:18 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2023-07-18 07:15:18 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2023-07-18 07:15:18 ----A---- C:\Windows\SYSWOW64\msi.dll
2023-07-18 07:15:18 ----A---- C:\Windows\SYSWOW64\mmc.exe
2023-07-18 07:15:18 ----A---- C:\Windows\SYSWOW64\mfsensorgroup.dll
2023-07-18 07:15:18 ----A---- C:\Windows\SYSWOW64\iemigplugin.dll
2023-07-18 07:15:18 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2023-07-18 07:15:18 ----A---- C:\Windows\SYSWOW64\FrameServerClient.dll
2023-07-18 07:15:18 ----A---- C:\Windows\SYSWOW64\certutil.exe
2023-07-18 07:15:18 ----A---- C:\Windows\SYSWOW64\certreq.exe
2023-07-18 07:15:17 ----A---- C:\Windows\SYSWOW64\IndexedDbLegacy.dll
2023-07-18 07:15:17 ----A---- C:\Windows\SYSWOW64\Chakra.dll
2023-07-18 07:15:16 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2023-07-18 07:15:15 ----A---- C:\Windows\SYSWOW64\xolehlp.dll
2023-07-18 07:15:15 ----A---- C:\Windows\SYSWOW64\upnphost.dll
2023-07-18 07:15:15 ----A---- C:\Windows\SYSWOW64\mtxclu.dll
2023-07-18 07:15:15 ----A---- C:\Windows\SYSWOW64\msdtcuiu.dll
2023-07-18 07:15:15 ----A---- C:\Windows\SYSWOW64\msdtcspoffln.dll
2023-07-18 07:15:15 ----A---- C:\Windows\SYSWOW64\msdtcprx.dll
2023-07-18 07:15:15 ----A---- C:\Windows\SYSWOW64\iassvcs.dll
2023-07-18 07:15:15 ----A---- C:\Windows\SYSWOW64\iassdo.dll
2023-07-18 07:15:15 ----A---- C:\Windows\SYSWOW64\iashlpr.dll
2023-07-18 07:15:15 ----A---- C:\Windows\SYSWOW64\iasdatastore.dll
2023-07-18 07:15:15 ----A---- C:\Windows\SYSWOW64\edgehtml.dll
2023-07-18 07:15:15 ----A---- C:\Windows\SYSWOW64\dswave.dll
2023-07-18 07:15:15 ----A---- C:\Windows\SYSWOW64\dmusic.dll
2023-07-18 07:15:15 ----A---- C:\Windows\SYSWOW64\dmsynth.dll
2023-07-18 07:15:15 ----A---- C:\Windows\SYSWOW64\dmstyle.dll
2023-07-18 07:15:15 ----A---- C:\Windows\SYSWOW64\dmscript.dll
2023-07-18 07:15:15 ----A---- C:\Windows\SYSWOW64\dmloader.dll
2023-07-18 07:15:15 ----A---- C:\Windows\SYSWOW64\dmime.dll
2023-07-18 07:15:15 ----A---- C:\Windows\SYSWOW64\dmcompos.dll
2023-07-18 07:15:15 ----A---- C:\Windows\SYSWOW64\dmband.dll
2023-07-18 07:15:15 ----A---- C:\Windows\system32\vmrdvcore.dll
2023-07-18 07:15:15 ----A---- C:\Windows\system32\termsrv.dll
2023-07-18 07:15:15 ----A---- C:\Windows\system32\SessEnv.dll
2023-07-18 07:15:15 ----A---- C:\Windows\system32\rdsdwmdr.dll
2023-07-18 07:15:15 ----A---- C:\Windows\system32\RDSAppXHelper.dll
2023-07-18 07:15:15 ----A---- C:\Windows\system32\drttransport.dll
2023-07-18 07:15:15 ----A---- C:\Windows\system32\drtprov.dll
2023-07-18 07:15:15 ----A---- C:\Windows\system32\drt.dll
2023-07-18 07:15:15 ----A---- C:\Windows\system32\CXHProvisioningServer.dll
2023-07-18 07:15:14 ----A---- C:\Windows\system32\wsp_health.dll
2023-07-18 07:15:14 ----A---- C:\Windows\system32\wsp_fs.dll
2023-07-18 07:15:14 ----A---- C:\Windows\system32\tsgqec.dll
2023-07-18 07:15:14 ----A---- C:\Windows\system32\rdpudd.dll
2023-07-18 07:15:14 ----A---- C:\Windows\system32\rdpcredentialprovider.dll
2023-07-18 07:15:14 ----A---- C:\Windows\system32\rdpcorets.dll
2023-07-18 07:15:14 ----A---- C:\Windows\system32\PktMonApi.dll
2023-07-18 07:15:14 ----A---- C:\Windows\system32\PktMon.exe
2023-07-18 07:15:14 ----A---- C:\Windows\system32\offreg.dll
2023-07-18 07:15:14 ----A---- C:\Windows\system32\nshwfp.dll
2023-07-18 07:15:14 ----A---- C:\Windows\system32\nltest.exe
2023-07-18 07:15:14 ----A---- C:\Windows\system32\mstscax.dll
2023-07-18 07:15:14 ----A---- C:\Windows\system32\mstsc.exe
2023-07-18 07:15:14 ----A---- C:\Windows\system32\msimsg.dll
2023-07-18 07:15:14 ----A---- C:\Windows\system32\msi.dll
2023-07-18 07:15:14 ----A---- C:\Windows\system32\mfsensorgroup.dll
2023-07-18 07:15:14 ----A---- C:\Windows\system32\McpManagementService.dll
2023-07-18 07:15:14 ----A---- C:\Windows\system32\lsmproxy.dll
2023-07-18 07:15:14 ----A---- C:\Windows\system32\FsIso.exe
2023-07-18 07:15:14 ----A---- C:\Windows\system32\FrameServerClient.dll
2023-07-18 07:15:14 ----A---- C:\Windows\system32\FrameServer.dll
2023-07-18 07:15:14 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2023-07-18 07:15:14 ----A---- C:\Windows\system32\drivers\PktMon.sys
2023-07-18 07:15:14 ----A---- C:\Windows\system32\certutil.exe
2023-07-18 07:15:14 ----A---- C:\Windows\system32\certreq.exe
2023-07-18 07:15:13 ----A---- C:\Windows\system32\wshrm.dll
2023-07-18 07:15:13 ----A---- C:\Windows\system32\sqlsrv32.dll
2023-07-18 07:15:13 ----A---- C:\Windows\system32\odbc32.dll
2023-07-18 07:15:13 ----A---- C:\Windows\system32\IndexedDbLegacy.dll
2023-07-18 07:15:13 ----A---- C:\Windows\system32\IESettingSync.exe
2023-07-18 07:15:13 ----A---- C:\Windows\system32\iemigplugin.dll
2023-07-18 07:15:13 ----A---- C:\Windows\system32\ieframe.dll
2023-07-18 07:15:13 ----A---- C:\Windows\system32\drivers\rmcast.sys
2023-07-18 07:15:12 ----A---- C:\Windows\system32\mshtml.dll
2023-07-18 07:15:11 ----A---- C:\Windows\system32\wiatrace.dll
2023-07-18 07:15:11 ----A---- C:\Windows\system32\wiaservc.dll
2023-07-18 07:15:11 ----A---- C:\Windows\system32\wiarpc.dll
2023-07-18 07:15:11 ----A---- C:\Windows\system32\wercplsupport.dll
2023-07-18 07:15:11 ----A---- C:\Windows\system32\werconcpl.dll
2023-07-18 07:15:11 ----A---- C:\Windows\system32\StorSvc.dll
2023-07-18 07:15:11 ----A---- C:\Windows\system32\StorageUsage.dll
2023-07-18 07:15:11 ----A---- C:\Windows\system32\sti.dll
2023-07-18 07:15:11 ----A---- C:\Windows\system32\iassvcs.dll
2023-07-18 07:15:11 ----A---- C:\Windows\system32\iassdo.dll
2023-07-18 07:15:11 ----A---- C:\Windows\system32\iashlpr.dll
2023-07-18 07:15:11 ----A---- C:\Windows\system32\iasdatastore.dll
2023-07-18 07:15:11 ----A---- C:\Windows\system32\EsclWiaDriver.dll
2023-07-18 07:15:11 ----A---- C:\Windows\system32\edgehtml.dll
2023-07-18 07:15:11 ----A---- C:\Windows\system32\dswave.dll
2023-07-18 07:15:11 ----A---- C:\Windows\system32\dmusic.dll
2023-07-18 07:15:11 ----A---- C:\Windows\system32\dmsynth.dll
2023-07-18 07:15:11 ----A---- C:\Windows\system32\dmloader.dll
2023-07-18 07:15:10 ----A---- C:\Windows\system32\xolehlp.dll
2023-07-18 07:15:10 ----A---- C:\Windows\system32\ReportingCSP.dll
2023-07-18 07:15:10 ----A---- C:\Windows\system32\mtxclu.dll
2023-07-18 07:15:10 ----A---- C:\Windows\system32\msdtcuiu.dll
2023-07-18 07:15:10 ----A---- C:\Windows\system32\msdtctm.dll
2023-07-18 07:15:10 ----A---- C:\Windows\system32\msdtcspoffln.dll
2023-07-18 07:15:10 ----A---- C:\Windows\system32\msdtcprx.dll
2023-07-18 07:15:10 ----A---- C:\Windows\system32\msdtclog.dll
2023-07-18 07:15:10 ----A---- C:\Windows\system32\msdtckrm.dll
2023-07-18 07:15:10 ----A---- C:\Windows\system32\msdtc.exe
2023-07-18 07:15:10 ----A---- C:\Windows\system32\MDMAppInstaller.exe
2023-07-18 07:15:10 ----A---- C:\Windows\system32\EnterpriseDesktopAppMgmtCSP.dll
2023-07-18 07:15:10 ----A---- C:\Windows\system32\computestorage.dll
2023-07-18 07:15:09 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2023-07-18 07:15:09 ----A---- C:\Windows\system32\upnphost.dll
2023-07-18 07:15:09 ----A---- C:\Windows\system32\tcbloader.dll
2023-07-18 07:15:09 ----A---- C:\Windows\system32\tcblaunch.exe
2023-07-18 07:15:09 ----A---- C:\Windows\system32\skci.dll
2023-07-18 07:15:09 ----A---- C:\Windows\system32\SecureBootEncodeUEFI.exe
2023-07-18 07:15:09 ----A---- C:\Windows\system32\sdshext.dll
2023-07-18 07:15:09 ----A---- C:\Windows\system32\sdrsvc.dll
2023-07-18 07:15:09 ----A---- C:\Windows\system32\sdengin2.dll
2023-07-18 07:15:09 ----A---- C:\Windows\system32\sdclt.exe
2023-07-18 07:15:09 ----A---- C:\Windows\system32\hvix64.exe
2023-07-18 07:15:09 ----A---- C:\Windows\system32\hvax64.exe
2023-07-18 07:15:08 ----A---- C:\Windows\SYSWOW64\twext.dll
2023-07-18 07:15:08 ----A---- C:\Windows\SYSWOW64\shell32.dll
2023-07-18 07:15:08 ----A---- C:\Windows\SYSWOW64\rtm.dll
2023-07-18 07:15:08 ----A---- C:\Windows\SYSWOW64\iprtrmgr.dll
2023-07-18 07:15:08 ----A---- C:\Windows\SYSWOW64\iprtprio.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\wldp.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\wkscli.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\Windows.Media.Playback.ProxyStub.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\Windows.Media.Playback.MediaPlayer.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\Windows.Media.BackgroundPlayback.exe
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\Windows.Media.BackgroundMediaPlayback.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\Windows.Internal.Management.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\userenv.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\tdh.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\srvcli.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\schedcli.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\setupapi.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\runonce.exe
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\proquota.exe
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\policymanager.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\newdev.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\netlogon.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\msIso.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\msaatext.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\mprdim.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\MicrosoftAccountTokenProvider.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\mdmlocalmanagement.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\logoncli.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\keyiso.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\enrollmentapi.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\edgeIso.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\drvsetup.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\dmenrollengine.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\DMAlertListener.ProxyStub.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\devobj.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\credprovslegacy.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\AboveLockAppHost.dll
2023-07-18 07:15:06 ----A---- C:\Windows\SYSWOW64\Windows.Storage.Search.dll
2023-07-18 07:15:06 ----A---- C:\Windows\SYSWOW64\Windows.StateRepositoryUpgrade.dll
2023-07-18 07:15:06 ----A---- C:\Windows\SYSWOW64\Windows.StateRepositoryPS.dll
2023-07-18 07:15:06 ----A---- C:\Windows\SYSWOW64\Windows.StateRepositoryCore.dll
2023-07-18 07:15:06 ----A---- C:\Windows\SYSWOW64\Windows.StateRepositoryClient.dll
2023-07-18 07:15:06 ----A---- C:\Windows\SYSWOW64\Windows.StateRepositoryBroker.dll
2023-07-18 07:15:06 ----A---- C:\Windows\SYSWOW64\Windows.StateRepository.dll
2023-07-18 07:15:06 ----A---- C:\Windows\SYSWOW64\win32u.dll
2023-07-18 07:15:06 ----A---- C:\Windows\SYSWOW64\win32kfull.sys
2023-07-18 07:15:06 ----A---- C:\Windows\SYSWOW64\win32k.sys
2023-07-18 07:15:06 ----A---- C:\Windows\SYSWOW64\user32.dll
2023-07-18 07:15:06 ----A---- C:\Windows\SYSWOW64\updatepolicy.dll
2023-07-18 07:15:06 ----A---- C:\Windows\SYSWOW64\StateRepository.Core.dll
2023-07-18 07:15:06 ----A---- C:\Windows\SYSWOW64\rdpserverbase.dll
2023-07-18 07:15:06 ----A---- C:\Windows\SYSWOW64\rdpbase.dll
2023-07-18 07:15:06 ----A---- C:\Windows\SYSWOW64\profext.dll
2023-07-18 07:15:06 ----A---- C:\Windows\SYSWOW64\negoexts.dll
2023-07-18 07:15:06 ----A---- C:\Windows\SYSWOW64\mdmregistration.dll
2023-07-18 07:15:06 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2023-07-18 07:15:06 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2023-07-18 07:15:06 ----A---- C:\Windows\SYSWOW64\daxexec.dll
2023-07-18 07:15:06 ----A---- C:\Windows\SYSWOW64\CoreMessaging.dll
2023-07-18 07:15:06 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2023-07-18 07:15:06 ----A---- C:\Windows\SYSWOW64\AppXDeploymentClient.dll
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\windows.storage.dll
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.dll
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\twinui.appcore.dll
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\tquery.dll
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\TileDataRepository.dll
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\Search.ProtocolHandler.MAPI2.dll
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\mssprxy.dll
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\mssph.dll
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\mssitlb.dll
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\InstallServiceTasks.dll
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\InstallService.dll
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\InkObjCore.dll
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\crypttpmeksvc.dll
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\CloudExperienceHostCommon.dll
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\ActivationManager.dll
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\aadWamExtension.dll
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\aadtb.dll
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\aadauthhelper.dll
2023-07-18 07:15:04 ----A---- C:\Windows\SYSWOW64\winsta.dll
2023-07-18 07:15:04 ----A---- C:\Windows\SYSWOW64\Windows.UI.Xaml.dll
2023-07-18 07:15:04 ----A---- C:\Windows\SYSWOW64\twinui.dll
2023-07-18 07:15:04 ----A---- C:\Windows\SYSWOW64\twinapi.dll
2023-07-18 07:15:04 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2023-07-18 07:15:04 ----A---- C:\Windows\SYSWOW64\ReAgentc.exe
2023-07-18 07:15:04 ----A---- C:\Windows\SYSWOW64\LaunchWinApp.exe
2023-07-18 07:15:04 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2023-07-18 07:15:04 ----A---- C:\Windows\SYSWOW64\IDStore.dll
2023-07-18 07:15:04 ----A---- C:\Windows\SYSWOW64\dot3msm.dll
2023-07-18 07:15:04 ----A---- C:\Windows\SYSWOW64\dot3api.dll
2023-07-18 07:15:03 ----A---- C:\Windows\SYSWOW64\wscproxystub.dll
2023-07-18 07:15:03 ----A---- C:\Windows\SYSWOW64\wscisvif.dll
2023-07-18 07:15:03 ----A---- C:\Windows\SYSWOW64\wscapi.dll
2023-07-18 07:15:03 ----A---- C:\Windows\SYSWOW64\wscadminui.exe
2023-07-18 07:15:03 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.ConversationalAgent.dll
2023-07-18 07:15:03 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2023-07-18 07:15:03 ----A---- C:\Windows\SYSWOW64\profapi.dll
2023-07-18 07:15:03 ----A---- C:\Windows\SYSWOW64\PCPKsp.dll
2023-07-18 07:15:03 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2023-07-18 07:15:03 ----A---- C:\Windows\SYSWOW64\explorer.exe
2023-07-18 07:15:03 ----A---- C:\Windows\SYSWOW64\dsound.dll
2023-07-18 07:15:03 ----A---- C:\Windows\SYSWOW64\dsdmo.dll
2023-07-18 07:15:03 ----A---- C:\Windows\SYSWOW64\browcli.dll
2023-07-18 07:15:03 ----A---- C:\Windows\system32\ServicingUAPI.dll
2023-07-18 07:15:03 ----A---- C:\Windows\system32\kernel32.dll
2023-07-18 07:15:02 ----A---- C:\Windows\system32\winsta.dll
2023-07-18 07:15:02 ----A---- C:\Windows\system32\twinui.dll
2023-07-18 07:15:02 ----A---- C:\Windows\system32\twinapi.dll
2023-07-18 07:15:02 ----A---- C:\Windows\system32\TSWorkspace.dll
2023-07-18 07:15:02 ----A---- C:\Windows\system32\rtm.dll
2023-07-18 07:15:02 ----A---- C:\Windows\system32\mprdim.dll
2023-07-18 07:15:02 ----A---- C:\Windows\system32\lsm.dll
2023-07-18 07:15:02 ----A---- C:\Windows\system32\LaunchWinApp.exe
2023-07-18 07:15:02 ----A---- C:\Windows\system32\iprtrmgr.dll
2023-07-18 07:15:02 ----A---- C:\Windows\system32\iprtprio.dll
2023-07-18 07:15:02 ----A---- C:\Windows\system32\drvsetup.dll
2023-07-18 07:15:02 ----A---- C:\Windows\system32\drivers\volsnap.sys
2023-07-18 07:15:02 ----A---- C:\Windows\system32\6bea57fb-8dfb-4177-9ae8-42e8b3529933_RuntimeDeviceInstall.dll
2023-07-18 07:15:01 ----A---- C:\Windows\system32\WUDFx02000.dll
2023-07-18 07:15:01 ----A---- C:\Windows\system32\WUDFPlatform.dll
2023-07-18 07:15:01 ----A---- C:\Windows\system32\WUDFHost.exe
2023-07-18 07:15:01 ----A---- C:\Windows\system32\WUDFCompanionHost.exe
2023-07-18 07:15:01 ----A---- C:\Windows\system32\WsmSvc.dll
2023-07-18 07:15:01 ----A---- C:\Windows\system32\urlmon.dll
2023-07-18 07:15:01 ----A---- C:\Windows\system32\setupapi.dll
2023-07-18 07:15:01 ----A---- C:\Windows\system32\runonce.exe
2023-07-18 07:15:01 ----A---- C:\Windows\system32\ReAgentc.exe
2023-07-18 07:15:01 ----A---- C:\Windows\system32\pnputil.exe
2023-07-18 07:15:01 ----A---- C:\Windows\system32\pnppolicy.dll
2023-07-18 07:15:01 ----A---- C:\Windows\system32\newdev.dll
2023-07-18 07:15:01 ----A---- C:\Windows\system32\msIso.dll
2023-07-18 07:15:01 ----A---- C:\Windows\system32\msaatext.dll
2023-07-18 07:15:01 ----A---- C:\Windows\system32\lapscsp.dll
2023-07-18 07:15:01 ----A---- C:\Windows\system32\laps.dll
2023-07-18 07:15:01 ----A---- C:\Windows\system32\iertutil.dll
2023-07-18 07:15:01 ----A---- C:\Windows\system32\gpapi.dll
2023-07-18 07:15:01 ----A---- C:\Windows\system32\edgeIso.dll
2023-07-18 07:15:01 ----A---- C:\Windows\system32\drvinst.exe
2023-07-18 07:15:01 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2023-07-18 07:15:01 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2023-07-18 07:15:01 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2023-07-18 07:15:01 ----A---- C:\Windows\system32\AppXDeploymentServer.dll
2023-07-18 07:15:01 ----A---- C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2023-07-18 07:15:01 ----A---- C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2023-07-18 07:15:01 ----A---- C:\Windows\system32\ApplyTrustOffline.exe
2023-07-18 07:15:01 ----A---- C:\Windows\system32\AboveLockAppHost.dll
2023-07-18 07:15:00 ----A---- C:\Windows\system32\Windows.Internal.Management.dll
2023-07-18 07:15:00 ----A---- C:\Windows\system32\umb.dll
2023-07-18 07:15:00 ----A---- C:\Windows\system32\tpmvscmgrsvr.exe
2023-07-18 07:15:00 ----A---- C:\Windows\system32\tdh.dll
2023-07-18 07:15:00 ----A---- C:\Windows\system32\sppsvc.exe
2023-07-18 07:15:00 ----A---- C:\Windows\system32\sppobjs.dll
2023-07-18 07:15:00 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2023-07-18 07:15:00 ----A---- C:\Windows\system32\rmttpmvscmgrsvr.exe
2023-07-18 07:15:00 ----A---- C:\Windows\system32\proquota.exe
2023-07-18 07:15:00 ----A---- C:\Windows\system32\profprov.dll
2023-07-18 07:15:00 ----A---- C:\Windows\system32\policymanager.dll
2023-07-18 07:15:00 ----A---- C:\Windows\system32\omadmclient.exe
2023-07-18 07:15:00 ----A---- C:\Windows\system32\mdmmigrator.dll
2023-07-18 07:15:00 ----A---- C:\Windows\system32\mdmlocalmanagement.dll
2023-07-18 07:15:00 ----A---- C:\Windows\system32\LocationFrameworkPS.dll
2023-07-18 07:15:00 ----A---- C:\Windows\system32\LocationFrameworkInternalPS.dll
2023-07-18 07:15:00 ----A---- C:\Windows\system32\LocationFramework.dll
2023-07-18 07:15:00 ----A---- C:\Windows\system32\immersivetpmvscmgrsvr.exe
2023-07-18 07:15:00 ----A---- C:\Windows\system32\gpsvc.dll
2023-07-18 07:15:00 ----A---- C:\Windows\system32\enrollmentapi.dll
2023-07-18 07:15:00 ----A---- C:\Windows\system32\dmenrollengine.dll
2023-07-18 07:15:00 ----A---- C:\Windows\system32\DMAlertListener.ProxyStub.dll
2023-07-18 07:15:00 ----A---- C:\Windows\system32\credprovslegacy.dll
2023-07-18 07:15:00 ----A---- C:\Windows\system32\configmanager2.dll
2023-07-18 07:15:00 ----A---- C:\Windows\system32\certprop.dll
2023-07-18 07:15:00 ----A---- C:\Windows\fonts\StaticCache.dat
2023-07-18 07:14:59 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2023-07-18 07:14:59 ----A---- C:\Windows\system32\winlogon.exe
2023-07-18 07:14:59 ----A---- C:\Windows\system32\twext.dll
2023-07-18 07:14:59 ----A---- C:\Windows\system32\shell32.dll
2023-07-18 07:14:59 ----A---- C:\Windows\system32\netlogon.dll
2023-07-18 07:14:59 ----A---- C:\Windows\system32\KernelBase.dll
2023-07-18 07:14:59 ----A---- C:\Windows\system32\drivers\tm.sys
2023-07-18 07:14:59 ----A---- C:\Windows\system32\drivers\tcpip.sys
2023-07-18 07:14:59 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2023-07-18 07:14:59 ----A---- C:\Windows\system32\drivers\clfs.sys
2023-07-18 07:14:59 ----A---- C:\Windows\system32\drivers\afd.sys
2023-07-18 07:14:58 ----A---- C:\Windows\system32\rpcrt4.dll
2023-07-18 07:14:58 ----A---- C:\Windows\system32\profapi.dll
2023-07-18 07:14:58 ----A---- C:\Windows\system32\ntoskrnl.exe
2023-07-18 07:14:58 ----A---- C:\Windows\system32\ntdll.dll
2023-07-18 07:14:58 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2023-07-18 07:14:58 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2023-07-18 07:14:58 ----A---- C:\Windows\system32\drivers\partmgr.sys
2023-07-18 07:14:58 ----A---- C:\Windows\system32\drivers\ntfs.sys
2023-07-18 07:14:58 ----A---- C:\Windows\system32\drivers\netio.sys
2023-07-18 07:14:58 ----A---- C:\Windows\system32\drivers\msrpc.sys
2023-07-18 07:14:57 ----A---- C:\Windows\system32\wkscli.dll
2023-07-18 07:14:57 ----A---- C:\Windows\system32\utcutil.dll
2023-07-18 07:14:57 ----A---- C:\Windows\system32\userenv.dll
2023-07-18 07:14:57 ----A---- C:\Windows\system32\srvcli.dll
2023-07-18 07:14:57 ----A---- C:\Windows\system32\schedcli.dll
2023-07-18 07:14:57 ----A---- C:\Windows\system32\samsrv.dll
2023-07-18 07:14:57 ----A---- C:\Windows\system32\samlib.dll
2023-07-18 07:14:57 ----A---- C:\Windows\system32\runexehelper.exe
2023-07-18 07:14:57 ----A---- C:\Windows\system32\profsvc.dll
2023-07-18 07:14:57 ----A---- C:\Windows\system32\oleaut32.dll
2023-07-18 07:14:57 ----A---- C:\Windows\system32\offlinesam.dll
2023-07-18 07:14:57 ----A---- C:\Windows\system32\offlinelsa.dll
2023-07-18 07:14:57 ----A---- C:\Windows\system32\microsoft-windows-system-events.dll
2023-07-18 07:14:57 ----A---- C:\Windows\system32\lsasrv.dll
2023-07-18 07:14:57 ----A---- C:\Windows\system32\logoncli.dll
2023-07-18 07:14:57 ----A---- C:\Windows\system32\keyiso.dll
2023-07-18 07:14:57 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2023-07-18 07:14:57 ----A---- C:\Windows\system32\drivers\cng.sys
2023-07-18 07:14:57 ----A---- C:\Windows\system32\diagtrack.dll
2023-07-18 07:14:57 ----A---- C:\Windows\system32\diagnosticdataquery.dll
2023-07-18 07:14:57 ----A---- C:\Windows\system32\devrtl.dll
2023-07-18 07:14:57 ----A---- C:\Windows\system32\devobj.dll
2023-07-18 07:14:57 ----A---- C:\Windows\system32\dab.dll
2023-07-18 07:14:57 ----A---- C:\Windows\system32\cfgmgr32.dll
2023-07-18 07:14:56 ----A---- C:\Windows\system32\winresume.exe
2023-07-18 07:14:56 ----A---- C:\Windows\system32\rpcss.dll
2023-07-18 07:14:56 ----A---- C:\Windows\system32\dwmcore.dll
2023-07-18 07:14:56 ----A---- C:\Windows\system32\drivers\cldflt.sys
2023-07-18 07:14:56 ----A---- C:\Windows\system32\crypt32.dll
2023-07-18 07:14:56 ----A---- C:\Windows\system32\comsvcs.dll
2023-07-18 07:14:56 ----A---- C:\Windows\system32\CloudExperienceHostBroker.dll
2023-07-18 07:14:56 ----A---- C:\Windows\system32\ci.dll
2023-07-18 07:14:56 ----A---- C:\Windows\system32\bcrypt.dll
2023-07-18 07:14:55 ----A---- C:\Windows\system32\winload.exe
2023-07-18 07:14:55 ----A---- C:\Windows\system32\twinui.pcshell.dll
2023-07-18 07:14:55 ----A---- C:\Windows\system32\ShellAppRuntime.exe
2023-07-18 07:14:55 ----A---- C:\Windows\system32\SettingsHandlers_Region.dll
2023-07-18 07:14:55 ----A---- C:\Windows\system32\SettingsHandlers_Language.dll
2023-07-18 07:14:55 ----A---- C:\Windows\system32\SettingsEnvironment.Desktop.dll
2023-07-18 07:14:55 ----A---- C:\Windows\system32\osk.exe
2023-07-18 07:14:55 ----A---- C:\Windows\system32\drivers\refs.sys
2023-07-18 07:14:54 ----A---- C:\Windows\system32\windows.immersiveshell.serviceprovider.dll
2023-07-18 07:14:54 ----A---- C:\Windows\system32\win32u.dll
2023-07-18 07:14:54 ----A---- C:\Windows\system32\win32kfull.sys
2023-07-18 07:14:54 ----A---- C:\Windows\system32\win32k.sys
2023-07-18 07:14:54 ----A---- C:\Windows\system32\wevtsvc.dll
2023-07-18 07:14:54 ----A---- C:\Windows\system32\wcimage.dll
2023-07-18 07:14:54 ----A---- C:\Windows\system32\wc_storage.dll
2023-07-18 07:14:54 ----A---- C:\Windows\system32\UpdateAgent.dll
2023-07-18 07:14:54 ----A---- C:\Windows\system32\rdpserverbase.dll
2023-07-18 07:14:54 ----A---- C:\Windows\system32\rdpbase.dll
2023-07-18 07:14:54 ----A---- C:\Windows\system32\mdmregistration.dll
2023-07-18 07:14:54 ----A---- C:\Windows\system32\HttpsDataSource.dll
2023-07-18 07:14:54 ----A---- C:\Windows\system32\EnterpriseAppMgmtSvc.dll
2023-07-18 07:14:54 ----A---- C:\Windows\system32\EnterpriseAppMgmtClient.dll
2023-07-18 07:14:54 ----A---- C:\Windows\system32\daxexec.dll
2023-07-18 07:14:54 ----A---- C:\Windows\system32\CloudDomainJoinAUG.dll
2023-07-18 07:14:53 ----A---- C:\Windows\system32\windows.storage.dll
2023-07-18 07:14:53 ----A---- C:\Windows\system32\Windows.StateRepositoryUpgrade.dll
2023-07-18 07:14:53 ----A---- C:\Windows\system32\Windows.StateRepositoryPS.dll
2023-07-18 07:14:53 ----A---- C:\Windows\system32\Windows.StateRepositoryCore.dll
2023-07-18 07:14:53 ----A---- C:\Windows\system32\Windows.StateRepositoryClient.dll
2023-07-18 07:14:53 ----A---- C:\Windows\system32\Windows.StateRepositoryBroker.dll
2023-07-18 07:14:53 ----A---- C:\Windows\system32\Windows.StateRepository.dll
2023-07-18 07:14:53 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2023-07-18 07:14:53 ----A---- C:\Windows\system32\WaaSMedicSvc.dll
2023-07-18 07:14:53 ----A---- C:\Windows\system32\WaaSMedicPS.dll
2023-07-18 07:14:53 ----A---- C:\Windows\system32\WaaSMedicCapsule.dll
2023-07-18 07:14:53 ----A---- C:\Windows\system32\WaaSMedicAgent.exe
2023-07-18 07:14:53 ----A---- C:\Windows\system32\StateRepository.Core.dll
2023-07-18 07:14:53 ----A---- C:\Windows\system32\profext.dll
2023-07-18 07:14:53 ----A---- C:\Windows\system32\kerberos.dll
2023-07-18 07:14:53 ----A---- C:\Windows\system32\IKEEXT.DLL
2023-07-18 07:14:53 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2023-07-18 07:14:53 ----A---- C:\Windows\system32\drivers\wfplwfs.sys
2023-07-18 07:14:53 ----A---- C:\Windows\system32\BFE.DLL
2023-07-18 07:14:53 ----A---- C:\Windows\system32\AppXDeploymentClient.dll
2023-07-18 07:14:52 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.dll
2023-07-18 07:14:52 ----A---- C:\Windows\system32\win32kbase.sys
2023-07-18 07:14:52 ----A---- C:\Windows\system32\tquery.dll
2023-07-18 07:14:52 ----A---- C:\Windows\system32\TileDataRepository.dll
2023-07-18 07:14:52 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2023-07-18 07:14:52 ----A---- C:\Windows\system32\SearchIndexer.exe
2023-07-18 07:14:52 ----A---- C:\Windows\system32\SearchFilterHost.exe
2023-07-18 07:14:52 ----A---- C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll
2023-07-18 07:14:52 ----A---- C:\Windows\system32\mssvp.dll
2023-07-18 07:14:52 ----A---- C:\Windows\system32\mssrch.dll
2023-07-18 07:14:52 ----A---- C:\Windows\system32\mssprxy.dll
2023-07-18 07:14:52 ----A---- C:\Windows\system32\mssph.dll
2023-07-18 07:14:52 ----A---- C:\Windows\system32\mssitlb.dll
2023-07-18 07:14:52 ----A---- C:\Windows\system32\msscntrs.dll
2023-07-18 07:14:52 ----A---- C:\Windows\system32\ISM.dll
2023-07-18 07:14:52 ----A---- C:\Windows\system32\InstallServiceTasks.dll
2023-07-18 07:14:52 ----A---- C:\Windows\system32\InstallService.dll
2023-07-18 07:14:52 ----A---- C:\Windows\system32\InkObjCore.dll
2023-07-18 07:14:52 ----A---- C:\Windows\system32\FntCache.dll
2023-07-18 07:14:44 ----A---- C:\Windows\system32\wlidsvc.dll
2023-07-18 07:14:44 ----A---- C:\Windows\system32\Windows.Storage.Search.dll
2023-07-18 07:14:44 ----A---- C:\Windows\system32\updatepolicy.dll
2023-07-18 07:14:44 ----A---- C:\Windows\system32\negoexts.dll
2023-07-18 07:14:44 ----A---- C:\Windows\system32\IDStore.dll
2023-07-18 07:14:44 ----A---- C:\Windows\system32\GameInput.dll
2023-07-18 07:14:44 ----A---- C:\Windows\system32\drivers\ClipSp.sys
2023-07-18 07:14:44 ----A---- C:\Windows\system32\crypttpmeksvc.dll
2023-07-18 07:14:44 ----A---- C:\Windows\system32\CloudExperienceHostCommon.dll
2023-07-18 07:14:44 ----A---- C:\Windows\system32\ActivationManager.dll
2023-07-18 07:14:43 ----A---- C:\Windows\system32\twinui.appcore.dll
2023-07-18 07:14:43 ----A---- C:\Windows\system32\MicrosoftAccountTokenProvider.dll
2023-07-18 07:14:43 ----A---- C:\Windows\system32\aadWamExtension.dll
2023-07-18 07:14:43 ----A---- C:\Windows\system32\aadtb.dll
2023-07-18 07:14:43 ----A---- C:\Windows\system32\aadcloudap.dll
2023-07-18 07:14:43 ----A---- C:\Windows\system32\aadauthhelper.dll
2023-07-18 07:14:42 ----A---- C:\Windows\system32\WiredNetworkCSP.dll
2023-07-18 07:14:42 ----A---- C:\Windows\system32\Windows.UI.Xaml.dll
2023-07-18 07:14:42 ----A---- C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2023-07-18 07:14:42 ----A---- C:\Windows\system32\Windows.Media.Playback.ProxyStub.dll
2023-07-18 07:14:42 ----A---- C:\Windows\system32\Windows.Media.Playback.MediaPlayer.dll
2023-07-18 07:14:42 ----A---- C:\Windows\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2023-07-18 07:14:42 ----A---- C:\Windows\system32\Windows.Media.BackgroundPlayback.exe
2023-07-18 07:14:42 ----A---- C:\Windows\system32\Windows.Media.BackgroundMediaPlayback.dll
2023-07-18 07:14:42 ----A---- C:\Windows\system32\Windows.CloudStore.Schema.Shell.dll
2023-07-18 07:14:42 ----A---- C:\Windows\system32\Windows.CloudStore.dll
2023-07-18 07:14:42 ----A---- C:\Windows\system32\dot3svc.dll
2023-07-18 07:14:42 ----A---- C:\Windows\system32\dot3msm.dll
2023-07-18 07:14:42 ----A---- C:\Windows\system32\dot3api.dll
2023-07-18 07:14:42 ----A---- C:\Windows\system32\cdpusersvc.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\wscsvc.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\wscproxystub.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\wscisvif.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\wscapi.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\wscadminui.exe
2023-07-18 07:14:41 ----A---- C:\Windows\system32\wpx.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\Windows.Internal.System.UserProfile.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\Windows.ApplicationModel.ConversationalAgent.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\win32spl.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\wifidatacapabilityhandler.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\wcmsvc.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\wcmcsp.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\TpmTasks.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\spoolsv.exe
2023-07-18 07:14:41 ----A---- C:\Windows\system32\spoolss.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\SpatialAudioLicenseSrv.exe
2023-07-18 07:14:41 ----A---- C:\Windows\system32\SettingsHandlers_WorkAccess.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\remoteaudioendpoint.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\PrintIsolationProxy.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2023-07-18 07:14:41 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\PrinterCleanupTask.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\PCPKsp.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\ManageCI.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\localspl.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\fcon.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\FaxPrinterInstaller.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\dsound.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\dsdmo.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\CoreMas.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\CloudRestoreLauncher.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\cellulardatacapabilityhandler.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\browcli.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\bcdedit.exe
2023-07-18 07:14:41 ----A---- C:\Windows\system32\audiosrv.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\audioresourceregistrar.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\AUDIOKSE.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\AudioEng.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\AudioEndpointBuilder.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\audiodg.exe
2023-07-18 07:14:41 ----A---- C:\Windows\system32\agentactivationruntimewindows.dll
2023-07-18 07:14:41 ----A---- C:\Windows\splwow64.exe
2023-07-18 07:14:41 ----A---- C:\Windows\explorer.exe
2023-07-18 07:14:40 ----A---- C:\Windows\system32\tssrvlic.dll
2023-07-18 07:14:40 ----A---- C:\Windows\system32\SpeechPal.dll
2023-07-18 07:14:39 ----A---- C:\Windows\system32\tellib.dll
2023-07-18 07:14:39 ----A---- C:\Windows\system32\mssecwfpu.dll
2023-07-18 07:14:39 ----A---- C:\Windows\system32\mssecuser.dll
2023-07-18 07:14:39 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2023-07-18 07:14:39 ----A---- C:\Windows\system32\drivers\usbport.sys
2023-07-18 07:14:39 ----A---- C:\Windows\system32\drivers\usbohci.sys
2023-07-18 07:14:39 ----A---- C:\Windows\system32\drivers\USBHUB3.SYS
2023-07-18 07:14:39 ----A---- C:\Windows\system32\drivers\usbhub.sys
2023-07-18 07:14:39 ----A---- C:\Windows\system32\drivers\usbehci.sys
2023-07-18 07:14:39 ----A---- C:\Windows\system32\drivers\usbd.sys
2023-07-18 07:14:39 ----A---- C:\Windows\system32\drivers\stornvme.sys
2023-07-18 07:14:39 ----A---- C:\Windows\system32\drivers\mssecwfp.sys
2023-07-18 07:14:39 ----A---- C:\Windows\system32\drivers\mssecflt.sys
2023-07-18 07:14:39 ----A---- C:\Windows\system32\drivers\msseccore.sys
2023-07-18 07:14:38 ----A---- C:\Windows\system32\drivers\USBAUDIO.sys
2023-07-18 07:14:38 ----A---- C:\Windows\system32\drivers\hdaudbus.sys
2023-07-17 21:26:59 ----HD---- C:\$WinREAgent
2023-07-17 21:25:36 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2023-07-17 21:25:35 ----A---- C:\Windows\system32\poqexec.exe
======List of files/folders modified in the last 1 month======
2023-08-02 19:21:52 ----RD---- C:\Program Files
2023-08-02 19:21:31 ----D---- C:\ProgramData\AomeiBR
2023-08-02 19:18:55 ----D---- C:\Windows\System32
2023-08-02 19:18:55 ----D---- C:\Windows\INF
2023-08-02 19:18:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2023-08-02 19:15:40 ----SHD---- C:\System Volume Information
2023-08-02 19:14:12 ----RD---- C:\Program Files (x86)
2023-08-02 19:13:59 ----D---- C:\Windows\SystemTemp
2023-08-02 19:13:59 ----D---- C:\Program Files (x86)\Google
2023-08-02 19:12:36 ----D---- C:\Windows\Prefetch
2023-08-02 19:12:01 ----D---- C:\Windows\Temp
2023-08-02 19:11:57 ----D---- C:\Windows\system32\sru
2023-08-02 19:11:52 ----ASH---- C:\DumpStack.log.tmp
2023-08-02 18:46:15 ----D---- C:\Users\Pavel\AppData\Roaming\Mozilla
2023-08-02 15:15:59 ----RD---- C:\Windows\Microsoft.NET
2023-08-02 12:47:54 ----D---- C:\Windows\system32\SleepStudy
2023-08-01 15:24:18 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2023-08-01 11:17:09 ----HD---- C:\Program Files\WindowsApps
2023-07-30 11:01:34 ----D---- C:\Windows\AppReadiness
2023-07-29 08:46:43 ----D---- C:\Windows\system32\Tasks
2023-07-29 08:01:54 ----D---- C:\Windows\system32\config
2023-07-28 13:45:57 ----D---- C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-07-27 15:21:42 ----N---- C:\Windows\system32\MpSigStub.exe
2023-07-26 13:06:55 ----D---- C:\Users\Pavel\AppData\Roaming\ghostwriter
2023-07-25 20:53:05 ----D---- C:\Windows\system32\drivers\wd
2023-07-23 16:18:55 ----D---- C:\Utility
2023-07-23 14:58:36 ----SHD---- C:\Windows\Installer
2023-07-23 14:58:35 ----SD---- C:\Users\Pavel\AppData\Roaming\Microsoft
2023-07-22 14:14:07 ----D---- C:\Users\Pavel\AppData\Roaming\youtube-music-desktop-app
2023-07-21 15:07:48 ----D---- C:\Windows\WinSxS
2023-07-20 21:22:48 ----D---- C:\Users\Pavel\AppData\Roaming\Adobe
2023-07-20 21:21:51 ----D---- C:\ProgramData\Adobe
2023-07-20 21:17:43 ----D---- C:\Program Files (x86)\Adobe
2023-07-20 21:07:11 ----D---- C:\ProgramData\Packages
2023-07-20 21:05:21 ----D---- C:\ProgramData\Package Cache
2023-07-20 21:05:20 ----D---- C:\Windows\SysWOW64
2023-07-20 21:02:26 ----D---- C:\Program Files\Common Files
2023-07-20 08:49:52 ----D---- C:\Windows\system32\drivers
2023-07-19 20:41:01 ----HD---- C:\ProgramData
2023-07-18 09:08:28 ----D---- C:\Windows
2023-07-18 09:08:27 ----D---- C:\Windows\Logs
2023-07-18 09:08:22 ----D---- C:\Windows\system32\DriverStore
2023-07-18 09:07:40 ----D---- C:\Windows\system32\catroot2
2023-07-18 09:07:23 ----D---- C:\Windows\SYSWOW64\wbem
2023-07-18 09:07:23 ----D---- C:\Windows\SYSWOW64\sr-Latn-RS
2023-07-18 09:07:23 ----D---- C:\Windows\SYSWOW64\setup
2023-07-18 09:07:23 ----D---- C:\Windows\SYSWOW64\migration
2023-07-18 09:07:23 ----D---- C:\Windows\SystemResources
2023-07-18 09:07:23 ----D---- C:\Windows\system32\wbem
2023-07-18 09:07:23 ----D---- C:\Windows\system32\sr-Latn-RS
2023-07-18 09:07:23 ----D---- C:\Windows\system32\setup
2023-07-18 09:07:23 ----D---- C:\Windows\system32\SecureBootUpdates
2023-07-18 09:07:23 ----D---- C:\Windows\system32\oobe
2023-07-18 09:07:23 ----D---- C:\Windows\system32\migration
2023-07-18 09:07:23 ----D---- C:\Windows\system32\fr-CA
2023-07-18 09:07:23 ----D---- C:\Windows\system32\en-US
2023-07-18 09:07:23 ----D---- C:\Windows\system32\drivers\cs-CZ
2023-07-18 09:07:23 ----D---- C:\Windows\system32\cs-CZ
2023-07-18 09:07:23 ----D---- C:\Windows\system32\Boot
2023-07-18 09:07:22 ----RSD---- C:\Windows\Fonts
2023-07-18 09:07:22 ----RD---- C:\Windows\ImmersiveControlPanel
2023-07-18 09:07:22 ----D---- C:\Windows\system32\CodeIntegrity
2023-07-18 09:07:22 ----D---- C:\Windows\bcastdvr
2023-07-18 09:07:22 ----D---- C:\Windows\apppatch
2023-07-18 09:07:22 ----D---- C:\Program Files\Windows Defender Advanced Threat Protection
2023-07-18 09:07:22 ----D---- C:\Program Files\Internet Explorer
2023-07-18 09:07:22 ----D---- C:\Program Files (x86)\Internet Explorer
2023-07-18 07:27:12 ----RD---- C:\Windows\assembly
2023-07-18 07:17:38 ----D---- C:\Windows\CbsTemp
2023-07-18 07:14:39 ----A---- C:\Windows\SYSWOW64\PrintConfig.dll
2023-07-17 21:19:06 ----D---- C:\Windows\system32\MRT
2023-07-17 21:14:48 ----AC---- C:\Windows\system32\MRT.exe
2023-07-17 21:07:32 ----D---- C:\ProgramData\MEGAsync
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 ambakdrv;ambakdrv; C:\Windows\system32\ambakdrv.sys [2019-05-14 51120]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\Windows\system32\drivers\iorate.sys [2022-09-08 57168]
R0 MsSecCore;@%SystemRoot%\System32\Drivers\msseccore.sys,-1001; C:\Windows\system32\drivers\msseccore.sys [2023-07-18 26496]
R1 afunix;afunix; C:\Windows\system32\drivers\afunix.sys [2022-09-08 44032]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\Windows\system32\drivers\bam.sys [2019-12-07 78136]
R1 CimFS;CimFS; C:\Windows\system32\drivers\CimFS.sys [2023-04-25 95232]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\Windows\system32\drivers\filecrypt.sys [2019-12-07 59392]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\Windows\System32\drivers\gpuenergydrv.sys [2019-12-07 8704]
R2 ammntdrv;ammntdrv; \??\C:\Windows\system32\ammntdrv.sys [2023-08-02 172928]
R2 amwrtdrv;amwrtdrv; \??\C:\Windows\system32\amwrtdrv.sys [2023-08-02 32176]
R2 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\Windows\system32\drivers\bindflt.sys [2023-04-25 145760]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\Windows\system32\drivers\cldflt.sys [2023-07-18 497664]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\Windows\system32\drivers\mmcss.sys [2022-09-08 53248]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2015-12-16 21648880]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2015-12-16 674288]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2023-05-11 113664]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2023-04-25 133632]
R3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\Windows\System32\drivers\BTHport.sys [2023-05-11 1565696]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\Windows\System32\drivers\BTHUSB.sys [2023-05-11 110592]
R3 e1i65x64;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\Windows\System32\drivers\e1i65x64.sys [2019-12-07 553984]
R3 MsQuic;@%SystemRoot%\system32\drivers\msquic.sys,-1; C:\Windows\system32\drivers\msquic.sys [2022-09-08 322376]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2019-12-07 213504]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\Windows\System32\drivers\rt640x64.sys [2019-12-07 694272]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\Windows\System32\drivers\bttflt.sys [2019-12-07 43832]
S0 cht4iscsi;cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [2019-12-07 319800]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\Windows\System32\drivers\iaStorAVC.sys [2019-12-07 884752]
S0 ItSas35i;ItSas35i; C:\Windows\System32\drivers\ItSas35i.sys [2019-12-07 172344]
S0 LSI_SAS2i;LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [2019-12-07 124216]
S0 LSI_SAS3i;LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [2019-12-07 135992]
S0 megasas2i;megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [2019-12-07 81720]
S0 megasas35i;megasas35i; C:\Windows\System32\drivers\megasas35i.sys [2019-12-07 105480]
S0 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\Windows\System32\drivers\nvdimm.sys [2019-12-07 168464]
S0 percsas2i;percsas2i; C:\Windows\System32\drivers\percsas2i.sys [2019-12-07 58680]
S0 percsas3i;percsas3i; C:\Windows\System32\drivers\percsas3i.sys [2019-12-07 68408]
S0 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\Windows\System32\drivers\pmem.sys [2022-09-08 142176]
S0 Ramdisk;Windows RAM Disk Driver; C:\Windows\system32\DRIVERS\ramdisk.sys [2019-12-07 42296]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\Windows\System32\drivers\scmbus.sys [2022-09-08 158520]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\Windows\System32\drivers\AcpiDev.sys [2019-12-07 23040]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\Windows\system32\drivers\Acx01000.sys [2022-09-08 694272]
S3 amdgpio2;@amdgpio2.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\Windows\System32\drivers\amdgpio2.sys [2019-12-07 18432]
S3 amdi2c;@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\Windows\System32\drivers\amdi2c.sys [2019-12-07 45568]
S3 ampa;ampa; \??\C:\Windows\system32\ampa.sys [2017-02-28 38320]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\Windows\system32\drivers\applockerfltr.sys [2023-04-25 18432]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\Windows\system32\drivers\AppvStrm.sys [2023-07-18 140160]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\Windows\system32\drivers\AppvVemgr.sys [2023-07-18 175432]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\Windows\system32\drivers\AppvVfs.sys [2023-07-18 155992]
S3 AthDfu;@oem7.inf,%AthDfu.SvcDesc%;Atheros Valkyrie USB BootROM; C:\Windows\System32\Drivers\AthDfu.sys [2012-08-22 55336]
S3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\Windows\System32\drivers\BthA2dp.sys [2019-12-07 279040]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2022-09-08 106496]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\Windows\System32\drivers\BTHMINI.sys [2023-05-11 45568]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\Windows\System32\drivers\buttonconverter.sys [2019-12-07 44032]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\Windows\System32\drivers\CAD.sys [2019-12-07 66576]
S3 ddmdrv;ddmdrv; \??\C:\Windows\system32\ddmdrv.sys [2016-12-27 35760]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\Windows\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys [2019-12-07 23040]
S3 glusbflt;glusbflt; \??\C:\Windows\system32\drivers\glusbflt.sys [2022-09-27 57288]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\Windows\System32\drivers\hidinterrupt.sys [2019-12-07 55824]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\Windows\System32\drivers\hidspi.sys [2023-06-14 104448]
S3 HidSpiCx;HidSpi KMDF Class Extension; C:\Windows\system32\drivers\HidSpiCx.sys [2023-06-14 98304]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\Windows\system32\drivers\hvservice.sys [2023-04-25 96112]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\Windows\System32\Drivers\mshwnclx.sys [2019-12-07 30208]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\Windows\System32\drivers\cht4vx64.sys [2019-12-07 1853752]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\Windows\System32\drivers\iagpio.sys [2019-12-07 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\Windows\System32\drivers\iai2c.sys [2019-12-07 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [2019-12-07 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2019-12-07 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2019-12-07 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2019-12-07 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [2019-12-07 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2019-12-07 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C_CNL.sys [2019-12-07 177152]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C_GLK.sys [2019-12-07 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\Windows\System32\drivers\ibbus.sys [2019-12-07 558904]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\Windows\System32\drivers\IndirectKmd.sys [2022-09-08 47104]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel(R) Dynamic Device Peak Power Manager Driver; C:\Windows\System32\drivers\intelpmax.sys [2019-12-07 30720]
S3 IPT;IPT; C:\Windows\System32\drivers\ipt.sys [2019-12-07 59704]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\Windows\System32\drivers\mausbhost.sys [2019-12-07 537608]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\Windows\System32\drivers\mausbip.sys [2019-12-07 64016]
S3 MbbCx;MBB Network Adapter Class Extension; C:\Windows\system32\drivers\MbbCx.sys [2022-09-08 386048]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\Windows\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-12-07 65024]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\Windows\System32\drivers\mlx4_bus.sys [2019-12-07 1131320]
S3 MpKsl6220a9fa;MpKsl6220a9fa; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EC965156-261B-4824-A43A-68442F14ECC1}\MpKslDrv.sys [2023-08-02 221480]
S3 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\Windows\system32\drivers\mssecflt.sys [2023-07-18 406848]
S3 MsSecWfp;@%SystemRoot%\System32\Drivers\mssecwfp.sys,-1001; C:\Windows\system32\drivers\mssecwfp.sys [2023-07-18 66944]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\Windows\System32\drivers\ndfltr.sys [2019-12-07 146232]
S3 NDKPing;NDKPing Driver; C:\Windows\system32\drivers\NDKPing.sys [2019-12-07 72720]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\Windows\system32\drivers\NetAdapterCx.sys [2022-09-08 210944]
S3 PktMon;Packet Monitor Driver; C:\Windows\system32\drivers\PktMon.sys [2023-07-18 131392]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\Windows\System32\drivers\pnpmem.sys [2019-12-07 17408]
S3 portcfg;portcfg; C:\Windows\System32\drivers\portcfg.sys [2019-12-07 27136]
S3 ReFSv1;ReFSv1; C:\Windows\system32\drivers\ReFSv1.sys [2022-09-08 990536]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\Windows\System32\drivers\rhproxy.sys [2019-12-07 115712]
S3 SbieDrv;SbieDrv; \??\E:\Stahy\Sandboxie-Plus\SbieDrv.sys []
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\Windows\System32\drivers\SDFRd.sys [2019-12-07 35128]
S4 hvcrash;hvcrash; C:\Windows\System32\drivers\hvcrash.sys [2019-12-07 35128]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2015-12-16 255472]
R2 Backupper Service;AOMEI Backupper Scheduler Service; C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.3.0\ABService.exe [2023-07-20 1118704]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\Windows\system32\svchost.exe [2022-09-08 55320]
R2 CDPUserSvc_55607;Uživatelská služba platformy připojených zařízení_55607; C:\Windows\system32\svchost.exe [2022-09-08 55320]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\Windows\system32\svchost.exe [2022-09-08 55320]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\Windows\System32\svchost.exe [2022-09-08 55320]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\Windows\system32\svchost.exe [2022-09-08 55320]
R2 DisplayFusionService;DisplayFusionService; C:\Program Files\DisplayFusion\DisplayFusionService.exe [2023-04-12 333224]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\Windows\System32\svchost.exe [2022-09-08 55320]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\Windows\System32\svchost.exe [2022-09-08 55320]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [2017-02-15 98304]
R2 GlUsbFltService;GlUsbFltService; C:\Windows\system32\GlHubFltService.exe [2022-09-27 181072]
R2 OneSyncSvc_55607;Hostitel synchronizace_55607; C:\Windows\system32\svchost.exe [2022-09-08 55320]
R3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\Windows\system32\svchost.exe [2022-09-08 55320]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\Windows\system32\svchost.exe [2022-09-08 55320]
R3 cbdhsvc_55607;Uživatelská služba schránky_55607; C:\Windows\system32\svchost.exe [2022-09-08 55320]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [2017-02-15 3825664]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\Windows\System32\svchost.exe [2022-09-08 55320]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\Windows\System32\svchost.exe [2022-09-08 55320]
R3 PimIndexMaintenanceSvc_55607;Data kontaktů_55607; C:\Windows\system32\svchost.exe [2022-09-08 55320]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\Windows\System32\svchost.exe [2022-09-08 55320]
R3 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\Windows\system32\SecurityHealthService.exe [2023-04-25 987568]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S2 edgeupdate;Microsoft Edge Update Service (edgeupdate); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2021-08-06 214952]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2023-04-25 162072]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\Windows\System32\svchost.exe [2022-09-08 55320]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S2 SbieSvc;Sandboxie; E:\Stahy\Sandboxie-Plus\SbieSvc.exe []
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 AarSvc_55607;Agent Activation Runtime_55607; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 AssignedAccessManagerSvc;@%SystemRoot%\system32\assignedaccessmanagersvc.dll,-100; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 BcastDVRUserService_55607;Uživatelská služba pro GameDVR a vysílání her_55607; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 BluetoothUserService_55607;Služba pro podporu uživatelů Bluetooth_55607; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 BoxSyncUpdateService;Box Sync Update Service; C:\Program Files\Box\Box Sync\SyncUpdaterService.exe [2022-06-08 42912]
S3 BrYNSvc;BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [2022-01-26 321536]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 CaptureService_55607;CaptureService_55607; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\Windows\System32\svchost.exe [2022-09-08 55320]
S3 cloudidsvc;@%SystemRoot%\system32\cloudidsvc.dll,-100; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 ConsentUxUserSvc_55607;ConsentUX_55607; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\Windows\system32\CredentialEnrollmentManager.exe [2022-09-08 382696]
S3 CredentialEnrollmentManagerUserSvc_55607;CredentialEnrollmentManagerUserSvc_55607; C:\Windows\system32\CredentialEnrollmentManager.exe [2022-09-08 382696]
S3 dcsvc;@%systemroot%\system32\dcsvc,-100; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 DeviceAssociationBrokerSvc_55607;DeviceAssociationBroker_55607; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 DevicePickerUserSvc_55607;DevicePicker_55607; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 DevicesFlowUserSvc_55607;Tok zařízení_55607; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2022-09-08 94208]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\Windows\System32\svchost.exe [2022-09-08 55320]
S3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\Windows\System32\svchost.exe [2022-09-08 55320]
S3 edgeupdatem;Microsoft Edge Update Service (edgeupdatem); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2021-08-06 214952]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\Windows\System32\svchost.exe [2022-09-08 55320]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2023-04-25 654848]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2019-11-08 46184]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\Windows\System32\svchost.exe [2022-09-08 55320]
S3 GoogleChromeElevationService;Google Chrome Elevation Service (GoogleChromeElevationService); C:\Program Files\Google\Chrome\Application\115.0.5790.110\elevation_service.exe [2023-07-25 1745688]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\Windows\System32\svchost.exe [2022-09-08 55320]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2023-04-25 162072]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\Windows\System32\svchost.exe [2022-09-08 55320]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 McpManagementService;@%SystemRoot%\system32\McpManagementService.dll,-100; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 MessagingService_55607;Služba zasílání zpráv_55607; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 MicrosoftEdgeElevationService;Microsoft Edge Elevation Service (MicrosoftEdgeElevationService); C:\Program Files (x86)\Microsoft\Edge\Application\115.0.1901.188\elevation_service.exe [2023-07-27 1750464]
S3 MixedRealityOpenXRSvc;@%SystemRoot%\system32\MixedRealityRuntime.dll,-101; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2023-04-21 230304]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\Windows\System32\svchost.exe [2022-09-08 55320]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-07-31 202928]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe [2022-09-08 106496]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 PrintWorkflowUserSvc_55607;PrintWorkflow_55607; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\Windows\System32\svchost.exe [2022-09-08 55320]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\Windows\System32\svchost.exe [2022-09-08 55320]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 Sense;@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2023-07-18 402216]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\Windows\System32\SensorDataService.exe [2022-09-08 1265152]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\Windows\system32\AppVClient.exe [2023-07-18 777048]
S4 DialogBlockingService;@%SystemRoot%\system32\DialogBlockingService.dll,-100; C:\Windows\system32\svchost.exe [2022-09-08 55320]
-----------------EOF-----------------
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\115.0.1901.188\BHO\ie_to_edge_bho_64.dll [2023-07-27 587712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\PROGRA~1\MICROS~1\Office16\GROOVEEX.DLL [2015-07-31 2165976]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\115.0.1901.188\BHO\ie_to_edge_bho.dll [2023-07-27 456128]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23 321120]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23 321120]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Windows\system32\SecurityHealthSystray.exe [2019-12-07 86016]
"KeePass 2 PreLoad"=C:\Program Files\KeePass Password Safe 2\KeePass.exe [2023-02-08 3246992]
"BoxSync"=C:\Program Files\Box\Box Sync\BoxSync.exe [2022-06-08 5932720]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Pavel\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2023-07-29 2607520]
"MicrosoftEdgeAutoLaunch_D188F7EFD71EAC8DC2AE49F95230A1B7"=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe [2023-07-27 4088256]
"$Volumouse$"=C:\Utility\Volumouse\volumouse.exe [2011-06-21 88576]
"CapsUnlocker"=C:\Utility\caps-unlocker\CapsUnlocker.exe [2013-08-17 253952]
"HotkeyP"=E:\Abacus\Aplikace\HotkeyP\HotkeyP.exe [2016-04-26 258048]
"PureText"=Z:\Install\Puretext\PureText.exe [2018-03-01 117704]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2013-10-02 1475072]
"ToolwizTimeFreeze"=C:\Program Files\Toolwiz Time Freeze 2017\ToolwizTimeFreeze.exe [2023-04-26 1623896]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2015-11-04 767176]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [2006-10-23 620152]
""= []
"M17A"=C:\Windows\twain_32\Brimm17a\Common\TwDsUiLaunch.exe [2020-03-27 86128]
"ControlCenter4"=C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [2019-07-26 145344]
"BrotherSoftwareUpdateNotification"=C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [2022-10-09 3591168]
"BrStsMon00"=C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2022-02-07 3146752]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"usbfltrb"= []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Acrobat Speed Launcher.lnk - C:\Windows\Installer\{AC76BA86-1029-0000-7760-000000000003}\_SC_Acrobat.exe
Adobe Acrobat Synchronizer.lnk - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
MEGAsync.lnk - C:\ProgramData\MEGAsync\MEGAsync.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HidSpiCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcCtnrSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HidSpiCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsQuic]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcCtnrSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"aux1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave1"=wdmaud.drv
"aux2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave2"=wdmaud.drv
======File associations======
.inf - install -
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2023-08-02 19:21:52 ----D---- C:\Program Files\trend micro
2023-08-02 19:21:51 ----D---- C:\rsit
2023-08-02 19:14:21 ----A---- C:\Windows\system32\amwrtdrv.sys
2023-08-02 19:14:21 ----A---- C:\Windows\system32\ammntdrv.sys
2023-08-02 19:14:21 ----A---- C:\Windows\system32\ambakdrv.sys
2023-08-02 19:14:12 ----D---- C:\Program Files (x86)\AOMEI
2023-07-23 14:58:36 ----D---- C:\Windows\system32\appmgmt
2023-07-22 11:38:31 ----D---- C:\Users\Pavel\AppData\Roaming\znote
2023-07-20 21:04:20 ----D---- C:\Users\Pavel\AppData\Roaming\com.adobe.dunamis
2023-07-20 21:02:26 ----D---- C:\Program Files\Common Files\Adobe
2023-07-20 08:49:55 ----D---- C:\Users\Pavel\AppData\Roaming\smart-control
2023-07-20 08:49:52 ----A---- C:\Windows\system32\GlHubFltService.exe
2023-07-20 08:49:52 ----A---- C:\Windows\system32\drivers\glusbflt.sys
2023-07-20 08:49:37 ----D---- C:\SmartControlBeta
2023-07-19 20:41:01 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2023-07-19 20:32:03 ----D---- C:\Users\Pavel\AppData\Roaming\Macromedia
2023-07-18 07:15:23 ----A---- C:\Windows\SYSWOW64\wmp.dll
2023-07-18 07:15:23 ----A---- C:\Windows\system32\wmpps.dll
2023-07-18 07:15:23 ----A---- C:\Windows\system32\wmp.dll
2023-07-18 07:15:22 ----A---- C:\Windows\SYSWOW64\quickassist.exe
2023-07-18 07:15:21 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2023-07-18 07:15:21 ----A---- C:\Windows\SYSWOW64\mfsvr.dll
2023-07-18 07:15:21 ----A---- C:\Windows\SYSWOW64\mfps.dll
2023-07-18 07:15:21 ----A---- C:\Windows\SYSWOW64\MFPlay.dll
2023-07-18 07:15:21 ----A---- C:\Windows\SYSWOW64\MFMediaEngine.dll
2023-07-18 07:15:21 ----A---- C:\Windows\SYSWOW64\mfcore.dll
2023-07-18 07:15:21 ----A---- C:\Windows\SYSWOW64\DolbyDecMFT.dll
2023-07-18 07:15:21 ----A---- C:\Windows\SYSWOW64\dlnashext.dll
2023-07-18 07:15:21 ----A---- C:\Windows\system32\quickassist.exe
2023-07-18 07:15:21 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2023-07-18 07:15:21 ----A---- C:\Windows\system32\mfsvr.dll
2023-07-18 07:15:21 ----A---- C:\Windows\system32\mfps.dll
2023-07-18 07:15:21 ----A---- C:\Windows\system32\MFMediaEngine.dll
2023-07-18 07:15:21 ----A---- C:\Windows\system32\DolbyDecMFT.dll
2023-07-18 07:15:21 ----A---- C:\Windows\system32\dlnashext.dll
2023-07-18 07:15:20 ----A---- C:\Windows\SYSWOW64\Microsoft.Uev.AppAgent.dll
2023-07-18 07:15:20 ----A---- C:\Windows\system32\Microsoft.Uev.ModernAppAgent.dll
2023-07-18 07:15:20 ----A---- C:\Windows\system32\Microsoft.Uev.CommonBridge.dll
2023-07-18 07:15:20 ----A---- C:\Windows\system32\Microsoft.Uev.AppAgent.dll
2023-07-18 07:15:20 ----A---- C:\Windows\system32\MFPlay.dll
2023-07-18 07:15:20 ----A---- C:\Windows\system32\mfcore.dll
2023-07-18 07:15:20 ----A---- C:\Windows\system32\CustomShellHost.exe
2023-07-18 07:15:20 ----A---- C:\Windows\system32\AgentService.exe
2023-07-18 07:15:19 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2023-07-18 07:15:19 ----A---- C:\Windows\SYSWOW64\SessEnv.dll
2023-07-18 07:15:19 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2023-07-18 07:15:19 ----A---- C:\Windows\SYSWOW64\lsmproxy.dll
2023-07-18 07:15:19 ----A---- C:\Windows\SYSWOW64\drttransport.dll
2023-07-18 07:15:19 ----A---- C:\Windows\SYSWOW64\drtprov.dll
2023-07-18 07:15:19 ----A---- C:\Windows\SYSWOW64\drt.dll
2023-07-18 07:15:19 ----A---- C:\Windows\system32\drivers\AppvVfs.sys
2023-07-18 07:15:19 ----A---- C:\Windows\system32\drivers\AppvVemgr.sys
2023-07-18 07:15:19 ----A---- C:\Windows\system32\drivers\AppVStrm.sys
2023-07-18 07:15:19 ----A---- C:\Windows\system32\AppVEntVirtualization.dll
2023-07-18 07:15:19 ----A---- C:\Windows\system32\AppVClient.exe
2023-07-18 07:15:18 ----A---- C:\Windows\SYSWOW64\wsp_health.dll
2023-07-18 07:15:18 ----A---- C:\Windows\SYSWOW64\wsp_fs.dll
2023-07-18 07:15:18 ----A---- C:\Windows\SYSWOW64\sqlsrv32.dll
2023-07-18 07:15:18 ----A---- C:\Windows\SYSWOW64\offreg.dll
2023-07-18 07:15:18 ----A---- C:\Windows\SYSWOW64\odbc32.dll
2023-07-18 07:15:18 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2023-07-18 07:15:18 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2023-07-18 07:15:18 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2023-07-18 07:15:18 ----A---- C:\Windows\SYSWOW64\msi.dll
2023-07-18 07:15:18 ----A---- C:\Windows\SYSWOW64\mmc.exe
2023-07-18 07:15:18 ----A---- C:\Windows\SYSWOW64\mfsensorgroup.dll
2023-07-18 07:15:18 ----A---- C:\Windows\SYSWOW64\iemigplugin.dll
2023-07-18 07:15:18 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2023-07-18 07:15:18 ----A---- C:\Windows\SYSWOW64\FrameServerClient.dll
2023-07-18 07:15:18 ----A---- C:\Windows\SYSWOW64\certutil.exe
2023-07-18 07:15:18 ----A---- C:\Windows\SYSWOW64\certreq.exe
2023-07-18 07:15:17 ----A---- C:\Windows\SYSWOW64\IndexedDbLegacy.dll
2023-07-18 07:15:17 ----A---- C:\Windows\SYSWOW64\Chakra.dll
2023-07-18 07:15:16 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2023-07-18 07:15:15 ----A---- C:\Windows\SYSWOW64\xolehlp.dll
2023-07-18 07:15:15 ----A---- C:\Windows\SYSWOW64\upnphost.dll
2023-07-18 07:15:15 ----A---- C:\Windows\SYSWOW64\mtxclu.dll
2023-07-18 07:15:15 ----A---- C:\Windows\SYSWOW64\msdtcuiu.dll
2023-07-18 07:15:15 ----A---- C:\Windows\SYSWOW64\msdtcspoffln.dll
2023-07-18 07:15:15 ----A---- C:\Windows\SYSWOW64\msdtcprx.dll
2023-07-18 07:15:15 ----A---- C:\Windows\SYSWOW64\iassvcs.dll
2023-07-18 07:15:15 ----A---- C:\Windows\SYSWOW64\iassdo.dll
2023-07-18 07:15:15 ----A---- C:\Windows\SYSWOW64\iashlpr.dll
2023-07-18 07:15:15 ----A---- C:\Windows\SYSWOW64\iasdatastore.dll
2023-07-18 07:15:15 ----A---- C:\Windows\SYSWOW64\edgehtml.dll
2023-07-18 07:15:15 ----A---- C:\Windows\SYSWOW64\dswave.dll
2023-07-18 07:15:15 ----A---- C:\Windows\SYSWOW64\dmusic.dll
2023-07-18 07:15:15 ----A---- C:\Windows\SYSWOW64\dmsynth.dll
2023-07-18 07:15:15 ----A---- C:\Windows\SYSWOW64\dmstyle.dll
2023-07-18 07:15:15 ----A---- C:\Windows\SYSWOW64\dmscript.dll
2023-07-18 07:15:15 ----A---- C:\Windows\SYSWOW64\dmloader.dll
2023-07-18 07:15:15 ----A---- C:\Windows\SYSWOW64\dmime.dll
2023-07-18 07:15:15 ----A---- C:\Windows\SYSWOW64\dmcompos.dll
2023-07-18 07:15:15 ----A---- C:\Windows\SYSWOW64\dmband.dll
2023-07-18 07:15:15 ----A---- C:\Windows\system32\vmrdvcore.dll
2023-07-18 07:15:15 ----A---- C:\Windows\system32\termsrv.dll
2023-07-18 07:15:15 ----A---- C:\Windows\system32\SessEnv.dll
2023-07-18 07:15:15 ----A---- C:\Windows\system32\rdsdwmdr.dll
2023-07-18 07:15:15 ----A---- C:\Windows\system32\RDSAppXHelper.dll
2023-07-18 07:15:15 ----A---- C:\Windows\system32\drttransport.dll
2023-07-18 07:15:15 ----A---- C:\Windows\system32\drtprov.dll
2023-07-18 07:15:15 ----A---- C:\Windows\system32\drt.dll
2023-07-18 07:15:15 ----A---- C:\Windows\system32\CXHProvisioningServer.dll
2023-07-18 07:15:14 ----A---- C:\Windows\system32\wsp_health.dll
2023-07-18 07:15:14 ----A---- C:\Windows\system32\wsp_fs.dll
2023-07-18 07:15:14 ----A---- C:\Windows\system32\tsgqec.dll
2023-07-18 07:15:14 ----A---- C:\Windows\system32\rdpudd.dll
2023-07-18 07:15:14 ----A---- C:\Windows\system32\rdpcredentialprovider.dll
2023-07-18 07:15:14 ----A---- C:\Windows\system32\rdpcorets.dll
2023-07-18 07:15:14 ----A---- C:\Windows\system32\PktMonApi.dll
2023-07-18 07:15:14 ----A---- C:\Windows\system32\PktMon.exe
2023-07-18 07:15:14 ----A---- C:\Windows\system32\offreg.dll
2023-07-18 07:15:14 ----A---- C:\Windows\system32\nshwfp.dll
2023-07-18 07:15:14 ----A---- C:\Windows\system32\nltest.exe
2023-07-18 07:15:14 ----A---- C:\Windows\system32\mstscax.dll
2023-07-18 07:15:14 ----A---- C:\Windows\system32\mstsc.exe
2023-07-18 07:15:14 ----A---- C:\Windows\system32\msimsg.dll
2023-07-18 07:15:14 ----A---- C:\Windows\system32\msi.dll
2023-07-18 07:15:14 ----A---- C:\Windows\system32\mfsensorgroup.dll
2023-07-18 07:15:14 ----A---- C:\Windows\system32\McpManagementService.dll
2023-07-18 07:15:14 ----A---- C:\Windows\system32\lsmproxy.dll
2023-07-18 07:15:14 ----A---- C:\Windows\system32\FsIso.exe
2023-07-18 07:15:14 ----A---- C:\Windows\system32\FrameServerClient.dll
2023-07-18 07:15:14 ----A---- C:\Windows\system32\FrameServer.dll
2023-07-18 07:15:14 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2023-07-18 07:15:14 ----A---- C:\Windows\system32\drivers\PktMon.sys
2023-07-18 07:15:14 ----A---- C:\Windows\system32\certutil.exe
2023-07-18 07:15:14 ----A---- C:\Windows\system32\certreq.exe
2023-07-18 07:15:13 ----A---- C:\Windows\system32\wshrm.dll
2023-07-18 07:15:13 ----A---- C:\Windows\system32\sqlsrv32.dll
2023-07-18 07:15:13 ----A---- C:\Windows\system32\odbc32.dll
2023-07-18 07:15:13 ----A---- C:\Windows\system32\IndexedDbLegacy.dll
2023-07-18 07:15:13 ----A---- C:\Windows\system32\IESettingSync.exe
2023-07-18 07:15:13 ----A---- C:\Windows\system32\iemigplugin.dll
2023-07-18 07:15:13 ----A---- C:\Windows\system32\ieframe.dll
2023-07-18 07:15:13 ----A---- C:\Windows\system32\drivers\rmcast.sys
2023-07-18 07:15:12 ----A---- C:\Windows\system32\mshtml.dll
2023-07-18 07:15:11 ----A---- C:\Windows\system32\wiatrace.dll
2023-07-18 07:15:11 ----A---- C:\Windows\system32\wiaservc.dll
2023-07-18 07:15:11 ----A---- C:\Windows\system32\wiarpc.dll
2023-07-18 07:15:11 ----A---- C:\Windows\system32\wercplsupport.dll
2023-07-18 07:15:11 ----A---- C:\Windows\system32\werconcpl.dll
2023-07-18 07:15:11 ----A---- C:\Windows\system32\StorSvc.dll
2023-07-18 07:15:11 ----A---- C:\Windows\system32\StorageUsage.dll
2023-07-18 07:15:11 ----A---- C:\Windows\system32\sti.dll
2023-07-18 07:15:11 ----A---- C:\Windows\system32\iassvcs.dll
2023-07-18 07:15:11 ----A---- C:\Windows\system32\iassdo.dll
2023-07-18 07:15:11 ----A---- C:\Windows\system32\iashlpr.dll
2023-07-18 07:15:11 ----A---- C:\Windows\system32\iasdatastore.dll
2023-07-18 07:15:11 ----A---- C:\Windows\system32\EsclWiaDriver.dll
2023-07-18 07:15:11 ----A---- C:\Windows\system32\edgehtml.dll
2023-07-18 07:15:11 ----A---- C:\Windows\system32\dswave.dll
2023-07-18 07:15:11 ----A---- C:\Windows\system32\dmusic.dll
2023-07-18 07:15:11 ----A---- C:\Windows\system32\dmsynth.dll
2023-07-18 07:15:11 ----A---- C:\Windows\system32\dmloader.dll
2023-07-18 07:15:10 ----A---- C:\Windows\system32\xolehlp.dll
2023-07-18 07:15:10 ----A---- C:\Windows\system32\ReportingCSP.dll
2023-07-18 07:15:10 ----A---- C:\Windows\system32\mtxclu.dll
2023-07-18 07:15:10 ----A---- C:\Windows\system32\msdtcuiu.dll
2023-07-18 07:15:10 ----A---- C:\Windows\system32\msdtctm.dll
2023-07-18 07:15:10 ----A---- C:\Windows\system32\msdtcspoffln.dll
2023-07-18 07:15:10 ----A---- C:\Windows\system32\msdtcprx.dll
2023-07-18 07:15:10 ----A---- C:\Windows\system32\msdtclog.dll
2023-07-18 07:15:10 ----A---- C:\Windows\system32\msdtckrm.dll
2023-07-18 07:15:10 ----A---- C:\Windows\system32\msdtc.exe
2023-07-18 07:15:10 ----A---- C:\Windows\system32\MDMAppInstaller.exe
2023-07-18 07:15:10 ----A---- C:\Windows\system32\EnterpriseDesktopAppMgmtCSP.dll
2023-07-18 07:15:10 ----A---- C:\Windows\system32\computestorage.dll
2023-07-18 07:15:09 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2023-07-18 07:15:09 ----A---- C:\Windows\system32\upnphost.dll
2023-07-18 07:15:09 ----A---- C:\Windows\system32\tcbloader.dll
2023-07-18 07:15:09 ----A---- C:\Windows\system32\tcblaunch.exe
2023-07-18 07:15:09 ----A---- C:\Windows\system32\skci.dll
2023-07-18 07:15:09 ----A---- C:\Windows\system32\SecureBootEncodeUEFI.exe
2023-07-18 07:15:09 ----A---- C:\Windows\system32\sdshext.dll
2023-07-18 07:15:09 ----A---- C:\Windows\system32\sdrsvc.dll
2023-07-18 07:15:09 ----A---- C:\Windows\system32\sdengin2.dll
2023-07-18 07:15:09 ----A---- C:\Windows\system32\sdclt.exe
2023-07-18 07:15:09 ----A---- C:\Windows\system32\hvix64.exe
2023-07-18 07:15:09 ----A---- C:\Windows\system32\hvax64.exe
2023-07-18 07:15:08 ----A---- C:\Windows\SYSWOW64\twext.dll
2023-07-18 07:15:08 ----A---- C:\Windows\SYSWOW64\shell32.dll
2023-07-18 07:15:08 ----A---- C:\Windows\SYSWOW64\rtm.dll
2023-07-18 07:15:08 ----A---- C:\Windows\SYSWOW64\iprtrmgr.dll
2023-07-18 07:15:08 ----A---- C:\Windows\SYSWOW64\iprtprio.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\wldp.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\wkscli.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\Windows.Media.Playback.ProxyStub.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\Windows.Media.Playback.MediaPlayer.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\Windows.Media.BackgroundPlayback.exe
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\Windows.Media.BackgroundMediaPlayback.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\Windows.Internal.Management.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\userenv.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\tdh.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\srvcli.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\schedcli.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\setupapi.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\runonce.exe
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\proquota.exe
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\policymanager.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\newdev.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\netlogon.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\msIso.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\msaatext.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\mprdim.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\MicrosoftAccountTokenProvider.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\mdmlocalmanagement.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\logoncli.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\keyiso.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\enrollmentapi.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\edgeIso.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\drvsetup.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\dmenrollengine.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\DMAlertListener.ProxyStub.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\devobj.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\credprovslegacy.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2023-07-18 07:15:07 ----A---- C:\Windows\SYSWOW64\AboveLockAppHost.dll
2023-07-18 07:15:06 ----A---- C:\Windows\SYSWOW64\Windows.Storage.Search.dll
2023-07-18 07:15:06 ----A---- C:\Windows\SYSWOW64\Windows.StateRepositoryUpgrade.dll
2023-07-18 07:15:06 ----A---- C:\Windows\SYSWOW64\Windows.StateRepositoryPS.dll
2023-07-18 07:15:06 ----A---- C:\Windows\SYSWOW64\Windows.StateRepositoryCore.dll
2023-07-18 07:15:06 ----A---- C:\Windows\SYSWOW64\Windows.StateRepositoryClient.dll
2023-07-18 07:15:06 ----A---- C:\Windows\SYSWOW64\Windows.StateRepositoryBroker.dll
2023-07-18 07:15:06 ----A---- C:\Windows\SYSWOW64\Windows.StateRepository.dll
2023-07-18 07:15:06 ----A---- C:\Windows\SYSWOW64\win32u.dll
2023-07-18 07:15:06 ----A---- C:\Windows\SYSWOW64\win32kfull.sys
2023-07-18 07:15:06 ----A---- C:\Windows\SYSWOW64\win32k.sys
2023-07-18 07:15:06 ----A---- C:\Windows\SYSWOW64\user32.dll
2023-07-18 07:15:06 ----A---- C:\Windows\SYSWOW64\updatepolicy.dll
2023-07-18 07:15:06 ----A---- C:\Windows\SYSWOW64\StateRepository.Core.dll
2023-07-18 07:15:06 ----A---- C:\Windows\SYSWOW64\rdpserverbase.dll
2023-07-18 07:15:06 ----A---- C:\Windows\SYSWOW64\rdpbase.dll
2023-07-18 07:15:06 ----A---- C:\Windows\SYSWOW64\profext.dll
2023-07-18 07:15:06 ----A---- C:\Windows\SYSWOW64\negoexts.dll
2023-07-18 07:15:06 ----A---- C:\Windows\SYSWOW64\mdmregistration.dll
2023-07-18 07:15:06 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2023-07-18 07:15:06 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2023-07-18 07:15:06 ----A---- C:\Windows\SYSWOW64\daxexec.dll
2023-07-18 07:15:06 ----A---- C:\Windows\SYSWOW64\CoreMessaging.dll
2023-07-18 07:15:06 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2023-07-18 07:15:06 ----A---- C:\Windows\SYSWOW64\AppXDeploymentClient.dll
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\windows.storage.dll
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.dll
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\twinui.appcore.dll
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\tquery.dll
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\TileDataRepository.dll
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\Search.ProtocolHandler.MAPI2.dll
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\mssprxy.dll
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\mssph.dll
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\mssitlb.dll
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\InstallServiceTasks.dll
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\InstallService.dll
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\InkObjCore.dll
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\crypttpmeksvc.dll
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\CloudExperienceHostCommon.dll
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\ActivationManager.dll
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\aadWamExtension.dll
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\aadtb.dll
2023-07-18 07:15:05 ----A---- C:\Windows\SYSWOW64\aadauthhelper.dll
2023-07-18 07:15:04 ----A---- C:\Windows\SYSWOW64\winsta.dll
2023-07-18 07:15:04 ----A---- C:\Windows\SYSWOW64\Windows.UI.Xaml.dll
2023-07-18 07:15:04 ----A---- C:\Windows\SYSWOW64\twinui.dll
2023-07-18 07:15:04 ----A---- C:\Windows\SYSWOW64\twinapi.dll
2023-07-18 07:15:04 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2023-07-18 07:15:04 ----A---- C:\Windows\SYSWOW64\ReAgentc.exe
2023-07-18 07:15:04 ----A---- C:\Windows\SYSWOW64\LaunchWinApp.exe
2023-07-18 07:15:04 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2023-07-18 07:15:04 ----A---- C:\Windows\SYSWOW64\IDStore.dll
2023-07-18 07:15:04 ----A---- C:\Windows\SYSWOW64\dot3msm.dll
2023-07-18 07:15:04 ----A---- C:\Windows\SYSWOW64\dot3api.dll
2023-07-18 07:15:03 ----A---- C:\Windows\SYSWOW64\wscproxystub.dll
2023-07-18 07:15:03 ----A---- C:\Windows\SYSWOW64\wscisvif.dll
2023-07-18 07:15:03 ----A---- C:\Windows\SYSWOW64\wscapi.dll
2023-07-18 07:15:03 ----A---- C:\Windows\SYSWOW64\wscadminui.exe
2023-07-18 07:15:03 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.ConversationalAgent.dll
2023-07-18 07:15:03 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2023-07-18 07:15:03 ----A---- C:\Windows\SYSWOW64\profapi.dll
2023-07-18 07:15:03 ----A---- C:\Windows\SYSWOW64\PCPKsp.dll
2023-07-18 07:15:03 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2023-07-18 07:15:03 ----A---- C:\Windows\SYSWOW64\explorer.exe
2023-07-18 07:15:03 ----A---- C:\Windows\SYSWOW64\dsound.dll
2023-07-18 07:15:03 ----A---- C:\Windows\SYSWOW64\dsdmo.dll
2023-07-18 07:15:03 ----A---- C:\Windows\SYSWOW64\browcli.dll
2023-07-18 07:15:03 ----A---- C:\Windows\system32\ServicingUAPI.dll
2023-07-18 07:15:03 ----A---- C:\Windows\system32\kernel32.dll
2023-07-18 07:15:02 ----A---- C:\Windows\system32\winsta.dll
2023-07-18 07:15:02 ----A---- C:\Windows\system32\twinui.dll
2023-07-18 07:15:02 ----A---- C:\Windows\system32\twinapi.dll
2023-07-18 07:15:02 ----A---- C:\Windows\system32\TSWorkspace.dll
2023-07-18 07:15:02 ----A---- C:\Windows\system32\rtm.dll
2023-07-18 07:15:02 ----A---- C:\Windows\system32\mprdim.dll
2023-07-18 07:15:02 ----A---- C:\Windows\system32\lsm.dll
2023-07-18 07:15:02 ----A---- C:\Windows\system32\LaunchWinApp.exe
2023-07-18 07:15:02 ----A---- C:\Windows\system32\iprtrmgr.dll
2023-07-18 07:15:02 ----A---- C:\Windows\system32\iprtprio.dll
2023-07-18 07:15:02 ----A---- C:\Windows\system32\drvsetup.dll
2023-07-18 07:15:02 ----A---- C:\Windows\system32\drivers\volsnap.sys
2023-07-18 07:15:02 ----A---- C:\Windows\system32\6bea57fb-8dfb-4177-9ae8-42e8b3529933_RuntimeDeviceInstall.dll
2023-07-18 07:15:01 ----A---- C:\Windows\system32\WUDFx02000.dll
2023-07-18 07:15:01 ----A---- C:\Windows\system32\WUDFPlatform.dll
2023-07-18 07:15:01 ----A---- C:\Windows\system32\WUDFHost.exe
2023-07-18 07:15:01 ----A---- C:\Windows\system32\WUDFCompanionHost.exe
2023-07-18 07:15:01 ----A---- C:\Windows\system32\WsmSvc.dll
2023-07-18 07:15:01 ----A---- C:\Windows\system32\urlmon.dll
2023-07-18 07:15:01 ----A---- C:\Windows\system32\setupapi.dll
2023-07-18 07:15:01 ----A---- C:\Windows\system32\runonce.exe
2023-07-18 07:15:01 ----A---- C:\Windows\system32\ReAgentc.exe
2023-07-18 07:15:01 ----A---- C:\Windows\system32\pnputil.exe
2023-07-18 07:15:01 ----A---- C:\Windows\system32\pnppolicy.dll
2023-07-18 07:15:01 ----A---- C:\Windows\system32\newdev.dll
2023-07-18 07:15:01 ----A---- C:\Windows\system32\msIso.dll
2023-07-18 07:15:01 ----A---- C:\Windows\system32\msaatext.dll
2023-07-18 07:15:01 ----A---- C:\Windows\system32\lapscsp.dll
2023-07-18 07:15:01 ----A---- C:\Windows\system32\laps.dll
2023-07-18 07:15:01 ----A---- C:\Windows\system32\iertutil.dll
2023-07-18 07:15:01 ----A---- C:\Windows\system32\gpapi.dll
2023-07-18 07:15:01 ----A---- C:\Windows\system32\edgeIso.dll
2023-07-18 07:15:01 ----A---- C:\Windows\system32\drvinst.exe
2023-07-18 07:15:01 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2023-07-18 07:15:01 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2023-07-18 07:15:01 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2023-07-18 07:15:01 ----A---- C:\Windows\system32\AppXDeploymentServer.dll
2023-07-18 07:15:01 ----A---- C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2023-07-18 07:15:01 ----A---- C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2023-07-18 07:15:01 ----A---- C:\Windows\system32\ApplyTrustOffline.exe
2023-07-18 07:15:01 ----A---- C:\Windows\system32\AboveLockAppHost.dll
2023-07-18 07:15:00 ----A---- C:\Windows\system32\Windows.Internal.Management.dll
2023-07-18 07:15:00 ----A---- C:\Windows\system32\umb.dll
2023-07-18 07:15:00 ----A---- C:\Windows\system32\tpmvscmgrsvr.exe
2023-07-18 07:15:00 ----A---- C:\Windows\system32\tdh.dll
2023-07-18 07:15:00 ----A---- C:\Windows\system32\sppsvc.exe
2023-07-18 07:15:00 ----A---- C:\Windows\system32\sppobjs.dll
2023-07-18 07:15:00 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2023-07-18 07:15:00 ----A---- C:\Windows\system32\rmttpmvscmgrsvr.exe
2023-07-18 07:15:00 ----A---- C:\Windows\system32\proquota.exe
2023-07-18 07:15:00 ----A---- C:\Windows\system32\profprov.dll
2023-07-18 07:15:00 ----A---- C:\Windows\system32\policymanager.dll
2023-07-18 07:15:00 ----A---- C:\Windows\system32\omadmclient.exe
2023-07-18 07:15:00 ----A---- C:\Windows\system32\mdmmigrator.dll
2023-07-18 07:15:00 ----A---- C:\Windows\system32\mdmlocalmanagement.dll
2023-07-18 07:15:00 ----A---- C:\Windows\system32\LocationFrameworkPS.dll
2023-07-18 07:15:00 ----A---- C:\Windows\system32\LocationFrameworkInternalPS.dll
2023-07-18 07:15:00 ----A---- C:\Windows\system32\LocationFramework.dll
2023-07-18 07:15:00 ----A---- C:\Windows\system32\immersivetpmvscmgrsvr.exe
2023-07-18 07:15:00 ----A---- C:\Windows\system32\gpsvc.dll
2023-07-18 07:15:00 ----A---- C:\Windows\system32\enrollmentapi.dll
2023-07-18 07:15:00 ----A---- C:\Windows\system32\dmenrollengine.dll
2023-07-18 07:15:00 ----A---- C:\Windows\system32\DMAlertListener.ProxyStub.dll
2023-07-18 07:15:00 ----A---- C:\Windows\system32\credprovslegacy.dll
2023-07-18 07:15:00 ----A---- C:\Windows\system32\configmanager2.dll
2023-07-18 07:15:00 ----A---- C:\Windows\system32\certprop.dll
2023-07-18 07:15:00 ----A---- C:\Windows\fonts\StaticCache.dat
2023-07-18 07:14:59 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2023-07-18 07:14:59 ----A---- C:\Windows\system32\winlogon.exe
2023-07-18 07:14:59 ----A---- C:\Windows\system32\twext.dll
2023-07-18 07:14:59 ----A---- C:\Windows\system32\shell32.dll
2023-07-18 07:14:59 ----A---- C:\Windows\system32\netlogon.dll
2023-07-18 07:14:59 ----A---- C:\Windows\system32\KernelBase.dll
2023-07-18 07:14:59 ----A---- C:\Windows\system32\drivers\tm.sys
2023-07-18 07:14:59 ----A---- C:\Windows\system32\drivers\tcpip.sys
2023-07-18 07:14:59 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2023-07-18 07:14:59 ----A---- C:\Windows\system32\drivers\clfs.sys
2023-07-18 07:14:59 ----A---- C:\Windows\system32\drivers\afd.sys
2023-07-18 07:14:58 ----A---- C:\Windows\system32\rpcrt4.dll
2023-07-18 07:14:58 ----A---- C:\Windows\system32\profapi.dll
2023-07-18 07:14:58 ----A---- C:\Windows\system32\ntoskrnl.exe
2023-07-18 07:14:58 ----A---- C:\Windows\system32\ntdll.dll
2023-07-18 07:14:58 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2023-07-18 07:14:58 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2023-07-18 07:14:58 ----A---- C:\Windows\system32\drivers\partmgr.sys
2023-07-18 07:14:58 ----A---- C:\Windows\system32\drivers\ntfs.sys
2023-07-18 07:14:58 ----A---- C:\Windows\system32\drivers\netio.sys
2023-07-18 07:14:58 ----A---- C:\Windows\system32\drivers\msrpc.sys
2023-07-18 07:14:57 ----A---- C:\Windows\system32\wkscli.dll
2023-07-18 07:14:57 ----A---- C:\Windows\system32\utcutil.dll
2023-07-18 07:14:57 ----A---- C:\Windows\system32\userenv.dll
2023-07-18 07:14:57 ----A---- C:\Windows\system32\srvcli.dll
2023-07-18 07:14:57 ----A---- C:\Windows\system32\schedcli.dll
2023-07-18 07:14:57 ----A---- C:\Windows\system32\samsrv.dll
2023-07-18 07:14:57 ----A---- C:\Windows\system32\samlib.dll
2023-07-18 07:14:57 ----A---- C:\Windows\system32\runexehelper.exe
2023-07-18 07:14:57 ----A---- C:\Windows\system32\profsvc.dll
2023-07-18 07:14:57 ----A---- C:\Windows\system32\oleaut32.dll
2023-07-18 07:14:57 ----A---- C:\Windows\system32\offlinesam.dll
2023-07-18 07:14:57 ----A---- C:\Windows\system32\offlinelsa.dll
2023-07-18 07:14:57 ----A---- C:\Windows\system32\microsoft-windows-system-events.dll
2023-07-18 07:14:57 ----A---- C:\Windows\system32\lsasrv.dll
2023-07-18 07:14:57 ----A---- C:\Windows\system32\logoncli.dll
2023-07-18 07:14:57 ----A---- C:\Windows\system32\keyiso.dll
2023-07-18 07:14:57 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2023-07-18 07:14:57 ----A---- C:\Windows\system32\drivers\cng.sys
2023-07-18 07:14:57 ----A---- C:\Windows\system32\diagtrack.dll
2023-07-18 07:14:57 ----A---- C:\Windows\system32\diagnosticdataquery.dll
2023-07-18 07:14:57 ----A---- C:\Windows\system32\devrtl.dll
2023-07-18 07:14:57 ----A---- C:\Windows\system32\devobj.dll
2023-07-18 07:14:57 ----A---- C:\Windows\system32\dab.dll
2023-07-18 07:14:57 ----A---- C:\Windows\system32\cfgmgr32.dll
2023-07-18 07:14:56 ----A---- C:\Windows\system32\winresume.exe
2023-07-18 07:14:56 ----A---- C:\Windows\system32\rpcss.dll
2023-07-18 07:14:56 ----A---- C:\Windows\system32\dwmcore.dll
2023-07-18 07:14:56 ----A---- C:\Windows\system32\drivers\cldflt.sys
2023-07-18 07:14:56 ----A---- C:\Windows\system32\crypt32.dll
2023-07-18 07:14:56 ----A---- C:\Windows\system32\comsvcs.dll
2023-07-18 07:14:56 ----A---- C:\Windows\system32\CloudExperienceHostBroker.dll
2023-07-18 07:14:56 ----A---- C:\Windows\system32\ci.dll
2023-07-18 07:14:56 ----A---- C:\Windows\system32\bcrypt.dll
2023-07-18 07:14:55 ----A---- C:\Windows\system32\winload.exe
2023-07-18 07:14:55 ----A---- C:\Windows\system32\twinui.pcshell.dll
2023-07-18 07:14:55 ----A---- C:\Windows\system32\ShellAppRuntime.exe
2023-07-18 07:14:55 ----A---- C:\Windows\system32\SettingsHandlers_Region.dll
2023-07-18 07:14:55 ----A---- C:\Windows\system32\SettingsHandlers_Language.dll
2023-07-18 07:14:55 ----A---- C:\Windows\system32\SettingsEnvironment.Desktop.dll
2023-07-18 07:14:55 ----A---- C:\Windows\system32\osk.exe
2023-07-18 07:14:55 ----A---- C:\Windows\system32\drivers\refs.sys
2023-07-18 07:14:54 ----A---- C:\Windows\system32\windows.immersiveshell.serviceprovider.dll
2023-07-18 07:14:54 ----A---- C:\Windows\system32\win32u.dll
2023-07-18 07:14:54 ----A---- C:\Windows\system32\win32kfull.sys
2023-07-18 07:14:54 ----A---- C:\Windows\system32\win32k.sys
2023-07-18 07:14:54 ----A---- C:\Windows\system32\wevtsvc.dll
2023-07-18 07:14:54 ----A---- C:\Windows\system32\wcimage.dll
2023-07-18 07:14:54 ----A---- C:\Windows\system32\wc_storage.dll
2023-07-18 07:14:54 ----A---- C:\Windows\system32\UpdateAgent.dll
2023-07-18 07:14:54 ----A---- C:\Windows\system32\rdpserverbase.dll
2023-07-18 07:14:54 ----A---- C:\Windows\system32\rdpbase.dll
2023-07-18 07:14:54 ----A---- C:\Windows\system32\mdmregistration.dll
2023-07-18 07:14:54 ----A---- C:\Windows\system32\HttpsDataSource.dll
2023-07-18 07:14:54 ----A---- C:\Windows\system32\EnterpriseAppMgmtSvc.dll
2023-07-18 07:14:54 ----A---- C:\Windows\system32\EnterpriseAppMgmtClient.dll
2023-07-18 07:14:54 ----A---- C:\Windows\system32\daxexec.dll
2023-07-18 07:14:54 ----A---- C:\Windows\system32\CloudDomainJoinAUG.dll
2023-07-18 07:14:53 ----A---- C:\Windows\system32\windows.storage.dll
2023-07-18 07:14:53 ----A---- C:\Windows\system32\Windows.StateRepositoryUpgrade.dll
2023-07-18 07:14:53 ----A---- C:\Windows\system32\Windows.StateRepositoryPS.dll
2023-07-18 07:14:53 ----A---- C:\Windows\system32\Windows.StateRepositoryCore.dll
2023-07-18 07:14:53 ----A---- C:\Windows\system32\Windows.StateRepositoryClient.dll
2023-07-18 07:14:53 ----A---- C:\Windows\system32\Windows.StateRepositoryBroker.dll
2023-07-18 07:14:53 ----A---- C:\Windows\system32\Windows.StateRepository.dll
2023-07-18 07:14:53 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2023-07-18 07:14:53 ----A---- C:\Windows\system32\WaaSMedicSvc.dll
2023-07-18 07:14:53 ----A---- C:\Windows\system32\WaaSMedicPS.dll
2023-07-18 07:14:53 ----A---- C:\Windows\system32\WaaSMedicCapsule.dll
2023-07-18 07:14:53 ----A---- C:\Windows\system32\WaaSMedicAgent.exe
2023-07-18 07:14:53 ----A---- C:\Windows\system32\StateRepository.Core.dll
2023-07-18 07:14:53 ----A---- C:\Windows\system32\profext.dll
2023-07-18 07:14:53 ----A---- C:\Windows\system32\kerberos.dll
2023-07-18 07:14:53 ----A---- C:\Windows\system32\IKEEXT.DLL
2023-07-18 07:14:53 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2023-07-18 07:14:53 ----A---- C:\Windows\system32\drivers\wfplwfs.sys
2023-07-18 07:14:53 ----A---- C:\Windows\system32\BFE.DLL
2023-07-18 07:14:53 ----A---- C:\Windows\system32\AppXDeploymentClient.dll
2023-07-18 07:14:52 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.dll
2023-07-18 07:14:52 ----A---- C:\Windows\system32\win32kbase.sys
2023-07-18 07:14:52 ----A---- C:\Windows\system32\tquery.dll
2023-07-18 07:14:52 ----A---- C:\Windows\system32\TileDataRepository.dll
2023-07-18 07:14:52 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2023-07-18 07:14:52 ----A---- C:\Windows\system32\SearchIndexer.exe
2023-07-18 07:14:52 ----A---- C:\Windows\system32\SearchFilterHost.exe
2023-07-18 07:14:52 ----A---- C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll
2023-07-18 07:14:52 ----A---- C:\Windows\system32\mssvp.dll
2023-07-18 07:14:52 ----A---- C:\Windows\system32\mssrch.dll
2023-07-18 07:14:52 ----A---- C:\Windows\system32\mssprxy.dll
2023-07-18 07:14:52 ----A---- C:\Windows\system32\mssph.dll
2023-07-18 07:14:52 ----A---- C:\Windows\system32\mssitlb.dll
2023-07-18 07:14:52 ----A---- C:\Windows\system32\msscntrs.dll
2023-07-18 07:14:52 ----A---- C:\Windows\system32\ISM.dll
2023-07-18 07:14:52 ----A---- C:\Windows\system32\InstallServiceTasks.dll
2023-07-18 07:14:52 ----A---- C:\Windows\system32\InstallService.dll
2023-07-18 07:14:52 ----A---- C:\Windows\system32\InkObjCore.dll
2023-07-18 07:14:52 ----A---- C:\Windows\system32\FntCache.dll
2023-07-18 07:14:44 ----A---- C:\Windows\system32\wlidsvc.dll
2023-07-18 07:14:44 ----A---- C:\Windows\system32\Windows.Storage.Search.dll
2023-07-18 07:14:44 ----A---- C:\Windows\system32\updatepolicy.dll
2023-07-18 07:14:44 ----A---- C:\Windows\system32\negoexts.dll
2023-07-18 07:14:44 ----A---- C:\Windows\system32\IDStore.dll
2023-07-18 07:14:44 ----A---- C:\Windows\system32\GameInput.dll
2023-07-18 07:14:44 ----A---- C:\Windows\system32\drivers\ClipSp.sys
2023-07-18 07:14:44 ----A---- C:\Windows\system32\crypttpmeksvc.dll
2023-07-18 07:14:44 ----A---- C:\Windows\system32\CloudExperienceHostCommon.dll
2023-07-18 07:14:44 ----A---- C:\Windows\system32\ActivationManager.dll
2023-07-18 07:14:43 ----A---- C:\Windows\system32\twinui.appcore.dll
2023-07-18 07:14:43 ----A---- C:\Windows\system32\MicrosoftAccountTokenProvider.dll
2023-07-18 07:14:43 ----A---- C:\Windows\system32\aadWamExtension.dll
2023-07-18 07:14:43 ----A---- C:\Windows\system32\aadtb.dll
2023-07-18 07:14:43 ----A---- C:\Windows\system32\aadcloudap.dll
2023-07-18 07:14:43 ----A---- C:\Windows\system32\aadauthhelper.dll
2023-07-18 07:14:42 ----A---- C:\Windows\system32\WiredNetworkCSP.dll
2023-07-18 07:14:42 ----A---- C:\Windows\system32\Windows.UI.Xaml.dll
2023-07-18 07:14:42 ----A---- C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2023-07-18 07:14:42 ----A---- C:\Windows\system32\Windows.Media.Playback.ProxyStub.dll
2023-07-18 07:14:42 ----A---- C:\Windows\system32\Windows.Media.Playback.MediaPlayer.dll
2023-07-18 07:14:42 ----A---- C:\Windows\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2023-07-18 07:14:42 ----A---- C:\Windows\system32\Windows.Media.BackgroundPlayback.exe
2023-07-18 07:14:42 ----A---- C:\Windows\system32\Windows.Media.BackgroundMediaPlayback.dll
2023-07-18 07:14:42 ----A---- C:\Windows\system32\Windows.CloudStore.Schema.Shell.dll
2023-07-18 07:14:42 ----A---- C:\Windows\system32\Windows.CloudStore.dll
2023-07-18 07:14:42 ----A---- C:\Windows\system32\dot3svc.dll
2023-07-18 07:14:42 ----A---- C:\Windows\system32\dot3msm.dll
2023-07-18 07:14:42 ----A---- C:\Windows\system32\dot3api.dll
2023-07-18 07:14:42 ----A---- C:\Windows\system32\cdpusersvc.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\wscsvc.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\wscproxystub.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\wscisvif.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\wscapi.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\wscadminui.exe
2023-07-18 07:14:41 ----A---- C:\Windows\system32\wpx.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\Windows.Internal.System.UserProfile.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\Windows.ApplicationModel.ConversationalAgent.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\win32spl.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\wifidatacapabilityhandler.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\wcmsvc.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\wcmcsp.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\TpmTasks.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\spoolsv.exe
2023-07-18 07:14:41 ----A---- C:\Windows\system32\spoolss.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\SpatialAudioLicenseSrv.exe
2023-07-18 07:14:41 ----A---- C:\Windows\system32\SettingsHandlers_WorkAccess.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\remoteaudioendpoint.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\PrintIsolationProxy.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2023-07-18 07:14:41 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\PrinterCleanupTask.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\PCPKsp.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\ManageCI.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\localspl.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\fcon.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\FaxPrinterInstaller.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\dsound.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\dsdmo.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\CoreMas.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\CloudRestoreLauncher.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\cellulardatacapabilityhandler.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\browcli.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\bcdedit.exe
2023-07-18 07:14:41 ----A---- C:\Windows\system32\audiosrv.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\audioresourceregistrar.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\AUDIOKSE.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\AudioEng.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\AudioEndpointBuilder.dll
2023-07-18 07:14:41 ----A---- C:\Windows\system32\audiodg.exe
2023-07-18 07:14:41 ----A---- C:\Windows\system32\agentactivationruntimewindows.dll
2023-07-18 07:14:41 ----A---- C:\Windows\splwow64.exe
2023-07-18 07:14:41 ----A---- C:\Windows\explorer.exe
2023-07-18 07:14:40 ----A---- C:\Windows\system32\tssrvlic.dll
2023-07-18 07:14:40 ----A---- C:\Windows\system32\SpeechPal.dll
2023-07-18 07:14:39 ----A---- C:\Windows\system32\tellib.dll
2023-07-18 07:14:39 ----A---- C:\Windows\system32\mssecwfpu.dll
2023-07-18 07:14:39 ----A---- C:\Windows\system32\mssecuser.dll
2023-07-18 07:14:39 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2023-07-18 07:14:39 ----A---- C:\Windows\system32\drivers\usbport.sys
2023-07-18 07:14:39 ----A---- C:\Windows\system32\drivers\usbohci.sys
2023-07-18 07:14:39 ----A---- C:\Windows\system32\drivers\USBHUB3.SYS
2023-07-18 07:14:39 ----A---- C:\Windows\system32\drivers\usbhub.sys
2023-07-18 07:14:39 ----A---- C:\Windows\system32\drivers\usbehci.sys
2023-07-18 07:14:39 ----A---- C:\Windows\system32\drivers\usbd.sys
2023-07-18 07:14:39 ----A---- C:\Windows\system32\drivers\stornvme.sys
2023-07-18 07:14:39 ----A---- C:\Windows\system32\drivers\mssecwfp.sys
2023-07-18 07:14:39 ----A---- C:\Windows\system32\drivers\mssecflt.sys
2023-07-18 07:14:39 ----A---- C:\Windows\system32\drivers\msseccore.sys
2023-07-18 07:14:38 ----A---- C:\Windows\system32\drivers\USBAUDIO.sys
2023-07-18 07:14:38 ----A---- C:\Windows\system32\drivers\hdaudbus.sys
2023-07-17 21:26:59 ----HD---- C:\$WinREAgent
2023-07-17 21:25:36 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2023-07-17 21:25:35 ----A---- C:\Windows\system32\poqexec.exe
======List of files/folders modified in the last 1 month======
2023-08-02 19:21:52 ----RD---- C:\Program Files
2023-08-02 19:21:31 ----D---- C:\ProgramData\AomeiBR
2023-08-02 19:18:55 ----D---- C:\Windows\System32
2023-08-02 19:18:55 ----D---- C:\Windows\INF
2023-08-02 19:18:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2023-08-02 19:15:40 ----SHD---- C:\System Volume Information
2023-08-02 19:14:12 ----RD---- C:\Program Files (x86)
2023-08-02 19:13:59 ----D---- C:\Windows\SystemTemp
2023-08-02 19:13:59 ----D---- C:\Program Files (x86)\Google
2023-08-02 19:12:36 ----D---- C:\Windows\Prefetch
2023-08-02 19:12:01 ----D---- C:\Windows\Temp
2023-08-02 19:11:57 ----D---- C:\Windows\system32\sru
2023-08-02 19:11:52 ----ASH---- C:\DumpStack.log.tmp
2023-08-02 18:46:15 ----D---- C:\Users\Pavel\AppData\Roaming\Mozilla
2023-08-02 15:15:59 ----RD---- C:\Windows\Microsoft.NET
2023-08-02 12:47:54 ----D---- C:\Windows\system32\SleepStudy
2023-08-01 15:24:18 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2023-08-01 11:17:09 ----HD---- C:\Program Files\WindowsApps
2023-07-30 11:01:34 ----D---- C:\Windows\AppReadiness
2023-07-29 08:46:43 ----D---- C:\Windows\system32\Tasks
2023-07-29 08:01:54 ----D---- C:\Windows\system32\config
2023-07-28 13:45:57 ----D---- C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-07-27 15:21:42 ----N---- C:\Windows\system32\MpSigStub.exe
2023-07-26 13:06:55 ----D---- C:\Users\Pavel\AppData\Roaming\ghostwriter
2023-07-25 20:53:05 ----D---- C:\Windows\system32\drivers\wd
2023-07-23 16:18:55 ----D---- C:\Utility
2023-07-23 14:58:36 ----SHD---- C:\Windows\Installer
2023-07-23 14:58:35 ----SD---- C:\Users\Pavel\AppData\Roaming\Microsoft
2023-07-22 14:14:07 ----D---- C:\Users\Pavel\AppData\Roaming\youtube-music-desktop-app
2023-07-21 15:07:48 ----D---- C:\Windows\WinSxS
2023-07-20 21:22:48 ----D---- C:\Users\Pavel\AppData\Roaming\Adobe
2023-07-20 21:21:51 ----D---- C:\ProgramData\Adobe
2023-07-20 21:17:43 ----D---- C:\Program Files (x86)\Adobe
2023-07-20 21:07:11 ----D---- C:\ProgramData\Packages
2023-07-20 21:05:21 ----D---- C:\ProgramData\Package Cache
2023-07-20 21:05:20 ----D---- C:\Windows\SysWOW64
2023-07-20 21:02:26 ----D---- C:\Program Files\Common Files
2023-07-20 08:49:52 ----D---- C:\Windows\system32\drivers
2023-07-19 20:41:01 ----HD---- C:\ProgramData
2023-07-18 09:08:28 ----D---- C:\Windows
2023-07-18 09:08:27 ----D---- C:\Windows\Logs
2023-07-18 09:08:22 ----D---- C:\Windows\system32\DriverStore
2023-07-18 09:07:40 ----D---- C:\Windows\system32\catroot2
2023-07-18 09:07:23 ----D---- C:\Windows\SYSWOW64\wbem
2023-07-18 09:07:23 ----D---- C:\Windows\SYSWOW64\sr-Latn-RS
2023-07-18 09:07:23 ----D---- C:\Windows\SYSWOW64\setup
2023-07-18 09:07:23 ----D---- C:\Windows\SYSWOW64\migration
2023-07-18 09:07:23 ----D---- C:\Windows\SystemResources
2023-07-18 09:07:23 ----D---- C:\Windows\system32\wbem
2023-07-18 09:07:23 ----D---- C:\Windows\system32\sr-Latn-RS
2023-07-18 09:07:23 ----D---- C:\Windows\system32\setup
2023-07-18 09:07:23 ----D---- C:\Windows\system32\SecureBootUpdates
2023-07-18 09:07:23 ----D---- C:\Windows\system32\oobe
2023-07-18 09:07:23 ----D---- C:\Windows\system32\migration
2023-07-18 09:07:23 ----D---- C:\Windows\system32\fr-CA
2023-07-18 09:07:23 ----D---- C:\Windows\system32\en-US
2023-07-18 09:07:23 ----D---- C:\Windows\system32\drivers\cs-CZ
2023-07-18 09:07:23 ----D---- C:\Windows\system32\cs-CZ
2023-07-18 09:07:23 ----D---- C:\Windows\system32\Boot
2023-07-18 09:07:22 ----RSD---- C:\Windows\Fonts
2023-07-18 09:07:22 ----RD---- C:\Windows\ImmersiveControlPanel
2023-07-18 09:07:22 ----D---- C:\Windows\system32\CodeIntegrity
2023-07-18 09:07:22 ----D---- C:\Windows\bcastdvr
2023-07-18 09:07:22 ----D---- C:\Windows\apppatch
2023-07-18 09:07:22 ----D---- C:\Program Files\Windows Defender Advanced Threat Protection
2023-07-18 09:07:22 ----D---- C:\Program Files\Internet Explorer
2023-07-18 09:07:22 ----D---- C:\Program Files (x86)\Internet Explorer
2023-07-18 07:27:12 ----RD---- C:\Windows\assembly
2023-07-18 07:17:38 ----D---- C:\Windows\CbsTemp
2023-07-18 07:14:39 ----A---- C:\Windows\SYSWOW64\PrintConfig.dll
2023-07-17 21:19:06 ----D---- C:\Windows\system32\MRT
2023-07-17 21:14:48 ----AC---- C:\Windows\system32\MRT.exe
2023-07-17 21:07:32 ----D---- C:\ProgramData\MEGAsync
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 ambakdrv;ambakdrv; C:\Windows\system32\ambakdrv.sys [2019-05-14 51120]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\Windows\system32\drivers\iorate.sys [2022-09-08 57168]
R0 MsSecCore;@%SystemRoot%\System32\Drivers\msseccore.sys,-1001; C:\Windows\system32\drivers\msseccore.sys [2023-07-18 26496]
R1 afunix;afunix; C:\Windows\system32\drivers\afunix.sys [2022-09-08 44032]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\Windows\system32\drivers\bam.sys [2019-12-07 78136]
R1 CimFS;CimFS; C:\Windows\system32\drivers\CimFS.sys [2023-04-25 95232]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\Windows\system32\drivers\filecrypt.sys [2019-12-07 59392]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\Windows\System32\drivers\gpuenergydrv.sys [2019-12-07 8704]
R2 ammntdrv;ammntdrv; \??\C:\Windows\system32\ammntdrv.sys [2023-08-02 172928]
R2 amwrtdrv;amwrtdrv; \??\C:\Windows\system32\amwrtdrv.sys [2023-08-02 32176]
R2 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\Windows\system32\drivers\bindflt.sys [2023-04-25 145760]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\Windows\system32\drivers\cldflt.sys [2023-07-18 497664]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\Windows\system32\drivers\mmcss.sys [2022-09-08 53248]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2015-12-16 21648880]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2015-12-16 674288]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2023-05-11 113664]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2023-04-25 133632]
R3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\Windows\System32\drivers\BTHport.sys [2023-05-11 1565696]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\Windows\System32\drivers\BTHUSB.sys [2023-05-11 110592]
R3 e1i65x64;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\Windows\System32\drivers\e1i65x64.sys [2019-12-07 553984]
R3 MsQuic;@%SystemRoot%\system32\drivers\msquic.sys,-1; C:\Windows\system32\drivers\msquic.sys [2022-09-08 322376]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2019-12-07 213504]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\Windows\System32\drivers\rt640x64.sys [2019-12-07 694272]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\Windows\System32\drivers\bttflt.sys [2019-12-07 43832]
S0 cht4iscsi;cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [2019-12-07 319800]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\Windows\System32\drivers\iaStorAVC.sys [2019-12-07 884752]
S0 ItSas35i;ItSas35i; C:\Windows\System32\drivers\ItSas35i.sys [2019-12-07 172344]
S0 LSI_SAS2i;LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [2019-12-07 124216]
S0 LSI_SAS3i;LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [2019-12-07 135992]
S0 megasas2i;megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [2019-12-07 81720]
S0 megasas35i;megasas35i; C:\Windows\System32\drivers\megasas35i.sys [2019-12-07 105480]
S0 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\Windows\System32\drivers\nvdimm.sys [2019-12-07 168464]
S0 percsas2i;percsas2i; C:\Windows\System32\drivers\percsas2i.sys [2019-12-07 58680]
S0 percsas3i;percsas3i; C:\Windows\System32\drivers\percsas3i.sys [2019-12-07 68408]
S0 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\Windows\System32\drivers\pmem.sys [2022-09-08 142176]
S0 Ramdisk;Windows RAM Disk Driver; C:\Windows\system32\DRIVERS\ramdisk.sys [2019-12-07 42296]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\Windows\System32\drivers\scmbus.sys [2022-09-08 158520]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\Windows\System32\drivers\AcpiDev.sys [2019-12-07 23040]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\Windows\system32\drivers\Acx01000.sys [2022-09-08 694272]
S3 amdgpio2;@amdgpio2.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\Windows\System32\drivers\amdgpio2.sys [2019-12-07 18432]
S3 amdi2c;@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\Windows\System32\drivers\amdi2c.sys [2019-12-07 45568]
S3 ampa;ampa; \??\C:\Windows\system32\ampa.sys [2017-02-28 38320]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\Windows\system32\drivers\applockerfltr.sys [2023-04-25 18432]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\Windows\system32\drivers\AppvStrm.sys [2023-07-18 140160]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\Windows\system32\drivers\AppvVemgr.sys [2023-07-18 175432]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\Windows\system32\drivers\AppvVfs.sys [2023-07-18 155992]
S3 AthDfu;@oem7.inf,%AthDfu.SvcDesc%;Atheros Valkyrie USB BootROM; C:\Windows\System32\Drivers\AthDfu.sys [2012-08-22 55336]
S3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\Windows\System32\drivers\BthA2dp.sys [2019-12-07 279040]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2022-09-08 106496]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\Windows\System32\drivers\BTHMINI.sys [2023-05-11 45568]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\Windows\System32\drivers\buttonconverter.sys [2019-12-07 44032]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\Windows\System32\drivers\CAD.sys [2019-12-07 66576]
S3 ddmdrv;ddmdrv; \??\C:\Windows\system32\ddmdrv.sys [2016-12-27 35760]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\Windows\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys [2019-12-07 23040]
S3 glusbflt;glusbflt; \??\C:\Windows\system32\drivers\glusbflt.sys [2022-09-27 57288]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\Windows\System32\drivers\hidinterrupt.sys [2019-12-07 55824]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\Windows\System32\drivers\hidspi.sys [2023-06-14 104448]
S3 HidSpiCx;HidSpi KMDF Class Extension; C:\Windows\system32\drivers\HidSpiCx.sys [2023-06-14 98304]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\Windows\system32\drivers\hvservice.sys [2023-04-25 96112]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\Windows\System32\Drivers\mshwnclx.sys [2019-12-07 30208]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\Windows\System32\drivers\cht4vx64.sys [2019-12-07 1853752]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\Windows\System32\drivers\iagpio.sys [2019-12-07 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\Windows\System32\drivers\iai2c.sys [2019-12-07 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [2019-12-07 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2019-12-07 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2019-12-07 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2019-12-07 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [2019-12-07 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2019-12-07 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C_CNL.sys [2019-12-07 177152]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C_GLK.sys [2019-12-07 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\Windows\System32\drivers\ibbus.sys [2019-12-07 558904]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\Windows\System32\drivers\IndirectKmd.sys [2022-09-08 47104]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel(R) Dynamic Device Peak Power Manager Driver; C:\Windows\System32\drivers\intelpmax.sys [2019-12-07 30720]
S3 IPT;IPT; C:\Windows\System32\drivers\ipt.sys [2019-12-07 59704]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\Windows\System32\drivers\mausbhost.sys [2019-12-07 537608]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\Windows\System32\drivers\mausbip.sys [2019-12-07 64016]
S3 MbbCx;MBB Network Adapter Class Extension; C:\Windows\system32\drivers\MbbCx.sys [2022-09-08 386048]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\Windows\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-12-07 65024]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\Windows\System32\drivers\mlx4_bus.sys [2019-12-07 1131320]
S3 MpKsl6220a9fa;MpKsl6220a9fa; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EC965156-261B-4824-A43A-68442F14ECC1}\MpKslDrv.sys [2023-08-02 221480]
S3 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\Windows\system32\drivers\mssecflt.sys [2023-07-18 406848]
S3 MsSecWfp;@%SystemRoot%\System32\Drivers\mssecwfp.sys,-1001; C:\Windows\system32\drivers\mssecwfp.sys [2023-07-18 66944]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\Windows\System32\drivers\ndfltr.sys [2019-12-07 146232]
S3 NDKPing;NDKPing Driver; C:\Windows\system32\drivers\NDKPing.sys [2019-12-07 72720]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\Windows\system32\drivers\NetAdapterCx.sys [2022-09-08 210944]
S3 PktMon;Packet Monitor Driver; C:\Windows\system32\drivers\PktMon.sys [2023-07-18 131392]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\Windows\System32\drivers\pnpmem.sys [2019-12-07 17408]
S3 portcfg;portcfg; C:\Windows\System32\drivers\portcfg.sys [2019-12-07 27136]
S3 ReFSv1;ReFSv1; C:\Windows\system32\drivers\ReFSv1.sys [2022-09-08 990536]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\Windows\System32\drivers\rhproxy.sys [2019-12-07 115712]
S3 SbieDrv;SbieDrv; \??\E:\Stahy\Sandboxie-Plus\SbieDrv.sys []
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\Windows\System32\drivers\SDFRd.sys [2019-12-07 35128]
S4 hvcrash;hvcrash; C:\Windows\System32\drivers\hvcrash.sys [2019-12-07 35128]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2015-12-16 255472]
R2 Backupper Service;AOMEI Backupper Scheduler Service; C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.3.0\ABService.exe [2023-07-20 1118704]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\Windows\system32\svchost.exe [2022-09-08 55320]
R2 CDPUserSvc_55607;Uživatelská služba platformy připojených zařízení_55607; C:\Windows\system32\svchost.exe [2022-09-08 55320]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\Windows\system32\svchost.exe [2022-09-08 55320]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\Windows\System32\svchost.exe [2022-09-08 55320]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\Windows\system32\svchost.exe [2022-09-08 55320]
R2 DisplayFusionService;DisplayFusionService; C:\Program Files\DisplayFusion\DisplayFusionService.exe [2023-04-12 333224]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\Windows\System32\svchost.exe [2022-09-08 55320]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\Windows\System32\svchost.exe [2022-09-08 55320]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [2017-02-15 98304]
R2 GlUsbFltService;GlUsbFltService; C:\Windows\system32\GlHubFltService.exe [2022-09-27 181072]
R2 OneSyncSvc_55607;Hostitel synchronizace_55607; C:\Windows\system32\svchost.exe [2022-09-08 55320]
R3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\Windows\system32\svchost.exe [2022-09-08 55320]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\Windows\system32\svchost.exe [2022-09-08 55320]
R3 cbdhsvc_55607;Uživatelská služba schránky_55607; C:\Windows\system32\svchost.exe [2022-09-08 55320]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [2017-02-15 3825664]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\Windows\System32\svchost.exe [2022-09-08 55320]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\Windows\System32\svchost.exe [2022-09-08 55320]
R3 PimIndexMaintenanceSvc_55607;Data kontaktů_55607; C:\Windows\system32\svchost.exe [2022-09-08 55320]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\Windows\System32\svchost.exe [2022-09-08 55320]
R3 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\Windows\system32\SecurityHealthService.exe [2023-04-25 987568]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S2 edgeupdate;Microsoft Edge Update Service (edgeupdate); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2021-08-06 214952]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2023-04-25 162072]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\Windows\System32\svchost.exe [2022-09-08 55320]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S2 SbieSvc;Sandboxie; E:\Stahy\Sandboxie-Plus\SbieSvc.exe []
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 AarSvc_55607;Agent Activation Runtime_55607; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 AssignedAccessManagerSvc;@%SystemRoot%\system32\assignedaccessmanagersvc.dll,-100; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 BcastDVRUserService_55607;Uživatelská služba pro GameDVR a vysílání her_55607; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 BluetoothUserService_55607;Služba pro podporu uživatelů Bluetooth_55607; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 BoxSyncUpdateService;Box Sync Update Service; C:\Program Files\Box\Box Sync\SyncUpdaterService.exe [2022-06-08 42912]
S3 BrYNSvc;BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [2022-01-26 321536]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 CaptureService_55607;CaptureService_55607; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\Windows\System32\svchost.exe [2022-09-08 55320]
S3 cloudidsvc;@%SystemRoot%\system32\cloudidsvc.dll,-100; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 ConsentUxUserSvc_55607;ConsentUX_55607; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\Windows\system32\CredentialEnrollmentManager.exe [2022-09-08 382696]
S3 CredentialEnrollmentManagerUserSvc_55607;CredentialEnrollmentManagerUserSvc_55607; C:\Windows\system32\CredentialEnrollmentManager.exe [2022-09-08 382696]
S3 dcsvc;@%systemroot%\system32\dcsvc,-100; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 DeviceAssociationBrokerSvc_55607;DeviceAssociationBroker_55607; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 DevicePickerUserSvc_55607;DevicePicker_55607; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 DevicesFlowUserSvc_55607;Tok zařízení_55607; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2022-09-08 94208]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\Windows\System32\svchost.exe [2022-09-08 55320]
S3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\Windows\System32\svchost.exe [2022-09-08 55320]
S3 edgeupdatem;Microsoft Edge Update Service (edgeupdatem); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2021-08-06 214952]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\Windows\System32\svchost.exe [2022-09-08 55320]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2023-04-25 654848]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2019-11-08 46184]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\Windows\System32\svchost.exe [2022-09-08 55320]
S3 GoogleChromeElevationService;Google Chrome Elevation Service (GoogleChromeElevationService); C:\Program Files\Google\Chrome\Application\115.0.5790.110\elevation_service.exe [2023-07-25 1745688]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\Windows\System32\svchost.exe [2022-09-08 55320]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2023-04-25 162072]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\Windows\System32\svchost.exe [2022-09-08 55320]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 McpManagementService;@%SystemRoot%\system32\McpManagementService.dll,-100; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 MessagingService_55607;Služba zasílání zpráv_55607; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 MicrosoftEdgeElevationService;Microsoft Edge Elevation Service (MicrosoftEdgeElevationService); C:\Program Files (x86)\Microsoft\Edge\Application\115.0.1901.188\elevation_service.exe [2023-07-27 1750464]
S3 MixedRealityOpenXRSvc;@%SystemRoot%\system32\MixedRealityRuntime.dll,-101; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2023-04-21 230304]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\Windows\System32\svchost.exe [2022-09-08 55320]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-07-31 202928]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe [2022-09-08 106496]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 PrintWorkflowUserSvc_55607;PrintWorkflow_55607; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\Windows\System32\svchost.exe [2022-09-08 55320]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\Windows\System32\svchost.exe [2022-09-08 55320]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S3 Sense;@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2023-07-18 402216]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\Windows\System32\SensorDataService.exe [2022-09-08 1265152]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\Windows\system32\svchost.exe [2022-09-08 55320]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\Windows\system32\AppVClient.exe [2023-07-18 777048]
S4 DialogBlockingService;@%SystemRoot%\system32\DialogBlockingService.dll,-100; C:\Windows\system32\svchost.exe [2022-09-08 55320]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosba o kontrolu
Zdarvím!
Dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 . RSIT už je dnes jen pozůstatek po 32bit systémech. Pro dnešní 64b systémy je nekompatibilní. Děkuji.
Dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 . RSIT už je dnes jen pozůstatek po 32bit systémech. Pro dnešní 64b systémy je nekompatibilní. Děkuji.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosba o kontrolu
Díky! FRST.txt = zde:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-08-2023
Ran by Pavel (administrator) on DESKTOP-C14OP5N (04-08-2023 10:24:20)
Running from Z:\Install-pokusy\Staré potřebné\FRST64.exe
Loaded Profiles: Pavel
Platform: Microsoft Windows 10 Pro Version 22H2 19045.3208 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files\Box\Box Sync\BoxSync.exe ->) (Box, Inc. -> ) C:\Program Files\Box\Box Sync\BoxSyncMonitor.exe
(C:\Utility\Volumouse\volumouse.exe ->) () [File not signed] C:\Utility\Volumouse\volumouse32.exe
(explorer.exe ->) () [File not signed] C:\Utility\caps-unlocker\CapsUnlocker.exe
(explorer.exe ->) (Box, Inc. -> Box, Inc.) C:\Program Files\Box\Box Sync\BoxSync.exe
(explorer.exe ->) (Ghisler Software GmbH -> Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <13>
(explorer.exe ->) (Mega Limited -> Mega Limited) C:\ProgramData\MEGAsync\MEGAsync.exe
(explorer.exe ->) (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Windows Sidebar\sidebar.exe
(explorer.exe ->) (NirSoft) [File not signed] C:\Utility\Volumouse\volumouse.exe
(explorer.exe ->) (Petr Laštovička) [File not signed] E:\Abacus\Aplikace\HotkeyP\HotkeyP.exe
(explorer.exe ->) (Steve Miller -> hxxp://SteveMiller.net/PureText/) Z:\Install\Puretext\PureText.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
(services.exe ->) (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd) C:\Program Files (x86)\2BrightSparks\SyncBackFree\SchedulesMonitor.exe
(services.exe ->) (AOMEI International Network Limited -> AOMEI International Network Limited) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.3.0\ABService.exe
(services.exe ->) (Binary Fortress Software Ltd -> Binary Fortress Software) C:\Program Files\DisplayFusion\DisplayFusionService.exe
(services.exe ->) (Firebird Project) [File not signed] C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe
(services.exe ->) (Firebird Project) [File not signed] C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe
(services.exe ->) (GENESYS LOGIC, INC. -> Genesys Logic, Inc.) C:\Windows\System32\GlHubFltService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\NisSrv.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2305.4.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files\KeePass Password Safe 2\KeePass.exe [3246992 2023-02-08] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM\...\Run: [BoxSync] => C:\Program Files\Box\Box Sync\BoxSync.exe [5932720 2022-06-08] (Box, Inc. -> Box, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [620152 2006-10-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [M17A] => C:\Windows\twain_32\Brimm17a\Common\TwDsUiLaunch.exe [86128 2020-03-27] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [145344 2019-07-26] (Brother Industries, Ltd. -> Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrotherSoftwareUpdateNotification] => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3591168 2022-10-09] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3146752 2022-02-07] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\RunOnce: [usbfltrb] => [X]
HKU\S-1-5-21-163863676-4130719698-668715832-1001\...\Run: [MicrosoftEdgeAutoLaunch_D188F7EFD71EAC8DC2AE49F95230A1B7] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4088256 2023-07-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-163863676-4130719698-668715832-1001\...\Run: [$Volumouse$] => C:\Utility\Volumouse\volumouse.exe [88576 2011-06-21] (NirSoft) [File not signed]
HKU\S-1-5-21-163863676-4130719698-668715832-1001\...\Run: [CapsUnlocker] => C:\Utility\caps-unlocker\CapsUnlocker.exe [253952 2013-08-17] () [File not signed]
HKU\S-1-5-21-163863676-4130719698-668715832-1001\...\Run: [HotkeyP] => E:\Abacus\Aplikace\HotkeyP\HotkeyP.exe [258048 2016-04-26] (Petr Laštovička) [File not signed]
HKU\S-1-5-21-163863676-4130719698-668715832-1001\...\Run: [PureText] => Z:\Install\Puretext\PureText.exe [117704 2018-03-01] (Steve Miller -> hxxp://SteveMiller.net/PureText/)
HKU\S-1-5-21-163863676-4130719698-668715832-1001\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\sidebar.exe [1475072 2013-10-02] (Microsoft Corporation) [File not signed] [File is in use]
HKU\S-1-5-21-163863676-4130719698-668715832-1001\...\Run: [ToolwizTimeFreeze] => C:\Program Files\Toolwiz Time Freeze 2017\ToolwizTimeFreeze.exe [1623896 2023-04-26] (Igloo systems Inc. -> Toolwiz)
HKU\S-1-5-21-163863676-4130719698-668715832-1001\...\MountPoints2: {0281a9ee-0b91-11ee-9503-00268317e4a5} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-163863676-4130719698-668715832-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [581120 2022-09-08] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\scrnsave.scr [39936 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\Adobe PDF Port: C:\Windows\SysWOW64\AdobePDF.dll [33368 2006-09-29] (Adobe Systems, Incorporated -> Adobe Systems Incorporated.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\115.0.5790.170\Installer\chrmstp.exe [2023-08-04] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk [2023-06-05]
ShortcutTarget: Adobe Acrobat Speed Launcher.lnk -> C:\Windows\Installer\{AC76BA86-1029-0000-7760-000000000003}\_SC_Acrobat.exe () [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Synchronizer.lnk [2023-06-05]
ShortcutTarget: Adobe Acrobat Synchronizer.lnk -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe (Adobe Systems, Incorporated -> )
Startup: C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2023-04-26]
ShortcutTarget: MEGAsync.lnk -> C:\ProgramData\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0B66A161-1A47-45CE-91A0-4738204F5121} - System32\Tasks\GoogleUpdateTaskMachineCore{499F99D5-B987-4596-95A3-6AEE8188564F} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-04-25] (Google LLC -> Google LLC)
Task: {C4446700-F145-4466-95D3-C1F4C88044C5} - System32\Tasks\GoogleUpdateTaskMachineUA{B06D96AC-614A-478A-9471-44B460E28F5A} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-04-25] (Google LLC -> Google LLC)
Task: {72AE4A4F-0D75-40C6-A987-5DED59970D70} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-163863676-4130719698-668715832-1001 => C:\ProgramData\MEGAsync\MEGAupdater.exe [2531504 2023-07-17] (Mega Limited -> )
Task: {E21A6904-A4A9-42E5-8F52-DC013F4272BA} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => %ProgramFiles%\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe (No File)
Task: {FF9684C1-DD0A-414E-9F69-8DFF5F615568} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {3D842389-D66B-405D-A9EF-D240CC3AA27D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {389A8980-4E69-426C-9F0C-BAF2B7212460} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MpCmdRun.exe [1649976 2023-07-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6E460ADE-DA0A-4FC5-A414-8FD993E412F6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MpCmdRun.exe [1649976 2023-07-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7CAAE835-66BD-47FE-A059-003715A32740} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MpCmdRun.exe [1649976 2023-07-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CC05CF7F-0CBC-4535-832D-C7BA24A5A64A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MpCmdRun.exe [1649976 2023-07-25] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{2f512f45-0f08-4127-805a-198885a21a59}: [DhcpNameServer] 10.0.0.138
Edge:
=======
Edge Profile: C:\Users\Pavel\AppData\Local\Microsoft\Edge\User Data\Default [2023-08-01]
Edge Extension: (Edge relevant text changes) - C:\Users\Pavel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-08-01]
FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default [2023-08-04]
CHR DownloadDir: E:\Stahy
CHR Notifications: Default -> hxxps://web.whatsapp.com; hxxps://www.facebook.com
CHR HomePage: Default -> hxxps://www.google.cz/
CHR NewTab: Default -> Active:"chrome-extension://mfgdmpfihlmdekaclngibpjhdebndhdj/newtab.html"
CHR Extension: (MEGA) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2023-07-31]
CHR Extension: (Dokumenty Google offline) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-07-20]
CHR Extension: (Převod řeči na text) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdcdafhjjjfnkoeilnjmnadadaoehgdc [2023-04-25]
CHR Extension: (Favorites - New Tab Page) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjkbcegjfanmgocnecnngfcmmojheiam [2023-04-25]
CHR Extension: (Bookmarks Commander) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\knfpajocfeohpaipkfpdbfhgibajfmcf [2023-04-25]
CHR Extension: (Humble New Tab Page) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfgdmpfihlmdekaclngibpjhdebndhdj [2023-07-17]
CHR Extension: (Sortmark) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmhnlemdhjjebiklhbjmpkiekgjjbnfc [2023-04-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-04-25]
CHR Extension: (Bitwarden – Bezplatný správce hesel) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nngceckbapebfimnlniiiahkandclblb [2023-07-26]
CHR Extension: (G-calize) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\piiljfhidimfponnkjlkecnpjhdijfde [2023-04-25]
CHR Extension: (fb-getridad) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pohajcgaoeefgbfinebfpecboikikegp [2023-08-03]
CHR Profile: C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\System Profile [2023-07-28]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Backupper Service; C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.3.0\ABService.exe [1118704 2023-07-20] (AOMEI International Network Limited -> AOMEI International Network Limited)
S3 BoxSyncUpdateService; C:\Program Files\Box\Box Sync\SyncUpdaterService.exe [42912 2022-06-08] (Box, Inc. -> Box, Inc.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [321536 2022-01-26] (Brother Industries, Ltd.) [File not signed]
R2 DisplayFusionService; C:\Program Files\DisplayFusion\DisplayFusionService.exe [333224 2023-04-12] (Binary Fortress Software Ltd -> Binary Fortress Software)
R2 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2017-02-15] (Firebird Project) [File not signed]
R3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [3825664 2017-02-15] (Firebird Project) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2023-04-25] (Macrovision Europe Ltd.) [File not signed]
R2 GlUsbFltService; C:\Windows\system32\GlHubFltService.exe [181072 2022-09-27] (GENESYS LOGIC, INC. -> Genesys Logic, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402216 2023-07-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SyncBackFreeSchedulesMonitor; C:\Program Files (x86)\2BrightSparks\SyncBackFree\SchedulesMonitor.exe [3389168 2023-07-21] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd)
R2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [12288 2022-11-10] () [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\NisSrv.exe [3244928 2023-07-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MsMpEng.exe [133576 2023-07-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [19456 2022-11-10] () [File not signed]
S2 SbieSvc; E:\Stahy\Sandboxie-Plus\SbieSvc.exe [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 ambakdrv; C:\Windows\System32\ambakdrv.sys [51120 2019-05-14] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [172928 2023-08-02] (AOMEI International Network Limited -> )
S3 ampa; C:\Windows\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [32176 2023-08-02] (AOMEI International Network Limited -> )
S3 AthDfu; C:\Windows\System32\Drivers\AthDfu.sys [55336 2012-08-22] (Atheros Communications Inc. -> Windows (R) Win 7 DDK provider)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 ddmdrv; C:\Windows\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 glusbflt; C:\Windows\system32\drivers\glusbflt.sys [57288 2022-09-27] (GENESYS LOGIC, INC. -> Genesys Logic)
R0 TWZDISK; C:\Windows\System32\Drivers\TWZDISK.sys [73360 2023-04-26] (XII CNC Inc. -> Toolwiz.com)
R1 TWZFILE; C:\Windows\System32\Drivers\TWZFILE.sys [43152 2023-04-26] (XII CNC Inc. -> Toolwiz.com)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49600 2023-07-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [498944 2023-07-25] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99608 2023-07-25] (Microsoft Windows -> Microsoft Corporation)
S3 SbieDrv; \??\E:\Stahy\Sandboxie-Plus\SbieDrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-08-04 10:22 - 2023-08-04 10:24 - 000000000 ____D C:\FRST
2023-08-02 19:21 - 2023-08-02 19:21 - 000000000 ____D C:\rsit
2023-08-02 19:21 - 2023-08-02 19:21 - 000000000 ____D C:\Program Files\trend micro
2023-08-02 19:14 - 2023-08-02 19:14 - 000172928 _____ C:\Windows\system32\ammntdrv.sys
2023-08-02 19:14 - 2023-08-02 19:14 - 000032176 _____ C:\Windows\system32\amwrtdrv.sys
2023-08-02 19:14 - 2023-08-02 19:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Backupper
2023-08-02 19:14 - 2023-08-02 19:14 - 000000000 ____D C:\Program Files (x86)\AOMEI
2023-08-02 19:14 - 2019-05-14 11:28 - 000051120 _____ C:\Windows\system32\ambakdrv.sys
2023-08-02 18:46 - 2023-08-02 18:46 - 000000000 ____D C:\Users\Pavel\AppData\Local\Mozilla
2023-08-02 15:23 - 2023-08-02 15:23 - 000010534 _____ C:\Users\Pavel\AppData\Local\recently-used.xbel
2023-07-23 15:12 - 2023-07-23 15:12 - 000000000 ____D C:\Users\Pavel\AppData\Local\OfficeBSCache-MyComputer
2023-07-23 14:58 - 2023-07-23 14:58 - 000000000 ____D C:\Windows\system32\appmgmt
2023-07-22 11:38 - 2023-07-26 13:07 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\znote
2023-07-22 11:38 - 2023-07-22 11:38 - 000002295 _____ C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\znote.lnk
2023-07-22 11:38 - 2023-07-22 11:38 - 000000000 ____D C:\Users\Pavel\AppData\Local\znote-updater
2023-07-22 08:49 - 2022-11-15 19:22 - 000001869 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Memuaro Ghost.lnk
2023-07-22 08:49 - 2022-11-15 19:12 - 000002210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEMUARO Focus.lnk
2023-07-20 21:51 - 2023-07-20 21:51 - 000001045 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BetterClearTypeTuner.lnk
2023-07-20 21:17 - 2023-07-20 21:18 - 000000000 ____D C:\Users\Public\Documents\AdobeGCInfo
2023-07-20 21:08 - 2023-07-20 21:08 - 000000000 ___RD C:\Users\Pavel\Creative Cloud Files
2023-07-20 21:04 - 2023-07-20 21:17 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\com.adobe.dunamis
2023-07-20 21:02 - 2023-07-20 21:17 - 000000000 ____D C:\Program Files\Common Files\Adobe
2023-07-20 20:49 - 2023-07-20 20:49 - 000000000 ____D C:\Users\Pavel\AppData\Local\CEF
2023-07-20 08:49 - 2023-07-28 16:29 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\smart-control
2023-07-20 08:49 - 2023-07-20 08:50 - 000000000 ____D C:\SmartControlBeta
2023-07-20 08:49 - 2023-07-20 08:49 - 000001710 _____ C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartControl.lnk
2023-07-20 08:49 - 2023-07-20 08:49 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_glusbflt_01011.Wdf
2023-07-20 08:49 - 2023-07-20 08:49 - 000000000 ____D C:\Users\Pavel\AppData\Local\smart-control-updater
2023-07-20 08:49 - 2022-09-27 09:15 - 000181072 _____ (Genesys Logic, Inc.) C:\Windows\system32\GlHubFltService.exe
2023-07-20 08:49 - 2022-09-27 09:15 - 000057288 _____ (Genesys Logic) C:\Windows\system32\Drivers\glusbflt.sys
2023-07-19 23:51 - 2023-07-19 23:51 - 000000000 ____D C:\Users\Pavel\Documents\Adobe
2023-07-19 20:41 - 2023-07-20 21:18 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2023-07-19 20:41 - 2023-07-19 20:41 - 000000000 ____D C:\Users\Pavel\AppData\Local\AMD
2023-07-19 20:32 - 2023-07-19 20:32 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\Macromedia
2023-07-17 21:26 - 2023-07-17 21:26 - 000000000 ___HD C:\$WinREAgent
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-08-04 10:18 - 2023-04-25 13:55 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-08-04 10:18 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-08-04 10:00 - 2023-04-25 17:06 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-08-04 10:00 - 2023-04-25 17:06 - 000000000 ____D C:\Program Files (x86)\Google
2023-08-04 10:00 - 2022-09-08 05:11 - 000000000 ____D C:\Windows\SystemTemp
2023-08-03 16:14 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-08-03 16:14 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2023-08-03 15:57 - 2023-04-25 14:05 - 001693656 _____ C:\Windows\system32\PerfStringBackup.INI
2023-08-03 15:57 - 2019-12-07 16:43 - 000716894 _____ C:\Windows\system32\perfh005.dat
2023-08-03 15:57 - 2019-12-07 16:43 - 000145072 _____ C:\Windows\system32\perfc005.dat
2023-08-03 15:57 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2023-08-03 15:53 - 2023-04-25 15:36 - 000000432 _____ C:\Windows\SysWOW64\winsevr.dat
2023-08-03 15:53 - 2023-04-25 15:36 - 000000208 _____ C:\Windows\SysWOW64\AbBakConfig.dat
2023-08-03 15:53 - 2023-04-25 13:55 - 000008192 ___SH C:\DumpStack.log.tmp
2023-08-03 15:53 - 2023-04-25 13:55 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-08-02 20:29 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2023-08-02 19:41 - 2023-04-25 14:05 - 000000000 ____D C:\Users\Pavel
2023-08-02 19:21 - 2023-04-25 15:35 - 000000000 ____D C:\ProgramData\AomeiBR
2023-08-02 19:15 - 2017-04-08 13:35 - 000001024 ____H C:\SYSTAG.BIN
2023-08-02 18:46 - 2023-04-25 20:33 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\Mozilla
2023-08-02 11:34 - 2023-04-25 17:06 - 000003844 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{B06D96AC-614A-478A-9471-44B460E28F5A}
2023-08-02 11:34 - 2023-04-25 17:06 - 000003720 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{499F99D5-B987-4596-95A3-6AEE8188564F}
2023-08-01 15:42 - 2023-04-25 22:10 - 000000000 ____D C:\Users\Pavel\AppData\Local\darktable
2023-08-01 15:41 - 2023-04-25 22:10 - 000000000 ____D C:\Users\Pavel\.dbus-keyrings
2023-07-30 11:01 - 2023-04-25 13:55 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-07-29 08:46 - 2023-04-26 14:08 - 000002383 _____ C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-07-29 08:46 - 2023-04-25 14:08 - 000003584 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-163863676-4130719698-668715832-1001
2023-07-29 08:46 - 2023-04-25 14:08 - 000003376 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-163863676-4130719698-668715832-1001
2023-07-28 20:48 - 2023-04-25 14:06 - 000000000 ____D C:\Users\Pavel\AppData\Local\Packages
2023-07-28 13:45 - 2023-04-25 20:31 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-07-28 12:22 - 2023-04-25 17:03 - 000000000 ____D C:\Users\Pavel\AppData\Local\KeePassXC
2023-07-27 15:21 - 2023-04-25 15:40 - 000918960 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2023-07-26 13:06 - 2023-04-25 21:39 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\ghostwriter
2023-07-25 20:53 - 2023-04-25 13:55 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-07-23 16:18 - 2017-04-08 17:10 - 000000000 ____D C:\Utility
2023-07-23 15:59 - 2023-04-25 14:35 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\Microsoft\Word
2023-07-23 15:46 - 2023-04-25 14:35 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\Microsoft\Office
2023-07-23 14:31 - 2023-05-11 15:12 - 000000000 ____D C:\Users\Pavel\AppData\Local\2BrightSparks
2023-07-23 14:31 - 2023-05-11 15:11 - 000001413 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SyncBackFree.lnk
2023-07-22 14:14 - 2023-04-26 10:52 - 000000000 ____D C:\Users\Pavel\AppData\Local\CrashDumps
2023-07-22 14:14 - 2023-04-26 10:50 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\youtube-music-desktop-app
2023-07-21 15:07 - 2023-04-26 00:47 - 000000000 ____D C:\Users\Pavel\AppData\Local\D3DSCache
2023-07-20 21:22 - 2023-04-25 18:36 - 000000000 ____D C:\Users\Pavel\AppData\Local\Adobe
2023-07-20 21:22 - 2023-04-25 14:06 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\Adobe
2023-07-20 21:21 - 2023-04-25 18:34 - 000000000 ____D C:\ProgramData\Adobe
2023-07-20 21:17 - 2023-04-25 18:28 - 000000000 ____D C:\Program Files (x86)\Adobe
2023-07-20 21:07 - 2023-04-25 14:06 - 000000000 ____D C:\ProgramData\Packages
2023-07-20 21:05 - 2023-04-25 14:05 - 000000000 ____D C:\ProgramData\Package Cache
2023-07-19 17:22 - 2023-04-25 16:33 - 000000000 ____D C:\Users\Pavel\AppData\Local\DisplayFusion
2023-07-18 09:08 - 2023-04-25 13:55 - 001245736 _____ C:\Windows\system32\FNTCACHE.DAT
2023-07-18 09:07 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-07-18 09:07 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-07-18 09:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2023-07-18 09:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2023-07-18 09:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup
2023-07-18 09:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2023-07-18 09:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2023-07-18 09:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2023-07-18 07:17 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2023-07-18 07:14 - 2023-04-25 13:57 - 003015168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-07-17 21:19 - 2023-04-25 15:39 - 000000000 ____D C:\Windows\system32\MRT
2023-07-17 21:14 - 2023-04-25 15:39 - 173351160 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-07-17 21:07 - 2023-04-26 00:25 - 000000000 ____D C:\ProgramData\MEGAsync
2023-07-17 21:05 - 2023-04-25 13:55 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-07-17 21:05 - 2023-04-25 13:55 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
==================== Files in the root of some directories ========
2023-07-20 21:13 - 2023-07-20 21:18 - 000000205 _____ () C:\Users\Pavel\AppData\Local\oobelibMkey.log
2023-08-02 15:23 - 2023-08-02 15:23 - 000010534 _____ () C:\Users\Pavel\AppData\Local\recently-used.xbel
2023-04-26 11:31 - 2023-04-26 11:31 - 000000017 _____ () C:\Users\Pavel\AppData\Local\resmon.resmoncfg
2023-04-26 00:12 - 2023-04-27 12:58 - 000000402 _____ () C:\Users\Pavel\AppData\Local\Tajpi.ini
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
ADDITION.txt = zde:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-08-2023
Ran by Pavel (04-08-2023 10:25:36)
Running from Z:\Install-pokusy\Staré potřebné
Microsoft Windows 10 Pro Version 22H2 19045.3208 (X64) (2023-04-25 11:59:31)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-163863676-4130719698-668715832-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-163863676-4130719698-668715832-503 - Limited - Disabled)
Guest (S-1-5-21-163863676-4130719698-668715832-501 - Limited - Disabled)
Pavel (S-1-5-21-163863676-4130719698-668715832-1001 - Administrator - Enabled) => C:\Users\Pavel
WDAGUtilityAccount (S-1-5-21-163863676-4130719698-668715832-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 22.01 (x64) (HKLM\...\7-Zip) (Version: 22.01 - Igor Pavlov)
Adobe Acrobat 8 Professional - Czech, Greek, Hungarian, Polish, Slovak (HKLM-x32\...\Adobe Acrobat 8 Professional - Czech, Greek, Hungarian, Polish, Slovak) (Version: 8.0.0 - Adobe Systems)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AOMEI Backupper (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1) (Version: 7.3.0 - AOMEI International Network Limited.)
AOMEI Partition Assistant 9.15.0 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: 9.15.0 - AOMEI International Network Limited.)
AppLogLibSetup (HKLM-x32\...\{52FB0C8F-DF05-4C61-AEB6-18C55F8C385F}) (Version: 1.0.3.0 - Brother Industries Ltd.) Hidden
Audacity 3.3.0 (HKLM\...\Audacity_is1) (Version: 3.3.0 - Audacity Team)
Blobby Volley 2 Version 1.0 (HKLM-x32\...\Blobby Volley 2 Version 1.0_is1) (Version: - )
Box Sync (HKLM\...\{1ACA9B29-60C8-4C5D-8E83-CE8C9BF133B0}) (Version: 4.0.8088.0 - Box, Inc.)
BrLauncher (HKLM-x32\...\{42D26B47-887C-45FC-BCAE-0BE485C5C0BB}) (Version: 2.0.11.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{3DEA56AB-0899-41DF-8C4F-0A608FD36904}) (Version: 10.5.0.74 - Brother Industries, Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{d0c84829-3b3f-46d1-b292-e3fb77d972c2}) (Version: 10.5.0.74 - Brother Industries, Ltd.)
Brother Printer Driver (HKLM-x32\...\{EAD4E66C-102F-4ED0-85B5-A1C9037A6E8B}) (Version: 1.7.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{CE1E9BB4-0414-4541-A4A9-1578D8E53F21}) (Version: 1.0.24.1 - Brother Industries Ltd.) Hidden
BrSupportTools (HKLM-x32\...\{32F47565-84B1-42CC-B09A-4CDDD9A32F94}) (Version: 1.0.20.0 - Brother Industries Ltd.) Hidden
C:\Program Files\Adobe\Adobe Lightroom\LRcestina_uninstall.exe (HKLM-x32\...\CZ Lokalizace pro Lightroom CC 2015.3 a 6.3_is1) (Version: 1.1 - )
Catalyst Control Center - Branding (HKLM-x32\...\{11087D24-567D-7D88-69C6-D7A08B5F4C47}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
ControlCenter4 (HKLM-x32\...\{9091B952-8719-49C3-9CC7-6E20EC61081F}) (Version: 4.6.6.1 - Brother Industries, Ltd.) Hidden
ControlCenter4 CSDK (HKLM-x32\...\{FD8A9511-BFC9-43B5-BB75-9CEC0EA03CF0}) (Version: 4.6.1.1 - Brother Industries, Ltd.) Hidden
darktable (HKLM\...\darktable) (Version: 4.2.1 - the darktable project)
DisplayFusion (HKLM\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 10.0.0.0 - Binary Fortress Software)
EveryonePiano 2.3 (HKLM-x32\...\EveryonePiano_is1) (Version: 2.3.4.14 - EveryonePiano.com)
FastStone Image Viewer 7.7 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.7 - FastStone Corporation)
Firebird 2.5.7.27050 (Win32) (HKLM-x32\...\FBDBServer_2_5_is1) (Version: 2.5.7.27050 - Firebird Project)
FreeOCR v5.4 (HKLM-x32\...\freeocr_is1) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 115.0.5790.170 - Google LLC)
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
HttpToUsbBridge (HKLM-x32\...\{E2D35939-25BF-4EC8-BF6D-F9C0AF8ECC11}) (Version: 2.0.30.1 - Brother Industries Ltd.)
IcoFX 1.6.4 (HKLM-x32\...\IcoFX_is1) (Version: - )
Icon Creator (HKLM-x32\...\{EF4376E4-14B7-46DC-A143-4B8E7676C4AC}) (Version: 1.0.0 - CodeWonders)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0.1 - AppWork GmbH)
KeePass Password Safe 2.53.1 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.53.1 - Dominik Reichl)
KeePassXC (HKLM\...\{A8DB462B-03B6-452B-955C-E81EA877A737}) (Version: 2.7.5 - KeePassXC Team)
Lingea Lexicon 2002 (HKLM-x32\...\Lexicon 4.0) (Version: - )
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Host - 7.0.5 (x64) (HKLM\...\{CE8DF750-A582-4D59-A610-478A752481B1}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 7.0.5 (x64) (HKLM\...\{B6F2958F-0F6F-4CCD-867F-80EC5C333B79}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 7.0.5 (x64) (HKLM\...\{793FCD19-00AC-4804-B569-782DF3B24A39}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 115.0.1901.188 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 115.0.1901.188 - Microsoft Corporation)
Microsoft Excel MUI (Czech) 2016 (HKLM-x32\...\{90160000-0016-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Groove MUI (Czech) 2016 (HKLM-x32\...\{90160000-00BA-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office 64-bit Components 2016 (HKLM\...\{90160000-002A-0000-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2016 – Deutsch (HKLM-x32\...\{90160000-001F-0407-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Czech) 2016 (HKLM-x32\...\{90160000-00E1-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Czech) 2016 (HKLM-x32\...\{90160000-00E2-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2016 (HKLM-x32\...\{90160000-002C-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2016 - English (HKLM-x32\...\{90160000-001F-0409-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2016 (HKLM\...\{90160000-002A-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2016 (HKLM-x32\...\{90160000-006E-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Standard 2016 (HKLM-x32\...\{90160000-0012-0000-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Standard 2016 (HKLM-x32\...\Office16.STANDARD) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-163863676-4130719698-668715832-1001\...\OneDriveSetup.exe) (Version: 23.142.0709.0001 - Microsoft Corporation)
Microsoft OneNote MUI (Czech) 2016 (HKLM-x32\...\{90160000-00A1-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Czech) 2016 (HKLM-x32\...\{90160000-001A-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Czech) 2016 (HKLM-x32\...\{90160000-0018-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Czech) 2016 (HKLM-x32\...\{90160000-0019-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31938 (HKLM-x32\...\{d92971ab-f030-43c8-8545-c66c818d0e05}) (Version: 14.34.31938.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31326 (HKLM-x32\...\{817e21c1-6b3a-4bc1-8c49-67e4e1887b3a}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31938 (HKLM\...\{7DA37AE3-D8AE-49B1-9BDC-23CA0AB9FF22}) (Version: 14.34.31938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31938 (HKLM\...\{0AE39060-F209-4D05-ABC7-54B8F9CFA32E}) (Version: 14.34.31938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31326 (HKLM-x32\...\{A250E750-DB3F-40C1-8460-8EF77C7582DA}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31326 (HKLM-x32\...\{46E11E7F-01E1-44D0-BB86-C67342D253DD}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.5 (x64) (HKLM\...\{109506AF-BF9E-43E1-87F3-3141B9C3F6BA}) (Version: 56.23.58485 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.5 (x64) (HKLM-x32\...\{c7984cd8-d837-4988-a30d-8da7822bc716}) (Version: 7.0.5.32327 - Microsoft Corporation)
Microsoft Word MUI (Czech) 2016 (HKLM-x32\...\{90160000-001B-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 102.10.1 - Mozilla)
Mozilla Thunderbird (x64 cs) (HKLM\...\Mozilla Thunderbird 102.10.1 (x64 cs)) (Version: 102.10.1 - Mozilla)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
MuseScore 3 (HKLM\...\{FF67E071-104C-4C42-9301-184442745671}) (Version: 3.6.2.548021803 - Werner Schweer and Others)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM-x32\...\{90160000-001F-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM-x32\...\{90160000-001F-041B-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
NetworkRepairTool (HKLM-x32\...\{86E68F57-FAFE-4052-BDD4-3B90C38236AE}) (Version: 1.2.16.0 - Brother Industries, Ltd.) Hidden
nexusfont (ver 2.7.1.1945) (HKLM\...\{EFEDD205-43FE-4208-B682-0937E803E19E}}_is1) (Version: - xiles)
PC Translator (HKLM-x32\...\PC Translator) (Version: - )
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 230707 - Kakao Corp.)
ScannerUtilityInstaller (HKLM-x32\...\{D65C0754-7790-427F-AD73-D7C644260F57}) (Version: 1.19.9.1 - Brother) Hidden
SmartControl (HKU\S-1-5-21-163863676-4130719698-668715832-1001\...\eaf31a0e-c98a-5e6e-9883-2a487a3337a1) (Version: 6.12.0 - Philips)
SoftwareUpdateNotification (HKLM-x32\...\{3D1AD910-B82B-4635-B1C3-0CEF9F6F3D34}) (Version: 1.0.21.0 - Brother Industries, Ltd.) Hidden
StatusMonitor (HKLM-x32\...\{D9584EB4-1D28-4BD1-8F81-6E097C0827EE}) (Version: 1.33.1.0 - Brother Industries, Ltd.) Hidden
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.4.6 - Krzysztof Kowalczyk)
SyncBackFree (HKLM-x32\...\SyncBackFree_is1) (Version: 11.0.0.25 - 2BrightSparks)
Tajpi 2.97 (HKLM-x32\...\Tajpi_is1) (Version: - )
Toolwiz Time Freeze 2017 (HKLM-x32\...\{3A74D01E-3AEF-4DF4-8404-0056150C97A3}) (Version: 4.3.1.5000 - Toolwiz)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 10.52 - Ghisler Software GmbH)
UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
Windows Desktop Gadgets (HKLM\...\Windows Desktop Gadgets_is1) (Version: 2.0 - hxxp://gadgetsrevived.com)
YouTube Music Desktop App 1.13.0 (HKU\S-1-5-21-163863676-4130719698-668715832-1001\...\afca255d-79c9-539f-84c6-b3a7619889d5) (Version: 1.13.0 - Adler Luiz)
znote 2.3.6 (HKU\S-1-5-21-163863676-4130719698-668715832-1001\...\d78f7af5-e430-5336-833a-b60cdee6f0ec) (Version: 2.3.6 - alagrede)
Packages:
=========
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_53.10510.531.0_x64__8wekyb3d8bbwe [2023-06-07] (Microsoft Corporation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-04-28] (Microsoft Studios) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-163863676-4130719698-668715832-1001_Classes\CLSID\{03A24E19-0115-44E0-9328-7D31B66D5091} -> [Abacus] => E:\Abacus [2017-04-08 14:56]
CustomCLSID: HKU\S-1-5-21-163863676-4130719698-668715832-1001_Classes\CLSID\{0772B43E-4BE9-44D9-B1A4-420C77066988} -> [2_užitné] => D:\FOTO\Foto_akt\2_užitné [2023-05-11 20:09]
CustomCLSID: HKU\S-1-5-21-163863676-4130719698-668715832-1001_Classes\CLSID\{23E05DC6-FF37-4149-AF9A-929040CE1C70} -> [Manuály] => D:\Manuály [2023-05-11 20:00]
CustomCLSID: HKU\S-1-5-21-163863676-4130719698-668715832-1001_Classes\CLSID\{241F45F9-D8B4-4D88-924D-470FA5390C9E} -> [Moje ikony] => C:\Moje ikony [2017-04-08 18:12]
CustomCLSID: HKU\S-1-5-21-163863676-4130719698-668715832-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> "C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-163863676-4130719698-668715832-1001_Classes\CLSID\{35DF7A83-53A9-4883-85DC-7C2F65EB9893} -> [Stahy] => E:\Stahy [2017-04-08 17:46]
CustomCLSID: HKU\S-1-5-21-163863676-4130719698-668715832-1001_Classes\CLSID\{4A8FCD9F-623C-4283-96F0-10F41846A98A} -> [Box Sync] => E:\Box Sync\Box Sync [2023-04-29 20:41]
CustomCLSID: HKU\S-1-5-21-163863676-4130719698-668715832-1001_Classes\CLSID\{5D30C181-F180-451C-A9CB-0894D39BD2A7} -> [_Audio] => D:\_Audio [2023-05-11 18:24]
CustomCLSID: HKU\S-1-5-21-163863676-4130719698-668715832-1001_Classes\CLSID\{9CEE0A41-D539-4E85-911B-6DE14C119754} -> [RawTherapeePortable] => C:\Utility\RawTherapeePortable [2023-05-05 06:52]
CustomCLSID: HKU\S-1-5-21-163863676-4130719698-668715832-1001_Classes\CLSID\{DBE430EC-3941-4889-A2DD-68A22D10C4C0} -> [NORD] => D:\NORD [2023-05-11 20:02]
CustomCLSID: HKU\S-1-5-21-163863676-4130719698-668715832-1001_Classes\CLSID\{E229AFF1-8A50-4F94-A0B4-6B85794008AE} -> [Mega] => E:\Mega [2017-04-08 17:44]
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2023-07-17] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2023-07-17] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2023-07-17] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ BoxSyncFileLocked] -> {06395f73-8d75-3c47-ac2f-93524a83ce03} => C:\Program Files\Box\Box Sync\IconOverlayClient.DLL [2022-06-08] (Box, Inc. -> Box, Inc.)
ShellIconOverlayIdentifiers: [ BoxSyncFileLockedByOther] -> {072d2f45-ddf0-35bd-a911-38b853695def} => C:\Program Files\Box\Box Sync\IconOverlayClient.DLL [2022-06-08] (Box, Inc. -> Box, Inc.)
ShellIconOverlayIdentifiers: [ BoxSyncNotSynced] -> {88092007-0d01-3d32-a4b4-56f7e19a1c49} => C:\Program Files\Box\Box Sync\IconOverlayClient.DLL [2022-06-08] (Box, Inc. -> Box, Inc.)
ShellIconOverlayIdentifiers: [ BoxSyncProblem] -> {507a0531-fd10-3efc-8eb8-64e35606e542} => C:\Program Files\Box\Box Sync\IconOverlayClient.DLL [2022-06-08] (Box, Inc. -> Box, Inc.)
ShellIconOverlayIdentifiers: [ BoxSyncSynced] -> {b9b9e487-7684-373f-a7a2-6b04c8d772a8} => C:\Program Files\Box\Box Sync\IconOverlayClient.DLL [2022-06-08] (Box, Inc. -> Box, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers1-x32: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat Elements\ContextMenu.dll [2006-10-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [BoxContextMenuClient] -> {53792c99-3144-3699-8968-fa4278ad3c1e} => C:\Program Files\Box\Box Sync\ContextMenuClient.DLL [2022-06-08] (Box, Inc. -> Box, Inc.)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2023-07-17] (Mega Limited -> )
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2023-07-17] (Mega Limited -> )
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2023-07-17] (Mega Limited -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [BoxContextMenuClient] -> {53792c99-3144-3699-8968-fa4278ad3c1e} => C:\Program Files\Box\Box Sync\ContextMenuClient.DLL [2022-06-08] (Box, Inc. -> Box, Inc.)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2023-07-17] (Mega Limited -> )
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers6-x32: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat Elements\ContextMenu.dll [2006-10-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KartKazDOS.lnk -> C:\Program Files (x86)\DOSBox-0.74-2\DOSBox.exe (DOSBox Team) -> "e:\Abacus\Aplikace\KARTKAZ_DOS\KARTKAZ.BAT"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KartPohrDOS.lnk -> C:\Program Files (x86)\DOSBox-0.74-2\DOSBox.exe (DOSBox Team) -> "e:\Abacus\Aplikace\KARTKAZ_DOS\KARTPOHR.BAT"
==================== Loaded Modules (Whitelisted) =============
2017-04-08 17:10 - 2012-02-24 10:20 - 000053248 _____ () [File not signed] C:\Utility\caps-unlocker\CapsUnlocker.dll
2023-04-25 19:49 - 2005-04-22 13:36 - 000143360 _____ () [File not signed] C:\Windows\system32\BrSNMP64.dll
2015-11-04 16:40 - 2015-11-04 16:40 - 000005120 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamcsy.dll
2023-08-02 19:14 - 2015-05-21 14:32 - 000068784 _____ (Aomei Technology Co., Limited -> Microsoft Corporation) [File not signed] C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.3.0\vcomp.dll
2023-04-25 19:49 - 2016-11-01 11:27 - 000090112 _____ (Brother Industries, Ltd.) [File not signed] C:\Windows\system32\BrNetSti.dll
2023-04-25 19:59 - 2017-02-15 08:57 - 000548864 _____ (Firebird Project) [File not signed] C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbclient.dll
2023-04-25 19:59 - 2017-02-15 08:52 - 001568768 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\Firebird\Firebird_2_5\bin\icudt30.dll
2023-04-25 19:59 - 2017-02-15 08:51 - 000675840 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\Firebird\Firebird_2_5\bin\icuuc30.dll
2023-04-26 11:06 - 2012-07-26 08:49 - 000087552 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Windows Sidebar\sbdrop.dll
2020-09-03 10:08 - 2011-06-21 23:21 - 000012800 _____ (NirSoft) [File not signed] C:\Utility\Volumouse\vlmshlp.dll
2020-09-03 10:08 - 2011-06-21 23:21 - 000012288 _____ (NirSoft) [File not signed] C:\Utility\Volumouse\vlmshlp32.dll
2022-06-08 03:37 - 2022-06-08 03:37 - 003431936 _____ (Python Software Foundation) [File not signed] C:\Program Files\Box\Box Sync\python27.dll
2023-04-25 16:57 - 2023-04-11 15:39 - 000437248 _____ (Sentry.io) [File not signed] [File is in use] C:\Program Files\DisplayFusion\Sentry.dll
2023-07-18 07:25 - 2023-07-18 07:25 - 000922112 _____ (The Apache Software Foundation) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\log4net\925fc533b1234bbe8fe0ac4cc16ad76e\log4net.ni.dll
2022-06-08 03:37 - 2022-06-08 03:37 - 003088384 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\Box\Box Sync\libcrypto-1_1.dll
2022-06-08 03:37 - 2022-06-08 03:37 - 000660992 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\Box\Box Sync\libssl-1_1.dll
2022-06-23 02:43 - 2022-06-23 02:43 - 005979824 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\ProgramData\MEGAsync\Qt5Core.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Podpora odkazu pro Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-163863676-4130719698-668715832-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "Adobe Acrobat Speed Launcher.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Adobe Acrobat Synchronizer.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "KeePass 2 PreLoad"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "BrotherSoftwareUpdateNotification"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "M17A"
HKU\S-1-5-21-163863676-4130719698-668715832-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_D188F7EFD71EAC8DC2AE49F95230A1B7"
HKU\S-1-5-21-163863676-4130719698-668715832-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-163863676-4130719698-668715832-1001\...\StartupApproved\Run: => "ToolwizTimeFreeze"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{B7FAE743-871E-4B41-9AAF-FFBE81C418DB}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.1\ABService.exe => No File
FirewallRules: [{A774F325-F932-4C7D-A165-F8DEFEAC67B6}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.1\ABService.exe => No File
FirewallRules: [{3D897735-7255-4DE9-B858-B4026F0CF37A}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.2.1\ABService.exe => No File
FirewallRules: [{C3825D6A-8526-43CD-ABF6-E3E39BCDFED6}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.2.1\ABService.exe => No File
FirewallRules: [{6FF89D33-8493-4058-B124-2BD3493E43CD}] => (Allow) LPort=54925
FirewallRules: [{F0FAB3F5-70D2-48DB-80BB-E91585E90A04}] => (Allow) LPort=54950
FirewallRules: [{C1FCACFE-5C69-4B60-B611-89E5A6580FC9}] => (Allow) LPort=54955
FirewallRules: [{CA8002DE-597D-407C-9776-3AF043C3E607}] => (Allow) C:\Program Files (x86)\Browny02\Brother\BrPrintFinishNotice\BrPrintFinishNotice.exe (Brother Industries, Ltd. -> )
FirewallRules: [{B36BE835-134D-4B25-9CBF-28520FC04133}] => (Allow) C:\Program Files (x86)\Browny02\Brother\BrPrintFinishNotice\BrPrintFinishNotice.exe (Brother Industries, Ltd. -> )
FirewallRules: [{BF322442-9B1E-48EE-BE76-E03980851880}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.2.2\ABService.exe => No File
FirewallRules: [{4EE3FE40-AF32-45D5-98C5-16759B8EE39E}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.2.2\ABService.exe => No File
FirewallRules: [{529B7A04-0568-45BD-9B49-9D066D3546A3}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.2.3\ABService.exe => No File
FirewallRules: [{00497CA3-7328-4AA6-A164-F8BCE525470B}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.2.3\ABService.exe => No File
FirewallRules: [TCP Query User{D966CACD-75F1-4703-B733-EA5F9E22784E}C:\smartcontrolbeta\smartcontrol.exe] => (Allow) C:\smartcontrolbeta\smartcontrol.exe (TOP VICTORY ELECTRONICS (TAIWAN) CO., LTD. -> Philips)
FirewallRules: [UDP Query User{74294FE1-5960-4C3F-9F6A-87F165D47B66}C:\smartcontrolbeta\smartcontrol.exe] => (Allow) C:\smartcontrolbeta\smartcontrol.exe (TOP VICTORY ELECTRONICS (TAIWAN) CO., LTD. -> Philips)
FirewallRules: [TCP Query User{9EF749AD-4EFD-4D91-B6CB-EE433EDAB7BB}C:\smartcontrolbeta\resources\bin\smartcontrol.exe] => (Allow) C:\smartcontrolbeta\resources\bin\smartcontrol.exe (TOP VICTORY ELECTRONICS (TAIWAN) CO., LTD. -> SmartControl)
FirewallRules: [UDP Query User{3576EFF2-1D5A-43DB-AEAF-A9D792E32C4B}C:\smartcontrolbeta\resources\bin\smartcontrol.exe] => (Allow) C:\smartcontrolbeta\resources\bin\smartcontrol.exe (TOP VICTORY ELECTRONICS (TAIWAN) CO., LTD. -> SmartControl)
FirewallRules: [{F8771712-F442-4B54-B8F3-BC6F1577A2E0}] => (Block) C:\smartcontrolbeta\resources\bin\smartcontrol.exe (TOP VICTORY ELECTRONICS (TAIWAN) CO., LTD. -> SmartControl)
FirewallRules: [{CA588F1F-F70E-4AAE-B6E5-85BF8A0D86A0}] => (Block) C:\smartcontrolbeta\resources\bin\smartcontrol.exe (TOP VICTORY ELECTRONICS (TAIWAN) CO., LTD. -> SmartControl)
FirewallRules: [TCP Query User{5F982D04-E641-4BB3-BEF3-322572177EB2}C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe] => (Allow) C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe => No File
FirewallRules: [UDP Query User{2B3EB3E5-EC83-4E29-A085-1A064CE14323}C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe] => (Allow) C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe => No File
FirewallRules: [{FEFC1C74-9AFB-41BF-BF3D-599ECC56A1B1}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.2.3\ABService.exe => No File
FirewallRules: [{987CF1E5-FB7E-435D-AADE-811CC2243DDB}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.2.3\ABService.exe => No File
FirewallRules: [TCP Query User{32788506-80E6-47EF-8630-B3A2EF38DCBE}C:\smartcontrolbeta\smartcontrol.exe] => (Allow) C:\smartcontrolbeta\smartcontrol.exe (TOP VICTORY ELECTRONICS (TAIWAN) CO., LTD. -> Philips)
FirewallRules: [UDP Query User{3C32EEB1-60EC-4D21-A6E8-0904EE71E29D}C:\smartcontrolbeta\smartcontrol.exe] => (Allow) C:\smartcontrolbeta\smartcontrol.exe (TOP VICTORY ELECTRONICS (TAIWAN) CO., LTD. -> Philips)
FirewallRules: [{32F618C8-3B9F-448D-BF84-A43800850527}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\115.0.1901.188\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1183E78D-320A-47E2-8328-D19EEA07995A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.100.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B257794B-0D6B-43B7-8DD3-60983513FC43}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.100.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3CF96B61-8273-4E80-BEF7-F46649FB51F9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.100.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{19013423-861B-48DC-9CC0-C3FC849AC7FF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.100.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4686213E-1AFA-499F-8534-960146B059B8}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.3.0\ABService.exe (AOMEI International Network Limited -> AOMEI International Network Limited)
FirewallRules: [{E3FFAD60-7F8D-429B-807A-E52C0B746476}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.3.0\ABService.exe (AOMEI International Network Limited -> AOMEI International Network Limited)
FirewallRules: [{E92EF9C0-7D05-48AC-8CCD-3110784E8E64}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
Name: Řadič jednoduché komunikace pro sběrnici PCI
Description: Řadič jednoduché komunikace pro sběrnici PCI
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Intel(R) 82579LM Gigabit Network Connection
Description: Intel(R) 82579LM Gigabit Network Connection
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: e1i65x64
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (08/03/2023 04:15:32 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Windows\system32\srtasks.exe ExecuteScheduledSPPCreation; Popis = Naplánovaný kontrolní bod; Chyba = 0x80070422).
Error: (08/03/2023 03:53:24 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Wait Workflow Commands request from device.
Error: (08/03/2023 03:53:24 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Broadcast Receiver Server...
Error: (08/03/2023 03:53:24 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...
Error: (08/03/2023 03:53:24 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...
Error: (08/03/2023 03:53:24 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[3]: 10.0.0.123
Error: (08/03/2023 03:53:24 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[2]: 2a00
8398:4722:5bad:4661:b531:fde9
Error: (08/03/2023 03:53:24 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[1]: 2a008398:4722:a16b:e6:6c17:bb4f
System errors:
=============
Error: (08/03/2023 03:53:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SbieSvc neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (08/02/2023 08:22:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SbieSvc neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (08/02/2023 07:11:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SbieSvc neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (08/02/2023 07:11:55 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (15:19:05, 02.08.2023) bylo neočekávané.
Error: (08/02/2023 12:49:27 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-C14OP5N)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (08/01/2023 03:24:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SbieSvc neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (08/01/2023 11:04:03 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Publikování prostředků rozpoznávání funkcí byla ukončena s následující chybou:
%%2147952449 = Požadovaná adresa není v tomto kontextu platná.
Error: (08/01/2023 11:03:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SbieSvc neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Windows Defender:
================
Date: 2023-08-04 10:09:51
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {7AAD38ED-F714-49B3-AAD2-BEF08F08ACC0}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-07-25 21:03:14
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {95BC8C31-7E7B-421F-B9A0-C9455D4FDFB4}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-07-19 21:40:04
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Sonbokli.A!cl
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: containerfile:_E:\Stahy\Adobe Photoshop Lightroom Classic 2022.rar; file:_E:\Stahy\Adobe Photoshop Lightroom Classic 2022.rar->Adobe Photoshop Lightroom Classic 2022.ISO; webfile:_E:\Stahy\Adobe Photoshop Lightroom Classic 2022.rar|https://content-cache38.greencdn.eu/Ps; ... 1868450982
Původ detekce: Internet
Typ detekce: FastPath
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: DESKTOP-C14OP5N\Pavel
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.393.805.0, AS: 1.393.805.0, NIS: 1.393.805.0
Verze modulu: AM: 1.1.23060.1005, NIS: 1.1.23060.1005
Date: 2023-07-19 11:58:11
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {AC46F2AC-5B8E-48CD-BD64-CC8F5F756D8E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-06-19 13:20:08
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {3062A137-5D03-4BCF-BFC8-2E55269B5FD6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:
Date: 2023-05-13 13:09:41
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.
Date: 2023-05-11 15:48:43
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.
Date: 2023-05-02 15:49:04
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.
CodeIntegrity:
===============
Date: 2023-08-03 16:14:02
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-07-23 12:20:19
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 1502 03/02/2011
Motherboard: ASUSTeK Computer INC. P8P67 DELUXE
Processor: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz
Percentage of memory in use: 50%
Total physical RAM: 8168.86 MB
Available physical RAM: 4038.06 MB
Total Virtual: 9448.86 MB
Available Virtual: 5343.87 MB
==================== Drives ================================
Drive c: (SYSTEM) (Fixed) (Total:238.37 GB) (Free:183.76 GB) (Model: Samsung SSD 850 PRO 256GB) NTFS
Drive d: (LETISTE) (Fixed) (Total:1500 GB) (Free:562.82 GB) (Model: WDC WD20EARS-00MVWB0) NTFS
Drive e: (DATA) (Fixed) (Total:363.01 GB) (Free:344.82 GB) (Model: WDC WD20EARS-00MVWB0) NTFS
Drive z: (ZALOHA) (Fixed) (Total:2794.39 GB) (Free:872.02 GB) (Model: WDC WD30EZRX-00DC0B0) NTFS
\\?\Volume{9021aa33-0000-0000-0000-100000000000}\ (Rezervován) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 2794.5 GB) (Disk ID: AF866480)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: A66780F1)
Partition 1: (Not Active) - (Size=1500 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=363 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: 9021AA33)
Partition 1: (Active) - (Size=99 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238.4 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-08-2023
Ran by Pavel (administrator) on DESKTOP-C14OP5N (04-08-2023 10:24:20)
Running from Z:\Install-pokusy\Staré potřebné\FRST64.exe
Loaded Profiles: Pavel
Platform: Microsoft Windows 10 Pro Version 22H2 19045.3208 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files\Box\Box Sync\BoxSync.exe ->) (Box, Inc. -> ) C:\Program Files\Box\Box Sync\BoxSyncMonitor.exe
(C:\Utility\Volumouse\volumouse.exe ->) () [File not signed] C:\Utility\Volumouse\volumouse32.exe
(explorer.exe ->) () [File not signed] C:\Utility\caps-unlocker\CapsUnlocker.exe
(explorer.exe ->) (Box, Inc. -> Box, Inc.) C:\Program Files\Box\Box Sync\BoxSync.exe
(explorer.exe ->) (Ghisler Software GmbH -> Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <13>
(explorer.exe ->) (Mega Limited -> Mega Limited) C:\ProgramData\MEGAsync\MEGAsync.exe
(explorer.exe ->) (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Windows Sidebar\sidebar.exe
(explorer.exe ->) (NirSoft) [File not signed] C:\Utility\Volumouse\volumouse.exe
(explorer.exe ->) (Petr Laštovička) [File not signed] E:\Abacus\Aplikace\HotkeyP\HotkeyP.exe
(explorer.exe ->) (Steve Miller -> hxxp://SteveMiller.net/PureText/) Z:\Install\Puretext\PureText.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
(services.exe ->) (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd) C:\Program Files (x86)\2BrightSparks\SyncBackFree\SchedulesMonitor.exe
(services.exe ->) (AOMEI International Network Limited -> AOMEI International Network Limited) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.3.0\ABService.exe
(services.exe ->) (Binary Fortress Software Ltd -> Binary Fortress Software) C:\Program Files\DisplayFusion\DisplayFusionService.exe
(services.exe ->) (Firebird Project) [File not signed] C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe
(services.exe ->) (Firebird Project) [File not signed] C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe
(services.exe ->) (GENESYS LOGIC, INC. -> Genesys Logic, Inc.) C:\Windows\System32\GlHubFltService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\NisSrv.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2305.4.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files\KeePass Password Safe 2\KeePass.exe [3246992 2023-02-08] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM\...\Run: [BoxSync] => C:\Program Files\Box\Box Sync\BoxSync.exe [5932720 2022-06-08] (Box, Inc. -> Box, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [620152 2006-10-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [M17A] => C:\Windows\twain_32\Brimm17a\Common\TwDsUiLaunch.exe [86128 2020-03-27] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [145344 2019-07-26] (Brother Industries, Ltd. -> Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrotherSoftwareUpdateNotification] => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3591168 2022-10-09] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3146752 2022-02-07] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\RunOnce: [usbfltrb] => [X]
HKU\S-1-5-21-163863676-4130719698-668715832-1001\...\Run: [MicrosoftEdgeAutoLaunch_D188F7EFD71EAC8DC2AE49F95230A1B7] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4088256 2023-07-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-163863676-4130719698-668715832-1001\...\Run: [$Volumouse$] => C:\Utility\Volumouse\volumouse.exe [88576 2011-06-21] (NirSoft) [File not signed]
HKU\S-1-5-21-163863676-4130719698-668715832-1001\...\Run: [CapsUnlocker] => C:\Utility\caps-unlocker\CapsUnlocker.exe [253952 2013-08-17] () [File not signed]
HKU\S-1-5-21-163863676-4130719698-668715832-1001\...\Run: [HotkeyP] => E:\Abacus\Aplikace\HotkeyP\HotkeyP.exe [258048 2016-04-26] (Petr Laštovička) [File not signed]
HKU\S-1-5-21-163863676-4130719698-668715832-1001\...\Run: [PureText] => Z:\Install\Puretext\PureText.exe [117704 2018-03-01] (Steve Miller -> hxxp://SteveMiller.net/PureText/)
HKU\S-1-5-21-163863676-4130719698-668715832-1001\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\sidebar.exe [1475072 2013-10-02] (Microsoft Corporation) [File not signed] [File is in use]
HKU\S-1-5-21-163863676-4130719698-668715832-1001\...\Run: [ToolwizTimeFreeze] => C:\Program Files\Toolwiz Time Freeze 2017\ToolwizTimeFreeze.exe [1623896 2023-04-26] (Igloo systems Inc. -> Toolwiz)
HKU\S-1-5-21-163863676-4130719698-668715832-1001\...\MountPoints2: {0281a9ee-0b91-11ee-9503-00268317e4a5} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-163863676-4130719698-668715832-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [581120 2022-09-08] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\scrnsave.scr [39936 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\Adobe PDF Port: C:\Windows\SysWOW64\AdobePDF.dll [33368 2006-09-29] (Adobe Systems, Incorporated -> Adobe Systems Incorporated.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\115.0.5790.170\Installer\chrmstp.exe [2023-08-04] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk [2023-06-05]
ShortcutTarget: Adobe Acrobat Speed Launcher.lnk -> C:\Windows\Installer\{AC76BA86-1029-0000-7760-000000000003}\_SC_Acrobat.exe () [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Synchronizer.lnk [2023-06-05]
ShortcutTarget: Adobe Acrobat Synchronizer.lnk -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe (Adobe Systems, Incorporated -> )
Startup: C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2023-04-26]
ShortcutTarget: MEGAsync.lnk -> C:\ProgramData\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0B66A161-1A47-45CE-91A0-4738204F5121} - System32\Tasks\GoogleUpdateTaskMachineCore{499F99D5-B987-4596-95A3-6AEE8188564F} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-04-25] (Google LLC -> Google LLC)
Task: {C4446700-F145-4466-95D3-C1F4C88044C5} - System32\Tasks\GoogleUpdateTaskMachineUA{B06D96AC-614A-478A-9471-44B460E28F5A} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-04-25] (Google LLC -> Google LLC)
Task: {72AE4A4F-0D75-40C6-A987-5DED59970D70} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-163863676-4130719698-668715832-1001 => C:\ProgramData\MEGAsync\MEGAupdater.exe [2531504 2023-07-17] (Mega Limited -> )
Task: {E21A6904-A4A9-42E5-8F52-DC013F4272BA} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => %ProgramFiles%\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe (No File)
Task: {FF9684C1-DD0A-414E-9F69-8DFF5F615568} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {3D842389-D66B-405D-A9EF-D240CC3AA27D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {389A8980-4E69-426C-9F0C-BAF2B7212460} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MpCmdRun.exe [1649976 2023-07-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6E460ADE-DA0A-4FC5-A414-8FD993E412F6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MpCmdRun.exe [1649976 2023-07-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7CAAE835-66BD-47FE-A059-003715A32740} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MpCmdRun.exe [1649976 2023-07-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CC05CF7F-0CBC-4535-832D-C7BA24A5A64A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MpCmdRun.exe [1649976 2023-07-25] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{2f512f45-0f08-4127-805a-198885a21a59}: [DhcpNameServer] 10.0.0.138
Edge:
=======
Edge Profile: C:\Users\Pavel\AppData\Local\Microsoft\Edge\User Data\Default [2023-08-01]
Edge Extension: (Edge relevant text changes) - C:\Users\Pavel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-08-01]
FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default [2023-08-04]
CHR DownloadDir: E:\Stahy
CHR Notifications: Default -> hxxps://web.whatsapp.com; hxxps://www.facebook.com
CHR HomePage: Default -> hxxps://www.google.cz/
CHR NewTab: Default -> Active:"chrome-extension://mfgdmpfihlmdekaclngibpjhdebndhdj/newtab.html"
CHR Extension: (MEGA) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2023-07-31]
CHR Extension: (Dokumenty Google offline) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-07-20]
CHR Extension: (Převod řeči na text) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdcdafhjjjfnkoeilnjmnadadaoehgdc [2023-04-25]
CHR Extension: (Favorites - New Tab Page) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjkbcegjfanmgocnecnngfcmmojheiam [2023-04-25]
CHR Extension: (Bookmarks Commander) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\knfpajocfeohpaipkfpdbfhgibajfmcf [2023-04-25]
CHR Extension: (Humble New Tab Page) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfgdmpfihlmdekaclngibpjhdebndhdj [2023-07-17]
CHR Extension: (Sortmark) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmhnlemdhjjebiklhbjmpkiekgjjbnfc [2023-04-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-04-25]
CHR Extension: (Bitwarden – Bezplatný správce hesel) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nngceckbapebfimnlniiiahkandclblb [2023-07-26]
CHR Extension: (G-calize) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\piiljfhidimfponnkjlkecnpjhdijfde [2023-04-25]
CHR Extension: (fb-getridad) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pohajcgaoeefgbfinebfpecboikikegp [2023-08-03]
CHR Profile: C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\System Profile [2023-07-28]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Backupper Service; C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.3.0\ABService.exe [1118704 2023-07-20] (AOMEI International Network Limited -> AOMEI International Network Limited)
S3 BoxSyncUpdateService; C:\Program Files\Box\Box Sync\SyncUpdaterService.exe [42912 2022-06-08] (Box, Inc. -> Box, Inc.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [321536 2022-01-26] (Brother Industries, Ltd.) [File not signed]
R2 DisplayFusionService; C:\Program Files\DisplayFusion\DisplayFusionService.exe [333224 2023-04-12] (Binary Fortress Software Ltd -> Binary Fortress Software)
R2 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2017-02-15] (Firebird Project) [File not signed]
R3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [3825664 2017-02-15] (Firebird Project) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2023-04-25] (Macrovision Europe Ltd.) [File not signed]
R2 GlUsbFltService; C:\Windows\system32\GlHubFltService.exe [181072 2022-09-27] (GENESYS LOGIC, INC. -> Genesys Logic, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402216 2023-07-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SyncBackFreeSchedulesMonitor; C:\Program Files (x86)\2BrightSparks\SyncBackFree\SchedulesMonitor.exe [3389168 2023-07-21] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd)
R2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [12288 2022-11-10] () [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\NisSrv.exe [3244928 2023-07-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MsMpEng.exe [133576 2023-07-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [19456 2022-11-10] () [File not signed]
S2 SbieSvc; E:\Stahy\Sandboxie-Plus\SbieSvc.exe [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 ambakdrv; C:\Windows\System32\ambakdrv.sys [51120 2019-05-14] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [172928 2023-08-02] (AOMEI International Network Limited -> )
S3 ampa; C:\Windows\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [32176 2023-08-02] (AOMEI International Network Limited -> )
S3 AthDfu; C:\Windows\System32\Drivers\AthDfu.sys [55336 2012-08-22] (Atheros Communications Inc. -> Windows (R) Win 7 DDK provider)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 ddmdrv; C:\Windows\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 glusbflt; C:\Windows\system32\drivers\glusbflt.sys [57288 2022-09-27] (GENESYS LOGIC, INC. -> Genesys Logic)
R0 TWZDISK; C:\Windows\System32\Drivers\TWZDISK.sys [73360 2023-04-26] (XII CNC Inc. -> Toolwiz.com)
R1 TWZFILE; C:\Windows\System32\Drivers\TWZFILE.sys [43152 2023-04-26] (XII CNC Inc. -> Toolwiz.com)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49600 2023-07-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [498944 2023-07-25] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99608 2023-07-25] (Microsoft Windows -> Microsoft Corporation)
S3 SbieDrv; \??\E:\Stahy\Sandboxie-Plus\SbieDrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-08-04 10:22 - 2023-08-04 10:24 - 000000000 ____D C:\FRST
2023-08-02 19:21 - 2023-08-02 19:21 - 000000000 ____D C:\rsit
2023-08-02 19:21 - 2023-08-02 19:21 - 000000000 ____D C:\Program Files\trend micro
2023-08-02 19:14 - 2023-08-02 19:14 - 000172928 _____ C:\Windows\system32\ammntdrv.sys
2023-08-02 19:14 - 2023-08-02 19:14 - 000032176 _____ C:\Windows\system32\amwrtdrv.sys
2023-08-02 19:14 - 2023-08-02 19:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Backupper
2023-08-02 19:14 - 2023-08-02 19:14 - 000000000 ____D C:\Program Files (x86)\AOMEI
2023-08-02 19:14 - 2019-05-14 11:28 - 000051120 _____ C:\Windows\system32\ambakdrv.sys
2023-08-02 18:46 - 2023-08-02 18:46 - 000000000 ____D C:\Users\Pavel\AppData\Local\Mozilla
2023-08-02 15:23 - 2023-08-02 15:23 - 000010534 _____ C:\Users\Pavel\AppData\Local\recently-used.xbel
2023-07-23 15:12 - 2023-07-23 15:12 - 000000000 ____D C:\Users\Pavel\AppData\Local\OfficeBSCache-MyComputer
2023-07-23 14:58 - 2023-07-23 14:58 - 000000000 ____D C:\Windows\system32\appmgmt
2023-07-22 11:38 - 2023-07-26 13:07 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\znote
2023-07-22 11:38 - 2023-07-22 11:38 - 000002295 _____ C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\znote.lnk
2023-07-22 11:38 - 2023-07-22 11:38 - 000000000 ____D C:\Users\Pavel\AppData\Local\znote-updater
2023-07-22 08:49 - 2022-11-15 19:22 - 000001869 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Memuaro Ghost.lnk
2023-07-22 08:49 - 2022-11-15 19:12 - 000002210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEMUARO Focus.lnk
2023-07-20 21:51 - 2023-07-20 21:51 - 000001045 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BetterClearTypeTuner.lnk
2023-07-20 21:17 - 2023-07-20 21:18 - 000000000 ____D C:\Users\Public\Documents\AdobeGCInfo
2023-07-20 21:08 - 2023-07-20 21:08 - 000000000 ___RD C:\Users\Pavel\Creative Cloud Files
2023-07-20 21:04 - 2023-07-20 21:17 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\com.adobe.dunamis
2023-07-20 21:02 - 2023-07-20 21:17 - 000000000 ____D C:\Program Files\Common Files\Adobe
2023-07-20 20:49 - 2023-07-20 20:49 - 000000000 ____D C:\Users\Pavel\AppData\Local\CEF
2023-07-20 08:49 - 2023-07-28 16:29 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\smart-control
2023-07-20 08:49 - 2023-07-20 08:50 - 000000000 ____D C:\SmartControlBeta
2023-07-20 08:49 - 2023-07-20 08:49 - 000001710 _____ C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartControl.lnk
2023-07-20 08:49 - 2023-07-20 08:49 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_glusbflt_01011.Wdf
2023-07-20 08:49 - 2023-07-20 08:49 - 000000000 ____D C:\Users\Pavel\AppData\Local\smart-control-updater
2023-07-20 08:49 - 2022-09-27 09:15 - 000181072 _____ (Genesys Logic, Inc.) C:\Windows\system32\GlHubFltService.exe
2023-07-20 08:49 - 2022-09-27 09:15 - 000057288 _____ (Genesys Logic) C:\Windows\system32\Drivers\glusbflt.sys
2023-07-19 23:51 - 2023-07-19 23:51 - 000000000 ____D C:\Users\Pavel\Documents\Adobe
2023-07-19 20:41 - 2023-07-20 21:18 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2023-07-19 20:41 - 2023-07-19 20:41 - 000000000 ____D C:\Users\Pavel\AppData\Local\AMD
2023-07-19 20:32 - 2023-07-19 20:32 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\Macromedia
2023-07-17 21:26 - 2023-07-17 21:26 - 000000000 ___HD C:\$WinREAgent
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-08-04 10:18 - 2023-04-25 13:55 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-08-04 10:18 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-08-04 10:00 - 2023-04-25 17:06 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-08-04 10:00 - 2023-04-25 17:06 - 000000000 ____D C:\Program Files (x86)\Google
2023-08-04 10:00 - 2022-09-08 05:11 - 000000000 ____D C:\Windows\SystemTemp
2023-08-03 16:14 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-08-03 16:14 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2023-08-03 15:57 - 2023-04-25 14:05 - 001693656 _____ C:\Windows\system32\PerfStringBackup.INI
2023-08-03 15:57 - 2019-12-07 16:43 - 000716894 _____ C:\Windows\system32\perfh005.dat
2023-08-03 15:57 - 2019-12-07 16:43 - 000145072 _____ C:\Windows\system32\perfc005.dat
2023-08-03 15:57 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2023-08-03 15:53 - 2023-04-25 15:36 - 000000432 _____ C:\Windows\SysWOW64\winsevr.dat
2023-08-03 15:53 - 2023-04-25 15:36 - 000000208 _____ C:\Windows\SysWOW64\AbBakConfig.dat
2023-08-03 15:53 - 2023-04-25 13:55 - 000008192 ___SH C:\DumpStack.log.tmp
2023-08-03 15:53 - 2023-04-25 13:55 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-08-02 20:29 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2023-08-02 19:41 - 2023-04-25 14:05 - 000000000 ____D C:\Users\Pavel
2023-08-02 19:21 - 2023-04-25 15:35 - 000000000 ____D C:\ProgramData\AomeiBR
2023-08-02 19:15 - 2017-04-08 13:35 - 000001024 ____H C:\SYSTAG.BIN
2023-08-02 18:46 - 2023-04-25 20:33 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\Mozilla
2023-08-02 11:34 - 2023-04-25 17:06 - 000003844 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{B06D96AC-614A-478A-9471-44B460E28F5A}
2023-08-02 11:34 - 2023-04-25 17:06 - 000003720 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{499F99D5-B987-4596-95A3-6AEE8188564F}
2023-08-01 15:42 - 2023-04-25 22:10 - 000000000 ____D C:\Users\Pavel\AppData\Local\darktable
2023-08-01 15:41 - 2023-04-25 22:10 - 000000000 ____D C:\Users\Pavel\.dbus-keyrings
2023-07-30 11:01 - 2023-04-25 13:55 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-07-29 08:46 - 2023-04-26 14:08 - 000002383 _____ C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-07-29 08:46 - 2023-04-25 14:08 - 000003584 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-163863676-4130719698-668715832-1001
2023-07-29 08:46 - 2023-04-25 14:08 - 000003376 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-163863676-4130719698-668715832-1001
2023-07-28 20:48 - 2023-04-25 14:06 - 000000000 ____D C:\Users\Pavel\AppData\Local\Packages
2023-07-28 13:45 - 2023-04-25 20:31 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-07-28 12:22 - 2023-04-25 17:03 - 000000000 ____D C:\Users\Pavel\AppData\Local\KeePassXC
2023-07-27 15:21 - 2023-04-25 15:40 - 000918960 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2023-07-26 13:06 - 2023-04-25 21:39 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\ghostwriter
2023-07-25 20:53 - 2023-04-25 13:55 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-07-23 16:18 - 2017-04-08 17:10 - 000000000 ____D C:\Utility
2023-07-23 15:59 - 2023-04-25 14:35 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\Microsoft\Word
2023-07-23 15:46 - 2023-04-25 14:35 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\Microsoft\Office
2023-07-23 14:31 - 2023-05-11 15:12 - 000000000 ____D C:\Users\Pavel\AppData\Local\2BrightSparks
2023-07-23 14:31 - 2023-05-11 15:11 - 000001413 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SyncBackFree.lnk
2023-07-22 14:14 - 2023-04-26 10:52 - 000000000 ____D C:\Users\Pavel\AppData\Local\CrashDumps
2023-07-22 14:14 - 2023-04-26 10:50 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\youtube-music-desktop-app
2023-07-21 15:07 - 2023-04-26 00:47 - 000000000 ____D C:\Users\Pavel\AppData\Local\D3DSCache
2023-07-20 21:22 - 2023-04-25 18:36 - 000000000 ____D C:\Users\Pavel\AppData\Local\Adobe
2023-07-20 21:22 - 2023-04-25 14:06 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\Adobe
2023-07-20 21:21 - 2023-04-25 18:34 - 000000000 ____D C:\ProgramData\Adobe
2023-07-20 21:17 - 2023-04-25 18:28 - 000000000 ____D C:\Program Files (x86)\Adobe
2023-07-20 21:07 - 2023-04-25 14:06 - 000000000 ____D C:\ProgramData\Packages
2023-07-20 21:05 - 2023-04-25 14:05 - 000000000 ____D C:\ProgramData\Package Cache
2023-07-19 17:22 - 2023-04-25 16:33 - 000000000 ____D C:\Users\Pavel\AppData\Local\DisplayFusion
2023-07-18 09:08 - 2023-04-25 13:55 - 001245736 _____ C:\Windows\system32\FNTCACHE.DAT
2023-07-18 09:07 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-07-18 09:07 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-07-18 09:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2023-07-18 09:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2023-07-18 09:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup
2023-07-18 09:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2023-07-18 09:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2023-07-18 09:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2023-07-18 07:17 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2023-07-18 07:14 - 2023-04-25 13:57 - 003015168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-07-17 21:19 - 2023-04-25 15:39 - 000000000 ____D C:\Windows\system32\MRT
2023-07-17 21:14 - 2023-04-25 15:39 - 173351160 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-07-17 21:07 - 2023-04-26 00:25 - 000000000 ____D C:\ProgramData\MEGAsync
2023-07-17 21:05 - 2023-04-25 13:55 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-07-17 21:05 - 2023-04-25 13:55 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
==================== Files in the root of some directories ========
2023-07-20 21:13 - 2023-07-20 21:18 - 000000205 _____ () C:\Users\Pavel\AppData\Local\oobelibMkey.log
2023-08-02 15:23 - 2023-08-02 15:23 - 000010534 _____ () C:\Users\Pavel\AppData\Local\recently-used.xbel
2023-04-26 11:31 - 2023-04-26 11:31 - 000000017 _____ () C:\Users\Pavel\AppData\Local\resmon.resmoncfg
2023-04-26 00:12 - 2023-04-27 12:58 - 000000402 _____ () C:\Users\Pavel\AppData\Local\Tajpi.ini
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
ADDITION.txt = zde:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-08-2023
Ran by Pavel (04-08-2023 10:25:36)
Running from Z:\Install-pokusy\Staré potřebné
Microsoft Windows 10 Pro Version 22H2 19045.3208 (X64) (2023-04-25 11:59:31)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-163863676-4130719698-668715832-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-163863676-4130719698-668715832-503 - Limited - Disabled)
Guest (S-1-5-21-163863676-4130719698-668715832-501 - Limited - Disabled)
Pavel (S-1-5-21-163863676-4130719698-668715832-1001 - Administrator - Enabled) => C:\Users\Pavel
WDAGUtilityAccount (S-1-5-21-163863676-4130719698-668715832-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 22.01 (x64) (HKLM\...\7-Zip) (Version: 22.01 - Igor Pavlov)
Adobe Acrobat 8 Professional - Czech, Greek, Hungarian, Polish, Slovak (HKLM-x32\...\Adobe Acrobat 8 Professional - Czech, Greek, Hungarian, Polish, Slovak) (Version: 8.0.0 - Adobe Systems)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AOMEI Backupper (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1) (Version: 7.3.0 - AOMEI International Network Limited.)
AOMEI Partition Assistant 9.15.0 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: 9.15.0 - AOMEI International Network Limited.)
AppLogLibSetup (HKLM-x32\...\{52FB0C8F-DF05-4C61-AEB6-18C55F8C385F}) (Version: 1.0.3.0 - Brother Industries Ltd.) Hidden
Audacity 3.3.0 (HKLM\...\Audacity_is1) (Version: 3.3.0 - Audacity Team)
Blobby Volley 2 Version 1.0 (HKLM-x32\...\Blobby Volley 2 Version 1.0_is1) (Version: - )
Box Sync (HKLM\...\{1ACA9B29-60C8-4C5D-8E83-CE8C9BF133B0}) (Version: 4.0.8088.0 - Box, Inc.)
BrLauncher (HKLM-x32\...\{42D26B47-887C-45FC-BCAE-0BE485C5C0BB}) (Version: 2.0.11.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{3DEA56AB-0899-41DF-8C4F-0A608FD36904}) (Version: 10.5.0.74 - Brother Industries, Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{d0c84829-3b3f-46d1-b292-e3fb77d972c2}) (Version: 10.5.0.74 - Brother Industries, Ltd.)
Brother Printer Driver (HKLM-x32\...\{EAD4E66C-102F-4ED0-85B5-A1C9037A6E8B}) (Version: 1.7.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{CE1E9BB4-0414-4541-A4A9-1578D8E53F21}) (Version: 1.0.24.1 - Brother Industries Ltd.) Hidden
BrSupportTools (HKLM-x32\...\{32F47565-84B1-42CC-B09A-4CDDD9A32F94}) (Version: 1.0.20.0 - Brother Industries Ltd.) Hidden
C:\Program Files\Adobe\Adobe Lightroom\LRcestina_uninstall.exe (HKLM-x32\...\CZ Lokalizace pro Lightroom CC 2015.3 a 6.3_is1) (Version: 1.1 - )
Catalyst Control Center - Branding (HKLM-x32\...\{11087D24-567D-7D88-69C6-D7A08B5F4C47}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
ControlCenter4 (HKLM-x32\...\{9091B952-8719-49C3-9CC7-6E20EC61081F}) (Version: 4.6.6.1 - Brother Industries, Ltd.) Hidden
ControlCenter4 CSDK (HKLM-x32\...\{FD8A9511-BFC9-43B5-BB75-9CEC0EA03CF0}) (Version: 4.6.1.1 - Brother Industries, Ltd.) Hidden
darktable (HKLM\...\darktable) (Version: 4.2.1 - the darktable project)
DisplayFusion (HKLM\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 10.0.0.0 - Binary Fortress Software)
EveryonePiano 2.3 (HKLM-x32\...\EveryonePiano_is1) (Version: 2.3.4.14 - EveryonePiano.com)
FastStone Image Viewer 7.7 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.7 - FastStone Corporation)
Firebird 2.5.7.27050 (Win32) (HKLM-x32\...\FBDBServer_2_5_is1) (Version: 2.5.7.27050 - Firebird Project)
FreeOCR v5.4 (HKLM-x32\...\freeocr_is1) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 115.0.5790.170 - Google LLC)
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
HttpToUsbBridge (HKLM-x32\...\{E2D35939-25BF-4EC8-BF6D-F9C0AF8ECC11}) (Version: 2.0.30.1 - Brother Industries Ltd.)
IcoFX 1.6.4 (HKLM-x32\...\IcoFX_is1) (Version: - )
Icon Creator (HKLM-x32\...\{EF4376E4-14B7-46DC-A143-4B8E7676C4AC}) (Version: 1.0.0 - CodeWonders)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0.1 - AppWork GmbH)
KeePass Password Safe 2.53.1 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.53.1 - Dominik Reichl)
KeePassXC (HKLM\...\{A8DB462B-03B6-452B-955C-E81EA877A737}) (Version: 2.7.5 - KeePassXC Team)
Lingea Lexicon 2002 (HKLM-x32\...\Lexicon 4.0) (Version: - )
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Host - 7.0.5 (x64) (HKLM\...\{CE8DF750-A582-4D59-A610-478A752481B1}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 7.0.5 (x64) (HKLM\...\{B6F2958F-0F6F-4CCD-867F-80EC5C333B79}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 7.0.5 (x64) (HKLM\...\{793FCD19-00AC-4804-B569-782DF3B24A39}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 115.0.1901.188 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 115.0.1901.188 - Microsoft Corporation)
Microsoft Excel MUI (Czech) 2016 (HKLM-x32\...\{90160000-0016-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Groove MUI (Czech) 2016 (HKLM-x32\...\{90160000-00BA-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office 64-bit Components 2016 (HKLM\...\{90160000-002A-0000-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2016 – Deutsch (HKLM-x32\...\{90160000-001F-0407-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Czech) 2016 (HKLM-x32\...\{90160000-00E1-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Czech) 2016 (HKLM-x32\...\{90160000-00E2-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2016 (HKLM-x32\...\{90160000-002C-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2016 - English (HKLM-x32\...\{90160000-001F-0409-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2016 (HKLM\...\{90160000-002A-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2016 (HKLM-x32\...\{90160000-006E-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Standard 2016 (HKLM-x32\...\{90160000-0012-0000-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Standard 2016 (HKLM-x32\...\Office16.STANDARD) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-163863676-4130719698-668715832-1001\...\OneDriveSetup.exe) (Version: 23.142.0709.0001 - Microsoft Corporation)
Microsoft OneNote MUI (Czech) 2016 (HKLM-x32\...\{90160000-00A1-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Czech) 2016 (HKLM-x32\...\{90160000-001A-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Czech) 2016 (HKLM-x32\...\{90160000-0018-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Czech) 2016 (HKLM-x32\...\{90160000-0019-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31938 (HKLM-x32\...\{d92971ab-f030-43c8-8545-c66c818d0e05}) (Version: 14.34.31938.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31326 (HKLM-x32\...\{817e21c1-6b3a-4bc1-8c49-67e4e1887b3a}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31938 (HKLM\...\{7DA37AE3-D8AE-49B1-9BDC-23CA0AB9FF22}) (Version: 14.34.31938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31938 (HKLM\...\{0AE39060-F209-4D05-ABC7-54B8F9CFA32E}) (Version: 14.34.31938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31326 (HKLM-x32\...\{A250E750-DB3F-40C1-8460-8EF77C7582DA}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31326 (HKLM-x32\...\{46E11E7F-01E1-44D0-BB86-C67342D253DD}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.5 (x64) (HKLM\...\{109506AF-BF9E-43E1-87F3-3141B9C3F6BA}) (Version: 56.23.58485 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.5 (x64) (HKLM-x32\...\{c7984cd8-d837-4988-a30d-8da7822bc716}) (Version: 7.0.5.32327 - Microsoft Corporation)
Microsoft Word MUI (Czech) 2016 (HKLM-x32\...\{90160000-001B-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 102.10.1 - Mozilla)
Mozilla Thunderbird (x64 cs) (HKLM\...\Mozilla Thunderbird 102.10.1 (x64 cs)) (Version: 102.10.1 - Mozilla)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
MuseScore 3 (HKLM\...\{FF67E071-104C-4C42-9301-184442745671}) (Version: 3.6.2.548021803 - Werner Schweer and Others)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM-x32\...\{90160000-001F-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM-x32\...\{90160000-001F-041B-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
NetworkRepairTool (HKLM-x32\...\{86E68F57-FAFE-4052-BDD4-3B90C38236AE}) (Version: 1.2.16.0 - Brother Industries, Ltd.) Hidden
nexusfont (ver 2.7.1.1945) (HKLM\...\{EFEDD205-43FE-4208-B682-0937E803E19E}}_is1) (Version: - xiles)
PC Translator (HKLM-x32\...\PC Translator) (Version: - )
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 230707 - Kakao Corp.)
ScannerUtilityInstaller (HKLM-x32\...\{D65C0754-7790-427F-AD73-D7C644260F57}) (Version: 1.19.9.1 - Brother) Hidden
SmartControl (HKU\S-1-5-21-163863676-4130719698-668715832-1001\...\eaf31a0e-c98a-5e6e-9883-2a487a3337a1) (Version: 6.12.0 - Philips)
SoftwareUpdateNotification (HKLM-x32\...\{3D1AD910-B82B-4635-B1C3-0CEF9F6F3D34}) (Version: 1.0.21.0 - Brother Industries, Ltd.) Hidden
StatusMonitor (HKLM-x32\...\{D9584EB4-1D28-4BD1-8F81-6E097C0827EE}) (Version: 1.33.1.0 - Brother Industries, Ltd.) Hidden
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.4.6 - Krzysztof Kowalczyk)
SyncBackFree (HKLM-x32\...\SyncBackFree_is1) (Version: 11.0.0.25 - 2BrightSparks)
Tajpi 2.97 (HKLM-x32\...\Tajpi_is1) (Version: - )
Toolwiz Time Freeze 2017 (HKLM-x32\...\{3A74D01E-3AEF-4DF4-8404-0056150C97A3}) (Version: 4.3.1.5000 - Toolwiz)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 10.52 - Ghisler Software GmbH)
UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
Windows Desktop Gadgets (HKLM\...\Windows Desktop Gadgets_is1) (Version: 2.0 - hxxp://gadgetsrevived.com)
YouTube Music Desktop App 1.13.0 (HKU\S-1-5-21-163863676-4130719698-668715832-1001\...\afca255d-79c9-539f-84c6-b3a7619889d5) (Version: 1.13.0 - Adler Luiz)
znote 2.3.6 (HKU\S-1-5-21-163863676-4130719698-668715832-1001\...\d78f7af5-e430-5336-833a-b60cdee6f0ec) (Version: 2.3.6 - alagrede)
Packages:
=========
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_53.10510.531.0_x64__8wekyb3d8bbwe [2023-06-07] (Microsoft Corporation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-04-28] (Microsoft Studios) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-163863676-4130719698-668715832-1001_Classes\CLSID\{03A24E19-0115-44E0-9328-7D31B66D5091} -> [Abacus] => E:\Abacus [2017-04-08 14:56]
CustomCLSID: HKU\S-1-5-21-163863676-4130719698-668715832-1001_Classes\CLSID\{0772B43E-4BE9-44D9-B1A4-420C77066988} -> [2_užitné] => D:\FOTO\Foto_akt\2_užitné [2023-05-11 20:09]
CustomCLSID: HKU\S-1-5-21-163863676-4130719698-668715832-1001_Classes\CLSID\{23E05DC6-FF37-4149-AF9A-929040CE1C70} -> [Manuály] => D:\Manuály [2023-05-11 20:00]
CustomCLSID: HKU\S-1-5-21-163863676-4130719698-668715832-1001_Classes\CLSID\{241F45F9-D8B4-4D88-924D-470FA5390C9E} -> [Moje ikony] => C:\Moje ikony [2017-04-08 18:12]
CustomCLSID: HKU\S-1-5-21-163863676-4130719698-668715832-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> "C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-163863676-4130719698-668715832-1001_Classes\CLSID\{35DF7A83-53A9-4883-85DC-7C2F65EB9893} -> [Stahy] => E:\Stahy [2017-04-08 17:46]
CustomCLSID: HKU\S-1-5-21-163863676-4130719698-668715832-1001_Classes\CLSID\{4A8FCD9F-623C-4283-96F0-10F41846A98A} -> [Box Sync] => E:\Box Sync\Box Sync [2023-04-29 20:41]
CustomCLSID: HKU\S-1-5-21-163863676-4130719698-668715832-1001_Classes\CLSID\{5D30C181-F180-451C-A9CB-0894D39BD2A7} -> [_Audio] => D:\_Audio [2023-05-11 18:24]
CustomCLSID: HKU\S-1-5-21-163863676-4130719698-668715832-1001_Classes\CLSID\{9CEE0A41-D539-4E85-911B-6DE14C119754} -> [RawTherapeePortable] => C:\Utility\RawTherapeePortable [2023-05-05 06:52]
CustomCLSID: HKU\S-1-5-21-163863676-4130719698-668715832-1001_Classes\CLSID\{DBE430EC-3941-4889-A2DD-68A22D10C4C0} -> [NORD] => D:\NORD [2023-05-11 20:02]
CustomCLSID: HKU\S-1-5-21-163863676-4130719698-668715832-1001_Classes\CLSID\{E229AFF1-8A50-4F94-A0B4-6B85794008AE} -> [Mega] => E:\Mega [2017-04-08 17:44]
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2023-07-17] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2023-07-17] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2023-07-17] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ BoxSyncFileLocked] -> {06395f73-8d75-3c47-ac2f-93524a83ce03} => C:\Program Files\Box\Box Sync\IconOverlayClient.DLL [2022-06-08] (Box, Inc. -> Box, Inc.)
ShellIconOverlayIdentifiers: [ BoxSyncFileLockedByOther] -> {072d2f45-ddf0-35bd-a911-38b853695def} => C:\Program Files\Box\Box Sync\IconOverlayClient.DLL [2022-06-08] (Box, Inc. -> Box, Inc.)
ShellIconOverlayIdentifiers: [ BoxSyncNotSynced] -> {88092007-0d01-3d32-a4b4-56f7e19a1c49} => C:\Program Files\Box\Box Sync\IconOverlayClient.DLL [2022-06-08] (Box, Inc. -> Box, Inc.)
ShellIconOverlayIdentifiers: [ BoxSyncProblem] -> {507a0531-fd10-3efc-8eb8-64e35606e542} => C:\Program Files\Box\Box Sync\IconOverlayClient.DLL [2022-06-08] (Box, Inc. -> Box, Inc.)
ShellIconOverlayIdentifiers: [ BoxSyncSynced] -> {b9b9e487-7684-373f-a7a2-6b04c8d772a8} => C:\Program Files\Box\Box Sync\IconOverlayClient.DLL [2022-06-08] (Box, Inc. -> Box, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers1-x32: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat Elements\ContextMenu.dll [2006-10-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [BoxContextMenuClient] -> {53792c99-3144-3699-8968-fa4278ad3c1e} => C:\Program Files\Box\Box Sync\ContextMenuClient.DLL [2022-06-08] (Box, Inc. -> Box, Inc.)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2023-07-17] (Mega Limited -> )
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2023-07-17] (Mega Limited -> )
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2023-07-17] (Mega Limited -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [BoxContextMenuClient] -> {53792c99-3144-3699-8968-fa4278ad3c1e} => C:\Program Files\Box\Box Sync\ContextMenuClient.DLL [2022-06-08] (Box, Inc. -> Box, Inc.)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2023-07-17] (Mega Limited -> )
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers6-x32: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat Elements\ContextMenu.dll [2006-10-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KartKazDOS.lnk -> C:\Program Files (x86)\DOSBox-0.74-2\DOSBox.exe (DOSBox Team) -> "e:\Abacus\Aplikace\KARTKAZ_DOS\KARTKAZ.BAT"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KartPohrDOS.lnk -> C:\Program Files (x86)\DOSBox-0.74-2\DOSBox.exe (DOSBox Team) -> "e:\Abacus\Aplikace\KARTKAZ_DOS\KARTPOHR.BAT"
==================== Loaded Modules (Whitelisted) =============
2017-04-08 17:10 - 2012-02-24 10:20 - 000053248 _____ () [File not signed] C:\Utility\caps-unlocker\CapsUnlocker.dll
2023-04-25 19:49 - 2005-04-22 13:36 - 000143360 _____ () [File not signed] C:\Windows\system32\BrSNMP64.dll
2015-11-04 16:40 - 2015-11-04 16:40 - 000005120 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamcsy.dll
2023-08-02 19:14 - 2015-05-21 14:32 - 000068784 _____ (Aomei Technology Co., Limited -> Microsoft Corporation) [File not signed] C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.3.0\vcomp.dll
2023-04-25 19:49 - 2016-11-01 11:27 - 000090112 _____ (Brother Industries, Ltd.) [File not signed] C:\Windows\system32\BrNetSti.dll
2023-04-25 19:59 - 2017-02-15 08:57 - 000548864 _____ (Firebird Project) [File not signed] C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbclient.dll
2023-04-25 19:59 - 2017-02-15 08:52 - 001568768 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\Firebird\Firebird_2_5\bin\icudt30.dll
2023-04-25 19:59 - 2017-02-15 08:51 - 000675840 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\Firebird\Firebird_2_5\bin\icuuc30.dll
2023-04-26 11:06 - 2012-07-26 08:49 - 000087552 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Windows Sidebar\sbdrop.dll
2020-09-03 10:08 - 2011-06-21 23:21 - 000012800 _____ (NirSoft) [File not signed] C:\Utility\Volumouse\vlmshlp.dll
2020-09-03 10:08 - 2011-06-21 23:21 - 000012288 _____ (NirSoft) [File not signed] C:\Utility\Volumouse\vlmshlp32.dll
2022-06-08 03:37 - 2022-06-08 03:37 - 003431936 _____ (Python Software Foundation) [File not signed] C:\Program Files\Box\Box Sync\python27.dll
2023-04-25 16:57 - 2023-04-11 15:39 - 000437248 _____ (Sentry.io) [File not signed] [File is in use] C:\Program Files\DisplayFusion\Sentry.dll
2023-07-18 07:25 - 2023-07-18 07:25 - 000922112 _____ (The Apache Software Foundation) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\log4net\925fc533b1234bbe8fe0ac4cc16ad76e\log4net.ni.dll
2022-06-08 03:37 - 2022-06-08 03:37 - 003088384 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\Box\Box Sync\libcrypto-1_1.dll
2022-06-08 03:37 - 2022-06-08 03:37 - 000660992 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\Box\Box Sync\libssl-1_1.dll
2022-06-23 02:43 - 2022-06-23 02:43 - 005979824 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\ProgramData\MEGAsync\Qt5Core.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Podpora odkazu pro Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-163863676-4130719698-668715832-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "Adobe Acrobat Speed Launcher.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Adobe Acrobat Synchronizer.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "KeePass 2 PreLoad"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "BrotherSoftwareUpdateNotification"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "M17A"
HKU\S-1-5-21-163863676-4130719698-668715832-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_D188F7EFD71EAC8DC2AE49F95230A1B7"
HKU\S-1-5-21-163863676-4130719698-668715832-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-163863676-4130719698-668715832-1001\...\StartupApproved\Run: => "ToolwizTimeFreeze"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{B7FAE743-871E-4B41-9AAF-FFBE81C418DB}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.1\ABService.exe => No File
FirewallRules: [{A774F325-F932-4C7D-A165-F8DEFEAC67B6}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.1\ABService.exe => No File
FirewallRules: [{3D897735-7255-4DE9-B858-B4026F0CF37A}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.2.1\ABService.exe => No File
FirewallRules: [{C3825D6A-8526-43CD-ABF6-E3E39BCDFED6}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.2.1\ABService.exe => No File
FirewallRules: [{6FF89D33-8493-4058-B124-2BD3493E43CD}] => (Allow) LPort=54925
FirewallRules: [{F0FAB3F5-70D2-48DB-80BB-E91585E90A04}] => (Allow) LPort=54950
FirewallRules: [{C1FCACFE-5C69-4B60-B611-89E5A6580FC9}] => (Allow) LPort=54955
FirewallRules: [{CA8002DE-597D-407C-9776-3AF043C3E607}] => (Allow) C:\Program Files (x86)\Browny02\Brother\BrPrintFinishNotice\BrPrintFinishNotice.exe (Brother Industries, Ltd. -> )
FirewallRules: [{B36BE835-134D-4B25-9CBF-28520FC04133}] => (Allow) C:\Program Files (x86)\Browny02\Brother\BrPrintFinishNotice\BrPrintFinishNotice.exe (Brother Industries, Ltd. -> )
FirewallRules: [{BF322442-9B1E-48EE-BE76-E03980851880}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.2.2\ABService.exe => No File
FirewallRules: [{4EE3FE40-AF32-45D5-98C5-16759B8EE39E}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.2.2\ABService.exe => No File
FirewallRules: [{529B7A04-0568-45BD-9B49-9D066D3546A3}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.2.3\ABService.exe => No File
FirewallRules: [{00497CA3-7328-4AA6-A164-F8BCE525470B}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.2.3\ABService.exe => No File
FirewallRules: [TCP Query User{D966CACD-75F1-4703-B733-EA5F9E22784E}C:\smartcontrolbeta\smartcontrol.exe] => (Allow) C:\smartcontrolbeta\smartcontrol.exe (TOP VICTORY ELECTRONICS (TAIWAN) CO., LTD. -> Philips)
FirewallRules: [UDP Query User{74294FE1-5960-4C3F-9F6A-87F165D47B66}C:\smartcontrolbeta\smartcontrol.exe] => (Allow) C:\smartcontrolbeta\smartcontrol.exe (TOP VICTORY ELECTRONICS (TAIWAN) CO., LTD. -> Philips)
FirewallRules: [TCP Query User{9EF749AD-4EFD-4D91-B6CB-EE433EDAB7BB}C:\smartcontrolbeta\resources\bin\smartcontrol.exe] => (Allow) C:\smartcontrolbeta\resources\bin\smartcontrol.exe (TOP VICTORY ELECTRONICS (TAIWAN) CO., LTD. -> SmartControl)
FirewallRules: [UDP Query User{3576EFF2-1D5A-43DB-AEAF-A9D792E32C4B}C:\smartcontrolbeta\resources\bin\smartcontrol.exe] => (Allow) C:\smartcontrolbeta\resources\bin\smartcontrol.exe (TOP VICTORY ELECTRONICS (TAIWAN) CO., LTD. -> SmartControl)
FirewallRules: [{F8771712-F442-4B54-B8F3-BC6F1577A2E0}] => (Block) C:\smartcontrolbeta\resources\bin\smartcontrol.exe (TOP VICTORY ELECTRONICS (TAIWAN) CO., LTD. -> SmartControl)
FirewallRules: [{CA588F1F-F70E-4AAE-B6E5-85BF8A0D86A0}] => (Block) C:\smartcontrolbeta\resources\bin\smartcontrol.exe (TOP VICTORY ELECTRONICS (TAIWAN) CO., LTD. -> SmartControl)
FirewallRules: [TCP Query User{5F982D04-E641-4BB3-BEF3-322572177EB2}C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe] => (Allow) C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe => No File
FirewallRules: [UDP Query User{2B3EB3E5-EC83-4E29-A085-1A064CE14323}C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe] => (Allow) C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe => No File
FirewallRules: [{FEFC1C74-9AFB-41BF-BF3D-599ECC56A1B1}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.2.3\ABService.exe => No File
FirewallRules: [{987CF1E5-FB7E-435D-AADE-811CC2243DDB}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.2.3\ABService.exe => No File
FirewallRules: [TCP Query User{32788506-80E6-47EF-8630-B3A2EF38DCBE}C:\smartcontrolbeta\smartcontrol.exe] => (Allow) C:\smartcontrolbeta\smartcontrol.exe (TOP VICTORY ELECTRONICS (TAIWAN) CO., LTD. -> Philips)
FirewallRules: [UDP Query User{3C32EEB1-60EC-4D21-A6E8-0904EE71E29D}C:\smartcontrolbeta\smartcontrol.exe] => (Allow) C:\smartcontrolbeta\smartcontrol.exe (TOP VICTORY ELECTRONICS (TAIWAN) CO., LTD. -> Philips)
FirewallRules: [{32F618C8-3B9F-448D-BF84-A43800850527}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\115.0.1901.188\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1183E78D-320A-47E2-8328-D19EEA07995A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.100.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B257794B-0D6B-43B7-8DD3-60983513FC43}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.100.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3CF96B61-8273-4E80-BEF7-F46649FB51F9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.100.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{19013423-861B-48DC-9CC0-C3FC849AC7FF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.100.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4686213E-1AFA-499F-8534-960146B059B8}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.3.0\ABService.exe (AOMEI International Network Limited -> AOMEI International Network Limited)
FirewallRules: [{E3FFAD60-7F8D-429B-807A-E52C0B746476}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.3.0\ABService.exe (AOMEI International Network Limited -> AOMEI International Network Limited)
FirewallRules: [{E92EF9C0-7D05-48AC-8CCD-3110784E8E64}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
Name: Řadič jednoduché komunikace pro sběrnici PCI
Description: Řadič jednoduché komunikace pro sběrnici PCI
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Intel(R) 82579LM Gigabit Network Connection
Description: Intel(R) 82579LM Gigabit Network Connection
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: e1i65x64
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (08/03/2023 04:15:32 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Windows\system32\srtasks.exe ExecuteScheduledSPPCreation; Popis = Naplánovaný kontrolní bod; Chyba = 0x80070422).
Error: (08/03/2023 03:53:24 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Wait Workflow Commands request from device.
Error: (08/03/2023 03:53:24 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Broadcast Receiver Server...
Error: (08/03/2023 03:53:24 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...
Error: (08/03/2023 03:53:24 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...
Error: (08/03/2023 03:53:24 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[3]: 10.0.0.123
Error: (08/03/2023 03:53:24 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[2]: 2a00
8398:4722:5bad:4661:b531:fde9Error: (08/03/2023 03:53:24 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[1]: 2a00
8398:4722:a16b:e6:6c17:bb4fSystem errors:
=============
Error: (08/03/2023 03:53:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SbieSvc neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (08/02/2023 08:22:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SbieSvc neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (08/02/2023 07:11:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SbieSvc neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (08/02/2023 07:11:55 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (15:19:05, 02.08.2023) bylo neočekávané.
Error: (08/02/2023 12:49:27 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-C14OP5N)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (08/01/2023 03:24:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SbieSvc neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (08/01/2023 11:04:03 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Publikování prostředků rozpoznávání funkcí byla ukončena s následující chybou:
%%2147952449 = Požadovaná adresa není v tomto kontextu platná.
Error: (08/01/2023 11:03:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SbieSvc neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Windows Defender:
================
Date: 2023-08-04 10:09:51
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {7AAD38ED-F714-49B3-AAD2-BEF08F08ACC0}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-07-25 21:03:14
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {95BC8C31-7E7B-421F-B9A0-C9455D4FDFB4}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-07-19 21:40:04
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Sonbokli.A!cl
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: containerfile:_E:\Stahy\Adobe Photoshop Lightroom Classic 2022.rar; file:_E:\Stahy\Adobe Photoshop Lightroom Classic 2022.rar->Adobe Photoshop Lightroom Classic 2022.ISO; webfile:_E:\Stahy\Adobe Photoshop Lightroom Classic 2022.rar|https://content-cache38.greencdn.eu/Ps; ... 1868450982
Původ detekce: Internet
Typ detekce: FastPath
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: DESKTOP-C14OP5N\Pavel
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.393.805.0, AS: 1.393.805.0, NIS: 1.393.805.0
Verze modulu: AM: 1.1.23060.1005, NIS: 1.1.23060.1005
Date: 2023-07-19 11:58:11
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {AC46F2AC-5B8E-48CD-BD64-CC8F5F756D8E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-06-19 13:20:08
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {3062A137-5D03-4BCF-BFC8-2E55269B5FD6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:
Date: 2023-05-13 13:09:41
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.
Date: 2023-05-11 15:48:43
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.
Date: 2023-05-02 15:49:04
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.
CodeIntegrity:
===============
Date: 2023-08-03 16:14:02
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-07-23 12:20:19
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 1502 03/02/2011
Motherboard: ASUSTeK Computer INC. P8P67 DELUXE
Processor: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz
Percentage of memory in use: 50%
Total physical RAM: 8168.86 MB
Available physical RAM: 4038.06 MB
Total Virtual: 9448.86 MB
Available Virtual: 5343.87 MB
==================== Drives ================================
Drive c: (SYSTEM) (Fixed) (Total:238.37 GB) (Free:183.76 GB) (Model: Samsung SSD 850 PRO 256GB) NTFS
Drive d: (LETISTE) (Fixed) (Total:1500 GB) (Free:562.82 GB) (Model: WDC WD20EARS-00MVWB0) NTFS
Drive e: (DATA) (Fixed) (Total:363.01 GB) (Free:344.82 GB) (Model: WDC WD20EARS-00MVWB0) NTFS
Drive z: (ZALOHA) (Fixed) (Total:2794.39 GB) (Free:872.02 GB) (Model: WDC WD30EZRX-00DC0B0) NTFS
\\?\Volume{9021aa33-0000-0000-0000-100000000000}\ (Rezervován) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 2794.5 GB) (Disk ID: AF866480)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: A66780F1)
Partition 1: (Not Active) - (Size=1500 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=363 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: 9021AA33)
Partition 1: (Active) - (Size=99 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238.4 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Re: Prosba o kontrolu
Uvědomil jsem si, že jsem omylem nespustil FRST jako správce. Je-li to problém, pošlu znova. Dík za trpělivost.
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosba o kontrolu
Není zač!
Otevřte poznámkový blok a zkopírujte do něj:
Otevřte poznámkový blok a zkopírujte do něj:
Uložte do Z:\Install-pokusy\Staré potřebné jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujteStart
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\RunOnce: [usbfltrb] => [X]
Task: {0B66A161-1A47-45CE-91A0-4738204F5121} - System32\Tasks\GoogleUpdateTaskMachineCore{499F99D5-B987-4596-95A3-6AEE8188564F} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-04-25] (Google LLC -> Google LLC)
Task: {C4446700-F145-4466-95D3-C1F4C88044C5} - System32\Tasks\GoogleUpdateTaskMachineUA{B06D96AC-614A-478A-9471-44B460E28F5A} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-04-25] (Google LLC -> Google LLC)
Task: {E21A6904-A4A9-42E5-8F52-DC013F4272BA} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => %ProgramFiles%\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe (No File)
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{B06D96AC-614A-478A-9471-44B460E28F5A}
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{499F99D5-B987-4596-95A3-6AEE8188564F}
C:\Users\Pavel\AppData\Local\Tajpi.ini
FirewallRules: [{B7FAE743-871E-4B41-9AAF-FFBE81C418DB}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.1\ABService.exe => No File
FirewallRules: [{A774F325-F932-4C7D-A165-F8DEFEAC67B6}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.1\ABService.exe => No File
FirewallRules: [{3D897735-7255-4DE9-B858-B4026F0CF37A}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.2.1\ABService.exe => No File
FirewallRules: [{C3825D6A-8526-43CD-ABF6-E3E39BCDFED6}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.2.1\ABService.exe => No File
FirewallRules: [{BF322442-9B1E-48EE-BE76-E03980851880}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.2.2\ABService.exe => No File
FirewallRules: [{4EE3FE40-AF32-45D5-98C5-16759B8EE39E}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.2.2\ABService.exe => No File
FirewallRules: [{529B7A04-0568-45BD-9B49-9D066D3546A3}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.2.3\ABService.exe => No File
FirewallRules: [{00497CA3-7328-4AA6-A164-F8BCE525470B}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.2.3\ABService.exe => No File
FirewallRules: [TCP Query User{5F982D04-E641-4BB3-BEF3-322572177EB2}C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe] => (Allow) C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe => No File
FirewallRules: [UDP Query User{2B3EB3E5-EC83-4E29-A085-1A064CE14323}C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe] => (Allow) C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe => No File
FirewallRules: [{FEFC1C74-9AFB-41BF-BF3D-599ECC56A1B1}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.2.3\ABService.exe => No File
FirewallRules: [{987CF1E5-FB7E-435D-AADE-811CC2243DDB}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.2.3\ABService.exe => No File
E:\Stahy\Adobe Photoshop Lightroom Classic 2022.rar
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosba o kontrolu
Děkuji. Tentokrát jsem FRST spustil jako správce. Tu je Fixlog.txt:
Fix result of Farbar Recovery Scan Tool (x64) Version: 01-08-2023
Ran by Pavel (04-08-2023 16:33:12) Run:1
Running from Z:\Install-pokusy\Staré potřebné
Loaded Profiles: Pavel
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\RunOnce: [usbfltrb] => [X]
Task: {0B66A161-1A47-45CE-91A0-4738204F5121} - System32\Tasks\GoogleUpdateTaskMachineCore{499F99D5-B987-4596-95A3-6AEE8188564F} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-04-25] (Google LLC -> Google LLC)
Task: {C4446700-F145-4466-95D3-C1F4C88044C5} - System32\Tasks\GoogleUpdateTaskMachineUA{B06D96AC-614A-478A-9471-44B460E28F5A} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-04-25] (Google LLC -> Google LLC)
Task: {E21A6904-A4A9-42E5-8F52-DC013F4272BA} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => %ProgramFiles%\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe (No File)
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{B06D96AC-614A-478A-9471-44B460E28F5A}
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{499F99D5-B987-4596-95A3-6AEE8188564F}
C:\Users\Pavel\AppData\Local\Tajpi.ini
FirewallRules: [{B7FAE743-871E-4B41-9AAF-FFBE81C418DB}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.1\ABService.exe => No File
FirewallRules: [{A774F325-F932-4C7D-A165-F8DEFEAC67B6}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.1\ABService.exe => No File
FirewallRules: [{3D897735-7255-4DE9-B858-B4026F0CF37A}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.2.1\ABService.exe => No File
FirewallRules: [{C3825D6A-8526-43CD-ABF6-E3E39BCDFED6}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.2.1\ABService.exe => No File
FirewallRules: [{BF322442-9B1E-48EE-BE76-E03980851880}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.2.2\ABService.exe => No File
FirewallRules: [{4EE3FE40-AF32-45D5-98C5-16759B8EE39E}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.2.2\ABService.exe => No File
FirewallRules: [{529B7A04-0568-45BD-9B49-9D066D3546A3}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.2.3\ABService.exe => No File
FirewallRules: [{00497CA3-7328-4AA6-A164-F8BCE525470B}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.2.3\ABService.exe => No File
FirewallRules: [TCP Query User{5F982D04-E641-4BB3-BEF3-322572177EB2}C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe] => (Allow) C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe => No File
FirewallRules: [UDP Query User{2B3EB3E5-EC83-4E29-A085-1A064CE14323}C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe] => (Allow) C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe => No File
FirewallRules: [{FEFC1C74-9AFB-41BF-BF3D-599ECC56A1B1}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.2.3\ABService.exe => No File
FirewallRules: [{987CF1E5-FB7E-435D-AADE-811CC2243DDB}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.2.3\ABService.exe => No File
E:\Stahy\Adobe Photoshop Lightroom Classic 2022.rar
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\usbfltrb" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0B66A161-1A47-45CE-91A0-4738204F5121}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B66A161-1A47-45CE-91A0-4738204F5121}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore{499F99D5-B987-4596-95A3-6AEE8188564F} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{499F99D5-B987-4596-95A3-6AEE8188564F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C4446700-F145-4466-95D3-C1F4C88044C5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C4446700-F145-4466-95D3-C1F4C88044C5}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA{B06D96AC-614A-478A-9471-44B460E28F5A} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA{B06D96AC-614A-478A-9471-44B460E28F5A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E21A6904-A4A9-42E5-8F52-DC013F4272BA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E21A6904-A4A9-42E5-8F52-DC013F4272BA}" => removed successfully
C:\Windows\System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office 15 Subscription Heartbeat" => removed successfully
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{B06D96AC-614A-478A-9471-44B460E28F5A}" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{499F99D5-B987-4596-95A3-6AEE8188564F}" => not found
C:\Users\Pavel\AppData\Local\Tajpi.ini => moved successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B7FAE743-871E-4B41-9AAF-FFBE81C418DB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A774F325-F932-4C7D-A165-F8DEFEAC67B6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3D897735-7255-4DE9-B858-B4026F0CF37A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C3825D6A-8526-43CD-ABF6-E3E39BCDFED6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BF322442-9B1E-48EE-BE76-E03980851880}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4EE3FE40-AF32-45D5-98C5-16759B8EE39E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{529B7A04-0568-45BD-9B49-9D066D3546A3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{00497CA3-7328-4AA6-A164-F8BCE525470B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5F982D04-E641-4BB3-BEF3-322572177EB2}C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2B3EB3E5-EC83-4E29-A085-1A064CE14323}C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FEFC1C74-9AFB-41BF-BF3D-599ECC56A1B1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{987CF1E5-FB7E-435D-AADE-811CC2243DDB}" => removed successfully
"E:\Stahy\Adobe Photoshop Lightroom Classic 2022.rar" => not found
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1048576 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 57306075 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 1939720 B
Edge => 0 B
Chrome => 811508468 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 189335 B
NetworkService => 260257 B
Pavel => 730281886 B
RecycleBin => 0 B
EmptyTemp: => 1.5 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 16:33:37 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 01-08-2023
Ran by Pavel (04-08-2023 16:33:12) Run:1
Running from Z:\Install-pokusy\Staré potřebné
Loaded Profiles: Pavel
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\RunOnce: [usbfltrb] => [X]
Task: {0B66A161-1A47-45CE-91A0-4738204F5121} - System32\Tasks\GoogleUpdateTaskMachineCore{499F99D5-B987-4596-95A3-6AEE8188564F} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-04-25] (Google LLC -> Google LLC)
Task: {C4446700-F145-4466-95D3-C1F4C88044C5} - System32\Tasks\GoogleUpdateTaskMachineUA{B06D96AC-614A-478A-9471-44B460E28F5A} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-04-25] (Google LLC -> Google LLC)
Task: {E21A6904-A4A9-42E5-8F52-DC013F4272BA} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => %ProgramFiles%\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe (No File)
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{B06D96AC-614A-478A-9471-44B460E28F5A}
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{499F99D5-B987-4596-95A3-6AEE8188564F}
C:\Users\Pavel\AppData\Local\Tajpi.ini
FirewallRules: [{B7FAE743-871E-4B41-9AAF-FFBE81C418DB}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.1\ABService.exe => No File
FirewallRules: [{A774F325-F932-4C7D-A165-F8DEFEAC67B6}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.1\ABService.exe => No File
FirewallRules: [{3D897735-7255-4DE9-B858-B4026F0CF37A}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.2.1\ABService.exe => No File
FirewallRules: [{C3825D6A-8526-43CD-ABF6-E3E39BCDFED6}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.2.1\ABService.exe => No File
FirewallRules: [{BF322442-9B1E-48EE-BE76-E03980851880}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.2.2\ABService.exe => No File
FirewallRules: [{4EE3FE40-AF32-45D5-98C5-16759B8EE39E}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.2.2\ABService.exe => No File
FirewallRules: [{529B7A04-0568-45BD-9B49-9D066D3546A3}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.2.3\ABService.exe => No File
FirewallRules: [{00497CA3-7328-4AA6-A164-F8BCE525470B}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.2.3\ABService.exe => No File
FirewallRules: [TCP Query User{5F982D04-E641-4BB3-BEF3-322572177EB2}C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe] => (Allow) C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe => No File
FirewallRules: [UDP Query User{2B3EB3E5-EC83-4E29-A085-1A064CE14323}C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe] => (Allow) C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe => No File
FirewallRules: [{FEFC1C74-9AFB-41BF-BF3D-599ECC56A1B1}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.2.3\ABService.exe => No File
FirewallRules: [{987CF1E5-FB7E-435D-AADE-811CC2243DDB}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.2.3\ABService.exe => No File
E:\Stahy\Adobe Photoshop Lightroom Classic 2022.rar
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\usbfltrb" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0B66A161-1A47-45CE-91A0-4738204F5121}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B66A161-1A47-45CE-91A0-4738204F5121}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore{499F99D5-B987-4596-95A3-6AEE8188564F} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{499F99D5-B987-4596-95A3-6AEE8188564F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C4446700-F145-4466-95D3-C1F4C88044C5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C4446700-F145-4466-95D3-C1F4C88044C5}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA{B06D96AC-614A-478A-9471-44B460E28F5A} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA{B06D96AC-614A-478A-9471-44B460E28F5A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E21A6904-A4A9-42E5-8F52-DC013F4272BA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E21A6904-A4A9-42E5-8F52-DC013F4272BA}" => removed successfully
C:\Windows\System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office 15 Subscription Heartbeat" => removed successfully
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{B06D96AC-614A-478A-9471-44B460E28F5A}" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{499F99D5-B987-4596-95A3-6AEE8188564F}" => not found
C:\Users\Pavel\AppData\Local\Tajpi.ini => moved successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B7FAE743-871E-4B41-9AAF-FFBE81C418DB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A774F325-F932-4C7D-A165-F8DEFEAC67B6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3D897735-7255-4DE9-B858-B4026F0CF37A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C3825D6A-8526-43CD-ABF6-E3E39BCDFED6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BF322442-9B1E-48EE-BE76-E03980851880}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4EE3FE40-AF32-45D5-98C5-16759B8EE39E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{529B7A04-0568-45BD-9B49-9D066D3546A3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{00497CA3-7328-4AA6-A164-F8BCE525470B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5F982D04-E641-4BB3-BEF3-322572177EB2}C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2B3EB3E5-EC83-4E29-A085-1A064CE14323}C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FEFC1C74-9AFB-41BF-BF3D-599ECC56A1B1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{987CF1E5-FB7E-435D-AADE-811CC2243DDB}" => removed successfully
"E:\Stahy\Adobe Photoshop Lightroom Classic 2022.rar" => not found
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1048576 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 57306075 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 1939720 B
Edge => 0 B
Chrome => 811508468 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 189335 B
NetworkService => 260257 B
Pavel => 730281886 B
RecycleBin => 0 B
EmptyTemp: => 1.5 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 16:33:37 ====
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosba o kontrolu
Smazáno, log již bude OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosba o kontrolu
Tedy to mám za vyřešené, ještě jednou velký dík.
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosba o kontrolu
Ano a nemáte zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?