Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Ztrácí se focus z oken a po startu vyskakuje CMD

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Cizap
Návštěvník
Návštěvník
Příspěvky: 73
Registrován: 07 dub 2014 11:56

Ztrácí se focus z oken a po startu vyskakuje CMD

#1 Příspěvek od Cizap »

Ahoj,
v poslední době se mi děje tato nepříjemná věc, že se mi ztrácí focus z oken, na kterých jsem. Například píšu v textovém editoru a najedou přestanu psát, musím opět kliknout do okna, abych psal dál nebo koukám na video, za nějaký čas zmáčknu mezerník, abych ho stopl a nestopne se, musím opět kliknout do okna a pak zas reaguje. Děje se to v každém programu, jako bych dal alt + tab. Dnes jsem si všiml že po restartu PC vyskočí asi 3 nebo 4 okna příkazového řádku a hned se zavřou, nato se otevře prohlížeč Edge, i když není výchozí a opět se hned zavře. Minulý týden, jsem se připojil na neznámou wifi a nainstaloval emulator Bluestack X (ne z té wifi, stažen byl jinde), pak už si nevybavuji, že bych udělal něco, co by to mohlo způsobit.

Děkuji předem za kontrolu!


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-07-2023
Ran by Lenovo (administrator) on DESKTOP-D7P1O08 (LENOVO 20LJS3A100) (31-07-2023 20:33:45)
Running from C:\Moje\viry\FRST64.exe
Loaded Profiles: Lenovo & SQLTELEMETRY$WINMED2 & MSSQL$WINMED2
Platform: Microsoft Windows 10 Pro Version 22H2 19045.3208 (X64) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Users\Lenovo\AppData\Local\ypsx_cloud_v2\wdcloud_v2.exe
(C:\Program Files\Sublime Text\sublime_text.exe ->) (Sublime HQ Pty Ltd -> ) C:\Program Files\Sublime Text\plugin_host-3.3.exe
(C:\Program Files\Sublime Text\sublime_text.exe ->) (Sublime HQ Pty Ltd -> ) C:\Program Files\Sublime Text\plugin_host-3.8.exe
(C:\Users\Lenovo\AppData\Local\Programs\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\Lenovo\AppData\Local\Programs\Opera\100.0.4815.76\opera_crashreporter.exe
(cmd.exe ->) (Lenovo (Beijing) Limited -> Lenovo Group Limited) C:\Users\Lenovo\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
(Conexant Systems LLC -> Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(Conexant Systems LLC -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Discord Inc. -> Discord Inc.) C:\Users\Lenovo\AppData\Local\Discord\app-1.0.9015\Discord.exe <6>
(DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\tphkload.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FNCC3C~1.INF\driver\shtctky.exe
(DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\tphkload.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FNCC3C~1.INF\driver\tposd.exe
(DriverStore\FileRepository\igdlh64.inf_amd64_f694c3678cca2be0\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_f694c3678cca2be0\igfxEM.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <17>
(explorer.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3403.0_x64__kzf8qxf38zg5c\Skype\Skype.exe <6>
(explorer.exe ->) (Sublime HQ Pty Ltd -> Sublime HQ Pty Ltd) C:\Program Files\Sublime Text\sublime_text.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\23.142.0709.0001\Microsoft.SharePoint.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Opera Norway AS -> Opera Software) C:\Users\Lenovo\AppData\Local\Programs\Opera\opera.exe <29>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Conexant Systems LLC -> Conexant Systems, Inc.) C:\Windows\System32\CxUIUSvc32.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\SAII\CxUtilSvc.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_f694c3678cca2be0\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_f694c3678cca2be0\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_f694c3678cca2be0\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_b117548b2e075ba1\aesm_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\SocketHeciServer.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_f222132bfa8270de\RstMwService.exe
(services.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\tphkload.exe
(services.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\SysWOW64\EasyResume.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_02d728b29c6492d3\x64\ibmpmsvc.exe
(services.exe ->) (Lenovo -> Lenovo.) C:\Windows\System32\LITSSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL15.WINMED2\MSSQL\Binn\sqlceip.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL15.WINMED2\MSSQL\Binn\sqlservr.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\NisSrv.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Wacom Co., Ltd. -> Wacom Technology, Corp.) C:\Windows\System32\DriverStore\FileRepository\wtabletserviceisd.inf_amd64_e6fcc557ac12c616\WTabletServiceISD.exe <2>
(svchost.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_f694c3678cca2be0\igfxext.exe
(svchost.exe ->) (Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21514.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21514.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.3261.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.3261.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2305.4.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-1431687685-2443868726-21383991-1001\...\Run: [btweb] => "C:\Users\Lenovo\AppData\Roaming\BitTorrent Web\btweb.exe" /MINIMIZED (No File)
HKU\S-1-5-21-1431687685-2443868726-21383991-1001\...\Run: [Discord] => C:\Users\Lenovo\AppData\Local\Discord\Update.exe [1525016 2022-12-09] (Discord Inc. -> GitHub)
HKU\S-1-5-21-1431687685-2443868726-21383991-1001\...\Run: [Opera Browser Assistant] => C:\Users\Lenovo\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3955608 2023-06-20] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-1431687685-2443868726-21383991-1001\...\Run: [MicrosoftEdgeAutoLaunch_5EF70F99B4529735F3564FFE246DB961] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4088256 2023-07-27] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon MP250 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9W.DLL [28672 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\hpzpplhn: C:\Windows\System32\spool\prtprocs\x64\hpzpplhn.dll [109288 2018-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP250 series: C:\Windows\system32\CNMLM9W.DLL [336896 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {70F1E981-BF42-4A97-A3DB-9865EB8CF8D9} - System32\Tasks\01-Pondělí Záloha WinMed_R => C:\WinMed2\BACKUP\01-WinMed2.bat [307 2023-01-03] () [File not signed]
Task: {CFFAA2E8-D3EF-4BF5-BC9C-A68F729E3789} - System32\Tasks\02-Úterý Záloha WinMed_R => C:\WinMed2\BACKUP\02-WinMed2.bat [303 2023-01-03] () [File not signed]
Task: {00A65FB0-BA39-4946-8A7C-768770F1489B} - System32\Tasks\03-Středa Záloha WinMed_R => C:\WinMed2\BACKUP\03-WinMed2.bat [305 2023-01-03] () [File not signed]
Task: {04B8F18A-88DF-481B-B8A6-7DA5C2E598FD} - System32\Tasks\04-Čtvrtek Záloha WinMed_R => C:\WinMed2\BACKUP\04-WinMed2.bat [307 2023-01-03] () [File not signed]
Task: {9E458EEB-8981-496A-84E4-F48EF30E0873} - System32\Tasks\05-Pátek Záloha WinMed_R => C:\WinMed2\BACKUP\05-WinMed2.bat [303 2023-01-03] () [File not signed]
Task: {6AF672BA-C920-4DD3-B06F-77DA42C891C2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {A344DB02-F789-45FA-AB87-004B19A13CFD} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [227888 ] (Key for TBT Legacy Driver -> Intel Corporation)
Task: {D6BC4EC6-2B7F-43DF-896F-34338E2A4B1C} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [227888 ] (Key for TBT Legacy Driver -> Intel Corporation)
Task: {C3D7D8DC-147E-4555-9124-A61B5733B179} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [227888 ] (Key for TBT Legacy Driver -> Intel Corporation)
Task: {956200D9-4BB7-4975-8C0B-8AE23305F2DA} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2311216 ] (Key for TBT Legacy Driver -> Intel Corporation)
Task: {0B60BBCD-A564-4541-97A6-2DDBDFC3D4C5} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => C:\Windows\system32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> start ThunderboltService
Task: {64327FED-F7B1-4292-8CD5-1E7F4AED1DF7} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1431687685-2443868726-21383991-1001 => C:\Users\Lenovo\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [89096 2023-04-10] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {A4924E12-1DAD-43D6-9376-D76B6B180A1E} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [129016 2022-12-05] (Lenovo -> Lenovo)
Task: {17392E35-57BC-4421-A7B5-824F40BC7D64} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\Windows\SysWOW64\PowerMgrInst.exe [64984 2022-05-17] (Lenovo -> )
Task: {E3D3A575-6288-46AA-9147-7CE951498FEF} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [253368 2023-05-19] (Microsoft Corporation -> Microsoft)
Task: {2755D9AE-4021-403A-8AC5-5E44536F4D64} - System32\Tasks\Microsoft\Windows\Conexant\AFA => C:\Program Files\CONEXANT\cAudioFilterAgent\SACpl.exe [1823232 2016-07-05] (Conexant Systems, Inc.) [File not signed]
Task: {E92AF59E-E65B-42AE-B3F7-E9210D1E5733} - System32\Tasks\Microsoft\Windows\Conexant\SA2 => C:\Program Files\CONEXANT\SAII\SACpl.exe [1832280 2017-06-07] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
Task: {9F996B00-58DF-4F8D-A9E5-526C8539F048} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MpCmdRun.exe [1649976 2023-07-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F93938D3-AD97-42E5-AA68-0C709309CFF2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MpCmdRun.exe [1649976 2023-07-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {91B0EC0F-0809-42AD-ACA7-02C27983506E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MpCmdRun.exe [1649976 2023-07-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {26E639E0-7810-45A4-99F5-A7CAFEDEB349} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MpCmdRun.exe [1649976 2023-07-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {533DAE8A-0AEF-4E2B-B8DE-04AF597EF7BA} - System32\Tasks\Opera scheduled assistant Autoupdate 1671663169 => C:\Users\Lenovo\AppData\Local\Programs\Opera\launcher.exe [2717592 2023-07-17] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Lenovo\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {7BFA0B6B-AB18-4265-BD1F-CA7133E5A314} - System32\Tasks\Opera scheduled Autoupdate 1671663161 => C:\Users\Lenovo\AppData\Local\Programs\Opera\launcher.exe [2717592 2023-07-17] (Opera Norway AS -> Opera Software)
Task: {CE9E4C37-2FA8-43D4-B25A-23B5FD42D752} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1900320 2023-01-19] (Lenovo -> )
Task: {5E776BF0-92FE-4306-850D-D9D9B9532B9D} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1900320 2023-01-19] (Lenovo -> )
Task: {95D0F82A-EA02-4CF2-956D-020A7B84F7CE} - System32\Tasks\WDNA => C:\Users\Lenovo\AppData\Local\CDContent\rhc.exe [1536 2023-03-06] () [File not signed] -> php.exe index.php <==== ATTENTION
Task: {61800391-466E-4E3C-9581-99FA51EF7917} - System32\Tasks\WDNA_LG => Command(1): rhc.exe -> php.exe include.php <==== ATTENTION
Task: {61800391-466E-4E3C-9581-99FA51EF7917} - System32\Tasks\WDNA_LG => Command(2): rhc.exe -> php.exe index.php <==== ATTENTION
Task: {CE0FA19A-A5B4-4F7E-8DA6-2753849B417F} - System32\Tasks\wupdatecloud => C:\Users\Lenovo\AppData\Local\wupdater_cloud\rhc.exe [1536 2023-03-06] () [File not signed] -> php.exe index.php <==== ATTENTION
Task: {98D9B12A-DD48-4EE6-A99B-5D9E68B218DD} - System32\Tasks\wupdatecloud_LG => Command(1): rhc.exe -> php.exe include.php <==== ATTENTION
Task: {98D9B12A-DD48-4EE6-A99B-5D9E68B218DD} - System32\Tasks\wupdatecloud_LG => Command(2): rhc.exe -> php.exe index.php <==== ATTENTION
Task: {74BFE56F-7B89-4570-B0DA-9E33D62BD31C} - System32\Tasks\YTPX Cloud LG => C:\Users\Lenovo\AppData\Local\ypsx_cloud_v2\rhc.exe [1536 2023-07-20] () [File not signed] -> wdcloud_v2.exe <==== ATTENTION
Task: {25F00437-5B09-4C84-BE99-0DDAAFBE2E51} - System32\Tasks\zends-et => C:\Users\Lenovo\AppData\Local\wtraff_cloud\rhc.exe [1536 2023-05-07] () [File not signed] -> php.exe index.php <==== ATTENTION
Task: {2B00130B-AB4F-4ADA-8DD0-BF8D778A4ED5} - System32\Tasks\zends-et-LG => Command(1): rhc.exe -> php.exe include.php <==== ATTENTION
Task: {2B00130B-AB4F-4ADA-8DD0-BF8D778A4ED5} - System32\Tasks\zends-et-LG => Command(2): rhc.exe -> php.exe index.php <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{1fa6cfb4-ad34-4b31-a137-a0d084dbbc6d}: [DhcpNameServer] 192.168.0.1 0.0.0.0

Edge:
=======
Edge Profile: C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default [2023-07-31]
Edge Session Restore: Default -> is enabled.
Edge Extension: (Edge relevant text changes) - C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-07-25]

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-07-03] (Adobe Inc. -> Adobe Systems Inc.)

Opera:
=======
OPR Profile: C:\Users\Lenovo\AppData\Roaming\Opera Software\Opera Stable [2023-07-31]
OPR Notifications: Opera Stable -> hxxps://calendar.google.com; hxxps://uuapp.plus4u.net
OPR DefaultSearchURL: Opera Stable -> hxxps://www.google.com/search?client=opera&q={s ... utEncoding}
OPR DefaultSearchKeyword: Opera Stable -> g
OPR Session Restore: Opera Stable -> is enabled.
OPR Extension: (Session Buddy) - C:\Users\Lenovo\AppData\Roaming\Opera Software\Opera Stable\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2023-07-26]
OPR Extension: (Rich Hints Agent) - C:\Users\Lenovo\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-07-07]
OPR Extension: (Opera Wallet) - C:\Users\Lenovo\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-07-07]
OPR Extension: (Aria) - C:\Users\Lenovo\AppData\Roaming\Opera Software\Opera Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm [2023-07-31]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Lenovo\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-12-22]
OPR Extension: (Google Překladač) - C:\Users\Lenovo\AppData\Roaming\Opera Software\Opera Stable\Extensions\mchdgimobfnilobnllpdnompfjkkfdmi [2023-07-07]
OPR Extension: (opera-intro) - C:\Users\Lenovo\AppData\Local\Programs\Opera\100.0.4815.76\resources\opera_intro_extension [2023-07-26]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
R2 AzureAttestService; C:\Program Files\Microsoft\AzureAttestService\AzureAttestService.dll [151288 2019-07-24] (Microsoft Windows -> Microsoft Corporation)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-05-01] (Epic Games Inc. -> Epic Games, Inc.)
R2 IBMPMSVC; C:\Windows\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_02d728b29c6492d3\x64\ibmpmsvc.exe [850936 2022-11-24] (Lenovo -> Lenovo)
R2 Lenovo Instant On; C:\Windows\SysWOW64\EasyResume.exe [2352368 2022-05-17] (Lenovo -> Lenovo Group Limited)
R2 LITSSVC; C:\Windows\System32\LITSSvc.exe [1260488 2023-01-17] (Lenovo -> Lenovo.)
S2 LPlatSvc; C:\Windows\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_02d728b29c6492d3\x64\LPlatSvc.exe [906232 2022-11-24] (Lenovo -> Lenovo)
R2 MSSQL$WINMED2; C:\Program Files\Microsoft SQL Server\MSSQL15.WINMED2\MSSQL\Binn\sqlservr.exe [624544 2023-01-23] (Microsoft Corporation -> Microsoft Corporation)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [69864 2018-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402216 2023-07-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 SQLAgent$WINMED2; C:\Program Files\Microsoft SQL Server\MSSQL15.WINMED2\MSSQL\Binn\SQLAGENT.EXE [690120 2023-01-23] (Microsoft Corporation -> Microsoft Corporation)
R2 SQLTELEMETRY$WINMED2; C:\Program Files\Microsoft SQL Server\MSSQL15.WINMED2\MSSQL\Binn\sqlceip.exe [284616 2023-01-23] (Microsoft Corporation -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [16518456 2022-12-12] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 TPHKLOAD; C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\TPHKLOAD.exe [473760 2021-10-22] (Lenovo -> Lenovo Group Limited)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [142304 2022-06-01] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\NisSrv.exe [3244928 2023-07-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MsMpEng.exe [133576 2023-07-25] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 IBMPMDRV; C:\Windows\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_02d728b29c6492d3\x64\ibmpmdrv.sys [53240 2022-11-24] (Lenovo -> Lenovo)
R3 MpKsld0f384ef; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{53D7293D-0215-4604-8742-D7808349B98E}\MpKslDrv.sys [221480 2023-07-31] (Microsoft Windows -> Microsoft Corporation)
R1 PMDRVS; C:\Windows\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_02d728b29c6492d3\x64\pmdrvs.sys [38904 2022-11-24] (Lenovo -> Lenovo)
S4 RsFx0600; C:\Windows\System32\DRIVERS\RsFx0600.sys [286976 2019-09-24] (Microsoft Corporation -> Microsoft Corporation)
R3 rtump64x64; C:\Windows\System32\drivers\rtump64x64.sys [1238360 2023-05-10] (Realtek Semiconductor Corp. -> Realtek Corporation)
R3 WacHIDRouterISDU; C:\Windows\System32\drivers\WacHIDRouterISDU.sys [136952 2022-04-21] (Wacom Co., Ltd. -> Wacom Technology, Corp.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49600 2023-07-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [498944 2023-07-25] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99608 2023-07-25] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-07-31 20:33 - 2023-07-31 20:34 - 000000000 ____D C:\FRST
2023-07-31 16:14 - 2023-07-31 16:14 - 000000000 ____D C:\Users\Lenovo\Downloads\Štern
2023-07-31 16:13 - 2023-07-31 16:13 - 000002531 _____ C:\Users\Lenovo\Downloads\Štern.zip
2023-07-31 13:35 - 2023-07-31 13:35 - 000000000 ____D C:\Users\Lenovo\Downloads\Master_31.7.2023
2023-07-31 13:19 - 2023-07-31 13:19 - 048507273 _____ C:\Users\Lenovo\Downloads\Master_31.7.2023.zip
2023-07-31 13:18 - 2023-07-31 13:18 - 000001721 _____ C:\Users\Lenovo\Downloads\TDL002006.sql
2023-07-31 09:03 - 2023-07-31 09:03 - 000000244 _____ C:\Users\Lenovo\Downloads\cis720-ozd-typ.zip
2023-07-31 09:03 - 2023-07-31 09:03 - 000000000 ____D C:\Users\Lenovo\Downloads\cis720-ozd-typ
2023-07-31 09:02 - 2023-07-31 09:02 - 000000176 _____ C:\Users\Lenovo\Downloads\ciselnik-ozd-typ-771-1-1-2011.zip
2023-07-31 09:02 - 2023-07-31 09:02 - 000000000 ____D C:\Users\Lenovo\Downloads\ciselnik-ozd-typ-771-1-1-2011
2023-07-25 18:14 - 2023-07-25 18:50 - 187331519 _____ C:\Users\Lenovo\Downloads\Hand Spearing Monster Crab Catch n Cook.mp4
2023-07-25 18:13 - 2023-07-25 18:44 - 175945624 _____ C:\Users\Lenovo\Downloads\24hrs Alone on this Sand Island.mp4
2023-07-25 18:12 - 2023-07-25 18:36 - 323138529 _____ C:\Users\Lenovo\Downloads\Island Survival Challenge!.mp4
2023-07-25 18:07 - 2023-07-25 18:25 - 488864807 _____ C:\Users\Lenovo\Downloads\6 Days. Taking No Knife, Food, & Fire. 🛖.mp4
2023-07-23 18:54 - 2023-07-23 18:54 - 000000000 ____D C:\Users\Lenovo\Downloads\Master_13.7.2023 (1)
2023-07-23 18:50 - 2023-07-23 18:53 - 048477788 _____ C:\Users\Lenovo\Downloads\Master_13.7.2023 (1).zip
2023-07-21 15:18 - 2023-07-21 15:19 - 018396935 _____ C:\ProgramData\Pie64_5.12.108.1002.exe.tmp
2023-07-21 15:18 - 2023-07-21 15:18 - 000002000 _____ C:\Users\Public\Desktop\BlueStacks X.lnk
2023-07-21 15:18 - 2023-07-21 15:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks X
2023-07-21 15:18 - 2023-07-21 15:18 - 000000000 ____D C:\Program Files (x86)\BlueStacks X
2023-07-21 15:03 - 2023-07-21 15:19 - 000000000 ____D C:\Users\Lenovo\AppData\Local\BlueStacksSetup
2023-07-21 15:03 - 2023-07-21 15:03 - 000000000 ____D C:\Users\Public\BlueStacks
2023-07-21 15:03 - 2023-07-21 15:03 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Bluestacks
2023-07-20 22:23 - 2023-07-20 22:23 - 000003388 _____ C:\Windows\system32\Tasks\YTPX Cloud LG
2023-07-20 22:23 - 2023-07-20 22:23 - 000000000 ____D C:\Users\Lenovo\AppData\Local\ypsx_cloud_v2
2023-07-13 12:20 - 2023-07-13 12:20 - 000000585 _____ C:\Users\Lenovo\Downloads\zadanky_11.07.23.txt
2023-07-13 10:14 - 2023-07-13 10:14 - 048477788 _____ C:\Users\Lenovo\Downloads\Master_13.7.2023.zip
2023-07-12 08:37 - 2023-07-12 08:37 - 000000000 ___HD C:\$WinREAgent
2023-07-10 19:44 - 2023-07-10 19:44 - 000000000 ____D C:\Users\Lenovo\Desktop\resources
2023-07-10 15:25 - 2023-07-10 15:25 - 000000736 _____ C:\Users\Lenovo\Downloads\TDC000280.sql
2023-07-10 12:47 - 2023-07-10 12:47 - 004389133 _____ C:\Users\Lenovo\Downloads\registrace_2023_06_29_2200.zip
2023-07-09 17:07 - 2023-07-09 17:07 - 000001096 _____ C:\Users\Lenovo\Desktop\Gyroflow.exe – zástupce.lnk
2023-07-09 17:00 - 2023-07-09 17:00 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Gyroflow
2023-07-09 17:00 - 2023-07-09 17:00 - 000000000 ____D C:\Gyroflow-windows64
2023-07-09 16:59 - 2023-07-09 16:59 - 040121518 _____ C:\Users\Lenovo\Downloads\Gyroflow-windows64.zip
2023-07-04 14:53 - 2023-07-04 14:58 - 943497978 _____ C:\Users\Lenovo\Downloads\SQL2022.ZIP
2023-07-04 14:16 - 2023-07-04 14:16 - 048515820 _____ C:\Users\Lenovo\Downloads\Master_4.7.2023.zip
2023-07-03 08:39 - 2023-01-17 12:39 - 000043927 _____ C:\Users\Lenovo\Downloads\Mapovani_SQL.csv
2023-07-02 10:36 - 2023-07-02 11:47 - 000000000 ____D C:\TEMP
2023-07-02 09:56 - 2023-07-02 09:56 - 000001043 _____ C:\Users\Lenovo\Desktop\IrfanView 64.lnk
2023-07-02 09:56 - 2023-07-02 09:56 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2023-07-02 09:56 - 2023-07-02 09:56 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\IrfanView
2023-07-02 09:56 - 2023-07-02 09:56 - 000000000 ____D C:\Program Files\IrfanView

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-07-31 20:32 - 2022-12-22 15:57 - 000000000 ____D C:\Moje
2023-07-31 20:27 - 2022-12-26 15:25 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Discord
2023-07-31 20:27 - 2022-12-20 10:03 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-07-31 16:40 - 2023-01-02 16:57 - 000000000 ____D C:\WinMed2
2023-07-31 16:40 - 2022-12-26 15:21 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Access
2023-07-31 16:40 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-07-31 14:39 - 2023-01-18 11:04 - 001388432 _____ C:\Users\Public\VOIP.dat
2023-07-31 14:35 - 2022-12-20 11:12 - 002027778 _____ C:\Windows\system32\PerfStringBackup.INI
2023-07-31 14:35 - 2019-12-07 16:43 - 000835774 _____ C:\Windows\system32\perfh005.dat
2023-07-31 14:35 - 2019-12-07 16:43 - 000193304 _____ C:\Windows\system32\perfc005.dat
2023-07-31 14:35 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2023-07-31 14:29 - 2022-12-21 22:01 - 000000000 ____D C:\Users\Lenovo\AppData\Local\D3DSCache
2023-07-31 14:28 - 2022-12-26 15:25 - 000002232 _____ C:\Users\Lenovo\Desktop\Discord.lnk
2023-07-31 14:28 - 2022-12-26 15:25 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\discord
2023-07-31 14:27 - 2023-05-09 08:36 - 000003840 _____ C:\Windows\system32\Tasks\wupdatecloud
2023-07-31 14:27 - 2023-05-09 08:36 - 000003820 _____ C:\Windows\system32\Tasks\zends-et
2023-07-31 14:27 - 2023-04-11 20:25 - 000003798 _____ C:\Windows\system32\Tasks\WDNA
2023-07-31 14:27 - 2023-01-01 18:14 - 000000000 ____D C:\Program Files\TeamViewer
2023-07-31 14:27 - 2022-12-20 11:36 - 000000000 __SHD C:\Users\Lenovo\IntelGraphicsProfiles
2023-07-31 14:27 - 2022-12-20 11:36 - 000000000 ____D C:\Intel
2023-07-31 14:27 - 2022-12-20 10:03 - 000008192 ___SH C:\DumpStack.log.tmp
2023-07-31 14:27 - 2022-12-20 10:03 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-07-31 14:27 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-07-31 14:27 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2023-07-31 14:27 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2023-07-31 14:26 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2023-07-31 11:23 - 2023-05-01 20:18 - 000000885 _____ C:\Users\Lenovo\Desktop\peníze.txt
2023-07-30 18:28 - 2023-02-11 00:01 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\vlc
2023-07-30 18:09 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\LiveKernelReports
2023-07-30 17:18 - 2023-05-09 08:36 - 000000000 ____D C:\Users\Lenovo\AppData\Local\wupdater_cloud
2023-07-30 15:52 - 2022-12-20 11:09 - 000003584 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1431687685-2443868726-21383991-1001
2023-07-30 15:52 - 2022-12-20 11:09 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1431687685-2443868726-21383991-1001
2023-07-30 15:52 - 2022-12-20 10:07 - 000002380 _____ C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-07-30 15:50 - 2022-12-20 10:03 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-07-28 09:41 - 2022-12-20 11:20 - 000918960 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2023-07-26 22:29 - 2023-03-19 15:46 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Kodi
2023-07-26 17:09 - 2023-03-19 17:14 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\.minecraft
2023-07-26 17:04 - 2022-12-22 00:52 - 000004214 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1671663161
2023-07-26 17:04 - 2022-12-22 00:52 - 000001408 _____ C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2023-07-25 17:13 - 2022-12-20 10:03 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-07-21 14:28 - 2022-12-20 10:07 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Packages
2023-07-21 14:17 - 2023-03-19 17:13 - 000000000 ____D C:\XboxGames
2023-07-21 14:17 - 2022-12-20 10:08 - 000000000 ____D C:\ProgramData\Packages
2023-07-21 14:15 - 2022-12-20 11:10 - 000000000 ____D C:\Users\Lenovo\AppData\Local\PlaceholderTileLogoFolder
2023-07-20 08:49 - 2023-01-06 12:11 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\CLView
2023-07-13 11:37 - 2022-12-22 16:19 - 000000000 ____D C:\MASTER Winmed2
2023-07-12 16:30 - 2022-12-20 10:03 - 000370184 _____ C:\Windows\system32\FNTCACHE.DAT
2023-07-12 16:29 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-07-12 16:29 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-07-12 16:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2023-07-12 16:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2023-07-12 16:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup
2023-07-12 16:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2023-07-12 16:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2023-07-12 16:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2023-07-12 15:01 - 2023-01-24 22:59 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-07-12 15:01 - 2023-01-24 20:49 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2023-07-12 08:45 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2023-07-12 08:42 - 2022-12-20 10:07 - 003015168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-07-12 08:08 - 2022-12-20 11:11 - 000000000 ____D C:\Windows\system32\MRT
2023-07-12 08:06 - 2022-12-20 11:11 - 173351160 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-07-11 12:56 - 2023-01-05 16:56 - 000000000 ____D C:\Registrace_Vyvoj
2023-07-10 12:48 - 2023-01-05 17:20 - 000000000 ____D C:\MASTER Registrace
2023-07-06 10:12 - 2022-12-20 10:03 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-07-06 10:12 - 2022-12-20 10:03 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-07-03 17:00 - 2022-12-20 10:07 - 000000000 ____D C:\Users\Lenovo
2023-07-03 12:14 - 2022-12-25 18:15 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Word
2023-07-03 12:14 - 2022-12-25 18:15 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Šablony

==================== Files in the root of some directories ========

2023-01-18 11:04 - 2023-07-31 14:39 - 001388432 _____ () C:\Users\Public\VOIP.dat
2022-12-25 17:52 - 2022-12-25 17:52 - 000000128 ____H () C:\Users\Lenovo\AppData\Roaming\ecf00c38dc807e105d881c433a6b455dd2c606b6
2023-01-03 10:29 - 2023-01-03 10:30 - 000000600 _____ () C:\Users\Lenovo\AppData\Roaming\winscp.rnd
2023-01-18 21:07 - 2023-01-18 21:07 - 000007603 _____ () C:\Users\Lenovo\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================










Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-07-2023
Ran by Lenovo (31-07-2023 20:35:11)
Running from C:\Moje\viry
Microsoft Windows 10 Pro Version 22H2 19045.3208 (X64) (2022-12-20 08:05:41)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1431687685-2443868726-21383991-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1431687685-2443868726-21383991-503 - Limited - Disabled)
Guest (S-1-5-21-1431687685-2443868726-21383991-501 - Limited - Disabled)
Lenovo (S-1-5-21-1431687685-2443868726-21383991-1001 - Administrator - Enabled) => C:\Users\Lenovo
WDAGUtilityAccount (S-1-5-21-1431687685-2443868726-21383991-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 23.003.20244 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Autodesk Fusion 360 (HKU\S-1-5-21-1431687685-2443868726-21383991-1001\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.15050 - Autodesk, Inc.)
Azure Data Studio (HKLM\...\{6591F69E-6588-4980-81ED-C8FCBD7EC4B8}_is1) (Version: 1.28.0 - Microsoft Corporation)
Balíček ovladače systému Windows - Silicon Laboratories Inc. (silabser) Ports (05/23/2018 6.7.6.2130) (HKLM\...\C9C3E5CCB43EEF685DD0E2BB4263DDC88C9B3834) (Version: 05/23/2018 6.7.6.2130 - Silicon Laboratories Inc.)
Betaflight Configurator (HKLM\...\e72c90bb-45eb-48dc-9cf3-ac2e8ec52f8c_is1) (Version: 10.9.0 - The Betaflight open source project)
BlueStacks X (HKU\S-1-5-21-1431687685-2443868726-21383991-1001\...\BlueStacks X) (Version: 10.3.0.1020 - now.gg, Inc.)
Browser for SQL Server 2019 (HKLM-x32\...\{5E366957-8D78-4BB5-A790-96F97A9766BD}) (Version: 15.0.2000.5 - Microsoft Corporation)
Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version: - Canon Inc.)
ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{22E13608-4DB0-4977-A267-3AAFA09CD54A}) (Version: 4.8.09037 - Microsoft Corporation) Hidden
DiagnosticsHub_CollectionService (HKLM\...\{FECAFEB5-8D0E-4AE4-8FA0-745BAA835C35}) (Version: 17.3.32601 - Microsoft Corporation) Hidden
Discord (HKU\S-1-5-21-1431687685-2443868726-21383991-1001\...\Discord) (Version: 1.0.9008 - Discord Inc.)
Dolby Audio X2 Windows API SDK (HKLM\...\{FA0735B6-9E18-437A-A1CD-9152650FC52B}) (Version: 0.8.8.90 - Dolby Laboratories, Inc.) Hidden
dpbupg - Aktualizace číselníků z Internetu (HKLM-x32\...\ST6UNST #1) (Version: - )
Entity Framework 6.2.0 Tools for Visual Studio 2022 (HKLM-x32\...\{E263D8A7-A45C-4A1E-8197-01F8DFB2D709}) (Version: 6.2.0.0 - Microsoft Corporation) Hidden
Epic Games Launcher (HKLM-x32\...\{1E570BD2-E6BC-4CA1-A08C-E9CE483AD022}) (Version: 1.3.79.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{35905844-0610-427D-86A0-2103FABE3D4D}) (Version: 2.0.42.0 - Epic Games, Inc.)
ExpressLRS Configurator 1.5.9 (HKU\S-1-5-21-1431687685-2443868726-21383991-1001\...\2a8c9963-7c47-572e-b852-e0570c14856b) (Version: 1.5.9 - ExpressLRS Configurator Contributors)
Free Cam 8 (HKLM-x32\...\{7B1D3F21-3095-4292-877E-69C085253F59}) (Version: 8.7.27159 - iSpring Solutions Inc.)
GDR 2095 for SQL Server 2019 (KB5014356) (64-bit) (HKLM\...\KB5014356) (Version: 15.0.2095.3 - Microsoft Corporation)
GDR 2101 for SQL Server 2019 (KB5021125) (64-bit) (HKLM\...\KB5021125) (Version: 15.0.2101.7 - Microsoft Corporation)
icecap_collection_neutral (HKLM-x32\...\{602F7006-1F86-4B30-8996-C6FC44B9F87E}) (Version: 17.6.33606 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{58CB2C38-D7D7-4198-A83F-DB023F0C6980}) (Version: 17.6.33605 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{4C2B8045-836F-43BC-B041-74072B854CD3}) (Version: 17.6.33606 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{D5071FCD-1329-450D-960E-23082D14D69B}) (Version: 17.6.33605 - Microsoft Corporation) Hidden
IIS 10.0 Express (HKLM\...\{56674F3A-EE02-4EC7-B429-B8C37CA254E3}) (Version: 10.0.07728 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - ) Hidden
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - ) Hidden
Integration Services (HKLM-x32\...\{8564E707-DD3A-425E-B333-A9970306BE8F}) (Version: 15.0.2000.162 - Microsoft Corporation) Hidden
IntelliTraceProfilerProxy (HKLM\...\{F8B9E8C8-61E8-4E9E-879D-F3F498AD0230}) (Version: 15.0.21225.01 - Microsoft Corporation) Hidden
IntelliTraceProfilerProxy (HKLM-x32\...\{C8891AD2-C223-45CD-A9BE-617A68923B61}) (Version: 15.0.21225.01 - Microsoft Corporation) Hidden
IrfanView 4.62 (64-bit) (HKLM\...\IrfanView64) (Version: 4.62 - Irfan Skiljan)
Kodi (HKU\S-1-5-21-1431687685-2443868726-21383991-1001\...\Kodi) (Version: 20.1.0.0 - XBMC Foundation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo Service Bridge (HKU\S-1-5-21-1431687685-2443868726-21383991-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 5.0.2.14 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.08.01.0009 - Lenovo)
LockHunter 3.4, 32/64 bit (HKLM\...\LockHunter_is1) (Version: 3.4.3.146 - Crystal Rich Ltd)
Microsoft .NET 6.0 Templates 7.0.302 (x64) (HKLM\...\{194C1C66-1005-4A4B-BEDF-AAFC36017ACF}) (Version: 24.7.65457 - Microsoft Corporation) Hidden
Microsoft .NET 7.0 Templates 7.0.302 (x64) (HKLM\...\{405256EA-D20C-4EBB-8D79-E8F8E02AC337}) (Version: 28.7.32689 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.16 (x64) (HKLM\...\{073A89C4-A435-41CF-96CA-7EF0AB698A79}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.16 (x64_arm) (HKLM\...\{27A73B89-4A4F-4C57-A692-F9D80612A3EE}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.16 (x64_arm64) (HKLM\...\{4F5F9A57-79E9-4DC9-8544-F5FB1A239A0D}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.16 (x64_x86) (HKLM\...\{E5CBB87C-4905-463A-89C3-54FCFE6129F1}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 7.0.5 (x64) (HKLM\...\{8BEEA1E5-2EB9-453E-BB9D-497C788B1271}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 7.0.5 (x64_arm) (HKLM\...\{B0613946-1920-45F8-9BE3-2E3FFF7A1A1E}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 7.0.5 (x64_arm64) (HKLM\...\{78F98773-C35A-47CB-B819-A3DD0151554C}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 7.0.5 (x64_x86) (HKLM\...\{9B65AC4E-46B8-46DA-BCD0-D5A5CEFD0F2E}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.2 Targeting Pack (čeština) (HKLM-x32\...\{3DC65636-1EBB-41E9-836B-10174949883C}) (Version: 4.7.03062 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.2 Targeting Pack (HKLM-x32\...\{1784A8CD-F7FE-47E2-A87D-1F31E7242D0D}) (Version: 4.7.03062 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 SDK (čeština) (HKLM-x32\...\{84224644-1FA0-496E-8941-B1553C004E7A}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 SDK (HKLM-x32\...\{949C0535-171C-480F-9CF4-D25C9E60FE88}) (Version: 4.8.03928 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 Targeting Pack (čeština) (HKLM-x32\...\{33D8579D-AE2C-45ED-9D16-08451BCC9B45}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 Targeting Pack (HKLM-x32\...\{BAAF5851-0759-422D-A1E9-90061B597188}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework Cumulative Intellisense Pack for Visual Studio (čeština) (HKLM-x32\...\{EABEB841-5C97-4CE3-A4CF-64F5978D13B2}) (Version: 4.8.09037 - Microsoft Corporation) Hidden
Microsoft .NET Host - 7.0.5 (x64) (HKLM\...\{CE8DF750-A582-4D59-A610-478A752481B1}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft .NET Host - 7.0.5 (x86) (HKLM-x32\...\{2F933E6C-13D1-4886-99EB-05ED0C42885B}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 7.0.5 (x64) (HKLM\...\{B6F2958F-0F6F-4CCD-867F-80EC5C333B79}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 7.0.5 (x86) (HKLM-x32\...\{E3B06B8A-7FA4-4421-8A96-8503B2669F50}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.16 (x64) (HKLM\...\{C71E93D2-B8B4-4858-B2A1-4C967DBC1C5F}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.16 (x86) (HKLM-x32\...\{D9C57643-68F6-4D39-8E6A-20107848904F}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 7.0.5 (x64) (HKLM\...\{793FCD19-00AC-4804-B569-782DF3B24A39}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 7.0.5 (x86) (HKLM-x32\...\{23D1DA1E-5CBC-4990-BB53-5974E8D0AB3A}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft .NET SDK 7.0.302 (x64) from Visual Studio (HKLM\...\{51289EF6-56DA-4EF1-9C82-D21FD6A674F8}) (Version: 7.3.223.25905 - Microsoft Corporation)
Microsoft .NET Standard Targeting Pack - 2.1.0 (x64) (HKLM\...\{A7036CFB-B403-4598-85FF-D397ABB88173}) (Version: 24.0.28113 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 6.0.16 (x64) (HKLM\...\{A40278C4-1199-406F-80D3-790AFEBFDE07}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 6.0.16 (x86) (HKLM-x32\...\{A0401658-F623-4CBD-A706-E5DC41B9AE5D}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 7.0.5 (x64) (HKLM\...\{3D347BF4-DCF0-4960-81B3-A09703182982}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 7.0.5 (x86) (HKLM-x32\...\{98A540CC-952F-470E-97C6-3D2DBCD0CD9C}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft .NET Toolset 7.0.302 (x64) (HKLM\...\{A86BDCCB-43BD-47F4-BE3A-7CE0C72165A8}) (Version: 28.6.65457 - Microsoft Corporation) Hidden
Microsoft Analysis Services OLE DB Provider (HKLM\...\{9786E83E-B71A-4526-B58F-64F35C7E2CFE}) (Version: 15.0.2000.568 - Microsoft Corporation) Hidden
Microsoft Analysis Services OLE DB Provider (HKLM-x32\...\{4F1405AB-36A8-4383-9C1A-AE00491C255F}) (Version: 15.0.2000.568 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.16 Shared Framework (x64) (HKLM\...\{0DF7C481-9E91-3118-B877-6EA9084358AD}) (Version: 6.0.16.23174 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.16 Shared Framework (x86) (HKLM-x32\...\{5545924B-28E4-37E9-9C29-84BF047EB3CB}) (Version: 6.0.16.23174 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.16 Targeting Pack (x64) (HKLM\...\{754209E2-05C7-35ED-A0D4-22766E52AF0F}) (Version: 6.0.16.23174 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.16 Targeting Pack (x86) (HKLM-x32\...\{85CB6891-502D-3802-8CCB-4275E1CC0CD3}) (Version: 6.0.16.23174 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 7.0.5 Shared Framework (x64) (HKLM\...\{D4659401-47DD-3355-A866-C827D0DDAC97}) (Version: 7.0.5.23174 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 7.0.5 Shared Framework (x86) (HKLM-x32\...\{E9A7B080-E866-31F8-A4D1-D534685DFF86}) (Version: 7.0.5.23174 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 7.0.5 Targeting Pack (x64) (HKLM\...\{135A25E2-920D-3A18-A1A2-C18B7D3ADD48}) (Version: 7.0.5.23174 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 7.0.5 Targeting Pack (x86) (HKLM-x32\...\{A2448B21-04AD-329A-8EC8-422549CC005B}) (Version: 7.0.5.23174 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core Module for IIS Express (HKLM\...\{FAFEE5E3-E00A-4CE8-B495-8F66A5FAB236}) (Version: 12.2.18292.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core Module V2 for IIS Express (HKLM\...\{F0E9CE77-BF19-4BBE-B228-A42F782F82E4}) (Version: 17.0.22116.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Diagnostic Pack for Visual Studio (HKLM-x32\...\{BF7E1D28-E9CD-372D-8702-14BBD224A221}) (Version: 17.6.326.62524 - Microsoft Corporation) Hidden
Microsoft Azure Authoring Tools - v2.9.7 (HKLM\...\{90462BD2-DF5B-449C-A401-FCC1DC264E4E}) (Version: 2.9.8999.45 - Microsoft Corporation)
Microsoft Azure Compute Emulator - v2.9.7 (HKLM\...\{04CA054C-2F40-44B0-8610-8D51EC9444FE}) (Version: 2.9.8999.43 - Microsoft Corporation) Hidden
Microsoft Azure Compute Emulator - v2.9.7 (HKLM\...\Microsoft Azure Compute Emulator - v2.9.7) (Version: 2.9.8999.43 - Microsoft Corporation)
Microsoft Azure Libraries for .NET – v2.9 (HKLM\...\{C5C91AA6-3E83-430E-8B7A-6B790083F28D}) (Version: 3.0.0127.060 - Microsoft Corporation)
Microsoft Azure PowerShell - April 2018 (HKLM\...\{3BA7CAA9-97BA-4528-B7E1-B640910BB149}) (Version: 5.7.0.18831 - Microsoft Corporation)
Microsoft Command Line Utilities 15 for SQL Server (HKLM\...\{41C0DB18-1790-465E-B0DD-D9CAA35CACBE}) (Version: 15.0.1300.359 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 115.0.1901.188 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 115.0.1901.188 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft Help Viewer 2.3 (HKLM-x32\...\{BEFC10C1-7032-3C8E-80BC-621A77BFEABD}) (Version: 2.3.28107 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.3 (HKLM-x32\...\Microsoft Help Viewer 2.3) (Version: 2.3.28107 - Microsoft Corporation)
Microsoft NetStandard SDK (HKLM-x32\...\{737FDDA7-B944-4CB5-92D9-3D56373BD301}) (Version: 15.0.51105 - Microsoft Corporation) Hidden
Microsoft ODBC Driver 17 for SQL Server (HKLM\...\{CBA9B46D-5C8E-46F9-94B4-7024400EDE52}) (Version: 17.10.3.1 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
Microsoft Office Access MUI (Czech) 2007 (HKLM-x32\...\{90120000-0015-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Runtime (Czech) 2007 (HKLM-x32\...\{90120000-001C-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Excel MUI (Czech) 2007 (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (Czech) 2007 (HKLM-x32\...\{90120000-00BA-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2007 (HKLM-x32\...\{90120000-0044-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (HKLM\...\{90120000-002A-0000-1000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2007 (HKLM-x32\...\{90120000-00A1-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2007 (HKLM-x32\...\{90120000-001A-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2007 (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Czech) 2007 (HKLM-x32\...\{90120000-001F-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2007 (HKLM-x32\...\{90120000-001F-041B-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2007 (HKLM-x32\...\{90120000-002C-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}) (Version: - Microsoft) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}) (Version: - Microsoft) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version: - Microsoft) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}) (Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (Czech) 2007 (HKLM-x32\...\{90120000-0019-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2007 (HKLM\...\{90120000-002A-0405-1000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2007 (HKLM-x32\...\{90120000-006E-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2007 (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft OLE DB Driver for SQL Server (HKLM\...\{9D6F8754-28E9-4940-B319-3FC8588CF18F}) (Version: 18.5.0.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1431687685-2443868726-21383991-1001\...\OneDriveSetup.exe) (Version: 23.142.0709.0001 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{9D93D367-A2CC-4378-BD63-79EF3FE76C78}) (Version: 11.4.7462.6 - Microsoft Corporation)
Microsoft SQL Server 2019 (64-bit) (HKLM\...\Microsoft SQL Server SQL2019) (Version: - Microsoft Corporation)
Microsoft SQL Server 2019 LocalDB (HKLM\...\{36E492B8-CB83-4DA5-A5D2-D99A8E8228A1}) (Version: 15.0.4153.1 - Microsoft Corporation)
Microsoft SQL Server 2019 RsFx Driver (HKLM\...\{5825CDC4-4E99-4CF9-91FE-DB60C0E2F5EA}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
Microsoft SQL Server 2019 Setup (English) (HKLM\...\{17DCED0E-5B27-453A-B2B4-E487B869B28A}) (Version: 15.0.4013.40 - Microsoft Corporation)
Microsoft SQL Server 2019 T-SQL Language Service (HKLM\...\{31D27B41-A051-49D8-907A-62E0F4A2188C}) (Version: 15.0.2000.5 - Microsoft Corporation)
Microsoft SQL Server Management Studio - 18.9.1 (HKLM-x32\...\{bf0d55ea-f272-49bc-8699-22fbdcc115a8}) (Version: 15.0.18384.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2019 (HKLM\...\{5BC7E9EB-13E8-45DB-8A60-F2481FEB4595}) (Version: 15.0.2000.5 - Microsoft Corporation)
Microsoft TestPlatform SDK Local Feed (HKLM-x32\...\{839C2D45-DDF6-432C-A6A2-C6AF2EF281BF}) (Version: 17.0.0.5175695 - Microsoft) Hidden
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31931 (HKLM-x32\...\{d4cecf3b-b68f-4995-8840-52ea0fab646e}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.31.31103 (HKLM-x32\...\{41d7b770-418a-43b7-95a5-f925fff05789}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31931 (HKLM\...\{EAE242B1-0A26-485A-BFEB-0292EE9F03CB}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31931 (HKLM\...\{CF4C347D-954E-4543-88D2-EC17F07F466F}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.31.31103 (HKLM-x32\...\{5720EC03-F26F-40B7-980C-50B5D420B5DE}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.31.31103 (HKLM-x32\...\{799E3FFF-705C-461F-B400-6DE27398B3E5}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 3.6.2115.31769 - Microsoft Corporation)
Microsoft Visual Studio Setup Configuration (HKLM-x32\...\{5E8B524C-99ED-4F58-AC9F-3B05036833A4}) (Version: 3.6.2085.9058 - Microsoft Corporation) Hidden
Microsoft Visual Studio Setup WMI Provider (HKLM-x32\...\{47B3704C-3287-4DFC-B019-CCBF305492B3}) (Version: 3.6.2085.9058 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2017 (HKLM-x32\...\{f895a2f1-ae3f-4212-8af1-7fa1f8c212ea}) (Version: 15.0.27520 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2017 x64 Hosting Support (HKLM\...\{AFFB9D8D-6E58-38A0-A7DD-F6F1F4247B36}) (Version: 15.0.27520 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2017 x86 Hosting Support (HKLM-x32\...\{9594C97E-6A20-38B3-81BB-2778C4780BE1}) (Version: 15.0.27520 - Microsoft Corporation) Hidden
Microsoft VSS Writer for SQL Server 2019 (HKLM\...\{2C33F4D4-E9A5-4DE1-ACFE-3A13464E6703}) (Version: 15.0.2000.5 - Microsoft Corporation)
Microsoft Web Deploy 4.0 (HKLM\...\{B1D041B8-893D-46F2-A822-6920D17411C9}) (Version: 10.0.7225 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.16 (x64) (HKLM\...\{805626FF-2BC9-4567-A71E-A76A470D000A}) (Version: 48.67.58484 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.16 (x86) (HKLM-x32\...\{8BA8D6A7-8281-40B9-B0FB-F2835CA89051}) (Version: 48.67.58484 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.5 (x64) (HKLM\...\{109506AF-BF9E-43E1-87F3-3141B9C3F6BA}) (Version: 56.23.58485 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.5 (x86) (HKLM-x32\...\{10B89C4E-2660-4746-AD74-18C3BD27D929}) (Version: 56.23.58485 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 6.0.16 (x64) (HKLM\...\{DB633D2E-F8CA-4CCB-84C3-7724199871C1}) (Version: 48.67.58484 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 6.0.16 (x86) (HKLM-x32\...\{E9DC873B-B6FD-4198-9F17-E0808B7BBF32}) (Version: 48.67.58484 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 7.0.5 (x64) (HKLM\...\{CADF61B0-5AB9-467E-A60F-357EAFB2E352}) (Version: 56.23.58485 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 7.0.5 (x86) (HKLM-x32\...\{2D1F81F3-235C-449F-86F1-3E3A770D078F}) (Version: 56.23.58485 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.Android.Manifest-7.0.100 (x64) (HKLM\...\{565FC58A-8818-4E03-83EF-B2899FC3A8D2}) (Version: 33.0.46 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.iOS.Manifest-7.0.100 (x64) (HKLM\...\{B6E4D94C-B0BB-4CB2-82C2-DC24C8C14284}) (Version: 16.4.7054 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.MacCatalyst.Manifest-7.0.100 (x64) (HKLM\...\{F5F08012-912E-437D-8660-53AE79212D09}) (Version: 16.4.7054 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.macOS.Manifest-7.0.100 (x64) (HKLM\...\{91300E04-C694-460C-B95D-1F43ED60AB71}) (Version: 13.3.7054 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.Maui.Manifest-7.0.100 (x64) (HKLM\...\{B9B9B64E-70F4-47C0-B57C-9269431912D8}) (Version: 7.0.86 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.tvOS.Manifest-7.0.100 (x64) (HKLM\...\{D43E9C77-06C8-42F6-B3C4-C8D863E4BDB8}) (Version: 16.4.7054 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Emscripten.net6.Manifest (x64) (HKLM\...\{2A063023-C53B-4FC0-9E47-59FBEE4C8441}) (Version: 56.35.58417 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Emscripten.net7.Manifest (x64) (HKLM\...\{BCBE79F7-20E7-45C7-91D4-BEB9214F8D35}) (Version: 56.35.58417 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Mono.Toolchain.net6.Manifest (x64) (HKLM\...\{17A80AE2-77FC-4391-B1DD-25407A371306}) (Version: 56.3.58437 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Mono.Toolchain.net7.Manifest (x64) (HKLM\...\{0C25CA92-E301-47E8-AD53-D9315C431D97}) (Version: 56.3.58437 - Microsoft Corporation) Hidden
OpenTX Companion 2.3 (HKLM-x32\...\OpenTX Companion 2.3) (Version: 2.3.15 - OpenTX)
Opera Stable 100.0.4815.76 (HKU\S-1-5-21-1431687685-2443868726-21383991-1001\...\Opera 100.0.4815.76) (Version: 100.0.4815.76 - Opera Software)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
SQL Server 2019 Batch Parser (HKLM\...\{D459615B-83B0-408F-8F39-6CC07C277BA6}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Common Files (HKLM\...\{0FB552DD-543E-48E7-A6F4-2F8D82723C6A}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Common Files (HKLM\...\{5E4344C9-8B97-4ED9-8760-57E221C240F4}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Connection Info (HKLM\...\{99B940D5-1A49-4B6C-B26C-6A88B2C061CA}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Connection Info (HKLM\...\{FD730873-33D1-4D1F-9AE0-E259586F8827}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Database Engine Services (HKLM\...\{A60B3D8E-5311-4BF1-AF7A-D1AC15F9152E}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Database Engine Services (HKLM\...\{E3E84B2C-FCF6-469F-9FE7-5E8934DB69AD}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Database Engine Shared (HKLM\...\{619F0B6C-C802-422A-B4E5-294E61F68473}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Database Engine Shared (HKLM\...\{DE5B7937-D5B5-4157-BC30-BB87F021CFF0}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 DMF (HKLM\...\{814D5077-C93F-42E2-B875-717007C186B9}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 DMF (HKLM\...\{FC8DC283-4A85-467F-8D0E-2FE4606DCCA1}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Shared Management Objects (HKLM\...\{6213D6CB-D258-47A3-B1A0-EE1E5C080DCF}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Shared Management Objects (HKLM\...\{A8581199-F913-443B-B058-8E8BF317E71C}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Shared Management Objects Extensions (HKLM\...\{8DDAEBCA-4267-4E16-9FE0-D87F21D36891}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Shared Management Objects Extensions (HKLM\...\{C7E6D4B7-CB10-4239-BA04-D9339B39D0BD}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 SQL Diagnostics (HKLM\...\{28ED6838-D8E5-454C-A813-12C5EB447CAB}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 XEvent (HKLM\...\{2129312E-5204-4F3A-9039-B6D34DBB00FB}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 XEvent (HKLM\...\{228C3DC2-695E-4FC7-87E4-6A9CE905DA9B}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server Management Studio (HKLM\...\{AC2FDB24-D722-49F9-8CB4-8AC187A73BA6}) (Version: 15.0.18384.0 - Microsoft Corporation) Hidden
SQL Server Management Studio (HKLM\...\{FFEDA3B1-242E-40C2-BB23-7E3B87DAC3C1}) (Version: 15.0.18384.0 - Microsoft Corporation) Hidden
SQL Server Management Studio for Analysis Services (HKLM\...\{6E38BAB6-6AFA-49DC-B779-A068B0E5CD11}) (Version: 15.0.18384.0 - Microsoft Corporation) Hidden
SQL Server Management Studio for Reporting Services (HKLM\...\{7CC4781E-9184-4BF6-B739-6179DDA10D7B}) (Version: 15.0.18384.0 - Microsoft Corporation) Hidden
SSMS Post Install Tasks (HKLM\...\{C0BE7047-8F9B-43BD-B11F-53D2BC61A0AC}) (Version: 15.0.18384.0 - Microsoft Corporation) Hidden
Sublime Text (HKLM\...\Sublime Text_is1) (Version: - Sublime HQ Pty Ltd)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.37.3 - TeamViewer)
Thunderbolt™ Software (HKLM-x32\...\{1AA93FF8-C685-4E00-8682-7F2E5D8E8689}) (Version: 17.4.80.550 - Intel Corporation)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 139.2.10843 - Ubisoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
vcpp_crt.redist.clickonce (HKLM-x32\...\{706A46BD-BB58-40E4-B542-173377079DC3}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Visual C++ Library CRT Appx Package (HKLM-x32\...\{7A7337A7-CDAB-4E3E-A001-486232533737}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Visual C++ Library CRT Appx Package (HKLM-x32\...\{FBA5C836-7D17-4B2E-B0FC-5D1F61A5EB1D}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Visual C++ Library CRT Appx Resource Package (HKLM-x32\...\{73EE6A36-8E97-4C96-AA1B-237F63A341FF}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Visual C++ Library CRT ARM64 Appx Package (HKLM-x32\...\{14D6457A-DF33-4E7C-8393-7A8158CA0899}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Visual C++ Library CRT Desktop Appx Package (HKLM-x32\...\{68C89F7A-31DC-404A-922A-4124C5AF72AE}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Visual C++ Library CRT Desktop Appx Package (HKLM-x32\...\{7539E358-316D-4E69-89FF-53BC9789269A}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Visual C++ Library CRT Desktop Appx Package (HKLM-x32\...\{86478DF5-B177-4D98-87CA-32F269DDFDDB}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Visual Studio 2017 Isolated Shell for SSMS (HKLM-x32\...\{AAA9F15B-AF45-4562-9991-93A848D3A902}) (Version: 15.0.28307.421 - Microsoft Corporation) Hidden
Visual Studio Community 2022 (HKLM-x32\...\2db2287b) (Version: 17.6.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
VS Immersive Activate Helper (HKLM-x32\...\{0B826206-3626-4E96-A675-0BDE6B8711B6}) (Version: 17.0.118.0 - Microsoft Corporation) Hidden
VS JIT Debugger (HKLM\...\{7B8542BA-01E4-43EB-A172-1DA975AFD00B}) (Version: 17.0.118.0 - Microsoft Corporation) Hidden
VS Script Debugging Common (HKLM\...\{C8EA234A-FC2F-4EEC-BF7F-DB14C28C84D2}) (Version: 17.0.118.0 - Microsoft Corporation) Hidden
vs_BlendMsi (HKLM-x32\...\{B34081FD-ADDF-4B89-A42F-5A68A379556C}) (Version: 17.6.33605 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsi (HKLM-x32\...\{07C7A46C-48FC-4AF2-891B-22D0345C974E}) (Version: 17.6.33606 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsires (HKLM-x32\...\{84D58147-66B1-466D-A65F-CED613109399}) (Version: 17.6.33605 - Microsoft Corporation) Hidden
vs_clickoncesigntoolmsi (HKLM-x32\...\{2A387476-6041-4F52-9FFF-8806BE8C4FEF}) (Version: 17.6.33605 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{5262DA74-3A86-4FBC-8D1F-A6A8533A8A97}) (Version: 17.6.33606 - Microsoft Corporation) Hidden
vs_communitysharedmsi (HKLM-x32\...\{659ED029-F029-4751-B993-DC227D627A52}) (Version: 17.6.33606 - Microsoft Corporation) Hidden
vs_communityx64msi (HKLM\...\{6077C9DC-A21E-44E7-9CE6-AE82A36197AD}) (Version: 17.6.33605 - Microsoft Corporation) Hidden
vs_CoreEditorFonts (HKLM-x32\...\{56FB5923-1A95-4D55-BE78-CD42B50E67AD}) (Version: 17.6.33605 - Microsoft Corporation)
vs_devenvsharedmsi (HKLM-x32\...\{DC2045F0-1E69-4E61-99FE-F6974B6231C1}) (Version: 17.6.33605 - Microsoft Corporation) Hidden
vs_devenx64vmsi (HKLM\...\{CF59ABFA-9F4D-4F28-80D4-A1C46BAFBA9D}) (Version: 17.6.33605 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{7B64038A-AEE0-4EC7-B13D-0B82F06148CE}) (Version: 17.6.33605 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{A74093C9-C725-46F1-B826-D1790F6475FF}) (Version: 17.6.33605 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{BA850359-A73A-4D74-A1B4-223D5D962A5F}) (Version: 17.6.33605 - Microsoft Corporation) Hidden
vs_minshellinteropsharedmsi (HKLM-x32\...\{2B238E56-4BB2-43F2-BEBF-50FC9CD15211}) (Version: 17.6.33605 - Microsoft Corporation) Hidden
vs_minshellinteropx64msi (HKLM\...\{19EE681B-0930-4A7D-938F-D391D121CF89}) (Version: 17.6.33605 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{785808C5-841D-404F-BBCA-8125FF2C68FE}) (Version: 17.6.33605 - Microsoft Corporation) Hidden
vs_minshellsharedmsi (HKLM-x32\...\{6C6E170D-4C58-444C-994E-FB5416CAFCCF}) (Version: 17.6.33605 - Microsoft Corporation) Hidden
vs_minshellx64msi (HKLM\...\{00E21B2D-B69B-4D8A-AED3-5A5A3204DFCB}) (Version: 17.6.33605 - Microsoft Corporation) Hidden
vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{0F6E6607-7BB5-40D9-8538-C8313D82AE0F}) (Version: 17.6.33605 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{D984791D-7FCE-4138-A23C-AC5432DB6458}) (Version: 17.6.33605 - Microsoft Corporation) Hidden
vs_vswebprotocolselectormsi (HKLM-x32\...\{9207DB43-85DA-4A32-874E-3425C3DE18F1}) (Version: 17.6.33605 - Microsoft Corporation) Hidden
vs_vswebprotocolselectormsires (HKLM-x32\...\{46240305-B1B5-4961-AED9-EF8D96F33224}) (Version: 17.6.33605 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
windows_toolscorepkg (HKLM-x32\...\{18752AC8-6F0F-4016-95D1-70731707CBF7}) (Version: 17.6.33605 - Microsoft Corporation) Hidden
WinMed 2 (HKLM-x32\...\{F81C10F4-EE30-49D9-B8DB-EA0CB870681A}) (Version: 2021.1.1.46 - Plus4U Medical s.r.o.)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-1431687685-2443868726-21383991-1001\...\ZoomUMX) (Version: 5.14.8 (16213) - Zoom Video Communications, Inc.)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-04-13] (Microsoft Corporation)
ELAN Touchpad for Thinkpad -> C:\Program Files\WindowsApps\ELANMicroelectronicsCorpo.ELANTouchpadforThinkpad_24.121.15.0_x64__stws0m115j6hg [2023-07-21] (ELAN Microelectronics Corporation)
ELAN TrackPoint for Thinkpad -> C:\Program Files\WindowsApps\ELANMicroelectronicsCorpo.ELANTrackPointforThinkpa_24.121.18.0_x64__stws0m115j6hg [2023-07-22] (ELAN Microelectronics Corporation)
Lenovo Pen Settings -> C:\Program Files\WindowsApps\WacomTechnologyCorp.157535B83C264_7.7.61.0_neutral__ss941bf8mfs8a [2022-12-22] (Wacom Technology Corp.)
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_53.10510.531.0_x64__8wekyb3d8bbwe [2023-07-21] (Microsoft Corporation)
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.20.1201.0_x64__8wekyb3d8bbwe [2023-07-21] (Microsoft Studios)
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.2.16.0_x64__8wekyb3d8bbwe [2023-07-21] (Microsoft Studios)
Minecraft: Java Edition -> C:\Program Files\WindowsApps\Microsoft.MinecraftJavaEdition_1.0.5.0_x64__8wekyb3d8bbwe [2023-07-21] (Microsoft Studios)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-07-21] (Microsoft Studios) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1431687685-2443868726-21383991-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-1431687685-2443868726-21383991-1001_Classes\CLSID\{C4F0910E-E0B4-4E68-8086-452730C7A26A}\InprocServer32 -> C:\Users\Lenovo\AppData\Local\Autodesk\webdeploy\production\414da7cdec4faa7986fe0d205fb521fc68f5d46c\NPreview10.dll (Autodesk, Inc. -> )
ContextMenuHandlers1: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2021-06-24] (Crystal Rich Ltd -> Crystal Rich Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2021-06-24] (Crystal Rich Ltd -> Crystal Rich Ltd)
ContextMenuHandlers4: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2021-06-24] (Crystal Rich Ltd -> Crystal Rich Ltd)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2022-06-15] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_f694c3678cca2be0\igfxDTCM.dll [2022-05-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2022-06-15] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2023-07-13 12:04 - 2023-07-13 12:04 - 000372736 _____ () [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.CxHef9fb4ae#\41960bd746104fe861fa07dbab983909\Interop.CxHDAudioAPILib.ni.dll
2023-07-13 12:04 - 2023-07-13 12:04 - 000018944 _____ () [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.CxUtilSvcLib\a8ccad9334f8b995dfd4fb5be30e0d6d\Interop.CxUtilSvcLib.ni.dll
2023-01-18 17:51 - 2018-03-13 11:21 - 001173504 _____ (Conexant Systems, Inc.) [File not signed] C:\Program Files\Conexant\SAII\CxHDAudioAPI.dll
2022-12-25 17:58 - 2021-04-02 14:30 - 007218688 _____ (Python Software Foundation) [File not signed] C:\Program Files\Sublime Text\python33.dll
2022-12-25 17:58 - 2021-04-02 14:30 - 008466432 _____ (Python Software Foundation) [File not signed] C:\Program Files\Sublime Text\python38.dll
2022-12-25 17:58 - 2021-04-02 14:30 - 003451392 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\Sublime Text\libcrypto-1_1-x64.dll
2022-12-25 17:58 - 2021-04-02 14:30 - 000682496 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\Sublime Text\libssl-1_1-x64.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData:iSpring Solutions [128]
AlternateDataStreams: C:\Users\All Users:iSpring Solutions [128]
AlternateDataStreams: C:\ProgramData\Data aplikací:iSpring Solutions [128]
AlternateDataStreams: C:\Users\Lenovo\Data aplikací:iSpring Solutions [128]
AlternateDataStreams: C:\Users\Lenovo\AppData\Roaming:iSpring Solutions [128]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

2022-12-22 17:26 - 2023-02-11 14:02 - 000000508 _____ C:\Windows\system32\drivers\etc\hosts.ics
192.168.137.1 DESKTOP-D7P1O08.mshome.net # 2028 2 4 10 12 2 3 329
192.168.137.192 LGwebOSTV.mshome.net # 2023 2 6 18 12 2 3 329
13

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1431687685-2443868726-21383991-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-80-2196430659-3345688158-4281717578-75482121-3290361108\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-80-417864872-2509941577-3334891905-2270271522-438893919\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1431687685-2443868726-21383991-1001\...\StartupApproved\Run: => "btweb"
HKU\S-1-5-21-1431687685-2443868726-21383991-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{0477D01D-B269-4F97-86AC-B2B1101340E7}C:\program files\kodi\kodi.exe] => (Allow) C:\program files\kodi\kodi.exe (XBMC Foundation) [File not signed]
FirewallRules: [UDP Query User{30C00C6B-AB89-4E5F-B32D-88F2AF473EB6}C:\program files\kodi\kodi.exe] => (Allow) C:\program files\kodi\kodi.exe (XBMC Foundation) [File not signed]
FirewallRules: [TCP Query User{79E4ADFC-699C-4243-816F-E87FFF5D603A}C:\users\lenovo\appdata\local\programs\opera\opera.exe] => (Block) C:\users\lenovo\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{17606559-DD1A-4AA0-8056-EC7A80B20F9B}C:\users\lenovo\appdata\local\programs\opera\opera.exe] => (Block) C:\users\lenovo\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{C330561D-0C02-4080-AE0C-B316084AE209}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{29A66493-EA4F-490C-A8A0-4A57C49FA73F}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2FD9493C-9C10-4A6B-A542-375AF8E5CFE8}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4CADF0B7-CA9A-428D-B2F0-0C69AFAE5819}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6E211778-0CE4-47B5-AF8A-E66DEC46EF3F}] => (Allow) C:\Program Files\Microsoft SQL Server\MSSQL15.WinMed2\MSSQL\Binn\sqlservr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{66C37B74-C406-4E95-969F-238D570373D5}] => (Allow) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{D3BE78BD-BA56-4849-9A8E-5D8ADDE4075E}C:\users\lenovo\appdata\local\programs\expresslrs configurator\expresslrs configurator.exe] => (Allow) C:\users\lenovo\appdata\local\programs\expresslrs configurator\expresslrs configurator.exe (ExpressLRS Configurator Contributors) [File not signed]
FirewallRules: [UDP Query User{B8EBBBBD-CE98-4DC3-955C-7E9B9A5A2527}C:\users\lenovo\appdata\local\programs\expresslrs configurator\expresslrs configurator.exe] => (Allow) C:\users\lenovo\appdata\local\programs\expresslrs configurator\expresslrs configurator.exe (ExpressLRS Configurator Contributors) [File not signed]
FirewallRules: [TCP Query User{627DB24E-0EB1-4E90-99F8-063EF15D4D0F}C:\program files\betaflight\betaflight-configurator\betaflight-configurator.exe] => (Allow) C:\program files\betaflight\betaflight-configurator\betaflight-configurator.exe (The NW.js Community) [File not signed]
FirewallRules: [UDP Query User{6555671E-4F37-4F20-A66C-B963C8284974}C:\program files\betaflight\betaflight-configurator\betaflight-configurator.exe] => (Allow) C:\program files\betaflight\betaflight-configurator\betaflight-configurator.exe (The NW.js Community) [File not signed]
FirewallRules: [{7DA9BB4D-3A05-450D-BAC7-A7C50567861F}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{A4AEF75C-77C7-4749-9A44-E928144EB580}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [TCP Query User{424B0AE8-C7B6-4EC8-BFEE-6D925F249B88}C:\users\lenovo\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\lenovo\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{30113EB1-B5DC-41C0-9044-9D4093AC5F9F}C:\users\lenovo\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\lenovo\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [TCP Query User{B28740FF-15A6-4D7C-BC8E-F84FC385DB9B}C:\users\lenovo\appdata\local\temp\rar$exa20808.48711\[img_1210] pretty_lonely_girl - at_sang_hyun_jang_studio - by_hwang_gim_jeong_photographer.exe] => (Block) C:\users\lenovo\appdata\local\temp\rar$exa20808.48711\[img_1210] pretty_lonely_girl - at_sang_hyun_jang_studio - by_hwang_gim_jeong_photographer.exe => No File
FirewallRules: [UDP Query User{3A8E7DAA-95F7-48A2-A711-2DF80043B90D}C:\users\lenovo\appdata\local\temp\rar$exa20808.48711\[img_1210] pretty_lonely_girl - at_sang_hyun_jang_studio - by_hwang_gim_jeong_photographer.exe] => (Block) C:\users\lenovo\appdata\local\temp\rar$exa20808.48711\[img_1210] pretty_lonely_girl - at_sang_hyun_jang_studio - by_hwang_gim_jeong_photographer.exe => No File
FirewallRules: [TCP Query User{AB16E68F-CC06-4F80-A9E0-B3CCEBB609EA}C:\dpb\instalace_winmed2_srv\total commander\totalcmd64.exe] => (Allow) C:\dpb\instalace_winmed2_srv\total commander\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{93FD0826-06F4-4470-9271-3ACE12103C10}C:\dpb\instalace_winmed2_srv\total commander\totalcmd64.exe] => (Allow) C:\dpb\instalace_winmed2_srv\total commander\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{EC54E8A6-345B-4541-8A34-D210333B4AC5}] => (Allow) C:\Users\Lenovo\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{BE81A672-61C4-4F6D-977D-3F8025149D66}] => (Allow) C:\Users\Lenovo\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{F7727A91-7641-4F72-9C85-BD12D85400CC}] => (Allow) C:\Users\Lenovo\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{B4479855-BE35-4818-AD6D-42DF10CCA4BF}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{0733BBE0-157A-4657-9B02-4A402B199910}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{7DCCF54F-EB0E-4593-B1A6-0F9023DEA13A}] => (Allow) C:\Program Files\Epic Games\TrackmaniaNext\trackmania.exe (NADEO SAS -> Nadeo)
FirewallRules: [{E28CFE59-89AE-43CC-9644-5B1724972DB6}] => (Allow) C:\Program Files\Epic Games\TrackmaniaNext\trackmania.exe (NADEO SAS -> Nadeo)
FirewallRules: [TCP Query User{045B8D91-D63D-4CAB-BBD6-9AF6967FF07D}C:\users\lenovo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lenovo\appdata\roaming\spotify\spotify.exe => No File
FirewallRules: [UDP Query User{C921EEBC-5838-45BB-883B-6D588A9518DB}C:\users\lenovo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lenovo\appdata\roaming\spotify\spotify.exe => No File
FirewallRules: [{CE2011C7-E7B8-49C5-9A86-2F2EA82BF6BA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3403.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{ECE8FCCE-5A70-427C-9C74-AC5FBE3151CC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3403.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{63F157F0-FC49-4276-AC56-AA8373BFA43C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3403.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BCE5E4CB-7CE5-4538-99BC-3FD5F27B74E1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3403.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{43761188-C81B-4D19-9D3A-B267B5E05768}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe (Now.gg, INC -> Bluestack Systems, Inc.)
FirewallRules: [{A5B8A32D-39A4-4074-BE01-888812CFBCFB}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe (Now.gg, INC -> COMPANY NAME)
FirewallRules: [TCP Query User{8A1F02B8-46AD-4519-9984-9A21863EB071}C:\users\lenovo\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\lenovo\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{F547DA46-77F1-4B51-9F7C-6CFE6A233600}C:\users\lenovo\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\lenovo\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{4F33D7B2-2D2D-46B9-85E5-768A9D4B57A8}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\115.0.1901.188\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

24-07-2023 14:45:12 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (07/31/2023 09:27:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MSACCESS.EXE, verze: 12.0.6735.5000, časové razítko: 0x561e089f
Název chybujícího modulu: MSACCESS.EXE, verze: 12.0.6735.5000, časové razítko: 0x561e089f
Kód výjimky: 0xc0000005
Posun chyby: 0x00295766
ID chybujícího procesu: 0xc90
Čas spuštění chybující aplikace: 0x01d9c37f8fb857d5
Cesta k chybující aplikaci: C:\Program Files (x86)\Microsoft Office\Office12\MSACCESS.EXE
Cesta k chybujícímu modulu: C:\Program Files (x86)\Microsoft Office\Office12\MSACCESS.EXE
ID zprávy: 86f520ec-33f9-415a-acc5-49e8d8be9dc7
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (07/31/2023 08:28:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchApp.exe, verze: 10.0.19041.3155, časové razítko: 0x5cb9ff30
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.3155, časové razítko: 0xbf300201
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000012d8b2
ID chybujícího procesu: 0xb3c
Čas spuštění chybující aplikace: 0x01d9bbff2df69f50
Cesta k chybující aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 6ed3771c-694c-468d-b2ab-19c3f660229a
Úplný název chybujícího balíčku: Microsoft.Windows.Search_1.14.10.19041_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: CortanaUI

Error: (07/30/2023 03:53:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: fwdetectcmd1911.exe, verze: 1.0.0.0, časové razítko: 0x5dde0fc6
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.3208, časové razítko: 0xbc1cd7c0
Kód výjimky: 0xe0434352
Posun chyby: 0x0013d902
ID chybujícího procesu: 0x5744
Čas spuštění chybující aplikace: 0x01d9c2ed287b747d
Cesta k chybující aplikaci: C:\ProgramData\Lenovo\SystemUpdate\sessionSE\Repository\r0stf24w\fwdetectcmd1911.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 0e33c891-a265-44ea-9903-5fda7c87ccc7
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (07/30/2023 03:53:05 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: fwdetectcmd1911.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.IOException
na System.IO.__Error.WinIOError(Int32, System.String)
na System.Console.GetBufferInfo(Boolean, Boolean ByRef)
na System.Console.get_WindowWidth()
na FwUpdateCmd.CmdUtilities.WriteWrappedLine(System.String, Int32)
na FwUpdateCmd.CmdUtilities.WriteDescription(System.String, System.String, System.Nullable`1<Int32>)
na FwUpdateCmd.Program.Main(System.String[])

Error: (07/22/2023 08:11:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GamingServices.exe, verze: 10.0.22621.4269, časové razítko: 0x954d6b32
Název chybujícího modulu: combase.dll, verze: 10.0.19041.2788, časové razítko: 0x03e7e147
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000516ab
ID chybujícího procesu: 0x1784
Čas spuštění chybující aplikace: 0x01d9b5c3738dc24f
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.GamingServices_13.78.12002.0_x64__8wekyb3d8bbwe\GamingServices.exe
Cesta k chybujícímu modulu: C:\Windows\System32\combase.dll
ID zprávy: 556453ba-fe54-4aa9-b9e5-073354681c09
Úplný název chybujícího balíčku: Microsoft.GamingServices_13.78.12002.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: GamingServices

Error: (07/13/2023 04:18:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MSACCESS.EXE, verze: 12.0.6735.5000, časové razítko: 0x561e089f
Název chybujícího modulu: MSACCESS.EXE, verze: 12.0.6735.5000, časové razítko: 0x561e089f
Kód výjimky: 0xc0000005
Posun chyby: 0x00295766
ID chybujícího procesu: 0x2e6c
Čas spuštění chybující aplikace: 0x01d9b594d8605048
Cesta k chybující aplikaci: C:\Program Files (x86)\Microsoft Office\Office12\MSACCESS.EXE
Cesta k chybujícímu modulu: C:\Program Files (x86)\Microsoft Office\Office12\MSACCESS.EXE
ID zprávy: e0241ff7-9cbd-42f6-b3a8-c678f010dc3e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (07/13/2023 03:45:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ShellExperienceHost.exe, verze: 10.0.19041.3031, časové razítko: 0x515507a8
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.3155, časové razítko: 0xbf300201
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000012d8b2
ID chybujícího procesu: 0x232c
Čas spuštění chybující aplikace: 0x01d9b58ccb914a99
Cesta k chybující aplikaci: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 0c9d33ce-68be-4232-b54d-c82d3ba44804
Úplný název chybujícího balíčku: Microsoft.Windows.ShellExperienceHost_10.0.19041.1949_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: App

Error: (07/13/2023 03:17:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ShellExperienceHost.exe, verze: 10.0.19041.3031, časové razítko: 0x515507a8
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.3155, časové razítko: 0xbf300201
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000012d8b2
ID chybujícího procesu: 0x3e88
Čas spuštění chybující aplikace: 0x01d9b551bdfc1ce6
Cesta k chybující aplikaci: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 47a48200-3af6-477b-9290-bd7a1df072be
Úplný název chybujícího balíčku: Microsoft.Windows.ShellExperienceHost_10.0.19041.1949_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: App


System errors:
=============
Error: (07/31/2023 12:13:15 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (07/31/2023 09:11:23 AM) (Source: Schannel) (EventID: 4114) (User: DESKTOP-D7P1O08)
Description: Certifikát přijatý od vzdáleného serveru byl vystavený nedůvěryhodnou certifikační autoritou. Z tohoto důvodu nejde ověřit žádná data obsažená v tomto certifikátu. Žádost o připojení TLS selhala. Připojená data obsahují certifikát serveru.

Error: (07/31/2023 08:16:17 AM) (Source: Schannel) (EventID: 4116) (User: DESKTOP-D7P1O08)
Description: Certifikát přijatý od vzdáleného serveru neobsahuje očekávaný název. Z tohoto důvodu nejde určit, jestli se připojujete ke správnému serveru. Očekával se server s názvem autoupdate.geo.opera.com. Žádost o připojení TLS selhala. Připojená data obsahují certifikát serveru.

Error: (07/31/2023 08:16:02 AM) (Source: disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR4.

Error: (07/30/2023 06:29:05 PM) (Source: disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR3.

Error: (07/26/2023 10:29:26 PM) (Source: DCOM) (EventID: 10029) (User: DESKTOP-D7P1O08)
Description: U aktivace identifikátoru CLSID Windows.Media.Capture.AppCaptureManager vypršel časový limit během čekání na zastavení služby BcastDVRUserService_80652.

Error: (07/23/2023 09:15:19 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (07/23/2023 09:01:28 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN se nepodařilo spustit.

Cesta k modulu: C:\Windows\system32\IntelIHVRouter06.dll
Kód chyby: 21


Windows Defender:
================
Date: 2023-07-30 18:29:02
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {03907D74-B06C-448E-98CD-8E309C77AF25}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-07-28 09:30:48
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {B638B470-B7E1-409E-9708-CC9FE9A8B378}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-07-26 17:28:07
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F49B3FB9-5519-47EF-A4A1-5A8BD17F7270}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-07-24 09:44:38
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {12FF8D70-702D-45EC-B1BF-ECBD4C0E4928}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-07-22 20:42:27
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {573A8B9A-18EB-4FD8-B749-553C785BCBBD}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2023-07-08 23:21:36
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.391.3856.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23050.3
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===============
Date: 2023-07-31 20:27:40
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_f694c3678cca2be0\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO R0SET51W (1.35 ) 02/09/2022
Motherboard: LENOVO 20LJS3A100
Processor: Intel(R) Core(TM) i5-8350U CPU @ 1.70GHz
Percentage of memory in use: 52%
Total physical RAM: 16218.56 MB
Available physical RAM: 7673.15 MB
Total Virtual: 20570.56 MB
Available Virtual: 10291.76 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:237.84 GB) (Free:11.71 GB) (Model: SAMSUNG MZNLN256HMHQ-000H1) (Protected) NTFS

\\?\Volume{f5f68b7b-042d-4c11-bb43-68c2dc9ae93f}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
\\?\Volume{325a2bb6-7368-4dfc-8668-efa91a80dd67}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 238.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118318
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Ztrácí se focus z oken a po startu vyskakuje CMD

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Cizap
Návštěvník
Návštěvník
Příspěvky: 73
Registrován: 07 dub 2014 11:56

Re: Ztrácí se focus z oken a po startu vyskakuje CMD

#3 Příspěvek od Cizap »

Zde:


# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-31-2023
# Duration: 00:00:00
# OS: Windows 10 (Build 19045.3208)
# Cleaned: 2
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\Lenovo\AppData\Roaming\driveridentifier

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\Software\Classes\driveruploader

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2528 octets] - [31/07/2023 21:39:31]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118318
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Ztrácí se focus z oken a po startu vyskakuje CMD

#4 Příspěvek od Rudy »

Dejte nové logy FRST+Addotopn.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Cizap
Návštěvník
Návštěvník
Příspěvky: 73
Registrován: 07 dub 2014 11:56

Re: Ztrácí se focus z oken a po startu vyskakuje CMD

#5 Příspěvek od Cizap »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-07-2023
Ran by Lenovo (administrator) on DESKTOP-D7P1O08 (LENOVO 20LJS3A100) (31-07-2023 21:56:55)
Running from C:\Moje\viry\FRST64.exe
Loaded Profiles: Lenovo & SQLTELEMETRY$WINMED2 & MSSQL$WINMED2
Platform: Microsoft Windows 10 Pro Version 22H2 19045.3208 (X64) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\Sublime Text\sublime_text.exe ->) (Sublime HQ Pty Ltd -> ) C:\Program Files\Sublime Text\plugin_host-3.3.exe
(C:\Program Files\Sublime Text\sublime_text.exe ->) (Sublime HQ Pty Ltd -> ) C:\Program Files\Sublime Text\plugin_host-3.8.exe
(C:\Users\Lenovo\AppData\Local\Programs\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\Lenovo\AppData\Local\Programs\Opera\100.0.4815.76\opera_crashreporter.exe
(explorer.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3403.0_x64__kzf8qxf38zg5c\Skype\Skype.exe <6>
(Opera Norway AS -> Opera Software) C:\Users\Lenovo\AppData\Local\Programs\Opera\opera.exe <30>
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_b117548b2e075ba1\aesm_service.exe
(services.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\SysWOW64\EasyResume.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL15.WINMED2\MSSQL\Binn\sqlceip.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL15.WINMED2\MSSQL\Binn\sqlservr.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\NisSrv.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Sublime HQ Pty Ltd -> Sublime HQ Pty Ltd) C:\Program Files\Sublime Text\sublime_text.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21514.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21514.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2305.4.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-1431687685-2443868726-21383991-1001\...\Run: [btweb] => "C:\Users\Lenovo\AppData\Roaming\BitTorrent Web\btweb.exe" /MINIMIZED (No File)
HKU\S-1-5-21-1431687685-2443868726-21383991-1001\...\Run: [Discord] => C:\Users\Lenovo\AppData\Local\Discord\Update.exe [1525016 2022-12-09] (Discord Inc. -> GitHub)
HKU\S-1-5-21-1431687685-2443868726-21383991-1001\...\Run: [Opera Browser Assistant] => C:\Users\Lenovo\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3955608 2023-06-20] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-1431687685-2443868726-21383991-1001\...\Run: [MicrosoftEdgeAutoLaunch_5EF70F99B4529735F3564FFE246DB961] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4088256 2023-07-27] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon MP250 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9W.DLL [28672 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\hpzpplhn: C:\Windows\System32\spool\prtprocs\x64\hpzpplhn.dll [109288 2018-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP250 series: C:\Windows\system32\CNMLM9W.DLL [336896 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {70F1E981-BF42-4A97-A3DB-9865EB8CF8D9} - System32\Tasks\01-Pondělí Záloha WinMed_R => C:\WinMed2\BACKUP\01-WinMed2.bat [307 2023-01-03] () [File not signed]
Task: {CFFAA2E8-D3EF-4BF5-BC9C-A68F729E3789} - System32\Tasks\02-Úterý Záloha WinMed_R => C:\WinMed2\BACKUP\02-WinMed2.bat [303 2023-01-03] () [File not signed]
Task: {00A65FB0-BA39-4946-8A7C-768770F1489B} - System32\Tasks\03-Středa Záloha WinMed_R => C:\WinMed2\BACKUP\03-WinMed2.bat [305 2023-01-03] () [File not signed]
Task: {04B8F18A-88DF-481B-B8A6-7DA5C2E598FD} - System32\Tasks\04-Čtvrtek Záloha WinMed_R => C:\WinMed2\BACKUP\04-WinMed2.bat [307 2023-01-03] () [File not signed]
Task: {9E458EEB-8981-496A-84E4-F48EF30E0873} - System32\Tasks\05-Pátek Záloha WinMed_R => C:\WinMed2\BACKUP\05-WinMed2.bat [303 2023-01-03] () [File not signed]
Task: {6AF672BA-C920-4DD3-B06F-77DA42C891C2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {A344DB02-F789-45FA-AB87-004B19A13CFD} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [227888 ] (Key for TBT Legacy Driver -> Intel Corporation)
Task: {D6BC4EC6-2B7F-43DF-896F-34338E2A4B1C} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [227888 ] (Key for TBT Legacy Driver -> Intel Corporation)
Task: {C3D7D8DC-147E-4555-9124-A61B5733B179} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [227888 ] (Key for TBT Legacy Driver -> Intel Corporation)
Task: {956200D9-4BB7-4975-8C0B-8AE23305F2DA} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2311216 ] (Key for TBT Legacy Driver -> Intel Corporation)
Task: {0B60BBCD-A564-4541-97A6-2DDBDFC3D4C5} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => C:\Windows\system32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> start ThunderboltService
Task: {64327FED-F7B1-4292-8CD5-1E7F4AED1DF7} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1431687685-2443868726-21383991-1001 => C:\Users\Lenovo\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [89096 2023-04-10] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {A4924E12-1DAD-43D6-9376-D76B6B180A1E} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [129016 2022-12-05] (Lenovo -> Lenovo)
Task: {17392E35-57BC-4421-A7B5-824F40BC7D64} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\Windows\SysWOW64\PowerMgrInst.exe [64984 2022-05-17] (Lenovo -> )
Task: {E3D3A575-6288-46AA-9147-7CE951498FEF} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [253368 2023-05-19] (Microsoft Corporation -> Microsoft)
Task: {2755D9AE-4021-403A-8AC5-5E44536F4D64} - System32\Tasks\Microsoft\Windows\Conexant\AFA => C:\Program Files\CONEXANT\cAudioFilterAgent\SACpl.exe [1823232 2016-07-05] (Conexant Systems, Inc.) [File not signed]
Task: {E92AF59E-E65B-42AE-B3F7-E9210D1E5733} - System32\Tasks\Microsoft\Windows\Conexant\SA2 => C:\Program Files\CONEXANT\SAII\SACpl.exe [1832280 2017-06-07] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
Task: {9F996B00-58DF-4F8D-A9E5-526C8539F048} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MpCmdRun.exe [1649976 2023-07-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F93938D3-AD97-42E5-AA68-0C709309CFF2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MpCmdRun.exe [1649976 2023-07-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {91B0EC0F-0809-42AD-ACA7-02C27983506E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MpCmdRun.exe [1649976 2023-07-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {26E639E0-7810-45A4-99F5-A7CAFEDEB349} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MpCmdRun.exe [1649976 2023-07-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {533DAE8A-0AEF-4E2B-B8DE-04AF597EF7BA} - System32\Tasks\Opera scheduled assistant Autoupdate 1671663169 => C:\Users\Lenovo\AppData\Local\Programs\Opera\launcher.exe [2717592 2023-07-17] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Lenovo\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {7BFA0B6B-AB18-4265-BD1F-CA7133E5A314} - System32\Tasks\Opera scheduled Autoupdate 1671663161 => C:\Users\Lenovo\AppData\Local\Programs\Opera\launcher.exe [2717592 2023-07-17] (Opera Norway AS -> Opera Software)
Task: {CE9E4C37-2FA8-43D4-B25A-23B5FD42D752} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1900320 2023-01-19] (Lenovo -> )
Task: {5E776BF0-92FE-4306-850D-D9D9B9532B9D} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1900320 2023-01-19] (Lenovo -> )
Task: {95D0F82A-EA02-4CF2-956D-020A7B84F7CE} - System32\Tasks\WDNA => C:\Users\Lenovo\AppData\Local\CDContent\rhc.exe [1536 2023-03-06] () [File not signed] -> php.exe index.php <==== ATTENTION
Task: {61800391-466E-4E3C-9581-99FA51EF7917} - System32\Tasks\WDNA_LG => Command(1): rhc.exe -> php.exe include.php <==== ATTENTION
Task: {61800391-466E-4E3C-9581-99FA51EF7917} - System32\Tasks\WDNA_LG => Command(2): rhc.exe -> php.exe index.php <==== ATTENTION
Task: {CE0FA19A-A5B4-4F7E-8DA6-2753849B417F} - System32\Tasks\wupdatecloud => C:\Users\Lenovo\AppData\Local\wupdater_cloud\rhc.exe [1536 2023-03-06] () [File not signed] -> php.exe index.php <==== ATTENTION
Task: {98D9B12A-DD48-4EE6-A99B-5D9E68B218DD} - System32\Tasks\wupdatecloud_LG => Command(1): rhc.exe -> php.exe include.php <==== ATTENTION
Task: {98D9B12A-DD48-4EE6-A99B-5D9E68B218DD} - System32\Tasks\wupdatecloud_LG => Command(2): rhc.exe -> php.exe index.php <==== ATTENTION
Task: {74BFE56F-7B89-4570-B0DA-9E33D62BD31C} - System32\Tasks\YTPX Cloud LG => C:\Users\Lenovo\AppData\Local\ypsx_cloud_v2\rhc.exe [1536 2023-07-20] () [File not signed] -> wdcloud_v2.exe <==== ATTENTION
Task: {25F00437-5B09-4C84-BE99-0DDAAFBE2E51} - System32\Tasks\zends-et => C:\Users\Lenovo\AppData\Local\wtraff_cloud\rhc.exe [1536 2023-05-07] () [File not signed] -> php.exe index.php <==== ATTENTION
Task: {2B00130B-AB4F-4ADA-8DD0-BF8D778A4ED5} - System32\Tasks\zends-et-LG => Command(1): rhc.exe -> php.exe include.php <==== ATTENTION
Task: {2B00130B-AB4F-4ADA-8DD0-BF8D778A4ED5} - System32\Tasks\zends-et-LG => Command(2): rhc.exe -> php.exe index.php <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{1fa6cfb4-ad34-4b31-a137-a0d084dbbc6d}: [DhcpNameServer] 192.168.0.1 0.0.0.0

Edge:
=======
Edge Profile: C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default [2023-07-31]
Edge Session Restore: Default -> is enabled.
Edge Extension: (Edge relevant text changes) - C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-07-25]

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-07-03] (Adobe Inc. -> Adobe Systems Inc.)

Opera:
=======
OPR Profile: C:\Users\Lenovo\AppData\Roaming\Opera Software\Opera Stable [2023-07-31]
OPR Notifications: Opera Stable -> hxxps://calendar.google.com; hxxps://uuapp.plus4u.net
OPR DefaultSearchURL: Opera Stable -> hxxps://www.google.com/search?client=opera&q={s ... utEncoding}
OPR DefaultSearchKeyword: Opera Stable -> g
OPR Session Restore: Opera Stable -> is enabled.
OPR Extension: (Session Buddy) - C:\Users\Lenovo\AppData\Roaming\Opera Software\Opera Stable\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2023-07-26]
OPR Extension: (Rich Hints Agent) - C:\Users\Lenovo\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-07-07]
OPR Extension: (Opera Wallet) - C:\Users\Lenovo\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-07-07]
OPR Extension: (Aria) - C:\Users\Lenovo\AppData\Roaming\Opera Software\Opera Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm [2023-07-31]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Lenovo\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-12-22]
OPR Extension: (Google Překladač) - C:\Users\Lenovo\AppData\Roaming\Opera Software\Opera Stable\Extensions\mchdgimobfnilobnllpdnompfjkkfdmi [2023-07-07]
OPR Extension: (opera-intro) - C:\Users\Lenovo\AppData\Local\Programs\Opera\100.0.4815.76\resources\opera_intro_extension [2023-07-26]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
R2 AzureAttestService; C:\Program Files\Microsoft\AzureAttestService\AzureAttestService.dll [151288 2019-07-24] (Microsoft Windows -> Microsoft Corporation)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-05-01] (Epic Games Inc. -> Epic Games, Inc.)
S2 IBMPMSVC; C:\Windows\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_02d728b29c6492d3\x64\ibmpmsvc.exe [850936 2022-11-24] (Lenovo -> Lenovo)
R2 Lenovo Instant On; C:\Windows\SysWOW64\EasyResume.exe [2352368 2022-05-17] (Lenovo -> Lenovo Group Limited)
S2 LITSSVC; C:\Windows\System32\LITSSvc.exe [1260488 2023-01-17] (Lenovo -> Lenovo.)
S2 LPlatSvc; C:\Windows\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_02d728b29c6492d3\x64\LPlatSvc.exe [906232 2022-11-24] (Lenovo -> Lenovo)
R2 MSSQL$WINMED2; C:\Program Files\Microsoft SQL Server\MSSQL15.WINMED2\MSSQL\Binn\sqlservr.exe [624544 2023-01-23] (Microsoft Corporation -> Microsoft Corporation)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [69864 2018-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402216 2023-07-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 SQLAgent$WINMED2; C:\Program Files\Microsoft SQL Server\MSSQL15.WINMED2\MSSQL\Binn\SQLAGENT.EXE [690120 2023-01-23] (Microsoft Corporation -> Microsoft Corporation)
R2 SQLTELEMETRY$WINMED2; C:\Program Files\Microsoft SQL Server\MSSQL15.WINMED2\MSSQL\Binn\sqlceip.exe [284616 2023-01-23] (Microsoft Corporation -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [16518456 2022-12-12] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S2 TPHKLOAD; C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\TPHKLOAD.exe [473760 2021-10-22] (Lenovo -> Lenovo Group Limited)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [142304 2022-06-01] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\NisSrv.exe [3244928 2023-07-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MsMpEng.exe [133576 2023-07-25] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 IBMPMDRV; C:\Windows\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_02d728b29c6492d3\x64\ibmpmdrv.sys [53240 2022-11-24] (Lenovo -> Lenovo)
R3 MpKsld0f384ef; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{53D7293D-0215-4604-8742-D7808349B98E}\MpKslDrv.sys [221480 2023-07-31] (Microsoft Windows -> Microsoft Corporation)
R1 PMDRVS; C:\Windows\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_02d728b29c6492d3\x64\pmdrvs.sys [38904 2022-11-24] (Lenovo -> Lenovo)
S4 RsFx0600; C:\Windows\System32\DRIVERS\RsFx0600.sys [286976 2019-09-24] (Microsoft Corporation -> Microsoft Corporation)
R3 rtump64x64; C:\Windows\System32\drivers\rtump64x64.sys [1238360 2023-05-10] (Realtek Semiconductor Corp. -> Realtek Corporation)
R3 WacHIDRouterISDU; C:\Windows\System32\drivers\WacHIDRouterISDU.sys [136952 2022-04-21] (Wacom Co., Ltd. -> Wacom Technology, Corp.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49600 2023-07-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [498944 2023-07-25] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99608 2023-07-25] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-07-31 21:52 - 2023-07-31 21:58 - 300744402 _____ C:\Users\Lenovo\Downloads\ACH-VvOex.rar.opdownload
2023-07-31 21:52 - 2023-07-31 21:58 - 282099402 _____ C:\Users\Lenovo\Downloads\ACh- Mrtvá.rar.opdownload
2023-07-31 21:52 - 2023-07-31 21:58 - 261340881 _____ C:\Users\Lenovo\Downloads\ACh-Hodiny.rar.opdownload
2023-07-31 21:52 - 2023-07-31 21:58 - 246742740 _____ C:\Users\Lenovo\Downloads\ACh-Zlo.rar.opdownload
2023-07-31 21:52 - 2023-07-31 21:58 - 238911177 _____ C:\Users\Lenovo\Downloads\ACH-3xPoirot.part1.rar.opdownload
2023-07-31 21:52 - 2023-07-31 21:58 - 238239435 _____ C:\Users\Lenovo\Downloads\ACh-Nsvědek.rar.opdownload
2023-07-31 21:52 - 2023-07-31 21:58 - 225148620 _____ C:\Users\Lenovo\Downloads\ACh-Vražda.rar.opdownload
2023-07-31 21:52 - 2023-07-31 21:58 - 207584980 _____ C:\Users\Lenovo\Downloads\ACH-ABC.rar.opdownload
2023-07-31 21:52 - 2023-07-31 21:58 - 203243188 _____ C:\Users\Lenovo\Downloads\Christie_Schůzka se smrtí.rar.opdownload
2023-07-31 21:52 - 2023-07-31 21:58 - 198131407 _____ C:\Users\Lenovo\Downloads\ACH-Pět.rar.opdownload
2023-07-31 21:52 - 2023-07-31 21:58 - 197705417 _____ C:\Users\Lenovo\Downloads\ACH-3xPoirot.part2.rar.opdownload
2023-07-31 21:52 - 2023-07-31 21:58 - 170524372 _____ C:\Users\Lenovo\Downloads\ACh-Nil.rar.opdownload
2023-07-31 21:52 - 2023-07-31 21:58 - 159661780 _____ C:\Users\Lenovo\Downloads\ACH-noc.rar.opdownload
2023-07-31 21:52 - 2023-07-31 21:58 - 144015058 _____ C:\Users\Lenovo\Downloads\ACh-Plkun.rar.opdownload
2023-07-31 21:52 - 2023-07-31 21:56 - 087011749 _____ C:\Users\Lenovo\Downloads\ACH-VnN (1).rar
2023-07-31 21:51 - 2023-07-31 21:58 - 336559828 _____ C:\Users\Lenovo\Downloads\ACH-lEu.rar.opdownload
2023-07-31 21:51 - 2023-07-31 21:58 - 277102283 _____ C:\Users\Lenovo\Downloads\ACh-Svražda.rar.opdownload
2023-07-31 21:46 - 2023-07-31 21:47 - 087011749 _____ C:\Users\Lenovo\Downloads\ACH-VnN.rar
2023-07-31 21:44 - 2023-07-31 21:58 - 262029006 _____ C:\Users\Lenovo\Downloads\Gipazi.zip.opdownload
2023-07-31 21:38 - 2023-07-31 21:40 - 000000000 ____D C:\AdwCleaner
2023-07-31 21:22 - 2023-07-31 21:27 - 878846199 _____ C:\Users\Lenovo\Downloads\PG-AS.rar
2023-07-31 21:18 - 2023-07-31 21:20 - 460769109 _____ C:\Users\Lenovo\Downloads\ACH-SvO.rar
2023-07-31 20:56 - 2023-07-31 21:24 - 520298786 _____ C:\Users\Lenovo\Downloads\dvopdda.7z
2023-07-31 20:33 - 2023-07-31 21:57 - 000000000 ____D C:\FRST
2023-07-31 16:14 - 2023-07-31 16:14 - 000000000 ____D C:\Users\Lenovo\Downloads\Štern
2023-07-31 16:13 - 2023-07-31 16:13 - 000002531 _____ C:\Users\Lenovo\Downloads\Štern.zip
2023-07-31 13:35 - 2023-07-31 13:35 - 000000000 ____D C:\Users\Lenovo\Downloads\Master_31.7.2023
2023-07-31 13:19 - 2023-07-31 13:19 - 048507273 _____ C:\Users\Lenovo\Downloads\Master_31.7.2023.zip
2023-07-31 13:18 - 2023-07-31 13:18 - 000001721 _____ C:\Users\Lenovo\Downloads\TDL002006.sql
2023-07-31 09:03 - 2023-07-31 09:03 - 000000244 _____ C:\Users\Lenovo\Downloads\cis720-ozd-typ.zip
2023-07-31 09:03 - 2023-07-31 09:03 - 000000000 ____D C:\Users\Lenovo\Downloads\cis720-ozd-typ
2023-07-31 09:02 - 2023-07-31 09:02 - 000000176 _____ C:\Users\Lenovo\Downloads\ciselnik-ozd-typ-771-1-1-2011.zip
2023-07-31 09:02 - 2023-07-31 09:02 - 000000000 ____D C:\Users\Lenovo\Downloads\ciselnik-ozd-typ-771-1-1-2011
2023-07-25 18:14 - 2023-07-25 18:50 - 187331519 _____ C:\Users\Lenovo\Downloads\Hand Spearing Monster Crab Catch n Cook.mp4
2023-07-25 18:13 - 2023-07-25 18:44 - 175945624 _____ C:\Users\Lenovo\Downloads\24hrs Alone on this Sand Island.mp4
2023-07-25 18:12 - 2023-07-25 18:36 - 323138529 _____ C:\Users\Lenovo\Downloads\Island Survival Challenge!.mp4
2023-07-25 18:07 - 2023-07-25 18:25 - 488864807 _____ C:\Users\Lenovo\Downloads\6 Days. Taking No Knife, Food, & Fire. 🛖.mp4
2023-07-23 18:54 - 2023-07-23 18:54 - 000000000 ____D C:\Users\Lenovo\Downloads\Master_13.7.2023 (1)
2023-07-23 18:50 - 2023-07-23 18:53 - 048477788 _____ C:\Users\Lenovo\Downloads\Master_13.7.2023 (1).zip
2023-07-21 15:18 - 2023-07-21 15:19 - 018396935 _____ C:\ProgramData\Pie64_5.12.108.1002.exe.tmp
2023-07-21 15:18 - 2023-07-21 15:18 - 000002000 _____ C:\Users\Public\Desktop\BlueStacks X.lnk
2023-07-21 15:18 - 2023-07-21 15:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks X
2023-07-21 15:18 - 2023-07-21 15:18 - 000000000 ____D C:\Program Files (x86)\BlueStacks X
2023-07-21 15:03 - 2023-07-21 15:19 - 000000000 ____D C:\Users\Lenovo\AppData\Local\BlueStacksSetup
2023-07-21 15:03 - 2023-07-21 15:03 - 000000000 ____D C:\Users\Public\BlueStacks
2023-07-21 15:03 - 2023-07-21 15:03 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Bluestacks
2023-07-20 22:23 - 2023-07-20 22:23 - 000003388 _____ C:\Windows\system32\Tasks\YTPX Cloud LG
2023-07-20 22:23 - 2023-07-20 22:23 - 000000000 ____D C:\Users\Lenovo\AppData\Local\ypsx_cloud_v2
2023-07-13 12:20 - 2023-07-13 12:20 - 000000585 _____ C:\Users\Lenovo\Downloads\zadanky_11.07.23.txt
2023-07-13 10:14 - 2023-07-13 10:14 - 048477788 _____ C:\Users\Lenovo\Downloads\Master_13.7.2023.zip
2023-07-12 08:37 - 2023-07-12 08:37 - 000000000 ___HD C:\$WinREAgent
2023-07-10 19:44 - 2023-07-10 19:44 - 000000000 ____D C:\Users\Lenovo\Desktop\resources
2023-07-10 15:25 - 2023-07-10 15:25 - 000000736 _____ C:\Users\Lenovo\Downloads\TDC000280.sql
2023-07-10 12:47 - 2023-07-10 12:47 - 004389133 _____ C:\Users\Lenovo\Downloads\registrace_2023_06_29_2200.zip
2023-07-09 17:07 - 2023-07-09 17:07 - 000001096 _____ C:\Users\Lenovo\Desktop\Gyroflow.exe – zástupce.lnk
2023-07-09 17:00 - 2023-07-09 17:00 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Gyroflow
2023-07-09 17:00 - 2023-07-09 17:00 - 000000000 ____D C:\Gyroflow-windows64
2023-07-09 16:59 - 2023-07-09 16:59 - 040121518 _____ C:\Users\Lenovo\Downloads\Gyroflow-windows64.zip
2023-07-04 14:53 - 2023-07-04 14:58 - 943497978 _____ C:\Users\Lenovo\Downloads\SQL2022.ZIP
2023-07-04 14:16 - 2023-07-04 14:16 - 048515820 _____ C:\Users\Lenovo\Downloads\Master_4.7.2023.zip
2023-07-03 08:39 - 2023-01-17 12:39 - 000043927 _____ C:\Users\Lenovo\Downloads\Mapovani_SQL.csv
2023-07-02 10:36 - 2023-07-02 11:47 - 000000000 ____D C:\TEMP
2023-07-02 09:56 - 2023-07-02 09:56 - 000001043 _____ C:\Users\Lenovo\Desktop\IrfanView 64.lnk
2023-07-02 09:56 - 2023-07-02 09:56 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2023-07-02 09:56 - 2023-07-02 09:56 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\IrfanView
2023-07-02 09:56 - 2023-07-02 09:56 - 000000000 ____D C:\Program Files\IrfanView

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-07-31 21:58 - 2022-12-21 22:01 - 000000000 ____D C:\Users\Lenovo\AppData\Local\D3DSCache
2023-07-31 21:40 - 2022-12-26 15:25 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\discord
2023-07-31 21:40 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-07-31 21:28 - 2022-12-26 15:25 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Discord
2023-07-31 20:51 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2023-07-31 20:50 - 2023-02-11 00:01 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\vlc
2023-07-31 20:32 - 2022-12-22 15:57 - 000000000 ____D C:\Moje
2023-07-31 20:27 - 2022-12-20 10:03 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-07-31 16:40 - 2023-01-02 16:57 - 000000000 ____D C:\WinMed2
2023-07-31 16:40 - 2022-12-26 15:21 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Access
2023-07-31 14:39 - 2023-01-18 11:04 - 001388432 _____ C:\Users\Public\VOIP.dat
2023-07-31 14:35 - 2022-12-20 11:12 - 002027778 _____ C:\Windows\system32\PerfStringBackup.INI
2023-07-31 14:35 - 2019-12-07 16:43 - 000835774 _____ C:\Windows\system32\perfh005.dat
2023-07-31 14:35 - 2019-12-07 16:43 - 000193304 _____ C:\Windows\system32\perfc005.dat
2023-07-31 14:35 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2023-07-31 14:28 - 2022-12-26 15:25 - 000002232 _____ C:\Users\Lenovo\Desktop\Discord.lnk
2023-07-31 14:27 - 2023-05-09 08:36 - 000003840 _____ C:\Windows\system32\Tasks\wupdatecloud
2023-07-31 14:27 - 2023-05-09 08:36 - 000003820 _____ C:\Windows\system32\Tasks\zends-et
2023-07-31 14:27 - 2023-04-11 20:25 - 000003798 _____ C:\Windows\system32\Tasks\WDNA
2023-07-31 14:27 - 2023-01-01 18:14 - 000000000 ____D C:\Program Files\TeamViewer
2023-07-31 14:27 - 2022-12-20 11:36 - 000000000 __SHD C:\Users\Lenovo\IntelGraphicsProfiles
2023-07-31 14:27 - 2022-12-20 11:36 - 000000000 ____D C:\Intel
2023-07-31 14:27 - 2022-12-20 10:03 - 000008192 ___SH C:\DumpStack.log.tmp
2023-07-31 14:27 - 2022-12-20 10:03 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-07-31 14:27 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-07-31 14:27 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2023-07-31 14:26 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2023-07-31 11:23 - 2023-05-01 20:18 - 000000885 _____ C:\Users\Lenovo\Desktop\peníze.txt
2023-07-30 18:09 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\LiveKernelReports
2023-07-30 17:18 - 2023-05-09 08:36 - 000000000 ____D C:\Users\Lenovo\AppData\Local\wupdater_cloud
2023-07-30 15:52 - 2022-12-20 11:09 - 000003584 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1431687685-2443868726-21383991-1001
2023-07-30 15:52 - 2022-12-20 11:09 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1431687685-2443868726-21383991-1001
2023-07-30 15:52 - 2022-12-20 10:07 - 000002380 _____ C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-07-30 15:50 - 2022-12-20 10:03 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-07-28 09:41 - 2022-12-20 11:20 - 000918960 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2023-07-26 22:29 - 2023-03-19 15:46 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Kodi
2023-07-26 17:09 - 2023-03-19 17:14 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\.minecraft
2023-07-26 17:04 - 2022-12-22 00:52 - 000004214 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1671663161
2023-07-26 17:04 - 2022-12-22 00:52 - 000001408 _____ C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2023-07-25 17:13 - 2022-12-20 10:03 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-07-21 14:28 - 2022-12-20 10:07 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Packages
2023-07-21 14:17 - 2023-03-19 17:13 - 000000000 ____D C:\XboxGames
2023-07-21 14:17 - 2022-12-20 10:08 - 000000000 ____D C:\ProgramData\Packages
2023-07-21 14:15 - 2022-12-20 11:10 - 000000000 ____D C:\Users\Lenovo\AppData\Local\PlaceholderTileLogoFolder
2023-07-20 08:49 - 2023-01-06 12:11 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\CLView
2023-07-13 11:37 - 2022-12-22 16:19 - 000000000 ____D C:\MASTER Winmed2
2023-07-12 16:30 - 2022-12-20 10:03 - 000370184 _____ C:\Windows\system32\FNTCACHE.DAT
2023-07-12 16:29 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-07-12 16:29 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-07-12 16:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2023-07-12 16:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2023-07-12 16:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup
2023-07-12 16:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2023-07-12 16:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2023-07-12 16:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2023-07-12 15:01 - 2023-01-24 22:59 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-07-12 15:01 - 2023-01-24 20:49 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2023-07-12 08:45 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2023-07-12 08:42 - 2022-12-20 10:07 - 003015168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-07-12 08:08 - 2022-12-20 11:11 - 000000000 ____D C:\Windows\system32\MRT
2023-07-12 08:06 - 2022-12-20 11:11 - 173351160 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-07-11 12:56 - 2023-01-05 16:56 - 000000000 ____D C:\Registrace_Vyvoj
2023-07-10 12:48 - 2023-01-05 17:20 - 000000000 ____D C:\MASTER Registrace
2023-07-06 10:12 - 2022-12-20 10:03 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-07-06 10:12 - 2022-12-20 10:03 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-07-03 17:00 - 2022-12-20 10:07 - 000000000 ____D C:\Users\Lenovo
2023-07-03 12:14 - 2022-12-25 18:15 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Word
2023-07-03 12:14 - 2022-12-25 18:15 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Šablony

==================== Files in the root of some directories ========

2023-01-18 11:04 - 2023-07-31 14:39 - 001388432 _____ () C:\Users\Public\VOIP.dat
2022-12-25 17:52 - 2022-12-25 17:52 - 000000128 ____H () C:\Users\Lenovo\AppData\Roaming\ecf00c38dc807e105d881c433a6b455dd2c606b6
2023-01-03 10:29 - 2023-01-03 10:30 - 000000600 _____ () C:\Users\Lenovo\AppData\Roaming\winscp.rnd
2023-01-18 21:07 - 2023-01-18 21:07 - 000007603 _____ () C:\Users\Lenovo\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================











Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-07-2023
Ran by Lenovo (31-07-2023 21:59:01)
Running from C:\Moje\viry
Microsoft Windows 10 Pro Version 22H2 19045.3208 (X64) (2022-12-20 08:05:41)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1431687685-2443868726-21383991-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1431687685-2443868726-21383991-503 - Limited - Disabled)
Guest (S-1-5-21-1431687685-2443868726-21383991-501 - Limited - Disabled)
Lenovo (S-1-5-21-1431687685-2443868726-21383991-1001 - Administrator - Enabled) => C:\Users\Lenovo
WDAGUtilityAccount (S-1-5-21-1431687685-2443868726-21383991-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 23.003.20244 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Autodesk Fusion 360 (HKU\S-1-5-21-1431687685-2443868726-21383991-1001\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.15050 - Autodesk, Inc.)
Azure Data Studio (HKLM\...\{6591F69E-6588-4980-81ED-C8FCBD7EC4B8}_is1) (Version: 1.28.0 - Microsoft Corporation)
Balíček ovladače systému Windows - Silicon Laboratories Inc. (silabser) Ports (05/23/2018 6.7.6.2130) (HKLM\...\C9C3E5CCB43EEF685DD0E2BB4263DDC88C9B3834) (Version: 05/23/2018 6.7.6.2130 - Silicon Laboratories Inc.)
Betaflight Configurator (HKLM\...\e72c90bb-45eb-48dc-9cf3-ac2e8ec52f8c_is1) (Version: 10.9.0 - The Betaflight open source project)
BlueStacks X (HKU\S-1-5-21-1431687685-2443868726-21383991-1001\...\BlueStacks X) (Version: 10.3.0.1020 - now.gg, Inc.)
Browser for SQL Server 2019 (HKLM-x32\...\{5E366957-8D78-4BB5-A790-96F97A9766BD}) (Version: 15.0.2000.5 - Microsoft Corporation)
Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version: - Canon Inc.)
ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{22E13608-4DB0-4977-A267-3AAFA09CD54A}) (Version: 4.8.09037 - Microsoft Corporation) Hidden
DiagnosticsHub_CollectionService (HKLM\...\{FECAFEB5-8D0E-4AE4-8FA0-745BAA835C35}) (Version: 17.3.32601 - Microsoft Corporation) Hidden
Discord (HKU\S-1-5-21-1431687685-2443868726-21383991-1001\...\Discord) (Version: 1.0.9008 - Discord Inc.)
Dolby Audio X2 Windows API SDK (HKLM\...\{FA0735B6-9E18-437A-A1CD-9152650FC52B}) (Version: 0.8.8.90 - Dolby Laboratories, Inc.) Hidden
dpbupg - Aktualizace číselníků z Internetu (HKLM-x32\...\ST6UNST #1) (Version: - )
Entity Framework 6.2.0 Tools for Visual Studio 2022 (HKLM-x32\...\{E263D8A7-A45C-4A1E-8197-01F8DFB2D709}) (Version: 6.2.0.0 - Microsoft Corporation) Hidden
Epic Games Launcher (HKLM-x32\...\{1E570BD2-E6BC-4CA1-A08C-E9CE483AD022}) (Version: 1.3.79.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{35905844-0610-427D-86A0-2103FABE3D4D}) (Version: 2.0.42.0 - Epic Games, Inc.)
ExpressLRS Configurator 1.5.9 (HKU\S-1-5-21-1431687685-2443868726-21383991-1001\...\2a8c9963-7c47-572e-b852-e0570c14856b) (Version: 1.5.9 - ExpressLRS Configurator Contributors)
Free Cam 8 (HKLM-x32\...\{7B1D3F21-3095-4292-877E-69C085253F59}) (Version: 8.7.27159 - iSpring Solutions Inc.)
GDR 2095 for SQL Server 2019 (KB5014356) (64-bit) (HKLM\...\KB5014356) (Version: 15.0.2095.3 - Microsoft Corporation)
GDR 2101 for SQL Server 2019 (KB5021125) (64-bit) (HKLM\...\KB5021125) (Version: 15.0.2101.7 - Microsoft Corporation)
icecap_collection_neutral (HKLM-x32\...\{602F7006-1F86-4B30-8996-C6FC44B9F87E}) (Version: 17.6.33606 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{58CB2C38-D7D7-4198-A83F-DB023F0C6980}) (Version: 17.6.33605 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{4C2B8045-836F-43BC-B041-74072B854CD3}) (Version: 17.6.33606 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{D5071FCD-1329-450D-960E-23082D14D69B}) (Version: 17.6.33605 - Microsoft Corporation) Hidden
IIS 10.0 Express (HKLM\...\{56674F3A-EE02-4EC7-B429-B8C37CA254E3}) (Version: 10.0.07728 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - ) Hidden
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - ) Hidden
Integration Services (HKLM-x32\...\{8564E707-DD3A-425E-B333-A9970306BE8F}) (Version: 15.0.2000.162 - Microsoft Corporation) Hidden
IntelliTraceProfilerProxy (HKLM\...\{F8B9E8C8-61E8-4E9E-879D-F3F498AD0230}) (Version: 15.0.21225.01 - Microsoft Corporation) Hidden
IntelliTraceProfilerProxy (HKLM-x32\...\{C8891AD2-C223-45CD-A9BE-617A68923B61}) (Version: 15.0.21225.01 - Microsoft Corporation) Hidden
IrfanView 4.62 (64-bit) (HKLM\...\IrfanView64) (Version: 4.62 - Irfan Skiljan)
Kodi (HKU\S-1-5-21-1431687685-2443868726-21383991-1001\...\Kodi) (Version: 20.1.0.0 - XBMC Foundation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo Service Bridge (HKU\S-1-5-21-1431687685-2443868726-21383991-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 5.0.2.14 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.08.01.0009 - Lenovo)
LockHunter 3.4, 32/64 bit (HKLM\...\LockHunter_is1) (Version: 3.4.3.146 - Crystal Rich Ltd)
Microsoft .NET 6.0 Templates 7.0.302 (x64) (HKLM\...\{194C1C66-1005-4A4B-BEDF-AAFC36017ACF}) (Version: 24.7.65457 - Microsoft Corporation) Hidden
Microsoft .NET 7.0 Templates 7.0.302 (x64) (HKLM\...\{405256EA-D20C-4EBB-8D79-E8F8E02AC337}) (Version: 28.7.32689 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.16 (x64) (HKLM\...\{073A89C4-A435-41CF-96CA-7EF0AB698A79}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.16 (x64_arm) (HKLM\...\{27A73B89-4A4F-4C57-A692-F9D80612A3EE}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.16 (x64_arm64) (HKLM\...\{4F5F9A57-79E9-4DC9-8544-F5FB1A239A0D}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.16 (x64_x86) (HKLM\...\{E5CBB87C-4905-463A-89C3-54FCFE6129F1}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 7.0.5 (x64) (HKLM\...\{8BEEA1E5-2EB9-453E-BB9D-497C788B1271}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 7.0.5 (x64_arm) (HKLM\...\{B0613946-1920-45F8-9BE3-2E3FFF7A1A1E}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 7.0.5 (x64_arm64) (HKLM\...\{78F98773-C35A-47CB-B819-A3DD0151554C}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 7.0.5 (x64_x86) (HKLM\...\{9B65AC4E-46B8-46DA-BCD0-D5A5CEFD0F2E}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.2 Targeting Pack (čeština) (HKLM-x32\...\{3DC65636-1EBB-41E9-836B-10174949883C}) (Version: 4.7.03062 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.2 Targeting Pack (HKLM-x32\...\{1784A8CD-F7FE-47E2-A87D-1F31E7242D0D}) (Version: 4.7.03062 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 SDK (čeština) (HKLM-x32\...\{84224644-1FA0-496E-8941-B1553C004E7A}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 SDK (HKLM-x32\...\{949C0535-171C-480F-9CF4-D25C9E60FE88}) (Version: 4.8.03928 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 Targeting Pack (čeština) (HKLM-x32\...\{33D8579D-AE2C-45ED-9D16-08451BCC9B45}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 Targeting Pack (HKLM-x32\...\{BAAF5851-0759-422D-A1E9-90061B597188}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework Cumulative Intellisense Pack for Visual Studio (čeština) (HKLM-x32\...\{EABEB841-5C97-4CE3-A4CF-64F5978D13B2}) (Version: 4.8.09037 - Microsoft Corporation) Hidden
Microsoft .NET Host - 7.0.5 (x64) (HKLM\...\{CE8DF750-A582-4D59-A610-478A752481B1}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft .NET Host - 7.0.5 (x86) (HKLM-x32\...\{2F933E6C-13D1-4886-99EB-05ED0C42885B}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 7.0.5 (x64) (HKLM\...\{B6F2958F-0F6F-4CCD-867F-80EC5C333B79}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 7.0.5 (x86) (HKLM-x32\...\{E3B06B8A-7FA4-4421-8A96-8503B2669F50}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.16 (x64) (HKLM\...\{C71E93D2-B8B4-4858-B2A1-4C967DBC1C5F}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.16 (x86) (HKLM-x32\...\{D9C57643-68F6-4D39-8E6A-20107848904F}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 7.0.5 (x64) (HKLM\...\{793FCD19-00AC-4804-B569-782DF3B24A39}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 7.0.5 (x86) (HKLM-x32\...\{23D1DA1E-5CBC-4990-BB53-5974E8D0AB3A}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft .NET SDK 7.0.302 (x64) from Visual Studio (HKLM\...\{51289EF6-56DA-4EF1-9C82-D21FD6A674F8}) (Version: 7.3.223.25905 - Microsoft Corporation)
Microsoft .NET Standard Targeting Pack - 2.1.0 (x64) (HKLM\...\{A7036CFB-B403-4598-85FF-D397ABB88173}) (Version: 24.0.28113 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 6.0.16 (x64) (HKLM\...\{A40278C4-1199-406F-80D3-790AFEBFDE07}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 6.0.16 (x86) (HKLM-x32\...\{A0401658-F623-4CBD-A706-E5DC41B9AE5D}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 7.0.5 (x64) (HKLM\...\{3D347BF4-DCF0-4960-81B3-A09703182982}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 7.0.5 (x86) (HKLM-x32\...\{98A540CC-952F-470E-97C6-3D2DBCD0CD9C}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft .NET Toolset 7.0.302 (x64) (HKLM\...\{A86BDCCB-43BD-47F4-BE3A-7CE0C72165A8}) (Version: 28.6.65457 - Microsoft Corporation) Hidden
Microsoft Analysis Services OLE DB Provider (HKLM\...\{9786E83E-B71A-4526-B58F-64F35C7E2CFE}) (Version: 15.0.2000.568 - Microsoft Corporation) Hidden
Microsoft Analysis Services OLE DB Provider (HKLM-x32\...\{4F1405AB-36A8-4383-9C1A-AE00491C255F}) (Version: 15.0.2000.568 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.16 Shared Framework (x64) (HKLM\...\{0DF7C481-9E91-3118-B877-6EA9084358AD}) (Version: 6.0.16.23174 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.16 Shared Framework (x86) (HKLM-x32\...\{5545924B-28E4-37E9-9C29-84BF047EB3CB}) (Version: 6.0.16.23174 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.16 Targeting Pack (x64) (HKLM\...\{754209E2-05C7-35ED-A0D4-22766E52AF0F}) (Version: 6.0.16.23174 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.16 Targeting Pack (x86) (HKLM-x32\...\{85CB6891-502D-3802-8CCB-4275E1CC0CD3}) (Version: 6.0.16.23174 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 7.0.5 Shared Framework (x64) (HKLM\...\{D4659401-47DD-3355-A866-C827D0DDAC97}) (Version: 7.0.5.23174 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 7.0.5 Shared Framework (x86) (HKLM-x32\...\{E9A7B080-E866-31F8-A4D1-D534685DFF86}) (Version: 7.0.5.23174 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 7.0.5 Targeting Pack (x64) (HKLM\...\{135A25E2-920D-3A18-A1A2-C18B7D3ADD48}) (Version: 7.0.5.23174 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 7.0.5 Targeting Pack (x86) (HKLM-x32\...\{A2448B21-04AD-329A-8EC8-422549CC005B}) (Version: 7.0.5.23174 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core Module for IIS Express (HKLM\...\{FAFEE5E3-E00A-4CE8-B495-8F66A5FAB236}) (Version: 12.2.18292.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core Module V2 for IIS Express (HKLM\...\{F0E9CE77-BF19-4BBE-B228-A42F782F82E4}) (Version: 17.0.22116.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Diagnostic Pack for Visual Studio (HKLM-x32\...\{BF7E1D28-E9CD-372D-8702-14BBD224A221}) (Version: 17.6.326.62524 - Microsoft Corporation) Hidden
Microsoft Azure Authoring Tools - v2.9.7 (HKLM\...\{90462BD2-DF5B-449C-A401-FCC1DC264E4E}) (Version: 2.9.8999.45 - Microsoft Corporation)
Microsoft Azure Compute Emulator - v2.9.7 (HKLM\...\{04CA054C-2F40-44B0-8610-8D51EC9444FE}) (Version: 2.9.8999.43 - Microsoft Corporation) Hidden
Microsoft Azure Compute Emulator - v2.9.7 (HKLM\...\Microsoft Azure Compute Emulator - v2.9.7) (Version: 2.9.8999.43 - Microsoft Corporation)
Microsoft Azure Libraries for .NET – v2.9 (HKLM\...\{C5C91AA6-3E83-430E-8B7A-6B790083F28D}) (Version: 3.0.0127.060 - Microsoft Corporation)
Microsoft Azure PowerShell - April 2018 (HKLM\...\{3BA7CAA9-97BA-4528-B7E1-B640910BB149}) (Version: 5.7.0.18831 - Microsoft Corporation)
Microsoft Command Line Utilities 15 for SQL Server (HKLM\...\{41C0DB18-1790-465E-B0DD-D9CAA35CACBE}) (Version: 15.0.1300.359 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 115.0.1901.188 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 115.0.1901.188 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft Help Viewer 2.3 (HKLM-x32\...\{BEFC10C1-7032-3C8E-80BC-621A77BFEABD}) (Version: 2.3.28107 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.3 (HKLM-x32\...\Microsoft Help Viewer 2.3) (Version: 2.3.28107 - Microsoft Corporation)
Microsoft NetStandard SDK (HKLM-x32\...\{737FDDA7-B944-4CB5-92D9-3D56373BD301}) (Version: 15.0.51105 - Microsoft Corporation) Hidden
Microsoft ODBC Driver 17 for SQL Server (HKLM\...\{CBA9B46D-5C8E-46F9-94B4-7024400EDE52}) (Version: 17.10.3.1 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
Microsoft Office Access MUI (Czech) 2007 (HKLM-x32\...\{90120000-0015-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Runtime (Czech) 2007 (HKLM-x32\...\{90120000-001C-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Excel MUI (Czech) 2007 (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (Czech) 2007 (HKLM-x32\...\{90120000-00BA-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2007 (HKLM-x32\...\{90120000-0044-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (HKLM\...\{90120000-002A-0000-1000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2007 (HKLM-x32\...\{90120000-00A1-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2007 (HKLM-x32\...\{90120000-001A-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2007 (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Czech) 2007 (HKLM-x32\...\{90120000-001F-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2007 (HKLM-x32\...\{90120000-001F-041B-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2007 (HKLM-x32\...\{90120000-002C-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}) (Version: - Microsoft) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}) (Version: - Microsoft) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version: - Microsoft) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}) (Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (Czech) 2007 (HKLM-x32\...\{90120000-0019-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2007 (HKLM\...\{90120000-002A-0405-1000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2007 (HKLM-x32\...\{90120000-006E-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2007 (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft OLE DB Driver for SQL Server (HKLM\...\{9D6F8754-28E9-4940-B319-3FC8588CF18F}) (Version: 18.5.0.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1431687685-2443868726-21383991-1001\...\OneDriveSetup.exe) (Version: 23.142.0709.0001 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{9D93D367-A2CC-4378-BD63-79EF3FE76C78}) (Version: 11.4.7462.6 - Microsoft Corporation)
Microsoft SQL Server 2019 (64-bit) (HKLM\...\Microsoft SQL Server SQL2019) (Version: - Microsoft Corporation)
Microsoft SQL Server 2019 LocalDB (HKLM\...\{36E492B8-CB83-4DA5-A5D2-D99A8E8228A1}) (Version: 15.0.4153.1 - Microsoft Corporation)
Microsoft SQL Server 2019 RsFx Driver (HKLM\...\{5825CDC4-4E99-4CF9-91FE-DB60C0E2F5EA}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
Microsoft SQL Server 2019 Setup (English) (HKLM\...\{17DCED0E-5B27-453A-B2B4-E487B869B28A}) (Version: 15.0.4013.40 - Microsoft Corporation)
Microsoft SQL Server 2019 T-SQL Language Service (HKLM\...\{31D27B41-A051-49D8-907A-62E0F4A2188C}) (Version: 15.0.2000.5 - Microsoft Corporation)
Microsoft SQL Server Management Studio - 18.9.1 (HKLM-x32\...\{bf0d55ea-f272-49bc-8699-22fbdcc115a8}) (Version: 15.0.18384.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2019 (HKLM\...\{5BC7E9EB-13E8-45DB-8A60-F2481FEB4595}) (Version: 15.0.2000.5 - Microsoft Corporation)
Microsoft TestPlatform SDK Local Feed (HKLM-x32\...\{839C2D45-DDF6-432C-A6A2-C6AF2EF281BF}) (Version: 17.0.0.5175695 - Microsoft) Hidden
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31931 (HKLM-x32\...\{d4cecf3b-b68f-4995-8840-52ea0fab646e}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.31.31103 (HKLM-x32\...\{41d7b770-418a-43b7-95a5-f925fff05789}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31931 (HKLM\...\{EAE242B1-0A26-485A-BFEB-0292EE9F03CB}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31931 (HKLM\...\{CF4C347D-954E-4543-88D2-EC17F07F466F}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.31.31103 (HKLM-x32\...\{5720EC03-F26F-40B7-980C-50B5D420B5DE}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.31.31103 (HKLM-x32\...\{799E3FFF-705C-461F-B400-6DE27398B3E5}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 3.6.2115.31769 - Microsoft Corporation)
Microsoft Visual Studio Setup Configuration (HKLM-x32\...\{5E8B524C-99ED-4F58-AC9F-3B05036833A4}) (Version: 3.6.2085.9058 - Microsoft Corporation) Hidden
Microsoft Visual Studio Setup WMI Provider (HKLM-x32\...\{47B3704C-3287-4DFC-B019-CCBF305492B3}) (Version: 3.6.2085.9058 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2017 (HKLM-x32\...\{f895a2f1-ae3f-4212-8af1-7fa1f8c212ea}) (Version: 15.0.27520 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2017 x64 Hosting Support (HKLM\...\{AFFB9D8D-6E58-38A0-A7DD-F6F1F4247B36}) (Version: 15.0.27520 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2017 x86 Hosting Support (HKLM-x32\...\{9594C97E-6A20-38B3-81BB-2778C4780BE1}) (Version: 15.0.27520 - Microsoft Corporation) Hidden
Microsoft VSS Writer for SQL Server 2019 (HKLM\...\{2C33F4D4-E9A5-4DE1-ACFE-3A13464E6703}) (Version: 15.0.2000.5 - Microsoft Corporation)
Microsoft Web Deploy 4.0 (HKLM\...\{B1D041B8-893D-46F2-A822-6920D17411C9}) (Version: 10.0.7225 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.16 (x64) (HKLM\...\{805626FF-2BC9-4567-A71E-A76A470D000A}) (Version: 48.67.58484 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.16 (x86) (HKLM-x32\...\{8BA8D6A7-8281-40B9-B0FB-F2835CA89051}) (Version: 48.67.58484 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.5 (x64) (HKLM\...\{109506AF-BF9E-43E1-87F3-3141B9C3F6BA}) (Version: 56.23.58485 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.5 (x86) (HKLM-x32\...\{10B89C4E-2660-4746-AD74-18C3BD27D929}) (Version: 56.23.58485 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 6.0.16 (x64) (HKLM\...\{DB633D2E-F8CA-4CCB-84C3-7724199871C1}) (Version: 48.67.58484 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 6.0.16 (x86) (HKLM-x32\...\{E9DC873B-B6FD-4198-9F17-E0808B7BBF32}) (Version: 48.67.58484 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 7.0.5 (x64) (HKLM\...\{CADF61B0-5AB9-467E-A60F-357EAFB2E352}) (Version: 56.23.58485 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 7.0.5 (x86) (HKLM-x32\...\{2D1F81F3-235C-449F-86F1-3E3A770D078F}) (Version: 56.23.58485 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.Android.Manifest-7.0.100 (x64) (HKLM\...\{565FC58A-8818-4E03-83EF-B2899FC3A8D2}) (Version: 33.0.46 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.iOS.Manifest-7.0.100 (x64) (HKLM\...\{B6E4D94C-B0BB-4CB2-82C2-DC24C8C14284}) (Version: 16.4.7054 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.MacCatalyst.Manifest-7.0.100 (x64) (HKLM\...\{F5F08012-912E-437D-8660-53AE79212D09}) (Version: 16.4.7054 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.macOS.Manifest-7.0.100 (x64) (HKLM\...\{91300E04-C694-460C-B95D-1F43ED60AB71}) (Version: 13.3.7054 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.Maui.Manifest-7.0.100 (x64) (HKLM\...\{B9B9B64E-70F4-47C0-B57C-9269431912D8}) (Version: 7.0.86 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.tvOS.Manifest-7.0.100 (x64) (HKLM\...\{D43E9C77-06C8-42F6-B3C4-C8D863E4BDB8}) (Version: 16.4.7054 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Emscripten.net6.Manifest (x64) (HKLM\...\{2A063023-C53B-4FC0-9E47-59FBEE4C8441}) (Version: 56.35.58417 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Emscripten.net7.Manifest (x64) (HKLM\...\{BCBE79F7-20E7-45C7-91D4-BEB9214F8D35}) (Version: 56.35.58417 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Mono.Toolchain.net6.Manifest (x64) (HKLM\...\{17A80AE2-77FC-4391-B1DD-25407A371306}) (Version: 56.3.58437 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Mono.Toolchain.net7.Manifest (x64) (HKLM\...\{0C25CA92-E301-47E8-AD53-D9315C431D97}) (Version: 56.3.58437 - Microsoft Corporation) Hidden
OpenTX Companion 2.3 (HKLM-x32\...\OpenTX Companion 2.3) (Version: 2.3.15 - OpenTX)
Opera Stable 100.0.4815.76 (HKU\S-1-5-21-1431687685-2443868726-21383991-1001\...\Opera 100.0.4815.76) (Version: 100.0.4815.76 - Opera Software)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
SQL Server 2019 Batch Parser (HKLM\...\{D459615B-83B0-408F-8F39-6CC07C277BA6}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Common Files (HKLM\...\{0FB552DD-543E-48E7-A6F4-2F8D82723C6A}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Common Files (HKLM\...\{5E4344C9-8B97-4ED9-8760-57E221C240F4}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Connection Info (HKLM\...\{99B940D5-1A49-4B6C-B26C-6A88B2C061CA}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Connection Info (HKLM\...\{FD730873-33D1-4D1F-9AE0-E259586F8827}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Database Engine Services (HKLM\...\{A60B3D8E-5311-4BF1-AF7A-D1AC15F9152E}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Database Engine Services (HKLM\...\{E3E84B2C-FCF6-469F-9FE7-5E8934DB69AD}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Database Engine Shared (HKLM\...\{619F0B6C-C802-422A-B4E5-294E61F68473}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Database Engine Shared (HKLM\...\{DE5B7937-D5B5-4157-BC30-BB87F021CFF0}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 DMF (HKLM\...\{814D5077-C93F-42E2-B875-717007C186B9}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 DMF (HKLM\...\{FC8DC283-4A85-467F-8D0E-2FE4606DCCA1}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Shared Management Objects (HKLM\...\{6213D6CB-D258-47A3-B1A0-EE1E5C080DCF}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Shared Management Objects (HKLM\...\{A8581199-F913-443B-B058-8E8BF317E71C}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Shared Management Objects Extensions (HKLM\...\{8DDAEBCA-4267-4E16-9FE0-D87F21D36891}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Shared Management Objects Extensions (HKLM\...\{C7E6D4B7-CB10-4239-BA04-D9339B39D0BD}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 SQL Diagnostics (HKLM\...\{28ED6838-D8E5-454C-A813-12C5EB447CAB}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 XEvent (HKLM\...\{2129312E-5204-4F3A-9039-B6D34DBB00FB}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 XEvent (HKLM\...\{228C3DC2-695E-4FC7-87E4-6A9CE905DA9B}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server Management Studio (HKLM\...\{AC2FDB24-D722-49F9-8CB4-8AC187A73BA6}) (Version: 15.0.18384.0 - Microsoft Corporation) Hidden
SQL Server Management Studio (HKLM\...\{FFEDA3B1-242E-40C2-BB23-7E3B87DAC3C1}) (Version: 15.0.18384.0 - Microsoft Corporation) Hidden
SQL Server Management Studio for Analysis Services (HKLM\...\{6E38BAB6-6AFA-49DC-B779-A068B0E5CD11}) (Version: 15.0.18384.0 - Microsoft Corporation) Hidden
SQL Server Management Studio for Reporting Services (HKLM\...\{7CC4781E-9184-4BF6-B739-6179DDA10D7B}) (Version: 15.0.18384.0 - Microsoft Corporation) Hidden
SSMS Post Install Tasks (HKLM\...\{C0BE7047-8F9B-43BD-B11F-53D2BC61A0AC}) (Version: 15.0.18384.0 - Microsoft Corporation) Hidden
Sublime Text (HKLM\...\Sublime Text_is1) (Version: - Sublime HQ Pty Ltd)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.37.3 - TeamViewer)
Thunderbolt™ Software (HKLM-x32\...\{1AA93FF8-C685-4E00-8682-7F2E5D8E8689}) (Version: 17.4.80.550 - Intel Corporation)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 139.2.10843 - Ubisoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
vcpp_crt.redist.clickonce (HKLM-x32\...\{706A46BD-BB58-40E4-B542-173377079DC3}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Visual C++ Library CRT Appx Package (HKLM-x32\...\{7A7337A7-CDAB-4E3E-A001-486232533737}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Visual C++ Library CRT Appx Package (HKLM-x32\...\{FBA5C836-7D17-4B2E-B0FC-5D1F61A5EB1D}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Visual C++ Library CRT Appx Resource Package (HKLM-x32\...\{73EE6A36-8E97-4C96-AA1B-237F63A341FF}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Visual C++ Library CRT ARM64 Appx Package (HKLM-x32\...\{14D6457A-DF33-4E7C-8393-7A8158CA0899}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Visual C++ Library CRT Desktop Appx Package (HKLM-x32\...\{68C89F7A-31DC-404A-922A-4124C5AF72AE}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Visual C++ Library CRT Desktop Appx Package (HKLM-x32\...\{7539E358-316D-4E69-89FF-53BC9789269A}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Visual C++ Library CRT Desktop Appx Package (HKLM-x32\...\{86478DF5-B177-4D98-87CA-32F269DDFDDB}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Visual Studio 2017 Isolated Shell for SSMS (HKLM-x32\...\{AAA9F15B-AF45-4562-9991-93A848D3A902}) (Version: 15.0.28307.421 - Microsoft Corporation) Hidden
Visual Studio Community 2022 (HKLM-x32\...\2db2287b) (Version: 17.6.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
VS Immersive Activate Helper (HKLM-x32\...\{0B826206-3626-4E96-A675-0BDE6B8711B6}) (Version: 17.0.118.0 - Microsoft Corporation) Hidden
VS JIT Debugger (HKLM\...\{7B8542BA-01E4-43EB-A172-1DA975AFD00B}) (Version: 17.0.118.0 - Microsoft Corporation) Hidden
VS Script Debugging Common (HKLM\...\{C8EA234A-FC2F-4EEC-BF7F-DB14C28C84D2}) (Version: 17.0.118.0 - Microsoft Corporation) Hidden
vs_BlendMsi (HKLM-x32\...\{B34081FD-ADDF-4B89-A42F-5A68A379556C}) (Version: 17.6.33605 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsi (HKLM-x32\...\{07C7A46C-48FC-4AF2-891B-22D0345C974E}) (Version: 17.6.33606 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsires (HKLM-x32\...\{84D58147-66B1-466D-A65F-CED613109399}) (Version: 17.6.33605 - Microsoft Corporation) Hidden
vs_clickoncesigntoolmsi (HKLM-x32\...\{2A387476-6041-4F52-9FFF-8806BE8C4FEF}) (Version: 17.6.33605 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{5262DA74-3A86-4FBC-8D1F-A6A8533A8A97}) (Version: 17.6.33606 - Microsoft Corporation) Hidden
vs_communitysharedmsi (HKLM-x32\...\{659ED029-F029-4751-B993-DC227D627A52}) (Version: 17.6.33606 - Microsoft Corporation) Hidden
vs_communityx64msi (HKLM\...\{6077C9DC-A21E-44E7-9CE6-AE82A36197AD}) (Version: 17.6.33605 - Microsoft Corporation) Hidden
vs_CoreEditorFonts (HKLM-x32\...\{56FB5923-1A95-4D55-BE78-CD42B50E67AD}) (Version: 17.6.33605 - Microsoft Corporation)
vs_devenvsharedmsi (HKLM-x32\...\{DC2045F0-1E69-4E61-99FE-F6974B6231C1}) (Version: 17.6.33605 - Microsoft Corporation) Hidden
vs_devenx64vmsi (HKLM\...\{CF59ABFA-9F4D-4F28-80D4-A1C46BAFBA9D}) (Version: 17.6.33605 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{7B64038A-AEE0-4EC7-B13D-0B82F06148CE}) (Version: 17.6.33605 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{A74093C9-C725-46F1-B826-D1790F6475FF}) (Version: 17.6.33605 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{BA850359-A73A-4D74-A1B4-223D5D962A5F}) (Version: 17.6.33605 - Microsoft Corporation) Hidden
vs_minshellinteropsharedmsi (HKLM-x32\...\{2B238E56-4BB2-43F2-BEBF-50FC9CD15211}) (Version: 17.6.33605 - Microsoft Corporation) Hidden
vs_minshellinteropx64msi (HKLM\...\{19EE681B-0930-4A7D-938F-D391D121CF89}) (Version: 17.6.33605 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{785808C5-841D-404F-BBCA-8125FF2C68FE}) (Version: 17.6.33605 - Microsoft Corporation) Hidden
vs_minshellsharedmsi (HKLM-x32\...\{6C6E170D-4C58-444C-994E-FB5416CAFCCF}) (Version: 17.6.33605 - Microsoft Corporation) Hidden
vs_minshellx64msi (HKLM\...\{00E21B2D-B69B-4D8A-AED3-5A5A3204DFCB}) (Version: 17.6.33605 - Microsoft Corporation) Hidden
vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{0F6E6607-7BB5-40D9-8538-C8313D82AE0F}) (Version: 17.6.33605 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{D984791D-7FCE-4138-A23C-AC5432DB6458}) (Version: 17.6.33605 - Microsoft Corporation) Hidden
vs_vswebprotocolselectormsi (HKLM-x32\...\{9207DB43-85DA-4A32-874E-3425C3DE18F1}) (Version: 17.6.33605 - Microsoft Corporation) Hidden
vs_vswebprotocolselectormsires (HKLM-x32\...\{46240305-B1B5-4961-AED9-EF8D96F33224}) (Version: 17.6.33605 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
windows_toolscorepkg (HKLM-x32\...\{18752AC8-6F0F-4016-95D1-70731707CBF7}) (Version: 17.6.33605 - Microsoft Corporation) Hidden
WinMed 2 (HKLM-x32\...\{F81C10F4-EE30-49D9-B8DB-EA0CB870681A}) (Version: 2021.1.1.46 - Plus4U Medical s.r.o.)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-1431687685-2443868726-21383991-1001\...\ZoomUMX) (Version: 5.14.8 (16213) - Zoom Video Communications, Inc.)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-04-13] (Microsoft Corporation)
ELAN Touchpad for Thinkpad -> C:\Program Files\WindowsApps\ELANMicroelectronicsCorpo.ELANTouchpadforThinkpad_24.121.15.0_x64__stws0m115j6hg [2023-07-21] (ELAN Microelectronics Corporation)
ELAN TrackPoint for Thinkpad -> C:\Program Files\WindowsApps\ELANMicroelectronicsCorpo.ELANTrackPointforThinkpa_24.121.18.0_x64__stws0m115j6hg [2023-07-22] (ELAN Microelectronics Corporation)
Lenovo Pen Settings -> C:\Program Files\WindowsApps\WacomTechnologyCorp.157535B83C264_7.7.61.0_neutral__ss941bf8mfs8a [2022-12-22] (Wacom Technology Corp.)
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_53.10510.531.0_x64__8wekyb3d8bbwe [2023-07-21] (Microsoft Corporation)
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.20.1201.0_x64__8wekyb3d8bbwe [2023-07-21] (Microsoft Studios)
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.2.16.0_x64__8wekyb3d8bbwe [2023-07-21] (Microsoft Studios)
Minecraft: Java Edition -> C:\Program Files\WindowsApps\Microsoft.MinecraftJavaEdition_1.0.5.0_x64__8wekyb3d8bbwe [2023-07-21] (Microsoft Studios)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-07-21] (Microsoft Studios) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1431687685-2443868726-21383991-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-1431687685-2443868726-21383991-1001_Classes\CLSID\{C4F0910E-E0B4-4E68-8086-452730C7A26A}\InprocServer32 -> C:\Users\Lenovo\AppData\Local\Autodesk\webdeploy\production\414da7cdec4faa7986fe0d205fb521fc68f5d46c\NPreview10.dll (Autodesk, Inc. -> )
ContextMenuHandlers1: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2021-06-24] (Crystal Rich Ltd -> Crystal Rich Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2021-06-24] (Crystal Rich Ltd -> Crystal Rich Ltd)
ContextMenuHandlers4: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2021-06-24] (Crystal Rich Ltd -> Crystal Rich Ltd)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2022-06-15] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_f694c3678cca2be0\igfxDTCM.dll [2022-05-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2022-06-15] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2022-12-25 17:58 - 2021-04-02 14:30 - 007218688 _____ (Python Software Foundation) [File not signed] C:\Program Files\Sublime Text\python33.dll
2022-12-25 17:58 - 2021-04-02 14:30 - 008466432 _____ (Python Software Foundation) [File not signed] C:\Program Files\Sublime Text\python38.dll
2022-12-25 17:58 - 2021-04-02 14:30 - 003451392 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\Sublime Text\libcrypto-1_1-x64.dll
2022-12-25 17:58 - 2021-04-02 14:30 - 000682496 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\Sublime Text\libssl-1_1-x64.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData:iSpring Solutions [128]
AlternateDataStreams: C:\Users\All Users:iSpring Solutions [128]
AlternateDataStreams: C:\ProgramData\Data aplikací:iSpring Solutions [128]
AlternateDataStreams: C:\Users\Lenovo\Data aplikací:iSpring Solutions [128]
AlternateDataStreams: C:\Users\Lenovo\AppData\Roaming:iSpring Solutions [128]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

2022-12-22 17:26 - 2023-02-11 14:02 - 000000508 _____ C:\Windows\system32\drivers\etc\hosts.ics
192.168.137.1 DESKTOP-D7P1O08.mshome.net # 2028 2 4 10 12 2 3 329
192.168.137.192 LGwebOSTV.mshome.net # 2023 2 6 18 12 2 3 329
13

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1431687685-2443868726-21383991-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-80-2196430659-3345688158-4281717578-75482121-3290361108\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-80-417864872-2509941577-3334891905-2270271522-438893919\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1431687685-2443868726-21383991-1001\...\StartupApproved\Run: => "btweb"
HKU\S-1-5-21-1431687685-2443868726-21383991-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{0477D01D-B269-4F97-86AC-B2B1101340E7}C:\program files\kodi\kodi.exe] => (Allow) C:\program files\kodi\kodi.exe (XBMC Foundation) [File not signed]
FirewallRules: [UDP Query User{30C00C6B-AB89-4E5F-B32D-88F2AF473EB6}C:\program files\kodi\kodi.exe] => (Allow) C:\program files\kodi\kodi.exe (XBMC Foundation) [File not signed]
FirewallRules: [TCP Query User{79E4ADFC-699C-4243-816F-E87FFF5D603A}C:\users\lenovo\appdata\local\programs\opera\opera.exe] => (Block) C:\users\lenovo\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{17606559-DD1A-4AA0-8056-EC7A80B20F9B}C:\users\lenovo\appdata\local\programs\opera\opera.exe] => (Block) C:\users\lenovo\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{C330561D-0C02-4080-AE0C-B316084AE209}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{29A66493-EA4F-490C-A8A0-4A57C49FA73F}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2FD9493C-9C10-4A6B-A542-375AF8E5CFE8}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4CADF0B7-CA9A-428D-B2F0-0C69AFAE5819}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6E211778-0CE4-47B5-AF8A-E66DEC46EF3F}] => (Allow) C:\Program Files\Microsoft SQL Server\MSSQL15.WinMed2\MSSQL\Binn\sqlservr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{66C37B74-C406-4E95-969F-238D570373D5}] => (Allow) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{D3BE78BD-BA56-4849-9A8E-5D8ADDE4075E}C:\users\lenovo\appdata\local\programs\expresslrs configurator\expresslrs configurator.exe] => (Allow) C:\users\lenovo\appdata\local\programs\expresslrs configurator\expresslrs configurator.exe (ExpressLRS Configurator Contributors) [File not signed]
FirewallRules: [UDP Query User{B8EBBBBD-CE98-4DC3-955C-7E9B9A5A2527}C:\users\lenovo\appdata\local\programs\expresslrs configurator\expresslrs configurator.exe] => (Allow) C:\users\lenovo\appdata\local\programs\expresslrs configurator\expresslrs configurator.exe (ExpressLRS Configurator Contributors) [File not signed]
FirewallRules: [TCP Query User{627DB24E-0EB1-4E90-99F8-063EF15D4D0F}C:\program files\betaflight\betaflight-configurator\betaflight-configurator.exe] => (Allow) C:\program files\betaflight\betaflight-configurator\betaflight-configurator.exe (The NW.js Community) [File not signed]
FirewallRules: [UDP Query User{6555671E-4F37-4F20-A66C-B963C8284974}C:\program files\betaflight\betaflight-configurator\betaflight-configurator.exe] => (Allow) C:\program files\betaflight\betaflight-configurator\betaflight-configurator.exe (The NW.js Community) [File not signed]
FirewallRules: [{7DA9BB4D-3A05-450D-BAC7-A7C50567861F}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{A4AEF75C-77C7-4749-9A44-E928144EB580}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [TCP Query User{424B0AE8-C7B6-4EC8-BFEE-6D925F249B88}C:\users\lenovo\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\lenovo\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{30113EB1-B5DC-41C0-9044-9D4093AC5F9F}C:\users\lenovo\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\lenovo\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [TCP Query User{B28740FF-15A6-4D7C-BC8E-F84FC385DB9B}C:\users\lenovo\appdata\local\temp\rar$exa20808.48711\[img_1210] pretty_lonely_girl - at_sang_hyun_jang_studio - by_hwang_gim_jeong_photographer.exe] => (Block) C:\users\lenovo\appdata\local\temp\rar$exa20808.48711\[img_1210] pretty_lonely_girl - at_sang_hyun_jang_studio - by_hwang_gim_jeong_photographer.exe => No File
FirewallRules: [UDP Query User{3A8E7DAA-95F7-48A2-A711-2DF80043B90D}C:\users\lenovo\appdata\local\temp\rar$exa20808.48711\[img_1210] pretty_lonely_girl - at_sang_hyun_jang_studio - by_hwang_gim_jeong_photographer.exe] => (Block) C:\users\lenovo\appdata\local\temp\rar$exa20808.48711\[img_1210] pretty_lonely_girl - at_sang_hyun_jang_studio - by_hwang_gim_jeong_photographer.exe => No File
FirewallRules: [TCP Query User{AB16E68F-CC06-4F80-A9E0-B3CCEBB609EA}C:\dpb\instalace_winmed2_srv\total commander\totalcmd64.exe] => (Allow) C:\dpb\instalace_winmed2_srv\total commander\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{93FD0826-06F4-4470-9271-3ACE12103C10}C:\dpb\instalace_winmed2_srv\total commander\totalcmd64.exe] => (Allow) C:\dpb\instalace_winmed2_srv\total commander\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{EC54E8A6-345B-4541-8A34-D210333B4AC5}] => (Allow) C:\Users\Lenovo\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{BE81A672-61C4-4F6D-977D-3F8025149D66}] => (Allow) C:\Users\Lenovo\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{F7727A91-7641-4F72-9C85-BD12D85400CC}] => (Allow) C:\Users\Lenovo\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{B4479855-BE35-4818-AD6D-42DF10CCA4BF}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{0733BBE0-157A-4657-9B02-4A402B199910}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{7DCCF54F-EB0E-4593-B1A6-0F9023DEA13A}] => (Allow) C:\Program Files\Epic Games\TrackmaniaNext\trackmania.exe (NADEO SAS -> Nadeo)
FirewallRules: [{E28CFE59-89AE-43CC-9644-5B1724972DB6}] => (Allow) C:\Program Files\Epic Games\TrackmaniaNext\trackmania.exe (NADEO SAS -> Nadeo)
FirewallRules: [TCP Query User{045B8D91-D63D-4CAB-BBD6-9AF6967FF07D}C:\users\lenovo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lenovo\appdata\roaming\spotify\spotify.exe => No File
FirewallRules: [UDP Query User{C921EEBC-5838-45BB-883B-6D588A9518DB}C:\users\lenovo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lenovo\appdata\roaming\spotify\spotify.exe => No File
FirewallRules: [{CE2011C7-E7B8-49C5-9A86-2F2EA82BF6BA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3403.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{ECE8FCCE-5A70-427C-9C74-AC5FBE3151CC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3403.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{63F157F0-FC49-4276-AC56-AA8373BFA43C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3403.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BCE5E4CB-7CE5-4538-99BC-3FD5F27B74E1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3403.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{43761188-C81B-4D19-9D3A-B267B5E05768}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe (Now.gg, INC -> Bluestack Systems, Inc.)
FirewallRules: [{A5B8A32D-39A4-4074-BE01-888812CFBCFB}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe (Now.gg, INC -> COMPANY NAME)
FirewallRules: [TCP Query User{8A1F02B8-46AD-4519-9984-9A21863EB071}C:\users\lenovo\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\lenovo\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{F547DA46-77F1-4B51-9F7C-6CFE6A233600}C:\users\lenovo\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\lenovo\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{4F33D7B2-2D2D-46B9-85E5-768A9D4B57A8}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\115.0.1901.188\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (07/31/2023 09:27:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MSACCESS.EXE, verze: 12.0.6735.5000, časové razítko: 0x561e089f
Název chybujícího modulu: MSACCESS.EXE, verze: 12.0.6735.5000, časové razítko: 0x561e089f
Kód výjimky: 0xc0000005
Posun chyby: 0x00295766
ID chybujícího procesu: 0xc90
Čas spuštění chybující aplikace: 0x01d9c37f8fb857d5
Cesta k chybující aplikaci: C:\Program Files (x86)\Microsoft Office\Office12\MSACCESS.EXE
Cesta k chybujícímu modulu: C:\Program Files (x86)\Microsoft Office\Office12\MSACCESS.EXE
ID zprávy: 86f520ec-33f9-415a-acc5-49e8d8be9dc7
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (07/31/2023 08:28:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchApp.exe, verze: 10.0.19041.3155, časové razítko: 0x5cb9ff30
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.3155, časové razítko: 0xbf300201
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000012d8b2
ID chybujícího procesu: 0xb3c
Čas spuštění chybující aplikace: 0x01d9bbff2df69f50
Cesta k chybující aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 6ed3771c-694c-468d-b2ab-19c3f660229a
Úplný název chybujícího balíčku: Microsoft.Windows.Search_1.14.10.19041_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: CortanaUI

Error: (07/30/2023 03:53:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: fwdetectcmd1911.exe, verze: 1.0.0.0, časové razítko: 0x5dde0fc6
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.3208, časové razítko: 0xbc1cd7c0
Kód výjimky: 0xe0434352
Posun chyby: 0x0013d902
ID chybujícího procesu: 0x5744
Čas spuštění chybující aplikace: 0x01d9c2ed287b747d
Cesta k chybující aplikaci: C:\ProgramData\Lenovo\SystemUpdate\sessionSE\Repository\r0stf24w\fwdetectcmd1911.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 0e33c891-a265-44ea-9903-5fda7c87ccc7
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (07/30/2023 03:53:05 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: fwdetectcmd1911.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.IOException
na System.IO.__Error.WinIOError(Int32, System.String)
na System.Console.GetBufferInfo(Boolean, Boolean ByRef)
na System.Console.get_WindowWidth()
na FwUpdateCmd.CmdUtilities.WriteWrappedLine(System.String, Int32)
na FwUpdateCmd.CmdUtilities.WriteDescription(System.String, System.String, System.Nullable`1<Int32>)
na FwUpdateCmd.Program.Main(System.String[])

Error: (07/22/2023 08:11:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GamingServices.exe, verze: 10.0.22621.4269, časové razítko: 0x954d6b32
Název chybujícího modulu: combase.dll, verze: 10.0.19041.2788, časové razítko: 0x03e7e147
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000516ab
ID chybujícího procesu: 0x1784
Čas spuštění chybující aplikace: 0x01d9b5c3738dc24f
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.GamingServices_13.78.12002.0_x64__8wekyb3d8bbwe\GamingServices.exe
Cesta k chybujícímu modulu: C:\Windows\System32\combase.dll
ID zprávy: 556453ba-fe54-4aa9-b9e5-073354681c09
Úplný název chybujícího balíčku: Microsoft.GamingServices_13.78.12002.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: GamingServices

Error: (07/13/2023 04:18:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MSACCESS.EXE, verze: 12.0.6735.5000, časové razítko: 0x561e089f
Název chybujícího modulu: MSACCESS.EXE, verze: 12.0.6735.5000, časové razítko: 0x561e089f
Kód výjimky: 0xc0000005
Posun chyby: 0x00295766
ID chybujícího procesu: 0x2e6c
Čas spuštění chybující aplikace: 0x01d9b594d8605048
Cesta k chybující aplikaci: C:\Program Files (x86)\Microsoft Office\Office12\MSACCESS.EXE
Cesta k chybujícímu modulu: C:\Program Files (x86)\Microsoft Office\Office12\MSACCESS.EXE
ID zprávy: e0241ff7-9cbd-42f6-b3a8-c678f010dc3e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (07/13/2023 03:45:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ShellExperienceHost.exe, verze: 10.0.19041.3031, časové razítko: 0x515507a8
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.3155, časové razítko: 0xbf300201
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000012d8b2
ID chybujícího procesu: 0x232c
Čas spuštění chybující aplikace: 0x01d9b58ccb914a99
Cesta k chybující aplikaci: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 0c9d33ce-68be-4232-b54d-c82d3ba44804
Úplný název chybujícího balíčku: Microsoft.Windows.ShellExperienceHost_10.0.19041.1949_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: App

Error: (07/13/2023 03:17:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ShellExperienceHost.exe, verze: 10.0.19041.3031, časové razítko: 0x515507a8
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.3155, časové razítko: 0xbf300201
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000012d8b2
ID chybujícího procesu: 0x3e88
Čas spuštění chybující aplikace: 0x01d9b551bdfc1ce6
Cesta k chybující aplikaci: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 47a48200-3af6-477b-9290-bd7a1df072be
Úplný název chybujícího balíčku: Microsoft.Windows.ShellExperienceHost_10.0.19041.1949_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: App


System errors:
=============
Error: (07/31/2023 09:40:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Capability Licensing Service TCP IP Interface byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/31/2023 09:40:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Conexant SmartAudio service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/31/2023 09:40:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Content Protection HECI Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/31/2023 09:40:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Lenovo Hotkey Client Loader byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/31/2023 09:40:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/31/2023 09:40:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Storage Middleware Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/31/2023 09:40:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/31/2023 09:40:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Conexant Audio Message Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
================
Date: 2023-07-30 18:29:02
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {03907D74-B06C-448E-98CD-8E309C77AF25}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-07-28 09:30:48
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {B638B470-B7E1-409E-9708-CC9FE9A8B378}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-07-26 17:28:07
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F49B3FB9-5519-47EF-A4A1-5A8BD17F7270}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-07-24 09:44:38
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {12FF8D70-702D-45EC-B1BF-ECBD4C0E4928}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-07-22 20:42:27
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {573A8B9A-18EB-4FD8-B749-553C785BCBBD}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2023-07-08 23:21:36
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.391.3856.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23050.3
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===============
Date: 2023-07-31 20:27:40
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_f694c3678cca2be0\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO R0SET51W (1.35 ) 02/09/2022
Motherboard: LENOVO 20LJS3A100
Processor: Intel(R) Core(TM) i5-8350U CPU @ 1.70GHz
Percentage of memory in use: 42%
Total physical RAM: 16218.56 MB
Available physical RAM: 9306.9 MB
Total Virtual: 20570.56 MB
Available Virtual: 12783.38 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:237.84 GB) (Free:6.51 GB) (Model: SAMSUNG MZNLN256HMHQ-000H1) (Protected) NTFS

\\?\Volume{f5f68b7b-042d-4c11-bb43-68c2dc9ae93f}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
\\?\Volume{325a2bb6-7368-4dfc-8668-efa91a80dd67}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 238.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118318
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Ztrácí se focus z oken a po startu vyskakuje CMD

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKU\S-1-5-21-1431687685-2443868726-21383991-1001\...\Run: [btweb] => "C:\Users\Lenovo\AppData\Roaming\BitTorrent Web\btweb.exe" /MINIMIZED (No File)
Task: {61800391-466E-4E3C-9581-99FA51EF7917} - System32\Tasks\WDNA_LG => Command(1): rhc.exe -> php.exe include.php <==== ATTENTION
Task: {61800391-466E-4E3C-9581-99FA51EF7917} - System32\Tasks\WDNA_LG => Command(2): rhc.exe -> php.exe index.php <==== ATTENTION
Task: {98D9B12A-DD48-4EE6-A99B-5D9E68B218DD} - System32\Tasks\wupdatecloud_LG => Command(1): rhc.exe -> php.exe include.php <==== ATTENTION
Task: {98D9B12A-DD48-4EE6-A99B-5D9E68B218DD} - System32\Tasks\wupdatecloud_LG => Command(2): rhc.exe -> php.exe index.php <==== ATTENTION
Task: {74BFE56F-7B89-4570-B0DA-9E33D62BD31C} - System32\Tasks\YTPX Cloud LG => C:\Users\Lenovo\AppData\Local\ypsx_cloud_v2\rhc.exe [1536 2023-07-20] () [File not signed] -> wdcloud_v2.exe <==== ATTENTION
Task: {25F00437-5B09-4C84-BE99-0DDAAFBE2E51} - System32\Tasks\zends-et => C:\Users\Lenovo\AppData\Local\wtraff_cloud\rhc.exe [1536 2023-05-07] () [File not signed] -> php.exe index.php <==== ATTENTION
Task: {2B00130B-AB4F-4ADA-8DD0-BF8D778A4ED5} - System32\Tasks\zends-et-LG => Command(1): rhc.exe -> php.exe include.php <==== ATTENTION
Task: {2B00130B-AB4F-4ADA-8DD0-BF8D778A4ED5} - System32\Tasks\zends-et-LG => Command(2): rhc.exe -> php.exe index.php <==== ATTENTION
C:\Users\Lenovo\AppData\Roaming\ecf00c38dc807e105d881c433a6b455dd2c606b6
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\ProgramData:iSpring Solutions [128]
AlternateDataStreams: C:\Users\All Users:iSpring Solutions [128]
AlternateDataStreams: C:\ProgramData\Data aplikací:iSpring Solutions [128]
AlternateDataStreams: C:\Users\Lenovo\Data aplikací:iSpring Solutions [128]
AlternateDataStreams: C:\Users\Lenovo\AppData\Roaming:iSpring Solutions [128]
FirewallRules: [TCP Query User{B28740FF-15A6-4D7C-BC8E-F84FC385DB9B}C:\users\lenovo\appdata\local\temp\rar$exa20808.48711\[img_1210] pretty_lonely_girl - at_sang_hyun_jang_studio - by_hwang_gim_jeong_photographer.exe] => (Block) C:\users\lenovo\appdata\local\temp\rar$exa20808.48711\[img_1210] pretty_lonely_girl - at_sang_hyun_jang_studio - by_hwang_gim_jeong_photographer.exe => No File
FirewallRules: [UDP Query User{3A8E7DAA-95F7-48A2-A711-2DF80043B90D}C:\users\lenovo\appdata\local\temp\rar$exa20808.48711\[img_1210] pretty_lonely_girl - at_sang_hyun_jang_studio - by_hwang_gim_jeong_photographer.exe] => (Block) C:\users\lenovo\appdata\local\temp\rar$exa20808.48711\[img_1210] pretty_lonely_girl - at_sang_hyun_jang_studio - by_hwang_gim_jeong_photographer.exe => No File
FirewallRules: [TCP Query User{045B8D91-D63D-4CAB-BBD6-9AF6967FF07D}C:\users\lenovo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lenovo\appdata\roaming\spotify\spotify.exe => No File
FirewallRules: [UDP Query User{C921EEBC-5838-45BB-883B-6D588A9518DB}C:\users\lenovo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lenovo\appdata\roaming\spotify\spotify.exe => No File

EmptyTemp:
End
Uložte do C:\Moje\viry jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Cizap
Návštěvník
Návštěvník
Příspěvky: 73
Registrován: 07 dub 2014 11:56

Re: Ztrácí se focus z oken a po startu vyskakuje CMD

#7 Příspěvek od Cizap »

Fix result of Farbar Recovery Scan Tool (x64) Version: 27-07-2023
Ran by Lenovo (01-08-2023 11:01:50) Run:1
Running from C:\Moje\viry
Loaded Profiles: Lenovo & SQLTELEMETRY$WINMED2 & MSSQL$WINMED2
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-1431687685-2443868726-21383991-1001\...\Run: [btweb] => "C:\Users\Lenovo\AppData\Roaming\BitTorrent Web\btweb.exe" /MINIMIZED (No File)
Task: {61800391-466E-4E3C-9581-99FA51EF7917} - System32\Tasks\WDNA_LG => Command(1): rhc.exe -> php.exe include.php <==== ATTENTION
Task: {61800391-466E-4E3C-9581-99FA51EF7917} - System32\Tasks\WDNA_LG => Command(2): rhc.exe -> php.exe index.php <==== ATTENTION
Task: {98D9B12A-DD48-4EE6-A99B-5D9E68B218DD} - System32\Tasks\wupdatecloud_LG => Command(1): rhc.exe -> php.exe include.php <==== ATTENTION
Task: {98D9B12A-DD48-4EE6-A99B-5D9E68B218DD} - System32\Tasks\wupdatecloud_LG => Command(2): rhc.exe -> php.exe index.php <==== ATTENTION
Task: {74BFE56F-7B89-4570-B0DA-9E33D62BD31C} - System32\Tasks\YTPX Cloud LG => C:\Users\Lenovo\AppData\Local\ypsx_cloud_v2\rhc.exe [1536 2023-07-20] () [File not signed] -> wdcloud_v2.exe <==== ATTENTION
Task: {25F00437-5B09-4C84-BE99-0DDAAFBE2E51} - System32\Tasks\zends-et => C:\Users\Lenovo\AppData\Local\wtraff_cloud\rhc.exe [1536 2023-05-07] () [File not signed] -> php.exe index.php <==== ATTENTION
Task: {2B00130B-AB4F-4ADA-8DD0-BF8D778A4ED5} - System32\Tasks\zends-et-LG => Command(1): rhc.exe -> php.exe include.php <==== ATTENTION
Task: {2B00130B-AB4F-4ADA-8DD0-BF8D778A4ED5} - System32\Tasks\zends-et-LG => Command(2): rhc.exe -> php.exe index.php <==== ATTENTION
C:\Users\Lenovo\AppData\Roaming\ecf00c38dc807e105d881c433a6b455dd2c606b6
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\ProgramData:iSpring Solutions [128]
AlternateDataStreams: C:\Users\All Users:iSpring Solutions [128]
AlternateDataStreams: C:\ProgramData\Data aplikací:iSpring Solutions [128]
AlternateDataStreams: C:\Users\Lenovo\Data aplikací:iSpring Solutions [128]
AlternateDataStreams: C:\Users\Lenovo\AppData\Roaming:iSpring Solutions [128]
FirewallRules: [TCP Query User{B28740FF-15A6-4D7C-BC8E-F84FC385DB9B}C:\users\lenovo\appdata\local\temp\rar$exa20808.48711\[img_1210] pretty_lonely_girl - at_sang_hyun_jang_studio - by_hwang_gim_jeong_photographer.exe] => (Block) C:\users\lenovo\appdata\local\temp\rar$exa20808.48711\[img_1210] pretty_lonely_girl - at_sang_hyun_jang_studio - by_hwang_gim_jeong_photographer.exe => No File
FirewallRules: [UDP Query User{3A8E7DAA-95F7-48A2-A711-2DF80043B90D}C:\users\lenovo\appdata\local\temp\rar$exa20808.48711\[img_1210] pretty_lonely_girl - at_sang_hyun_jang_studio - by_hwang_gim_jeong_photographer.exe] => (Block) C:\users\lenovo\appdata\local\temp\rar$exa20808.48711\[img_1210] pretty_lonely_girl - at_sang_hyun_jang_studio - by_hwang_gim_jeong_photographer.exe => No File
FirewallRules: [TCP Query User{045B8D91-D63D-4CAB-BBD6-9AF6967FF07D}C:\users\lenovo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lenovo\appdata\roaming\spotify\spotify.exe => No File
FirewallRules: [UDP Query User{C921EEBC-5838-45BB-883B-6D588A9518DB}C:\users\lenovo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lenovo\appdata\roaming\spotify\spotify.exe => No File

EmptyTemp:
End
*****************

Processes closed successfully.
"HKU\S-1-5-21-1431687685-2443868726-21383991-1001\Software\Microsoft\Windows\CurrentVersion\Run\\btweb" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{61800391-466E-4E3C-9581-99FA51EF7917}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{61800391-466E-4E3C-9581-99FA51EF7917}" => removed successfully
C:\Windows\System32\Tasks\WDNA_LG => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WDNA_LG" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{61800391-466E-4E3C-9581-99FA51EF7917}" => not found
"C:\Windows\System32\Tasks\WDNA_LG" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WDNA_LG" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{98D9B12A-DD48-4EE6-A99B-5D9E68B218DD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{98D9B12A-DD48-4EE6-A99B-5D9E68B218DD}" => removed successfully
C:\Windows\System32\Tasks\wupdatecloud_LG => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\wupdatecloud_LG" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{98D9B12A-DD48-4EE6-A99B-5D9E68B218DD}" => not found
"C:\Windows\System32\Tasks\wupdatecloud_LG" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\wupdatecloud_LG" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{74BFE56F-7B89-4570-B0DA-9E33D62BD31C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{74BFE56F-7B89-4570-B0DA-9E33D62BD31C}" => removed successfully
C:\Windows\System32\Tasks\YTPX Cloud LG => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YTPX Cloud LG" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{25F00437-5B09-4C84-BE99-0DDAAFBE2E51}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{25F00437-5B09-4C84-BE99-0DDAAFBE2E51}" => removed successfully
C:\Windows\System32\Tasks\zends-et => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\zends-et" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2B00130B-AB4F-4ADA-8DD0-BF8D778A4ED5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2B00130B-AB4F-4ADA-8DD0-BF8D778A4ED5}" => removed successfully
C:\Windows\System32\Tasks\zends-et-LG => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\zends-et-LG" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2B00130B-AB4F-4ADA-8DD0-BF8D778A4ED5}" => not found
"C:\Windows\System32\Tasks\zends-et-LG" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\zends-et-LG" => not found
C:\Users\Lenovo\AppData\Roaming\ecf00c38dc807e105d881c433a6b455dd2c606b6 => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
C:\ProgramData => ":iSpring Solutions" ADS removed successfully
"C:\Users\All Users" => ":iSpring Solutions" ADS not found.
"C:\ProgramData\Data aplikací" => ":iSpring Solutions" ADS not found.
C:\Users\Lenovo\Data aplikací => ":iSpring Solutions" ADS removed successfully
"C:\Users\Lenovo\AppData\Roaming" => ":iSpring Solutions" ADS not found.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B28740FF-15A6-4D7C-BC8E-F84FC385DB9B}C:\users\lenovo\appdata\local\temp\rar$exa20808.48711\[img_1210] pretty_lonely_girl - at_sang_hyun_jang_studio - by_hwang_gim_jeong_photographer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3A8E7DAA-95F7-48A2-A711-2DF80043B90D}C:\users\lenovo\appdata\local\temp\rar$exa20808.48711\[img_1210] pretty_lonely_girl - at_sang_hyun_jang_studio - by_hwang_gim_jeong_photographer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{045B8D91-D63D-4CAB-BBD6-9AF6967FF07D}C:\users\lenovo\appdata\roaming\spotify\spotify.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C921EEBC-5838-45BB-883B-6D588A9518DB}C:\users\lenovo\appdata\roaming\spotify\spotify.exe" => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 70683465 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 213609549 B
Windows/system/drivers => 4630881 B
Edge => 0 B
Firefox => 0 B
Opera => 384277926 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 370722 B
Lenovo => 1404501132 B
SQLTELEMETRY$WINMED2 => 1404501132 B
MSSQL$WINMED2 => 1404501132 B

RecycleBin => 821752127 B
EmptyTemp: => 5.3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 11:03:37 ====
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118318
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Ztrácí se focus z oken a po startu vyskakuje CMD

#8 Příspěvek od Rudy »

Smazáno. Log již bude OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Cizap
Návštěvník
Návštěvník
Příspěvky: 73
Registrován: 07 dub 2014 11:56

Re: Ztrácí se focus z oken a po startu vyskakuje CMD

#9 Příspěvek od Cizap »

Díky moc, za pomoc! :thumbsup: , podpořím :) Mějte se pěkně.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118318
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Ztrácí se focus z oken a po startu vyskakuje CMD

#10 Příspěvek od Rudy »

Vy též a nemáte zač. Za příspěvek děkujeme! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“