Kontrola logu CHATGPT

Příspěvekod **jaro3** » 29 kvě 2025 22:41

Malwarebytes:
File: 1
RiskWare.GameHack, C:\USERS\JURYM\DESKTOP\Z\u00c3\u00a1LOHA PLOCHA\PROGRAMY PLOCHA 2023\HOBO TOUGH LIFE V1.0-V1.01 PLUS 32 TRAINER.EXE, No Action By User, 683, 1166421, 1.0.99505, , ame, , 3F1FDB5A55B85312FCC54B6F276BFC61, 7379CF675477C2048F21A1B32DBAEB225CD7D932BDF2F03AAA18A2A0C9E3AAC2
RK:
>>>>>> XX - System Policies
└── [PUM.Policies (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System|ConsentPromptBehaviorAdmin -- 0 -> Found

Ostatní logy jsi nedodal.

Pokud budeš formátovat systémový disk, tak tady končíme.

Stáhni si zde DelFix
https://www.bleepingcomputer.com/download/delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7, 8 a10 musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt

Můžeš dát zelenou fajfku.

Reklama

Speedhack · Příspěvekod **Speedhack** » 05 čer 2025 21:37

Tak mi ukradli STEAM účet který měl ochranu steam guard, žadné emaily o tom, že by se na to někdo přihlásil. Na emailu spojeném se steamem taky žadné jiné příhlášení než já. Jak je to prosím možné? Jak dostanu z počítače ten hnus?? Mohu udělat reainstal, ale kdo ví zdali to pomůže. Mám další 3 disky v PC které nechci formátovat..

Obávám se, že se mi dostanou na bankovnictví, nevím jak moc ho mám zabezpečené. Absolutně nechápu, 2 týdny po tom co mi vzali facebook, IG atd. Na počítači jsem od té doby ani nebyl. Dokáže to někdo vysvětlit?

To co našel mallwerbytes atd jsou staré trainery které jsem x let nepouzival. Jistě tam jde o tu novou hru co jsem stáhl, pravděpodobně mám v PC keylogger nebo podobně.

EDIT: Teď se někdo lognul z BERLINA pomocí steamguard který mám v mobilu. Jak ho mohl získat? Nikam jsem STEAM udaje nezadaval, mám ho automaticky prihlaseny. Vubec jsem ho tydny nepouzival. To vše udělal vir z .exe?

Speedhack · Příspěvekod **Speedhack** » 05 čer 2025 22:49

Myslíš, že mám smazat i můj android? Mám právě dva mobily a steam guard je jen na androidu, ale tam jsem nic nestahoval. Jak se mi mohl dostat do mobilu? Když jsem ho ani nepřipojoval na PC.

Příspěvekod **jaro3** » 06 čer 2025 00:46

Co se týká PC, tam ni nebylo závadného. Jedině přímý kontakt z Tvého PC. Co se týká mobilu, zkus si nainstalovat nějaký antivirdo mobilu:
https://www.google.com/search?client=op ... PAP65a0-QQ
https://www.google.com/search?q=Antivir ... s-wiz-serp

Ještě můžeme zkusit do pC:
Stáhni si OTL by OldTimer
https://www.bleepingcomputer.com/download/otl/

na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
http://www.geekstogo.com/forum/topic/27 ... er-listit/

Speedhack · Příspěvekod **Speedhack** » 06 čer 2025 22:34

Zjistil jsem, že mi někdo převzal Steam už 21. dubna 2025 — ale začalo se to projevovat až 5. června. Jak tomu mám rozumět?

To měl někdo celý měsíc přístup k mému Steamu a nic s tím nedělal? Moc nechápu, jak se tam mohl někdo dostat, když jsem se nikam jinam nelogoval, jen ze svého vlastního PC.

Instagram a Facebook mi vzali hned den poté, co jsem stáhl hru z csrin.ru — což je jinak ověřené fórum s dobrými odkazy... no, asi ne tak úplně

. Tohle by aspoň dávalo smysl: stáhl jsem něco závadného, ale nevím přesně co. Jenže ten případ se Steamem mi pořád nejde do hlavy.

Momentálně mám čistou instalaci Windows a odpojené ty dva starší disky. Teď přemýšlím, jak je bezpečně zkontrolovat a jestli je vůbec bezpečné je znovu připojit. V počítači mám 2 aktuálně připojené disky a 2 odpojené. Uvažuju, že odpojím hlavní SSD, nainstaluju nový Windows na druhý disk, připojím ty dva HDD a zkusím je nějak prověřit a pročistit.

Je na nich spousta věcí — doslova milion souborů, včetně fotek, dokumentů, hudby a her, které jsem stahoval od roku 2010

.

Přemýšlim že bych si ze srandy zkusil zaplatit na rok Bitdefender?

Příspěvekod **jaro3** » 07 čer 2025 01:04

Můžeš zkusit Bit Defender nebo COMODO. A hned prověřit tydva starší disky.

Momentálně máš čistou instalaci windows, tedy proběhl formát toho systémového disku?
Mám pocit, že se Ti někdo fyzicky dostal do PC, i když tvrdíš opak. Někdo to evidentně mohl být! Nemůžeš to vyloučit, jedině, že bydlíš sám. A nikdo nemá přístup k PC.
Mobil je daleko nebezpečnější na útok. Tem by potřeboval vyčistit pomocí antiviru na mobil.

Ještě uděláme tohle:
Stáhni si OTL by OldTimer
https://www.bleepingcomputer.com/download/otl/

na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
http://www.geekstogo.com/forum/topic/27 ... er-listit/

Speedhack · Příspěvekod **Speedhack** » 07 čer 2025 10:49

Bydlím sám 10 let a mobily mám dva iphone 16 a android. K těm se taky nemohl nikdo dostat.

Na steamu to byl nějaký bot, aktivoval nějaké dárky a začal psát lidem: hey take my gift 50$ cklick here + odkaz.
Zajímavé je ze to trvalo měsíc od doby co dostal přístup. Budu si to lépe hlídat.

Potom se můžeme podívat na ty dva další HDD. 2 SSD mám teď v PC formátované.

Díky zkusím

Speedhack · Příspěvekod **Speedhack** » 07 čer 2025 11:34

OTL logfile created on: 07.06.2025 11:30:51 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\jurym\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.19041.0)
Locale: 00000405 | Country: | Language: CSY | Date Format: dd.MM.yyyy

15,93 Gb Total Physical Memory | 12,51 Gb Available Physical Memory | 78,53% Memory free
18,80 Gb Paging File | 13,80 Gb Available in Paging File | 73,38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 953,22 Gb Total Space | 903,80 Gb Free Space | 94,82% Space Free | Partition Type: NTFS
Drive S: | 232,88 Gb Total Space | 232,79 Gb Free Space | 99,96% Space Free | Partition Type: NTFS

Computer Name: DESKTOP-OG17FKP | User Name: jurym | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found
PRC - C:\Users\jurym\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\137.0.3296.68\msedgewebview2.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
PRC - C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe (Microsoft Corporation)
PRC - C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe (Microsoft Corporation)
PRC - C:\Windows\SysWOW64\fontdrvhost.exe (Microsoft Corporation)
PRC - C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation)
PRC - C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe (Microsoft Corporation)
PRC - C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1906.55.0_x64__8wekyb3d8bbwe\Calculator.exe ()
PRC - C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1002.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Corporation)
PRC - C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe (Microsoft Corporation)
PRC - C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe ()
PRC - C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c\SkypeApp.exe (Microsoft Corporation)

========== Modules (No Company Name) ==========

MOD - C:\Windows\SysWOW64\umpdc.dll ()
MOD - C:\Windows\SysWOW64\TextShaping.dll ()

========== Services (SafeList) ==========

SRV:64bit: - (GoogleChromeElevationService) -- C:\Program Files\Google\Chrome\Application\137.0.7151.69\elevation_service.exe (Google LLC)
SRV:64bit: - (NVDisplay.ContainerLocalSystem) -- C:\Windows\SysNative\DriverStore\FileRepository\nv_dispig.inf_amd64_0afec3f2050014a0\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation)
SRV:64bit: - (RetailDemo) -- C:\Windows\SysNative\RDXService.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (DevicePickerUserSvc) -- C:\Windows\SysNative\Windows.Devices.Picker.dll (Microsoft Corporation)
SRV:64bit: - (WalletService) -- C:\Windows\SysNative\WalletService.dll (Microsoft Corporation)
SRV:64bit: - (ssh-agent) -- C:\Windows\SysNative\OpenSSH\ssh-agent.exe ()
SRV:64bit: - (OneSyncSvc) -- C:\Windows\SysNative\APHostService.dll (Microsoft Corporation)
SRV:64bit: - (MixedRealityOpenXRSvc) -- C:\Windows\SysNative\MixedRealityRuntime.dll (Microsoft Corporation)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (spectrum) -- C:\Windows\SysNative\Spectrum.exe (Microsoft Corporation)
SRV:64bit: - (SharedRealitySvc) -- C:\Windows\SysNative\SharedRealitySvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvcext.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvcext.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvmsession) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (TieringEngineService) -- C:\Windows\SysNative\TieringEngineService.exe (Microsoft Corporation)
SRV:64bit: - (FrameServer) -- C:\Windows\SysNative\FrameServer.dll (Microsoft Corporation)
SRV:64bit: - (McpManagementService) -- C:\Windows\SysNative\McpManagementService.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (DispBrokerDesktopSvc) -- C:\Windows\SysNative\DispBroker.Desktop.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (cbdhsvc) -- C:\Windows\SysNative\CBDHSvc.dll (Microsoft Corporation)
SRV:64bit: - (ConsentUxUserSvc) -- C:\Windows\SysNative\ConsentUxClient.dll (Microsoft Corporation)
SRV:64bit: - (perceptionsimulation) -- C:\Windows\SysNative\PerceptionSimulation\PerceptionSimulationService.exe (Microsoft Corporation)
SRV:64bit: - (SgrmBroker) -- C:\Windows\SysNative\SgrmBroker.exe (Microsoft Corporation)
SRV:64bit: - (BcastDVRUserService) -- C:\Windows\SysNative\bcastdvruserservice.dll (Microsoft Corporation)
SRV:64bit: - (XboxNetApiSvc) -- C:\Windows\SysNative\XboxNetApiSvc.dll (Microsoft Corporation)
SRV:64bit: - (DisplayEnhancementService) -- C:\Windows\SysNative\Microsoft.Graphics.Display.DisplayEnhancementService.dll (Microsoft Corporation)
SRV:64bit: - (SmsRouter) -- C:\Windows\SysNative\SmsRouterSvc.dll (Microsoft Corporation)
SRV:64bit: - (diagsvc) -- C:\Windows\SysNative\DiagSvc.dll (Microsoft Corporation)
SRV:64bit: - (autotimesvc) -- C:\Windows\SysNative\autotimesvc.dll (Microsoft Corporation)
SRV:64bit: - (UdkUserSvc) -- C:\Windows\SysNative\windowsudk.shellcommon.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (RmSvc) -- C:\Windows\SysNative\RMapi.dll (Microsoft Corporation)
SRV:64bit: - (PrintWorkflowUserSvc) -- C:\Windows\SysNative\PrintWorkflowService.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (DmEnrollmentSvc) -- C:\Windows\SysNative\Windows.Internal.Management.dll (Microsoft Corporation)
SRV:64bit: - (dcsvc) -- C:\Windows\SysNative\dcsvc.dll (Microsoft Corporation)
SRV:64bit: - (dmwappushservice) -- C:\Windows\SysNative\dmwappushsvc.dll (Microsoft Corporation)
SRV:64bit: - (SensorDataService) -- C:\Windows\SysNative\SensorDataService.exe (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (UserManager) -- C:\Windows\SysNative\usermgr.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (NetSetupSvc) -- C:\Windows\SysNative\NetSetupSvc.dll (Microsoft Corporation)
SRV:64bit: - (diagnosticshub.standardcollector.service) -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (Microsoft Corporation)
SRV:64bit: - (DiagTrack) -- C:\Windows\SysNative\diagtrack.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (WpnUserService_230a4) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UserDataSvc_230a4) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc_230a4) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UdkUserSvc_230a4) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PrintWorkflowUserSvc_230a4) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc_230a4) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_230a4) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (MessagingService_230a4) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (DevicesFlowUserSvc_230a4) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (DevicePickerUserSvc_230a4) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationBrokerSvc_230a4) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (ConsentUxUserSvc_230a4) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (CDPUserSvc_230a4) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (cbdhsvc_230a4) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (CaptureService_230a4) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (BluetoothUserService_230a4) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (BcastDVRUserService_230a4) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (AarSvc_230a4) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (CoreMessagingRegistrar) -- C:\Windows\SysNative\CoreMessaging.dll (Microsoft Corporation)
SRV:64bit: - (CaptureService) -- C:\Windows\SysNative\CaptureService.dll (Microsoft Corporation)
SRV:64bit: - (DevicesFlowUserSvc) -- C:\Windows\SysNative\DevicesFlowBroker.dll (Microsoft Corporation)
SRV:64bit: - (shpamsvc) -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)
SRV:64bit: - (UsoSvc) -- C:\Windows\SysNative\usosvc.dll (Microsoft Corporation)
SRV:64bit: - (EntAppSvc) -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (SensorService) -- C:\Windows\SysNative\SensorService.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\psmsrv.dll (Microsoft Corporation)
SRV:64bit: - (WpnService) -- C:\Windows\SysNative\wpnservice.dll (Microsoft Corporation)
SRV:64bit: - (WpnUserService) -- C:\Windows\SysNative\WpnUserService.dll (Microsoft Corporation)
SRV:64bit: - (StateRepository) -- C:\Windows\SysNative\Windows.StateRepository.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (TimeBrokerSvc) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (UserDataSvc) -- C:\Windows\SysNative\UserDataService.dll (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc) -- C:\Windows\SysNative\Unistore.dll (Microsoft Corporation)
SRV:64bit: - (WaaSMedicSvc) -- C:\Windows\SysNative\WaaSMedicSvc.dll (Microsoft Corporation)
SRV:64bit: - (PushToInstall) -- C:\Windows\SysNative\PushToInstall.dll (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc) -- C:\Windows\SysNative\PimIndexMaintenance.dll (Microsoft Corporation)
SRV:64bit: - (LicenseManager) -- C:\Windows\SysNative\LicenseManagerSvc.dll (Microsoft Corporation)
SRV:64bit: - (InstallService) -- C:\Windows\SysNative\InstallService.dll (Microsoft Corporation)
SRV:64bit: - (GraphicsPerfSvc) -- C:\Windows\SysNative\GraphicsPerfSvc.dll (Microsoft Corporation)
SRV:64bit: - (DoSvc) -- C:\Windows\SysNative\dosvc.dll (Microsoft Corporation)
SRV:64bit: - (SEMgrSvc) -- C:\Windows\SysNative\SEMgrSvc.dll (Microsoft Corporation)
SRV:64bit: - (NgcSvc) -- C:\Windows\SysNative\ngcsvc.dll (Microsoft Corporation)
SRV:64bit: - (NgcCtnrSvc) -- C:\Windows\SysNative\NgcCtnrSvc.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (camsvc) -- C:\Windows\SysNative\CapabilityAccessManager.dll (Microsoft Corporation)
SRV:64bit: - (ClipSVC) -- C:\Windows\SysNative\ClipSVC.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationBrokerSvc) -- C:\Windows\SysNative\deviceaccess.dll (Microsoft Corporation)
SRV:64bit: - (tzautoupdate) -- C:\Windows\SysNative\tzautoupdate.dll (Microsoft Corporation)
SRV:64bit: - (TokenBroker) -- C:\Windows\SysNative\TokenBroker.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (GameInputSvc) -- C:\Windows\SysNative\GameInputSvc.exe (Microsoft Corporation)
SRV:64bit: - (DsSvc) -- C:\Windows\SysNative\dssvc.dll (Microsoft Corporation)
SRV:64bit: - (SecurityHealthService) -- C:\Windows\SysNative\SecurityHealthService.exe (Microsoft Corporation)
SRV:64bit: - (CDPSvc) -- C:\Windows\SysNative\cdpsvc.dll (Microsoft Corporation)
SRV:64bit: - (CDPUserSvc) -- C:\Windows\SysNative\cdpusersvc.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (embeddedmode) -- C:\Windows\SysNative\embeddedmodesvc.dll (Microsoft Corporation)
SRV:64bit: - (CredentialEnrollmentManagerUserSvc_230a4) -- C:\Windows\SysNative\CredentialEnrollmentManager.exe (Microsoft Corporation)
SRV:64bit: - (CredentialEnrollmentManagerUserSvc) -- C:\Windows\SysNative\CredentialEnrollmentManager.exe (Microsoft Corporation)
SRV:64bit: - (WFDSConMgrSvc) -- C:\Windows\SysNative\WFDSConMgrSvc.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (NaturalAuthentication) -- C:\Windows\SysNative\NaturalAuth.dll (Microsoft Corporation)
SRV:64bit: - (WpcMonSvc) -- C:\Windows\SysNative\WpcDesktopMonSvc.dll (Microsoft Corporation)
SRV:64bit: - (wisvc) -- C:\Windows\SysNative\FlightSettings.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (AarSvc) -- C:\Windows\SysNative\AarSvc.dll (Microsoft Corporation)
SRV:64bit: - (VacSvc) -- C:\Windows\SysNative\vac.dll (Microsoft Corporation)
SRV:64bit: - (XblGameSave) -- C:\Windows\SysNative\XblGameSave.dll (Microsoft Corporation)
SRV:64bit: - (XblAuthManager) -- C:\Windows\SysNative\XblAuthManager.dll (Microsoft Corporation)
SRV:64bit: - (PhoneSvc) -- C:\Windows\SysNative\PhoneService.dll (Microsoft Corporation)
SRV:64bit: - (WManSvc) -- C:\Windows\SysNative\Windows.Management.Service.dll (Microsoft Corporation)
SRV:64bit: - (TroubleshootingSvc) -- C:\Windows\SysNative\MitigationClient.dll (Microsoft Corporation)
SRV:64bit: - (LxpSvc) -- C:\Windows\SysNative\LanguageOverlayServer.dll (Microsoft Corporation)
SRV:64bit: - (icssvc) -- C:\Windows\SysNative\tetheringservice.dll (Microsoft Corporation)
SRV:64bit: - (MessagingService) -- C:\Windows\SysNative\MessagingService.dll (Microsoft Corporation)
SRV:64bit: - (XboxGipSvc) -- C:\Windows\SysNative\xboxgipsvc.dll (Microsoft Corporation)
SRV:64bit: - (wlpasvc) -- C:\Windows\SysNative\lpasvc.dll (Microsoft Corporation)
SRV:64bit: - (BTAGService) -- C:\Windows\SysNative\BTAGService.dll (Microsoft Corporation)
SRV:64bit: - (BluetoothUserService) -- C:\Windows\SysNative\Microsoft.Bluetooth.UserService.dll (Microsoft Corporation)
SRV:64bit: - (BthAvctpSvc) -- C:\Windows\SysNative\BthAvctpSvc.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (DusmSvc) -- C:\Windows\SysNative\dusmsvc.dll (Microsoft Corporation)
SRV:64bit: - (HvHost) -- C:\Windows\SysNative\hvhostsvc.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\lfsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (DevQueryBroker) -- C:\Windows\SysNative\DevQueryBroker.dll (Microsoft Corporation)
SRV:64bit: - (MapsBroker) -- C:\Windows\SysNative\moshost.dll (Microsoft Corporation)
SRV:64bit: - (WarpJITSvc) -- C:\Windows\SysNative\Windows.WARP.JITService.dll (Microsoft Corporation)
SRV:64bit: - (AJRouter) -- C:\Windows\SysNative\AJRouter.dll (Microsoft Corporation)
SRV:64bit: - (IpxlatCfgSvc) -- C:\Windows\SysNative\ipxlatcfg.dll (Microsoft Corporation)
SRV - (WdNisSvc) -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25040.2-0\NisSrv.exe (Microsoft Corporation)
SRV - (MDCoreSvc) -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25040.2-0\MpDefenderCoreService.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25040.2-0\MsMpEng.exe (Microsoft Corporation)
SRV - (MicrosoftEdgeElevationService) -- C:\Program Files (x86)\Microsoft\Edge\Application\137.0.3296.62\elevation_service.exe (Microsoft Corporation)
SRV - (GoogleUpdaterService138.0.7194.0) -- C:\Program Files (x86)\Google\GoogleUpdater\138.0.7194.0\updater.exe (Google LLC)
SRV - (GoogleUpdaterInternalService138.0.7194.0) -- C:\Program Files (x86)\Google\GoogleUpdater\138.0.7194.0\updater.exe (Google LLC)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\steamservice.exe (Valve Corporation)
SRV - (NVDisplay.ContainerLocalSystem) -- C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_0afec3f2050014a0\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation)
SRV - (DevicePickerUserSvc) -- C:\Windows\SysWOW64\Windows.Devices.Picker.dll (Microsoft Corporation)
SRV - (MixedRealityOpenXRSvc) -- C:\Windows\SysWOW64\MixedRealityRuntime.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (PrintWorkflowUserSvc) -- C:\Windows\SysWOW64\PrintWorkflowService.dll (Microsoft Corporation)
SRV - (DmEnrollmentSvc) -- C:\Windows\SysWOW64\Windows.Internal.Management.dll (Microsoft Corporation)
SRV - (CoreMessagingRegistrar) -- C:\Windows\SysWOW64\CoreMessaging.dll (Microsoft Corporation)
SRV - (DeviceAssociationBrokerSvc) -- C:\Windows\SysWOW64\deviceaccess.dll (Microsoft Corporation)
SRV - (tzautoupdate) -- C:\Windows\SysWOW64\tzautoupdate.dll (Microsoft Corporation)
SRV - (StateRepository) -- C:\Windows\SysWOW64\Windows.StateRepository.dll (Microsoft Corporation)
SRV - (InstallService) -- C:\Windows\SysWOW64\InstallService.dll (Microsoft Corporation)
SRV - (UnistoreSvc) -- C:\Windows\SysWOW64\Unistore.dll (Microsoft Corporation)
SRV - (TokenBroker) -- C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation)
SRV - (wisvc) -- C:\Windows\SysWOW64\FlightSettings.dll (Microsoft Corporation)
SRV - (AarSvc) -- C:\Windows\SysWOW64\AarSvc.dll (Microsoft Corporation)
SRV - (BTAGService) -- C:\Windows\SysWOW64\BTAGService.dll (Microsoft Corporation)
SRV - (PrintNotify) -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (edgeupdatem) -- C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe (Microsoft Corporation)
SRV - (edgeupdate) -- C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\wd\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (KslD) -- C:\Windows\SysNative\drivers\wd\KslD.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\wd\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\wd\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (nvlddmkm) -- C:\Windows\SysNative\DriverStore\FileRepository\nv_dispig.inf_amd64_0afec3f2050014a0\nvlddmkm.sys (NVIDIA Corporation)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (PktMon) -- C:\Windows\SysNative\drivers\PktMon.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (hvservice) -- C:\Windows\SysNative\drivers\hvservice.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (afunix) -- C:\Windows\SysNative\drivers\afunix.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (NetAdapterCx) -- C:\Windows\SysNative\drivers\NetAdapterCx.sys (Microsoft Corporation)
DRV:64bit: - (MsQuic) -- C:\Windows\SysNative\drivers\msquic.sys (Microsoft Corporation)
DRV:64bit: - (CldFlt) -- C:\Windows\SysNative\drivers\cldflt.sys (Microsoft Corporation)
DRV:64bit: - (Wof) -- C:\Windows\SysNative\drivers\wof.sys (Microsoft Corporation)
DRV:64bit: - (ReFS) -- C:\Windows\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:64bit: - (ReFSv1) -- C:\Windows\SysNative\drivers\refsv1.sys (Microsoft Corporation)
DRV:64bit: - (applockerfltr) -- C:\Windows\SysNative\drivers\applockerfltr.sys (Microsoft Corporation)
DRV:64bit: - (Ufx01000) -- C:\Windows\SysNative\drivers\ufx01000.sys (Microsoft Corporation)
DRV:64bit: - (UcmCx0101) -- C:\Windows\SysNative\drivers\UcmCx.sys (Microsoft Corporation)
DRV:64bit: - (UcmUcsiCx0101) -- C:\Windows\SysNative\drivers\UcmUcsiCx.sys (Microsoft Corporation)
DRV:64bit: - (HidSpiCx) -- C:\Windows\SysNative\drivers\HidSpiCx.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (wcifs) -- C:\Windows\SysNative\drivers\wcifs.sys (Microsoft Corporation)
DRV:64bit: - (bindflt) -- C:\Windows\SysNative\drivers\bindflt.sys (Microsoft Corporation)
DRV:64bit: - (CimFS) -- C:\Windows\SysNative\drivers\cimfs.sys ()
DRV:64bit: - (wcnfs) -- C:\Windows\SysNative\drivers\wcnfs.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (IndirectKmd) -- C:\Windows\SysNative\drivers\IndirectKmd.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (wdiwifi) -- C:\Windows\SysNative\drivers\WdiWiFi.sys (Microsoft Corporation)
DRV:64bit: - (Acx01000) -- C:\Windows\SysNative\drivers\Acx01000.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (MMCSS) -- C:\Windows\SysNative\drivers\mmcss.sys (Microsoft Corporation)
DRV:64bit: - (UCPD) -- C:\Windows\SysNative\drivers\UCPD.sys (Microsoft Corporation)
DRV:64bit: - (WinNat) -- C:\Windows\SysNative\drivers\winnat.sys (Microsoft Corporation)
DRV:64bit: - (MbbCx) -- C:\Windows\SysNative\drivers\MbbCx.sys (Microsoft Corporation)
DRV:64bit: - (iorate) -- C:\Windows\SysNative\drivers\iorate.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (hvcrash) -- C:\Windows\SysNative\drivers\hvcrash.sys (Microsoft Corporation)
DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (Vid) -- C:\Windows\SysNative\drivers\Vid.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (ufxsynopsys) -- C:\Windows\SysNative\drivers\ufxsynopsys.sys (Microsoft Corporation)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (scmbus) -- C:\Windows\SysNative\drivers\scmbus.sys (Microsoft Corporation)
DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (hidspi) -- C:\Windows\SysNative\drivers\hidspi.sys (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (storufs) -- C:\Windows\SysNative\drivers\storufs.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\DriverStore\FileRepository\basicdisplay.inf_amd64_19e58b6267591a82\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (BthMini) -- C:\Windows\SysNative\drivers\BthMini.SYS (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\DriverStore\FileRepository\basicrender.inf_amd64_d3f5994a67770b50\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (pmem) -- C:\Windows\SysNative\drivers\pmem.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (Telemetry) -- C:\Windows\SysNative\drivers\IntelTA.sys (Microsoft Corporation)
DRV:64bit: - (xboxgip) -- C:\Windows\SysNative\drivers\xboxgip.sys (Microsoft Corporation)
DRV:64bit: - (xinputhid) -- C:\Windows\SysNative\drivers\xinputhid.sys (Microsoft Corporation)
DRV:64bit: - (AMDPCIDev) -- C:\Windows\SysNative\drivers\AMDPCIDev.sys (Advanced Micro Devices)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (SpatialGraphFilter) -- C:\Windows\SysNative\drivers\SpatialGraphFilter.sys (Microsoft Corporation)
DRV:64bit: - (NDKPing) -- C:\Windows\SysNative\drivers\NDKPing.sys (Microsoft Corporation)
DRV:64bit: - (spaceparser) -- C:\Windows\SysNative\drivers\spaceparser.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (SgrmAgent) -- C:\Windows\SysNative\drivers\SgrmAgent.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (bam) -- C:\Windows\SysNative\drivers\bam.sys (Microsoft Corporation)
DRV:64bit: - (WdmCompanionFilter) -- C:\Windows\SysNative\drivers\WdmCompanionFilter.sys (Microsoft Corporation)
DRV:64bit: - (UcmTcpciCx0101) -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys (Microsoft Corporation)
DRV:64bit: - (storqosflt) -- C:\Windows\SysNative\drivers\storqosflt.sys (Microsoft Corporation)
DRV:64bit: - (WindowsTrustedRT) -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys (Microsoft Corporation)
DRV:64bit: - (UrsCx01000) -- C:\Windows\SysNative\drivers\urscx01000.sys (Microsoft Corporation)
DRV:64bit: - (cnghwassist) -- C:\Windows\SysNative\drivers\cnghwassist.sys (Microsoft Corporation)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (HwNClx0101) -- C:\Windows\SysNative\drivers\mshwnclx.sys (Microsoft Corporation)
DRV:64bit: - (portcfg) -- C:\Windows\SysNative\drivers\portcfg.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (Ucx01000) -- C:\Windows\SysNative\drivers\Ucx01000.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (IPT) -- C:\Windows\SysNative\drivers\ipt.sys (Microsoft Corporation)
DRV:64bit: - (FileCrypt) -- C:\Windows\SysNative\drivers\filecrypt.sys (Microsoft Corporation)
DRV:64bit: - (UdeCx) -- C:\Windows\SysNative\drivers\Udecx.sys (Microsoft Corporation)
DRV:64bit: - (Ramdisk) -- C:\Windows\SysNative\drivers\ramdisk.sys (Microsoft Corporation)
DRV:64bit: - (GpuEnergyDrv) -- C:\Windows\SysNative\drivers\gpuenergydrv.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (vmgid) -- C:\Windows\SysNative\drivers\vmgid.sys (Microsoft Corporation)
DRV:64bit: - (VirtualRender) -- C:\Windows\SysNative\DriverStore\FileRepository\vrd.inf_amd64_81fbd405ff2470fc\vrd.sys (Microsoft Corporation)
DRV:64bit: - (UfxChipidea) -- C:\Windows\SysNative\DriverStore\FileRepository\ufxchipidea.inf_amd64_1c78775fffab6a0a\UfxChipidea.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (hidinterrupt) -- C:\Windows\SysNative\drivers\hidinterrupt.sys (Microsoft Corporation)
DRV:64bit: - (buttonconverter) -- C:\Windows\SysNative\drivers\buttonconverter.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (UcmUcsiAcpiClient) -- C:\Windows\SysNative\drivers\UcmUcsiAcpiClient.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (UrsChipidea) -- C:\Windows\SysNative\DriverStore\FileRepository\urschipidea.inf_amd64_78ad1c14e33df968\urschipidea.sys (Microsoft Corporation)
DRV:64bit: - (UrsSynopsys) -- C:\Windows\SysNative\DriverStore\FileRepository\urssynopsys.inf_amd64_057fa37902020500\urssynopsys.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (genericusbfn) -- C:\Windows\SysNative\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys (Microsoft Corporation)
DRV:64bit: - (WindowsTrustedRTProxy) -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys (Microsoft Corporation)
DRV:64bit: - (cht4vbd) -- C:\Windows\SysNative\drivers\cht4vx64.sys (Chelsio Communications)
DRV:64bit: - (mlx4_bus) -- C:\Windows\SysNative\drivers\mlx4_bus.sys (Mellanox)
DRV:64bit: - (iaStorAVC) -- C:\Windows\SysNative\drivers\iaStorAVC.sys (Intel Corporation)
DRV:64bit: - (rt640x64) -- C:\Windows\SysNative\drivers\rt640x64.sys (Realtek )
DRV:64bit: - (ibbus) -- C:\Windows\SysNative\drivers\ibbus.sys (Mellanox)
DRV:64bit: - (mausbhost) -- C:\Windows\SysNative\drivers\mausbhost.sys (Microsoft Corporation)
DRV:64bit: - (cht4iscsi) -- C:\Windows\SysNative\drivers\cht4sx64.sys (Chelsio Communications)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (nvdimm) -- C:\Windows\SysNative\drivers\nvdimm.sys (Microsoft Corporation)
DRV:64bit: - (ndfltr) -- C:\Windows\SysNative\drivers\ndfltr.sys (Mellanox)
DRV:64bit: - (WinVerbs) -- C:\Windows\SysNative\drivers\winverbs.sys (Mellanox)
DRV:64bit: - (mausbip) -- C:\Windows\SysNative\drivers\mausbip.sys (Microsoft Corporation)
DRV:64bit: - (vhf) -- C:\Windows\SysNative\drivers\vhf.sys (Microsoft Corporation)
DRV:64bit: - (bttflt) -- C:\Windows\SysNative\drivers\bttflt.sys (Microsoft Corporation)
DRV:64bit: - (WinMad) -- C:\Windows\SysNative\drivers\winmad.sys (Mellanox)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (SmartSAMD) -- C:\Windows\SysNative\drivers\SmartSAMD.sys (Microsemi Corportation)
DRV:64bit: - (ItSas35i) -- C:\Windows\SysNative\drivers\ItSas35i.sys (Avago Technologies)
DRV:64bit: - (LSI_SAS3i) -- C:\Windows\SysNative\drivers\lsi_sas3i.sys (Avago Technologies)
DRV:64bit: - (LSI_SAS2i) -- C:\Windows\SysNative\drivers\lsi_sas2i.sys (LSI Corporation)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (megasas35i) -- C:\Windows\SysNative\drivers\megasas35i.sys (Avago Technologies)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (megasas2i) -- C:\Windows\SysNative\drivers\MegaSas2i.sys (Avago Technologies)
DRV:64bit: - (percsas3i) -- C:\Windows\SysNative\drivers\percsas3i.sys (Avago Technologies)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (percsas2i) -- C:\Windows\SysNative\drivers\percsas2i.sys (Avago Technologies)
DRV:64bit: - (umbus) -- C:\Windows\SysNative\DriverStore\FileRepository\umbus.inf_amd64_b78a9c5b6fd62c27\umbus.sys (Microsoft Corporation)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\DriverStore\FileRepository\uefi.inf_amd64_c1628ffa62c8e54c\uefi.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (AcpiDev) -- C:\Windows\SysNative\drivers\AcpiDev.sys (Microsoft Corporation)
DRV:64bit: - (volume) -- C:\Windows\SysNative\drivers\volume.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (QLogic Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (QLogic Corporation)
DRV:64bit: - (usbaudio2) -- C:\Windows\SysNative\drivers\usbaudio2.sys (Microsoft Corporation)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (rhproxy) -- C:\Windows\SysNative\drivers\rhproxy.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_7500cffa210c6946\CompositeBus.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (SDFRd) -- C:\Windows\SysNative\drivers\SDFRd.sys (Microsoft Corporation)
DRV:64bit: - (swenum) -- C:\Windows\SysNative\DriverStore\FileRepository\swenum.inf_amd64_16a14542b63c02af\swenum.sys (Microsoft Corporation)
DRV:64bit: - (PNPMEM) -- C:\Windows\SysNative\drivers\pnpmem.sys (Microsoft Corporation)
DRV:64bit: - (BthA2dp) -- C:\Windows\SysNative\drivers\BthA2dp.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSS2i_I2C_GLK) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_GLK.sys (Intel Corporation)
DRV:64bit: - (iaLPSS2i_I2C_CNL) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_CNL.sys (Intel Corporation)
DRV:64bit: - (iaLPSS2i_I2C_BXT_P) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_BXT_P.sys (Intel Corporation)
DRV:64bit: - (iaLPSS2i_I2C) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys (Intel Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\BthHfEnum.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSS2i_GPIO2_CNL) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_CNL.sys (Intel Corporation)
DRV:64bit: - (iaLPSS2i_GPIO2_GLK) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_GLK.sys (Intel Corporation)
DRV:64bit: - (iaLPSS2i_GPIO2_BXT_P) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_BXT_P.sys (Intel Corporation)
DRV:64bit: - (iai2c) -- C:\Windows\SysNative\drivers\iai2c.sys (Intel(R) Corporation)
DRV:64bit: - (iaLPSS2i_GPIO2) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys (Intel Corporation)
DRV:64bit: - (CAD) -- C:\Windows\SysNative\drivers\CAD.sys (Microsoft Corporation)
DRV:64bit: - (Microsoft_Bluetooth_AvrcpTransport) -- C:\Windows\SysNative\drivers\Microsoft.Bluetooth.AvrcpTransport.sys (Microsoft Corporation)
DRV:64bit: - (amdi2c) -- C:\Windows\SysNative\drivers\amdi2c.sys (Advanced Micro Devices, Inc)
DRV:64bit: - (iagpio) -- C:\Windows\SysNative\drivers\iagpio.sys (Intel(R) Corporation)
DRV:64bit: - (intelpmax) -- C:\Windows\SysNative\drivers\intelpmax.sys (Microsoft Corporation)
DRV:64bit: - (amdgpio2) -- C:\Windows\SysNative\drivers\amdgpio2.sys (Advanced Micro Devices, Inc)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (amdgpio3) -- C:\Windows\SysNative\drivers\amdgpio3.sys (Advanced Micro Devices, Inc)
DRV - (nvlddmkm) -- C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_0afec3f2050014a0\nvlddmkm.sys (NVIDIA Corporation)
DRV - (afunix) -- C:\Windows\SysWOW64\drivers\afunix.sys (Microsoft Corporation)
DRV - (BasicDisplay) -- C:\Windows\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_19e58b6267591a82\BasicDisplay.sys (Microsoft Corporation)
DRV - (BasicRender) -- C:\Windows\System32\DriverStore\FileRepository\basicrender.inf_amd64_d3f5994a67770b50\BasicRender.sys (Microsoft Corporation)
DRV - (VirtualRender) -- C:\Windows\System32\DriverStore\FileRepository\vrd.inf_amd64_81fbd405ff2470fc\vrd.sys (Microsoft Corporation)
DRV - (UfxChipidea) -- C:\Windows\System32\DriverStore\FileRepository\ufxchipidea.inf_amd64_1c78775fffab6a0a\UfxChipidea.sys (Microsoft Corporation)
DRV - (UrsChipidea) -- C:\Windows\System32\DriverStore\FileRepository\urschipidea.inf_amd64_78ad1c14e33df968\urschipidea.sys (Microsoft Corporation)
DRV - (UrsSynopsys) -- C:\Windows\System32\DriverStore\FileRepository\urssynopsys.inf_amd64_057fa37902020500\urssynopsys.sys (Microsoft Corporation)
DRV - (genericusbfn) -- C:\Windows\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys (Microsoft Corporation)
DRV - (umbus) -- C:\Windows\System32\DriverStore\FileRepository\umbus.inf_amd64_b78a9c5b6fd62c27\umbus.sys (Microsoft Corporation)
DRV - (UEFI) -- C:\Windows\System32\DriverStore\FileRepository\uefi.inf_amd64_c1628ffa62c8e54c\UEFI.sys (Microsoft Corporation)
DRV - (CompositeBus) -- C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_7500cffa210c6946\CompositeBus.sys (Microsoft Corporation)
DRV - (swenum) -- C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_16a14542b63c02af\swenum.sys (Microsoft Corporation)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\NativeMessagingHosts\com.microsoft.defender.browser_extension.native_message_host\\: C:\PROGRAMDATA\MICROSOFT\WINDOWS DEFENDER\PLATFORM\4.18.25040.2-0\COM.MICROSOFT.DEFENDER.BE.FIREFOX.JSON [2025.06.06 21:57:56 | 000,000,310 | ---- | M] ()

========== Chrome ==========

CHR - Extension: No name found = C:\Users\jurym\AppData\Local\Google\Chrome\User Data\Default\Extensions\aahpfefkmihhdabllidnlipghcjgpkdm\4.0.0_0\
CHR - Extension: No name found = C:\Users\jurym\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimboljphncldaakcnapfolgnjonlea\3.1.2_0\
CHR - Extension: No name found = C:\Users\jurym\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnojnbdhbhnkbcieeekonklommdnndci\8.2.3_0\
CHR - Extension: No name found = C:\Users\jurym\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj\4.0.2_0\
CHR - Extension: No name found = C:\Users\jurym\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcoegfodcnjofhjfbhegcgjgapeichlf\2.6_0\
CHR - Extension: No name found = C:\Users\jurym\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\2.0.4_0\
CHR - Extension: No name found = C:\Users\jurym\AppData\Local\Google\Chrome\User Data\Default\Extensions\eeckiajfclogcacnhgigljkcgabfcmco\25.4.8_0\
CHR - Extension: No name found = C:\Users\jurym\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil\2.1.6_0\
CHR - Extension: No name found = C:\Users\jurym\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb\4.77.4.0_0\
CHR - Extension: No name found = C:\Users\jurym\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.92.1_0\
CHR - Extension: No name found = C:\Users\jurym\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\6.21.2_0\
CHR - Extension: No name found = C:\Users\jurym\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjebfgojnlefhdgmomncgjglmdckngij\1.0.6_0\
CHR - Extension: No name found = C:\Users\jurym\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkdmdpdhfaamhgaojpelccmeehpfljgf\3.0.1_0\
CHR - Extension: No name found = C:\Users\jurym\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgncicmcfanpemdmknkcaahbgobahngg\0.0.3_0\
CHR - Extension: No name found = C:\Users\jurym\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg\2.1.1.7_0\
CHR - Extension: No name found = C:\Users\jurym\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfpoemjdmpnbcnidaedpngfikhlchicf\3.2.3_0\
CHR - Extension: No name found = C:\Users\jurym\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\
CHR - Extension: No name found = C:\Users\jurym\AppData\Local\Google\Chrome\User Data\Default\Extensions\oncbjlgldmiagjophlhobkogeladjijl\0.2.0_0\

Speedhack · Příspěvekod **Speedhack** » 07 čer 2025 11:36

O1 HOSTS File: ([2019.12.07 11:12:44 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IEToEdge BHO) - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\137.0.3296.62\BHO\ie_to_edge_bho_64.dll (Microsoft Corporation)
O2 - BHO: (IEToEdge BHO) - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\137.0.3296.62\BHO\ie_to_edge_bho.dll (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [SecurityHealth] C:\Windows\SysNative\SecurityHealthSystray.exe (Microsoft Corporation)
O4 - HKCU..\Run: [MicrosoftEdgeAutoLaunch_A7041B98F49F61AFAE05F3B03BDD5F31] C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
O4 - HKCU..\Run: [OneDrive] C:\Users\jurym\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableFullTrustStartupTasks = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUwpStartupTasks = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportFullTrustStartupTasks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportUwpStartupTasks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000014 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 31.30.90.11 31.30.90.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{b6b42036-5e4f-497b-b0e3-255fdaad888d}: DhcpNameServer = 31.30.90.11 31.30.90.12
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2025.06.06 23:16:30 | 000,000,000 | ---D | C] -- C:\Users\jurym\AppData\Local\PlaceholderTileLogoFolder
[2025.06.06 22:25:27 | 000,000,000 | -H-D | C] -- C:\OneDriveTemp
[2025.06.06 21:57:58 | 000,606,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wd\WdFilter.sys
[2025.06.06 21:57:58 | 000,331,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wd\KslD.sys
[2025.06.06 21:57:58 | 000,267,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wd\WdDevFlt.sys
[2025.06.06 21:57:58 | 000,100,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wd\WdNisDrv.sys
[2025.06.06 21:57:58 | 000,019,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wd\WdBoot.sys
[2025.06.06 21:23:19 | 000,000,000 | ---D | C] -- C:\Users\jurym\AppData\Local\Backup
[2025.06.06 21:16:59 | 000,000,000 | -H-D | C] -- C:\$WinREAgent
[2025.06.05 23:18:51 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2025.06.05 23:15:10 | 000,000,000 | ---D | C] -- C:\Users\jurym\AppData\Local\CEF
[2025.06.05 23:15:09 | 000,000,000 | ---D | C] -- C:\Users\jurym\AppData\Local\Steam
[2025.06.05 23:15:09 | 000,000,000 | ---D | C] -- C:\Users\jurym\AppData\Local\NVIDIA
[2025.06.05 23:14:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2025.06.05 23:14:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2025.06.05 23:14:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2025.06.05 22:42:23 | 000,000,000 | ---D | C] -- C:\Users\jurym\AppData\Local\Comms
[2025.06.05 22:28:32 | 000,000,000 | ---D | C] -- C:\Users\jurym\AppData\Local\Google
[2025.06.05 22:28:27 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2025.06.05 22:28:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2025.06.05 22:27:40 | 000,000,000 | R--D | C] -- C:\Users\jurym\OneDrive
[2025.06.05 22:27:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft OneDrive
[2025.06.05 22:26:20 | 000,000,000 | ---D | C] -- C:\Users\jurym\AppData\Local\Publishers
[2025.06.05 22:26:18 | 000,000,000 | R--D | C] -- C:\Users\jurym\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2025.06.05 22:26:18 | 000,000,000 | R--D | C] -- C:\Users\jurym\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2025.06.05 22:26:18 | 000,000,000 | ---D | C] -- C:\Users\jurym\AppData\Local\D3DSCache
[2025.06.05 22:26:17 | 000,000,000 | R--D | C] -- C:\Users\jurym\Searches
[2025.06.05 22:26:17 | 000,000,000 | R--D | C] -- C:\Users\jurym\Contacts
[2025.06.05 22:26:17 | 000,000,000 | R--D | C] -- C:\Users\jurym\3D Objects
[2025.06.05 22:26:17 | 000,000,000 | ---D | C] -- C:\Users\jurym\AppData\Local\VirtualStore
[2025.06.05 22:26:17 | 000,000,000 | ---D | C] -- C:\Users\jurym\AppData\Local\Packages
[2025.06.05 22:26:17 | 000,000,000 | ---D | C] -- C:\Users\jurym\AppData\Local\ConnectedDevicesPlatform
[2025.06.05 22:26:17 | 000,000,000 | ---D | C] -- C:\Users\jurym\AppData\Roaming\Adobe
[2025.06.05 22:23:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSI
[2025.06.05 22:23:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Packages
[2025.06.05 22:23:37 | 000,000,000 | --SD | C] -- C:\Users\jurym\AppData\Roaming\Microsoft
[2025.06.05 22:23:37 | 000,000,000 | R--D | C] -- C:\Users\jurym\Videos
[2025.06.05 22:23:37 | 000,000,000 | R--D | C] -- C:\Users\jurym\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2025.06.05 22:23:37 | 000,000,000 | R--D | C] -- C:\Users\jurym\Saved Games
[2025.06.05 22:23:37 | 000,000,000 | R--D | C] -- C:\Users\jurym\Pictures
[2025.06.05 22:23:37 | 000,000,000 | R--D | C] -- C:\Users\jurym\Music
[2025.06.05 22:23:37 | 000,000,000 | R--D | C] -- C:\Users\jurym\Links
[2025.06.05 22:23:37 | 000,000,000 | R--D | C] -- C:\Users\jurym\Favorites
[2025.06.05 22:23:37 | 000,000,000 | R--D | C] -- C:\Users\jurym\Downloads
[2025.06.05 22:23:37 | 000,000,000 | R--D | C] -- C:\Users\jurym\Documents
[2025.06.05 22:23:37 | 000,000,000 | R--D | C] -- C:\Users\jurym\Desktop
[2025.06.05 22:23:37 | 000,000,000 | R--D | C] -- C:\Users\jurym\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2025.06.05 22:23:37 | 000,000,000 | R--D | C] -- C:\Users\jurym\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2025.06.05 22:23:37 | 000,000,000 | -HSD | C] -- C:\Users\jurym\AppData\Local\Temporary Internet Files
[2025.06.05 22:23:37 | 000,000,000 | -HSD | C] -- C:\Users\jurym\Šablony
[2025.06.05 22:23:37 | 000,000,000 | -HSD | C] -- C:\Users\jurym\Soubory cookie
[2025.06.05 22:23:37 | 000,000,000 | -HSD | C] -- C:\Users\jurym\SendTo
[2025.06.05 22:23:37 | 000,000,000 | -HSD | C] -- C:\Users\jurym\Poslední
[2025.06.05 22:23:37 | 000,000,000 | -HSD | C] -- C:\Users\jurym\Okolní tiskárny
[2025.06.05 22:23:37 | 000,000,000 | -HSD | C] -- C:\Users\jurym\Okolní síť
[2025.06.05 22:23:37 | 000,000,000 | -HSD | C] -- C:\Users\jurym\Documents\Obrázky
[2025.06.05 22:23:37 | 000,000,000 | -HSD | C] -- C:\Users\jurym\Nabídka Start
[2025.06.05 22:23:37 | 000,000,000 | -HSD | C] -- C:\Users\jurym\Local Settings
[2025.06.05 22:23:37 | 000,000,000 | -HSD | C] -- C:\Users\jurym\Documents\Hudba
[2025.06.05 22:23:37 | 000,000,000 | -HSD | C] -- C:\Users\jurym\AppData\Local\History
[2025.06.05 22:23:37 | 000,000,000 | -HSD | C] -- C:\Users\jurym\Documents\Filmy
[2025.06.05 22:23:37 | 000,000,000 | -HSD | C] -- C:\Users\jurym\Dokumenty
[2025.06.05 22:23:37 | 000,000,000 | -HSD | C] -- C:\Users\jurym\Data aplikací
[2025.06.05 22:23:37 | 000,000,000 | -HSD | C] -- C:\Users\jurym\AppData\Local\Data aplikací
[2025.06.05 22:23:37 | 000,000,000 | -H-D | C] -- C:\Users\jurym\AppData
[2025.06.05 22:23:37 | 000,000,000 | ---D | C] -- C:\Users\jurym\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
[2025.06.05 22:23:37 | 000,000,000 | ---D | C] -- C:\Users\jurym\AppData\Local\Temp
[2025.06.05 22:23:37 | 000,000,000 | ---D | C] -- C:\Users\jurym\AppData\Local\Microsoft
[2025.06.05 22:23:37 | 000,000,000 | ---D | C] -- C:\Users\jurym\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2025.06.05 22:23:14 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2025.06.05 22:23:13 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2025.06.05 22:23:13 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2025.06.05 22:23:12 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NVIDIA Corporation
[2025.06.05 22:23:12 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\lxss
[2025.06.05 22:23:12 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NVIDIA Corporation\Drs
[2025.06.05 22:22:57 | 016,200,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2025.06.05 22:22:57 | 014,270,096 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2025.06.05 22:22:57 | 007,133,144 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2025.06.05 22:22:57 | 006,914,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2025.06.05 22:22:57 | 006,212,848 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2025.06.05 22:22:57 | 005,910,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2025.06.05 22:22:57 | 005,348,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcudadebugger.dll
[2025.06.05 22:22:57 | 003,788,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2025.06.05 22:22:57 | 002,178,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2025.06.05 22:22:57 | 001,629,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2025.06.05 22:22:57 | 001,547,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2025.06.05 22:22:57 | 001,202,808 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2025.06.05 22:22:57 | 001,078,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvml.dll
[2025.06.05 22:22:57 | 001,034,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
[2025.06.05 22:22:57 | 000,856,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvidia-smi.exe
[2025.06.05 22:22:57 | 000,853,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\MCU.exe
[2025.06.05 22:22:57 | 000,822,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\NVIDIA Corporation\Drs\dbInstaller.exe
[2025.06.05 22:22:57 | 000,796,792 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
[2025.06.05 22:22:57 | 000,669,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvofapi64.dll
[2025.06.05 22:22:57 | 000,505,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvofapi.dll
[2025.06.05 22:22:57 | 000,477,704 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2025.06.05 22:22:57 | 000,461,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdebugdump.exe
[2025.06.05 22:22:57 | 000,374,816 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2025.06.05 22:22:57 | 000,131,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2025.06.05 22:20:48 | 003,016,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PrintConfig.dll
[2025.06.05 22:20:40 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2025.06.05 22:20:31 | 000,000,000 | -HSD | C] -- C:\Recovery
[2025.06.05 22:20:30 | 000,000,000 | -HSD | C] -- C:\ProgramData\Šablony
[2025.06.05 22:20:30 | 000,000,000 | -HSD | C] -- C:\ProgramData\Plocha
[2025.06.05 22:20:30 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Obrázky
[2025.06.05 22:20:30 | 000,000,000 | -HSD | C] -- C:\ProgramData\Nabídka Start
[2025.06.05 22:20:30 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Hudba
[2025.06.05 22:20:30 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Filmy
[2025.06.05 22:20:30 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2025.06.05 22:20:30 | 000,000,000 | -HSD | C] -- C:\Documents and Settings
[2025.06.05 22:20:30 | 000,000,000 | -HSD | C] -- C:\ProgramData\Data aplikací
[2025.06.05 22:19:29 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2025.06.05 22:19:26 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\wd
[2025.06.05 22:19:21 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\Microsoft
[2025.06.05 22:19:21 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SleepStudy
[2025.06.05 22:19:21 | 000,000,000 | ---D | C] -- C:\Windows\ServiceProfiles
[2025.06.05 22:19:20 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2025.06.05 22:19:20 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2025.06.07 11:15:47 | 001,605,602 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2025.06.07 11:15:47 | 000,682,184 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2025.06.07 11:15:47 | 000,665,934 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2025.06.07 11:15:47 | 000,137,000 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2025.06.07 11:15:47 | 000,125,292 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2025.06.07 11:11:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2025.06.07 11:09:17 | 016,777,216 | -HS- | M] () -- C:\swapfile.sys
[2025.06.07 11:09:16 | 2545,754,111 | -HS- | M] () -- C:\hiberfil.sys
[2025.06.06 21:57:57 | 000,606,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wd\WdFilter.sys
[2025.06.06 21:57:57 | 000,331,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wd\KslD.sys
[2025.06.06 21:57:57 | 000,267,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wd\WdDevFlt.sys
[2025.06.06 21:57:57 | 000,100,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wd\WdNisDrv.sys
[2025.06.06 21:57:57 | 000,019,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wd\WdBoot.sys
[2025.06.05 23:25:05 | 000,060,731 | ---- | M] () -- C:\Users\jurym\Desktop\sp.jpg
[2025.06.05 23:14:52 | 000,001,036 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2025.06.05 22:31:54 | 000,002,394 | ---- | M] () -- C:\Users\jurym\Desktop\Michal - Chrome.lnk
[2025.06.05 22:28:31 | 000,002,206 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2025.06.05 22:20:03 | 000,164,888 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2025.06.05 22:20:03 | 000,164,888 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2025.06.05 22:19:27 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2025.06.05 22:19:21 | 000,259,768 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2025.06.05 23:25:05 | 000,060,731 | ---- | C] () -- C:\Users\jurym\Desktop\sp.jpg
[2025.06.05 23:14:52 | 000,001,036 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2025.06.05 22:31:54 | 000,002,394 | ---- | C] () -- C:\Users\jurym\Desktop\Michal - Chrome.lnk
[2025.06.05 22:28:31 | 000,002,247 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
[2025.06.05 22:28:31 | 000,002,206 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2025.06.05 22:24:29 | 001,605,602 | ---- | C] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2025.06.05 22:23:37 | 000,002,381 | ---- | C] () -- C:\Users\jurym\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
[2025.06.05 22:22:57 | 025,312,776 | ---- | C] () -- C:\Windows\SysNative\nvidia-pcc.exe
[2025.06.05 22:22:57 | 002,040,680 | ---- | C] () -- C:\Windows\SysNative\vulkaninfo-1-999-0-0-0.exe
[2025.06.05 22:22:57 | 002,040,680 | ---- | C] () -- C:\Windows\SysNative\vulkaninfo.exe
[2025.06.05 22:22:57 | 001,984,964 | ---- | C] () -- C:\Windows\SysNative\drivers\NVIDIA Corporation\Drs\nvdrsdb.bin
[2025.06.05 22:22:57 | 001,583,976 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo-1-999-0-0-0.exe
[2025.06.05 22:22:57 | 001,583,976 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo.exe
[2025.06.05 22:22:57 | 001,446,760 | ---- | C] () -- C:\Windows\SysNative\vulkan-1-999-0-0-0.dll
[2025.06.05 22:22:57 | 001,446,760 | ---- | C] () -- C:\Windows\SysNative\vulkan-1.dll
[2025.06.05 22:22:57 | 001,296,744 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1-999-0-0-0.dll
[2025.06.05 22:22:57 | 001,296,744 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1.dll
[2025.06.05 22:22:57 | 000,127,247 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2025.06.05 22:21:02 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2025.06.05 22:20:21 | 2545,754,111 | -HS- | C] () -- C:\hiberfil.sys
[2025.06.05 22:20:03 | 000,164,888 | ---- | C] () -- C:\Windows\SysWow64\license.rtf
[2025.06.05 22:20:03 | 000,164,888 | ---- | C] () -- C:\Windows\SysNative\license.rtf
[2025.06.05 22:19:27 | 000,002,436 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
[2025.06.05 22:19:27 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2025.06.05 22:19:21 | 016,777,216 | -HS- | C] () -- C:\swapfile.sys
[2025.06.05 22:19:20 | 000,259,768 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2023.12.04 04:48:01 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2023.12.04 04:48:00 | 000,018,944 | ---- | C] () -- C:\Windows\SysWow64\WsdProviderUtil.dll
[2023.12.04 04:47:25 | 000,048,552 | ---- | C] () -- C:\Windows\SysWow64\umpdc.dll
[2023.12.04 04:47:23 | 000,469,624 | ---- | C] () -- C:\Windows\SysWow64\WindowManagementAPI.dll
[2023.12.04 04:47:22 | 001,333,760 | ---- | C] () -- C:\Windows\SysWow64\TextInputMethodFormatter.dll
[2023.12.04 04:47:22 | 000,613,680 | ---- | C] () -- C:\Windows\SysWow64\TextShaping.dll
[2023.12.04 04:47:22 | 000,235,520 | ---- | C] () -- C:\Windows\SysWow64\HeatCore.dll
[2023.12.04 04:47:16 | 000,318,976 | ---- | C] () -- C:\Windows\SysWow64\Windows.Internal.UI.Shell.WindowTabManager.dll
[2023.12.04 04:47:14 | 000,224,256 | ---- | C] () -- C:\Windows\SysWow64\TpmTool.exe
[2023.12.04 04:47:13 | 000,330,752 | ---- | C] () -- C:\Windows\SysWow64\ssdm.dll
[2023.12.04 04:47:13 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\CoreMas.dll
[2023.12.04 04:47:12 | 000,010,752 | ---- | C] () -- C:\Windows\SysWow64\agentactivationruntimestarter.exe

========== ZeroAccess Check ==========

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2023.12.04 04:46:30 | 008,013,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2023.12.04 04:47:24 | 006,402,688 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2023.12.04 04:45:57 | 001,075,200 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2023.12.04 04:47:17 | 000,803,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2019.12.07 11:08:19 | 000,514,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

========== Purity Check ==========

< End of report >

Speedhack · Příspěvekod **Speedhack** » 07 čer 2025 11:37

OTL Extras logfile created on: 07.06.2025 11:30:51 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\jurym\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.19041.0)
Locale: 00000405 | Country: | Language: CSY | Date Format: dd.MM.yyyy

15,93 Gb Total Physical Memory | 12,51 Gb Available Physical Memory | 78,53% Memory free
18,80 Gb Paging File | 13,80 Gb Available in Paging File | 73,38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 953,22 Gb Total Space | 903,80 Gb Free Space | 94,82% Space Free | Partition Type: NTFS
Drive S: | 232,88 Gb Total Space | 232,79 Gb Free Space | 99,96% Space Free | Partition Type: NTFS

Computer Name: DESKTOP-OG17FKP | User Name: jurym | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- Reg Error: Key error.
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location -literalPath '%V' (Microsoft Corporation)
Directory [UpdateEncryptionSettings] -- Reg Error: Key error.
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location -literalPath '%V' (Microsoft Corporation)
Directory [UpdateEncryptionSettings] -- Reg Error: Key error.
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Feature]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av]
"DataMigrated" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{D68DDC3A-831F-4fae-9E44-DA132C1ACF46}]
"GUID" = {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
"DISPLAYNAME" = Antivirová ochrana v programu Microsoft Defender
"STATE" = 397568
"PRODUCTEXE" = windowsdefender://
"REPORTINGEXE" = %ProgramFiles%\Windows Defender\MsMpeng.exe -- (Microsoft Corporation)

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\CBP]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\CBP\cc2030a3-0af9-4012-a917-02f3a4d79724]
"GUID" = cc2030a3-0af9-4012-a917-02f3a4d79724
"CALLINGBINARY" = C:\Users\jurym\AppData\Local\Microsoft\OneDrive\OneDrive.exe -- (Microsoft Corporation)
"NAMESPACE" = C:\Users\jurym\OneDrive -- [2025.06.06 22:25:32 | 000,000,000 | R--D | M]
"DISPLAYNAME" = OneDrive - Osobní
"EXEPATH" = C:\Users\jurym\AppData\Local\Microsoft\OneDrive\OneDrive.exe -- (Microsoft Corporation)
"ACCOUNTNAME" = jurymustang@gmail.com
"USERSID" = S-1-5-21-1099986961-2396245600-2247374929-1001
"TYPE" = 0
"SIGNED" = 1
"FLAGS" = 0
"STATE" = 0
"RESTOREURL" = https://my.microsoftpersonalcontent.com ... T20:25:28Z

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\DPA]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw]
"DataMigrated" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp\WebProtection]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ProvidersMigration]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ProvidersMigration\WicaUpgradableAVs]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 60 98 28 91 57 D6 DB 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Feature]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\CBP]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\DPA]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp\WebProtection]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ProvidersMigration]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C2A0C64-17F7-46BF-8D33-933B19FD60C8}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"{38AE6298-4667-4B06-84AE-E1AAD7FC24C4}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft\edge\application\msedge.exe |
"{9D95ADE1-E40F-467B-AA22-48FE73A9C56F}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft\edgewebview\application\137.0.3296.68\msedgewebview2.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0004731F-364F-4870-BE52-E21B5FEE2890}" = dir=in | name=@{microsoft.zunemusic_10.19071.19011.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{024D0D50-BE68-4BB0-B257-2054C90D07A6}" = dir=out | name=nvidia control panel |
"{07A37DEE-302A-4598-86EF-2D0C4025BD0C}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.19041.3636.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{0B56C084-A4CA-4450-B10C-52333A5B64F1}" = dir=out | name=@{microsoftwindows.client.cbs_1000.19053.1000.0_x64__cw5n1h2txyewy?ms-resource://microsoftwindows.client.cbs/resources/productpkgdisplayname} |
"{0D847F02-F240-4593-BC2E-172B0D1B26CE}" = dir=out | name=cortana |
"{10FA3636-029D-4BE3-B065-3B4456193082}" = dir=out | name=@{microsoft.getstarted_8.2.22942.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} |
"{1598B6DF-EB94-4BFC-9866-184F174CA0B8}" = dir=out | name=@{microsoft.xboxidentityprovider_12.50.6001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxidentityprovider/resources/displayname} |
"{1E203A3C-D0F8-45C4-9E48-54EAA45E6860}" = dir=out | name=microsoft solitaire collection |
"{1E9BE7D3-A4BF-4B1A-8A4B-19088499B23D}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.19041.3636.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{204028C9-D8D5-4EB8-A47E-4BA061790D5E}" = dir=in | name=skype |
"{2086DE5C-AAEC-4BA5-8C89-738C50255054}" = dir=out | name=@{microsoft.windowsfeedbackhub_1.1907.3152.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{2230B4C9-04E3-4BF1-910A-F2C081F28B2A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{228771D4-CBD1-4096-9903-9D3C1EB5647C}" = dir=in | name=onenote |
"{2343183F-4AAC-4749-8642-367F8F479E05}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.19041.3636.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{26202CEC-91EC-418E-A903-AA8A8B008D6C}" = dir=out | name=@{microsoft.windows.startmenuexperiencehost_10.0.19041.3636_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.startmenuexperiencehost/startmenuexperiencehost/pkgdisplayname} |
"{26552229-6831-4938-A98A-373D71C67F59}" = dir=out | name=@{microsoft.accountscontrol_10.0.19041.3636_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{2691E08A-B5DB-4AF2-BDFE-996857BDB42A}" = dir=out | name=@{microsoft.zunemusic_10.19071.19011.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{2BA8B4FD-C9A8-47C5-B50C-B98040BB2311}" = dir=in | name=@{microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{2C0FDF3D-41C0-48D2-A310-09A2B7E881BF}" = dir=in | name=@{microsoft.desktopappinstaller_1.0.30251.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.desktopappinstaller/resources/appdisplayname} |
"{35F3474C-CF15-4EFA-826A-C2070F68BE4E}" = dir=out | name=microsoft pay |
"{38DAE5E1-AD5C-46A6-A4A5-C006B453D60D}" = dir=out | name=@{microsoft.desktopappinstaller_1.0.30251.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.desktopappinstaller/resources/appdisplayname} |
"{3FB82472-A2A0-443B-9CD4-40871AC24C37}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.19041.3636.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{4169ADEC-D45F-44F3-8476-6213943D57B6}" = dir=in | name=@{microsoft.windows.search_1.14.10.19041_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.search/resources/packagedisplayname} |
"{43352874-D32D-425C-8BF3-AF51677FA366}" = dir=out | name=@{microsoft.xboxgamingoverlay_2.34.28001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxgamingoverlay/resources/gamebar} |
"{46401517-FDAE-421E-9DE4-B597CEDC800D}" = dir=out | name=@{microsoft.windows.narratorquickstart_10.0.19041.3636_neutral_neutral_8wekyb3d8bbwe?ms-resource://microsoft.windows.narratorquickstart/resources/appdisplayname} |
"{4A3F5E99-8396-4CC9-A698-4B9921C72784}" = dir=out | name=@{microsoft.microsoft3dviewer_6.1908.2042.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoft3dviewer/common.view.uwp/resources/storeappname} |
"{52F7185D-E078-4804-9213-BC95619BDDED}" = dir=out | name=@{microsoft.windows.apprep.chxapp_1000.19041.3636.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.apprep.chxapp/resources/displayname} |
"{5D3C6E57-B403-4C25-AE16-D5BDD7B32F14}" = dir=out | name=@{microsoft.windows.search_1.14.10.19041_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.search/resources/packagedisplayname} |
"{5D72F9E3-AA17-4261-A8DB-82F3EB17B868}" = dir=in | name=@{microsoft.win32webviewhost_10.0.19041.3636_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.win32webviewhost/resources/displayname} |
"{5DE5ADB1-CD84-4EA4-BCF5-1C3E6FE896AB}" = dir=out | name=@{microsoft.windows.oobenetworkcaptiveportal_10.0.19041.3636_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.oobenetworkcaptiveportal/resources/appdisplayname} |
"{600B4CD9-2F95-46CC-89A7-F7A229E9FF93}" = dir=out | name=xbox |
"{602D3BEF-9ADB-48C7-ABBE-64B9F8E2CC51}" = dir=in | name=microsoft solitaire collection |
"{60C711FE-0AEB-4A71-859E-786B51F46609}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{65895528-EE2A-4E64-837C-27F25D114D98}" = dir=out | name=@{microsoft.mixedreality.portal_2000.19081.1301.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.mixedreality.portal/resources/pkgdisplayname} |
"{682F4944-DADE-4B61-B0B8-BD5CB41D899A}" = dir=out | name=xbox game bar plugin |
"{68B701E1-8FEA-4D18-AE2C-3527BB08DAE3}" = dir=in | name=microsoft sticky notes |
"{6AD39407-AAD4-4078-B3D8-99A86F41B06A}" = dir=out | name=skype |
"{6BE49F9B-61C3-40E0-992E-1DF6B9051E69}" = dir=out | name=@{microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{6E6A8615-BFCD-4979-A2AE-FEFDF5CC7AA0}" = dir=in | name=cortana |
"{7301ED25-7063-4AEE-A2AE-2621920983F5}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.19041.3636_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{740C857F-4C95-41D1-9D3C-734969A0D8E3}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.19041.3636_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{7ABC6426-78E4-4C9F-AFA7-FE2D6742C345}" = dir=in | name=@{microsoft.zunevideo_10.19071.19011.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{7F3741D0-DA85-43F3-BAA8-669F560E61DF}" = dir=out | name=onenote |
"{8770731E-1BE5-4655-BFB8-38EC8DABF888}" = dir=out | name=@{microsoft.windowsmaps_5.1906.1972.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} |
"{89BD86C7-4363-49B3-B1FE-635387549C3A}" = dir=out | name=ncsiuwpapp |
"{9E0F885F-F749-4821-9CAD-4FC4CED8A32B}" = dir=out | name=@{microsoft.gethelp_10.1706.13331.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.gethelp/resources/appdisplayname} |
"{A05C526D-2E4E-41DD-8E7B-735974589062}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.19041.3636_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{A6377ABE-1D0C-46DC-97FF-50E5A70A8AD3}" = dir=in | name=@{microsoft.windows.startmenuexperiencehost_10.0.19041.3636_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.startmenuexperiencehost/startmenuexperiencehost/pkgdisplayname} |
"{A7F9358B-0D43-40C8-B9AD-EE0E91CF08B2}" = dir=out | name=@{microsoft.lockapp_10.0.19041.3636_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{A9A671D0-8FE6-4D4B-938A-FE25620AADA8}" = dir=out | name=office |
"{A9FC45F3-BB48-42E4-84AA-7E183218FE16}" = dir=in | name=@{microsoft.windowsstore_11910.1002.5.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{AD7E3248-27A1-4BFE-A8FB-6CA1F83C9C2B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\cef\cef.win7x64\steamwebhelper.exe |
"{AE4A277A-9957-455E-A599-9F89454912D2}" = dir=in | name=@{microsoft.xboxgamingoverlay_2.34.28001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxgamingoverlay/resources/gamebar} |
"{B1804484-21E3-4F86-8025-DC3F791E9F0E}" = dir=out | name=@{microsoft.mspaint_6.1907.29027.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.mspaint/resources/appname} |
"{B7426855-167B-4C8E-8A62-A4C2566277F5}" = dir=out | name=@{microsoft.bingweather_4.25.20211.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{BC0DCF7E-D3E4-40A4-AD07-03557C38F702}" = dir=out | name=@{microsoft.yourphone_0.19051.7.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.yourphone/resources/appname} |
"{C03F26E9-8547-481D-B17E-E1691C779A7D}" = dir=out | name=@{microsoft.windowscamera_2018.826.98.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscamera/resources/appstorename} |
"{C53398CF-4A17-4BB8-84DC-00D898E00FAB}" = dir=out | name=@{microsoft.people_10.1902.633.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} |
"{C96F0085-CB17-44BC-B835-7B87C30E7690}" = dir=out | name=@{microsoft.zunevideo_10.19071.19011.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{CB0E62F9-FA86-4705-9C15-27199C30C0C2}" = dir=out | name=@{microsoft.windows.peopleexperiencehost_10.0.19041.3636_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.peopleexperiencehost/resources/pkgdisplayname} |
"{CE96A334-57DA-4B2C-A5D3-BBFD7711557A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\cef\cef.win7x64\steamwebhelper.exe |
"{D0E12B2E-DCAF-45C1-838D-7488558069F2}" = dir=out | name=@{microsoft.windowscalculator_10.1906.55.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscalculator/resources/appstorename} |
"{D648F21A-4DC6-492D-8915-4FF8B63092F2}" = dir=out | name=xbox tcui |
"{DA6D22C8-5F67-43F7-A812-EB84D3F8958B}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.19041.3636_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{DC24A22B-14D2-4F7D-A742-3CFDD516D140}" = dir=in | name=@{microsoft.windows.photos_2019.19071.12548.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{DEC87A16-E1D3-430F-947B-0744B271B739}" = dir=in | name=xbox |
"{E844DD51-3323-4218-A2CC-FA7A59FD69BB}" = dir=out | name=@{microsoft.windows.sechealthui_10.0.19041.3636_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.sechealthui/resources/packagedisplayname} |
"{EB1A4B33-68D3-4EA4-8D24-45A495EEE955}" = dir=out | name=microsoft sticky notes |
"{EE9954DF-8B98-483E-8351-8A93148B6BAE}" = dir=out | name=@{microsoft.windowsstore_11910.1002.5.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{EF149FB4-D3AC-4592-B3AB-89EBD847423A}" = dir=out | name=@{microsoft.win32webviewhost_10.0.19041.3636_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.win32webviewhost/resources/displayname} |
"{F1049BBB-56F8-45B8-BE91-FFD9A25A8347}" = dir=out | name=@{microsoft.storepurchaseapp_11811.1001.18.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.storepurchaseapp/resources/displaytitle} |
"{F5502D04-BC18-435B-AB8F-39496FAEDA98}" = dir=out | name=@{microsoft.windows.photos_2019.19071.12548.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{F60DE891-6406-4250-A0E0-0F0BF68231FE}" = dir=in | name=@{microsoft.windows.sechealthui_10.0.19041.3636_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.sechealthui/resources/packagedisplayname} |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 560.94
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Microsoft Edge" = Microsoft Edge
"Microsoft EdgeWebView" = Microsoft Edge WebView2 Runtime
"Steam" = Steam

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"OneDriveSetup.exe" = Microsoft OneDrive

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 05.06.2025 16:20:29 | Computer Name = DESKTOP-OG17FKP | Source = Microsoft-Windows-CAPI2 | ID = 257
Description = Služba Šifrování neinicializovala databázi katalogu. Chyba součásti
ESENT: -1409.

Error - 05.06.2025 16:20:37 | Computer Name = DESKTOP-OG17FKP | Source = CertEnroll | ID = 39452758
Description =

Error - 05.06.2025 16:22:34 | Computer Name = DESKTOP-OG17FKP | Source = SecurityCenter | ID = 16
Description = Při aktualizaci stavu Windows Defender na SECURITY_PRODUCT_STATE_ON
došlo k chybě.

Error - 07.06.2025 5:09:24 | Computer Name = DESKTOP-OG17FKP | Source = CertEnroll | ID = 39452758
Description =

[ Parameters Events ]
OTL encountered an error while reading this event log. It may be corrupt.
[ State Events ]
OTL encountered an error while reading this event log. It may be corrupt.
Error - 05.06.2025 16:19:26 | Computer Name = WIN-U19R6QL9T1P | Source = Service Control Manager | ID = 7023
Description = Služba netprofm byla ukončena s následující chybou: %%21

Error - 05.06.2025 16:20:06 | Computer Name = WIN-U19R6QL9T1P | Source = Service Control Manager | ID = 7023
Description = Služba SysMain byla ukončena s následující chybou: %%6

Error - 05.06.2025 16:20:48 | Computer Name = DESKTOP-OG17FKP | Source = Service Control Manager | ID = 7030
Description = Služba Rozšíření a oznámení tiskárny je označena jako interaktivní
služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní
služby. Tato služba nebude fungovat správně.

Error - 05.06.2025 16:21:29 | Computer Name = DESKTOP-OG17FKP | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Instalace se nezdařila: Instalování následující aktualizace se nezdařilo
z důvodu chyby (0x8024200b): 2022-11 Aktualizace pro Windows 10 Version 22H2 pro
systémy typu x64 (KB5020683).

Error - 05.06.2025 17:15:10 | Computer Name = DESKTOP-OG17FKP | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Steam Client Service bylo dosaženo
časového limitu (30000 ms).

Error - 05.06.2025 17:15:10 | Computer Name = DESKTOP-OG17FKP | Source = Service Control Manager | ID = 7000
Description = Služba Steam Client Service neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 07.06.2025 5:09:20 | Computer Name = DESKTOP-OG17FKP | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (23:09:58, ?06.?06.?2025) bylo neočekávané.

Error - 07.06.2025 5:09:12 | Computer Name = DESKTOP-OG17FKP | Source = Microsoft-Windows-Kernel-Boot | ID = 29
Description =

< End of report >

Speedhack · Příspěvekod **Speedhack** » 07 čer 2025 12:21

Ještě mě tak napadlo, že jsem si bootovaci flashku vytvořil na infikovaném PC. Přitom jsem to mohl udělat z jiného clean NTB, mohlo se to na tu flashku přenést a znova nainstalovat? Jak to teď zjistit?

Vytvořit nový flash boot s win na clean pc a znova reinstal? haha

Příspěvekod **jaro3** » 07 čer 2025 15:48

No dostat se to tam z infikovaného pC mohlo. Zatím ale tohle:

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
CHR - Extension: No name found = C:\Users\jurym\AppData\Local\Google\Chrome\User Data\Default\Extensions\aahpfefkmihhdabllidnlipghcjgpkdm\4.0.0_0\
CHR - Extension: No name found = C:\Users\jurym\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimboljphncldaakcnapfolgnjonlea\3.1.2_0\
CHR - Extension: No name found = C:\Users\jurym\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnojnbdhbhnkbcieeekonklommdnndci\8.2.3_0\
CHR - Extension: No name found = C:\Users\jurym\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj\4.0.2_0\
CHR - Extension: No name found = C:\Users\jurym\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcoegfodcnjofhjfbhegcgjgapeichlf\2.6_0\
CHR - Extension: No name found = C:\Users\jurym\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf\2.0.4_0\
CHR - Extension: No name found = C:\Users\jurym\AppData\Local\Google\Chrome\User Data\Default\Extensions\eeckiajfclogcacnhgigljkcgabfcmco\25.4.8_0\
CHR - Extension: No name found = C:\Users\jurym\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil\2.1.6_0\
CHR - Extension: No name found = C:\Users\jurym\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb\4.77.4.0_0\
CHR - Extension: No name found = C:\Users\jurym\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.92.1_0\
CHR - Extension: No name found = C:\Users\jurym\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\6.21.2_0\
CHR - Extension: No name found = C:\Users\jurym\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjebfgojnlefhdgmomncgjglmdckngij\1.0.6_0\
CHR - Extension: No name found = C:\Users\jurym\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkdmdpdhfaamhgaojpelccmeehpfljgf\3.0.1_0\
CHR - Extension: No name found = C:\Users\jurym\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgncicmcfanpemdmknkcaahbgobahngg\0.0.3_0\
CHR - Extension: No name found = C:\Users\jurym\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg\2.1.1.7_0\
CHR - Extension: No name found = C:\Users\jurym\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfpoemjdmpnbcnidaedpngfikhlchicf\3.2.3_0\
CHR - Extension: No name found = C:\Users\jurym\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\
CHR - Extension: No name found = C:\Users\jurym\AppData\Local\Google\Chrome\User Data\Default\Extensions\oncbjlgldmiagjophlhobkogeladjijl\0.2.0_0\
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

:Files

:Reg
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[EMPTYJAVA]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na https://www.virustotal.com/#/home/uploadVirustotal
C:\Program Files (x86)\Google\GoogleUpdater\138.0.7194.0\updater.exe
C:\PROGRAMDATA\MICROSOFT\WINDOWS DEFENDER\PLATFORM\4.18.25040.2-0\COM.MICROSOFT.DEFENDER.BE.FIREFOX.JSON

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

Pak:
Kaspersky Virus Removal Tool
http://www.kaspersky.com/antivirus-removal-tool?form=1
https://www.majorgeeks.com/files/detail ... _tool.html
Návod:
https://support.kaspersky.com/kvrt2020/howto/15674

https://www.youtube.com/watch?v=OA50FrNWVIs
https://forums.malwarebytes.com/topic/3 ... eleatable/

Kontrola logu CHATGPT

Re: Kontrola logu CHATGPT

Re: Kontrola logu CHATGPT

Re: Kontrola logu CHATGPT

Re: Kontrola logu CHATGPT

Re: Kontrola logu CHATGPT

Re: Kontrola logu CHATGPT

Re: Kontrola logu CHATGPT

Re: Kontrola logu CHATGPT

Re: Kontrola logu CHATGPT

Re: Kontrola logu CHATGPT

Re: Kontrola logu CHATGPT

Re: Kontrola logu CHATGPT

Kdo je online