Vypinani PC (asi virem)

kedar700 · Příspěvekod **kedar700** » 17 bře 2020 23:31

Ahoj,
přeposlali mě zde z HW sekce, takže děkuji za pomoc
přikladam dole Hijacked this

Ahoj,
měl jsem tady na stejne tema problem ale nepodařil se vysvětlit proč to dělá, tak jsem si koupil nový zdroj na vánoce ale problem přetrvavá. Je možné, že chyba je v elektrickém okruhu bytu(velke kolisaní proudu nebo napětí)?

Děkuji za pomoc

Zprava z minuleho:

Dobrý den,
mám takový problem po nahodné době se mi samovolně vypne PC většinou když není nějak zatížen. Je nějaky program co umí měřit napěti v zakladní desce nebo mám to nějak měřit pomoci chytré zasuvky? Protože někdy se vypne po 2 hodinach provozu někdy po 12h a někdy se nevypne vůbec. Čekat s multimetrem než se to stane by bylo jako sázet sportku.
Tak jestli víte nějakou radu jak bych mohl zjistit jestli to je zdrojem nebo zakladní deskou byl bych moc rád

zdroj je : corsair cx600m
Děkuji předem

zde je můj problém
viewtopic.php?f=7&t=213625&p=1668107#p1668107

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:27:01, on 17.03.2020
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.18362.0001)

Boot mode: Normal

Running processes:
C:\Program Files (x86)\Razer\Synapse3\Service\..\UserProcess\Razer Synapse Service Process.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Users\kedar\AppData\Local\Microsoft\OneDrive\OneDrive.exe
E:\Steam\steam.exe
C:\Users\kedar\AppData\Roaming\Spotify\Spotify.exe
C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
C:\Users\kedar\AppData\Roaming\Spotify\Spotify.exe
C:\Users\kedar\AppData\Roaming\Spotify\Spotify.exe
C:\Users\kedar\AppData\Roaming\Spotify\Spotify.exe
C:\Users\kedar\AppData\Roaming\Spotify\Spotify.exe
C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
C:\Users\kedar\AppData\Roaming\uTorrent\utorrent.exe
C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe
C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
D:\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
D:\hamachi\hamachi-2-ui.exe
D:\hamachi\LMIGuardianSvc.exe
C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe
C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc\AdobeNotificationClient.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Users\kedar\AppData\Local\Discord\app-0.0.306\Discord.exe
C:\Users\kedar\AppData\Local\Discord\app-0.0.306\Discord.exe
C:\Users\kedar\AppData\Local\Discord\app-0.0.306\Discord.exe
C:\Users\kedar\AppData\Local\Discord\app-0.0.306\Discord.exe
C:\Users\kedar\AppData\Local\Discord\app-0.0.306\Discord.exe
C:\Users\kedar\AppData\Local\Discord\app-0.0.306\Discord.exe
C:\Users\kedar\AppData\Local\Microsoft\OneDrive\19.232.1124.0010\FileCoAuth.exe
E:\Riot Games\Riot Client\RiotClientServices.exe
E:\Riot Games\Riot Client\RiotClientCrashHandler.exe
E:\Legue\LeagueClient.exe
E:\Legue\LeagueCrashHandler.exe
E:\Legue\LeagueClientUx.exe
E:\Legue\LeagueClientUxRender.exe
E:\Legue\LeagueClientUxRender.exe
D:\Stažené Soubory\HijackThis(1).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O1 - Hosts: ::1 localhost
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_221\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_221\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "D:\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "D:\hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
O4 - HKCU\..\Run: [OneDrive] "C:\Users\kedar\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Steam] "E:\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [EADM] "D:\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [Spotify] C:\Users\kedar\AppData\Roaming\Spotify\Spotify.exe --autostart
O4 - HKCU\..\Run: [Synapse3] C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe /StartMinimized
O4 - HKCU\..\Run: [uTorrent] "C:\Users\kedar\AppData\Roaming\uTorrent\utorrent.exe"
O4 - HKUS\S-1-5-18\..\Run: [Synapse3] C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe /StartMinimized (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Synapse3] C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe /StartMinimized (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AdobeUpdateService - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
O23 - Service: AsusFanControlService - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.01\AsusFanControlService.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_bf32b - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.132\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - D:\hamachi\x64\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: Origin Client Service - Electronic Arts - D:\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - D:\Origin\OriginWebHelperService.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: Razer Chroma SDK Server - Razer Inc. - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
O23 - Service: Razer Chroma SDK Service - Razer Inc. - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
O23 - Service: Razer Game Manager (Razer Game Manager Service) - Razer Inc - C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
O23 - Service: Razer Synapse Service - Razer Inc. - C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
O23 - Service: Rockstar Game Library Service (Rockstar Service) - Rockstar Games - E:\RockstarLauncher\RockstarService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Razer Central Service (RzActionSvc) - Razer Inc. - C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
O23 - Service: Razer Surround Audio Service (RzSurroundVADStreamingService) - Unknown owner - C:\Program Files (x86)\Razer\Razer Surround\Driver\RzSurroundVADStreamingService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: VirtualBox system service (VBoxSDS) - Oracle Corporation - E:\virtualbox\VBoxSDS.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: Cisco AnyConnect Secure Mobility Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: Wallpaper Engine Service - Unknown owner - E:\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 17990 bytes

Reklama

Příspěvekod **Diallix** » 18 bře 2020 06:48

Dobry den.

:arrow: Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.

kecalek · Příspěvekod **kecalek** » 18 bře 2020 12:42

Odporúčal by som pracovať s AdwCleanerom v Safe Mode with Network (kvôli stiahnutiu aktualizovanej databázy)! Vtedy bežia len systémové aplikácie, potrebné na základný chod OS (spustené len základné ovládače, tedy default grafika, keyboard, mouse aj cez USB).
Doporučujem ešte predtým si stiahnuť MBAM a po vykonaní kontroly AdwCleanerom spustiť ešte MBAM - tiež v Safe Mode.
Čo sa nájde - všetko bez milosti vyhodiť - pozor - pokiaľ sú v PC/NB nejaké ich aplikácie, potrebné na nastavovanie funkcií komponentov - AdwCleaner ich tiež označuje ako potenciálne nežiadúce programy - Adware.

kedar700 · Příspěvekod **kedar700** » 18 bře 2020 12:45

# -------------------------------
# Malwarebytes AdwCleaner 8.0.3.0
# -------------------------------
# Build: 03-03-2020
# Database: 2020-03-13.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-18-2020
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 9
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\ytd video downloader
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
Deleted C:\ProgramData\ytd video downloader
Deleted C:\Users\kedar\AppData\Roaming\IObit\Advanced SystemCare

***** [ Files ] *****

Deleted C:\Users\Public\Desktop\YTD Video Downloader.lnk

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\{DAF8B7E5-449D-4180-8281-10E536E597F2}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
Deleted HKLM\Software\Wow6432Node\{DAF8B7E5-449D-4180-8281-10E536E597F2}
Deleted HKLM\Software\{DAF8B7E5-449D-4180-8281-10E536E597F2}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2136 octets] - [18/03/2020 11:57:09]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Příspěvekod **jaro3** » 18 bře 2020 18:30

kecalek: přečti si pravidla sekce HJT!!

Stáhni si ATF Cleaner
https://www.majorgeeks.com/mg/getmirror ... ner,2.html
Poklepej na ATF Cleaner.exe, klikni na select all, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.

Stáhni si TFC
http://www.geekstogo.com/forum/files/fi ... -oldtimer/
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Skenování“ , po prohledání klikni na „ Čištění“

Program provede opravu, po automatickém restartu klikni na „Log soubor“ a pak poklepej na odpovídají log, (C:\AdwCleaner [C?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu
http://www.bleepingcomputer.com/downloa ... oval-tool/
https://downloads.malwarebytes.com/file/JRT-EOL
na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Stáhni si Malwarebytes' Anti-Malware na plochu , nainstaluj a spusť ho
-Pokud není program aktuální , klikni na možnost „Aktualizovat nyní“ či „Opravit nyní“.
- bude nalezena aktualizace a nainstaluje se.
- poté klikni na Spustit skenování
- po proběhnutí skenu se ti objeví hláška vpravo dole, tak klikni na Zobrazit zprávu a vyber Export a vyber Kopírovat do schránky a vlož sem celý log. Nebo klikni na „Textový soubor ( .txt)“ a log si ulož.
-jinak se log nachází v programu po kliknutí na „Zprávy“ , nebo je uložen zde: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs

- po té klikni na tlačítko Dokončit, a program zavři křížkem vpravo nahoře.
(zatím nic nemaž!).
Pokud budou problémy , spusť v nouz. režimu.

Stáhni si Memtest:

Políčko , ve kterém je napsáno:
All unused RAM , změň na 2048.
-dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.
V případě vyšších kapacit RAM je třeba Memtest spustit několikrát , pro 2GB ( jednotlivá největší kapacita RAM) 2x , pro 4GB 3x , pro 8Gb 4x ap.
poklepej na Memtest , pak znovu a znovu , do políček všech Memtestů napiš 2048 , pak dej u všech Memtestů "Start".

Ještě zkontrolovat HDD na chyby ,popř. zkusit jeho defragmentaci ..

Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.

kedar700 · Příspěvekod **kedar700** » 19 bře 2020 10:52

Ahoj, tak u u toho ATF mi nejde rozkliknout ta mozilla na vyčištění nevím proč a memtest jsem nechal běžet celou noc a 0 errors
# -------------------------------
# Malwarebytes AdwCleaner 8.0.3.0
# -------------------------------
# Build: 03-03-2020
# Database: 2020-03-13.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-18-2020
# Duration: 00:00:00
# OS: Windows 10 Home
# Cleaned: 0
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2136 octets] - [18/03/2020 11:57:09]
AdwCleaner[C00].txt - [2158 octets] - [18/03/2020 12:00:09]
AdwCleaner[S01].txt - [1528 octets] - [18/03/2020 19:16:14]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64
Ran by kedar (Administrator) on 18.03.2020 at 19:19:52,17
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 1

Successfully deleted: C:\ProgramData\productdata (Folder)

user_pref(browser.urlbar.suggest.searches, false);

Registry: 0

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18.03.2020 at 19:22:33,71
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 18.03.20
Čas skenování: 19:25
Logovací soubor: ce36b9b0-6945-11ea-a5eb-40167ead14e1.json

-Informace o softwaru-
Verze: 4.1.0.56
Verze komponentů: 1.0.848
Aktualizovat verzi balíku komponent: 1.0.20956
Licence: Bezplatná

-Systémová informace-
OS: Windows 10 (Build 18362.720)
CPU: x64
Systém souborů: NTFS
Uživatel: KJODAR\kedar

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 352206
Zjištěné hrozby: 7
Hrozby umístěné do karantény: 7
Uplynulý čas: 2 min, 47 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 7
PUP.Optional.GameHack, C:\PROGRAM FILES\CHEAT ENGINE 7.0\STANDALONEPHASE1.DAT, Smazání při restartu, 7925, 393793, 1.0.20956, , ame,
PUP.Optional.InstallCore, D:\STAžENé SOUBORY\CHEATENGINE70.EXE, Smazání při restartu, 493, 500846, 1.0.20956, , ame,
HackTool.Agent.Nirsoft, D:\STAžENé SOUBORY\PRODUKEY-X64.ZIP, Smazání při restartu, 13272, 777493, 1.0.20956, , ame,
HackTool.Agent.Nirsoft, D:\STAžENé SOUBORY\PRODUKEY.ZIP, Smazání při restartu, 13272, 777493, 1.0.20956, , ame,
Adware.InstallCore, D:\STAžENé SOUBORY\PRODUKEY_SETUP_1145904520.EXE, Smazání při restartu, 494, 768623, 1.0.20956, F241469BE9501F83F88E78FB, dds, 00637500
PUP.Optional.YTDVideoDownloader, D:\STAžENé SOUBORY\YOUTUBE.DOWNLOADER.(YTD).PRO.V4.8.9.6.CRACKED-IND.RAR, Smazání při restartu, 13307, 591608, 1.0.20956, , ame,
Generic.Malware/Suspicious, D:\STAžENé SOUBORY\YTDSETUP.EXE, Smazání při restartu, 0, 392686, 1.0.20956, , shuriken,

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)

(end)

----------------------------------------------------------------------------
CrystalDiskInfo 8.1.0 (C) 2008-2019 hiyohiyo
Crystal Dew World : https://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 10 [10.0 Build 18363] (x64)
Date : 2020/03/18 19:36:35

-- Controller Map ----------------------------------------------------------
+ Standardní řadič SATA AHCI [ATA]
- SAMSUNG HD103SJ
- WDC WD30EZRX-00D8PB0
- KINGSTON SH103S3120G
+ Standardní řadič SATA AHCI [ATA]
- KINGSTON SA400S37240G
- WDC WD2005FBYZ-01YCBB2
- Řadič prostorů úložišť [SCSI]
+ Virtual CloneDrive [SCSI]
- ELBY CLONEDRIVE SCSI CdRom Device

-- Disk List ---------------------------------------------------------------
(1) KINGSTON SA400S37240G : 240,0 GB [0/0/0, pd1]
(2) WDC WD2005FBYZ-01YCBB2 : 2000,3 GB [1/0/0, pd1] - wd
(3) SAMSUNG HD103SJ : 1000,2 GB [2/1/0, pd1]
(4) WDC WD30EZRX-00D8PB0 : 3000,5 GB [3/1/0, pd1] - wd
(5) KINGSTON SH103S3120G : 120,0 GB [4/1/0, pd1] - sf

----------------------------------------------------------------------------
(1) KINGSTON SA400S37240G
----------------------------------------------------------------------------
Model : KINGSTON SA400S37240G
Firmware : SBFK61K1
Serial Number : 50026B768267788A
Disk Size : 240,0 GB (8,4/137,4/240,0/240,0)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 468862128
Rotation Rate : ---- (SSD)
Interface : Serial ATA
Major Version : ACS-3
Minor Version : ACS-3 Revision 4
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 4843 hod.
Power On Count : 587 krát
Temperature : 36 C (96 F)
Health Status : Neznámý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ, TRIM
APM Level : 0000h [OFF]
AAM Level : ----
Drive Letter : F:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 __0 100 __0 000000000000 Počet chyb čtení
09 100 100 __0 0000000012EB Hodin v činnosti
0C 100 100 __0 00000000024B Počet cyklů zapnutí zařízení
94 100 100 __0 000000000000 Specifický pro výrobce
95 100 100 __0 000000000000 Specifický pro výrobce
A7 100 100 __0 000000000000 Specifický pro výrobce
A8 100 100 __0 000000000000 Specifický pro výrobce
A9 100 100 __0 000000000009 Specifický pro výrobce
AA 100 100 __0 000000000014 Specifický pro výrobce
AC 100 100 __0 000000000000 Specifický pro výrobce
AD 100 100 __0 000000020003 Specifický pro výrobce
B5 100 100 __0 000000000000 Specifický pro výrobce
B6 100 100 __0 000000000000 Specifický pro výrobce
BB 100 100 __0 000000000000 Specifický pro výrobce
C0 100 100 __0 000000000034 Unsafe Shutdown Count
C2 _64 _48 __0 003400110024 Teplota
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C7 100 100 __0 000000000000 Specifický pro výrobce
DA 100 100 __0 000000000000 Specifický pro výrobce
E7 __1 __1 __0 000000000063 Specifický pro výrobce
E9 100 100 __0 0000000001F1 Specifický pro výrobce
F1 100 100 __0 000000000366 Total Host Writes
F2 100 100 __0 000000000DCF Total Host Reads
F4 100 100 __0 000000000002 Specifický pro výrobce
F5 100 100 __0 000000000003 Specifický pro výrobce
F6 100 100 __0 00000000B460 Specifický pro výrobce
F6 100 100 __0 00000000B460 Specifický pro výrobce

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 3530 3032 3642 3736 3832 3637 3738 3841 2020 2020
020: 0000 0000 0000 5342 464B 3631 4B31 4B49 4E47 5354
030: 4F4E 2053 4134 3030 5333 3732 3430 4720 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8001 4000 2F00
050: 4000 0000 0000 0007 3FFF 0010 003F FC10 00FB 0101
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0C00
070: 0000 0000 0000 0000 0000 001F 850E 0006 004C 0040
080: 07F8 011B 746B 7409 4160 7469 B401 4160 207F 000A
090: 001E 0000 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 44B0 1BF2 0000 0000 0000 0008 4000 0000 5002 6B76
110: 8267 788A 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0001
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0000 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 0001 0000 0000
220: 0000 0000 10FF 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0400 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 2CA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 32 00 00 64 00 00 00 00 00 00 00 09 32
010: 00 64 64 EB 12 00 00 00 00 00 0C 32 00 64 64 4B
020: 02 00 00 00 00 00 94 00 00 64 64 00 00 00 00 00
030: 00 00 95 00 00 64 64 00 00 00 00 00 00 00 A7 00
040: 00 64 64 00 00 00 00 00 00 00 A8 12 00 64 64 00
050: 00 00 00 00 00 00 A9 00 00 64 64 09 00 00 00 00
060: 00 00 AA 00 00 64 64 14 00 00 00 00 00 00 AC 32
070: 00 64 64 00 00 00 00 00 00 00 AD 00 00 64 64 03
080: 00 02 00 00 00 00 B5 32 00 64 64 00 00 00 00 00
090: 00 00 B6 00 00 64 64 00 00 00 00 00 00 00 BB 32
0A0: 00 64 64 00 00 00 00 00 00 00 C0 12 00 64 64 34
0B0: 00 00 00 00 00 00 C2 22 00 40 30 24 00 11 00 34
0C0: 00 00 C4 32 00 64 64 00 00 00 00 00 00 00 C7 32
0D0: 00 64 64 00 00 00 00 00 00 00 DA 32 00 64 64 00
0E0: 00 00 00 00 00 00 E7 00 00 01 01 63 00 00 00 00
0F0: 00 00 E9 32 00 64 64 F1 01 00 00 00 00 00 F1 32
100: 00 64 64 66 03 00 00 00 00 00 F2 32 00 64 64 CF
110: 0D 00 00 00 00 00 F4 00 00 64 64 02 00 00 00 00
120: 00 00 F5 00 00 64 64 03 00 00 00 00 00 00 F6 00
130: 00 64 64 60 B4 00 00 00 00 00 F6 00 00 64 64 60
140: B4 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 FF FF 00 11
170: 03 00 01 00 02 1E 06 1E 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 C6

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 00 00 00 00 00 00 00 00 00 00 00 09 00
010: 00 00 00 00 00 00 00 00 00 00 0C 00 00 00 00 00
020: 00 00 00 00 00 00 94 00 00 00 00 00 00 00 00 00
030: 00 00 95 00 00 00 00 00 00 00 00 00 00 00 A7 00
040: 00 00 00 00 00 00 00 00 00 00 A8 00 00 00 00 00
050: 00 00 00 00 00 00 A9 00 00 00 00 00 00 00 00 00
060: 00 00 AA 00 00 00 00 00 00 00 00 00 00 00 AC 00
070: 00 00 00 00 00 00 00 00 00 00 AD 00 00 00 00 00
080: 00 00 00 00 00 00 B5 00 00 00 00 00 00 00 00 00
090: 00 00 B6 00 00 00 00 00 00 00 00 00 00 00 BB 00
0A0: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
0B0: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
0C0: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C7 00
0D0: 00 00 00 00 00 00 00 00 00 00 DA 00 00 00 00 00
0E0: 00 00 00 00 00 00 E7 00 00 00 00 00 00 00 00 00
0F0: 00 00 E9 00 00 00 00 00 00 00 00 00 00 00 F1 00
100: 00 00 00 00 00 00 00 00 00 00 F2 00 00 00 00 00
110: 00 00 00 00 00 00 F4 00 00 00 00 00 00 00 00 00
120: 00 00 F5 00 00 00 00 00 00 00 00 00 00 00 F6 00
130: 00 00 00 00 00 00 00 00 00 00 F6 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 21

----------------------------------------------------------------------------
(2) WDC WD2005FBYZ-01YCBB2
----------------------------------------------------------------------------
Model : WDC WD2005FBYZ-01YCBB2
Firmware : RR07
Serial Number : WD-WMC6N0J7FSDP
Disk Size : 2000,3 GB (8,4/137,4/2000,3/2000,3)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 3907029168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ACS-3
Minor Version : ACS-3 Revision 4
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 8662 hod.
Power On Count : 1157 krát
Temperature : 33 C (91 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0060h [ON]
AAM Level : ----
Drive Letter : E:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 180 179 _21 000000000F8F Čas na roztočení ploten
04 _99 _99 __0 00000000055B Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 100 200 __0 000000000000 Počet chybných hledání
09 _89 _89 __0 0000000021D6 Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _99 _99 __0 000000000485 Počet cyklů zapnutí zařízení
10 __2 198 __0 001B57BDAFE6 Specifický pro výrobce
B7 100 100 __0 000000000000 Specifický pro výrobce
C0 200 200 __0 00000000007B Počet vypnutí disku
C1 197 197 __0 000000002437 Počet cyklů načítání/vymazání
C2 114 102 __0 000000000021 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 574D 4336 4E30 4A37 4653 4450
020: 0000 0000 0000 5252 3037 2020 2020 5744 4320 5744
030: 3230 3035 4642 595A 2D30 3159 4342 4232 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 5D10
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 2108
070: 0000 0000 0000 0000 0000 001F DD0E 0046 00CC 0040
080: 07FE 006D 706B 7469 6163 7069 B449 6163 207F 0077
090: 0077 0060 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 88B0 E8E0 0000 0000 0000 0000 4000 0000 5001 4EE0
110: AF14 5163 0000 0000 0000 0000 0000 0000 0000 43DC
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 16FE 023F 08B2 0000 0000 0000 0000
140: 0000 0000 0005 0000 5744 4320 4D4F 4445 4C2D 5341
150: 5441 2043 492D 4620 4449 534B 2D55 5352 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0002 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 203D 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 107E 0000 0000 0000 0000 0000 0000 0000
230: 88B0 E8E0 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 29A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 B4 B3 8F 0F 00 00 00 00 00 04 32 00 63 63 5B
020: 05 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 64 C8 00 00 00 00 00 00 00 09 32
040: 00 59 59 D6 21 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 63 63 85 04 00 00 00 00 00 10 22
070: 00 02 C6 E6 AF BD 57 1B 00 00 B7 32 00 64 64 00
080: 00 00 00 00 00 00 C0 32 00 C8 C8 7B 00 00 00 00
090: 00 00 C1 32 00 C5 C5 37 24 00 00 00 00 00 C2 22
0A0: 00 72 66 21 00 00 00 00 00 00 C4 32 00 C8 C8 00
0B0: 00 00 00 00 00 00 C5 32 00 C8 C8 00 00 00 00 00
0C0: 00 00 C6 30 00 64 FD 00 00 00 00 00 00 00 C7 32
0D0: 00 C8 C8 00 00 00 00 00 00 00 C8 08 00 64 FD 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 7B
170: 03 00 01 00 02 D4 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 04 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 0F 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 64 64 64 64 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 10 00
070: 00 00 00 00 00 00 00 00 00 00 B7 00 00 00 00 00
080: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
090: 00 00 C1 00 00 00 00 00 00 00 00 00 00 00 C2 00
0A0: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
0B0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
0C0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
0D0: 00 00 00 00 00 00 00 00 00 00 C8 00 C8 C8 C8 C8
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 26

----------------------------------------------------------------------------
(3) SAMSUNG HD103SJ
----------------------------------------------------------------------------
Model : SAMSUNG HD103SJ
Firmware : 1AJ10001
Serial Number : S246J9GZ601570
Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,2)
Buffer Size : 32767 KB
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 6
Transfer Mode : ---- | SATA/300
Power On Hours : 35064 hod.
Power On Count : 5812 krát
Temperature : 35 C (95 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0000h [OFF]
AAM Level : FE00h [OFF]
Drive Letter : G:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _51 000000000365 Počet chyb čtení
02 252 252 __0 000000000000 Průchodnost disku
03 _70 _69 _25 00000000238B Čas na roztočení ploten
04 _93 _93 __0 000000001CB5 Počet spuštění/zastavení
05 252 252 _10 000000000000 Počet přemapovaných sektorů
07 252 252 _51 000000000000 Počet chybných hledání
08 252 252 _15 000000000000 Čas potřebný na vyhledání
09 100 100 __0 0000000088F8 Hodin v činnosti
0A 252 252 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000001 Počet pokusů o překalibrování
0C _95 _95 __0 0000000016B4 Počet cyklů zapnutí zařízení
BF 100 100 __0 00000000033E Počet udalostí zaznamenaných otřesovým senzorem
C0 252 252 __0 000000000000 Počet vypnutí disku
C2 _64 _54 __0 002E000F0023 Teplota
C3 100 100 __0 000000000000 Počet oprav chybného čtení
C4 252 252 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 252 252 __0 000000000000 Počet podezřelých sektorů
C6 252 252 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 100 __0 000000001C07 Počet chyb při zápisu sektorů
DF 100 100 __0 000000000001 Zatížení budiče magnetických hlav způsobené opakovanými úkony
E1 100 100 __0 000000001CF6 Počet cyklů načítání/vymazání

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 5332 3436 4A39 475A 3630 3135 3730 2020 2020 2020
020: 0000 FFFF 0050 3141 4A31 3030 3031 5341 4D53 554E
030: 4720 4844 3130 3353 4A20 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1706 0000 004C 0040
080: 01FF 0028 746B 7F69 4123 7469 BC41 4123 207F 0048
090: 0048 0000 FFFE 0000 FE00 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 4000 0000 5002 4E92
110: 02B6 0185 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0002 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 101F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0400 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 C7A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 64 64 65 03 00 00 00 00 00 02 26
010: 00 FC FC 00 00 00 00 00 00 00 03 23 00 46 45 8B
020: 23 00 00 00 00 00 04 32 00 5D 5D B5 1C 00 00 00
030: 00 00 05 33 00 FC FC 00 00 00 00 00 00 00 07 2E
040: 00 FC FC 00 00 00 00 00 00 00 08 24 00 FC FC 00
050: 00 00 00 00 00 00 09 32 00 64 64 F8 88 00 00 00
060: 00 00 0A 32 00 FC FC 00 00 00 00 00 00 00 0B 32
070: 00 64 64 01 00 00 00 00 00 00 0C 32 00 5F 5F B4
080: 16 00 00 00 00 00 BF 22 00 64 64 3E 03 00 00 00
090: 00 00 C0 22 00 FC FC 00 00 00 00 00 00 00 C2 02
0A0: 00 40 36 23 00 0F 00 2E 00 00 C3 3A 00 64 64 00
0B0: 00 00 00 00 00 00 C4 32 00 FC FC 00 00 00 00 00
0C0: 00 00 C5 32 00 FC FC 00 00 00 00 00 00 00 C6 30
0D0: 00 FC FC 00 00 00 00 00 00 00 C7 36 00 C8 C8 00
0E0: 00 00 00 00 00 00 C8 2A 00 64 64 07 1C 00 00 00
0F0: 00 00 DF 32 00 64 64 01 00 00 00 00 00 00 E1 32
100: 00 64 64 F6 1C 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 64 23 00 5B
170: 03 00 01 00 02 97 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 AE

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 00 00 00 00 00 00 00 00 00 00 02 00
010: 00 00 00 00 00 00 00 00 00 00 03 19 00 00 00 00
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00
030: 00 00 05 0A 00 00 00 00 00 00 00 00 00 00 07 33
040: 00 00 00 00 00 00 00 00 00 00 08 0F 00 00 00 00
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
060: 00 00 0A 33 00 00 00 00 00 00 00 00 00 00 0B 00
070: 00 00 00 00 00 00 00 00 00 00 0C 00 00 00 00 00
080: 00 00 00 00 00 00 BF 00 00 00 00 00 00 00 00 00
090: 00 00 C0 00 00 00 00 00 00 00 00 00 00 00 C2 00
0A0: 00 00 00 00 00 00 00 00 00 00 C3 00 00 00 00 00
0B0: 00 00 00 00 00 00 C4 00 00 00 00 00 00 00 00 00
0C0: 00 00 C5 00 00 00 00 00 00 00 00 00 00 00 C6 00
0D0: 00 00 00 00 00 00 00 00 00 00 C7 00 00 00 00 00
0E0: 00 00 00 00 00 00 C8 00 00 00 00 00 00 00 00 00
0F0: 00 00 DF 00 00 00 00 00 00 00 00 00 00 00 E1 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3B

----------------------------------------------------------------------------
(4) WDC WD30EZRX-00D8PB0
----------------------------------------------------------------------------
Model : WDC WD30EZRX-00D8PB0
Firmware : 80.00A80
Serial Number : WD-WCC4N0179706
Disk Size : 3000,5 GB (8,4/137,4/3000,5/3000,5)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 5860533168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ACS-2
Minor Version : ----
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 22507 hod.
Power On Count : 3582 krát
Temperature : 35 C (95 F)
Health Status : Dobrý
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----
Drive Letter : D:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 171 170 _21 000000001919 Čas na roztočení ploten
04 _96 _96 __0 0000000012E3 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 100 253 __0 000000000000 Počet chybných hledání
09 _70 _70 __0 0000000057EB Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _97 _97 __0 000000000DFE Počet cyklů zapnutí zařízení
C0 199 199 __0 000000000470 Počet vypnutí disku
C1 _93 _93 __0 00000004F098 Počet cyklů načítání/vymazání
C2 115 103 __0 000000000023 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 __0 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5743 4334 4E30 3137 3937 3036
020: 0000 0000 0000 3830 2E30 3041 3830 5744 4320 5744
030: 3330 455A 5258 2D30 3044 3850 4230 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 970E 0006 004C 0040
080: 03FE 0000 746B 7D61 4123 7469 BC41 4123 207F 00DA
090: 00DA 0000 FFFE 0000 0000 0000 0000 0000 0000 0000
100: A3B0 5D50 0001 0000 0000 0000 6003 0000 5001 4EE2
110: 094B D8B3 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0400
130: 0001 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 7035 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 103E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 E8A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 AB AA 19 19 00 00 00 00 00 04 32 00 60 60 E3
020: 12 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 64 FD 00 00 00 00 00 00 00 09 32
040: 00 46 46 EB 57 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 61 61 FE 0D 00 00 00 00 00 C0 32
070: 00 C7 C7 70 04 00 00 00 00 00 C1 32 00 5D 5D 98
080: F0 04 00 00 00 00 C2 22 00 73 67 23 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 C8 C8 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 08 00 C8 C8 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 84 00 50 A0 01 7B
170: 03 00 01 00 02 FF 05 9C 01 00 00 00 00 00 00 00
180: 00 00 01 06 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 F1

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 C8 C8 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 64 64 64 64 64 64 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 C8 C8 C8 C8 C8 C8 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 05

----------------------------------------------------------------------------
(5) KINGSTON SH103S3120G
----------------------------------------------------------------------------
Model : KINGSTON SH103S3120G
Firmware : 521ABBF0
Serial Number : 50026B724508DBDD
Disk Size : 120,0 GB (8,4/120,0/120,0/120,0)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 234441648
Rotation Rate : ---- (SSD)
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ACS-2 Revision 3
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 20531 hod.
Power On Count : 3289 krát
Host Reads : 31673 GB
Host Writes : 49558 GB
Temperature : 35 C (95 F)
Health Status : Dobrý (89 %)
Features : S.M.A.R.T., APM, 48bit LBA, NCQ, TRIM
APM Level : 00FEh [ON]
AAM Level : ----
Drive Letter : C:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr Raw Values (7) Attribute Name
01 _95 _95 _50 00000004D4BC43 Raw Read Error Rate
05 100 100 __3 00000000000000 Retired Block Count
09 _77 _77 __0 3031DA00005033 Power-on Hours
0C _97 _97 __0 00000000000CD9 Power Cycle Count
AB __0 __0 __0 00000000000000 Program Fail Count
AC __0 __0 __0 00000000000000 Erase Fail Count
AE __0 __0 __0 0000000000014F Unexpected Power Loss Count
B1 __0 __0 __0 00000000000004 Wear Range Delta
B5 __0 __0 __0 00000000000000 Program Fail Count
B6 __0 __0 __0 00000000000000 Erase Fail Count
BB 100 100 __0 00000000000000 Reported Uncorrectable Errors
BD _35 _51 __0 00001000330023 Specifický pro výrobce
C2 _35 _51 __0 00001000330023 Temperature
C3 120 120 __0 00000004D4BC43 On-the-Fly ECC Uncorrectable Error Count
C4 100 100 __3 00000000000000 Reallocation Event Count
C9 120 120 __0 00000004D4BC43 Uncorrectable Soft Read Error Rate
CC 120 120 __0 00000004D4BC43 Soft ECC Correction Rate
E6 100 100 __0 00000000000064 Life Curve Status
E7 _89 _89 _10 00000000000000 SSD Life Left
E9 __0 __0 __0 0000000000D302 Specifický pro výrobce
EA __0 __0 __0 0000000000C196 Specifický pro výrobce
F1 __0 __0 __0 0000000000C196 Lifetime Writes from Host
F2 __0 __0 __0 00000000007BB9 Lifetime Reads from Host

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 3530 3032 3642 3732 3435 3038 4442 4444 2020 2020
020: 0000 0000 0004 3532 3141 4242 4630 4B49 4E47 5354
030: 4F4E 2053 4831 3033 5333 3132 3047 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4001 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: 4BB0 0DF9 0000 0007 0003 0078 0078 0078 0078 0F08
070: 0000 0000 0000 0000 0000 001F 950E 0006 004C 0040
080: 01FC 0110 746B 7569 6163 7429 B449 6163 207F 0001
090: 0001 00FE FFFE 0000 0000 0000 0000 0000 0000 0000
100: 4BB0 0DF9 0000 0000 0000 0001 4000 0000 5002 6B72
110: 4508 DBDD 0000 0000 0000 0000 0000 0000 0000 405A
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0001
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0025 0000 0000 4000
210: 0000 0000 0100 0000 0000 0000 0000 0001 0000 0000
220: 0000 0000 103F 0000 0000 0000 0000 0000 0000 0000
230: 4BB0 0DF9 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 D7A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 33 00 5F 5F 43 BC D4 04 00 00 00 05 33
010: 00 64 64 00 00 00 00 00 00 00 09 32 00 4D 4D 33
020: 50 00 00 DA 31 30 0C 32 00 61 61 D9 0C 00 00 00
030: 00 00 AB 0A 00 00 00 00 00 00 00 00 00 00 AC 32
040: 00 00 00 00 00 00 00 00 00 00 AE 30 00 00 00 4F
050: 01 00 00 00 00 00 B1 00 00 00 00 04 00 00 00 00
060: 00 00 B5 0A 00 00 00 00 00 00 00 00 00 00 B6 32
070: 00 00 00 00 00 00 00 00 00 00 BB 12 00 64 64 00
080: 00 00 00 00 00 00 BD 00 00 23 33 23 00 33 00 10
090: 00 00 C2 22 00 23 33 23 00 33 00 10 00 00 C3 1C
0A0: 00 78 78 43 BC D4 04 00 00 00 C4 33 00 64 64 00
0B0: 00 00 00 00 00 00 C9 1C 00 78 78 43 BC D4 04 00
0C0: 00 00 CC 1C 00 78 78 43 BC D4 04 00 00 00 E6 13
0D0: 00 64 64 64 00 00 00 00 00 00 E7 13 00 59 59 00
0E0: 00 00 00 00 00 00 E9 32 00 00 00 02 D3 00 00 00
0F0: 00 00 EA 32 00 00 00 96 C1 00 00 00 00 00 F1 32
100: 00 00 00 96 C1 00 00 00 00 00 F2 32 00 00 00 B9
110: 7B 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 79
170: 03 00 01 00 01 24 02 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 7F

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 32 00 00 00 00 00 00 00 00 00 00 05 03
010: 00 00 00 00 00 00 00 00 00 00 09 00 00 00 00 00
020: 00 00 00 00 00 00 0C 00 00 00 00 00 00 00 00 00
030: 00 00 AB 00 00 00 00 00 00 00 00 00 00 00 AC 00
040: 00 00 00 00 00 00 00 00 00 00 AE 00 00 00 00 00
050: 00 00 00 00 00 00 B1 00 00 00 00 00 00 00 00 00
060: 00 00 B5 00 00 00 00 00 00 00 00 00 00 00 B6 00
070: 00 00 00 00 00 00 00 00 00 00 BB 00 00 00 00 00
080: 00 00 00 00 00 00 BD 00 00 00 00 00 00 00 00 00
090: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C3 00
0A0: 00 00 00 00 00 00 00 00 00 00 C4 03 00 00 00 00
0B0: 00 00 00 00 00 00 C9 00 00 00 00 00 00 00 00 00
0C0: 00 00 CC 00 00 00 00 00 00 00 00 00 00 00 E6 00
0D0: 00 00 00 00 00 00 00 00 00 00 E7 0A 00 00 00 00
0E0: 00 00 00 00 00 00 E9 00 00 00 00 00 00 00 00 00
0F0: 00 00 EA 00 00 00 00 00 00 00 00 00 00 00 F1 00
100: 00 00 00 00 00 00 00 00 00 00 F2 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 9F

Příspěvekod **jaro3** » 19 bře 2020 18:48

Systém máš na prvním nebo pátém disku?
ten pátý to eviduje:
0000000000014F Unexpected Power Loss Count

Sophos Virus Removal Tool je praktický softwarový nástroj, který by mohl odstranit infekce, které antivirový program nedetekuje .
Stáhněte si ho zde z některého odkazu:
http://www.majorgeeks.com/files/details ... _tool.html
http://www.majorgeeks.com/mg/get/sophos ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,2.html

Viry mohou zpomalit počítač, nebo se snaží ukrást vaše data, a ani nevíte , že je máte. Co potřebujete, je rychlý a snadný způsob, jak je najít a zbavit se jich, pokud již máte antivirový program v počítači nainstalován , můžete nainstalovat i nástroj Sophos Virus Removal , který identifikuje a vyčistí zbylé infekce, které mohl Váš antivirový program přehlédnout.
K použití Sophos Virus Removal Tool na něj poklepejte a stiskněte tlačítko „Start scanning“ . Pak bude Sophos Virus Removal Tool vyhledávat a odstraňovat viry, které najde. Může být vyžadován restart.
Pokud byly nalezeny viry , tak po skenu klikni na „Details…“ a potom na „View log file“. Zkopíruj celý log a vlož ho sem. Potom zavři „threat detail“ a klikni na „Start cleanup“.
Jinak se log nachází zde:
C:\ProgramData\Sophos\Sophos Virus Removal Tool\Logs

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.adlice.com/download/roguekil ... HlwZT14ODY
64bit.:
http://www.adlice.com/download/roguekil ... HlwZT14NjQ
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7,8,10 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“
- Program skenuje procesy PC. Po proskenování klikni na „Open Report “ , v okně pak na „Open TXT“ a celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků

další odkazy:
http://www.adlice.com/download/roguekiller/
http://www.bleepingcomputer.com/download/roguekiller/

kedar700 · Příspěvekod **kedar700** » 20 bře 2020 11:52

ano na 5. disku mam System

Sophus nenašel nic a ten log jsem ve složce nenašel

RogueKiller Anti-Malware V14.2.1.0 (x64) [Feb 24 2020] (Free) by Adlice Software
mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.18363) 64 bits
Started in : Normal mode
User : kedar [Administrator]
Started from : D:\Sta?ené Soubory\RogueKiller_portable64(3).exe
Signatures : 20200319_094951, Driver : Loaded
Mode : Standard Scan, Scan -- Date : 2020/03/20 11:39:41 (Duration : 00:08:50)

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

Příspěvekod **jaro3** » 20 bře 2020 18:35

Vypni antivir i firewall.
Stáhni Zoek.exe
http://download.bleepingcomputer.com/smeenk/zoek.exe

Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
-pozor , náběh programu může trvat déle.
Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log Zkopíruj sem celý obsah toho logu.
Pokud budou problémy , spusť zoek v nouz. režimu.

Stáhni si Zemana AntiMalware Free z tohoto odkazu:
https://www.zemana.com/Download/AntiMal ... .Setup.exe
a ulož si ho na plochu.
Poklepej na tento soubor na ploše a postupuj podle pokynů k instalaci programu.
Přijmi licenci k používání programu EULA , pokud se nabídne.
Pokud je k dispozici aktualizace programu , klepni na tlačítko „Update now“ ( aktualizovat nyní).
Můžeš si zatrhnout i vytvoření bodu obnovy:
Klikni na ozubené kolečko , poté na „Skenování“ a zatrhni „vytvářet body obnovy“.
Vrať se zpět ( klikni na domeček).
Zavři všechny otevřené soubory, složky a prohlížeče
Neměň žádné nastavení. Klikni na „Skenovat“.
Po skenu lze vidět , zda jsou nějaké nákazy. Klikni na „Další“. Nákazy budou přemístěny do karantény.
Když je skenování dokončeno, objeví se tisková zpráva , zkopíruj sem celý obsah té zprávy.
Jinak můžeš zprávy vidět , když klikneš vpravo nahoře na „ zprávy“.

Protokol událostí
Ovládací panely->Nástroje pro správu->Prohlížeč událostí->Protokoly systému Windows->klikni pravým myšítkem na protokol Systém, zvol Uložit všechny události jako a ulož to jako .evtx soubor. Ten upni na http://www.leteckaposta.cz

kedar700 · Příspěvekod **kedar700** » 23 bře 2020 12:11

http://leteckaposta.cz/669087770

Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by kedar on 23.03.2020 at 11:33:49,71.
Microsoft Windows 10 Home 10.0.18363 x64
Running in: Normal Mode Internet Access Detected
Launched: D:\Stažené Soubory\zoek(3).exe [Scan all users] [Script inserted]

==== System Restore Info ======================

23.03.2020 11:38:08 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~3\dbg deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\PROGRA~3\ssh deleted successfully
C:\Users\kedar\AppData\Roaming\Publish Providers deleted successfully
C:\Users\kedar\AppData\Local\DBG deleted successfully
C:\Users\kedar\AppData\Local\GHISLER deleted successfully
C:\Users\kedar\AppData\Local\Notepad++ deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\DBG deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Packages deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2983971154-1911877019-4149143616-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ABB24112-514B-42D1-B201-D5EBE9645C70} deleted successfully
HKEY_USERS\S-1-5-21-2983971154-1911877019-4149143616-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E13D6A6B-C339-4DB5-B955-5BBF496209B4} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\kedar\AppData\Roaming\Mozilla\Firefox\Profiles\hpikgdpu.default\prefs.js:
user_pref("browser.startup.homepage", "https://www.google.cz/");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\kedar\AppData\Roaming\Mozilla\Firefox\Profiles\hpikgdpu.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\kedar\AppData\Roaming\Mozilla\Firefox\Profiles\lq14w118.default-1522607936553\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Added to C:\Users\kedar\AppData\Roaming\Mozilla\Firefox\Profiles\lq14w118.default-1522607936553\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\kedar\AppData\Roaming\Mozilla\Firefox\Profiles\nqbl1xsv.default-1581607266712\prefs.js:
user_pref("browser.startup.homepage", "https://www.google.cz/");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\kedar\AppData\Roaming\Mozilla\Firefox\Profiles\nqbl1xsv.default-1581607266712\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\kedar\AppData\Roaming\Mozilla\Firefox\Profiles\hpikgdpu.default

user.js not found
---- Lines searchengine removed from prefs.js ----
user_pref("browser.pageActions.persistedActions", "{\"version\":1,\"ids\":[\"bookmark\",\"pinTab\",\"bookmarkSeparator\",\"copyURL\",\"emailLink\",\"a
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 0);
---- FireFox user.js and prefs.js backups ----

prefs__1157_.backup

ProfilePath: C:\Users\kedar\AppData\Roaming\Mozilla\Firefox\Profiles\lq14w118.default-1522607936553

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs__1157_.backup

ProfilePath: C:\Users\kedar\AppData\Roaming\Mozilla\Firefox\Profiles\nqbl1xsv.default-1581607266712

user.js not found
---- Lines searchengine removed from prefs.js ----
user_pref("browser.pageActions.persistedActions", "{\"version\":1,\"ids\":[\"bookmark\",\"pinTab\",\"bookmarkSeparator\",\"copyURL\",\"emailLink\",\"a
---- Lines searches removed from prefs.js ----
user_pref("browser.urlbar.suggest.searches", false);
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 0);
---- FireFox user.js and prefs.js backups ----

prefs__1157_.backup

==== Deleting Files \ Folders ======================

C:\Users\kedar\AppData\Roaming\Discord deleted
C:\Users\kedar\AppData\Roaming\GitHub Desktop deleted
C:\Users\kedar\.android deleted
C:\PROGRA~2\COMMON~1\Wondershare deleted
C:\PROGRA~3\Wondershare Video Editor deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\kedar\AppData\Local\oobelibMkey.log deleted
C:\Users\kedar\AppData\Local\PlariumPlay.log deleted
C:\Users\kedar\AppData\Local\Wondershare deleted
C:\Users\kedar\AppData\Local\cache deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-126c-4d84-a243e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-126c-4d84-a2450.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-126c-4d84-a2452.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-126c-4d84-a2454.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-126c-4d84-a2456.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-126c-4d84-a2467.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-126c-4d84-a2469.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-126c-4d84-a246b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-126c-4d84-a246d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-126c-4d84-a248f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-126c-4d84-a2491.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-126c-4d84-a2493.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-126c-4d84-a2495.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-126c-4d84-a2497.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-126c-4d84-a24a8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-126c-4d84-a24aa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-126c-4d84-a24ac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-126c-4d84-a24ae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-126c-4d84-a24c0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12fc-12f8-8d2625.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12fc-12f8-8d2627.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12fc-12f8-8d2629.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12fc-12f8-8d262b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12fc-12f8-8d263d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12fc-12f8-8d263f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12fc-12f8-8d2641.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12fc-12f8-8d2643.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12fc-12f8-8d2645.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12fc-12f8-8d2656.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12fc-12f8-8d2658.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12fc-12f8-8d265a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12fc-12f8-8d265c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12fc-12f8-8d265e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12fc-12f8-8d2670.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12fc-12f8-8d2672.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12fc-12f8-8d2674.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12fc-12f8-8d2676.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12fc-12f8-8d2688.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f00-c08-12165c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f00-c08-12165e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f00-c08-121670.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f00-c08-121672.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f00-c08-121674.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f00-c08-121676.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f00-c08-121688.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f00-c08-12168a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f00-c08-12168c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f00-c08-12168e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f00-c08-121690.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f00-c08-1216a1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f00-c08-1216a3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f00-c08-1216a5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f00-c08-1216a7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f00-c08-1216b9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f00-c08-1216bb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f00-c08-1216bd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f00-c08-1216bf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f58-1fe8-a701c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f58-1fe8-a701e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f58-1fe8-a7020.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f58-1fe8-a7032.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f58-1fe8-a7034.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f58-1fe8-a7036.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f58-1fe8-a7038.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f58-1fe8-a7049.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f58-1fe8-a704b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f58-1fe8-a704d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f58-1fe8-a704f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f58-1fe8-a7061.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f58-1fe8-a7063.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f58-1fe8-a7065.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f58-1fe8-a7067.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f58-1fe8-a7078.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f58-1fe8-a707a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f58-1fe8-a707c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f58-1fe8-a707e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3158-4d2c-982ce.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3158-4d2c-982e0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3158-4d2c-982e2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3158-4d2c-982e4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3158-4d2c-982e6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3158-4d2c-982f7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3158-4d2c-982f9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3158-4d2c-9832a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3158-4d2c-9832c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3158-4d2c-9834d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3158-4d2c-9834f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3158-4d2c-98361.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3158-4d2c-98373.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3158-4d2c-98375.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3158-4d2c-98377.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3158-4d2c-98379.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3158-4d2c-9838a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3158-4d2c-9838c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3158-4d2c-9838e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3184-240-2ee482.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3184-240-2ee484.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3184-240-2ee495.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3184-240-2ee497.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3184-240-2ee499.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3184-240-2ee49b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3184-240-2ee49d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3184-240-2ee4af.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3184-240-2ee4b1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3184-240-2ee4b3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3184-240-2ee4b5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3184-240-2ee4b7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3184-240-2ee4c9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3184-240-2ee4cb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3184-240-2ee4cd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3184-240-2ee4cf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3184-240-2ee4e0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3184-240-2ee4e2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3184-240-2ee4e4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3d08-24fc-fdeaad.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3d08-24fc-fdeaaf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3d08-24fc-fdeac1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3d08-24fc-fdead2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3d08-24fc-fdead4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3d08-24fc-fdeae6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3d08-24fc-fdeaf7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3d08-24fc-fdebb5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3d08-24fc-fdebb7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3d08-24fc-fdebc9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3d08-24fc-fdebcb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3d08-24fc-fdebdc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3d08-24fc-fdebde.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3d08-24fc-fdebff.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3d08-24fc-fdec01.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3d08-24fc-fdec13.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3d08-24fc-fdec25.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3d08-24fc-fdec36.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3d08-24fc-fdec48.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4d58-598-40694f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4d58-598-406951.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4d58-598-406953.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4d58-598-406965.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4d58-598-406967.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4d58-598-406969.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4d58-598-40696b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4d58-598-40696d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4d58-598-40697e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4d58-598-406980.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4d58-598-406982.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4d58-598-406984.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4d58-598-406996.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4d58-598-406998.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4d58-598-40699a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4d58-598-40699c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4d58-598-40699e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4d58-598-4069b0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4d58-598-4069b2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4dd8-51f8-9faad.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4dd8-51f8-9faaf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4dd8-51f8-9fab1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4dd8-51f8-9fab3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4dd8-51f8-9fac5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4dd8-51f8-9fac7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4dd8-51f8-9fac9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4dd8-51f8-9facb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4dd8-51f8-9facd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4dd8-51f8-9fadf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4dd8-51f8-9fae1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4dd8-51f8-9fae3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4dd8-51f8-9fae5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4dd8-51f8-9fae7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4dd8-51f8-9faf8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4dd8-51f8-9fafa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4dd8-51f8-9fafc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4dd8-51f8-9fafe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4dd8-51f8-9fb00.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52d8-3fcc-11e2c9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52d8-3fcc-11e2cb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52d8-3fcc-11e2cd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52d8-3fcc-11e2cf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52d8-3fcc-11e2e1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52d8-3fcc-11e2e3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52d8-3fcc-11e2e5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52d8-3fcc-11e2e7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52d8-3fcc-11e2f9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52d8-3fcc-11e2fb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52d8-3fcc-11e2fd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52d8-3fcc-11e2ff.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52d8-3fcc-11e301.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52d8-3fcc-11e312.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52d8-3fcc-11e314.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52d8-3fcc-11e316.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52d8-3fcc-11e318.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52d8-3fcc-11e31a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52d8-3fcc-11e32c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52dc-4b90-1f4b553.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52dc-4b90-1f4b565.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52dc-4b90-1f4b567.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52dc-4b90-1f4b569.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52dc-4b90-1f4b56b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52dc-4b90-1f4b56d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52dc-4b90-1f4b57f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52dc-4b90-1f4b581.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52dc-4b90-1f4b583.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52dc-4b90-1f4b585.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52dc-4b90-1f4b587.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52dc-4b90-1f4b598.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52dc-4b90-1f4b59a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52dc-4b90-1f4b59c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52dc-4b90-1f4b59e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52dc-4b90-1f4b5a0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52dc-4b90-1f4b5b2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52dc-4b90-1f4b5b4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-52dc-4b90-1f4b5b6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5738-509c-104ac4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5738-509c-104ad6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5738-509c-104ad8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5738-509c-104ada.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5738-509c-104adc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5738-509c-104aed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5738-509c-104aef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5738-509c-104af1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5738-509c-104af3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5738-509c-104b05.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5738-509c-104b07.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5738-509c-104b09.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5738-509c-104b0b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5738-509c-104b1d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5738-509c-104b1f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5738-509c-104b21.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5738-509c-104b23.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5738-509c-104b25.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5738-509c-104b36.tmp deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare deleted
C:\Users\kedar\AppData\LocalLow\Unity deleted
C:\Users\kedar\AppData\Roaming\Mozilla\Firefox\Profiles\nqbl1xsv.default-1581607266712\extensions\firefox@betterttv.net.xpi deleted
"C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\oobelibMkey.log" not deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\kedar\AppData\Roaming\Mozilla\Firefox\Profiles\hpikgdpu.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\kedar\AppData\Roaming\Mozilla\Firefox\Profiles\lq14w118.default-1522607936553
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\kedar\AppData\Roaming\Mozilla\Firefox\Profiles\nqbl1xsv.default-1581607266712
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\kedar\AppData\Roaming\Mozilla\Firefox\Profiles\hpikgdpu.default
- __MSG_avastAppName__ - %ProfilePath%\extensions\sp@avast.com.xpi
- Avast Online Security - %ProfilePath%\extensions\wrc@avast.com.xpi
- short_ __MSG_name__ - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

ProfilePath: C:\Users\kedar\AppData\Roaming\Mozilla\Firefox\Profiles\lq14w118.default-1522607936553
- short_ FFZ - %ProfilePath%\extensions\frankerfacez@frankerfacez.com.xpi
- short_ passwords - %ProfilePath%\extensions\jid1-r1tDuNiNb4SEww@jetpack.xpi
- Avast Online Security - %ProfilePath%\extensions\wrc@avast.com.xpi
- short_ __MSG_name__ - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

ProfilePath: C:\Users\kedar\AppData\Roaming\Mozilla\Firefox\Profiles\nqbl1xsv.default-1581607266712
- short_ FFZ - %ProfilePath%\extensions\frankerfacez@frankerfacez.com.xpi
- short_ __MSG_name__ - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\kedar\AppData\Roaming\Mozilla\Firefox\Profiles\hpikgdpu.default
- C:\Windows\system32\Macromed\Flash\NPSWF64_29_0_0_113.dll - [?]
- C:\Program Files x86\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll - [?]
- C:\Program Files x86\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll - [?]

Profilepath: C:\Users\kedar\AppData\Roaming\Mozilla\Firefox\Profiles\lq14w118.default-1522607936553
- C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_142.dll - [?]
- C:\Program Files x86\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll - [?]
- C:\Program Files x86\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll - [?]

Profilepath: C:\Users\kedar\AppData\Roaming\Mozilla\Firefox\Profiles\nqbl1xsv.default-1581607266712
- C:\Program Files x86\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll - [?]
- C:\Program Files x86\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll - [?]

==== Chromium Look ======================

Google Chrome Version: 80.0.3987.149

Auto Refresh - kedar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifooldnmmcmlbdennkpdnlnbgbmfalko
Chrome Media Router - kedar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02

==== Reset Google Chrome ======================

C:\Users\kedar\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\kedar\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\kedar\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\kedar\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\kedar\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\kedar\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\kedar\AppData\Local\Mozilla\Firefox\Profiles\nqbl1xsv.default-1581607266712\cache2 emptied successfully

==== Empty Edge Cache ======================

Edge Cache Emptied Successfully

==== Empty Chrome Cache ======================

C:\Users\kedar\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=5449 folders=604 630795810 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\kedar\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\kedar\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\oobelibMkey.log" not deleted

==== EOF on 23.03.2020 at 12:05:41,45 ======================

Informace o kontroly
Název produktu : Zemana AntiMalware
Stav kontroly : Dokončena
Datum kontroly : 23.03.2020 12:08:03
Typ kontroly : Inteligentní kontrola
Čas trvání : 00:00:16
Zkontrolované objekty : 2671
Zjištěné objekty : 4
Vyloučené objekty : 0
Automatické odesílání : Ano
Operační systém : Windows 10 x64
Procesor : 8X Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
Režim systému BIOS : UEFI
Informace o doméně : WORKGROUP,False,NetSetupWorkgroupName
CUID : 12A128054FC0BD8C9B6786

Odhalení
MD5 : EE609340B62BEE688145F599225A47D3
Stav : Zkontrolováno
Objekt : e:\steam\steamapps\common\wallpaper_engine\bin\cuesdk.x64_2015.dll
Vydavatel : Corsair Memory, Inc.
Velikost : 471080
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : AD3E665B2CDBABD39052B312C7BA59A9
Stav : Zkontrolováno
Objekt : e:\steam\steamapps\common\wallpaper_engine\plugins\led\ledextensions64.dll
Vydavatel : Kristjan Skutta
Velikost : 1388024
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : E973BDBD46279B12D765624F48297B77
Stav : Zkontrolováno
Objekt : e:\steam\steamapps\common\wallpaper_engine\bin\shellhook64.dll
Vydavatel : Kristjan Skutta
Velikost : 834552
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------
MD5 : FA88DE56784ABA9E1E0BF09AA56D7FB8
Stav : Zkontrolováno
Objekt : e:\steam\steamapps\common\wallpaper_engine\wallpaper64.exe
Vydavatel : Kristjan Skutta
Velikost : 3374584
Odhalení : Suspicious:SRC!P
Akce : Karanténa
-----------------------------------------------------------------------

Příspěvekod **jaro3** » 23 bře 2020 21:26

Popis ID události 10016 ze zdroje Microsoft-Windows-DistributedCOM nebyl nalezen. Součást, která tuto událost vyvolává, buď není v místním počítači nainstalována, nebo je její instalace porušená. Můžete tuto součást opravit nebo nainstalovat do místního počítače.

Popis ID události 12 ze zdroje VBoxNetLwf nebyl nalezen. Součást, která tuto událost vyvolává, buď není v místním počítači nainstalována, nebo je její instalace porušená. Můžete tuto součást opravit nebo nainstalovat do místního počítače.

Do systému byla nainstalována služba.

Název služby: PEVSystemStart
Název souboru služby: "C:\Users\kedar\AppData\Local\Temp\PEVZ.EXE" EXEC /i REG.EXE DELETE "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BrowserProtect" /f
Typ služby: služba v uživatelském režimu
Typ spouštění služby: automatické spouštění
Účet služby: LocalSystem

Popis ID události 16 ze zdroje Microsoft-Windows-Kernel-General nebyl nalezen. Součást, která tuto událost vyvolává, buď není v místním počítači nainstalována, nebo je její instalace porušená. Můžete tuto součást opravit nebo nainstalovat do místního počítače.

: Integrovaný řadič vrátil data, i když žádná nebyla požadována. Systém BIOS se pravděpodobně pokouší o přístup k integrovanému řadiči bez synchronizace s operačním systémem. Tato data budou ignorována. Není třeba provádět žádnou akci. Přesto byste měli zjistit, zda výrobce počítače nemá k dispozici upgrade systému BIOS.

Nepodařilo se načíst ovladač \Driver\WudfRd pro zařízení ACPI\PNP0A0A\2&daba3ff&0.

Popis ID události 12 ze zdroje Microsoft-Windows-UserModePowerService nebyl nalezen. Součást, která tuto událost vyvolává, buď není v místním počítači nainstalována, nebo je její instalace porušená. Můžete tuto součást opravit nebo nainstalovat do místního počítače.

Možná bys měl upragovat BIOS , nebo resetovat.
Taky na čas odpojit zbývající disky a nechat pouze ten systémový.

Aktualizuješ systém? Něco tam chybí , můžeš použít Windows 10 Manager , mohl by to opravit.

Vlož nový log z HJT

Vypni antivir i firewall.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
další odkaz:
http://www.bleepingcomputer.com/downloa ... scan-tool/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

kedar700 · Příspěvekod **kedar700** » 24 bře 2020 13:31

Upgradnul jsem na nejnovější BIOS a zkusil jsem ten windows 10 manager ale je tam hodně možnosti tak jsem dal ty zakladni opravy.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-03-2020
Ran by kedar (administrator) on KJODAR (ASUS All Series) (24-03-2020 13:25:29)
Running from D:\Stažené Soubory
Loaded Profiles: kedar (Available Profiles: kedar)
Platform: Windows 10 Home Version 1909 18363.720 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\agshelper.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\EPUShortCut.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.01\AsusFanControlService.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Elaborate Bytes AG -> Elaborate Bytes AG) D:\VirtualCloneDrive\VCDDaemon.exe
(Electronic Arts, Inc. -> Electronic Arts) D:\Origin\OriginWebHelperService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Kristjan Skutta -> ) E:\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe
(Logitech, Inc. -> ) C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Logitech, Inc. -> Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(LogMeIn, Inc. -> LogMeIn Inc.) D:\hamachi\hamachi-2-ui.exe
(LogMeIn, Inc. -> LogMeIn Inc.) D:\hamachi\x64\hamachi-2.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) D:\hamachi\LMIGuardianSvc.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) D:\hamachi\x64\LMIGuardianSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\kedar\AppData\Local\Microsoft\OneDrive\19.232.1124.0010\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\kedar\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2003.1001.4.0_x64__8wekyb3d8bbwe\app\Xbox.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2003.1001.4.0_x64__8wekyb3d8bbwe\app\Xbox.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2003.1001.4.0_x64__8wekyb3d8bbwe\app\Xbox.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2003.1001.4.0_x64__8wekyb3d8bbwe\app\XboxAppServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12003.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.38.25003.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.38.25003.0_x64__8wekyb3d8bbwe\GameBarFT.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.38.25003.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20012.135.0_x64__8wekyb3d8bbwe\YourPhoneServer\YourPhoneServer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20022.11011.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Surround\Driver\RzSurroundVADStreamingService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe
(Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Spotify AB -> Spotify Ltd) C:\Users\kedar\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\kedar\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\kedar\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\kedar\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\kedar\AppData\Roaming\Spotify\Spotify.exe
(uTorrent.CZ -> BitTorrent, Inc.) [File not signed] C:\Users\kedar\AppData\Roaming\uTorrent\utorrent.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) E:\Steam\steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8822528 2018-01-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [277664 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [598200 2019-06-12] (Razer USA Ltd. -> Razer Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => D:\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG -> Elaborate Bytes AG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2623032 2019-07-05] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-12] (Logitech, Inc. -> Logitech Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\hamachi\hamachi-2-ui.exe [5890504 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [5160248 2020-01-31] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
HKU\S-1-5-21-2983971154-1911877019-4149143616-1001\...\Run: [Steam] => E:\Steam\steam.exe [3370272 2020-03-24] (Valve -> Valve Corporation)
HKU\S-1-5-21-2983971154-1911877019-4149143616-1001\...\Run: [EADM] => D:\Origin\Origin.exe [3137808 2020-03-24] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-2983971154-1911877019-4149143616-1001\...\Run: [Spotify] => C:\Users\kedar\AppData\Roaming\Spotify\Spotify.exe [22907112 2020-03-24] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2983971154-1911877019-4149143616-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3508464 2020-01-07] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-2983971154-1911877019-4149143616-1001\...\Run: [uTorrent] => C:\Users\kedar\AppData\Roaming\uTorrent\utorrent.exe [416168 2015-02-22] (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
HKU\S-1-5-21-2983971154-1911877019-4149143616-1001\...\MountPoints2: {ada9e9ce-05c3-11e8-a161-40167ead14e1} - "J:\setup.exe"
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3508464 2020-01-07] (Razer USA Ltd. -> Razer Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.149\Installer\chrmstp.exe [2020-03-19] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0CD5C88C-6C67-4CD4-8824-97304ED186BC} - System32\Tasks\MATLAB R2019a Startup Accelerator => D:\matlab\bin\win64\MATLABStartupAccelerator.exe [57344 2019-02-21] () [File not signed]
Task: {219CA761-C73F-4924-8D59-3C1E81C495DE} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {2352E66C-74B9-4718-BA74-C8FA18E222B4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-04-01] (Google Inc -> Google Inc.)
Task: {2EA77014-137D-4679-93F2-FB91380BF3D1} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1421704 2020-03-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {34AB54B0-D050-4097-A8E0-0C529188267B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302880 2019-12-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {37EBEEA9-AB0B-44CF-B71C-7BC627A0E8E4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27369752 2020-03-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {3A378036-C6FF-4EC7-A252-F2415303E346} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1571208 2020-03-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {3EAE55C3-F875-4B61-9BF9-E4FA62A047EC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-04-01] (Google Inc -> Google Inc.)
Task: {43FAA0B5-E5A2-444C-9304-ACA079440EFB} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_270_pepper.exe [1453112 2019-10-09] (Adobe Inc. -> Adobe)
Task: {4C775363-A960-42ED-A077-8F505466503E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {518088F1-1AA0-4952-8620-FD7662A8A442} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {58B5F141-32FB-4A31-8319-56BB3B60C391} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {7069E0C0-8804-49DB-942D-C55D85046157} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [238392 2013-07-24] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {7D2466C1-A076-4B23-B468-D40E8DC22634} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-kedar700cz@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {7E68E915-7419-4FFA-81B1-2036D12BA876} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {830D9D38-29C4-461B-B95E-3EDB1C6E58BE} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-2983971154-1911877019-4149143616-1001 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [24064 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {84CD37D1-2EF5-4843-A187-E495AEBD8AE6} - System32\Tasks\Adobe Uninstaller => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2623032 2019-07-05] (Adobe Inc. -> Adobe Inc.)
Task: {87076C1D-62DD-40FA-ACB9-28F8DDFFC8B2} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3894664 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
Task: {A29A5C1E-4F44-4677-9899-F5193E2338F3} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AAE19DF8-4595-4C1E-B89E-5A22696C6606} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B0AF2E7C-1F3A-4175-ABB9-6B046DB1376C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [110632 2020-03-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {B26B386F-B6A9-48F0-9123-726D64CE3C96} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [659520 2019-11-04] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {BB0CDEC0-4DE5-4BF0-932A-D852AE782B9C} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BC09CD2F-79E6-49DD-8560-1A4067EC6C88} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4461160 2020-01-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {BF88CA04-C2B3-44DE-9979-1036AA5D29CE} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1421704 2020-03-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {C208A27C-26B8-49FE-A214-C0EAF1E1A8CB} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [110632 2020-03-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {CAED209C-2388-4735-825D-A19CC86DCD8C} - System32\Tasks\ASUS\ASUS Network iControl Help Execute => C:\Program Files (x86)\ASUS\AI Suite III\Network iControl\NetSvcHelp\NetSvcHelpEntry.exe [328504 2013-02-07] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {D175EA08-6B93-4FBC-A823-DAF3D5BFAE4A} - System32\Tasks\klcp_update => E:\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1724928 2020-01-21] () [File not signed]
Task: {D767F0A3-A3E9-4984-A912-0D9B54D4014C} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D973DA31-300A-48F3-AA22-415F0B5BA7EF} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [1454224 2013-08-07] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) [File not signed]
Task: {DCB84E52-3B8F-4C9F-84E1-6A4211759D45} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E09FB9A4-0890-475B-9880-F495588D2E7C} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [1225528 2013-08-08] (ASUSTeK Computer Inc. -> )
Task: {E4E84F7D-D6E4-4A0E-B020-AD51E6360EC3} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_330_Plugin.exe [1458232 2020-02-29] (Adobe Inc. -> Adobe)
Task: {EA174CAC-69E1-490A-8258-81E822F54B24} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [6562168 2016-09-08] (Nero AG -> Nero AG)
Task: {EB54569A-43CA-456D-ADCA-07ABBFF056DA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4461160 2020-01-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {EDA266B2-A386-4269-9876-18DB9CDB7F45} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [1425208 2013-07-24] (ASUSTeK Computer Inc. -> )
Task: {F395E425-2865-4A5F-8DC9-66470899D763} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27369752 2020-03-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {FA13BB2A-E1C1-4603-94B3-ED8C50B65B7D} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653848 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FAFC0B18-549A-4CA1-A80A-95571F88EB52} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-02-29] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\MATLAB R2019a Startup Accelerator.job => D:\matlab\bin\win64\MATLABStartupAccelerator.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\WINDOWS\SysWOW64\wlidNSP.dll [41472 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog5 09 C:\WINDOWS\SysWOW64\wlidNSP.dll [41472 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog5-x64 08 C:\WINDOWS\system32\wlidnsp.dll [66048 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog5-x64 09 C:\WINDOWS\system32\wlidnsp.dll [66048 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Tcpip\..\Interfaces\{0a25fa43-aeda-44f0-b737-8d6ede68201c}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{a31fcb1d-9171-48bf-9d7c-bb06061e4e0b}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-2983971154-1911877019-4149143616-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll => No File
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-22] (Microsoft Corporation -> Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2020-01-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\ssv.dll [2019-08-13] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-08-13] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-22] (Microsoft Corporation -> Microsoft Corporation)

Edge:
======
Edge Extension: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.19.0_neutral__d55gg7py3s0m0 [2020-02-13]

FireFox:
========
FF DefaultProfile: nqbl1xsv.default-1581607266712
FF ProfilePath: C:\Users\kedar\AppData\Roaming\Mozilla\Firefox\Profiles\nqbl1xsv.default-1581607266712 [2020-03-24]
FF NewTab: Mozilla\Firefox\Profiles\nqbl1xsv.default-1581607266712 -> about:newtab
FF Extension: (FrankerFaceZ) - C:\Users\kedar\AppData\Roaming\Mozilla\Firefox\Profiles\nqbl1xsv.default-1581607266712\Extensions\frankerfacez@frankerfacez.com.xpi [2020-02-13] [UpdateUrl:hxxps://cdn.frankerfacez.com/script/firefox-updates.json]
FF Extension: (No Name) - C:\Users\kedar\AppData\Roaming\Mozilla\Firefox\Profiles\nqbl1xsv.default-1581607266712\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-02-13]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_330.dll [2020-02-29] (Adobe Inc. -> )
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-07-05] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_330.dll [2020-02-29] (Adobe Inc. -> )
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2017-10-17] (CANON INC.) [File not signed]
FF Plugin-x32: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-08-13] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-08-13] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> D:\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> D:\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> D:\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> D:\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-07-05] (Adobe Inc. -> Adobe Systems)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [816184 2019-07-05] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3374160 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3103824 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-03] (ASUSTeK Computer Inc. -> )
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2013-08-01] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.01\AsusFanControlService.exe [1656464 2013-08-08] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) [File not signed]
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6046624 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [413472 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57536 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8402648 2019-11-21] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11600672 2020-03-03] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2019-11-12] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 Hamachi2Svc; D:\hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] (Canon Inc. -> )
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-18] (Malwarebytes Inc -> Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2495280 2020-03-24] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; D:\Origin\OriginWebHelperService.exe [3445552 2020-03-24] (Electronic Arts, Inc. -> Electronic Arts)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [974936 2019-11-15] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [1457240 2019-11-15] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2019-10-01] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [287472 2019-12-30] (Razer USA Ltd. -> Razer Inc.)
S3 Rockstar Service; E:\RockstarLauncher\RockstarService.exe [474256 2019-12-13] (Rockstar Games, Inc. -> Rockstar Games)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [532864 2019-10-28] (Razer USA Ltd. -> Razer Inc.)
R2 RzSurroundVADStreamingService; C:\Program Files (x86)\Razer\Razer Surround\Driver\RzSurroundVADStreamingService.exe [4261344 2018-01-09] (Razer USA Ltd. -> Razer Inc)
S3 VBoxSDS; E:\virtualbox\VBoxSDS.exe [694016 2019-09-03] (Oracle Corporation -> Oracle Corporation)
R2 Wallpaper Engine Service; E:\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe [354808 2019-03-17] (Kristjan Skutta -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S1 amdrv; C:\WINDOWS\system32\drivers\amdrv.sys [203680 2019-02-18] (Zemana Ltd. -> Zemana Ltd.)
R1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [232792 2020-03-23] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-03] (ASUSTeK Computer Inc. -> )
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-14] (ASUSTeK Computer Inc. -> )
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37864 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205576 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [271120 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [206608 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [64272 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2020-02-25] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [279360 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42976 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175400 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110560 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84056 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848672 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [458584 2020-03-11] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [235184 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316256 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [269408 2018-06-21] (Bluestack Systems, Inc. -> Bluestack System Inc. )
S3 CsrBtPort; C:\WINDOWS\system32\DRIVERS\CsrBtPort.sys [2784968 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrusb; C:\WINDOWS\System32\Drivers\csrusb.sys [47296 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrusbfilter; C:\WINDOWS\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R0 FACEIT; C:\WINDOWS\System32\Drivers\FACEIT.sys [16650824 2019-07-31] (FACE IT LIMITED -> )
R3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R3 isocusb; C:\WINDOWS\system32\drivers\isocusb.sys [268288 2014-07-21] (Intel(R) DnX Download Driver CCG -> Jungo Connectivity)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-03-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrd.sys [32840 2013-02-21] (Realtek Semiconductor Corp -> NT Kernel Resources)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5ef913e2bcf39373\nvlddmkm.sys [23287696 2020-03-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-08-22] (NVIDIA Corporation -> NVIDIA Corporation)
S3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2017-09-27] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [50240 2019-09-19] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_005c; C:\WINDOWS\System32\drivers\RzDev_005c.sys [51992 2019-10-10] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0241; C:\WINDOWS\System32\drivers\RzDev_0241.sys [51800 2018-11-26] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0C00; C:\WINDOWS\System32\drivers\RzDev_0C00.sys [51696 2018-04-22] (Razer USA Ltd. -> Razer Inc)
S3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [52240 2016-10-30] (Razer USA Ltd. -> Razer Inc)
R3 RZSURROUNDVADService; C:\WINDOWS\system32\drivers\RzSurroundVAD.sys [49176 2016-10-16] (Razer USA Ltd. -> Windows (R) Win 7 DDK provider)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] (Valve Corp. -> )
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24576 2019-09-12] (Microsoft Windows -> Microsoft Corporation)
S3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [237376 2019-09-03] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [248464 2019-09-03] (Oracle Corporation -> Oracle Corporation)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [175248 2019-09-03] (Oracle Corporation -> Oracle Corporation)
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [74048 2020-01-31] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
R3 vsdevbus; C:\WINDOWS\System32\drivers\vsdevbus.sys [24208 2014-07-01] (AGG Software -> AGG Software (hxxp://www.aggsoft.com))
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 csravrcp; \SystemRoot\System32\drivers\csravrcp.sys [X]
S3 CsrBthAudioHF; \SystemRoot\System32\drivers\CsrBthAudioHF.sys [X]
S3 csrhfgcc; \SystemRoot\System32\drivers\csrhfgcc.sys [X]
S3 csrhidmini; \SystemRoot\System32\drivers\csrhidmini.sys [X]
S3 csrpan; \SystemRoot\System32\drivers\csrpan.sys [X]
S3 csrserial; \SystemRoot\system32\DRIVERS\csrserial.sys [X]
S3 csr_bthav; \SystemRoot\system32\drivers\csrbthav.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-24 13:25 - 2020-03-24 13:25 - 000000000 ___DC C:\FRST
2020-03-24 13:23 - 2020-03-24 13:23 - 000000000 __HDC C:\OneDriveTemp
2020-03-24 12:40 - 2020-03-24 12:40 - 000000000 ___DC C:\Users\kedar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yamicsoft
2020-03-24 12:39 - 2020-03-24 12:39 - 000000000 ____D C:\Users\kedar\AppData\Roaming\Yamicsoft
2020-03-23 16:27 - 2020-03-23 16:27 - 000000000 ____D C:\Users\kedar\AppData\Roaming\Publish Providers
2020-03-23 14:36 - 2020-03-24 13:03 - 000000000 ____D C:\Users\kedar\AppData\Roaming\discord
2020-03-23 12:07 - 2020-03-23 23:58 - 000002504 _____ C:\WINDOWS\system32\Tasks\AMHelper
2020-03-23 12:07 - 2020-03-23 12:07 - 000232792 _____ (Copyright 2018.) C:\WINDOWS\system32\Drivers\amsdk.sys
2020-03-23 12:07 - 2020-03-23 12:07 - 000001333 ____C C:\ProgramData\Plocha\Zemana AntiMalware.lnk
2020-03-23 12:07 - 2020-03-23 12:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2020-03-23 12:07 - 2020-03-23 12:07 - 000000000 ____D C:\Program Files (x86)\Zemana
2020-03-23 12:04 - 2014-02-13 23:59 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2020-03-23 11:33 - 2020-03-23 11:58 - 000000000 ___DC C:\zoek_backup
2020-03-22 11:34 - 2020-03-22 11:41 - 000000000 ___DC C:\Users\kedar\Documents\giana sisters - twisted dreams
2020-03-21 18:58 - 2020-03-21 18:58 - 000000000 ____D C:\Users\kedar\AppData\Local\ChanSort
2020-03-19 15:50 - 2020-03-21 13:42 - 000000000 ____D C:\ProgramData\boost_interprocess
2020-03-19 15:30 - 2020-03-22 18:37 - 000000000 ___DC C:\Users\kedar\Documents\MATLAB
2020-03-19 15:30 - 2020-03-19 15:30 - 000000000 ____D C:\Users\kedar\AppData\Roaming\MathWorks
2020-03-19 15:30 - 2020-03-19 15:30 - 000000000 ____D C:\Users\kedar\AppData\Local\MathWorks
2020-03-18 19:25 - 2020-03-18 19:27 - 000000000 ___DC C:\Users\kedar\AppData\LocalLow\IGDump
2020-03-18 19:24 - 2020-03-18 19:24 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-03-18 19:24 - 2020-03-18 19:24 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-03-18 19:24 - 2020-03-18 19:24 - 000002021 ____C C:\ProgramData\Plocha\Malwarebytes.lnk
2020-03-18 19:24 - 2020-03-18 19:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-03-18 19:24 - 2020-03-18 19:24 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-03-18 19:23 - 2020-03-18 19:23 - 000000000 ____D C:\Program Files\Malwarebytes
2020-03-18 11:54 - 2020-03-18 12:00 - 000000000 ___DC C:\AdwCleaner
2020-03-17 16:04 - 2020-03-17 16:04 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-03-17 16:04 - 2020-03-17 16:04 - 009930552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-03-17 16:04 - 2020-03-17 16:04 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-03-17 16:04 - 2020-03-17 16:04 - 006520776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-03-17 16:04 - 2020-03-17 16:04 - 004563416 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-03-17 16:04 - 2020-03-17 16:04 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-03-17 16:04 - 2020-03-17 16:04 - 001398584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-03-17 16:04 - 2020-03-17 16:04 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-03-17 16:04 - 2020-03-17 16:04 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-03-17 16:04 - 2020-03-17 16:04 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-03-17 16:04 - 2020-03-17 16:04 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-03-12 23:17 - 2020-03-17 15:52 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-03-12 00:18 - 2020-03-12 00:18 - 025900544 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 022635008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 019812352 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 018027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 011607552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 009711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 007905784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 007755776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 007259648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 006436352 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 006285312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 006168064 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 006084344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 005911040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 005112832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 004855808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 004580352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 004471296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 004348408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 004140544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 004129648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 004048896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 003971808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-03-12 00:18 - 2020-03-12 00:18 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 003819520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 003799552 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 003728896 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-03-12 00:18 - 2020-03-12 00:18 - 003552768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 003488768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 003371720 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 003260928 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 003243296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-03-12 00:18 - 2020-03-12 00:18 - 002956688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 002875904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 002870272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-03-12 00:18 - 2020-03-12 00:18 - 002773568 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 002768440 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-03-12 00:18 - 2020-03-12 00:18 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-03-12 00:18 - 2020-03-12 00:18 - 002740736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directml.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 002698040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-03-12 00:18 - 2020-03-12 00:18 - 002584008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 002453504 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 002315680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 002307584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 002259872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 002224952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 002180408 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 002087376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 002072664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 002031104 _____ C:\WINDOWS\system32\rdpnano.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 002021888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 001999952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 001985104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 001972536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2020-03-12 00:18 - 2020-03-12 00:18 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 001867816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 001835128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 001823232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 001770552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 001764336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-03-12 00:18 - 2020-03-12 00:18 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 001729024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 001688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 001684992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 001665416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 001657120 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 001609216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 001555904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 001513040 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-03-12 00:18 - 2020-03-12 00:18 - 001490640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 001484600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 001482040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-03-12 00:18 - 2020-03-12 00:18 - 001481216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 001480192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-03-12 00:18 - 2020-03-12 00:18 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 001417976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 001413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-03-12 00:18 - 2020-03-12 00:18 - 001412096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll

Vypinani PC (asi virem)

Vypinani PC (asi virem)

Re: Vypinani PC (asi virem)

Re: Vypinani PC (asi virem)

Re: Vypinani PC (asi virem)

Re: Vypinani PC (asi virem)

Re: Vypinani PC (asi virem)

Re: Vypinani PC (asi virem)

Re: Vypinani PC (asi virem)

Re: Vypinani PC (asi virem)

Re: Vypinani PC (asi virem)

Re: Vypinani PC (asi virem)

Re: Vypinani PC (asi virem)

Kdo je online