Re: log Hijack
Napsal: 16 pro 2020 17:41
Tak jsem odinstaloval COmodo, provedl restart, udělal FRST a znovu Comodo nainstaloval.
FRST přikládám
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2020
Ran by Pavel (administrator) on DESKTOP-54V8III (16-12-2020 16:52:52)
Running from C:\Users\Pavel\Desktop
Loaded Profiles: Pavel
Platform: Windows 10 Pro Version 2004 19041.685 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adlice -> ) C:\Program Files\RogueKiller\RogueKillerSvc.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Pavel\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\userinit.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.680_none_e72768c3263f99bc\TiWorker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Volkswagen AG) [File not signed] C:\ElsaWin\bin\LcSvrAdm.exe
(Volkswagen AG) [File not signed] C:\ElsaWin\bin\LcSvrAuf.exe
(Volkswagen AG) [File not signed] C:\ElsaWin\bin\LcSvrDba.exe
(Volkswagen AG) [File not signed] C:\ElsaWin\bin\LcSvrHis.exe
(Volkswagen AG) [File not signed] C:\ElsaWin\bin\LcSvrPas.exe
(Volkswagen AG) [File not signed] C:\ElsaWin\bin\LcSvrSaz.exe
(Zemana D.O.O. Sarajevo -> Zemana Ltd.) C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [PAC207_Monitor] => C:\Windows\PixArt\PAC207\Monitor.exe
HKLM\...\Run: [Monitor] => C:\Windows\PixArt\PAC207\Monitor.exe
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7992832 2020-12-01] (Dropbox, Inc -> Dropbox, Inc.)
HKU\S-1-5-21-1980947671-2380292906-1612769214-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Pavel\AppData\Local\Microsoft\Teams\Update.exe [2453688 2020-11-17] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-03] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0EBD759C-FAC8-48E0-9A21-65C21FFCA1F3} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe
Task: {1FFD808E-869C-4A3F-9F37-12595CD14857} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {44D9969D-E0AB-4F15-8B7F-73A0838B1246} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2020-12-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {567F5FE2-8A4C-47E4-AEB8-8B55C386D670} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [658808 2020-07-29] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {7941822E-D19B-4FFB-9239-AC32A009299B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [670928 2020-11-12] (Mozilla Corporation -> Mozilla Foundation)
Task: {968E058E-04AF-4392-A2A7-12F2755135D9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5142960 2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {9B5F408C-6896-4E1C-BD45-3DC64076E44C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5142960 2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {A10C748A-3CCF-40F2-8AF2-59D25DABC8BB} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-06-27] (Dropbox, Inc -> Dropbox, Inc.)
Task: {B0092A80-6BFF-4860-A5D1-4143545A4D55} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-06-27] (Dropbox, Inc -> Dropbox, Inc.)
Task: {B8A393C2-9CB2-4B51-B44B-CE8290FC2DA9} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2020-12-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {E41DBA03-45B4-4023-B0E3-6F54BB13F839} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {E50541CB-3095-44B8-AD9D-7358647C6889} - System32\Tasks\AMSkipUAC => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [658808 2020-07-29] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7eb22d12-97e0-44b4-97ad-92edad7b2398}: [DhcpNameServer] 192.168.0.1
Edge:
======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Pavel\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-16]
Edge Extension: (Outlook) - C:\Users\Pavel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2020-10-19]
Edge Extension: (Word) - C:\Users\Pavel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2020-10-19]
Edge Extension: (Excel) - C:\Users\Pavel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2020-10-19]
Edge Extension: (PowerPoint) - C:\Users\Pavel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf [2020-10-19]
FireFox:
========
FF DefaultProfile: 9n2nyuzz.default
FF ProfilePath: C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\9n2nyuzz.default [2020-12-14]
FF ProfilePath: C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\15meqnet.default-release [2020-12-16]
FF Session Restore: Mozilla\Firefox\Profiles\15meqnet.default-release -> is enabled.
FF Extension: (No Name) - C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\15meqnet.default-release\Extensions\wrc@avast.com.xpi [2020-11-29] [not signed]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (No Name) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2020-11-20] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2020-12-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2020-12-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default [2020-12-16]
CHR Notifications: Default -> hxxps://www.svetandroida.cz; hxxps://www.vw-club.cz
CHR HomePage: Default -> hxxp://www.google.cz/
CHR StartupUrls: Default -> "hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=B22974E50B0B99A9&affID=44444&tsp=4920","hxxp://www.google.com/","hxxp://www.search.ask.com/?tpid=ORJ-V7-SAT&o=APN11467&pf=V7&trgb=CR&p2=%5EBED%5EOSJ000%5EYY%5ECZ&gct=hp&apn_ptnrs=BED&apn_dtid=%5EOSJ000%5EYY%5ECZ&apn_dbr=cr_34.0.1847.131&apn_uid=EF1A8E44-606D-43E1-BB14-A5923F94D8DA&itbv=12.10.6.53&doi=2014-05-01&psv=","hxxps://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-11-29]
CHR Extension: (Dokumenty) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-11-29]
CHR Extension: (Disk Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-29]
CHR Extension: (YouTube) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-11-29]
CHR Extension: (Tabulky) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-11-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-29]
CHR Extension: (Tlačítko „Uložit“ pro Pinterest) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2020-12-09]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2020-12-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-11-29]
CHR Extension: (Gmail) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-29]
CHR Extension: (Chrome Media Router) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-29]
CHR Profile: C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2 [2020-12-15]
CHR DefaultSearchURL: Profile 2 -> hxxps://search.yahoo.com/search?fr=mcaf ... 91105G0&p={searchTerms}
CHR DefaultSearchKeyword: Profile 2 -> mcafee
CHR Session Restore: Profile 2 -> is enabled.
CHR Extension: (Prezentace) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-12-01]
CHR Extension: (Dokumenty) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2020-12-01]
CHR Extension: (Disk Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-01]
CHR Extension: (YouTube) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-12-01]
CHR Extension: (Tabulky) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-12-01]
CHR Extension: (Dokumenty Google offline) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-12-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-12-01]
CHR Extension: (Gmail) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-01]
CHR Extension: (Chrome Media Router) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-01]
CHR Profile: C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\System Profile [2020-12-14]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9105800 2020-12-01] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-06-27] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-06-27] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44552 2020-12-01] (Dropbox, Inc -> Dropbox, Inc.)
R2 LcSvrAdm; C:\ElsaWin\bin\LcSvrAdm.exe [240640 2011-12-06] (Volkswagen AG) [File not signed]
R3 LcSvrAuf; C:\ElsaWin\bin\LcSvrAuf.exe [1321472 2011-12-06] (Volkswagen AG) [File not signed]
R2 LcSvrDba; C:\ElsaWin\bin\LcSvrDba.exe [392704 2011-12-06] (Volkswagen AG) [File not signed]
R2 LcSvrHis; C:\ElsaWin\bin\LcSvrHis.exe [335360 2011-12-06] (Volkswagen AG) [File not signed]
R2 LcSvrPAS; C:\ElsaWin\bin\LcSvrPas.exe [477696 2011-12-06] (Volkswagen AG) [File not signed]
R2 LcSvrSaz; C:\ElsaWin\bin\LcSvrSaz.exe [373248 2011-12-06] (Volkswagen AG) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2020-12-12] (Malwarebytes Inc -> Malwarebytes)
S2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [955656 2020-11-21] () [File not signed]
R2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [13666872 2020-11-17] (Adlice -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5197552 2020-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12720144 2020-11-18] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [232792 2020-12-13] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220160 2020-12-16] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-12-12] (Malwarebytes Inc -> Malwarebytes)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [38032 2020-12-16] (Adlice -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-13] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-13] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-12-16 16:52 - 2020-12-16 16:52 - 000220160 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-12-16 16:52 - 2020-12-16 16:52 - 000038032 _____ C:\WINDOWS\system32\Drivers\truesight.sys
2020-12-16 16:51 - 2020-12-16 16:51 - 000000000 _____ C:\WINDOWS\system32\Tasks\CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82}
2020-12-16 16:44 - 2020-12-16 16:44 - 005613920 _____ (COMODO) C:\Users\Pavel\Desktop\cav_installer.exe
2020-12-15 18:50 - 2020-12-15 18:50 - 002191096 _____ (COMODO) C:\Users\Pavel\Downloads\ciscleanuptool_x64.exe
2020-12-15 13:35 - 2020-12-15 13:35 - 000000000 ____D C:\Users\Vojta\AppData\Local\CrashDumps
2020-12-14 18:19 - 2020-12-14 18:19 - 000852798 _____ C:\Users\Pavel\Desktop\SecurityCheck.exe
2020-12-14 18:08 - 2020-12-14 18:10 - 000012620 _____ C:\Users\Pavel\Desktop\Fixlog.txt
2020-12-14 18:08 - 2020-12-14 18:08 - 000000000 ____D C:\Users\Pavel\Desktop\FRST-OlderVersion
2020-12-14 10:36 - 2020-12-14 10:36 - 000001039 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2020-12-14 10:36 - 2020-12-14 10:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2020-12-14 10:36 - 2020-12-14 10:36 - 000000000 ____D C:\Program Files\VS Revo Group
2020-12-14 10:35 - 2020-12-14 10:35 - 007458656 _____ (VS Revo Group ) C:\Users\Pavel\Downloads\revosetup.exe
2020-12-13 17:49 - 2020-12-15 17:15 - 000035387 _____ C:\Users\Pavel\Desktop\Addition.txt
2020-12-13 17:46 - 2020-12-16 16:54 - 000018684 _____ C:\Users\Pavel\Desktop\FRST.txt
2020-12-13 17:46 - 2020-12-16 16:53 - 000000000 ____D C:\FRST
2020-12-13 17:44 - 2020-12-14 18:08 - 002286592 _____ (Farbar) C:\Users\Pavel\Desktop\FRST64.exe
2020-12-13 17:38 - 2020-11-11 22:29 - 000000000 ____D C:\Users\Pavel\Desktop\zoek1
2020-12-13 16:04 - 2020-12-13 16:04 - 000000000 ____D C:\Users\Pavel\Downloads\backups
2020-12-13 15:37 - 2020-12-13 15:37 - 001800862 _____ C:\Users\Pavel\Downloads\zoek.rar
2020-12-13 14:26 - 2020-12-13 14:26 - 000000000 ____D C:\Users\Pavel\Desktop\ZemanaAntimalware
2020-12-13 14:24 - 2020-12-16 16:54 - 000099325 _____ C:\WINDOWS\ZAM.krnl.trace
2020-12-13 14:24 - 2020-12-13 14:24 - 000232792 _____ (Copyright 2018.) C:\WINDOWS\system32\Drivers\amsdk.sys
2020-12-13 14:24 - 2020-12-13 14:24 - 000003558 _____ C:\WINDOWS\system32\Tasks\AMHelper
2020-12-13 14:24 - 2020-12-13 14:24 - 000002680 _____ C:\WINDOWS\system32\Tasks\AMSkipUAC
2020-12-13 14:24 - 2020-12-13 14:24 - 000001333 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2020-12-13 14:24 - 2020-12-13 14:24 - 000000000 ____D C:\Users\Pavel\AppData\Local\Zemana
2020-12-13 14:24 - 2020-12-13 14:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2020-12-13 14:24 - 2020-12-13 14:24 - 000000000 ____D C:\Program Files (x86)\Zemana
2020-12-13 14:23 - 2020-12-16 16:52 - 000000000 ____D C:\Users\Pavel\AppData\Local\AMSDK
2020-12-13 14:21 - 2020-12-13 14:21 - 012795472 _____ (Zemana Ltd. ) C:\Users\Pavel\Desktop\AntiMalware_Setup.exe
2020-12-13 14:00 - 2020-12-13 14:00 - 000000000 ____D C:\Users\Pavel\AppData\LocalLow\IGDump
2020-12-12 23:14 - 2020-12-12 23:14 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\Sun
2020-12-12 23:11 - 2020-12-12 23:11 - 000000797 _____ C:\Users\Public\Desktop\UCheck.lnk
2020-12-12 23:11 - 2020-12-12 23:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UCheck
2020-12-12 23:10 - 2020-12-12 23:11 - 000000000 ____D C:\ProgramData\UCheck
2020-12-12 23:10 - 2020-12-12 23:11 - 000000000 ____D C:\Program Files\UCheck
2020-12-12 23:09 - 2020-12-12 23:09 - 026045184 _____ (Adlice Software ) C:\Users\Pavel\Desktop\ucheck.exe
2020-12-12 19:19 - 2020-12-12 19:19 - 000000859 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2020-12-12 19:19 - 2020-12-12 19:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2020-12-12 19:19 - 2020-12-12 19:19 - 000000000 ____D C:\Program Files\RogueKiller
2020-12-12 19:18 - 2020-12-12 19:24 - 000000000 ____D C:\ProgramData\RogueKiller
2020-12-12 19:17 - 2020-12-12 19:17 - 040473968 _____ (Adlice Software ) C:\Users\Pavel\Desktop\setup.exe
2020-12-12 16:23 - 2020-12-12 16:23 - 000002775 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2020-12-12 16:23 - 2020-12-12 16:23 - 000000000 ____D C:\ProgramData\Sophos
2020-12-12 16:23 - 2020-12-12 16:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2020-12-12 16:23 - 2020-12-12 16:23 - 000000000 ____D C:\Program Files (x86)\Sophos
2020-12-12 16:21 - 2020-12-12 16:21 - 181496840 _____ (Sophos Limited) C:\Users\Pavel\Desktop\Sophos Virus Removal Tool.exe
2020-12-12 15:48 - 2020-12-12 15:48 - 000001153 _____ C:\Users\Pavel\Desktop\JRT.txt
2020-12-12 15:43 - 2020-12-12 15:43 - 000002420 _____ C:\Users\Pavel\Desktop\AdwCleaner[C07].txt
2020-12-12 15:31 - 2020-12-12 15:31 - 001790024 _____ (Malwarebytes) C:\Users\Pavel\Desktop\JRT.exe
2020-12-12 13:12 - 2020-12-12 15:56 - 000005357 _____ C:\Users\Pavel\Desktop\Vypis z Malwarebytes-12_12_2020.txt
2020-12-12 13:09 - 2020-12-12 13:09 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-12-12 13:09 - 2020-12-12 13:09 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-12-11 23:42 - 2020-12-11 23:42 - 008447152 _____ (Malwarebytes) C:\Users\Pavel\Downloads\AdwCleaner(1).exe
2020-12-11 22:37 - 2020-12-11 22:37 - 000448512 _____ (OldTimer Tools) C:\Users\Pavel\Downloads\TFC(1).exe
2020-12-11 22:34 - 2020-12-11 22:34 - 000388608 _____ (Trend Micro Inc.) C:\Users\Pavel\Downloads\HijackThis.exe
2020-12-11 20:01 - 2020-12-11 20:01 - 000000000 ____D C:\Users\Lukáš\AppData\Local\D3DSCache
2020-12-11 17:08 - 2020-12-11 17:08 - 000007893 _____ C:\Users\Pavel\Desktop\Vypis z Malwarebytes-11_12_2020.txt
2020-12-10 20:34 - 2020-12-10 20:34 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-12-10 20:34 - 2020-12-10 20:34 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-12-10 20:34 - 2020-12-10 20:34 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-12-10 20:34 - 2020-12-10 20:34 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-10 20:34 - 2020-12-10 20:34 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2020-12-10 20:34 - 2020-12-10 20:34 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-10 20:34 - 2020-12-10 20:34 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-12-10 20:34 - 2020-12-10 20:34 - 000010912 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-12-10 20:34 - 2020-12-10 20:34 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2020-12-10 20:33 - 2020-12-10 20:33 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-12-10 20:33 - 2020-12-10 20:33 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-10 20:33 - 2020-12-10 20:33 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-10 20:33 - 2020-12-10 20:33 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-10 20:33 - 2020-12-10 20:33 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2020-12-10 20:33 - 2020-12-10 20:33 - 000165376 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-12-10 20:33 - 2020-12-10 20:33 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-10 20:33 - 2020-12-10 20:33 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2020-12-10 20:33 - 2020-12-10 20:33 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2020-12-10 20:33 - 2020-12-10 20:33 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-10 20:33 - 2020-12-10 20:33 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-12-10 20:33 - 2020-12-10 20:33 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-12-10 20:33 - 2020-12-10 20:33 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-09 17:20 - 2020-12-09 19:58 - 000111274 _____ C:\WINDOWS\ntbtlog.txt
2020-12-07 17:02 - 2020-12-07 17:03 - 000000000 ____D C:\Users\Pavel\Desktop\Vojta
2020-12-07 17:01 - 2020-12-07 17:01 - 006056089 _____ C:\Users\Pavel\Downloads\iCloud Photos(1).zip
2020-12-07 13:41 - 2020-12-16 15:06 - 000000000 ____D C:\Users\Lukáš\AppData\Local\CrashDumps
2020-12-07 09:55 - 2020-12-07 09:55 - 000005065 _____ C:\Users\Pavel\Desktop\Vypis z Malwarebytes-7_12_2020.txt
2020-12-05 18:28 - 2020-12-05 18:28 - 002719648 _____ C:\Users\Pavel\Downloads\iCloud Photos.zip
2020-12-05 18:25 - 2020-12-06 17:00 - 000000000 ____D C:\Users\Lukáš\AppData\LocalLow\Mozilla
2020-12-05 18:25 - 2020-12-05 18:25 - 000000000 ____D C:\Users\Lukáš\AppData\Roaming\Mozilla
2020-12-05 18:25 - 2020-12-05 18:25 - 000000000 ____D C:\Users\Lukáš\AppData\Local\Mozilla
2020-12-04 18:00 - 2020-12-04 18:00 - 000008093 _____ C:\Users\Pavel\Desktop\Vypis z Malwarebytes.txt
2020-12-03 08:12 - 2020-12-03 08:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-12-02 17:45 - 2020-12-02 17:45 - 000448512 _____ (OldTimer Tools) C:\Users\Pavel\Downloads\TFC.exe
2020-12-02 17:42 - 2020-12-02 17:42 - 000050688 _____ (Atribune.org) C:\Users\Pavel\Downloads\atf-cleaner.exe
2020-12-02 17:41 - 2020-12-06 17:26 - 000000000 ____D C:\Users\Vojta\AppData\LocalLow\Mozilla
2020-12-02 17:41 - 2020-12-02 17:41 - 000000000 ____D C:\Users\Vojta\AppData\Roaming\Mozilla
2020-12-02 17:41 - 2020-12-02 17:41 - 000000000 ____D C:\Users\Vojta\AppData\Local\Mozilla
2020-12-02 14:01 - 2020-12-02 14:01 - 000000000 ____D C:\Users\Vojta\AppData\Local\CEF
2020-12-01 23:10 - 2020-12-01 23:10 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2020-12-01 23:10 - 2020-12-01 23:10 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2020-12-01 23:10 - 2020-12-01 23:10 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2020-12-01 23:10 - 2020-12-01 23:10 - 000044552 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2020-12-01 19:05 - 2020-12-01 21:15 - 000002438 _____ C:\Users\Pavel\Desktop\Petra - Chrome.lnk
2020-12-01 18:57 - 2020-12-01 20:06 - 000002394 _____ C:\Users\Pavel\Desktop\Pavel - Chrome.lnk
2020-11-30 12:44 - 2020-11-30 12:44 - 000481422 _____ C:\Users\Pavel\Downloads\informace-k-prijimacimu-rizeni-v-roce-2020-2021-2011152339.pdf
2020-11-30 09:51 - 2020-11-30 09:51 - 000000000 ____D C:\Users\Pavel\AppData\Local\OneDrive
2020-11-29 20:48 - 2020-12-03 16:55 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-11-29 20:48 - 2020-12-03 16:55 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-11-29 20:48 - 2020-11-29 20:48 - 000000000 ____D C:\Program Files\Google
2020-11-29 20:40 - 2020-11-29 20:40 - 001317080 _____ (Google LLC) C:\Users\Pavel\Downloads\ChromeSetup.exe
2020-11-29 19:50 - 2020-11-29 19:50 - 000000000 ____D C:\Users\Lukáš\AppData\Local\CEF
2020-11-29 16:18 - 2020-11-29 16:18 - 006542392 _____ (EnigmaSoft Limited) C:\Users\Pavel\Downloads\SpyHunter-Installer.exe
2020-11-29 15:49 - 2020-12-12 13:10 - 000001993 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-11-29 15:49 - 2020-12-12 13:10 - 000001981 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-11-29 15:49 - 2020-12-12 13:09 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-11-29 15:49 - 2020-11-29 15:49 - 000000000 ____D C:\Users\Pavel\AppData\Local\mbam
2020-11-29 15:48 - 2020-11-29 15:48 - 002076624 _____ (Malwarebytes) C:\Users\Pavel\Downloads\MBSetup.exe
2020-11-29 15:48 - 2020-11-29 15:48 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-11-29 15:48 - 2020-11-29 15:48 - 000000000 ____D C:\Program Files\Malwarebytes
2020-11-29 15:39 - 2020-11-29 15:40 - 000000000 ____D C:\AdwCleaner
2020-11-29 15:39 - 2020-11-29 15:39 - 008447152 _____ (Malwarebytes) C:\Users\Pavel\Desktop\AdwCleaner.exe
2020-11-29 15:26 - 2020-12-16 16:51 - 000000000 ____D C:\Users\Pavel\AppData\LocalLow\Mozilla
2020-11-29 15:26 - 2020-12-16 16:51 - 000000000 ____D C:\ProgramData\Mozilla
2020-11-29 15:26 - 2020-11-29 15:26 - 000000907 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-11-29 15:26 - 2020-11-29 15:26 - 000000895 _____ C:\Users\Public\Desktop\Firefox.lnk
2020-11-29 15:26 - 2020-11-29 15:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-11-29 15:26 - 2020-11-29 15:26 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\Mozilla
2020-11-29 15:26 - 2020-11-29 15:26 - 000000000 ____D C:\Users\Pavel\AppData\Local\Mozilla
2020-11-29 15:26 - 2020-11-29 15:26 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-11-29 14:52 - 2020-11-29 14:52 - 000000000 ____D C:\Users\Pavel\AppData\Local\CEF
2020-11-27 15:28 - 2020-12-11 23:40 - 000002428 _____ C:\WINDOWS\system32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
2020-11-27 15:28 - 2020-11-27 15:28 - 000000009 _____ C:\ProgramData\updateSuccess.txt
2020-11-24 23:22 - 2020-11-24 23:22 - 000191489 _____ C:\Users\Pavel\Desktop\Informace o správci příloh v systému Microsoft Windows.pdf
2020-11-18 11:01 - 2020-11-20 20:10 - 000000000 ____D C:\Users\Vojta\Desktop\Vojta
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-12-16 16:53 - 2020-03-26 20:13 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-12-16 16:52 - 2020-07-26 17:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-16 16:52 - 2020-07-26 17:03 - 000008192 ___SH C:\DumpStack.log.tmp
2020-12-16 16:52 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-16 16:52 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2020-12-16 16:52 - 2019-06-05 18:47 - 000000000 ____D C:\ProgramData\NVIDIA
2020-12-16 16:51 - 2020-04-17 18:50 - 000002479 _____ C:\Users\Pavel\Desktop\Microsoft Teams.lnk
2020-12-16 16:51 - 2019-12-16 13:23 - 000002084 _____ C:\Users\Pavel\Desktop\TLauncher.lnk
2020-12-16 16:26 - 2020-07-26 17:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-16 14:36 - 2019-12-16 13:23 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\.minecraft
2020-12-16 14:35 - 2019-12-16 13:24 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\.tlauncher
2020-12-16 13:48 - 2019-07-05 19:30 - 000000000 ____D C:\Program Files\Microsoft Office
2020-12-16 13:44 - 2019-06-05 18:46 - 000000000 ___RD C:\Users\Pavel\OneDrive
2020-12-15 17:15 - 2020-07-26 17:09 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-15 17:15 - 2019-12-07 15:43 - 000682184 _____ C:\WINDOWS\system32\perfh005.dat
2020-12-15 17:15 - 2019-12-07 15:43 - 000137000 _____ C:\WINDOWS\system32\perfc005.dat
2020-12-15 17:15 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2020-12-15 17:08 - 2019-07-14 07:19 - 000000000 ____D C:\Users\Pavel\AppData\Local\CrashDumps
2020-12-15 17:02 - 2019-07-04 16:40 - 000000000 ___RD C:\Users\Pavel\Dropbox
2020-12-15 16:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-12-15 14:52 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-15 13:35 - 2020-07-26 17:11 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1980947671-2380292906-1612769214-1003
2020-12-15 13:35 - 2020-07-26 17:04 - 000002365 _____ C:\Users\Vojta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-12-15 13:35 - 2019-07-03 16:29 - 000000000 ___RD C:\Users\Vojta\OneDrive
2020-12-14 20:54 - 2019-07-05 22:24 - 000000000 ____D C:\KMPlayer
2020-12-14 19:20 - 2020-07-26 17:11 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1980947671-2380292906-1612769214-1002
2020-12-14 19:20 - 2020-07-26 17:04 - 000002365 _____ C:\Users\Lukáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-12-14 19:20 - 2019-06-27 21:16 - 000000000 ___RD C:\Users\Lukáš\OneDrive
2020-12-13 15:40 - 2019-06-05 18:38 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-12-12 23:15 - 2020-07-26 17:11 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1980947671-2380292906-1612769214-1001
2020-12-12 23:15 - 2020-07-26 17:04 - 000002365 _____ C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-12-12 23:15 - 2019-12-16 13:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-12-12 23:15 - 2019-12-16 13:24 - 000000000 ____D C:\Program Files\Java
2020-12-12 23:13 - 2019-12-16 13:24 - 000192168 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2020-12-12 19:43 - 2020-06-05 15:58 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-12 19:43 - 2020-06-05 15:58 - 000002257 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-12-12 13:09 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-12-12 10:00 - 2020-10-29 19:19 - 000001425 _____ C:\Users\Lukáš\Desktop\Roblox Player.lnk
2020-12-12 10:00 - 2020-10-29 19:18 - 000001248 _____ C:\Users\Lukáš\Desktop\Roblox Studio.lnk
2020-12-12 10:00 - 2020-10-29 19:18 - 000000000 ____D C:\Users\Lukáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2020-12-11 23:46 - 2019-06-27 21:25 - 000000938 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2020-12-11 23:46 - 2019-06-27 21:25 - 000000934 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2020-12-11 23:40 - 2020-07-26 17:11 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-12-11 23:40 - 2020-07-26 17:11 - 000003452 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2020-12-11 23:40 - 2020-07-26 17:11 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-12-11 23:40 - 2020-07-26 17:11 - 000003228 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2020-12-11 22:40 - 2019-06-05 18:42 - 000000000 ____D C:\Users\Pavel\AppData\Local\VirtualStore
2020-12-11 19:32 - 2020-10-29 18:31 - 000001425 _____ C:\Users\Vojta\Desktop\Roblox Player.lnk
2020-12-11 19:32 - 2020-10-29 18:31 - 000001248 _____ C:\Users\Vojta\Desktop\Roblox Studio.lnk
2020-12-11 19:32 - 2020-10-29 18:31 - 000000000 ____D C:\Users\Vojta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2020-12-10 23:04 - 2020-07-26 17:03 - 000437992 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-10 23:03 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-12-10 23:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-10 23:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-10 23:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-12-10 23:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-10 23:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-12-10 23:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-10 23:03 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-10 23:03 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-10 20:37 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-08 13:37 - 2020-07-26 17:04 - 000000000 ____D C:\Users\Lukáš
2020-12-07 22:19 - 2020-07-26 17:04 - 000000000 ____D C:\Users\Vojta
2020-12-07 22:19 - 2020-07-26 17:04 - 000000000 ____D C:\Users\Pavel
2020-12-06 13:18 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-12-05 19:03 - 2019-06-05 18:42 - 000000000 ____D C:\Users\Pavel\AppData\Local\Packages
2020-12-03 22:06 - 2019-06-05 18:45 - 000000000 ____D C:\Users\Pavel\AppData\Local\PlaceholderTileLogoFolder
2020-12-03 08:12 - 2019-06-27 21:25 - 000000000 ____D C:\Program Files (x86)\Dropbox
2020-12-01 08:59 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps.tmp
2020-11-30 16:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\registration
2020-11-29 20:48 - 2019-06-05 18:47 - 000000000 ____D C:\Users\Pavel\AppData\Local\Google
2020-11-29 20:48 - 2019-06-05 18:47 - 000000000 ____D C:\Program Files (x86)\Google
2020-11-28 20:40 - 2019-07-05 19:24 - 000000000 ____D C:\Users\Pavel\AppData\Local\D3DSCache
2020-11-25 07:40 - 2020-03-26 20:13 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\TeamViewer
2020-11-19 16:49 - 2019-07-01 07:48 - 000000000 ____D C:\Users\Pavel\Desktop\Beruška nová
2020-11-18 03:19 - 2019-06-05 18:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-11-18 03:16 - 2019-06-05 18:50 - 133736600 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-11-17 11:08 - 2020-04-17 18:50 - 000002368 _____ C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
==================== Files in the root of some directories ========
2020-03-24 13:49 - 2020-03-24 13:49 - 000000017 _____ () C:\Users\Pavel\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
FRST přikládám
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2020
Ran by Pavel (administrator) on DESKTOP-54V8III (16-12-2020 16:52:52)
Running from C:\Users\Pavel\Desktop
Loaded Profiles: Pavel
Platform: Windows 10 Pro Version 2004 19041.685 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adlice -> ) C:\Program Files\RogueKiller\RogueKillerSvc.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Pavel\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\userinit.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.680_none_e72768c3263f99bc\TiWorker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Volkswagen AG) [File not signed] C:\ElsaWin\bin\LcSvrAdm.exe
(Volkswagen AG) [File not signed] C:\ElsaWin\bin\LcSvrAuf.exe
(Volkswagen AG) [File not signed] C:\ElsaWin\bin\LcSvrDba.exe
(Volkswagen AG) [File not signed] C:\ElsaWin\bin\LcSvrHis.exe
(Volkswagen AG) [File not signed] C:\ElsaWin\bin\LcSvrPas.exe
(Volkswagen AG) [File not signed] C:\ElsaWin\bin\LcSvrSaz.exe
(Zemana D.O.O. Sarajevo -> Zemana Ltd.) C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [PAC207_Monitor] => C:\Windows\PixArt\PAC207\Monitor.exe
HKLM\...\Run: [Monitor] => C:\Windows\PixArt\PAC207\Monitor.exe
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7992832 2020-12-01] (Dropbox, Inc -> Dropbox, Inc.)
HKU\S-1-5-21-1980947671-2380292906-1612769214-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Pavel\AppData\Local\Microsoft\Teams\Update.exe [2453688 2020-11-17] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-03] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0EBD759C-FAC8-48E0-9A21-65C21FFCA1F3} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe
Task: {1FFD808E-869C-4A3F-9F37-12595CD14857} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {44D9969D-E0AB-4F15-8B7F-73A0838B1246} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2020-12-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {567F5FE2-8A4C-47E4-AEB8-8B55C386D670} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [658808 2020-07-29] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {7941822E-D19B-4FFB-9239-AC32A009299B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [670928 2020-11-12] (Mozilla Corporation -> Mozilla Foundation)
Task: {968E058E-04AF-4392-A2A7-12F2755135D9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5142960 2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {9B5F408C-6896-4E1C-BD45-3DC64076E44C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5142960 2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {A10C748A-3CCF-40F2-8AF2-59D25DABC8BB} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-06-27] (Dropbox, Inc -> Dropbox, Inc.)
Task: {B0092A80-6BFF-4860-A5D1-4143545A4D55} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-06-27] (Dropbox, Inc -> Dropbox, Inc.)
Task: {B8A393C2-9CB2-4B51-B44B-CE8290FC2DA9} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2020-12-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {E41DBA03-45B4-4023-B0E3-6F54BB13F839} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {E50541CB-3095-44B8-AD9D-7358647C6889} - System32\Tasks\AMSkipUAC => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [658808 2020-07-29] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7eb22d12-97e0-44b4-97ad-92edad7b2398}: [DhcpNameServer] 192.168.0.1
Edge:
======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Pavel\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-16]
Edge Extension: (Outlook) - C:\Users\Pavel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2020-10-19]
Edge Extension: (Word) - C:\Users\Pavel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2020-10-19]
Edge Extension: (Excel) - C:\Users\Pavel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2020-10-19]
Edge Extension: (PowerPoint) - C:\Users\Pavel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf [2020-10-19]
FireFox:
========
FF DefaultProfile: 9n2nyuzz.default
FF ProfilePath: C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\9n2nyuzz.default [2020-12-14]
FF ProfilePath: C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\15meqnet.default-release [2020-12-16]
FF Session Restore: Mozilla\Firefox\Profiles\15meqnet.default-release -> is enabled.
FF Extension: (No Name) - C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\15meqnet.default-release\Extensions\wrc@avast.com.xpi [2020-11-29] [not signed]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (No Name) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2020-11-20] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2020-12-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2020-12-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default [2020-12-16]
CHR Notifications: Default -> hxxps://www.svetandroida.cz; hxxps://www.vw-club.cz
CHR HomePage: Default -> hxxp://www.google.cz/
CHR StartupUrls: Default -> "hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=B22974E50B0B99A9&affID=44444&tsp=4920","hxxp://www.google.com/","hxxp://www.search.ask.com/?tpid=ORJ-V7-SAT&o=APN11467&pf=V7&trgb=CR&p2=%5EBED%5EOSJ000%5EYY%5ECZ&gct=hp&apn_ptnrs=BED&apn_dtid=%5EOSJ000%5EYY%5ECZ&apn_dbr=cr_34.0.1847.131&apn_uid=EF1A8E44-606D-43E1-BB14-A5923F94D8DA&itbv=12.10.6.53&doi=2014-05-01&psv=","hxxps://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-11-29]
CHR Extension: (Dokumenty) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-11-29]
CHR Extension: (Disk Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-29]
CHR Extension: (YouTube) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-11-29]
CHR Extension: (Tabulky) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-11-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-29]
CHR Extension: (Tlačítko „Uložit“ pro Pinterest) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2020-12-09]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2020-12-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-11-29]
CHR Extension: (Gmail) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-29]
CHR Extension: (Chrome Media Router) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-29]
CHR Profile: C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2 [2020-12-15]
CHR DefaultSearchURL: Profile 2 -> hxxps://search.yahoo.com/search?fr=mcaf ... 91105G0&p={searchTerms}
CHR DefaultSearchKeyword: Profile 2 -> mcafee
CHR Session Restore: Profile 2 -> is enabled.
CHR Extension: (Prezentace) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-12-01]
CHR Extension: (Dokumenty) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2020-12-01]
CHR Extension: (Disk Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-01]
CHR Extension: (YouTube) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-12-01]
CHR Extension: (Tabulky) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-12-01]
CHR Extension: (Dokumenty Google offline) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-12-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-12-01]
CHR Extension: (Gmail) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-01]
CHR Extension: (Chrome Media Router) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-01]
CHR Profile: C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\System Profile [2020-12-14]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9105800 2020-12-01] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-06-27] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-06-27] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44552 2020-12-01] (Dropbox, Inc -> Dropbox, Inc.)
R2 LcSvrAdm; C:\ElsaWin\bin\LcSvrAdm.exe [240640 2011-12-06] (Volkswagen AG) [File not signed]
R3 LcSvrAuf; C:\ElsaWin\bin\LcSvrAuf.exe [1321472 2011-12-06] (Volkswagen AG) [File not signed]
R2 LcSvrDba; C:\ElsaWin\bin\LcSvrDba.exe [392704 2011-12-06] (Volkswagen AG) [File not signed]
R2 LcSvrHis; C:\ElsaWin\bin\LcSvrHis.exe [335360 2011-12-06] (Volkswagen AG) [File not signed]
R2 LcSvrPAS; C:\ElsaWin\bin\LcSvrPas.exe [477696 2011-12-06] (Volkswagen AG) [File not signed]
R2 LcSvrSaz; C:\ElsaWin\bin\LcSvrSaz.exe [373248 2011-12-06] (Volkswagen AG) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2020-12-12] (Malwarebytes Inc -> Malwarebytes)
S2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [955656 2020-11-21] () [File not signed]
R2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [13666872 2020-11-17] (Adlice -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5197552 2020-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12720144 2020-11-18] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [232792 2020-12-13] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220160 2020-12-16] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-12-12] (Malwarebytes Inc -> Malwarebytes)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [38032 2020-12-16] (Adlice -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-13] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-13] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-12-16 16:52 - 2020-12-16 16:52 - 000220160 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-12-16 16:52 - 2020-12-16 16:52 - 000038032 _____ C:\WINDOWS\system32\Drivers\truesight.sys
2020-12-16 16:51 - 2020-12-16 16:51 - 000000000 _____ C:\WINDOWS\system32\Tasks\CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82}
2020-12-16 16:44 - 2020-12-16 16:44 - 005613920 _____ (COMODO) C:\Users\Pavel\Desktop\cav_installer.exe
2020-12-15 18:50 - 2020-12-15 18:50 - 002191096 _____ (COMODO) C:\Users\Pavel\Downloads\ciscleanuptool_x64.exe
2020-12-15 13:35 - 2020-12-15 13:35 - 000000000 ____D C:\Users\Vojta\AppData\Local\CrashDumps
2020-12-14 18:19 - 2020-12-14 18:19 - 000852798 _____ C:\Users\Pavel\Desktop\SecurityCheck.exe
2020-12-14 18:08 - 2020-12-14 18:10 - 000012620 _____ C:\Users\Pavel\Desktop\Fixlog.txt
2020-12-14 18:08 - 2020-12-14 18:08 - 000000000 ____D C:\Users\Pavel\Desktop\FRST-OlderVersion
2020-12-14 10:36 - 2020-12-14 10:36 - 000001039 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2020-12-14 10:36 - 2020-12-14 10:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2020-12-14 10:36 - 2020-12-14 10:36 - 000000000 ____D C:\Program Files\VS Revo Group
2020-12-14 10:35 - 2020-12-14 10:35 - 007458656 _____ (VS Revo Group ) C:\Users\Pavel\Downloads\revosetup.exe
2020-12-13 17:49 - 2020-12-15 17:15 - 000035387 _____ C:\Users\Pavel\Desktop\Addition.txt
2020-12-13 17:46 - 2020-12-16 16:54 - 000018684 _____ C:\Users\Pavel\Desktop\FRST.txt
2020-12-13 17:46 - 2020-12-16 16:53 - 000000000 ____D C:\FRST
2020-12-13 17:44 - 2020-12-14 18:08 - 002286592 _____ (Farbar) C:\Users\Pavel\Desktop\FRST64.exe
2020-12-13 17:38 - 2020-11-11 22:29 - 000000000 ____D C:\Users\Pavel\Desktop\zoek1
2020-12-13 16:04 - 2020-12-13 16:04 - 000000000 ____D C:\Users\Pavel\Downloads\backups
2020-12-13 15:37 - 2020-12-13 15:37 - 001800862 _____ C:\Users\Pavel\Downloads\zoek.rar
2020-12-13 14:26 - 2020-12-13 14:26 - 000000000 ____D C:\Users\Pavel\Desktop\ZemanaAntimalware
2020-12-13 14:24 - 2020-12-16 16:54 - 000099325 _____ C:\WINDOWS\ZAM.krnl.trace
2020-12-13 14:24 - 2020-12-13 14:24 - 000232792 _____ (Copyright 2018.) C:\WINDOWS\system32\Drivers\amsdk.sys
2020-12-13 14:24 - 2020-12-13 14:24 - 000003558 _____ C:\WINDOWS\system32\Tasks\AMHelper
2020-12-13 14:24 - 2020-12-13 14:24 - 000002680 _____ C:\WINDOWS\system32\Tasks\AMSkipUAC
2020-12-13 14:24 - 2020-12-13 14:24 - 000001333 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2020-12-13 14:24 - 2020-12-13 14:24 - 000000000 ____D C:\Users\Pavel\AppData\Local\Zemana
2020-12-13 14:24 - 2020-12-13 14:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2020-12-13 14:24 - 2020-12-13 14:24 - 000000000 ____D C:\Program Files (x86)\Zemana
2020-12-13 14:23 - 2020-12-16 16:52 - 000000000 ____D C:\Users\Pavel\AppData\Local\AMSDK
2020-12-13 14:21 - 2020-12-13 14:21 - 012795472 _____ (Zemana Ltd. ) C:\Users\Pavel\Desktop\AntiMalware_Setup.exe
2020-12-13 14:00 - 2020-12-13 14:00 - 000000000 ____D C:\Users\Pavel\AppData\LocalLow\IGDump
2020-12-12 23:14 - 2020-12-12 23:14 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\Sun
2020-12-12 23:11 - 2020-12-12 23:11 - 000000797 _____ C:\Users\Public\Desktop\UCheck.lnk
2020-12-12 23:11 - 2020-12-12 23:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UCheck
2020-12-12 23:10 - 2020-12-12 23:11 - 000000000 ____D C:\ProgramData\UCheck
2020-12-12 23:10 - 2020-12-12 23:11 - 000000000 ____D C:\Program Files\UCheck
2020-12-12 23:09 - 2020-12-12 23:09 - 026045184 _____ (Adlice Software ) C:\Users\Pavel\Desktop\ucheck.exe
2020-12-12 19:19 - 2020-12-12 19:19 - 000000859 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2020-12-12 19:19 - 2020-12-12 19:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2020-12-12 19:19 - 2020-12-12 19:19 - 000000000 ____D C:\Program Files\RogueKiller
2020-12-12 19:18 - 2020-12-12 19:24 - 000000000 ____D C:\ProgramData\RogueKiller
2020-12-12 19:17 - 2020-12-12 19:17 - 040473968 _____ (Adlice Software ) C:\Users\Pavel\Desktop\setup.exe
2020-12-12 16:23 - 2020-12-12 16:23 - 000002775 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2020-12-12 16:23 - 2020-12-12 16:23 - 000000000 ____D C:\ProgramData\Sophos
2020-12-12 16:23 - 2020-12-12 16:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2020-12-12 16:23 - 2020-12-12 16:23 - 000000000 ____D C:\Program Files (x86)\Sophos
2020-12-12 16:21 - 2020-12-12 16:21 - 181496840 _____ (Sophos Limited) C:\Users\Pavel\Desktop\Sophos Virus Removal Tool.exe
2020-12-12 15:48 - 2020-12-12 15:48 - 000001153 _____ C:\Users\Pavel\Desktop\JRT.txt
2020-12-12 15:43 - 2020-12-12 15:43 - 000002420 _____ C:\Users\Pavel\Desktop\AdwCleaner[C07].txt
2020-12-12 15:31 - 2020-12-12 15:31 - 001790024 _____ (Malwarebytes) C:\Users\Pavel\Desktop\JRT.exe
2020-12-12 13:12 - 2020-12-12 15:56 - 000005357 _____ C:\Users\Pavel\Desktop\Vypis z Malwarebytes-12_12_2020.txt
2020-12-12 13:09 - 2020-12-12 13:09 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-12-12 13:09 - 2020-12-12 13:09 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-12-11 23:42 - 2020-12-11 23:42 - 008447152 _____ (Malwarebytes) C:\Users\Pavel\Downloads\AdwCleaner(1).exe
2020-12-11 22:37 - 2020-12-11 22:37 - 000448512 _____ (OldTimer Tools) C:\Users\Pavel\Downloads\TFC(1).exe
2020-12-11 22:34 - 2020-12-11 22:34 - 000388608 _____ (Trend Micro Inc.) C:\Users\Pavel\Downloads\HijackThis.exe
2020-12-11 20:01 - 2020-12-11 20:01 - 000000000 ____D C:\Users\Lukáš\AppData\Local\D3DSCache
2020-12-11 17:08 - 2020-12-11 17:08 - 000007893 _____ C:\Users\Pavel\Desktop\Vypis z Malwarebytes-11_12_2020.txt
2020-12-10 20:34 - 2020-12-10 20:34 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-12-10 20:34 - 2020-12-10 20:34 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-12-10 20:34 - 2020-12-10 20:34 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-12-10 20:34 - 2020-12-10 20:34 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-10 20:34 - 2020-12-10 20:34 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2020-12-10 20:34 - 2020-12-10 20:34 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-10 20:34 - 2020-12-10 20:34 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-12-10 20:34 - 2020-12-10 20:34 - 000010912 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-12-10 20:34 - 2020-12-10 20:34 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2020-12-10 20:33 - 2020-12-10 20:33 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-12-10 20:33 - 2020-12-10 20:33 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-10 20:33 - 2020-12-10 20:33 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-10 20:33 - 2020-12-10 20:33 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-10 20:33 - 2020-12-10 20:33 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2020-12-10 20:33 - 2020-12-10 20:33 - 000165376 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-12-10 20:33 - 2020-12-10 20:33 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-10 20:33 - 2020-12-10 20:33 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2020-12-10 20:33 - 2020-12-10 20:33 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2020-12-10 20:33 - 2020-12-10 20:33 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-10 20:33 - 2020-12-10 20:33 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-12-10 20:33 - 2020-12-10 20:33 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-12-10 20:33 - 2020-12-10 20:33 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-09 17:20 - 2020-12-09 19:58 - 000111274 _____ C:\WINDOWS\ntbtlog.txt
2020-12-07 17:02 - 2020-12-07 17:03 - 000000000 ____D C:\Users\Pavel\Desktop\Vojta
2020-12-07 17:01 - 2020-12-07 17:01 - 006056089 _____ C:\Users\Pavel\Downloads\iCloud Photos(1).zip
2020-12-07 13:41 - 2020-12-16 15:06 - 000000000 ____D C:\Users\Lukáš\AppData\Local\CrashDumps
2020-12-07 09:55 - 2020-12-07 09:55 - 000005065 _____ C:\Users\Pavel\Desktop\Vypis z Malwarebytes-7_12_2020.txt
2020-12-05 18:28 - 2020-12-05 18:28 - 002719648 _____ C:\Users\Pavel\Downloads\iCloud Photos.zip
2020-12-05 18:25 - 2020-12-06 17:00 - 000000000 ____D C:\Users\Lukáš\AppData\LocalLow\Mozilla
2020-12-05 18:25 - 2020-12-05 18:25 - 000000000 ____D C:\Users\Lukáš\AppData\Roaming\Mozilla
2020-12-05 18:25 - 2020-12-05 18:25 - 000000000 ____D C:\Users\Lukáš\AppData\Local\Mozilla
2020-12-04 18:00 - 2020-12-04 18:00 - 000008093 _____ C:\Users\Pavel\Desktop\Vypis z Malwarebytes.txt
2020-12-03 08:12 - 2020-12-03 08:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-12-02 17:45 - 2020-12-02 17:45 - 000448512 _____ (OldTimer Tools) C:\Users\Pavel\Downloads\TFC.exe
2020-12-02 17:42 - 2020-12-02 17:42 - 000050688 _____ (Atribune.org) C:\Users\Pavel\Downloads\atf-cleaner.exe
2020-12-02 17:41 - 2020-12-06 17:26 - 000000000 ____D C:\Users\Vojta\AppData\LocalLow\Mozilla
2020-12-02 17:41 - 2020-12-02 17:41 - 000000000 ____D C:\Users\Vojta\AppData\Roaming\Mozilla
2020-12-02 17:41 - 2020-12-02 17:41 - 000000000 ____D C:\Users\Vojta\AppData\Local\Mozilla
2020-12-02 14:01 - 2020-12-02 14:01 - 000000000 ____D C:\Users\Vojta\AppData\Local\CEF
2020-12-01 23:10 - 2020-12-01 23:10 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2020-12-01 23:10 - 2020-12-01 23:10 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2020-12-01 23:10 - 2020-12-01 23:10 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2020-12-01 23:10 - 2020-12-01 23:10 - 000044552 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2020-12-01 19:05 - 2020-12-01 21:15 - 000002438 _____ C:\Users\Pavel\Desktop\Petra - Chrome.lnk
2020-12-01 18:57 - 2020-12-01 20:06 - 000002394 _____ C:\Users\Pavel\Desktop\Pavel - Chrome.lnk
2020-11-30 12:44 - 2020-11-30 12:44 - 000481422 _____ C:\Users\Pavel\Downloads\informace-k-prijimacimu-rizeni-v-roce-2020-2021-2011152339.pdf
2020-11-30 09:51 - 2020-11-30 09:51 - 000000000 ____D C:\Users\Pavel\AppData\Local\OneDrive
2020-11-29 20:48 - 2020-12-03 16:55 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-11-29 20:48 - 2020-12-03 16:55 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-11-29 20:48 - 2020-11-29 20:48 - 000000000 ____D C:\Program Files\Google
2020-11-29 20:40 - 2020-11-29 20:40 - 001317080 _____ (Google LLC) C:\Users\Pavel\Downloads\ChromeSetup.exe
2020-11-29 19:50 - 2020-11-29 19:50 - 000000000 ____D C:\Users\Lukáš\AppData\Local\CEF
2020-11-29 16:18 - 2020-11-29 16:18 - 006542392 _____ (EnigmaSoft Limited) C:\Users\Pavel\Downloads\SpyHunter-Installer.exe
2020-11-29 15:49 - 2020-12-12 13:10 - 000001993 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-11-29 15:49 - 2020-12-12 13:10 - 000001981 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-11-29 15:49 - 2020-12-12 13:09 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-11-29 15:49 - 2020-11-29 15:49 - 000000000 ____D C:\Users\Pavel\AppData\Local\mbam
2020-11-29 15:48 - 2020-11-29 15:48 - 002076624 _____ (Malwarebytes) C:\Users\Pavel\Downloads\MBSetup.exe
2020-11-29 15:48 - 2020-11-29 15:48 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-11-29 15:48 - 2020-11-29 15:48 - 000000000 ____D C:\Program Files\Malwarebytes
2020-11-29 15:39 - 2020-11-29 15:40 - 000000000 ____D C:\AdwCleaner
2020-11-29 15:39 - 2020-11-29 15:39 - 008447152 _____ (Malwarebytes) C:\Users\Pavel\Desktop\AdwCleaner.exe
2020-11-29 15:26 - 2020-12-16 16:51 - 000000000 ____D C:\Users\Pavel\AppData\LocalLow\Mozilla
2020-11-29 15:26 - 2020-12-16 16:51 - 000000000 ____D C:\ProgramData\Mozilla
2020-11-29 15:26 - 2020-11-29 15:26 - 000000907 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-11-29 15:26 - 2020-11-29 15:26 - 000000895 _____ C:\Users\Public\Desktop\Firefox.lnk
2020-11-29 15:26 - 2020-11-29 15:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-11-29 15:26 - 2020-11-29 15:26 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\Mozilla
2020-11-29 15:26 - 2020-11-29 15:26 - 000000000 ____D C:\Users\Pavel\AppData\Local\Mozilla
2020-11-29 15:26 - 2020-11-29 15:26 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-11-29 14:52 - 2020-11-29 14:52 - 000000000 ____D C:\Users\Pavel\AppData\Local\CEF
2020-11-27 15:28 - 2020-12-11 23:40 - 000002428 _____ C:\WINDOWS\system32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
2020-11-27 15:28 - 2020-11-27 15:28 - 000000009 _____ C:\ProgramData\updateSuccess.txt
2020-11-24 23:22 - 2020-11-24 23:22 - 000191489 _____ C:\Users\Pavel\Desktop\Informace o správci příloh v systému Microsoft Windows.pdf
2020-11-18 11:01 - 2020-11-20 20:10 - 000000000 ____D C:\Users\Vojta\Desktop\Vojta
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-12-16 16:53 - 2020-03-26 20:13 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-12-16 16:52 - 2020-07-26 17:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-16 16:52 - 2020-07-26 17:03 - 000008192 ___SH C:\DumpStack.log.tmp
2020-12-16 16:52 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-16 16:52 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2020-12-16 16:52 - 2019-06-05 18:47 - 000000000 ____D C:\ProgramData\NVIDIA
2020-12-16 16:51 - 2020-04-17 18:50 - 000002479 _____ C:\Users\Pavel\Desktop\Microsoft Teams.lnk
2020-12-16 16:51 - 2019-12-16 13:23 - 000002084 _____ C:\Users\Pavel\Desktop\TLauncher.lnk
2020-12-16 16:26 - 2020-07-26 17:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-16 14:36 - 2019-12-16 13:23 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\.minecraft
2020-12-16 14:35 - 2019-12-16 13:24 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\.tlauncher
2020-12-16 13:48 - 2019-07-05 19:30 - 000000000 ____D C:\Program Files\Microsoft Office
2020-12-16 13:44 - 2019-06-05 18:46 - 000000000 ___RD C:\Users\Pavel\OneDrive
2020-12-15 17:15 - 2020-07-26 17:09 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-15 17:15 - 2019-12-07 15:43 - 000682184 _____ C:\WINDOWS\system32\perfh005.dat
2020-12-15 17:15 - 2019-12-07 15:43 - 000137000 _____ C:\WINDOWS\system32\perfc005.dat
2020-12-15 17:15 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2020-12-15 17:08 - 2019-07-14 07:19 - 000000000 ____D C:\Users\Pavel\AppData\Local\CrashDumps
2020-12-15 17:02 - 2019-07-04 16:40 - 000000000 ___RD C:\Users\Pavel\Dropbox
2020-12-15 16:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-12-15 14:52 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-15 13:35 - 2020-07-26 17:11 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1980947671-2380292906-1612769214-1003
2020-12-15 13:35 - 2020-07-26 17:04 - 000002365 _____ C:\Users\Vojta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-12-15 13:35 - 2019-07-03 16:29 - 000000000 ___RD C:\Users\Vojta\OneDrive
2020-12-14 20:54 - 2019-07-05 22:24 - 000000000 ____D C:\KMPlayer
2020-12-14 19:20 - 2020-07-26 17:11 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1980947671-2380292906-1612769214-1002
2020-12-14 19:20 - 2020-07-26 17:04 - 000002365 _____ C:\Users\Lukáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-12-14 19:20 - 2019-06-27 21:16 - 000000000 ___RD C:\Users\Lukáš\OneDrive
2020-12-13 15:40 - 2019-06-05 18:38 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-12-12 23:15 - 2020-07-26 17:11 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1980947671-2380292906-1612769214-1001
2020-12-12 23:15 - 2020-07-26 17:04 - 000002365 _____ C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-12-12 23:15 - 2019-12-16 13:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-12-12 23:15 - 2019-12-16 13:24 - 000000000 ____D C:\Program Files\Java
2020-12-12 23:13 - 2019-12-16 13:24 - 000192168 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2020-12-12 19:43 - 2020-06-05 15:58 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-12 19:43 - 2020-06-05 15:58 - 000002257 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-12-12 13:09 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-12-12 10:00 - 2020-10-29 19:19 - 000001425 _____ C:\Users\Lukáš\Desktop\Roblox Player.lnk
2020-12-12 10:00 - 2020-10-29 19:18 - 000001248 _____ C:\Users\Lukáš\Desktop\Roblox Studio.lnk
2020-12-12 10:00 - 2020-10-29 19:18 - 000000000 ____D C:\Users\Lukáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2020-12-11 23:46 - 2019-06-27 21:25 - 000000938 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2020-12-11 23:46 - 2019-06-27 21:25 - 000000934 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2020-12-11 23:40 - 2020-07-26 17:11 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-12-11 23:40 - 2020-07-26 17:11 - 000003452 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2020-12-11 23:40 - 2020-07-26 17:11 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-12-11 23:40 - 2020-07-26 17:11 - 000003228 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2020-12-11 22:40 - 2019-06-05 18:42 - 000000000 ____D C:\Users\Pavel\AppData\Local\VirtualStore
2020-12-11 19:32 - 2020-10-29 18:31 - 000001425 _____ C:\Users\Vojta\Desktop\Roblox Player.lnk
2020-12-11 19:32 - 2020-10-29 18:31 - 000001248 _____ C:\Users\Vojta\Desktop\Roblox Studio.lnk
2020-12-11 19:32 - 2020-10-29 18:31 - 000000000 ____D C:\Users\Vojta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2020-12-10 23:04 - 2020-07-26 17:03 - 000437992 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-10 23:03 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-12-10 23:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-10 23:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-10 23:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-12-10 23:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-10 23:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-12-10 23:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-10 23:03 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-10 23:03 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-10 20:37 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-08 13:37 - 2020-07-26 17:04 - 000000000 ____D C:\Users\Lukáš
2020-12-07 22:19 - 2020-07-26 17:04 - 000000000 ____D C:\Users\Vojta
2020-12-07 22:19 - 2020-07-26 17:04 - 000000000 ____D C:\Users\Pavel
2020-12-06 13:18 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-12-05 19:03 - 2019-06-05 18:42 - 000000000 ____D C:\Users\Pavel\AppData\Local\Packages
2020-12-03 22:06 - 2019-06-05 18:45 - 000000000 ____D C:\Users\Pavel\AppData\Local\PlaceholderTileLogoFolder
2020-12-03 08:12 - 2019-06-27 21:25 - 000000000 ____D C:\Program Files (x86)\Dropbox
2020-12-01 08:59 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps.tmp
2020-11-30 16:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\registration
2020-11-29 20:48 - 2019-06-05 18:47 - 000000000 ____D C:\Users\Pavel\AppData\Local\Google
2020-11-29 20:48 - 2019-06-05 18:47 - 000000000 ____D C:\Program Files (x86)\Google
2020-11-28 20:40 - 2019-07-05 19:24 - 000000000 ____D C:\Users\Pavel\AppData\Local\D3DSCache
2020-11-25 07:40 - 2020-03-26 20:13 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\TeamViewer
2020-11-19 16:49 - 2019-07-01 07:48 - 000000000 ____D C:\Users\Pavel\Desktop\Beruška nová
2020-11-18 03:19 - 2019-06-05 18:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-11-18 03:16 - 2019-06-05 18:50 - 133736600 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-11-17 11:08 - 2020-04-17 18:50 - 000002368 _____ C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
==================== Files in the root of some directories ========
2020-03-24 13:49 - 2020-03-24 13:49 - 000000017 _____ () C:\Users\Pavel\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================