Blbnutí kláves a kontrola logu

Scientific · Příspěvekod **Scientific** » 03 dub 2020 17:34

EDIT: Napadlo mě připojit externí klávesnici přes USB a tam problém nenastává, ale to je trochu něo jiného.

Ahoj, prosím o kontrolu logu. Děkuji moc za pomoc.

Nějak mi začala včera blbnout klávesa [s] nebo [d], ted nevím, jedna z nich, dnes blbne [c], jsem zvědav jaká klávesa to bude zítra. :-D

Někdy stisknu [C], tak se nic reálně nenapíše, nebo naopak dvě céčka apod.

Simulace (střídání [c] a [-])
Klasicky:
cc-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-cc-cc-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-cc-c-c-c-c-c-c-cc-c-c-c-c-cc-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-cc--c-c-c-c-c-c-c-c-c-c-cc-cc-c-c-cc-c-c-c-c-c-c-c--c-c-c-c-c--c-cc-c---c-c-c-c-c-c-c-c-c-cc-ccc-c-c-c---c-c-c-c--c-c-c-c-cc---c-c-ccc-c-c-c-cc--c-c-c-c-c-cc----cc-cc-cc-c-cc-c-c-c-cc-cc-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-cc-c-c-c-c-c-cc-cc-c-c-c-c-c-c-c-cc-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-cc-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-cc-c-c-c-c-c-c-c-c-c-cc-c-c-c-cc-c--c-c-c-cc-cc-cc-c-cc-c-c-c-c-c-c-c-c-c-c-c-c-c-c-c-cc-c-c-cc-cc-c-c-c-c-c-c-c-c-c-cc-c-c-c-cc--cc--c-c-c--c-c-

Caps Lok on (pro kopírování můím využít pravé tlačítko myši a kopírovat):
C-C-------------CC-CCC-CC-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-CC--C--C-C-CC--CCC--C-----------------CC----C-C-C-C-C-----C-------C-C-C-C-C-C-C-C-C--

Push shift (Velké C musím psát s capslokem nebo držet pár vteřin [shift]+[c] a čekat dokud se jedno neotiskne):
_____________________C_C_________________C_C______C________________________________________________________________________________________

Simulace (střídání [o] a [-]) naprosto bez problémů
o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o

O-O-O-O-O-O-O-O-O-O-O-O-O-O-O-O-O-O-O-O-O-O-O-O-O-O-O-O-O

O_O_O_O_O_O_O_O_O_O_O_O_O_O_O_O_O_O_O_O

Zde jsou informace o notebooku
Jedná se o notebook Dell Inspiron 17 5770 s windows 10

Zde je log.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:20:00, on 03.04.2020
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.18362.0001)

Boot mode: Normal

Running processes:
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
C:\Users\Petr\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\WindowsApps\48405AmbientSoftware.WidgetsFree_3.3.39.0_x86__agy8jafheqhng\WidgetsDesktop\WidgetsDesktop.exe
C:\Program Files (x86)\DeskPins\DeskPins.exe
C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\WinSCP\WinSCP.exe
C:\Program Files (x86)\Notepad++\notepad++.exe
C:\Program Files (x86)\ManicTime\ManicTimeClient.exe
D:\Stažené soubory\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=29530
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 178.238.41.121:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_211\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_211\bin\jp2ssv.dll
O4 - HKLM\..\Run: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
O4 - HKLM\..\Run: [Lightshot] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Petr\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Petr\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Petr\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [ManicTimeC34F57B2DA6E6758] C:\Program Files (x86)\ManicTime\ManicTime.exe /minimized /name:
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: DeskPins.lnk = C:\Program Files (x86)\DeskPins\DeskPins.exe
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 1510 series (kopie 1).lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - (no CLSID) - (no file)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Unknown owner - C:\WINDOWS\System32\drivers\AdminService.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\ki127390.inf_amd64_e1ccb879ece8f084\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\ki127390.inf_amd64_e1ccb879ece8f084\IntelCpHDCPSvc.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_32476 - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: Dell Command | Power Manager Notify (dcpm-notify) - Dell Inc. - C:\Program Files\Dell\CommandPowerManager\NotifyService.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @oem14.inf,%ServiceDisplayName%;Intel(R) Dynamic Platform and Thermal Framework service (esifsvc) - Unknown owner - C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\ki127390.inf_amd64_e1ccb879ece8f084\igfxCUIService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: Waves Audio Services (WavesSysSvc) - Waves Audio Ltd. - C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12598 bytes

Reklama

Příspěvekod **jaro3** » 03 dub 2020 19:15

To může být taky vadná klávesnice..

Stáhni si ATF Cleaner
https://www.majorgeeks.com/mg/getmirror ... ner,2.html
Poklepej na ATF Cleaner.exe, klikni na select all, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.

Stáhni si TFC
http://www.geekstogo.com/forum/files/fi ... -oldtimer/
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode
http://www.bleepingcomputer.com/download/adwcleaner/
http://www.adlice.com/downloadprogress/
pro majitele win7 stáhni zde:
https://filehippo.com/download_adwcleaner/ ( nedávej aktualizaci!)

Ulož si ho na svojí plochu . Klikni na „Souhlasím“ k povrzení podmínek.
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Skenování“
Po skenu se objeví log , který se otevře. ( jinak je uložen systémovem disku jako C:\AdwCleaner [C?].txt ), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware na plochu , nainstaluj a spusť ho
-Pokud není program aktuální , klikni na možnost „Aktualizovat nyní“ či „Opravit nyní“.
- bude nalezena aktualizace a nainstaluje se.
- poté klikni na Spustit skenování
- po proběhnutí skenu se ti objeví hláška vpravo dole, tak klikni na Zobrazit zprávu a vyber Export a vyber Kopírovat do schránky a vlož sem celý log. Nebo klikni na „Textový soubor ( .txt)“ a log si ulož.
-jinak se log nachází v programu po kliknutí na „Zprávy“ , nebo je uložen zde: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs

- po té klikni na tlačítko Dokončit, a program zavři křížkem vpravo nahoře.
(zatím nic nemaž!).
Pokud budou problémy , spusť v nouz. režimu.

Scientific · Příspěvekod **Scientific** » 03 dub 2020 21:04

Děkuji ti za pomoc.

ATF leaner
Nejde, protože v něm mám firefox tlačítko neaktivní (šedé, neklikatelné), mě by to bylo stejně k ničemu používám ví profilů souběžně, ten program by to stejně neuměl. Nechápu ale, že to nešlo aplikovat ani na hlavní profil. To je ale dobře, posledně mi ten program jen napáchal škody. Tuším, že mi odebral doplňky, smazal hesla uložená v prohlížeči, přišel jsem o důležité cookies atd. Historii, sem pak něo hledal a skrz smazanou hostorii jsem to nenašel a elkově několik hodin prácec mi přidělal. Mimo firefox windows leaner jsem dle pokynů nedělal hádám, že to udělal TFC. Naví to asi postrádá účel to mazat, když se ledaos stáhne zase zpátky z cloudu.

TF
Oproti dalším skenům vzhledem k mému hodně premiovemu SSD to trvalo poměrně dlouho.Bylo smazáno 8 GB dat.
Počítač se sám nerestartoval.

AdwCeaner
Vybral jsem si první odkaz.
# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build: 04-03-2020
# Database: 2020-04-03.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 04-03-2020
# Duration: 00:00:29
# OS: Windows 10 Home
# Scanned: 32067
# Detected: 23

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.AdvancedSystemCare C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\ProgramData\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Users\Petr\AppData\LocalLow\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Users\Petr\AppData\Roaming\IObit\Advanced SystemCare
PUP.Optional.Seznam.cz C:\Program Files (x86)\Seznam.cz
PUP.Optional.Seznam.cz C:\Users\Petr\AppData\Roaming\Seznam.cz

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\IOBIT\ASC
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\IObit\Advanced SystemCare
PUP.Optional.Legacy HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{94885E99-5CA0-445E-8ACF-94C9A461000C}
PUP.Optional.Legacy HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{C82E4EC9-0B03-4DCF-BE26-AF95938E52C7}
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.autoupdate
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.szndesktop
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
PUP.Optional.Seznam.cz HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm
PUP.Optional.Seznam.cz HKCU\Software\Seznam.cz
PUP.Optional.Seznam.cz HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
PUP.Optional.Seznam.cz HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|seznam-listicka-distribuce

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.DellCommand|PowerManager Folder C:\Program Files\DELL\COMMANDPOWERMANAGER
Preinstalled.DellCommand|PowerManager Folder C:\ProgramData\DELL\COMMANDPOWERMANAGER
Preinstalled.DellCommand|PowerManager Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{18469ED8-8C36-4CF7-BD43-0FC9B1931AF8}
Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\DELL\UPDATESERVICE

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Malwarebytes' Anti-Malware

Malwarebytes
http://www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 03.04.20
Čas skenování: 20:38
Logovací soubor: 55e66fc2-75da-11ea-bd90-2c6fc908e2fc.json

-Informace o softwaru-
Verze: 4.1.0.56
Verze komponentů: 1.0.867
Aktualizovat verzi balíku komponent: 1.0.21854
Licence: Zkušební

-Systémová informace-
OS: Windows 10 (Build 18362.720)
CPU: x64
Systém souborů: NTFS
Uživatel: DESKTOP-7GJSA1T\Petr

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 363052
Zjištěné hrozby: 6
Hrozby umístěné do karantény: 0
Uplynulý čas: 1 min, 51 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 1
PUP.Optional.AdvancedSystemCare, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IOBIT_MONITOR_SERVER, Žádná uživatelská akce, 3820, 580520, 1.0.21854, , ame,

Hodnota v registru: 1
PUP.Optional.AdvancedSystemCare, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IOBIT_MONITOR_SERVER|IMAGEPATH, Žádná uživatelská akce, 3820, 580520, 1.0.21854, , ame,

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 4
PUP.Optional.PrivacyFF, C:\USERS\PETR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TK5P2PF2.DEFAULT-RELEASE\EXTENSIONS\{0FDE9597-0508-47FF-AD8A-793FA059C4E7}.XPI, Žádná uživatelská akce, 4564, 751689, 1.0.21854, , ame,
PUP.Optional.Seznam, D:\STAžENé SOUBORY\UNLOCKER.EXE, Žádná uživatelská akce, 679, 623984, 1.0.21854, , ame,
RiskWare.Tool.CK, D:\STAžENé SOUBORY\ULTRAISO.PREMIUM.EDITION.V9.5.0.2800.RETAIL.RAR, Žádná uživatelská akce, 7381, 54025, 1.0.21854, , ame,

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)

(end)

Příspěvekod **jaro3** » 03 dub 2020 22:17

Hesla to nesmaže úplně , stačí je znova vložit , prohlížeč si je pamatuje. Tedy pokud postupuješ podle rad.

Vyčisti systém CCleanerem
http://www.piriform.com/ccleaner/download/standard

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Skenování“ , po prohledání klikni na „ Čištění“

Program provede opravu, po automatickém restartu klikni na „Log soubor“ a pak poklepej na odpovídají log, (C:\AdwCleaner [C?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu
http://www.bleepingcomputer.com/downloa ... oval-tool/
https://downloads.malwarebytes.com/file/JRT-EOL
na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

. spusť znovu Malwarebytes' Anti-Malware a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

Sophos Virus Removal Tool je praktický softwarový nástroj, který by mohl odstranit infekce, které antivirový program nedetekuje .
Stáhněte si ho zde z některého odkazu:
http://www.majorgeeks.com/files/details ... _tool.html
http://www.majorgeeks.com/mg/get/sophos ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,2.html

Viry mohou zpomalit počítač, nebo se snaží ukrást vaše data, a ani nevíte , že je máte. Co potřebujete, je rychlý a snadný způsob, jak je najít a zbavit se jich, pokud již máte antivirový program v počítači nainstalován , můžete nainstalovat i nástroj Sophos Virus Removal , který identifikuje a vyčistí zbylé infekce, které mohl Váš antivirový program přehlédnout.
K použití Sophos Virus Removal Tool na něj poklepejte a stiskněte tlačítko „Start scanning“ . Pak bude Sophos Virus Removal Tool vyhledávat a odstraňovat viry, které najde. Může být vyžadován restart.
Pokud byly nalezeny viry , tak po skenu klikni na „Details…“ a potom na „View log file“. Zkopíruj celý log a vlož ho sem. Potom zavři „threat detail“ a klikni na „Start cleanup“.
Jinak se log nachází zde:
C:\ProgramData\Sophos\Sophos Virus Removal Tool\Logs

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.adlice.com/download/roguekil ... HlwZT14ODY
64bit.:
http://www.adlice.com/download/roguekil ... HlwZT14NjQ
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7,8,10 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“
- Program skenuje procesy PC. Po proskenování klikni na „Open Report “ , v okně pak na „Open TXT“ a celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků

další odkazy:
http://www.adlice.com/download/roguekiller/
http://www.bleepingcomputer.com/download/roguekiller/

Scientific · Příspěvekod **Scientific** » 04 dub 2020 15:27

Nejde jen o klávesnici blbne mi i myš, mnohdy pozoruji, že kliká dvakrát při jednom kliknutí myši. Vzpomněl jsem si na to po kliknutí v ccccleaneru na tlačítko analyze a ono to kliklo dvakrát tak se hned ta analyza zase pozastavila, protože se analyze tlačítko po kliknutí změnilo na pause a tak při dvou kliknutí namísto jednoho se to hne pozastavilo.

CCleaner
Smazáno 8 GB
Smazal jsem si historii, připadám si jako po smazání telefonního seznamu, který nemám zálohovaný. :-)

AdwCClleaner
# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build: 04-03-2020
# Database: 2020-04-03.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-03-2020
# Duration: 00:00:02
# OS: Windows 10 Home
# Cleaned: 23
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\ProgramData\IObit\Advanced SystemCare
Deleted C:\Users\Petr\AppData\LocalLow\IObit\Advanced SystemCare
Deleted C:\Users\Petr\AppData\Roaming\IObit\Advanced SystemCare
Deleted C:\Users\Petr\AppData\Roaming\Seznam.cz

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
Deleted HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{94885E99-5CA0-445E-8ACF-94C9A461000C}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{C82E4EC9-0B03-4DCF-BE26-AF95938E52C7}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
Deleted HKLM\Software\Wow6432Node\IOBIT\ASC
Deleted HKLM\Software\Wow6432Node\IObit\Advanced SystemCare
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|seznam-listicka-distribuce

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.DellCommand|PowerManager Folder C:\Program Files\DELL\COMMANDPOWERMANAGER
Deleted Preinstalled.DellCommand|PowerManager Folder C:\ProgramData\DELL\COMMANDPOWERMANAGER
Deleted Preinstalled.DellCommand|PowerManager Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{18469ED8-8C36-4CF7-BD43-0FC9B1931AF8}
Deleted Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\DELL\UPDATESERVICE

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3706 octets] - [03/04/2020 20:30:47]
AdwCleaner[S01].txt - [3767 octets] - [03/04/2020 23:02:35]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

JRT
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64
Ran by Petr (Administrator) on 03.04.2020 at 23:17:19,03
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 7

Successfully deleted: C:\ProgramData\productdata (Folder)
Successfully deleted: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\25qzwwv1.default\user.js (File)
Successfully deleted: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\tk5p2pf2.default-release\extensions\staged (Folder)
Successfully deleted: C:\WINDOWS\system32\Tasks\update-S-1-5-21-1655598053-1459283977-1014168971-1001 (Task)
Successfully deleted: C:\WINDOWS\system32\Tasks\update-sys (Task)
Successfully deleted: C:\WINDOWS\Tasks\update-S-1-5-21-1655598053-1459283977-1014168971-1001.job (Task)
Successfully deleted: C:\WINDOWS\Tasks\update-sys.job (Task)

Registry: 1

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{44B61067-927F-4C0B-9236-E634818DD6AF} (Registry Key)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.04.2020 at 23:19:15,51
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

MBAM
Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 03.04.20
Čas skenování: 23:23
Logovací soubor: 67928f64-75f1-11ea-8aa6-8cec4b1f788b.json

-Informace o softwaru-
Verze: 4.1.0.56
Verze komponentů: 1.0.867
Aktualizovat verzi balíku komponent: 1.0.21862
Licence: Zkušební

-Systémová informace-
OS: Windows 10 (Build 18362.720)
CPU: x64
Systém souborů: NTFS
Uživatel: DESKTOP-7GJSA1T\Petr

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 362870
Zjištěné hrozby: 5
Hrozby umístěné do karantény: 5
Uplynulý čas: 1 min, 47 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 1
PUP.Optional.AdvancedSystemCare, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IOBIT_MONITOR_SERVER, V karanténě, 3820, 580520, 1.0.21862, , ame,

Hodnota v registru: 1
PUP.Optional.AdvancedSystemCare, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IOBIT_MONITOR_SERVER|IMAGEPATH, V karanténě, 3820, 580520, 1.0.21862, , ame,

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 3
PUP.Optional.PrivacyFF, C:\USERS\PETR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TK5P2PF2.DEFAULT-RELEASE\EXTENSIONS\{0FDE9597-0508-47FF-AD8A-793FA059C4E7}.XPI, V karanténě, 4564, 751689, 1.0.21862, , ame,
RiskWare.Tool.CK, D:\STAžENé SOUBORY\ULTRAISO.PREMIUM.EDITION.V9.5.0.2800.RETAIL.RAR, V karanténě, 7381, 54025, 1.0.21862, , ame,
PUP.Optional.Seznam, D:\STAžENé SOUBORY\UNLOCKER.EXE, V karanténě, 679, 623984, 1.0.21862, , ame,

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)

(end)

Sophos
Trvalo to cccca. 5 hodin. Určitě se nedá říct, že doba skenu je zavislá na počtu nalezenýh nákaz, ale na počtu sklenovaných dat. Tento program mi zřejmě jako jediný skenoval všechny tři disky v notebooku celkem 1,2 GB dat ve většině v malýh souboreh. Log nemám, protože žádný neexistuje, stejně to nenašlo žádnou nákazu.

RK
Tenhle program mi hádám smazal proxy nastavení hlavního firefox profilu, ale to nevadí.

RogueKiller Anti-Malware V14.4.0.0 (x64) [Apr 1 2020] (Free) by Adlice Software
mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.18362) 64 bits
Started in : Normal mode
User : Petr [Administrator]
Started from : C:\Users\Petr\Desktop\RogueKiller_portable64.exe
Signatures : 20200401_101244, Driver : Loaded
Mode : Standard Scan, Scan -- Date : 2020/04/04 14:57:18 (Duration : 00:09:10)

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
>>>>>> R5 - Proxy
[PUM.Proxy (Potentially Malicious)] (X64) HKEY_USERS\S-1-5-21-1655598053-1459283977-1014168971-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings|ProxyServer -- 178.238.*.*:3128 -> Found

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
>>>>>> Firefox Config
[PUM.Proxy (Potentially Malicious)] network.proxy.http (C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\tk5p2pf2.default-release\prefs.js) -- server.cz -> Found
[PUM.Proxy (Potentially Malicious)] network.proxy.http_port (C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\tk5p2pf2.default-release\prefs.js) -- 3128 -> Found

Příspěvekod **jaro3** » 04 dub 2020 19:20

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“,
po jeho skončení - vše zatrhni (dej zatržítka vlevo od nálezů , do bílých políček)
- pak klikni na "Remove Selected"
- Počkej, dokud Status box nezobrazí " Removal finished, please review result "
- Klikni na "Open report " a pak na " Open TXT“ a zkopíruj ten log a vlož obsah té zprávy prosím sem. Log je možno nalézt v C:\ProgramData\RogueKiller\Logs - Zavři RogueKiller.

Vypni antivir i firewall.
Stáhni Zoek.exe
http://download.bleepingcomputer.com/smeenk/zoek.exe

Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
-pozor , náběh programu může trvat déle.
Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log Zkopíruj sem celý obsah toho logu.
Pokud budou problémy , spusť zoek v nouz. režimu.

Stáhni si Zemana AntiMalware Free z tohoto odkazu:
https://www.zemana.com/Download/AntiMal ... .Setup.exe
a ulož si ho na plochu.
Poklepej na tento soubor na ploše a postupuj podle pokynů k instalaci programu.
Přijmi licenci k používání programu EULA , pokud se nabídne.
Pokud je k dispozici aktualizace programu , klepni na tlačítko „Update now“ ( aktualizovat nyní).
Můžeš si zatrhnout i vytvoření bodu obnovy:
Klikni na ozubené kolečko , poté na „Skenování“ a zatrhni „vytvářet body obnovy“.
Vrať se zpět ( klikni na domeček).
Zavři všechny otevřené soubory, složky a prohlížeče
Neměň žádné nastavení. Klikni na „Skenovat“.
Po skenu lze vidět , zda jsou nějaké nákazy. Klikni na „Další“. Nákazy budou přemístěny do karantény.
Když je skenování dokončeno, objeví se tisková zpráva , zkopíruj sem celý obsah té zprávy.
Jinak můžeš zprávy vidět , když klikneš vpravo nahoře na „ zprávy“.

Vlož nový log z HJT + informuj o problémech.

Scientific · Příspěvekod **Scientific** » 04 dub 2020 21:49

Problémy mi to bohužel neopravilo, jen vedlejší ztráty se kterými jsem počítal. Smazalo mi to totiž historii, custom nastavení prohlížečů a některé oblíbené programy. Naví mi vznikla služba po spuštění, se kterou nejde nijak hnout, ani se podívat na vlastnosti, zřejmě odinstalovaná aplikae Lightshot od Skillbrains. Viz obrázek.

Dále na obrázku je, že mi některý z programů zřejmě nějak poškodil hosts soubor (Zoek). Viz obrázek.

Všiml jsi si v některém logu něčeho zajímavého? Hádám, že žádný vir jsem v notebooku ani neměl ne? Děkuji ti mo za pomo, i když to bylo k ničemu, nenapadá mě, o s tím dělat, tak asi zavolám technika od Dell, ať přijede s klávesnicí. Ještě zkusím vymyslet nějak ověřit tu myš, jestli skutečně nekliká dvakrát někdy, všiml jsem si toho ale už ve vícce programech. Tak celkově nevím o s tím, znamenalo by to velký špatný, když bbne jak klávesnie, tak i myš.Ale to by zase neblbla jen nejspíš jedná klávesa to céčko. Nechápu co se mi to zase děje, HW nerozumím, ale obvykle tehnické věci nemám problém pochopit. :-D

RK
RogueKiller Anti-Malware V14.4.0.0 (x64) [Apr 1 2020] (Free) by Adlice Software
mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.18362) 64 bits
Started in : Normal mode
User : Petr [Administrator]
Started from : C:\Users\Petr\Desktop\RogueKiller_portable64.exe
Signatures : 20200401_101244, Driver : Loaded
Mode : Standard Scan, Delete -- Date : 2020/04/04 20:04:22 (Duration : 00:09:05)

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Delete ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[PUM.Proxy (Potentially Malicious)] HKEY_USERS\S-1-5-21-1655598053-1459283977-1014168971-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings|ProxyServer -- -> Deleted
[PUM.Proxy (Potentially Malicious)] network.proxy.http -- server.cz -> Deleted
[PUM.Proxy (Potentially Malicious)] network.proxy.http_port -- 3128 -> Deleted

Zoek
Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by Petr on 04.04.2020 at 20:08:21,36.
Microsoft Windows 10 Home 10.0.18362 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Petr\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

04.04.2020 20:10:19 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\COMMON~1\IObit deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\PROGRA~3\ssh deleted successfully
C:\PROGRA~3\SupportAssist deleted successfully
C:\Users\outlook\AppData\Local\VirtualStore deleted successfully
C:\Users\outlook.DESKTOP-7GJSA1T\AppData\Local\PlaceholderTileLogoFolder deleted successfully
C:\Users\outlook.DESKTOP-7GJSA1T\AppData\Local\VirtualStore deleted successfully
C:\Users\Petr\AppData\Local\DBG deleted successfully
C:\Users\Petr\AppData\Local\GHISLER deleted successfully
C:\Users\Petr\AppData\Local\gtk-3.0 deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\DBG deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Packages deleted successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\outlook.DESKTOP-7GJSA1T\AppData\Roaming\Mozilla\Firefox\Profiles\xyzrb2ju.default-release\prefs.js:

Added to C:\Users\outlook.DESKTOP-7GJSA1T\AppData\Roaming\Mozilla\Firefox\Profiles\xyzrb2ju.default-release\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\tk5p2pf2.default-release\prefs.js:

Added to C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\tk5p2pf2.default-release\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\Petr\AppData\Roaming\Thunderbird\Profiles\u83iqws3.default\prefs.js:

Added to C:\Users\Petr\AppData\Roaming\Thunderbird\Profiles\u83iqws3.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\25qzwwv1.default\prefs.js:

Added to C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\25qzwwv1.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\outlook.DESKTOP-7GJSA1T\AppData\Roaming\Mozilla\Firefox\Profiles\xyzrb2ju.default-release

user.js not found
---- Lines searchengine removed from prefs.js ----
user_pref("browser.pageActions.persistedActions", "{\"version\":1,\"ids\":[\"bookmark\",\"pinTab\",\"bookmarkSeparator\",\"copyURL\",\"emailLink\",\"a
---- FireFox user.js and prefs.js backups ----

prefs__2039_.backup

ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\tk5p2pf2.default-release

user.js not found
---- Lines searchengine removed from prefs.js ----
user_pref("browser.pageActions.persistedActions", "{\"version\":1,\"ids\":[\"bookmark\",\"pinTab\",\"bookmarkSeparator\",\"copyURL\",\"emailLink\",\"a
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 3);
---- FireFox user.js and prefs.js backups ----

prefs__2039_.backup

ProfilePath: C:\Users\Petr\AppData\Roaming\Thunderbird\Profiles\u83iqws3.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs__2039_.backup

ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\25qzwwv1.default

user.js not found
---- FireFox user.js and prefs.js backups ----

==== Deleting Files \ Folders ======================

C:\Users\Petr\AppData\Roaming\Code deleted
C:\Users\Petr\AppData\Roaming\GitHub Desktop deleted
C:\Users\Petr\.android deleted
C:\PROGRA~2\Skillbrains deleted
C:\PROGRA~3\{2F8AE550-5F50-4773-BF82-805D99AD42B5} deleted
C:\PROGRA~3\{D76294E6-03B8-4971-AF2E-3F846161A690} deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Petr\AppData\Local\updater.log deleted
C:\Users\Petr\AppData\Local\cache deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-158-d8c-5fd36c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-158-d8c-5fd3ad.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-158-d8c-5fd3be.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-158-d8c-5fd3d0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-158-d8c-5fd3d2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-158-d8c-5fd3e4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-158-d8c-5fd3f5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-158-d8c-5fd407.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-158-d8c-5fd419.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-158-d8c-5fd42a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-158-d8c-5fd43c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-158-d8c-5fd44d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-158-d8c-5fd44f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-158-d8c-5fd461.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-158-d8c-5fd473.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-158-d8c-5fd484.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-158-d8c-5fd486.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-158-d8c-5fd498.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-158-d8c-5fd4aa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16b8-1060-67a08e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16b8-1060-67a0bf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16b8-1060-67a0d0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16b8-1060-67a0e2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16b8-1060-67a0f4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16b8-1060-67a105.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16b8-1060-67a117.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16b8-1060-67a129.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16b8-1060-67a12b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16b8-1060-67a13c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16b8-1060-67a14e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16b8-1060-67a150.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16b8-1060-67a161.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16b8-1060-67a173.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16b8-1060-67a185.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16b8-1060-67a1a6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16b8-1060-67a1a8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16b8-1060-67a1c9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16b8-1060-67a1cb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1894-ac0-a76080.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1894-ac0-a760a1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1894-ac0-a760b3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1894-ac0-a76151.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1894-ac0-a76163.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1894-ac0-a76175.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1894-ac0-a76186.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1894-ac0-a76198.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1894-ac0-a761a9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1894-ac0-a761da.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1894-ac0-a7624a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1894-ac0-a7625b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1894-ac0-a7627d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1894-ac0-a7628e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1894-ac0-a762af.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1894-ac0-a762c1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1894-ac0-a76350.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1894-ac0-a76361.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1894-ac0-a76373.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1fa4-21c4-1ac7a4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1fa4-21c4-1ac7b6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1fa4-21c4-1ac7b8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1fa4-21c4-1ac7ba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1fa4-21c4-1ac7cc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1fa4-21c4-1ac7ce.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1fa4-21c4-1ac7d0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1fa4-21c4-1ac7e1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1fa4-21c4-1ac7e3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1fa4-21c4-1ac7e5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1fa4-21c4-1ac7f7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1fa4-21c4-1ac7f9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1fa4-21c4-1ac7fb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1fa4-21c4-1ac80c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1fa4-21c4-1ac81e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1fa4-21c4-1ac820.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1fa4-21c4-1ac822.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1fa4-21c4-1ac824.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1fa4-21c4-1ac826.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28c0-63d4-2048508a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28c0-63d4-2048509c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28c0-63d4-204850ae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28c0-63d4-204850bf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28c0-63d4-204850d1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28c0-63d4-204850e3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28c0-63d4-204850e5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28c0-63d4-204850f6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28c0-63d4-20485108.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28c0-63d4-20485119.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28c0-63d4-2048511b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28c0-63d4-2048512d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28c0-63d4-2048513f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28c0-63d4-20485150.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28c0-63d4-20485162.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28c0-63d4-20485164.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28c0-63d4-20485176.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28c0-63d4-20485187.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28c0-63d4-20485199.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b28-2b10-ae164.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b28-2b10-ae1c4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b28-2b10-ae1e5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b28-2b10-ae206.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b28-2b10-ae227.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b28-2b10-ae239.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b28-2b10-ae24b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b28-2b10-ae25c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b28-2b10-ae26e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b28-2b10-ae28f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b28-2b10-ae2a1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b28-2b10-ae2b2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b28-2b10-ae2d4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b28-2b10-ae2e5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b28-2b10-ae307.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b28-2b10-ae328.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b28-2b10-ae339.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b28-2b10-ae35b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b28-2b10-ae3ca.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c10-1740-32267a4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c10-1740-32267d5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c10-1740-32267e6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c10-1740-3226807.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c10-1740-3226819.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c10-1740-322681b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c10-1740-322682d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c10-1740-322683e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c10-1740-3226850.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c10-1740-3226862.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c10-1740-3226873.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c10-1740-3226875.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c10-1740-3226887.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c10-1740-3226898.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c10-1740-32268aa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c10-1740-32268bc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c10-1740-32268cd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c10-1740-32268cf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c10-1740-32268e1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f24-2fa4-a2400.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f24-2fa4-a2411.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f24-2fa4-a2423.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f24-2fa4-a2434.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f24-2fa4-a2446.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f24-2fa4-a2448.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f24-2fa4-a245a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f24-2fa4-a246b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f24-2fa4-a247d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f24-2fa4-a247f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f24-2fa4-a2491.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f24-2fa4-a24a2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f24-2fa4-a24b4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f24-2fa4-a24c5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f24-2fa4-a24d7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f24-2fa4-a24d9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f24-2fa4-a24fa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f24-2fa4-a24fc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2f24-2fa4-a250e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3264-22ec-32d57b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3264-22ec-32d59c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3264-22ec-32d5ad.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3264-22ec-32d5af.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3264-22ec-32d5c1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3264-22ec-32d5c3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3264-22ec-32d5d5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3264-22ec-32d5d7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3264-22ec-32d5e8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3264-22ec-32d5ea.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3264-22ec-32d5fc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3264-22ec-32d5fe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3264-22ec-32d610.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3264-22ec-32d612.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3264-22ec-32d614.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3264-22ec-32d625.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3264-22ec-32d637.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3264-22ec-32d639.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3264-22ec-32d64a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-58c0-1cb4-1a4f6681.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-58c0-1cb4-1a4f66a2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-58c0-1cb4-1a4f66b3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-58c0-1cb4-1a4f66b5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-58c0-1cb4-1a4f66c7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-58c0-1cb4-1a4f66e8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-58c0-1cb4-1a4f66ea.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-58c0-1cb4-1a4f670c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-58c0-1cb4-1a4f671d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-58c0-1cb4-1a4f673e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-58c0-1cb4-1a4f676f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-58c0-1cb4-1a4f68d9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-58c0-1cb4-1a4f68ea.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-58c0-1cb4-1a4f691b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-58c0-1cb4-1a4f693c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-58c0-1cb4-1a4f694e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-58c0-1cb4-1a4f697f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-58c0-1cb4-1a4f6991.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-58c0-1cb4-1a4f69a2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a34-900-2ea3a0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a34-900-2ea3b2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a34-900-2ea3c4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a34-900-2ea3d5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a34-900-2ea3e7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a34-900-2ea3e9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a34-900-2ea3fa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a34-900-2ea40c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a34-900-2ea42d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a34-900-2ea44f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a34-900-2ea451.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a34-900-2ea462.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a34-900-2ea483.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a34-900-2ea495.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a34-900-2ea497.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a34-900-2ea4b8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a34-900-2ea4da.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a34-900-2ea4eb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a34-900-2ea50c.tmp deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\GPT.INI deleted
C:\WINDOWS\Syswow64\GroupPolicy\gpt.ini deleted
C:\Users\Petr\AppData\Roaming\Thunderbird\Profiles\u83iqws3.default\extensions\staged deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\outlook.DESKTOP-7GJSA1T\AppData\Roaming\Mozilla\Firefox\Profiles\xyzrb2ju.default-release
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\tk5p2pf2.default-release
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\Petr\AppData\Roaming\Thunderbird\Profiles\u83iqws3.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\25qzwwv1.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\tk5p2pf2.default-release
- Firefox Multi-Account Containers - %ProfilePath%\extensions\@testpilot-containers.xpi
- esk slovnk pro kontrolu pravopisu - %ProfilePath%\extensions\cs@dictionaries.addons.mozilla.org.xpi
- BuiltWith - %ProfilePath%\extensions\gary@builtwith.com.xpi
- __MSG_name__ - %ProfilePath%\extensions\jid0-jJRRRBMgoShUhb07IvnxTBAl29w@jetpack.xpi
- short_ __MSG_extensionDescription__ - %ProfilePath%\extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi
- __MSG_name__ - %ProfilePath%\extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi
- Page Hacker - %ProfilePath%\extensions\pagehacker-nico@nc.xpi
- Self Destroying Cookies - %ProfilePath%\extensions\selfdestroyingcookies@dirtylittlehelpers.com.xpi
- manifest_version:2__MSG_manifest_app_name__version:2.5.20description:__MSG_manifest_app_description__key:MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhwZJT76btQ04EEMOFtZPLESD1TmSVjbLjs0OyesD9Ht8YllFPfJ3qmtbSQGVuvmxH1GKjUO2QcEWb8bHuOjoRlq20fi5j5Aq90O8FKETy5D8PxCyi3WmnquiEwaE5cNmaCswG2JlObZOtdQQKOvMxBAegABYimEGfSvCMVUEvpymys0gBhLoch72zPAiJUBkf0z8BtjYTueMRcRXkrSeRPLygUDQnZ1TkQWMYYBpzqpD5ggxytAklEMQzR9Hn0lqu5s7iuUAgihbysPn8Wh00Zj5FySpKKcpG3JS7UWxC28oSt8z5ZR3YimnXHX3P36V0mC1pgM4o7wIDAQABicons:16:imgiconsomega-action-16.png24:imgiconsomega-action-24.png32:imgiconsomega-action-32.png48:imgiconsomega-48.png64:imgiconsomega-64.png128:imgiconsomega-128.pngdefault_locale:enbrowser_action:browser_style:falsedefault_icon:16:imgiconsomega-action-16.png19:imgiconsomega-action-19.png24:imgiconsomega-action-24.png32:imgiconsomega-action-32.pngdefault_title:__MSG_manifest_icon_default_title__default_popup:popupindex.htmlbackground:page:background.htmlminimum_chrome_version:22.0.0options_page:options.htmloptions_ui:page:options.htmlbrowser_style:falseopen_in_tab:truepermissions:[proxytabsalarmsstoragewebRequestwebRequestBlockingcontextMenushttp:https:<all_urls>]commands:_execute_browser_action:suggested_key:default:AltShiftOapplications:gecko:id:switchyomega@feliscatus.addons.mozilla.orgstrict_min_version:55.0a1 - %ProfilePath%\extensions\switchyomega@feliscatus.addons.mozilla.org.xpi
- short_ YT NonStop - %ProfilePath%\extensions\{0d7cafdd-501c-49ca-8ebb-e3341caaa55e}.xpi
- Flagfox - %ProfilePath%\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi
- theme: images: theme_frame: ff35_header7.jpg colors: frame: d6b98b tab_background_text: 5c4c39 version: 2.0 A Web Browser Renaissance manifest_version: 2 description: Within the web today a browsing transformation is underway. We\u00e2\u20ac\u2122re seeing constant advancement from the static browsing Middle Ages of old and the ushering in of a new Modern Era of openness speed and security.\n\nTaking advantage of all the glorious advancements this new era has to offer has never been easier with the newly relased Firefox 3.5 - %ProfilePath%\extensions\{2c5529f0-50b9-4b77-a149-4a3f0378ef33}.xpi
- Disable JavaScript - %ProfilePath%\extensions\{41f9e51d-35e4-4b29-af66-422ff81c8b41}.xpi
- JavaScript Toggle On and Off - %ProfilePath%\extensions\{479f0278-2c34-4365-b9f0-1d328d0f0a40}.xpi
- Empty Cache Button - %ProfilePath%\extensions\{4cc4a13b-94a6-7568-370d-5f9de54a9c7f}.xpi
- Javascript Control - %ProfilePath%\extensions\{591abe66-4392-4d7e-aad5-12f04be2539e}.xpi
- Popup Blocker Ultimate - %ProfilePath%\extensions\{60B7679C-BED9-11E5-998D-8526BB8E7F8B}.xpi
- Cookie Quick Manager - %ProfilePath%\extensions\{60f82f00-9ad5-4de5-b31c-b16a47c51558}.xpi
- NoScript - %ProfilePath%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
- short_ Distill - %ProfilePath%\extensions\{7a73dc4b-1b38-40e7-ac56-7d356dd4af34}.xpi
- __MSG_appName__short_Web of Trustversion:20200329.0wotmanifest_version:2description:__MSG_appDescription__default_locale:enauthor:MyWOTicons:16:images16x16.png18:images18x18.png20:images20x20.png24:images24x24.png32:images32x32.png40:images40x40.png48:images48x48.png96:images96x96.png128:images128x128.pngpermissions:[tabscontextMenushttp:www.mywot.comhttp:api.mywot.comhttps:api.mywot.comwebNavigationwebRequestwebRequestBlockinghttp:https:storage]browser_action:default_icon:20:images20x20.png40:images40x40.png48:images48x48.pngdefault_title:__MSG_appTooltip__default_popup:popup.htmlbackground:scripts:[scriptscrossbrowser.jslibslodash.min.jslibsredux.min.jslibsredux-thunk.min.jslibsreact-chrome-redux.jsscriptssharedconstants.jsscriptssharedutils.jsscriptssharedwotCrypto.jsscriptssharedwotApi.jsscriptssharedwotAuthApi.jsscriptssharedpiFilter.jsscriptsbackgroundappcommonmyClass.jsscriptsbackgroundappcommoncommon.jsscriptsbackgroundappdefaultState.jsscriptsbackgroundapptabsCache.jsscriptsbackgroundappactions.jsscriptsbackgroundappaliases.jsscriptsbackgroundapplp-handler.jsscriptsbackgroundappreducers.jsscriptsbackgroundappmain.jsscriptsbackgroundindex.js]content_scripts:[matches:[http:https:]css:[stylesmain.css]js:[scriptscrossbrowser.jslibslodash.min.jslibsreact.min.jslibsreact-dom.min.jslibsreact-redux.min.jslibsreact-chrome-redux.jsscriptssharedconstants.jsscriptssharedfonts.jsscriptssharedutils.jsscriptssharedwotCrypto.jsscriptssharedwotApi.jsscriptsbackgroundappactions.jsscriptscontentcomponentscommonwarningReportsContainer.jsscriptscontentcomponentscommonbuttonAction.jsscriptscontentcomponentscommonreputationBubble.jsscriptscontentcomponentscommonsecurityBubble.jsscriptscontentcomponentsdonutdonut.jsscriptscontentcomponentsdonutdonutTooltip.jsscriptspopupcomponentsformattedString.jsscriptscontentcomponentswarningwarningAttributes.jsscriptscontentcomponentswarningwarningActionsContainer.jsscriptscontentcomponentswarningwarningMessageContainer.jsscriptscontentcomponentswarningwarningStrip.jsscriptscontentcomponentswarningoptoutStrip.jsscriptscontentcomponentswarningbadRatingNotification.jsscriptscontentcomponentswarningwarning.jsscriptscontentcomponentscommonextendHandler.jsscriptscontentcomponentscommonpreviewHandler.jsscriptscontentserpHandler.jsscriptscontentredirectHandler.jsscriptscontentsharingHandler.jsscriptscontentwarningHandler.jsscriptscontentsocialAuthHandler.jsscriptscontentindex.js]run_at:document_endall_frames:truematches:[:.mywot.com]js:[scriptscontentextInfo.js]run_at:document_startall_frames:false]web_accessible_resources:[images.gifstyles.cssresources.json]options_ui:page:options.htmlchrome_style:falseopen_in_tab:trueapplications:gecko:id:a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7strict_min_version:48.0 - %ProfilePath%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi
- short_ Updatescan - %ProfilePath%\extensions\{c07d1a49-9894-49ff-a594-38960ede8fb9}.xpi
- short_ __MSG_name__ - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
- Javascript Switcher - %ProfilePath%\extensions\{d7e0a6e7-9a50-490a-be5c-3b448be39b42}.xpi
- Image Search - %ProfilePath%\extensions\{eca87045-b95d-4180-8a0e-16d877af69b8}.xpi
- Toolbox for Google Play Store - %ProfilePath%\extensions\{f7e00fda-62e6-4361-8450-a335408e1efe}.xpi

ProfilePath: C:\Users\Petr\AppData\Roaming\Thunderbird\Profiles\u83iqws3.default
- Undetermined - %ProfilePath%\extensions\cs@dictionaries.addons.mozilla.org
- DKIM Verifier - %ProfilePath%\extensions\dkim_verifier@pl.xpi
- QuickFolders - %ProfilePath%\extensions\quickfolders@curious.be.xpi
- __MSG_appName__ - %ProfilePath%\extensions\sendlater3@kamens.us.xpi
- Remove Duplicate Messages Alternate - %ProfilePath%\extensions\{a300a000-5e21-4ee0-a115-9ec8f4eaa92b}.xpi
- Undetermined - %ProfilePath%\extensions\{a62ef8ec-5fdc-40c2-873c-223b8a6925cc}.xpi
- Undetermined - %ProfilePath%\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103}.xpi

ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\25qzwwv1.default
- Undetermined - %ProfilePath%\extensions\sko-extension@firma.seznam.cz
- Undetermined - %ProfilePath%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}

==== Firefox Plugins ======================

Profilepath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\tk5p2pf2.default-release
- C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_344.dll - [?]
B1E9E7809E3793A7950D4F761C782C3E - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin

==== Fake Chromium Profiles Check ======================

Fake profile C:\Users\outlook\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\outlook.DESKTOP-7GJSA1T\AppData\Local\Google\Chrome deleted

==== Chromium Look ======================

Chrome Media Router - Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/?clid=29530"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/?clid=29530"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
HKCU\SearchScopes\{06DAA207-9C8C-40C1-B0A4-07098DE84C67} - http://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_29530
HKCU\SearchScopes\{2D9969DC-AB37-4F71-825F-11359CFEA908} - http://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_29530
HKCU\SearchScopes\{3FF70CAB-C0B3-42A3-9946-2AE726F26CC9} - http://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_29530
HKCU\SearchScopes\{6A861BF9-14A3-43B9-AC57-504598E5093F} - http://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_29530
HKCU\SearchScopes\{745E554D-1A9F-40C8-8A56-E3878178E0DE} - http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_29530
HKCU\SearchScopes\{B2D51387-0CE4-4F81-9360-DCE690596A1E} - http://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_29530
HKCU\SearchScopes\{CD59AA6C-C521-493A-B273-CC2145A5B505} - http://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_29530
HKCU\SearchScopes\{DC6B39B1-C79E-4E2E-8990-73F4B88FD55D} - http://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_29530

==== Reset Google Chrome ======================

C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Web Data.ReadOnly was reset successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Petr\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Petr\AppData\Local\Mozilla\Firefox\Profiles\tk5p2pf2.default-release\cache2 emptied successfully

==== Empty Edge Cache ======================

Edge Cache Emptied Successfully

==== Empty Chrome Cache ======================

C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=448 folders=290 47950757 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\outlook\AppData\Local\Temp emptied successfully
C:\Users\outlook.DESKTOP-7GJSA1T\AppData\Local\Temp emptied successfully
C:\Users\Petr\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Petr\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 04.04.2020 at 20:49:58,46 ======================

Zemana
Informace o kontroly
Název produktu : Zemana AntiMalware
Stav kontroly : Dokončena
Datum kontroly : 04.04.2020 20:58:07
Typ kontroly : Inteligentní kontrola
Čas trvání : 00:00:38
Zkontrolované objekty : 1936
Zjištěné objekty : 5
Vyloučené objekty : 0
Automatické odesílání : Ano
Operační systém : Windows 10 x64
Procesor : 4X Intel(R) Core(TM) i3-6006U CPU @ 2.00GHz
Režim systému BIOS : UEFI
Informace o doméně : WORKGROUP,False,NetSetupWorkgroupName
CUID : 149C3A2F578B524B86982D

Odhalení
MD5 :
Stav : Zkontrolováno
Objekt : c:\users\petr\appdata\roaming\mozilla\firefox\profiles\tk5p2pf2.default-release\extensions\jid0-jjrrrbmgoshuhb07ivnxtbal29w@jetpack.xpi
Vydavatel :
Velikost : 0
Odhalení : HijackExt:FirefoxPlugin/jid0-jJRRRBMgoShUhb07IvnxTBAl29w@jetpack
Akce : Vymazat
-----------------------------------------------------------------------
MD5 :
Stav : Zkontrolováno
Objekt : c:\users\petr\appdata\roaming\mozilla\firefox\profiles\tk5p2pf2.default-release\extensions\selfdestroyingcookies@dirtylittlehelpers.com.xpi
Vydavatel :
Velikost : 0
Odhalení : HijackExt:FirefoxPlugin/selfdestroyingcookies@dirtylittlehelpers.com
Akce : Vymazat
-----------------------------------------------------------------------
MD5 :
Stav : Zkontrolováno
Objekt : c:\users\petr\appdata\roaming\mozilla\firefox\profiles\tk5p2pf2.default-release\extensions\{0d7cafdd-501c-49ca-8ebb-e3341caaa55e}.xpi
Vydavatel :
Velikost : 0
Odhalení : HijackExt:FirefoxPlugin/{0d7cafdd-501c-49ca-8ebb-e3341caaa55e}
Akce : Vymazat
-----------------------------------------------------------------------
MD5 :
Stav : Zkontrolováno
Objekt : c:\users\petr\appdata\roaming\mozilla\firefox\profiles\tk5p2pf2.default-release\extensions\{2c5529f0-50b9-4b77-a149-4a3f0378ef33}.xpi
Vydavatel :
Velikost : 0
Odhalení : HijackExt:FirefoxPlugin/{2c5529f0-50b9-4b77-a149-4a3f0378ef33}
Akce : Vymazat
-----------------------------------------------------------------------
MD5 :
Stav : Zkontrolováno
Objekt : c:\users\petr\appdata\roaming\mozilla\firefox\profiles\tk5p2pf2.default-release\extensions\{eca87045-b95d-4180-8a0e-16d877af69b8}.xpi
Vydavatel :
Velikost : 0
Odhalení : HijackExt:FirefoxPlugin/{eca87045-b95d-4180-8a0e-16d877af69b8}
Akce : Vymazat
-----------------------------------------------------------------------

HJT
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:30:29, on 04.04.2020
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.18362.0001)

Boot mode: Normal

Running processes:
C:\Users\Petr\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\WindowsApps\48405AmbientSoftware.WidgetsFree_3.3.39.0_x86__agy8jafheqhng\WidgetsDesktop\WidgetsDesktop.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Users\Petr\Desktop\HijackThis.exe
C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.4\Lightshot.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=29530
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_211\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_211\bin\jp2ssv.dll
O4 - HKLM\..\Run: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
O4 - HKLM\..\Run: [Lightshot] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Petr\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [ManicTimeC34F57B2DA6E6758] C:\Program Files (x86)\ManicTime\ManicTime.exe /minimized /name:
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - Startup: DeskPins.lnk = C:\Program Files (x86)\DeskPins\DeskPins.exe
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 1510 series (kopie 1).lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - (no CLSID) - (no file)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Unknown owner - C:\WINDOWS\System32\drivers\AdminService.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\ki127390.inf_amd64_e1ccb879ece8f084\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\ki127390.inf_amd64_e1ccb879ece8f084\IntelCpHDCPSvc.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_7c8a7 - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: Dell Command | Power Manager Notify (dcpm-notify) - Unknown owner - C:\Program Files\Dell\CommandPowerManager\NotifyService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @oem14.inf,%ServiceDisplayName%;Intel(R) Dynamic Platform and Thermal Framework service (esifsvc) - Unknown owner - C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\ki127390.inf_amd64_e1ccb879ece8f084\igfxCUIService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: Waves Audio Services (WavesSysSvc) - Waves Audio Ltd. - C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11671 bytes

Příspěvekod **jaro3** » 04 dub 2020 22:04

zřejmě odinstalovaná aplikae Lightshot od Skillbrains -- zkus ještě revo uninstaller na odinstalci zbytků.

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O1 - Hosts: ::1 localhost
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O18 - Filter hijack: text/xml - (no CLSID) - (no file)

Ono to může mít taky jen šptný kontakt...nalitá tekutina ap.

ještě projedem :
Vypni antivir i firewall.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
další odkaz:
http://www.bleepingcomputer.com/downloa ... scan-tool/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

Scientific · Příspěvekod **Scientific** » 04 dub 2020 23:06

Žádnou tekutinu jsem do něj nenalil. Naposled sem do notebooku nalil neslazený čaj před cca. dvěma lety, ale to byl tuším druhý notebook, ne tento.

HJT
Hotovo.

FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-03-2020
Ran by Petr (administrator) on DESKTOP-7GJSA1T (Dell Inc. Inspiron 5770) (04-04-2020 22:32:44)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr & outlook)
Platform: Windows 10 Home Version 1903 18362.720 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Ambient Software) C:\Program Files\WindowsApps\48405AmbientSoftware.WidgetsFree_3.3.39.0_x86__agy8jafheqhng\WidgetsDesktop\WidgetsDesktop.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127390.inf_amd64_e1ccb879ece8f084\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127390.inf_amd64_e1ccb879ece8f084\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127390.inf_amd64_e1ccb879ece8f084\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127390.inf_amd64_e1ccb879ece8f084\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Petr\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12003.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20022.11011.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\NisSrv.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [319544 2019-01-09] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269328 2019-01-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-01-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1213736 2018-11-04] (Waves Inc -> Waves Audio Ltd.)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3312208 2019-05-04] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-21] (Kilonova LLC -> )
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5890504 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
HKU\S-1-5-21-1655598053-1459283977-1014168971-1001\...\Run: [ManicTimeC34F57B2DA6E6758] => C:\Program Files (x86)\ManicTime\ManicTime.exe [63672 2019-06-05] (Finkit d.o.o. -> Finkit d.o.o.)
HKU\S-1-5-21-1655598053-1459283977-1014168971-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\Installer\chrmstp.exe [2020-04-02] (Google LLC -> Google LLC)
Startup: C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DeskPins.lnk [2019-11-25]
ShortcutTarget: DeskPins.lnk -> C:\Program Files (x86)\DeskPins\DeskPins.exe (Elias Fotinis) [File not signed]
Startup: C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 1510 series (kopie 1).lnk [2019-10-05]
ShortcutAndArgument: Sledovat výstrahy inkoustu - HP Deskjet 1510 series (kopie 1).lnk -> C:\Windows\system32\RunDll32.exe => "C:\Program Files\HP\HP Deskjet 1510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN44O19BRW05XJ;CONNECTION=USB;MONITOR=1;

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {18823B6D-CF63-4FBB-8B54-60DE829A0880} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [659520 2019-11-04] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {321E3BAF-3B70-42F0-BFDE-8B253627E2CD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {39827DC2-1439-486D-989A-60184D46484A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {42935A2B-5DEE-4044-B439-F9F158DA942D} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_344_Plugin.exe [1458232 2020-03-11] (Adobe Inc. -> Adobe)
Task: {57F65498-4006-4FA4-A38E-C7AB934B8238} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6CB7F613-DCE3-40E8-8FDB-405B60A57E86} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {8AD0E8C9-31EC-47C6-B42A-2F74CD50FF65} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {CCE014B6-66CC-41BE-A515-CB7FFE27B51A} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [2571704 2020-02-14] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
Task: {D6EFC5B6-BAFB-493F-8BC3-E1F24695BCB5} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {D7D75F4C-A171-4D43-9BBC-D358C87C28FB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-10] (Google Inc -> Google LLC)
Task: {E22F1BDE-4C0C-4A65-89B3-A627EBCFE266} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E845DBAF-64F3-4684-BD4F-976C56236F94} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-10] (Google Inc -> Google LLC)
Task: {FAB42694-0D16-41E8-9DF1-F1F12B661EC2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-03-11] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0bde28c6-0b17-4470-813d-b1a3ffb1f912}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{67d8c22f-178a-42f2-b374-66688bf6b350}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{889e0300-4f2a-49f7-b003-a3d53af81d53}: [DhcpNameServer] 192.168.1.1 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-1655598053-1459283977-1014168971-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=29530
SearchScopes: HKU\S-1-5-21-1655598053-1459283977-1014168971-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1655598053-1459283977-1014168971-1001 -> {06DAA207-9C8C-40C1-B0A4-07098DE84C67} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-1655598053-1459283977-1014168971-1001 -> {2D9969DC-AB37-4F71-825F-11359CFEA908} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-1655598053-1459283977-1014168971-1001 -> {3FF70CAB-C0B3-42A3-9946-2AE726F26CC9} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-1655598053-1459283977-1014168971-1001 -> {6A861BF9-14A3-43B9-AC57-504598E5093F} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-1655598053-1459283977-1014168971-1001 -> {745E554D-1A9F-40C8-8A56-E3878178E0DE} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-1655598053-1459283977-1014168971-1001 -> {B2D51387-0CE4-4F81-9360-DCE690596A1E} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-1655598053-1459283977-1014168971-1001 -> {CD59AA6C-C521-493A-B273-CC2145A5B505} URL = hxxp://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-1655598053-1459283977-1014168971-1001 -> {DC6B39B1-C79E-4E2E-8990-73F4B88FD55D} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_29530
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\ssv.dll [2019-06-28] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-06-28] (Oracle America, Inc. -> Oracle Corporation)
Filter: text/xml - No CLSID Value

FireFox:
========
FF DefaultProfile: 25qzwwv1.default
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\25qzwwv1.default [2020-04-04]
FF Homepage: Mozilla\Firefox\Profiles\25qzwwv1.default -> about:home
FF NewTab: Mozilla\Firefox\Profiles\25qzwwv1.default -> about:newtab
FF Extension: (Seznam doplněk - Esko) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\25qzwwv1.default\Extensions\sko-extension@firma.seznam.cz [2020-04-04]
FF Extension: (Seznam doplněk - Email) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\25qzwwv1.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2020-04-04]
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\tk5p2pf2.default-release [2020-04-04]
FF NewTab: Mozilla\Firefox\Profiles\tk5p2pf2.default-release -> about:newtab
FF NetworkProxy: Mozilla\Firefox\Profiles\tk5p2pf2.default-release -> backup.ftp", "178.238.41.121"
FF Notifications: Mozilla\Firefox\Profiles\tk5p2pf2.default-release -> hxxps://www.youtube.com; hxxps://www.facebook.com; hxxps://app.livechatoo.com
FF Extension: (Firefox Multi-Account Containers) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\tk5p2pf2.default-release\Extensions\@testpilot-containers.xpi [2020-03-01]
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\tk5p2pf2.default-release\Extensions\cs@dictionaries.addons.mozilla.org.xpi [2019-05-27]
FF Extension: (BuiltWith) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\tk5p2pf2.default-release\Extensions\gary@builtwith.com.xpi [2019-05-22]
FF Extension: (I don't care about cookies) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\tk5p2pf2.default-release\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2020-03-04]
FF Extension: (Privacy Badger) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\tk5p2pf2.default-release\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2020-02-20]
FF Extension: (Page Hacker) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\tk5p2pf2.default-release\Extensions\pagehacker-nico@nc.xpi [2019-05-22]
FF Extension: (Načítám…) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\tk5p2pf2.default-release\Extensions\switchyomega@feliscatus.addons.mozilla.org.xpi [2019-05-22]
FF Extension: (Flagfox) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\tk5p2pf2.default-release\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2020-03-31]
FF Extension: (Disable JavaScript) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\tk5p2pf2.default-release\Extensions\{41f9e51d-35e4-4b29-af66-422ff81c8b41}.xpi [2019-05-22]
FF Extension: (JavaScript Toggle On and Off) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\tk5p2pf2.default-release\Extensions\{479f0278-2c34-4365-b9f0-1d328d0f0a40}.xpi [2019-07-07]
FF Extension: (Empty Cache Button) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\tk5p2pf2.default-release\Extensions\{4cc4a13b-94a6-7568-370d-5f9de54a9c7f}.xpi [2019-05-22]
FF Extension: (Javascript Control) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\tk5p2pf2.default-release\Extensions\{591abe66-4392-4d7e-aad5-12f04be2539e}.xpi [2019-05-22]
FF Extension: (Popup Blocker Ultimate) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\tk5p2pf2.default-release\Extensions\{60B7679C-BED9-11E5-998D-8526BB8E7F8B}.xpi [2020-03-10]
FF Extension: (Cookie Quick Manager) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\tk5p2pf2.default-release\Extensions\{60f82f00-9ad5-4de5-b31c-b16a47c51558}.xpi [2019-07-12]
FF Extension: (NoScript) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\tk5p2pf2.default-release\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2020-03-25]
FF Extension: (Distill Web Monitor) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\tk5p2pf2.default-release\Extensions\{7a73dc4b-1b38-40e7-ac56-7d356dd4af34}.xpi [2019-12-10]
FF Extension: (Web of Trust) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\tk5p2pf2.default-release\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi [2020-03-29]
FF Extension: (Update Scanner) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\tk5p2pf2.default-release\Extensions\{c07d1a49-9894-49ff-a594-38960ede8fb9}.xpi [2019-05-22]
FF Extension: (No Name) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\tk5p2pf2.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-04-01]
FF Extension: (Javascript Switcher) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\tk5p2pf2.default-release\Extensions\{d7e0a6e7-9a50-490a-be5c-3b448be39b42}.xpi [2019-06-09]
FF Extension: (Toolbox for Google Play Store™) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\tk5p2pf2.default-release\Extensions\{f7e00fda-62e6-4361-8450-a335408e1efe}.xpi [2019-09-06]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_344.dll [2020-03-11] (Adobe Inc. -> )
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_344.dll [2020-03-11] (Adobe Inc. -> )
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google Inc -> Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-06-28] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-06-28] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\WINDOWS\System32\drivers\AdminService.exe [386976 2019-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 Dell.CommandPowerManager.Service; C:\WINDOWS\system32\dllhost.exe /Processid:{34A13B28-B48D-4E51-A1E5-2C946CCB368B} [21304 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 Dell.CommandPowerManager.Service; C:\WINDOWS\system32\dllhost.exe /Processid:{34A13B28-B48D-4E51-A1E5-2C946CCB368B} [21304 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R2 esifsvc; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [1705592 2017-11-28] (Intel Corporation -> Intel Corporation)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-04-03] (Malwarebytes Inc -> Malwarebytes)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [267768 2019-01-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [875816 2018-11-04] (Waves Inc -> Waves Audio Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\NisSrv.exe [3294680 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MsMpEng.exe [103168 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 dcpm-notify; "C:\Program Files\Dell\CommandPowerManager\NotifyService.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [232792 2020-04-04] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
S3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [36728 2019-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [74696 2017-11-28] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [70088 2017-11-28] (Intel Corporation -> Intel Corporation)
R3 esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys [383432 2017-11-28] (Intel Corporation -> Intel Corporation)
R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R3 HidEventFilter; C:\WINDOWS\System32\drivers\HidEventFilter.sys [85064 2017-11-01] (Intel(R) Software -> Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-04-04] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-04-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-04-04] (Malwarebytes Inc -> Malwarebytes)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [662528 2019-03-19] (Microsoft Windows -> Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [450528 2018-11-22] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 rtux64w10; C:\WINDOWS\System32\drivers\rtux64w10.sys [576288 2019-06-26] (Realtek Semiconductor Corp. -> Realtek Corporation )
R0 secnvme; C:\WINDOWS\System32\drivers\secnvme.sys [134000 2019-01-21] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd)
S3 tapoas; C:\WINDOWS\System32\drivers\tapoas.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-03-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [391392 2020-03-25] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59104 2020-03-25] (Microsoft Windows -> Microsoft Corporation)
S3 AscFileFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\drivers\win10_amd64\AscFileFilter.sys [X]
S3 AscRegistryFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\drivers\win10_amd64\AscRegistryFilter.sys [X]
S3 cpuz145; \??\C:\WINDOWS\temp\cpuz145\cpuz145_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-04 22:32 - 2020-04-04 22:33 - 000026342 _____ C:\Users\Petr\Desktop\FRST.txt
2020-04-04 22:32 - 2020-04-04 22:33 - 000000000 ____D C:\FRST
2020-04-04 22:31 - 2020-04-04 22:31 - 002280448 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2020-04-04 22:25 - 2020-04-04 22:25 - 000000000 ____D C:\Users\Petr\Desktop\backups
2020-04-04 21:30 - 2020-04-04 21:30 - 000011673 _____ C:\Users\Petr\Desktop\hijackthis2.txt
2020-04-04 21:27 - 2020-04-04 21:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
2020-04-04 21:27 - 2020-04-04 21:27 - 000000000 ____D C:\Program Files (x86)\Skillbrains
2020-04-04 21:17 - 2020-04-03 17:18 - 000388608 _____ (Trend Micro Inc.) C:\Users\Petr\Desktop\HijackThis.exe
2020-04-04 20:53 - 2020-04-04 22:33 - 001050958 _____ C:\WINDOWS\ZAM.krnl.trace
2020-04-04 20:53 - 2020-04-04 20:53 - 000232792 _____ (Copyright 2018.) C:\WINDOWS\system32\Drivers\amsdk.sys
2020-04-04 20:53 - 2020-04-04 20:53 - 000003556 _____ C:\WINDOWS\system32\Tasks\AMHelper
2020-04-04 20:53 - 2020-04-04 20:53 - 000001337 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2020-04-04 20:53 - 2020-04-04 20:53 - 000000000 ____D C:\Users\Petr\AppData\Local\Zemana
2020-04-04 20:53 - 2020-04-04 20:53 - 000000000 ____D C:\Users\Petr\AppData\Local\AMSDK
2020-04-04 20:53 - 2020-04-04 20:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2020-04-04 20:53 - 2020-04-04 20:53 - 000000000 ____D C:\Program Files (x86)\Zemana
2020-04-04 20:53 - 2020-04-04 20:52 - 012741568 _____ (Zemana Ltd. ) C:\Users\Petr\Desktop\AntiMalware_Setup.exe
2020-04-04 20:50 - 2020-04-04 20:50 - 000038942 _____ C:\Users\Petr\Desktop\zoek-results.txt
2020-04-04 20:50 - 2020-04-04 20:50 - 000000000 ___HD C:\OneDriveTemp
2020-04-04 20:49 - 2020-04-04 20:49 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-04-04 20:49 - 2020-04-04 20:49 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-04-04 20:49 - 2020-04-04 20:49 - 000000008 __RSH C:\ProgramData\ntuser.pol
2020-04-04 20:49 - 2014-02-13 23:59 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2020-04-04 20:07 - 2020-04-04 20:40 - 000000000 ____D C:\zoek_backup
2020-04-04 20:06 - 2020-04-04 20:06 - 002038755 _____ C:\Users\Petr\Desktop\zoek.exe
2020-04-04 20:05 - 2020-04-04 20:05 - 000001744 _____ C:\Users\Petr\Desktop\rk2.txt
2020-04-04 15:31 - 2020-04-04 15:31 - 000000000 ____D C:\Users\Petr\AppData\Local\CrystalDiskMark
2020-04-04 15:09 - 2020-04-04 15:09 - 000003240 _____ C:\Users\Petr\Desktop\rkam.txt
2020-04-04 14:56 - 2020-04-04 15:06 - 000000000 ____D C:\ProgramData\RogueKiller
2020-04-04 10:56 - 2020-04-04 10:56 - 000006660 _____ C:\Users\Petr\AppData\Local\recently-used.xbel
2020-04-04 00:11 - 2020-04-04 00:11 - 000002841 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2020-04-04 00:11 - 2020-04-04 00:11 - 000000000 ____D C:\ProgramData\Sophos
2020-04-04 00:11 - 2020-04-04 00:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2020-04-04 00:11 - 2020-04-04 00:11 - 000000000 ____D C:\Program Files (x86)\Sophos
2020-04-04 00:10 - 2020-04-04 00:09 - 206758184 _____ (Sophos Limited) C:\Users\Petr\Desktop\Sophos Virus Removal Tool.exe
2020-04-04 00:07 - 2020-04-04 00:07 - 037270584 _____ C:\Users\Petr\Desktop\RogueKiller_portable64.exe
2020-04-03 23:27 - 2020-04-03 23:27 - 000002415 _____ C:\Users\Petr\Desktop\mbam2.txt
2020-04-03 23:19 - 2020-04-03 23:19 - 000001326 _____ C:\Users\Petr\Desktop\JRT.txt
2020-04-03 23:13 - 2020-04-03 23:12 - 001790024 _____ (Malwarebytes) C:\Users\Petr\Desktop\JRT.exe
2020-04-03 23:11 - 2020-04-03 23:11 - 000003661 _____ C:\Users\Petr\Desktop\AdwCleaner[C01].txt
2020-04-03 20:53 - 2020-04-04 22:22 - 000000651 _____ C:\Users\Petr\Desktop\mbam.txt
2020-04-03 20:36 - 2020-04-03 20:36 - 000002029 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-04-03 20:36 - 2020-04-03 20:36 - 000000000 ____D C:\Users\Petr\AppData\Local\mbamtray
2020-04-03 20:36 - 2020-04-03 20:36 - 000000000 ____D C:\Users\Petr\AppData\Local\mbam
2020-04-03 20:36 - 2020-04-03 20:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-04-03 20:36 - 2020-04-03 20:35 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-04-03 20:36 - 2020-04-03 20:35 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-04-03 20:35 - 2020-04-03 20:35 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-04-03 20:35 - 2020-04-03 20:35 - 000000000 ____D C:\Program Files\Malwarebytes
2020-04-03 20:35 - 2020-04-03 20:34 - 001957784 _____ (Malwarebytes) C:\Users\Petr\Desktop\MBSetup.exe
2020-04-03 20:30 - 2020-04-03 23:05 - 000000000 ____D C:\AdwCleaner
2020-04-03 20:29 - 2020-04-03 20:29 - 008196784 _____ (Malwarebytes) C:\Users\Petr\Desktop\AdwCleaner.exe
2020-04-03 19:41 - 2020-04-03 19:41 - 000002552 _____ C:\Users\Petr\Desktop\qwe.txt
2020-04-02 20:04 - 2020-04-02 20:04 - 000002152 _____ C:\Users\Public\Desktop\Soft193 Switch Off.lnk
2020-04-02 20:04 - 2020-04-02 20:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soft193
2020-04-02 20:03 - 2020-04-02 20:03 - 000000000 ____D C:\WINDOWS\Soft193 Switch Off
2020-04-02 20:03 - 2020-04-02 20:03 - 000000000 ____D C:\Program Files (x86)\Soft193
2020-04-02 08:39 - 2020-04-02 08:39 - 000003350 _____ C:\WINDOWS\system32\Tasks\SamsungMagician
2020-04-02 08:39 - 2020-04-02 08:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2020-03-27 17:05 - 2020-03-29 16:38 - 000000000 ____D C:\Users\outlook.DESKTOP-7GJSA1T\AppData\Roaming\obs-studio
2020-03-27 17:05 - 2020-03-27 17:05 - 000000000 ____D C:\Users\outlook.DESKTOP-7GJSA1T\AppData\Local\OneDrive
2020-03-27 16:28 - 2020-03-27 16:37 - 000000000 ____D C:\Users\outlook.DESKTOP-7GJSA1T\AppData\LocalLow\Mozilla
2020-03-27 16:28 - 2020-03-27 16:28 - 000000000 ____D C:\Users\outlook.DESKTOP-7GJSA1T\AppData\Roaming\Mozilla
2020-03-27 16:28 - 2020-03-27 16:28 - 000000000 ____D C:\Users\outlook.DESKTOP-7GJSA1T\AppData\Local\Mozilla
2020-03-27 14:15 - 2020-03-27 14:15 - 000000000 ____D C:\Users\outlook\AppData\Roaming\obs-studio
2020-03-27 13:48 - 2020-03-27 13:48 - 000003384 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1655598053-1459283977-1014168971-1003
2020-03-27 13:48 - 2020-03-27 13:48 - 000002419 _____ C:\Users\outlook.DESKTOP-7GJSA1T\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-03-27 13:48 - 2020-03-27 13:48 - 000000000 ___RD C:\Users\outlook.DESKTOP-7GJSA1T\OneDrive
2020-03-27 13:46 - 2020-03-27 13:46 - 000000000 ____D C:\Users\outlook.DESKTOP-7GJSA1T\AppData\Roaming\Sun
2020-03-27 13:46 - 2020-03-27 13:46 - 000000000 ____D C:\Users\outlook.DESKTOP-7GJSA1T\AppData\LocalLow\Sun
2020-03-27 13:45 - 2020-03-27 16:44 - 000000000 ____D C:\Users\outlook.DESKTOP-7GJSA1T\AppData\Roaming\obs-studio.bak
2020-03-27 13:45 - 2020-03-27 13:45 - 000000000 ____D C:\Users\outlook.DESKTOP-7GJSA1T\AppData\Local\D3DSCache
2020-03-27 13:45 - 2020-03-27 13:45 - 000000000 ____D C:\Users\outlook.DESKTOP-7GJSA1T\AppData\Local\Comms
2020-03-27 13:42 - 2020-03-27 13:42 - 000000000 ____D C:\Users\outlook.DESKTOP-7GJSA1T\AppData\Roaming\Intel Corporation

Scientific · Příspěvekod **Scientific** » 04 dub 2020 23:07

2020-03-27 13:41 - 2020-03-27 13:41 - 000001450 _____ C:\Users\outlook.DESKTOP-7GJSA1T\Desktop\Microsoft Edge.lnk
2020-03-27 13:41 - 2020-03-27 13:41 - 000000000 ____D C:\Users\outlook.DESKTOP-7GJSA1T\AppData\Local\Adobe
2020-03-27 13:40 - 2020-03-28 18:03 - 000000000 ____D C:\Users\outlook.DESKTOP-7GJSA1T\AppData\Local\Publishers
2020-03-27 13:40 - 2020-03-27 13:40 - 000000000 ___HD C:\Users\outlook.DESKTOP-7GJSA1T\MicrosoftEdgeBackups
2020-03-27 13:40 - 2020-03-27 13:40 - 000000000 ____D C:\Users\outlook.DESKTOP-7GJSA1T\AppData\Local\MicrosoftEdge
2020-03-27 13:39 - 2020-04-04 20:44 - 000000000 ____D C:\Users\outlook.DESKTOP-7GJSA1T\AppData\Local\Google
2020-03-27 13:39 - 2020-03-28 18:03 - 000000000 ____D C:\Users\outlook.DESKTOP-7GJSA1T\AppData\Local\Packages
2020-03-27 13:39 - 2020-03-27 13:48 - 000000000 ____D C:\Users\outlook.DESKTOP-7GJSA1T
2020-03-27 13:39 - 2020-03-27 13:40 - 000000000 ____D C:\Users\outlook.DESKTOP-7GJSA1T\AppData\Local\Intel
2020-03-27 13:39 - 2020-03-27 13:40 - 000000000 ____D C:\Users\outlook.DESKTOP-7GJSA1T\AppData\Local\ConnectedDevicesPlatform
2020-03-27 13:39 - 2020-03-27 13:39 - 000002338 _____ C:\Users\outlook.DESKTOP-7GJSA1T\Desktop\Google Chrome.lnk
2020-03-27 13:39 - 2020-03-27 13:39 - 000000020 ___SH C:\Users\outlook.DESKTOP-7GJSA1T\ntuser.ini
2020-03-27 13:39 - 2020-03-27 13:39 - 000000000 ___RD C:\Users\outlook.DESKTOP-7GJSA1T\3D Objects
2020-03-27 13:39 - 2020-03-27 13:39 - 000000000 ____D C:\Users\outlook.DESKTOP-7GJSA1T\AppData\Roaming\Adobe
2020-03-27 13:39 - 2020-01-31 19:02 - 000000000 ____D C:\Users\outlook.DESKTOP-7GJSA1T\AppData\Roaming\Waves Audio
2020-03-27 13:39 - 2019-05-29 13:19 - 000000000 ____D C:\Users\outlook.DESKTOP-7GJSA1T\AppData\Local\Microsoft Help
2020-03-27 13:25 - 2020-03-27 13:25 - 000000000 ____D C:\ProgramData\obs-studio-hook
2020-03-27 12:54 - 2020-03-27 12:54 - 000002459 _____ C:\Users\Petr\Desktop\Outlook.lnk
2020-03-27 12:52 - 2020-03-27 12:52 - 000002459 _____ C:\Users\outlook.DESKTOP-7GJSA1T\Desktop\Outlook.lnk
2020-03-27 12:38 - 2020-03-27 16:03 - 001736812 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2020-03-26 14:16 - 2020-03-26 14:16 - 000000000 ____D C:\Users\outlook\AppData\Local\Comms
2020-03-26 14:05 - 2020-03-26 20:00 - 000000000 ____D C:\Users\outlook\AppData\Local\PlaceholderTileLogoFolder
2020-03-26 14:05 - 2020-03-26 14:05 - 000000000 ____D C:\Users\outlook\AppData\LocalLow\Sun
2020-03-26 14:04 - 2020-03-26 14:04 - 000003384 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1655598053-1459283977-1014168971-1002
2020-03-26 14:04 - 2020-03-26 14:04 - 000002371 _____ C:\Users\outlook\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-03-26 14:03 - 2020-03-26 14:04 - 000000000 ___RD C:\Users\outlook\OneDrive
2020-03-26 14:00 - 2020-03-27 13:13 - 000000000 ____D C:\Users\outlook\AppData\LocalLow\Mozilla
2020-03-26 14:00 - 2020-03-26 14:00 - 000001450 _____ C:\Users\outlook\Desktop\Microsoft Edge.lnk
2020-03-26 14:00 - 2020-03-26 14:00 - 000000000 ____D C:\Users\outlook\AppData\Local\Mozilla
2020-03-26 14:00 - 2020-03-26 14:00 - 000000000 ____D C:\Users\outlook\AppData\Local\Adobe
2020-03-26 13:59 - 2020-04-04 20:44 - 000000000 ____D C:\Users\outlook\AppData\Local\Google
2020-03-26 13:59 - 2020-03-27 17:04 - 000000000 __SHD C:\Users\outlook\IntelGraphicsProfiles
2020-03-26 13:59 - 2020-03-26 20:00 - 000000000 ____D C:\Users\outlook\AppData\Local\Packages
2020-03-26 13:59 - 2020-03-26 14:03 - 000000000 ____D C:\Users\outlook
2020-03-26 13:59 - 2020-03-26 14:00 - 000000000 ____D C:\Users\outlook\AppData\Local\Intel
2020-03-26 13:59 - 2020-03-26 13:59 - 000002338 _____ C:\Users\outlook\Desktop\Google Chrome.lnk
2020-03-26 13:59 - 2020-03-26 13:59 - 000000020 ___SH C:\Users\outlook\ntuser.ini
2020-03-26 13:59 - 2020-03-26 13:59 - 000000000 ___RD C:\Users\outlook\3D Objects
2020-03-26 13:59 - 2020-03-26 13:59 - 000000000 ___HD C:\Users\outlook\MicrosoftEdgeBackups
2020-03-26 13:59 - 2020-03-26 13:59 - 000000000 ____D C:\Users\outlook\AppData\Local\Publishers
2020-03-26 13:59 - 2020-03-26 13:59 - 000000000 ____D C:\Users\outlook\AppData\Local\MicrosoftEdge
2020-03-26 13:59 - 2020-03-26 13:59 - 000000000 ____D C:\Users\outlook\AppData\Local\ConnectedDevicesPlatform
2020-03-26 13:59 - 2019-05-29 13:19 - 000000000 ____D C:\Users\outlook\AppData\Local\Microsoft Help
2020-03-20 18:04 - 2020-04-01 10:37 - 000000000 ____D C:\Program Files (x86)\Xming
2020-03-19 23:10 - 2020-03-19 23:10 - 000000000 ____D C:\WINDOWS\{CF288B74-0960-4CF2-86EB-F80340BC598C}
2020-03-19 09:03 - 2020-03-19 09:03 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1655598053-1459283977-1014168971-1001
2020-03-19 09:03 - 2020-03-19 09:03 - 000002362 _____ C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-03-18 09:12 - 2020-03-21 11:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2020-03-14 23:28 - 2020-03-14 23:42 - 3896018338 _____ C:\Users\Petr\AppData\Roaming\Thunderbird.rar
2020-03-14 10:48 - 2020-03-14 10:48 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-03-14 10:48 - 2020-03-14 10:48 - 009930552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-03-14 10:48 - 2020-03-14 10:48 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-03-14 10:48 - 2020-03-14 10:48 - 006520776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-03-14 10:48 - 2020-03-14 10:48 - 004563416 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-03-14 10:48 - 2020-03-14 10:48 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-03-14 10:48 - 2020-03-14 10:48 - 001398584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-03-14 10:48 - 2020-03-14 10:48 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-03-14 10:48 - 2020-03-14 10:48 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-03-14 10:48 - 2020-03-14 10:48 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-03-14 10:48 - 2020-03-14 10:48 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-03-13 10:08 - 2020-03-13 10:08 - 000000000 ____D C:\Users\Petr\AppData\Roaming\DBeaverData
2020-03-13 10:07 - 2020-03-13 10:10 - 000000000 ____D C:\Users\Petr\.eclipse
2020-03-13 10:04 - 2020-03-13 10:05 - 000000000 ____D C:\Program Files\DBeaver
2020-03-13 10:04 - 2020-03-13 10:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DBeaver Community
2020-03-11 10:51 - 2020-03-11 10:51 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 019812352 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 018027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 011607552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 009711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 006285312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 005911040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 004348408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 004129648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 003819520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 003488768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 003243296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 002956688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-03-11 10:51 - 2020-03-11 10:51 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 002315680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 002180408 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 002072664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 001867816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 001835128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 001770552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 001555904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 001490640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 001417976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 001282944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 001108040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 001080832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 001000960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 000757632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbc32.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 000287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacEncoder.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacEncoder.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-03-11 10:51 - 2020-03-11 10:51 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-03-11 10:51 - 2020-03-11 10:51 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-03-11 10:51 - 2020-03-11 10:51 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 025900544 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 022635008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 007905784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 007755776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 007259648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 006436352 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 006168064 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 006084344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 005112832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 004855808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 004622280 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 004580352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 004471296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 004140544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 004048896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 003971808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 003799552 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 003728896 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 003708928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 003587896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 003552768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 003371720 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 003260928 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 003143168 _____ (Microsoft Corporation) C:\WINDOWS\system32\directml.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 002875904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 002870272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 002808832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 002773568 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 002768440 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-03-11 10:50 - 2020-03-11 10:50 - 002740736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directml.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 002715648 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 002698040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 002584008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 002522112 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 002474496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 002453504 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 002307584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 002289152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 002259872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 002224952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 002157056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 002087376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 002031104 _____ C:\WINDOWS\system32\rdpnano.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 002021888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001999952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001985104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001972536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001823232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001764336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001762304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-03-11 10:50 - 2020-03-11 10:50 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001729024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001684992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001665416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001657120 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001609216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001581056 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001513040 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 001484600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001482040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 001481216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001480192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001428992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 001413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001412096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001396152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001394168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-03-11 10:50 - 2020-03-11 10:50 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001283600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-03-11 10:50 - 2020-03-11 10:50 - 001273856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001264128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001260480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001218632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001190912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 001180160 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001088000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001071184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001054376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001031680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001027000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 001007672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000983896 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000945384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000935040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000929144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000908504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000892696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000877232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000833616 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000802304 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000796904 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000782848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000776488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000769552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000741392 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000734720 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetup.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbc32.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000669496 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000668296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 000654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000642216 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000637240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 000636848 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxs.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000627216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000605896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000551824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxs.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2020-03-11 10:50 - 2020-03-11 10:50 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000531768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2020-03-11 10:50 - 2020-03-11 10:50 - 000526848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000522384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000510768 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000478792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS

Scientific · Příspěvekod **Scientific** » 04 dub 2020 23:07

2020-03-11 10:50 - 2020-03-11 10:50 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000459688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 000457016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 000455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000429880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2020-03-11 10:50 - 2020-03-11 10:50 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000355000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 000353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Acx01000.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 000320312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000306696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcomapi.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountCloudAP.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000260920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 000259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000250896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 000248064 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000234984 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000224056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 000222520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 000221200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000213984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000208696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000201744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 000199992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000183608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000180232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtm.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000174392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeHelper.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000165504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000164776 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtm.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000151568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000146712 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\GraphicsCapture.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000141840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceMetadataRetrievalClient.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnpclean.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000136328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\omadmapi.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 000133944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\profapi.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000131896 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandler.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000130112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000128312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000120560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000120048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Taskbar.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000107832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GraphicsCapture.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000105832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000102760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profapi.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2020-03-11 10:50 - 2020-03-11 10:50 - 000098104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000089616 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000089568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 000068408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceReactivation.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000066336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlrmdr.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000063288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmRes.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmRes.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstUI.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000056632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciidex.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAProfileNotificationHandler.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmapi.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000048256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmprovhost.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000042336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000042296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afunix.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmtask.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmprovhost.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS
2020-03-11 10:50 - 2020-03-11 10:50 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxstrace.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 000030008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\atapi.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 000029712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tbs.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxstrace.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Drivers\afunix.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000028936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wci.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msauserext.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000019984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelide.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 000019768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpnotify.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msauserext.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000016912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciide.sys
2020-03-11 10:50 - 2020-03-11 10:50 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MUILanguageCleanup.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmplpxy.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LangCleanupSysprepAction.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmplpxy.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchTM.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtprio.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchTM.exe
2020-03-11 10:50 - 2020-03-11 10:50 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetupproxyserv.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtprio.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCertResources.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUserRes.dll
2020-03-11 10:50 - 2020-03-11 10:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-03-11 10:50 - 2020-03-11 10:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-03-11 10:50 - 2020-03-11 10:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-03-11 10:50 - 2020-03-11 10:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-03-11 10:50 - 2020-03-11 10:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-03-11 10:50 - 2020-03-11 10:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-03-11 10:50 - 2020-03-11 10:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-03-11 10:50 - 2020-03-11 10:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-03-11 10:50 - 2020-03-11 10:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-03-11 10:50 - 2020-03-11 10:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-03-11 10:50 - 2020-03-11 10:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-03-11 10:50 - 2020-03-11 10:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-03-11 10:40 - 2020-02-11 06:48 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-03-11 10:40 - 2020-02-11 06:37 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-04 22:27 - 2019-05-28 09:14 - 000000000 ____D C:\Users\Petr\AppData\Roaming\obs-studio
2020-04-04 22:27 - 2019-05-22 10:55 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\Mozilla
2020-04-04 22:26 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-04-04 21:32 - 2019-10-05 12:44 - 001712488 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-04-04 21:32 - 2019-03-19 13:55 - 000726182 _____ C:\WINDOWS\system32\perfh005.dat
2020-04-04 21:32 - 2019-03-19 13:55 - 000148266 _____ C:\WINDOWS\system32\perfc005.dat
2020-04-04 21:32 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-04-04 21:27 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Registration
2020-04-04 21:18 - 2019-05-22 10:00 - 000000000 ____D C:\Users\Petr\AppData\Local\VirtualStore
2020-04-04 20:58 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-04-04 20:50 - 2019-05-22 10:02 - 000000000 ___RD C:\Users\Petr\OneDrive
2020-04-04 20:49 - 2019-10-05 12:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-04-04 20:49 - 2019-05-22 10:18 - 000000000 __SHD C:\Users\Petr\IntelGraphicsProfiles
2020-04-04 20:49 - 2019-03-19 06:37 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2020-04-04 20:40 - 2019-10-05 12:38 - 000000000 ____D C:\Users\Petr
2020-04-04 20:40 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2020-04-04 20:40 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2020-04-04 19:25 - 2019-10-05 12:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-04-04 18:20 - 2019-05-23 10:41 - 000000128 _____ C:\Users\Petr\AppData\Local\PUTTY.RND
2020-04-04 10:56 - 2019-05-24 12:27 - 000000000 ____D C:\Users\Petr\AppData\Local\virt-viewer
2020-04-04 08:14 - 2019-07-26 21:30 - 000000000 ____D C:\Users\Petr\AppData\Local\LogMeIn Hamachi
2020-04-03 23:41 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-04-03 23:05 - 2020-02-28 01:28 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\IObit
2020-04-03 23:05 - 2020-02-28 01:24 - 000000000 ____D C:\ProgramData\IObit
2020-04-03 23:05 - 2020-02-28 01:23 - 000000000 ____D C:\Users\Petr\AppData\Roaming\IObit
2020-04-03 23:05 - 2019-05-22 13:47 - 000000000 ____D C:\ProgramData\dell
2020-04-03 23:05 - 2019-05-22 13:20 - 000000000 ____D C:\Program Files\Dell
2020-04-03 22:58 - 2019-11-07 23:05 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-04-03 22:58 - 2019-07-28 19:55 - 000000000 ____D C:\Users\Petr\AppData\Roaming\TeamViewer
2020-04-03 22:57 - 2019-08-29 09:11 - 000000000 ___DC C:\WINDOWS\Panther
2020-04-03 20:36 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-04-03 19:41 - 2019-05-23 10:56 - 000000600 _____ C:\Users\Petr\AppData\Roaming\winscp.rnd
2020-04-03 00:07 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-04-02 23:28 - 2019-07-10 10:01 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-02 11:26 - 2019-06-17 21:37 - 000000132 _____ C:\Users\Petr\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2020-04-02 08:22 - 2019-11-14 01:03 - 000744808 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-04-02 01:33 - 2019-05-22 11:13 - 000000000 ____D C:\Users\Petr\AppData\Roaming\KeePass
2020-04-01 10:36 - 2019-05-23 11:31 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-03-31 23:50 - 2019-03-19 06:52 - 000000000 ____D C:\PerfLogs
2020-03-31 14:39 - 2019-06-11 08:58 - 000000000 ____D C:\Users\Petr\AppData\Local\ElevatedDiagnostics
2020-03-29 16:39 - 2019-10-05 12:34 - 005107864 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-03-29 16:39 - 2019-05-22 10:55 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-03-29 14:34 - 2019-05-30 14:25 - 000000000 ____D C:\Users\Petr\AppData\Roaming\vlc
2020-03-28 18:00 - 2019-05-22 10:19 - 000000000 ____D C:\ProgramData\Packages
2020-03-27 15:51 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-03-27 13:39 - 2019-05-22 10:00 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-03-26 14:00 - 2019-05-22 10:29 - 000000000 ____D C:\Users\Petr\AppData\Local\PlaceholderTileLogoFolder
2020-03-26 13:59 - 2019-03-19 06:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-03-25 19:59 - 2019-05-22 09:56 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-03-23 09:21 - 2020-01-13 11:25 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2020-03-21 11:58 - 2019-05-22 11:00 - 000001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2020-03-21 11:51 - 2020-02-29 01:01 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-03-21 00:22 - 2019-10-05 12:44 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-03-21 00:22 - 2019-10-05 12:44 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-03-19 23:06 - 2019-05-22 10:00 - 000000000 ____D C:\Users\Petr\AppData\Local\Packages
2020-03-14 23:48 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-03-14 23:48 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-03-14 10:49 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-03-13 18:35 - 2019-05-22 10:00 - 000000000 ___RD C:\Users\Petr\3D Objects
2020-03-13 18:34 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-03-13 18:34 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-03-13 18:34 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-03-13 18:34 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-03-13 18:34 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-03-13 18:34 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\setup
2020-03-13 18:34 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-03-13 18:34 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-03-13 18:34 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-03-13 18:34 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\servicing
2020-03-11 11:00 - 2019-05-22 10:30 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-03-11 10:56 - 2019-05-22 10:30 - 121542864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-03-11 09:20 - 2019-10-05 12:44 - 000004610 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-03-11 09:20 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-03-11 09:20 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Macromed

==================== Files in the root of some directories ========

2019-06-17 21:37 - 2020-04-02 11:26 - 000000132 _____ () C:\Users\Petr\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2019-07-23 13:30 - 2020-02-03 10:48 - 000000128 _____ () C:\Users\Petr\AppData\Roaming\PUTTY.RND
2020-03-14 23:28 - 2020-03-14 23:42 - 3896018338 _____ () C:\Users\Petr\AppData\Roaming\Thunderbird.rar
2019-05-23 10:56 - 2020-04-03 19:41 - 000000600 _____ () C:\Users\Petr\AppData\Roaming\winscp.rnd
2019-07-12 10:07 - 2019-08-26 22:15 - 000001480 _____ () C:\Users\Petr\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2019-05-23 10:41 - 2020-04-04 18:20 - 000000128 _____ () C:\Users\Petr\AppData\Local\PUTTY.RND
2020-04-04 10:56 - 2020-04-04 10:56 - 000006660 _____ () C:\Users\Petr\AppData\Local\recently-used.xbel
2019-05-22 12:40 - 2019-05-22 12:40 - 000000425 _____ () C:\Users\Petr\AppData\Local\UserProducts.xml

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Scientific · Příspěvekod **Scientific** » 04 dub 2020 23:08

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-03-2020
Ran by Petr (04-04-2020 22:34:13)
Running from C:\Users\Petr\Desktop
Windows 10 Home Version 1903 18362.720 (X64) (2019-10-05 10:45:07)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1655598053-1459283977-1014168971-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1655598053-1459283977-1014168971-503 - Limited - Disabled)
Guest (S-1-5-21-1655598053-1459283977-1014168971-501 - Limited - Disabled)
outlook (S-1-5-21-1655598053-1459283977-1014168971-1003 - Limited - Enabled) => C:\Users\outlook.DESKTOP-7GJSA1T
Petr (S-1-5-21-1655598053-1459283977-1014168971-1001 - Administrator - Enabled) => C:\Users\Petr
WDAGUtilityAccount (S-1-5-21-1655598053-1459283977-1014168971-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.344 - Adobe)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Android Studio (HKLM\...\Android Studio) (Version: 3.4 - Google LLC)
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
CrystalDiskInfo 8.1.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 8.1.0 - Crystal Dew World)
CrystalDiskMark 6.0.2 (HKLM\...\CrystalDiskMark6_is1) (Version: 6.0.2 - Crystal Dew World)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DBeaver 7.0.0 (HKLM\...\DBeaver) (Version: 7.0.0 - DBeaver Corp)
DeskPins (remove only) (HKLM-x32\...\DeskPins) (Version: - )
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.5.0.20723 - Foxit Software Inc.)
FreeCropVideo (HKLM-x32\...\{BAA3FC30-2DC2-47C1-B09D-39D30EB7CEC9}) (Version: 1.06 - Free Crop Video)
Git version 2.24.1.2 (HKLM\...\Git_is1) (Version: 2.24.1.2 - The Git Development Community)
GitHub Desktop (HKU\S-1-5-21-1655598053-1459283977-1014168971-1001\...\GitHubDesktop) (Version: 2.2.4 - GitHub, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.163 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
HD Tune Pro 5.70 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.4973 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.0.2.1076 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{7516A945-5FC4-4563-8F5E-EECDBF61E84F}) (Version: 7.5.1 - Intel Corporation)
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{ACA5CFAC-9E99-4764-A7AD-AF5CF3FA15BF}) (Version: 17.0.2.1076 - Intel Corporation)
Java 8 Update 211 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
KeePass Password Safe 2.42.1 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.42.1 - Dominik Reichl)
Lightshot-5.5.0.4 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.5.0.4 - Skillbrains)
LogMeIn Hamachi (HKLM-x32\...\{ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7}) (Version: 2.2.0.633 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.633 - LogMeIn, Inc.)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
ManicTime (HKLM-x32\...\{C08F95DC-5BA0-43C6-B2E6-53AB1F809779}) (Version: 4.3.2.0 - Finkit d.o.o.)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.9669.4 - Waves Audio Ltd.) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1655598053-1459283977-1014168971-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0010 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27027 (HKLM-x32\...\{fd9b6070-d13e-45dc-819b-41806bf45b6b}) (Version: 14.16.27027.1 - Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-1655598053-1459283977-1014168971-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.43.1 - Microsoft Corporation)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 71.0 (x64 cs) (HKLM\...\Mozilla Firefox 71.0 (x64 cs)) (Version: 71.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.7.0 - Mozilla)
Mozilla Thunderbird 68.6.0 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 68.6.0 (x86 cs)) (Version: 68.6.0 - Mozilla)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.8.1 - Notepad++ Team)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 23.1.0 - OBS Project)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
PuTTY release 0.71 (64-bit) (HKLM\...\{B27534DB-4F72-4F49-A3AD-5EC1B6901E5E}) (Version: 0.71.0.0 - Simon Tatham)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8622 - Realtek Semiconductor Corp.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 6.1.0.170 - Samsung Electronics)
Samsung NVM Express Driver (HKLM-x32\...\{d6df2f24-bd8d-49bc-b751-fac310b24a4b}) (Version: 3.1.0.1901 - Samsung Electronics)
Samsung NVM Express Driver 3.1.0.1901 (HKLM\...\{DF7667AF-FC11-48A4-9585-7378B5224C1A}) (Version: 3.1.0.1901 - Samsung Electronics Co., Ltd) Hidden
Screaming Frog SEO Spider (HKLM-x32\...\Screaming Frog SEO Spider) (Version: 11.3 - Screaming Frog Ltd)
Soft193 Switch Off (HKLM-x32\...\Product_Name) (Version: 1.1 - Soft193)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.7.0 - Sophos Limited)
Stronghold Crusader Extreme HD (HKLM-x32\...\GOGPACKSTRONGHOLDCRUSADERHD_is1) (Version: 2.0.0.6 - GOG.com)
TeXstudio - TeXstudio is a fully featured LaTeX editor. (HKLM-x32\...\TeXstudio) (Version: 2.12.16 - Benito van der Zander)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22a - Ghisler Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{2E8B8BDD-03DF-4C1C-8C99-E6A4BCBF43CE}) (Version: 2.51.0.0 - Microsoft Corporation)
VirtViewer 8.0-256 (64-bit) (HKLM\...\{4763C89B-5AFB-4091-8E4C-FDA52A352711}) (Version: 8.0.256 - Virt Manager Project)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
WinSCP 5.15.1 (HKLM-x32\...\winscp3_is1) (Version: 5.15.1 - Martin Prikryl)
Xenu's Link Sleuth (HKLM-x32\...\Xenu's Link Sleuth) (Version: 1.3.8 - Tilman Hausherr)
Základní software zařízení HP Deskjet 1510 series (HKLM\...\{BF7E34C1-4669-46ED-A8DA-244125F41B89}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
Zemana AntiMalware verze 3.1.495 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.1.495 - Zemana)

Packages:
=========
Dell Power Manager -> C:\Program Files\WindowsApps\DellInc.DellPowerManager_3.6.12.0_x64__htrsf667h5kn2 [2020-03-19] (Dell Inc)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-05-28] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-05-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-05-22] (Microsoft Corporation) [MS Ad]
Microsoft Minesweeper -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMinesweeper_2.9.1913.0_x86__8wekyb3d8bbwe [2019-12-28] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
Widgets HD -> C:\Program Files\WindowsApps\48405AmbientSoftware.WidgetsFree_3.3.39.0_x86__agy8jafheqhng [2019-11-25] (Ambient Software) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1655598053-1459283977-1014168971-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-01-03] () [File not signed]
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2019-11-04] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2019-05-19] (Notepad++ -> )
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-03] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-01-03] () [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki127390.inf_amd64_e1ccb879ece8f084\igfxDTCM.dll [2018-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2019-11-04] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-03] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-01-03 18:16 - 2019-01-03 18:16 - 000126976 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2020-04-04 22:25 - 2020-04-04 22:25 - 000000813 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\PuTTY\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files\Git\cmd
HKU\S-1-5-21-1655598053-1459283977-1014168971-1001\Control Panel\Desktop\\Wallpaper -> c:\users\petr\appdata\local\microsoft\windows\themes\roamedthemefiles\desktopbackground\plocha-new.png
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "KeePass 2 PreLoad"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F4CB6420-7611-4739-A80B-4C90D4C853DA}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{38810439-6C43-4918-9FE1-592DBB59674F}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\USBSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{5F2E8244-F71A-459A-AECC-2DE7EFF0936E}] => (Allow) %SystemDrive%\GOG Games\Stronghold Crusader Extreme HD\Stronghold Crusader.exe (Firefly Studios Limited -> )
FirewallRules: [{A105ED4E-2065-462C-A0D0-380C5292F70B}] => (Allow) %ProgramFiles% (x86)\LogMeIn Hamachi\hamachi-2-ui.exe No File
FirewallRules: [{9E061E25-4F4B-4B51-A199-3B4F32CB0586}] => (Allow) %ProgramFiles% (x86)\LogMeIn Hamachi\hamachi-2-ui.exe No File
FirewallRules: [UDP Query User{0C44B3BE-BAD3-49DC-8F1E-F6ECC4AFD9BB}C:\program files (x86)\winscp\winscp.exe] => (Allow) C:\program files (x86)\winscp\winscp.exe (Martin Prikryl -> Martin Prikryl)
FirewallRules: [TCP Query User{315FA89B-042B-4287-9269-7C047374CA90}C:\program files (x86)\winscp\winscp.exe] => (Allow) C:\program files (x86)\winscp\winscp.exe (Martin Prikryl -> Martin Prikryl)
FirewallRules: [UDP Query User{2A2BFBCA-C802-4702-A7D8-35F5CBC4ED7F}C:\gog games\stronghold crusader extreme hd\stronghold crusader.exe] => (Allow) C:\gog games\stronghold crusader extreme hd\stronghold crusader.exe (Firefly Studios Limited -> )
FirewallRules: [TCP Query User{BE8E34E1-7097-4DAF-8029-F6B2864D6F89}C:\gog games\stronghold crusader extreme hd\stronghold crusader.exe] => (Allow) C:\gog games\stronghold crusader extreme hd\stronghold crusader.exe (Firefly Studios Limited -> )
FirewallRules: [UDP Query User{B78136B7-62BC-42BA-853D-A9280811B98E}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{4EEB8A4C-848A-4F85-B533-CCF88675C1BE}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{BF50B2FE-3882-40E5-B0F2-E9A4EDA5AE5F}C:\gog games\stronghold crusader extreme hd\stronghold_crusader_extreme.exe] => (Allow) C:\gog games\stronghold crusader extreme hd\stronghold_crusader_extreme.exe (Firefly Studios Limited -> )
FirewallRules: [TCP Query User{DE6D2ABB-3698-4C26-9D82-F2E3D6284B12}C:\gog games\stronghold crusader extreme hd\stronghold_crusader_extreme.exe] => (Allow) C:\gog games\stronghold crusader extreme hd\stronghold_crusader_extreme.exe (Firefly Studios Limited -> )
FirewallRules: [UDP Query User{D71554FA-837D-4C64-9C0D-48B384C70D79}C:\program files\android\android studio\jre\bin\java.exe] => (Allow) C:\program files\android\android studio\jre\bin\java.exe
FirewallRules: [TCP Query User{1B5D78C5-FEF1-45CD-8155-C3B705C2E4E8}C:\program files\android\android studio\jre\bin\java.exe] => (Allow) C:\program files\android\android studio\jre\bin\java.exe
FirewallRules: [{38F12C9F-CBFF-45A1-9874-AE00B02F5819}] => (Allow) LPort=1900
FirewallRules: [{937FFD06-B7DD-4371-A3EA-3638A3CB633E}] => (Allow) LPort=2869
FirewallRules: [{C1D7E522-0E3D-4923-BAE8-AE72293F6B60}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{36448498-C4F7-4AE4-AE6C-3FEA5516975E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FEB7C878-758A-47A9-BC0C-2D3216E944A9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{501DEBD2-E6D5-49F8-BB3B-290386A4F19C}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{620B9EBD-3D6A-4C75-935F-E91303B94436}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{88601184-BF6C-4346-AEB5-B3008F50D5BB}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{E364459B-0D3E-4D34-935E-18715621247B}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{28D7698F-5A0C-4197-BDFD-F26156A4CC86}C:\program files\dbeaver\dbeaver.exe] => (Allow) C:\program files\dbeaver\dbeaver.exe (DBeaver Corp -> )
FirewallRules: [UDP Query User{A15DC505-5E1D-4C04-A850-AE144B858B8E}C:\program files\dbeaver\dbeaver.exe] => (Allow) C:\program files\dbeaver\dbeaver.exe (DBeaver Corp -> )
FirewallRules: [TCP Query User{48C1E5D8-02E2-4A01-BA58-512719B03428}C:\program files (x86)\xming\xming.exe] => (Allow) C:\program files (x86)\xming\xming.exe No File
FirewallRules: [UDP Query User{D0B79D63-E718-4A15-A599-485DA669B3C6}C:\program files (x86)\xming\xming.exe] => (Allow) C:\program files (x86)\xming\xming.exe No File
FirewallRules: [{F5251162-D003-4B7C-87E2-09D9550B6E63}] => (Allow) %SystemDrive%\GOG Games\Stronghold Crusader Extreme HD\Stronghold Crusader.exe (Firefly Studios Limited -> )
FirewallRules: [{0F3D1E9E-C0E5-4FA3-93A2-B8D16DEFB3D9}] => (Allow) %SystemDrive%\GOG Games\Stronghold Crusader Extreme HD\Stronghold Crusader.exe (Firefly Studios Limited -> )
FirewallRules: [{7A2D6708-E3F3-4E7E-866E-9EBD88A892F5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.128.721.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{74FB539C-D74F-44BF-9E58-2A4FEB8B0CDF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.128.721.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6425BC7E-CD7A-4729-A702-9E37472F89ED}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.128.721.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C428FF8F-536C-4CCC-8B0B-D2F84CA4D8A3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.128.721.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D4E24493-C972-4DD1-9A01-19272A682C47}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.128.721.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{41FD02A1-22C0-4887-8B99-6B83779614BC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.128.721.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1BA8FAB2-3D80-4D90-B20C-4C00F81E323D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.128.721.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9AA97D7C-338B-43DA-8CED-5A087E8E3CA2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.128.721.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B9BCFB7F-4E50-4BA5-9F6B-D7CB5FA87578}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{8E523A90-8DA4-4150-A8C5-50F53F999413}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.129.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D39FB209-6350-4F34-974F-F746D012A242}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.129.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{02181859-7FBE-4C73-914D-C1057AC75881}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.129.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EFC6E044-81C4-4216-9E1C-1497AC16138F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.129.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C2002215-2D3C-46AE-965C-B31463964285}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.129.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BC31014E-DCB3-411A-8B46-FEF87A1F701B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.129.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{18E827AB-66D4-49E8-AF77-F7EFF72E39F1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.129.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{67DA545F-BD50-4A49-9603-5A8823605FC0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.129.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

==================== Restore Points =========================

27-03-2020 18:23:51 Naplánovaný kontrolní bod
02-04-2020 08:38:23 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026
03-04-2020 23:04:58 AdwCleaner_BeforeCleaning_03/04/2020_23:04:56
03-04-2020 23:17:20 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (04/04/2020 10:33:18 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9212,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (04/04/2020 10:27:18 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12416,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (04/04/2020 10:21:34 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6420,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (04/04/2020 09:44:43 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12508,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (04/04/2020 09:33:29 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5028,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (04/04/2020 09:24:56 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1076,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (04/04/2020 09:07:20 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (936,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (04/04/2020 08:51:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: IAStorDataMgrSvc.exe, verze: 17.0.2.1076, časové razítko: 0x5c2e44d7
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00007ffc5256025c
ID chybujícího procesu: 0x2c28
Čas spuštění chybující aplikace: 0x01d60ab213af57fe
Cesta k chybující aplikaci: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 04fa3171-d65d-46da-95bc-cae0eea9ac3b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

System errors:
=============
Error: (04/04/2020 08:51:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Rapid Storage Technology byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/04/2020 08:39:17 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (04/04/2020 08:39:17 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (04/04/2020 08:39:17 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (04/04/2020 08:39:16 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (04/04/2020 08:39:16 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (04/04/2020 12:03:23 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Rapid Storage Technology byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/03/2020 11:12:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Rapid Storage Technology byla neočekávaně ukončena. Tento stav nastal již 1krát.

Windows Defender:
===================================
Date: 2020-04-03 20:09:51.745
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {B85D05FE-CCB2-4B5B-A8F4-8C44AB8D3B56}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-03-22 17:58:15.021
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {0AB3C839-B72E-4114-9FE7-9A67341A72BC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-03-22 16:49:48.321
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {CA424A1B-0D49-4474-9CD8-28248C2A9C1B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-03-21 16:10:31.878
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {528680E8-5A3F-4122-AC17-4D5A6BB05882}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-03-21 12:52:43.475
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {98FDE955-47C1-4E8E-AAFB-2D0C06836DC1}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===================================

Date: 2020-04-04 20:50:41.790
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-04-04 20:50:41.717
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-04-04 00:02:42.507
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-04-04 00:02:42.418
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: Dell Inc. 1.2.2 03/11/2019
Motherboard: Dell Inc. 06PKRF
Processor: Intel(R) Core(TM) i3-6006U CPU @ 2.00GHz
Percentage of memory in use: 30%
Total physical RAM: 12185.93 MB
Available physical RAM: 8426.27 MB
Total Virtual: 24473.93 MB
Available Virtual: 19842.73 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.16 GB) (Free:372.07 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.5 GB) (Free:602.93 GB) NTFS
Drive e: (Zálohy) (Fixed) (Total:465.76 GB) (Free:224.51 GB) NTFS

\\?\Volume{415e5dee-40f6-40b8-8438-1dd0ac485a87}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.06 GB) NTFS
\\?\Volume{66384e4b-1db8-4161-9dd2-cae358e03fca}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 6871A033)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Blbnutí kláves a kontrola logu Vyřešeno

Blbnutí kláves a kontrola logu

Re: Blbnutí kláves a kontrola logu

Re: Blbnutí kláves a kontrola logu

Re: Blbnutí kláves a kontrola logu

Re: Blbnutí kláves a kontrola logu

Re: Blbnutí kláves a kontrola logu

Re: Blbnutí kláves a kontrola logu

Re: Blbnutí kláves a kontrola logu

Re: Blbnutí kláves a kontrola logu

Re: Blbnutí kláves a kontrola logu

Re: Blbnutí kláves a kontrola logu

Re: Blbnutí kláves a kontrola logu

Kdo je online