mám v compu malware změnil mi heslo a email v účtu microsoft nemůžu ho odstranit můžete pomoci?
------------------------------------------------------------------------------------------------------------------------
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-12-2023
Ran by sprzetowo (administrator) on DESKTOP-M8LDTVG (LENOVO 4480B4U) (23-12-2023 20:36:16)
Running from C:\Users\sprzetowo\Downloads\FRST64.exe
Loaded Profiles: sprzetowo
Platform: Microsoft Windows 10 Home Version 22H2 19045.3803 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <14>
(C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe ->) (IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(C:\Program Files\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(cmd.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\BrowserPrivacyAndSecurity.exe
(cmd.exe ->) (IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\SPNativeMessage.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler64.exe
(IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
(IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
(IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\RealTimeProtector.exe
(IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\Driver Booster\11.1.0\DriverBooster.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\efwd.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_866484083fc526af\Display.NvContainer\NVDisplay.Container.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19572536 2023-03-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [195576 2023-11-14] (ESET, spol. s r.o. -> ESET)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-1276438215-3619228080-4072379647-1001\...\Run: [MicrosoftEdgeAutoLaunch_F65DF9D52833C185E3A8339600663ABC] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3854280 2023-12-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1276438215-3619228080-4072379647-1001\...\Run: [Advanced SystemCare] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [5455880 2023-10-17] (IObit CO., LTD -> IObit)
HKU\S-1-5-21-1276438215-3619228080-4072379647-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\sprzetowo\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-1276438215-3619228080-4072379647-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\sprzetowo\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" [65858576 2023-12-23] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1276438215-3619228080-4072379647-1001\...\RunOnce: [Uninstall 21.220.1024.0005\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\sprzetowo\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\amd64" [0 2023-12-17] () <==== ATTENTION [zero byte File/Folder]
HKU\S-1-5-21-1276438215-3619228080-4072379647-1001\...\RunOnce: [Uninstall 21.220.1024.0005] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\sprzetowo\AppData\Local\Microsoft\OneDrive\21.220.1024.0005" [0 2023-12-23] () <==== ATTENTION [zero byte File/Folder]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\120.0.6099.111\Installer\chrmstp.exe [2023-12-23] (Google LLC -> Google LLC)
StartupDir: C:\Users\sprzetowo\AppData\Local\Temp\b64c58644b <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {A946B4BF-AD38-4447-BA2C-F210C311074E} - System32\Tasks\ASC_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [5507080 2023-11-27] (IObit CO., LTD -> IObit)
Task: {DEB50C94-D569-49DE-BE3E-473CC12CA3A0} - System32\Tasks\ASC_SkipUac_sprzetowo => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [11002376 2023-12-01] (IObit CO., LTD -> IObit)
Task: {CD1F44E3-49A0-4CFA-B967-A24A4D8D563D} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\11.1.0\Scheduler.exe [160744 2023-09-28] (IObit CO., LTD -> IObit)
Task: {74E1DD7C-40FF-406F-9883-07C0D9B123AE} - System32\Tasks\Driver Booster SkipUAC (sprzetowo) => C:\Program Files (x86)\IObit\Driver Booster\11.1.0\DriverBooster.exe [9044456 2023-10-26] (IObit CO., LTD -> IObit)
Task: {B14FD7E5-7A57-47F3-A15E-1B71B498CE40} - System32\Tasks\GoogleUpdateTaskMachineCore{90C3A1DA-F088-49D8-9DB3-61DD99793B9C} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-12-17] (Google LLC -> Google LLC)
Task: {8318BF9E-6A5B-4154-9F37-6B86D49F87AA} - System32\Tasks\GoogleUpdateTaskMachineUA{DED0EAD3-4673-4C13-BBB0-02098BAC9E1E} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-12-17] (Google LLC -> Google LLC)
Task: {107107E1-2114-4819-A765-4C5313644879} - System32\Tasks\Christmas Task (One-Time) => C:\Program Files (x86)\IObit\Advanced SystemCare\Pub\xmas.exe [2766344 2023-12-23] (IObit CO., LTD -> IObit)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{4d4307b4-39ac-4ef8-90b1-3b5a0001bfd3}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{4d4307b4-39ac-4ef8-90b1-3b5a0001bfd3}: [DhcpDomain] home
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\sprzetowo\AppData\Local\Microsoft\Edge\User Data\Default [2023-12-23]
Edge Extension: (Dokumenty Google offline) - C:\Users\sprzetowo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-12-17]
Edge Extension: (Edge relevant text changes) - C:\Users\sprzetowo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-12-17]
Edge HKLM-x32\...\Edge\Extension: [nkapkmklnmidbbgjaipbgpcnbomnaakc]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\sprzetowo\AppData\Local\Google\Chrome\User Data\Default [2023-12-23]
CHR Notifications: Default -> hxxps://www.youtube.com
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://seznam.cz/"
CHR Extension: (Dokumenty Google offline) - C:\Users\sprzetowo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-12-17]
CHR Extension: (IObit Surfing Protection) - C:\Users\sprzetowo\AppData\Local\Google\Chrome\User Data\Default\Extensions\imgpenhngnbnmhdkpdfnfhdpmfgmihdn [2023-12-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\sprzetowo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-12-17]
CHR Extension: (ESET Browser Privacy & Security) - C:\Users\sprzetowo\AppData\Local\Google\Chrome\User Data\Default\Extensions\oombnmpbbhbakfpfgdflaajkhicgfaam [2023-12-23]
CHR HKLM-x32\...\Chrome\Extension: [oombnmpbbhbakfpfgdflaajkhicgfaam]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdvancedSystemCareService17; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [1268744 2023-11-23] (IObit CO., LTD -> IObit)
R2 efwd; C:\Program Files\ESET\ESET Security\efwd.exe [2537928 2023-11-14] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3850920 2023-11-14] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3850920 2023-11-14] (ESET, spol. s r.o. -> ESET)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_866484083fc526af\Display.NvContainer\NVDisplay.Container.exe [1274992 2023-12-23] (NVIDIA Corporation -> NVIDIA Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-17] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AscFileControl; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscFileControl.sys [40920 2023-07-13] (IObit CO., LTD -> IObit)
R3 AscFileFilter; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscFileFilter.sys [47904 2023-07-13] (IObit CO., LTD -> IObit)
R3 AscRegistryFilter; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscRegistryFilter.sys [46552 2023-07-13] (IObit CO., LTD -> IObit)
R3 cpuz154; C:\WINDOWS\temp\cpuz154\cpuz154_x64.sys [40976 2023-12-23] (Microsoft Windows Hardware Compatibility Publisher -> CPUID)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [215616 2023-11-14] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [120032 2023-11-14] (ESET, spol. s r.o. -> ESET)
R1 edevmonm; C:\WINDOWS\System32\DRIVERS\edevmonm.sys [122664 2023-11-14] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [16336 2023-11-14] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [254344 2023-11-14] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\System32\drivers\ekbdflt.sys [55528 2023-11-27] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [81824 2023-11-14] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [124168 2023-11-14] (ESET, spol. s r.o. -> ESET)
R3 iobit_monitor_server2021; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win10_x64.sys [33256 2023-07-13] (IObit CO., LTD -> IObit)
R3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [12183512 2023-11-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [55856 2023-12-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [594304 2023-12-17] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-17] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-12-23 20:36 - 2023-12-23 20:36 - 000013114 _____ C:\Users\sprzetowo\Downloads\FRST.txt
2023-12-23 20:35 - 2023-12-23 20:36 - 000000000 ____D C:\FRST
2023-12-23 20:34 - 2023-12-23 20:34 - 002387456 _____ (Farbar) C:\Users\sprzetowo\Downloads\FRST64.exe
2023-12-23 19:18 - 2023-12-23 19:18 - 074559488 _____ C:\WINDOWS\system32\config\SOFTWARE.iobit
2023-12-23 19:18 - 2023-12-23 19:18 - 004243456 _____ C:\WINDOWS\system32\config\DRIVERS.iobit
2023-12-23 19:18 - 2023-12-23 19:18 - 000368640 _____ C:\WINDOWS\system32\config\DEFAULT.iobit
2023-12-23 19:18 - 2023-12-23 19:18 - 000061440 _____ C:\WINDOWS\system32\config\SAM.iobit
2023-12-23 19:18 - 2023-12-23 19:18 - 000028672 _____ C:\WINDOWS\system32\config\SECURITY.iobit
2023-12-23 19:16 - 2023-12-23 19:16 - 000466456 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2023-12-23 19:16 - 2023-12-23 19:16 - 000444952 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2023-12-23 19:16 - 2023-12-23 19:16 - 000122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2023-12-23 19:16 - 2023-12-23 19:16 - 000109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2023-12-23 19:16 - 2023-12-23 19:16 - 000000000 ____D C:\Program Files (x86)\OpenAL
2023-12-23 19:15 - 2023-12-23 19:17 - 000000000 ____D C:\ProgramData\Package Cache
2023-12-23 19:15 - 2023-12-23 19:15 - 000000000 ____D C:\Program Files (x86)\Microsoft XNA
2023-12-23 18:37 - 2023-12-23 18:37 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2023-12-23 18:36 - 2023-12-23 18:36 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2023-12-23 18:34 - 2023-12-23 18:34 - 001541256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2023-12-23 18:34 - 2023-12-23 18:34 - 001487368 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2023-12-23 18:34 - 2023-12-23 18:34 - 001424064 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2023-12-23 18:34 - 2023-12-23 18:34 - 001424064 _____ C:\WINDOWS\system32\vulkan-1.dll
2023-12-23 18:34 - 2023-12-23 18:34 - 001246400 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2023-12-23 18:34 - 2023-12-23 18:34 - 001246400 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2023-12-23 18:34 - 2023-12-23 18:34 - 001227288 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2023-12-23 18:34 - 2023-12-23 18:34 - 001198728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2023-12-23 18:34 - 2023-12-23 18:34 - 000957960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2023-12-23 18:34 - 2023-12-23 18:34 - 000850616 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2023-12-23 18:34 - 2023-12-23 18:34 - 000850616 _____ C:\WINDOWS\system32\vulkaninfo.exe
2023-12-23 18:34 - 2023-12-23 18:34 - 000810096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2023-12-23 18:34 - 2023-12-23 18:34 - 000731320 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-12-23 18:34 - 2023-12-23 18:34 - 000731320 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2023-12-23 18:34 - 2023-12-23 18:34 - 000670232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll
2023-12-23 18:34 - 2023-12-23 18:34 - 000505480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll
2023-12-23 18:33 - 2023-12-23 18:33 - 015095408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2023-12-23 18:33 - 2023-12-23 18:33 - 012375688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2023-12-23 18:33 - 2023-12-23 18:33 - 007869576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2023-12-23 18:33 - 2023-12-23 18:33 - 006745768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2023-12-23 18:33 - 2023-12-23 18:33 - 006462600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2023-12-23 18:33 - 2023-12-23 18:33 - 005862512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2023-12-23 18:33 - 2023-12-23 18:33 - 005861000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2023-12-23 18:33 - 2023-12-23 18:33 - 003620488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2023-12-23 18:33 - 2023-12-23 18:33 - 002170992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2023-12-23 18:33 - 2023-12-23 18:33 - 001624712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2023-12-23 18:33 - 2023-12-23 18:33 - 000997512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2023-12-23 18:33 - 2023-12-23 18:33 - 000853640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2023-12-23 18:33 - 2023-12-23 18:33 - 000773744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2023-12-23 18:33 - 2023-12-23 18:33 - 000459912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2023-12-23 18:33 - 2023-12-23 18:33 - 000113947 _____ C:\WINDOWS\system32\nvinfo.pb
2023-12-23 18:31 - 2023-12-23 18:36 - 000000000 ____D C:\WINDOWS\LastGood
2023-12-23 18:17 - 2023-12-23 18:17 - 000003330 _____ C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (sprzetowo)
2023-12-23 18:17 - 2023-12-23 18:17 - 000003210 _____ C:\WINDOWS\system32\Tasks\Driver Booster Scheduler
2023-12-23 18:17 - 2023-12-23 18:17 - 000002370 _____ C:\Users\Public\Desktop\Driver Booster 11.lnk
2023-12-23 17:22 - 2023-12-23 17:22 - 000003390 _____ C:\WINDOWS\system32\Tasks\Christmas Task (One-Time)
2023-12-23 17:21 - 2023-12-23 18:17 - 000000000 ____D C:\ProgramData\ProductData
2023-12-23 17:21 - 2023-12-23 18:17 - 000000000 ____D C:\Program Files (x86)\IObit
2023-12-23 17:21 - 2023-12-23 17:21 - 000003318 _____ C:\WINDOWS\system32\Tasks\ASC_PerformanceMonitor
2023-12-23 17:21 - 2023-12-23 17:21 - 000003116 _____ C:\WINDOWS\system32\Tasks\ASC_SkipUac_sprzetowo
2023-12-23 17:21 - 2023-12-23 17:21 - 000001302 _____ C:\Users\Public\Desktop\Advanced SystemCare.lnk
2023-12-23 17:21 - 2023-12-23 17:21 - 000000000 ____D C:\ProgramData\ProductData3
2023-12-23 17:20 - 2023-12-23 19:19 - 000000000 ____D C:\ProgramData\IObit
2023-12-23 17:20 - 2023-12-23 18:17 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\IObit
2023-12-23 17:19 - 2023-12-23 17:20 - 054963608 _____ (IObit ) C:\Users\sprzetowo\Downloads\advanced-systemcare-setup (1).exe
2023-12-23 17:17 - 2023-12-23 17:18 - 054963608 _____ (IObit ) C:\Users\sprzetowo\Downloads\advanced-systemcare-setup.exe
2023-12-23 17:08 - 2023-12-23 17:08 - 000000000 ____D C:\Users\sprzetowo\AppData\Local\Backup
2023-12-18 03:49 - 2023-12-18 03:49 - 000000000 ____D C:\Users\sprzetowo\AppData\Local\CEF
2023-12-18 03:49 - 2023-12-18 03:49 - 000000000 ____D C:\ProgramData\Ubisoft
2023-12-18 03:48 - 2023-12-18 04:01 - 000000000 ____D C:\Users\sprzetowo\AppData\Local\Ubisoft Game Launcher
2023-12-18 03:48 - 2023-12-18 03:48 - 234916808 _____ (Ubisoft) C:\Users\sprzetowo\Downloads\UbisoftConnectInstaller (2).exe
2023-12-18 03:48 - 2023-12-18 03:48 - 000001327 _____ C:\Users\sprzetowo\Desktop\Ubisoft Connect.lnk
2023-12-18 03:48 - 2023-12-18 03:48 - 000000000 ____D C:\Program Files (x86)\Ubisoft
2023-12-18 03:46 - 2023-12-18 03:47 - 234916808 _____ (Ubisoft) C:\Users\sprzetowo\Downloads\UbisoftConnectInstaller (1).exe
2023-12-18 03:44 - 2023-12-18 03:45 - 234916808 _____ (Ubisoft) C:\Users\sprzetowo\Downloads\UbisoftConnectInstaller.exe
2023-12-18 03:31 - 2023-12-18 03:31 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Applied Acoustics Systems
2023-12-18 03:30 - 2023-12-18 03:38 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Celemony Software GmbH
2023-12-18 03:30 - 2023-12-18 03:30 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\SynthMaker
2023-12-18 02:39 - 2023-12-18 02:39 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2023-12-18 02:39 - 2023-12-18 02:39 - 000000000 ____D C:\ProgramData\Celemony Software GmbH
2023-12-18 02:39 - 2023-12-18 02:39 - 000000000 ____D C:\Program Files\Common Files\VST3
2023-12-18 02:39 - 2023-12-18 02:39 - 000000000 ____D C:\Program Files\Common Files\VST2
2023-12-18 02:39 - 2023-12-18 02:39 - 000000000 ____D C:\Program Files\Common Files\Celemony
2023-12-18 02:39 - 2023-12-18 02:39 - 000000000 ____D C:\Program Files\Common Files\Avid
2023-12-18 02:39 - 2023-12-18 02:39 - 000000000 ____D C:\Program Files\Celemony
2023-12-18 02:39 - 2023-12-18 02:39 - 000000000 ____D C:\Program Files (x86)\Celemony
2023-12-18 02:36 - 2023-12-18 02:36 - 000001858 _____ C:\Users\sprzetowo\AppData\Roaming\Microsoft\Windows\Start Menu\Mixcraft 9 Pro Studio (64-bit).lnk
2023-12-18 02:36 - 2023-12-18 02:36 - 000001834 _____ C:\Users\sprzetowo\Desktop\Mixcraft 9 Pro Studio (64-bit).lnk
2023-12-18 02:35 - 2023-12-18 02:35 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Acoustica
2023-12-18 02:34 - 2023-12-18 02:34 - 000000000 ____D C:\Program Files\Common Files\Propellerhead Software
2023-12-18 02:32 - 2023-12-18 02:32 - 000000000 ____D C:\Program Files (x86)\VST
2023-12-18 02:29 - 2023-12-18 03:34 - 000000000 ____D C:\Program Files\Acoustica Mixcraft 9
2023-12-18 02:29 - 2023-12-18 02:32 - 000000000 ____D C:\ProgramData\Acoustica
2023-12-18 02:29 - 2020-02-26 22:00 - 000615899 _____ C:\Users\sprzetowo\Desktop\Acoustica_KeyGen.exe
2023-12-18 02:29 - 2020-02-26 22:00 - 000001012 _____ C:\Users\sprzetowo\Desktop\Acoustica_Hosts_Patch.cmd
2023-12-18 01:54 - 2023-12-18 01:54 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Microsoft\HTML Help
2023-12-18 01:53 - 2023-12-18 01:58 - 000001040 _____ C:\Users\Public\Desktop\WinRAR.lnk
2023-12-18 01:53 - 2023-12-18 01:53 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\WinRAR
2023-12-18 01:50 - 2023-12-18 02:27 - 000000000 ____D C:\Program Files\WinRAR
2023-12-18 01:49 - 2023-12-18 01:49 - 003824480 _____ C:\Users\sprzetowo\Downloads\winrar-x64-624cz.exe
2023-12-18 01:30 - 2023-12-18 01:30 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Microsoft\WordPad
2023-12-18 01:12 - 2023-12-18 01:12 - 000002685 _____ C:\Users\sprzetowo\Desktop\Google Password Manager.lnk
2023-12-18 01:12 - 2023-12-18 01:12 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome
2023-12-18 00:50 - 2023-12-18 00:50 - 000002016 _____ C:\Users\Public\Desktop\ESET Zabezpečené bankovnictví a prohlížení webu.lnk
2023-12-18 00:50 - 2023-12-18 00:50 - 000000000 ____D C:\Users\sprzetowo\AppData\Local\ESET
2023-12-18 00:50 - 2023-12-18 00:50 - 000000000 ____D C:\ProgramData\ESET
2023-12-18 00:50 - 2023-12-18 00:50 - 000000000 ____D C:\Program Files\ESET
2023-12-18 00:44 - 2023-12-18 00:44 - 009798776 _____ (ESET) C:\Users\sprzetowo\Downloads\eset_smart_security_premium_live_installer.exe
2023-12-17 23:20 - 2023-12-17 23:20 - 000000000 ____D C:\ProgramData\PLUG
2023-12-17 23:19 - 2023-12-18 01:30 - 074711040 _____ C:\WINDOWS\system32\config\SOFTWARE
2023-12-17 23:16 - 2023-12-17 23:19 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2023-12-17 23:15 - 2023-12-17 23:15 - 000000000 ____D C:\WINDOWS\InboxApps
2023-12-17 21:27 - 2023-12-17 21:27 - 000016707 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2023-12-17 21:12 - 2023-12-17 21:12 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-12-17 21:05 - 2023-12-17 21:08 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-12-17 21:04 - 2023-12-17 21:04 - 000000000 ____D C:\Program Files\RUXIM
2023-12-17 20:28 - 2023-12-23 17:04 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-12-17 20:28 - 2023-12-23 17:04 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-12-17 20:28 - 2023-12-17 20:28 - 000000000 ____D C:\Users\sprzetowo\AppData\Local\Google
2023-12-17 20:28 - 2023-12-17 20:28 - 000000000 ____D C:\Program Files\Google
2023-12-17 20:27 - 2023-12-23 20:32 - 000000000 ____D C:\Program Files (x86)\Google
2023-12-17 20:27 - 2023-12-17 20:27 - 001376304 _____ (Google LLC) C:\Users\sprzetowo\Downloads\ChromeSetup.exe
2023-12-17 20:27 - 2023-12-17 20:27 - 000003844 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{DED0EAD3-4673-4C13-BBB0-02098BAC9E1E}
2023-12-17 20:27 - 2023-12-17 20:27 - 000003720 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{90C3A1DA-F088-49D8-9DB3-61DD99793B9C}
2023-12-17 20:06 - 2023-12-17 20:06 - 000000375 _____ C:\Users\sprzetowo\Desktop\Ovládací panely – zástupce.lnk
2023-12-17 20:05 - 2023-12-17 20:05 - 000000000 ___HD C:\$WinREAgent
2023-12-17 20:04 - 2023-12-17 20:04 - 000000000 ____D C:\Users\sprzetowo\Documents\FeedbackHub
2023-12-17 19:43 - 2023-12-17 19:43 - 000000000 ____D C:\Users\sprzetowo\AppData\Local\OneDrive
2023-12-17 17:11 - 2023-12-17 19:57 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Microsoft\Spelling
2023-12-17 16:52 - 2023-12-17 16:52 - 000000000 ____D C:\Users\sprzetowo\AppData\Local\Comms
2023-12-17 16:43 - 2023-12-23 17:06 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1276438215-3619228080-4072379647-1001
2023-12-17 16:42 - 2023-12-23 17:06 - 000003388 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1276438215-3619228080-4072379647-1001
2023-12-17 16:42 - 2023-12-18 03:51 - 000000000 ____D C:\Users\sprzetowo\AppData\Local\D3DSCache
2023-12-17 16:42 - 2023-12-18 02:07 - 000000000 ____D C:\Users\sprzetowo\AppData\Local\PlaceholderTileLogoFolder
2023-12-17 16:42 - 2023-12-17 16:42 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2023-12-17 16:41 - 2023-12-17 16:41 - 000000000 ____D C:\Users\sprzetowo\AppData\Local\Publishers
2023-12-17 16:40 - 2023-12-23 18:40 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-12-17 16:40 - 2023-12-18 03:31 - 000000000 ____D C:\Users\sprzetowo\AppData\Local\VirtualStore
2023-12-17 16:40 - 2023-12-18 02:07 - 000000000 ____D C:\Users\sprzetowo\AppData\Local\Packages
2023-12-17 16:40 - 2023-12-17 23:20 - 000000000 ____D C:\Users\sprzetowo\AppData\Local\ConnectedDevicesPlatform
2023-12-17 16:40 - 2023-12-17 17:31 - 000000000 ____D C:\ProgramData\Packages
2023-12-17 16:40 - 2023-12-17 16:40 - 000000020 ___SH C:\Users\sprzetowo\ntuser.ini
2023-12-17 16:40 - 2023-12-17 16:40 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Microsoft\Network
2023-12-17 16:40 - 2023-12-17 16:40 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Adobe
2023-12-17 16:35 - 2023-12-18 01:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-12-17 16:35 - 2023-12-17 20:05 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-12-17 16:35 - 2023-12-17 16:35 - 000003638 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-12-17 16:35 - 2023-12-17 16:35 - 000003544 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1da30fd81d88c79
2023-12-17 16:35 - 2023-12-17 16:35 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2023-12-17 16:35 - 2023-12-17 16:35 - 000000000 _SHDL C:\Users\Default User
2023-12-17 16:35 - 2023-12-17 16:35 - 000000000 _SHDL C:\Users\All Users
2023-12-17 16:35 - 2023-12-17 16:35 - 000000000 _SHDL C:\ProgramData\Šablony
2023-12-17 16:35 - 2023-12-17 16:35 - 000000000 _SHDL C:\ProgramData\Plocha
2023-12-17 16:35 - 2023-12-17 16:35 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2023-12-17 16:35 - 2023-12-17 16:35 - 000000000 _SHDL C:\ProgramData\Dokumenty
2023-12-17 16:35 - 2023-12-17 16:35 - 000000000 _SHDL C:\ProgramData\Data aplikací
2023-12-17 16:33 - 2023-12-17 16:33 - 000023758 _____ C:\Users\sprzetowo\Desktop\Odebrané aplikace.html
2023-12-17 16:33 - 2023-12-17 16:33 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Microsoft\SystemCertificates
2023-12-17 16:33 - 2023-12-17 16:33 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Microsoft\Crypto
2023-12-17 16:30 - 2023-12-23 17:06 - 000002393 _____ C:\Users\sprzetowo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-12-17 16:30 - 2023-12-17 16:40 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Microsoft\Windows
2023-12-17 16:30 - 2023-12-17 16:40 - 000000000 ____D C:\Users\sprzetowo
2023-12-17 16:30 - 2023-12-17 16:30 - 000000000 _SHDL C:\Users\sprzetowo\Šablony
2023-12-17 16:30 - 2023-12-17 16:30 - 000000000 _SHDL C:\Users\sprzetowo\Soubory cookie
2023-12-17 16:30 - 2023-12-17 16:30 - 000000000 _SHDL C:\Users\sprzetowo\Poslední
2023-12-17 16:30 - 2023-12-17 16:30 - 000000000 _SHDL C:\Users\sprzetowo\Okolní tiskárny
2023-12-17 16:30 - 2023-12-17 16:30 - 000000000 _SHDL C:\Users\sprzetowo\Okolní síť
2023-12-17 16:30 - 2023-12-17 16:30 - 000000000 _SHDL C:\Users\sprzetowo\Nabídka Start
2023-12-17 16:30 - 2023-12-17 16:30 - 000000000 _SHDL C:\Users\sprzetowo\Dokumenty
2023-12-17 16:30 - 2023-12-17 16:30 - 000000000 _SHDL C:\Users\sprzetowo\Documents\Obrázky
2023-12-17 16:30 - 2023-12-17 16:30 - 000000000 _SHDL C:\Users\sprzetowo\Documents\Hudba
2023-12-17 16:30 - 2023-12-17 16:30 - 000000000 _SHDL C:\Users\sprzetowo\Documents\Filmy
2023-12-17 16:30 - 2023-12-17 16:30 - 000000000 _SHDL C:\Users\sprzetowo\Data aplikací
2023-12-17 16:30 - 2023-12-17 16:30 - 000000000 _SHDL C:\Users\sprzetowo\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2023-12-17 16:30 - 2023-12-17 16:30 - 000000000 _SHDL C:\Users\sprzetowo\AppData\Local\Data aplikací
2023-12-17 16:27 - 2023-12-23 18:37 - 000000000 ____D C:\ProgramData\NVIDIA
2023-12-17 16:27 - 2023-12-23 17:05 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-12-17 16:27 - 2023-12-17 20:33 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2023-12-17 16:27 - 2023-12-17 16:27 - 000979199 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2023-12-17 16:27 - 2023-12-17 16:27 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2023-12-17 16:27 - 2023-12-17 16:27 - 000000000 ____H C:\ProgramData\DP45977C.lfl
2023-12-17 16:27 - 2023-12-17 16:27 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2023-12-17 16:27 - 2023-12-17 16:27 - 000000000 ____D C:\WINDOWS\system32\lxss
2023-12-17 16:27 - 2023-12-17 16:27 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2023-12-17 16:27 - 2023-12-17 16:27 - 000000000 ____D C:\WINDOWS\system32\DAX3
2023-12-17 16:27 - 2023-12-17 16:27 - 000000000 ____D C:\WINDOWS\system32\DAX2
2023-12-17 16:27 - 2023-12-17 16:27 - 000000000 ____D C:\ProgramData\Audyssey Labs
2023-12-17 16:27 - 2023-12-17 16:27 - 000000000 ____D C:\Program Files\Realtek
2023-12-17 16:26 - 2023-12-23 20:12 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-12-17 16:26 - 2023-12-18 01:30 - 000008192 ___SH C:\DumpStack.log.tmp
2023-12-17 16:26 - 2023-12-17 23:20 - 000260632 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-12-17 16:25 - 2023-12-23 18:16 - 000000000 ____D C:\WINDOWS\Panther
2023-12-17 16:22 - 2023-12-23 17:30 - 000000000 ____D C:\Windows.old
2023-12-17 16:21 - 2023-12-17 16:21 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2023-12-17 16:20 - 2023-12-17 16:20 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2023-12-17 16:20 - 2023-12-17 16:20 - 000000000 ____D C:\WINDOWS\Setup
2023-12-17 16:19 - 2023-12-23 18:40 - 000682184 _____ C:\WINDOWS\system32\perfh005.dat
2023-12-17 16:19 - 2023-12-23 18:40 - 000137000 _____ C:\WINDOWS\system32\perfc005.dat
2023-12-17 16:19 - 2023-12-17 16:41 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\SysWOW64\0409
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\system32\winrm
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\system32\WCN
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\system32\slmgr
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\system32\cs
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\system32\0409
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\OCR
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\DigitalLocker
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\addins
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\ProgramData\ssh
2023-12-17 16:17 - 2023-12-23 20:32 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-12-17 16:17 - 2023-12-23 19:54 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-12-17 16:17 - 2023-12-23 19:16 - 000000000 ___RD C:\Program Files (x86)
2023-12-17 16:17 - 2023-12-23 19:15 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-12-17 16:17 - 2023-12-23 18:37 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-12-17 16:17 - 2023-12-23 17:54 - 000000000 ___HD C:\Program Files\WindowsApps
2023-12-17 16:17 - 2023-12-23 17:04 - 000000000 ____D C:\WINDOWS\appcompat
2023-12-17 16:17 - 2023-12-18 00:50 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-12-17 16:17 - 2023-12-17 23:15 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-12-17 16:17 - 2023-12-17 23:15 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-12-17 16:17 - 2023-12-17 23:15 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-12-17 16:17 - 2023-12-17 23:15 - 000000000 ____D C:\WINDOWS\SystemResources
2023-12-17 16:17 - 2023-12-17 23:15 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-12-17 16:17 - 2023-12-17 23:15 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-12-17 16:17 - 2023-12-17 23:15 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-12-17 16:17 - 2023-12-17 23:15 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-12-17 16:17 - 2023-12-17 23:15 - 000000000 ____D C:\WINDOWS\Provisioning
2023-12-17 16:17 - 2023-12-17 23:15 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-12-17 16:17 - 2023-12-17 23:15 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-12-17 16:17 - 2023-12-17 20:04 - 000000000 ____D C:\Program Files\Windows Defender
2023-12-17 16:17 - 2023-12-17 16:57 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-12-17 16:17 - 2023-12-17 16:57 - 000000000 ____D C:\WINDOWS\ServiceState
2023-12-17 16:17 - 2023-12-17 16:41 - 000000000 ____D C:\WINDOWS\system32\spool
2023-12-17 16:17 - 2023-12-17 16:41 - 000000000 ____D C:\ProgramData\USOPrivate
2023-12-17 16:17 - 2023-12-17 16:35 - 000000000 ____D C:\Program Files\Windows NT
2023-12-17 16:17 - 2023-12-17 16:33 - 000000000 __RHD C:\Users\Public\Libraries
2023-12-17 16:17 - 2023-12-17 16:33 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows
2023-12-17 16:17 - 2023-12-17 16:26 - 000000000 ____D C:\WINDOWS\system32\config\TxR
2023-12-17 16:17 - 2023-12-17 16:23 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2023-12-17 16:17 - 2023-12-17 16:22 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ___SD C:\WINDOWS\system32\F12
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ___SD C:\WINDOWS\system32\dsc
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\system32\setup
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\system32\MUI
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\system32\Com
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\IME
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\Help
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\Program Files\Common Files\System
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\Program Files (x86)\Windows NT
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 __SHD C:\Program Files\Windows Sidebar
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 __RSD C:\WINDOWS\Media
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ___SD C:\WINDOWS\system32\Nui
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ___SD C:\WINDOWS\system32\Configuration
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ___HD C:\WINDOWS\LanguageOverlayCache
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\Web
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\WaaS
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\Vss
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\tracing
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\TAPI
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ras
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\Msdtc
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SystemApps
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\winevt
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\ti-et
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\ta-lk
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\ta-in
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\si-lk
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\ras
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\ProximityToast
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\PointOfService
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\osa-Osge-001
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\NDF
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\my-mm
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\Macromed
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\Keywords
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\Ipmi
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\IME
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\icsxml
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\ias
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\Hydrogen
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\GroupPolicyUsers
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\ff-Adlm-SN
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\DriverState
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\downlevel
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\ContainerSettingsProviders
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\config\RegBack
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\config\Journal
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\Bthprops
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\am-et
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\System
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SKB
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\schemas
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SchCache
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\security
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\Resources
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\rescache
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\Registration
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\PLA
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\Performance
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\ModemLogs
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\L2Schemas
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\InputMethod
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\IdentityCRL
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\Globalization
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\DiagTrack
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\Cursors
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\Containers
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\Branding
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\ProgramData\USOShared
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\Program Files\Windows Security
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\Program Files\Windows Portable Devices
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\Program Files\ModifiableWindowsApps
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\Program Files\Common Files\Services
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2023-12-17 16:17 - 2023-12-17 16:15 - 000017635 _____ C:\WINDOWS\system32\Drivers\etc\services
2023-12-17 16:17 - 2023-12-17 16:15 - 000003103 _____ C:\WINDOWS\SysWOW64\mmc.exe.config
2023-12-17 16:17 - 2023-12-17 16:15 - 000003103 _____ C:\WINDOWS\system32\mmc.exe.config
2023-12-17 16:17 - 2023-12-17 16:15 - 000001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol
2023-12-17 16:17 - 2023-12-17 16:15 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2023-12-17 16:17 - 2023-12-17 16:15 - 000000407 _____ C:\WINDOWS\system32\Drivers\etc\networks
2023-12-17 16:15 - 2023-12-23 19:19 - 000000000 ____D C:\WINDOWS\INF
2023-12-17 16:12 - 2023-12-18 01:30 - 013107200 _____ C:\WINDOWS\system32\config\SYSTEM
2023-12-17 16:12 - 2023-12-18 01:30 - 000524288 _____ C:\WINDOWS\system32\config\DEFAULT
2023-12-17 16:12 - 2023-12-18 01:30 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-12-17 16:12 - 2023-12-18 01:30 - 000065536 _____ C:\WINDOWS\system32\config\SAM
2023-12-17 16:12 - 2023-12-18 01:30 - 000032768 _____ C:\WINDOWS\system32\config\SECURITY
2023-12-17 16:12 - 2023-12-17 23:15 - 000000000 ____D C:\WINDOWS\servicing
2023-12-17 16:12 - 2023-12-17 21:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-12-17 16:12 - 2023-12-17 16:51 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-12-17 16:12 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\SMI
2023-12-17 16:10 - 2023-12-17 16:25 - 000000000 ___HD C:\$SysReset
2023-12-13 18:04 - 2023-12-13 18:04 - 007869664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\SET1B0A.tmp
2023-12-13 18:04 - 2023-12-13 18:04 - 006745776 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\SET23D5.tmp
2023-11-27 02:10 - 2023-11-27 02:12 - 000000000 ____D C:\Users\sprzetowo\Documents\Acoustica Mixcraft 10 Pro Studio v10.1 b579 WIN-XAIR
2023-11-27 02:09 - 2023-11-27 02:10 - 229485268 _____ C:\Users\sprzetowo\Documents\Acoustica Mixcraft 10 Pro Studio v10.1 b579 WIN-XAIR.rar
2023-11-27 02:05 - 2023-11-27 02:05 - 000055528 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2023-11-27 00:17 - 2023-11-27 00:17 - 000000000 ____D C:\Users\sprzetowo\Documents\MANDA_AUDIO
2023-11-27 00:12 - 2023-12-17 16:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Celemony
2023-11-27 00:12 - 2023-11-27 00:12 - 000000000 ____D C:\Users\Public\Documents\Celemony
2023-11-26 23:48 - 2020-02-26 22:00 - 000615899 _____ C:\Users\sprzetowo\Downloads\Acoustica_KeyGen.exe
2023-11-26 23:47 - 2022-06-14 16:02 - 000000000 ____D C:\Users\sprzetowo\Downloads\Acoustica.Mixcraft.Pro.Studio.9.0.Build.470.Multilingual.x64
2023-11-26 23:46 - 2023-12-18 03:38 - 000000000 ____D C:\Users\sprzetowo\Desktop\backup
2023-11-26 23:37 - 2023-11-26 23:45 - 540664092 _____ C:\Users\sprzetowo\Downloads\Acoustica.Mixcraft.Pro.Studio.9.0.Build.470.Multilingual.x64.rar
2023-11-26 22:00 - 2023-11-27 02:14 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Acoustica Mixcraft 10
2023-11-26 21:53 - 2023-11-26 23:33 - 000000000 ____D C:\Users\sprzetowo\Downloads\Acoustica.Mixcraft.v10.1.b579.Recording.Studio.Team XAIR (2023)
2023-11-26 21:52 - 2023-11-26 21:53 - 233347789 _____ C:\Users\sprzetowo\Downloads\Acoustica.Mixcraft.v10.1.b579.Recording.Studio.Team XAIR (2023).rar
2023-11-26 05:37 - 2023-11-26 05:41 - 521977677 _____ C:\Users\sprzetowo\Downloads\Acoustica Mixcraft Pro Studio 9.0 Build 470 Multilingual x64[PeskTop.com].rar
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-12-23 19:26 - 2022-11-04 13:23 - 000000000 ____D C:\Users\sprzetowo\AppData\LocalLow\IObit
2023-12-23 18:17 - 2023-09-30 17:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 11
2023-12-23 18:16 - 2022-11-28 23:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TLauncher
2023-12-23 17:21 - 2022-11-29 03:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
2023-12-23 17:05 - 2022-11-28 22:01 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-12-18 03:52 - 2022-12-01 03:11 - 000000235 _____ C:\Users\sprzetowo\Desktop\Assassin's Creed Valhalla.url
2023-12-18 03:33 - 2023-11-15 01:20 - 001475600 _____ C:\Users\sprzetowo\Desktop\Open song.mx9
2023-12-18 02:36 - 2023-02-04 03:48 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Acoustica Mixcraft 9 (64-bit)
2023-12-18 01:58 - 2023-02-04 03:32 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-12-18 01:58 - 2023-02-04 03:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-12-17 16:42 - 2020-03-10 11:34 - 000000000 ___RD C:\Users\sprzetowo\OneDrive
2023-12-17 16:40 - 2020-03-10 10:30 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-12-17 16:40 - 2020-03-10 10:30 - 000000000 ___RD C:\Users\sprzetowo\3D Objects
2023-12-17 16:33 - 2022-11-29 02:37 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2023-12-17 16:22 - 2023-11-20 23:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
2023-12-17 16:22 - 2023-10-25 03:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2023-12-17 16:22 - 2023-05-31 23:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2023-12-17 16:22 - 2023-04-26 19:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2023-12-17 16:22 - 2023-03-06 00:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\M-Audio
2023-12-17 16:22 - 2023-02-04 03:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IK Multimedia
2023-12-17 16:22 - 2022-12-13 02:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrueCrypt
2023-12-17 16:22 - 2022-11-29 01:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2023-12-12 03:15 - 2023-10-01 21:51 - 000000000 ____D C:\Users\sprzetowo\Desktop\za pár key
2023-12-11 00:10 - 2023-07-10 08:24 - 000000000 ___RD C:\Users\sprzetowo\Documents\Saved Pictures
2023-12-11 00:00 - 2022-12-01 01:36 - 000000000 ____D C:\Users\sprzetowo\Documents\HESLA 2022
2023-11-28 20:12 - 2022-12-01 00:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Software Updater
2023-11-27 00:19 - 2023-11-19 15:40 - 000000000 ____D C:\Users\sprzetowo\Documents\Mixcraft Projects
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
--------------------------------------------------------------------------------------------------------------------------------------------
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-12-2023
Ran by sprzetowo (23-12-2023 20:37:39)
Running from C:\Users\sprzetowo\Downloads
Microsoft Windows 10 Home Version 22H2 19045.3803 (X64) (2023-12-17 15:40:49)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1276438215-3619228080-4072379647-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1276438215-3619228080-4072379647-503 - Limited - Disabled)
Guest (S-1-5-21-1276438215-3619228080-4072379647-501 - Limited - Disabled)
sprzetowo (S-1-5-21-1276438215-3619228080-4072379647-1001 - Administrator - Enabled) => C:\Users\sprzetowo
WDAGUtilityAccount (S-1-5-21-1276438215-3619228080-4072379647-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {26E0861C-6FB9-CEF9-E4F0-531986211ACE}
FW: ESET Firewall (Enabled) {1EDB0739-25D6-CFA1-CFAF-FA2C78F25DB5}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acoustica Mixcraft 9 Pro Studio (64-bit) (HKLM-x32\...\Mixcraft 9-64) (Version: 9.0.0.470 - Acoustica)
Advanced SystemCare (HKLM-x32\...\Advanced SystemCare_is1) (Version: 17.1.0 - IObit)
Assassin's Creed Valhalla (HKLM-x32\...\Uplay Install 13504) (Version: - Ubisoft)
Driver Booster 11 (HKLM-x32\...\Driver Booster_is1) (Version: 11.1.0 - IObit)
ESET Security (HKLM\...\{B5798854-224A-40DB-A3B7-BECF8F838238}) (Version: 17.0.15.0 - ESET, spol. s r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 120.0.6099.111 - Google LLC)
Google Password Manager (HKU\S-1-5-21-1276438215-3619228080-4072379647-1001\...\9972a62044e12a983df9557faf51e49c) (Version: 1.0 - Google\Chrome)
Melodyne 4 (HKLM-x32\...\{16DF894D-FC3F-4B87-908D-671E201CD7A8}) (Version: 4.02.0401 - Celemony Software GmbH)
Melodyne Runtime 4.1 (x64) (HKLM\...\{721E4E34-AF7C-4345-93F9-282CCC8CCCB5}) (Version: 1.0.2 - Celemony Software GmbH)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 120.0.2210.91 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 120.0.2210.77 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1276438215-3619228080-4072379647-1001\...\OneDriveSetup.exe) (Version: 23.246.1127.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
NVIDIA Ovladače grafiky 546.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 546.33 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 148.2.10984 - Ubisoft)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
WinRAR 6.24 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.24.0 - win.rar GmbH)
Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2023-12-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2023-12-18] (Microsoft Corporation) [MS Ad]
-My Notes- -> C:\Program Files\WindowsApps\22944SamJarawan.-MyNotes-_2.1.47.0_x64__3gv8nk7frgb5p [2023-12-18] (Sam Jarawan) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\nvidiacorp.nvidiacontrolpanel_8.1.964.0_x64__56jybvy8sckqj [2023-12-23] (NVIDIA Corp.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.18.11020.0_x64__8wekyb3d8bbwe [2023-12-17] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0 [2023-12-17] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2023-07-13] (IObit CO., LTD -> IObit)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-11-14] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2023-07-13] (IObit CO., LTD -> IObit)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-11-14] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2023-07-13] (IObit CO., LTD -> IObit)
ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2023-07-13] (IObit CO., LTD -> IObit)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_866484083fc526af\nvshext.dll [2023-12-23] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-11-14] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\sprzetowo\Desktop\Google Password Manager.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\sprzetowo\AppData\Local\Microsoft\Edge\User Data\Default\Pinned Sites\MSEdge._pin_celnaknmndgffhbhciignkeokb\Facebook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --pin-url=hxxps://www.facebook.com/ --profile-directory=Default
ShortcutWithArgument: C:\Users\sprzetowo\AppData\Local\Microsoft\Edge\User Data\Default\Pinned Sites\MSEdge._pin_adnlfjpnmiaohpidplnoimahfh\YouTube.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --pin-url=hxxps://www.youtube.com/ --profile-directory=Default
ShortcutWithArgument: C:\Users\sprzetowo\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_kajebgjangihfbkjfejcanhanjmmbcfd\Google Password Manager.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\sprzetowo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Google Password Manager.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\sprzetowo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Facebook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --pin-url=hxxps://www.facebook.com/ --profile-directory=Default
ShortcutWithArgument: C:\Users\sprzetowo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Password Manager.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\sprzetowo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\YouTube.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --pin-url=hxxps://www.youtube.com/ --profile-directory=Default
==================== Loaded Modules (Whitelisted) =============
2023-12-18 00:52 - 2023-12-18 00:52 - 005855744 _____ (ESET, spol. s r.o. -> ESET) [File not signed] C:\Program Files\ESET\ESET Security\Modules\em045_64\1087\em045_64.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO-x32: IObit Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2023-07-13] (IObit CO., LTD -> IObit)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2023-12-17 16:17 - 2023-12-17 16:15 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1276438215-3619228080-4072379647-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\sprzetowo\AppData\Local\FastStone\FSIV\FSViewerWallPaper.bmp
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-1276438215-3619228080-4072379647-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_F65DF9D52833C185E3A8339600663ABC"
HKU\S-1-5-21-1276438215-3619228080-4072379647-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{F3A4CB42-3EC3-4DA6-A575-8E9D90B8C43C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AC69E074-E4BC-491B-B92F-D782C19BF475}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{66E5F382-3D3C-446C-B70B-C296E8C81E56}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7E1731BA-5626-4513-8D7E-FED20D452013}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B2491AC6-318C-41EC-8EB1-7E8E374DA794}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.77\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7714CAC2-28A2-4271-84D0-8970A1A4EE0F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D6EB8114-29B2-4371-A990-5CF1586B0038}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9B890A07-1332-4C7E-9CDB-BD1809DA8F98}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DAEE86E1-2209-4D4F-ADB6-2CCE1771CB19}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D4A96E7D-3858-4CCA-8BE6-D9CBC8570582}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{086FC93C-ED2A-4E86-9C11-F72E51B6E7A4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E230A3CF-7129-47A4-92BD-F17AA39EC9B6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7A14121B-6649-4A5F-897E-19E5162A0BD4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{72CF256E-7C5D-4406-8FDA-53D96E86F48A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9AD1CDCC-C34D-4482-876D-93D449ABC09C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F2F183A3-03A5-435E-B6F0-85ABCFDAFF96}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
23-12-2023 17:55:13 Naplánovaný kontrolní bod
23-12-2023 18:28:37 Driver Booster : NVIDIA GeForce GTX 980 Ti
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/23/2023 06:37:43 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002
Error: (12/23/2023 06:37:43 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002
Error: (12/23/2023 06:37:43 PM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003
Error: (12/18/2023 01:30:11 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (12/18/2023 12:54:38 AM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002
Error: (12/18/2023 12:54:38 AM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002
Error: (12/18/2023 12:54:38 AM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003
Error: (12/17/2023 04:35:04 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu Windows Defender na SECURITY_PRODUCT_STATE_ON došlo k chybě.
System errors:
=============
Error: (12/18/2023 01:30:10 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-M8LDTVG)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/17/2023 10:36:58 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/17/2023 10:18:33 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/17/2023 09:04:42 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80240017): Aktualizace antimalwarové platformy programu Windows Defender Antivirus – KB4052623 (verze 4.18.2001.10).
Error: (12/17/2023 08:06:07 PM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk1\DR1 má chybný blok.
Error: (12/17/2023 08:06:07 PM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk1\DR1 má chybný blok.
Error: (12/17/2023 04:33:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Prohledávání počítačů závisí na službě Pracovní stanice, která neuspěla při spuštění v důsledku následující chyby:
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
Error: (12/17/2023 04:33:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Prohledávání počítačů závisí na službě Pracovní stanice, která neuspěla při spuštění v důsledku následující chyby:
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
Windows Defender:
================
Date: 2023-12-18 00:52:27
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files\ESET\ESET Security\ekrn.exe provádění změn v paměti.
Čas detekce: 2023-12-17T23:52:27.053Z
Uživatel: NT AUTHORITY\SYSTEM
Cesta: \Device\Harddisk0\DR0
Název procesu: C:\Program Files\ESET\ESET Security\ekrn.exe
Verze bezpečnostních informací: 1.403.674.0
Verze modulu: 1.1.23110.2
Verze produktu: 4.18.23110.3
Date: 2023-12-17 23:13:26
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Keygen
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: containerfile:_C:\Windows.old\Users\Jirka\Downloads\IK Multimedia - MODO DRUM 1.1.3 STANDALONE, VSTi, VSTi3, AAX x64\R2R\IK_Multimedia_Keygen.exe; containerfile:_C:\Windows.old\Users\sprzetowo\AppData\Local\Packages\49775MorningInSeattle.AZTorrentDownloader_3qjtgnwv8t714\LocalState\Downloads\IK.Multimedia.MODO.DRUM.v1.1.3.Incl.Keygen-R2R\R2R\IK_Multimedia_Keygen.exe; file:_C:\Windows.old\Users\Jirka\Downloads\IK Multimedia - MODO DRUM 1.1.3 STANDALONE, VSTi, VSTi3, AAX x64\R2R\IK_Multimedia_Keygen.exe->(nsis-6-keygen.exe); file:_C:\Windows.old\Users\sprzetowo\AppData\Local\Packages\49775MorningInSeattle.AZTorrentDownloader_3qjtgnwv8t714\LocalState\Downloads\IK.Multimedia.MODO.DRUM.v1.1.3.Incl.Keygen-R2R\R2R\IK_Multimedia_Keygen.exe->(nsis-6-keygen.exe)
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Uživatel
Uživatel: DESKTOP-M8LDTVG\sprzetowo
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.403.667.0, AS: 1.403.667.0, NIS: 1.403.667.0
Verze modulu: AM: 1.1.23110.2, NIS: 1.1.23110.2
CodeIntegrity:
===============
Date: 2023-12-23 20:17:17
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2023-12-23 19:17:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO 9HKT46AUS 12/15/2011
Motherboard: LENOVO
Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 23%
Total physical RAM: 16342.33 MB
Available physical RAM: 12450.82 MB
Total Virtual: 19286.33 MB
Available Virtual: 13889.9 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:446.06 GB) (Free:247.95 GB) (Model: SSDPR-CL100-960-G3) NTFS
Drive d: (Rezervováno systémem) (Fixed) (Total:0.57 GB) (Free:0.11 GB) (Model: SSDPR-CL100-960-G3) NTFS ==>[system with boot components (obtained from drive)]
Drive i: (Georgies Music) (Fixed) (Total:238.47 GB) (Free:152.37 GB) (Model: Vaseky V 800/256G USB Device) NTFS
\\?\Volume{82286e84-55c8-46eb-9b65-266485d8f06f}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\\?\Volume{6a5f88f4-d9ef-42c6-8527-e34a172fa528}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 894.3 GB) (Disk ID: 698A0A59)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: 600451AA)
Partition 1: (Active) - (Size=238.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
mám v compu malware změnil mi email v microcoftu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118302
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: mám v compu malware změnil mi email v microcoftu
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: mám v compu malware změnil mi email v microcoftu
také Vás zdravím tady je log ale udělal jen již předtím jeden a uložilo mi to několik souború do karanteny kterou jsem pak vymazal možná tam něco bylo
# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 12-23-2023
# Duration: 00:00:05
# OS: Windows 10 (Build 19045.3803)
# Scanned: 32057
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner[S00].txt - [4235 octets] - [23/12/2023 21:44:10]
AdwCleaner[C00].txt - [3933 octets] - [23/12/2023 21:45:07]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 12-23-2023
# Duration: 00:00:05
# OS: Windows 10 (Build 19045.3803)
# Scanned: 32057
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner[S00].txt - [4235 octets] - [23/12/2023 21:44:10]
AdwCleaner[C00].txt - [3933 octets] - [23/12/2023 21:45:07]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118302
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: mám v compu malware změnil mi email v microcoftu
OK. Otevřte poznámkový blok a zkopírujte do něj:
Uložte do C:\Users\sprzetowo\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte. Doporučuji odinstalovat IOBit. Tímto čínským šmejdem si laik může poškodit systémStart
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-1276438215-3619228080-4072379647-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\sprzetowo\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
StartupDir: C:\Users\sprzetowo\AppData\Local\Temp\b64c58644b <==== ATTENTION
C:\Users\sprzetowo\AppData\Local\Temp
Task: {B14FD7E5-7A57-47F3-A15E-1B71B498CE40} - System32\Tasks\GoogleUpdateTaskMachineCore{90C3A1DA-F088-49D8-9DB3-61DD99793B9C} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-12-17] (Google LLC -> Google LLC)
Task: {8318BF9E-6A5B-4154-9F37-6B86D49F87AA} - System32\Tasks\GoogleUpdateTaskMachineUA{DED0EAD3-4673-4C13-BBB0-02098BAC9E1E} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-12-17] (Google LLC -> Google LLC)
C:\WINDOWS\system32\SET1B0A.tmp
C:\WINDOWS\SysWOW64\SET23D5.tmp
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{DED0EAD3-4673-4C13-BBB0-02098BAC9E1E}
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{90C3A1DA-F088-49D8-9DB3-61DD99793B9C}
C:\Windows.old\Users\Jirka\Downloads\IK Multimedia - MODO DRUM 1.1.3 STANDALONE, VSTi, VSTi3, AAX x64\R2R\IK_Multimedia_Keygen.exe; containerfile
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: mám v compu malware změnil mi email v microcoftu
Omlouvám se že otravuju na Vánoce.
---------------------------------------------------------------------------------------------------------------------------------
Fix result of Farbar Recovery Scan Tool (x64) Version: 22-12-2023
Ran by sprzetowo (24-12-2023 13:50:08) Run:1
Running from C:\Users\sprzetowo\Downloads
Loaded Profiles: sprzetowo
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-1276438215-3619228080-4072379647-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\sprzetowo\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
StartupDir: C:\Users\sprzetowo\AppData\Local\Temp\b64c58644b <==== ATTENTION
C:\Users\sprzetowo\AppData\Local\Temp
Task: {B14FD7E5-7A57-47F3-A15E-1B71B498CE40} - System32\Tasks\GoogleUpdateTaskMachineCore{90C3A1DA-F088-49D8-9DB3-61DD99793B9C} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-12-17] (Google LLC -> Google LLC)
Task: {8318BF9E-6A5B-4154-9F37-6B86D49F87AA} - System32\Tasks\GoogleUpdateTaskMachineUA{DED0EAD3-4673-4C13-BBB0-02098BAC9E1E} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-12-17] (Google LLC -> Google LLC)
C:\WINDOWS\system32\SET1B0A.tmp
C:\WINDOWS\SysWOW64\SET23D5.tmp
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{DED0EAD3-4673-4C13-BBB0-02098BAC9E1E}
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{90C3A1DA-F088-49D8-9DB3-61DD99793B9C}
C:\Windows.old\Users\Jirka\Downloads\IK Multimedia - MODO DRUM 1.1.3 STANDALONE, VSTi, VSTi3, AAX x64\R2R\IK_Multimedia_Keygen.exe; containerfile
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
"HKU\S-1-5-21-1276438215-3619228080-4072379647-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Delete Cached Update Binary" => not found
StartupDir: C:\Users\sprzetowo\AppData\Local\Temp\b64c58644b <==== ATTENTION => restored successfully
"C:\Users\sprzetowo\AppData\Local\Temp" folder move:
C:\Users\sprzetowo\AppData\Local\Temp => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B14FD7E5-7A57-47F3-A15E-1B71B498CE40}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B14FD7E5-7A57-47F3-A15E-1B71B498CE40}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore{90C3A1DA-F088-49D8-9DB3-61DD99793B9C} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{90C3A1DA-F088-49D8-9DB3-61DD99793B9C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8318BF9E-6A5B-4154-9F37-6B86D49F87AA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8318BF9E-6A5B-4154-9F37-6B86D49F87AA}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA{DED0EAD3-4673-4C13-BBB0-02098BAC9E1E} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA{DED0EAD3-4673-4C13-BBB0-02098BAC9E1E}" => removed successfully
C:\WINDOWS\system32\SET1B0A.tmp => moved successfully
C:\WINDOWS\SysWOW64\SET23D5.tmp => moved successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{DED0EAD3-4673-4C13-BBB0-02098BAC9E1E}" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{90C3A1DA-F088-49D8-9DB3-61DD99793B9C}" => not found
"C:\Windows.old\Users\Jirka\Downloads\IK Multimedia - MODO DRUM 1.1.3 STANDALONE, VSTi, VSTi3, AAX x64\R2R\IK_Multimedia_Keygen.exe; containerfile" => not found
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9535772 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 9962552 B
Edge => 0 B
Chrome => 147298292 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
sprzetowo => 3967644 B
RecycleBin => 0 B
EmptyTemp: => 162.9 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 13:55:04 ====
---------------------------------------------------------------------------------------------------------------------------------
Fix result of Farbar Recovery Scan Tool (x64) Version: 22-12-2023
Ran by sprzetowo (24-12-2023 13:50:08) Run:1
Running from C:\Users\sprzetowo\Downloads
Loaded Profiles: sprzetowo
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-1276438215-3619228080-4072379647-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\sprzetowo\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
StartupDir: C:\Users\sprzetowo\AppData\Local\Temp\b64c58644b <==== ATTENTION
C:\Users\sprzetowo\AppData\Local\Temp
Task: {B14FD7E5-7A57-47F3-A15E-1B71B498CE40} - System32\Tasks\GoogleUpdateTaskMachineCore{90C3A1DA-F088-49D8-9DB3-61DD99793B9C} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-12-17] (Google LLC -> Google LLC)
Task: {8318BF9E-6A5B-4154-9F37-6B86D49F87AA} - System32\Tasks\GoogleUpdateTaskMachineUA{DED0EAD3-4673-4C13-BBB0-02098BAC9E1E} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-12-17] (Google LLC -> Google LLC)
C:\WINDOWS\system32\SET1B0A.tmp
C:\WINDOWS\SysWOW64\SET23D5.tmp
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{DED0EAD3-4673-4C13-BBB0-02098BAC9E1E}
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{90C3A1DA-F088-49D8-9DB3-61DD99793B9C}
C:\Windows.old\Users\Jirka\Downloads\IK Multimedia - MODO DRUM 1.1.3 STANDALONE, VSTi, VSTi3, AAX x64\R2R\IK_Multimedia_Keygen.exe; containerfile
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
"HKU\S-1-5-21-1276438215-3619228080-4072379647-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Delete Cached Update Binary" => not found
StartupDir: C:\Users\sprzetowo\AppData\Local\Temp\b64c58644b <==== ATTENTION => restored successfully
"C:\Users\sprzetowo\AppData\Local\Temp" folder move:
C:\Users\sprzetowo\AppData\Local\Temp => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B14FD7E5-7A57-47F3-A15E-1B71B498CE40}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B14FD7E5-7A57-47F3-A15E-1B71B498CE40}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore{90C3A1DA-F088-49D8-9DB3-61DD99793B9C} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{90C3A1DA-F088-49D8-9DB3-61DD99793B9C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8318BF9E-6A5B-4154-9F37-6B86D49F87AA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8318BF9E-6A5B-4154-9F37-6B86D49F87AA}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA{DED0EAD3-4673-4C13-BBB0-02098BAC9E1E} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA{DED0EAD3-4673-4C13-BBB0-02098BAC9E1E}" => removed successfully
C:\WINDOWS\system32\SET1B0A.tmp => moved successfully
C:\WINDOWS\SysWOW64\SET23D5.tmp => moved successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{DED0EAD3-4673-4C13-BBB0-02098BAC9E1E}" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{90C3A1DA-F088-49D8-9DB3-61DD99793B9C}" => not found
"C:\Windows.old\Users\Jirka\Downloads\IK Multimedia - MODO DRUM 1.1.3 STANDALONE, VSTi, VSTi3, AAX x64\R2R\IK_Multimedia_Keygen.exe; containerfile" => not found
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9535772 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 9962552 B
Edge => 0 B
Chrome => 147298292 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
sprzetowo => 3967644 B
RecycleBin => 0 B
EmptyTemp: => 162.9 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 13:55:04 ====
-
Rudy
- Site Admin
- Příspěvky: 118302
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: mám v compu malware změnil mi email v microcoftu
Nic se neděje. I o svátcích sem, alespoň občas, někdo nakoukne. Bylo smazáno, PC by již měl být čistý.Omlouvám se že otravuju na Vánoce
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: mám v compu malware změnil mi email v microcoftu
Moc děkuju
mám víc problémů s účty postupně se to budu snažit obnovit.
Ať se vám daří v Novém Roce.
mám víc problémů s účty postupně se to budu snažit obnovit.
Ať se vám daří v Novém Roce.
-
Rudy
- Site Admin
- Příspěvky: 118302
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: mám v compu malware změnil mi email v microcoftu
OK. V případě potřeby se můžete ozvat. Šťastný a veselý! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?