Poděděný notebook

[Anna.ja]

Zdravím,
po dceři jsem "podědila" ntb. Po zapnutí vyskakuje reklama v prohlížeči fiaharam. Zkusila jsem Adwcleaner - nic- Zkusila jsem Malwarebytes, taky nic. Tak zkusím zde. Log vložen.

Logfile of random's system information tool 1.10 (written by random/random)
Run by annaj at 2020-05-03 11:00:05
Microsoft Windows 10 Home
System drive C: has 613 GB (65%) free of 941 GB
Total RAM: 7647 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:00:15, on 03.05.2020
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.18362.0001)
Boot mode: Normal

Running processes:
C:\Users\annaj\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\trend micro\annaj.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O4 - HKCU\..\Run: [OneDrive] "C:\Users\annaj\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_ADA758725F7AA6C3605C19B601173CCA] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: updateSteam.bat
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_587bf - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem34.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\System32\ibtsiva (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7254 bytes

======Listing Processes======








winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\system32\svchost.exe -k LocalService -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s DispBrokerDesktopSvc
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s NlaSvc
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s netprofm
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Themes
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s EventSystem
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s SENS

C:\WINDOWS\system32\svchost.exe -k LocalService -p -s FontCache
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\WLANExt.exe 2435813407408
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
atieclxx
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\WINDOWS\System32\ibtsiva
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s WdiServiceHost
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
sihost.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s TokenBroker
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
"ctfmon.exe"
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CDPSvc
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
"C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20041.85.0_x64__8wekyb3d8bbwe\YourPhone.exe" -ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\System32\SecurityHealthSystray.exe"

"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Users\annaj\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost

C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV

C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc
"C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wuauserv
"C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe"
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup

C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UsoSvc

C:\WINDOWS\System32\svchost.exe -k LocalService -p -s LicenseManager
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.WindowsStore_12004.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe" -ServerName:App.AppXc75wvwned5vhz4xyxxecvgdjhdkgsdza.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeApp.exe" -ServerName:App.AppXffn3yxqvgawq9fpmnhy90fr3y01d1t5b.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k netsvcs -p
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s lfsvc
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe" -ServerName:SkypeBackgroundHost
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe" /InvokerPRAID: App
C:\WINDOWS\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\annaj\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\annaj\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\annaj\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=81.0.4044.129 --initial-client-data=0xe8,0xec,0xf0,0xc4,0xf4,0x7ffe06cebd28,0x7ffe06cebd38,0x7ffe06cebd48
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=4028 --on-initialized-event-handle=724 --parent-handle=728 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1608,17177151903183838840,4235652038399105267,131072 --gpu-preferences=MAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --mojo-platform-channel-handle=1616 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1608,17177151903183838840,4235652038399105267,131072 --lang=cs --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1872 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,17177151903183838840,4235652038399105267,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2780 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,17177151903183838840,4235652038399105267,131072 --lang=cs --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3488 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,17177151903183838840,4235652038399105267,131072 --lang=cs --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3660 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,17177151903183838840,4235652038399105267,131072 --lang=cs --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3832 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,17177151903183838840,4235652038399105267,131072 --lang=cs --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3896 /prefetch:1
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
C:\WINDOWS\system32\browser_broker.exe -Embedding
C:\WINDOWS\system32\MicrosoftEdgeSH.exe SCODEF:3708 CREDAT:9730 APH:1000000000000006 JITHOST /prefetch:2
"C:\Windows\System32\MicrosoftEdgeCP.exe" -ServerName:Windows.Internal.WebRuntime.ContentProcessServer
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,17177151903183838840,4235652038399105267,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5544 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,17177151903183838840,4235652038399105267,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7128 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,17177151903183838840,4235652038399105267,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6776 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,17177151903183838840,4235652038399105267,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1600 /prefetch:1
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,17177151903183838840,4235652038399105267,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2876 /prefetch:1
C:\WINDOWS\system32\AUDIODG.EXE 0x450
C:\Windows\System32\SecurityHealthHost.exe {08728914-3F57-4D52-9E31-49DAECA5A80A} -Embedding

"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding

C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,17177151903183838840,4235652038399105267,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5660 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,17177151903183838840,4235652038399105267,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 792 796 804 8192 800
"C:\Users\annaj\Desktop\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2020-02-26 84992]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2018-06-19 9268168]
"WindowsDefender"=C:\Program Files\Windows Defender\MSASCuiL.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\annaj\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2020-05-01 1579368]
"GoogleChromeAutoLaunch_ADA758725F7AA6C3605C19B601173CCA"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2020-04-25 1689584]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2020-05-01 27775672]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
updateSteam.bat

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinQuic]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2020-05-03 11:00:05 ----D---- C:\rsit
2020-05-03 11:00:05 ----D---- C:\Program Files\trend micro
2020-05-03 10:40:54 ----A---- C:\WINDOWS\system32\drivers\MbamElam.sys
2020-05-03 10:40:52 ----A---- C:\WINDOWS\system32\drivers\mbae64.sys
2020-05-03 10:40:10 ----D---- C:\ProgramData\Malwarebytes
2020-05-03 10:39:52 ----D---- C:\Program Files\Malwarebytes
2020-05-03 10:36:28 ----D---- C:\Program Files\CCleaner
2020-05-03 10:17:49 ----HD---- C:\OneDriveTemp
2020-05-01 21:11:35 ----D---- C:\Users\annaj\AppData\Roaming\Adobe
2020-05-01 21:11:31 ----D---- C:\Users\annaj\AppData\Roaming\Synaptics
2020-05-01 21:11:26 ----SD---- C:\Users\annaj\AppData\Roaming\Microsoft
2020-05-01 20:36:05 ----D---- C:\ProgramData\Synaptics
2020-05-01 12:38:38 ----D---- C:\Program Files\MPC-HC
2020-05-01 12:26:56 ----D---- C:\Program Files (x86)\VideoLAN
2020-05-01 12:13:13 ----D---- C:\Program Files (x86)\Microsoft
2020-05-01 12:06:32 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2020-05-01 11:54:18 ----D---- C:\Program Files (x86)\Google
2020-05-01 02:33:00 ----D---- C:\ProgramData\Microsoft OneDrive
2020-05-01 02:30:16 ----D---- C:\ProgramData\Packages
2020-05-01 01:54:47 ----SHD---- C:\Recovery
2020-05-01 01:45:18 ----D---- C:\Windows.old
2020-05-01 01:44:16 ----AS---- C:\WINDOWS\bootstat.dat
2020-05-01 01:43:59 ----D---- C:\WINDOWS\system32\Microsoft
2020-05-01 01:43:59 ----D---- C:\WINDOWS\ServiceProfiles
2020-05-01 01:43:04 ----D---- C:\Program Files\Synaptics
2020-05-01 01:41:15 ----D---- C:\WINDOWS\AMDTAs
2020-05-01 01:41:05 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2020-05-01 01:40:53 ----D---- C:\WINDOWS\SYSWOW64\sda
2020-05-01 01:39:20 ----SHD---- C:\ProgramData\Šablony
2020-05-01 01:39:20 ----SHD---- C:\ProgramData\Plocha
2020-05-01 01:39:20 ----SHD---- C:\ProgramData\Nabídka Start
2020-05-01 01:39:20 ----SHD---- C:\ProgramData\Dokumenty
2020-05-01 01:39:20 ----SHD---- C:\ProgramData\Data aplikací
2020-05-01 01:39:17 ----D---- C:\WINDOWS\SoftwareDistribution
2020-05-01 01:38:39 ----D---- C:\WINDOWS\system32\drivers\wd
2020-05-01 01:38:17 ----D---- C:\WINDOWS\Setup
2020-05-01 01:37:20 ----D---- C:\WINDOWS\SYSWOW64\XPSViewer
2020-05-01 01:37:20 ----D---- C:\WINDOWS\SYSWOW64\MailContactsCalendarSync
2020-05-01 01:37:19 ----D---- C:\WINDOWS\system32\OpenSSH
2020-05-01 01:37:19 ----D---- C:\WINDOWS\system32\MailContactsCalendarSync
2020-05-01 01:37:19 ----D---- C:\WINDOWS\OCR
2020-05-01 01:37:16 ----D---- C:\ProgramData\ssh
2020-05-01 01:37:16 ----D---- C:\Program Files (x86)\Windows Media Player
2020-05-01 01:37:15 ----D---- C:\Program Files\Windows Media Player
2020-05-01 01:37:15 ----D---- C:\Program Files\Reference Assemblies
2020-05-01 01:37:15 ----D---- C:\Program Files\MSBuild
2020-05-01 01:37:15 ----D---- C:\Program Files (x86)\Reference Assemblies
2020-05-01 01:37:15 ----D---- C:\Program Files (x86)\MSBuild
2020-05-01 01:35:57 ----A---- C:\WINDOWS\system32\perfi005.dat
2020-05-01 01:35:57 ----A---- C:\WINDOWS\system32\perfh005.dat
2020-05-01 01:35:57 ----A---- C:\WINDOWS\system32\perfd005.dat
2020-05-01 01:35:57 ----A---- C:\WINDOWS\system32\perfc005.dat
2020-05-01 01:35:48 ----D---- C:\WINDOWS\SYSWOW64\winrm
2020-05-01 01:35:48 ----D---- C:\WINDOWS\SYSWOW64\WCN
2020-05-01 01:35:48 ----D---- C:\WINDOWS\SYSWOW64\sysprep
2020-05-01 01:35:48 ----D---- C:\WINDOWS\SYSWOW64\slmgr
2020-05-01 01:35:48 ----D---- C:\WINDOWS\SYSWOW64\Printing_Admin_Scripts
2020-05-01 01:35:48 ----D---- C:\WINDOWS\SYSWOW64\en
2020-05-01 01:35:48 ----D---- C:\WINDOWS\SYSWOW64\drivers\UMDF
2020-05-01 01:35:48 ----D---- C:\WINDOWS\SYSWOW64\drivers\en-US
2020-05-01 01:35:48 ----D---- C:\WINDOWS\SYSWOW64\drivers\cs-CZ
2020-05-01 01:35:47 ----D---- C:\WINDOWS\SYSWOW64\cs
2020-05-01 01:35:47 ----D---- C:\WINDOWS\SYSWOW64\0409
2020-05-01 01:35:47 ----D---- C:\WINDOWS\system32\winrm
2020-05-01 01:35:47 ----D---- C:\WINDOWS\system32\WCN
2020-05-01 01:35:47 ----D---- C:\WINDOWS\system32\slmgr
2020-05-01 01:35:47 ----D---- C:\WINDOWS\system32\Printing_Admin_Scripts
2020-05-01 01:35:46 ----D---- C:\WINDOWS\system32\en
2020-05-01 01:35:44 ----D---- C:\WINDOWS\system32\drivers\en-US
2020-05-01 01:35:44 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2020-05-01 01:35:42 ----D---- C:\WINDOWS\system32\cs
2020-05-01 01:35:42 ----D---- C:\WINDOWS\system32\0409
2020-05-01 01:35:37 ----D---- C:\WINDOWS\en-US
2020-05-01 01:35:37 ----D---- C:\WINDOWS\DigitalLocker
2020-05-01 01:35:37 ----D---- C:\WINDOWS\cs-CZ
2020-05-01 01:31:04 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2020-05-01 01:29:39 ----A---- C:\WINDOWS\system32\perfi009.dat
2020-05-01 01:29:39 ----A---- C:\WINDOWS\system32\perfh009.dat
2020-05-01 01:29:39 ----A---- C:\WINDOWS\system32\perfd009.dat
2020-05-01 01:29:39 ----A---- C:\WINDOWS\system32\perfc009.dat
2020-05-01 01:27:39 ----A---- C:\WINDOWS\SYSWOW64\NOISE.DAT
2020-05-01 01:27:38 ----A---- C:\WINDOWS\SYSWOW64\msclmd.dll
2020-05-01 01:27:37 ----A---- C:\WINDOWS\SYSWOW64\dssec.dat
2020-05-01 01:27:14 ----A---- C:\WINDOWS\system32\OEMDefaultAssociations.dll
2020-05-01 01:27:14 ----A---- C:\WINDOWS\system32\NOISE.DAT
2020-05-01 01:27:13 ----A---- C:\WINDOWS\system32\msclmd.dll
2020-05-01 01:27:12 ----A---- C:\WINDOWS\system32\dssec.dat
2020-05-01 01:27:04 ----A---- C:\WINDOWS\fonts\desktop.ini
2020-05-01 01:27:03 ----ASH---- C:\Program Files (x86)\desktop.ini
2020-05-01 01:27:03 ----A---- C:\WINDOWS\win.ini
2020-05-01 01:27:03 ----A---- C:\WINDOWS\system.ini
2020-05-01 01:27:02 ----ASH---- C:\Program Files\desktop.ini
2020-05-01 01:26:57 ----D---- C:\WINDOWS\Web
2020-05-01 01:26:57 ----D---- C:\WINDOWS\WaaS
2020-05-01 01:26:57 ----D---- C:\WINDOWS\Vss
2020-05-01 01:26:57 ----D---- C:\WINDOWS\twain_32
2020-05-01 01:26:57 ----D---- C:\WINDOWS\tracing
2020-05-01 01:26:57 ----D---- C:\WINDOWS\TextInput
2020-05-01 01:26:57 ----D---- C:\WINDOWS\Temp
2020-05-01 01:26:57 ----D---- C:\WINDOWS\Tasks
2020-05-01 01:26:56 ----SD---- C:\WINDOWS\SYSWOW64\Nui
2020-05-01 01:26:56 ----SD---- C:\WINDOWS\SYSWOW64\F12
2020-05-01 01:26:56 ----SD---- C:\WINDOWS\SYSWOW64\DiagSvcs
2020-05-01 01:26:56 ----SD---- C:\WINDOWS\SYSWOW64\Configuration
2020-05-01 01:26:56 ----SD---- C:\WINDOWS\system32\UNP
2020-05-01 01:26:56 ----D---- C:\WINDOWS\TAPI
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\zh-TW
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\zh-CN
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\WindowsPowerShell
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\wbem
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\uk-UA
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\tr-TR
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\th-TH
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\Tasks
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\sv-SE
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\sru
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\sr-Latn-RS
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\sppui
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\spp
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\Speech_OneCore
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\Speech
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\SMI
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\sl-SI
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\sk-SK
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\setup
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\ru-RU
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\ro-RO
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\restore
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\Recovery
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\RasToast
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\ras
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\pt-PT
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\pt-BR
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\pl-PL
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\PerceptionSimulation
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\oobe
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\nl-NL
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\networklist
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\NDF
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\nb-NO
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\MUI
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\Msdtc
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\MSDRM
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\migwiz
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\migration
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\lv-LV
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\lt-LT
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\LogFiles
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\Licenses
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\ko-KR
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\ja-JP
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\it-IT
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\Ipmi
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\InstallShield
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\InputMethod
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\inetsrv
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\IME
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\icsxml
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\hu-HU
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\hr-HR
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\he-IL
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\GroupPolicyUsers
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\GroupPolicy
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\FxsTmp
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\fr-FR
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\fr-CA
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\fi-FI
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\et-EE
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\es-MX
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\es-ES
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\en-US
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\en-GB
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\el-GR
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\DriverStore
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\drivers
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\downlevel
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\Dism
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\de-DE
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\da-DK
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\config
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\Com
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\catroot
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\Bthprops
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\bg-BG
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\ar-SA
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\AppLocker
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SYSWOW64\AdvancedInstallers
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SysWOW64
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SystemResources
2020-05-01 01:26:56 ----D---- C:\WINDOWS\SystemApps
2020-05-01 01:26:56 ----D---- C:\WINDOWS\system32\zh-TW
2020-05-01 01:26:56 ----D---- C:\WINDOWS\system32\zh-CN
2020-05-01 01:26:56 ----D---- C:\WINDOWS\system32\WinMetadata
2020-05-01 01:26:56 ----D---- C:\WINDOWS\system32\winevt
2020-05-01 01:26:56 ----D---- C:\WINDOWS\system32\WindowsPowerShell
2020-05-01 01:26:56 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2020-05-01 01:26:56 ----D---- C:\WINDOWS\system32\WinBioDatabase
2020-05-01 01:26:56 ----D---- C:\WINDOWS\system32\WDI
2020-05-01 01:26:56 ----D---- C:\WINDOWS\system32\wbem
2020-05-01 01:26:56 ----D---- C:\WINDOWS\system32\uk-UA
2020-05-01 01:26:56 ----D---- C:\WINDOWS\system32\tr-TR
2020-05-01 01:26:56 ----D---- C:\WINDOWS\system32\ti-et
2020-05-01 01:26:56 ----D---- C:\WINDOWS\system32\th-TH
2020-05-01 01:26:55 ----SHD---- C:\WINDOWS\Installer
2020-05-01 01:26:55 ----SD---- C:\WINDOWS\system32\Nui
2020-05-01 01:26:55 ----SD---- C:\WINDOWS\system32\F12
2020-05-01 01:26:55 ----SD---- C:\WINDOWS\system32\dsc
2020-05-01 01:26:55 ----SD---- C:\WINDOWS\system32\DiagSvcs
2020-05-01 01:26:55 ----SD---- C:\WINDOWS\system32\Configuration
2020-05-01 01:26:55 ----SD---- C:\WINDOWS\Downloaded Program Files
2020-05-01 01:26:55 ----SD---- C:\ProgramData\Microsoft
2020-05-01 01:26:55 ----RSD---- C:\WINDOWS\Media
2020-05-01 01:26:55 ----RSD---- C:\WINDOWS\Fonts
2020-05-01 01:26:55 ----RD---- C:\WINDOWS\PrintDialog
2020-05-01 01:26:55 ----RD---- C:\WINDOWS\Offline Web Pages
2020-05-01 01:26:55 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2020-05-01 01:26:55 ----HD---- C:\WINDOWS\LanguageOverlayCache
2020-05-01 01:26:55 ----HD---- C:\WINDOWS\ELAMBKUP
2020-05-01 01:26:55 ----HD---- C:\ProgramData
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\Tasks
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\ta-lk
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\ta-in
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\sv-SE
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\sru
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\sr-Latn-RS
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\sppui
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\spp
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\spool
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\Speech_OneCore
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\Speech
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\sl-SI
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\sk-SK
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\si-lk
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\ShellExperiences
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\Sgrm
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\setup
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\SecureBootUpdates
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\ru-RU
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\ro-RO
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\restore
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\Recovery
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\RasToast
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\ras
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\pt-PT
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\pt-BR
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\ProximityToast
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\PointOfService
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\pl-PL
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\PerceptionSimulation
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\osa-Osge-001
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\oobe
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\nl-NL
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\networklist
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\NDF
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\nb-NO
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\my-mm
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\MUI
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\MsDtc
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\MSDRM
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\migwiz
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\migration
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\Macromed
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\lv-LV
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\lt-LT
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\LogFiles
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\Licenses
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\ko-KR
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\Keywords
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\ja-jp
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\it-IT
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\Ipmi
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\InputMethod
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\inetsrv
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\IME
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\icsxml
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\ias
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\Hydrogen
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\hu-HU
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\hr-HR
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\he-IL
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\GroupPolicyUsers
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\GroupPolicy
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\FxsTmp
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\fr-FR
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\fr-CA
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\fi-FI
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\ff-Adlm-SN
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\et-EE
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\es-MX
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\es-ES
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\en-US
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\en-GB
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\el-GR
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\DriverState
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\drivers\etc
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\drivers\DriverData
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\downlevel
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\Dism
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\de-DE
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\DDFs
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\da-DK
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\cs-CZ
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\Com
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\CodeIntegrity
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\catroot2
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\Bthprops
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\Boot
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\bg-BG
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\ar-SA
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\appraiser
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\AppLocker
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\am-et
2020-05-01 01:26:55 ----D---- C:\WINDOWS\system32\AdvancedInstallers
2020-05-01 01:26:55 ----D---- C:\WINDOWS\System
2020-05-01 01:26:55 ----D---- C:\WINDOWS\Speech_OneCore
2020-05-01 01:26:55 ----D---- C:\WINDOWS\Speech
2020-05-01 01:26:55 ----D---- C:\WINDOWS\SKB
2020-05-01 01:26:55 ----D---- C:\WINDOWS\schemas
2020-05-01 01:26:55 ----D---- C:\WINDOWS\SchCache
2020-05-01 01:26:55 ----D---- C:\WINDOWS\ShellExperiences
2020-05-01 01:26:55 ----D---- C:\WINDOWS\ShellComponents
2020-05-01 01:26:55 ----D---- C:\WINDOWS\ServiceState
2020-05-01 01:26:55 ----D---- C:\WINDOWS\security
2020-05-01 01:26:55 ----D---- C:\WINDOWS\Resources
2020-05-01 01:26:55 ----D---- C:\WINDOWS\rescache
2020-05-01 01:26:55 ----D---- C:\WINDOWS\Registration
2020-05-01 01:26:55 ----D---- C:\WINDOWS\Provisioning
2020-05-01 01:26:55 ----D---- C:\WINDOWS\prefetch
2020-05-01 01:26:55 ----D---- C:\WINDOWS\PolicyDefinitions
2020-05-01 01:26:55 ----D---- C:\WINDOWS\PLA
2020-05-01 01:26:55 ----D---- C:\WINDOWS\Performance
2020-05-01 01:26:55 ----D---- C:\WINDOWS\ModemLogs
2020-05-01 01:26:55 ----D---- C:\WINDOWS\Migration
2020-05-01 01:26:55 ----D---- C:\WINDOWS\Logs
2020-05-01 01:26:55 ----D---- C:\WINDOWS\LiveKernelReports
2020-05-01 01:26:55 ----D---- C:\WINDOWS\L2Schemas
2020-05-01 01:26:55 ----D---- C:\WINDOWS\InputMethod
2020-05-01 01:26:55 ----D---- C:\WINDOWS\IME
2020-05-01 01:26:55 ----D---- C:\WINDOWS\IdentityCRL
2020-05-01 01:26:55 ----D---- C:\WINDOWS\Help
2020-05-01 01:26:55 ----D---- C:\WINDOWS\Globalization
2020-05-01 01:26:55 ----D---- C:\WINDOWS\GameBarPresenceWriter
2020-05-01 01:26:55 ----D---- C:\WINDOWS\DiagTrack
2020-05-01 01:26:55 ----D---- C:\WINDOWS\diagnostics
2020-05-01 01:26:55 ----D---- C:\WINDOWS\debug
2020-05-01 01:26:55 ----D---- C:\WINDOWS\Cursors
2020-05-01 01:26:55 ----D---- C:\WINDOWS\Containers
2020-05-01 01:26:55 ----D---- C:\WINDOWS\Branding
2020-05-01 01:26:55 ----D---- C:\WINDOWS\Boot
2020-05-01 01:26:55 ----D---- C:\WINDOWS\bcastdvr
2020-05-01 01:26:55 ----D---- C:\WINDOWS\AppReadiness
2020-05-01 01:26:55 ----D---- C:\WINDOWS\apppatch
2020-05-01 01:26:55 ----D---- C:\WINDOWS\appcompat
2020-05-01 01:26:55 ----D---- C:\WINDOWS\addins
2020-05-01 01:26:55 ----D---- C:\ProgramData\WindowsHolographicDevices
2020-05-01 01:26:55 ----D---- C:\ProgramData\USOShared
2020-05-01 01:26:55 ----D---- C:\ProgramData\USOPrivate
2020-05-01 01:26:55 ----D---- C:\ProgramData\SoftwareDistribution
2020-05-01 01:26:55 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2020-05-01 01:26:54 ----SHD---- C:\Program Files\Windows Sidebar
2020-05-01 01:26:54 ----SHD---- C:\Program Files (x86)\Windows Sidebar
2020-05-01 01:26:54 ----RD---- C:\WINDOWS\Microsoft.NET
2020-05-01 01:26:54 ----RD---- C:\WINDOWS\assembly
2020-05-01 01:26:54 ----RD---- C:\Program Files (x86)
2020-05-01 01:26:54 ----RD---- C:\Program Files
2020-05-01 01:26:54 ----HD---- C:\Program Files\WindowsApps
2020-05-01 01:26:54 ----D---- C:\WINDOWS\system32\Sysprep
2020-05-01 01:26:54 ----D---- C:\Program Files\WindowsPowerShell
2020-05-01 01:26:54 ----D---- C:\Program Files\Windows Security
2020-05-01 01:26:54 ----D---- C:\Program Files\Windows Portable Devices
2020-05-01 01:26:54 ----D---- C:\Program Files\Windows Photo Viewer
2020-05-01 01:26:54 ----D---- C:\Program Files\Windows NT
2020-05-01 01:26:54 ----D---- C:\Program Files\Windows Multimedia Platform
2020-05-01 01:26:54 ----D---- C:\Program Files\Windows Mail
2020-05-01 01:26:54 ----D---- C:\Program Files\Windows Defender
2020-05-01 01:26:54 ----D---- C:\Program Files\ModifiableWindowsApps
2020-05-01 01:26:54 ----D---- C:\Program Files\Internet Explorer
2020-05-01 01:26:54 ----D---- C:\Program Files\Common Files\System
2020-05-01 01:26:54 ----D---- C:\Program Files\Common Files\Services
2020-05-01 01:26:54 ----D---- C:\Program Files\Common Files\microsoft shared
2020-05-01 01:26:54 ----D---- C:\Program Files\Common Files
2020-05-01 01:26:54 ----D---- C:\Program Files (x86)\WindowsPowerShell
2020-05-01 01:26:54 ----D---- C:\Program Files (x86)\Windows Portable Devices
2020-05-01 01:26:54 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2020-05-01 01:26:54 ----D---- C:\Program Files (x86)\Windows NT
2020-05-01 01:26:54 ----D---- C:\Program Files (x86)\Windows Multimedia Platform
2020-05-01 01:26:54 ----D---- C:\Program Files (x86)\Windows Mail
2020-05-01 01:26:54 ----D---- C:\Program Files (x86)\Windows Defender
2020-05-01 01:26:54 ----D---- C:\Program Files (x86)\Microsoft.NET
2020-05-01 01:26:54 ----D---- C:\Program Files (x86)\Internet Explorer
2020-05-01 01:26:54 ----D---- C:\Program Files (x86)\Common Files
2020-05-01 01:26:54 ----D---- C:\PerfLogs
2020-05-01 01:25:56 ----D---- C:\WINDOWS\system32\drivers\UMDF
2020-05-01 01:25:53 ----D---- C:\WINDOWS\system32\drivers
2020-05-01 01:23:56 ----D---- C:\WINDOWS\INF
2020-05-01 01:12:12 ----D---- C:\WINDOWS\CbsTemp
2020-05-01 01:11:37 ----D---- C:\Program Files (x86)\AMD
2020-05-01 01:11:34 ----D---- C:\Program Files\ATI Technologies
2020-05-01 01:11:12 ----D---- C:\ProgramData\SRS Labs
2020-05-01 01:11:12 ----D---- C:\ProgramData\SoundResearch
2020-05-01 01:11:10 ----HD---- C:\Program Files\Uninstall Information
2020-05-01 01:10:56 ----D---- C:\WINDOWS\system32\SRSLabs
2020-05-01 01:10:50 ----D---- C:\Program Files\Realtek
2020-05-01 01:10:49 ----D---- C:\WINDOWS\SYSWOW64\RTCOM
2020-05-01 01:10:49 ----D---- C:\ProgramData\Package Cache
2020-05-01 01:09:58 ----D---- C:\Program Files\AMD
2020-05-01 01:09:57 ----D---- C:\Program Files\Common Files\ATI Technologies
2020-05-01 01:09:25 ----A---- C:\WINDOWS\SYSWOW64\PrintConfig.dll
2020-05-01 01:03:36 ----RD---- C:\Users
2020-05-01 01:03:36 ----D---- C:\WINDOWS\WinSxS
2020-05-01 01:03:36 ----D---- C:\WINDOWS\system32\SMI
2020-05-01 01:03:36 ----D---- C:\WINDOWS\system32\DriverStore
2020-05-01 01:03:36 ----D---- C:\WINDOWS\system32\config
2020-05-01 01:03:36 ----D---- C:\WINDOWS\system32\CatRoot
2020-05-01 01:03:36 ----D---- C:\WINDOWS\System32
2020-05-01 01:03:36 ----D---- C:\WINDOWS\servicing
2020-05-01 01:03:36 ----D---- C:\Windows
2020-05-01 01:03:30 ----D---- C:\WINDOWS\Panther
2020-05-01 00:56:39 ----D---- C:\WINDOWS\system32\SleepStudy
2020-05-01 00:56:28 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2020-04-30 23:38:13 ----A---- C:\WINDOWS\system32\poqexec.exe
2020-04-30 23:38:12 ----A---- C:\WINDOWS\SYSWOW64\poqexec.exe
2020-04-30 23:17:25 ----HD---- C:\$SysReset
2020-04-30 23:01:00 ----D---- C:\AdwCleaner

======List of files/folders modified in the last 1 month======

2020-05-01 21:12:19 ----SHD---- C:\$RECYCLE.BIN
2020-05-01 11:59:55 ----SHD---- C:\Config.Msi
2020-05-01 01:10:14 ----D---- C:\AMD
2020-04-30 23:54:14 ----SHD---- C:\System Volume Information

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [2018-06-19 93240]
R0 amd_xata;amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [2018-06-19 33336]
R0 amdkmpfd;@oem8.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmpfd.sys [2017-11-28 106416]
R0 amdpsp;@oem10.inf,%amdpsp.SVCDESC%;AMD PSP Service; C:\WINDOWS\System32\drivers\amdpsp.sys [2018-06-19 145792]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2019-03-19 56632]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\WINDOWS\system32\drivers\SgrmAgent.sys [2019-03-19 89096]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2019-03-19 40960]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2019-03-19 70456]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2019-03-19 59392]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2019-03-19 8704]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2019-12-21 457216]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2019-03-19 53760]
R3 AmdAS4;@oem30.inf,%AmdAS4.SVCDESC%;AmdAS4 service; C:\WINDOWS\System32\drivers\AmdAS4.sys [2018-06-19 26984]
R3 amdgpio2;@oem21.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys [2019-04-17 34568]
R3 amdi2c;@oem4.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys [2019-03-21 61728]
R3 amdkmdag;amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0320980.inf_amd64_3ed2fc96d61aef2d\atikmdag.sys [2017-11-28 36583328]
R3 AMDKMDAP;AMDKMDAP; C:\WINDOWS\System32\DriverStore\FileRepository\c0320980.inf_amd64_3ed2fc96d61aef2d\atikmpag.sys [2017-11-28 537504]
R3 amduart;@oem12.inf,%amduart.SVCDESC%;AMD UART Service; C:\WINDOWS\System32\drivers\amduart.sys [2018-06-19 91248]
R3 AtiHDAudioService;@oem0.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT6.sys [2018-06-19 111080]
R3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2020-02-26 117264]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2019-11-14 98304]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2019-03-19 64312]
R3 ibtusb;@oem36.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\system32\DRIVERS\ibtusb.sys [2018-06-19 136216]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2018-06-19 6161344]
R3 Netwtw04;___ Ovladač adaptéru Intel(R) Wireless pro systém Windows 10 64 Bit; C:\WINDOWS\System32\drivers\Netwtw04.sys [2019-08-27 8720384]
R3 rt640x64;@oem11.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2018-06-19 1024392]
R3 SmbDrv;SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [2018-09-21 53864]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2019-03-19 42808]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2019-03-19 319528]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2019-03-19 885048]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2019-03-19 148520]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2019-03-19 124448]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2019-03-19 128528]
S0 MbamElam;MbamElam; C:\WINDOWS\system32\DRIVERS\MbamElam.sys [2020-05-03 20936]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2019-03-19 75280]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2019-03-19 94736]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2019-03-19 58896]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2019-03-19 68624]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2019-03-19 41784]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2019-03-19 151352]
S0 SmartSAMD;SmartSAMD; C:\WINDOWS\System32\drivers\SmartSAMD.sys [2019-03-19 220176]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2019-03-19 20992]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2019-03-19 337920]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2019-11-14 18432]
S3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2019-09-16 231936]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2019-11-14 114688]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2019-03-19 97280]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2019-11-14 36864]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2019-03-19 133120]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2019-11-14 1428992]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2019-03-19 43008]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_b9c53b80e63af230\genericusbfn.sys [2019-09-16 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2019-03-19 53560]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2019-10-06 64000]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2020-02-26 84496]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2019-03-19 28672]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2019-03-19 1866768]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2019-03-19 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2019-03-19 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2019-03-19 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2019-03-19 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2019-03-19 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2019-03-19 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2019-03-19 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2019-03-19 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2019-03-19 180736]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2019-03-19 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2019-03-19 566800]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2019-03-19 46592]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel Power Limit Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2019-03-19 28672]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2019-03-19 54584]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2019-03-19 535864]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2019-03-19 62264]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2019-11-14 359424]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-03-19 64512]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2019-03-19 1150480]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2019-03-19 153616]
S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys [2019-03-19 63488]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2019-03-19 187904]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2019-03-19 158520]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2019-03-19 96056]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2019-03-19 127800]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2019-03-19 17408]
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2019-03-19 25600]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-12-21 986936]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2019-03-19 211456]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2019-03-19 113152]
S3 RTSUER;@oem2.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\WINDOWS\system32\Drivers\RtsUer.sys [2016-07-27 416472]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2019-03-19 33592]
S3 SmbDrvI;SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [2018-09-21 55400]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2019-03-19 76088]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2019-03-19 32568]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2017-11-28 561568]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 CDPUserSvc_587bf;Uživatelská služba platformy připojených zařízení_587bf; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 ibtsiva;@oem34.inf,%SERVICE_NAME%;Intel Bluetooth Service; C:\WINDOWS\System32\ibtsiva []
R2 OneSyncSvc_587bf;Hostitel synchronizace_587bf; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2018-06-19 324544]
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\WINDOWS\system32\SgrmBroker.exe [2019-03-19 263904]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 cbdhsvc_587bf;Uživatelská služba schránky_587bf; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 PimIndexMaintenanceSvc_587bf;Data kontaktů_587bf; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2020-02-26 928120]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2020-05-01 156104]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [2020-05-03 6933272]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AarSvc_587bf;Agent Activation Runtime_587bf; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BcastDVRUserService_587bf;Uživatelská služba pro GameDVR a vysílání her_587bf; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BluetoothUserService_587bf;Služba pro podporu uživatelů Bluetooth_587bf; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 CaptureService_587bf;CaptureService_587bf; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 ConsentUxUserSvc_587bf;ConsentUX_587bf; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2019-03-19 380120]
S3 CredentialEnrollmentManagerUserSvc_587bf;CredentialEnrollmentManagerUserSvc_587bf; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2019-03-19 380120]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DeviceAssociationBrokerSvc_587bf;DeviceAssociationBroker_587bf; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicePickerUserSvc_587bf;DevicePicker_587bf; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicesFlowUserSvc_587bf;Tok zařízení_587bf; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2019-09-16 97792]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2019-08-23 43704]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\elevation_service.exe [2020-04-25 1095664]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2020-05-01 156104]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 MessagingService_587bf;Služba zasílání zpráv_587bf; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2019-03-19 103424]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PrintWorkflowUserSvc_587bf;PrintWorkflow_587bf; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2019-03-19 1264128]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2019-08-23 986112]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]

-----------------EOF-----------------

[Rudy]

Zdravím!
Dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 . RSIT je s desítkami nekompatibilní.

[Anna.ja]

FRST log:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-04-2020
Ran by annaj (administrator) on LAPTOP-EIDJQT3V (HP HP Notebook) (03-05-2020 11:18:37)
Running from C:\Users\annaj\Desktop
Loaded Profiles: annaj (Available Profiles: Kaylee & annaj)
Platform: Windows 10 Home Version 1903 18362.657 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <18>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\annaj\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12004.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2004.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2004.6-0\NisSrv.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9268168 2018-06-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKU\S-1-5-21-4166479105-3376732293-2977569040-1002\...\Run: [GoogleChromeAutoLaunch_ADA758725F7AA6C3605C19B601173CCA] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-4166479105-3376732293-2977569040-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [27775672 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Installer\chrmstp.exe [2020-05-01] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\updateSteam.bat [2018-02-04] () [File not signed]

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {077207A0-4203-495A-AE37-A3A89DC76DB3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-01] (Google LLC -> Google LLC)
Task: {2F3DA226-06E6-4469-A9FC-332A54C5924C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MpCmdRun.exe [485944 2020-05-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5B97E34F-4E92-4702-89AB-0C27A5015794} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {68C2EC07-2EEA-439D-B1C2-664CE2934D95} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-01] (Google LLC -> Google LLC)
Task: {7A6398C5-DD02-487D-92DF-FA37F19799DF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [23571128 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9C5530F3-72E2-48B4-8D12-37C0BD52998B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MpCmdRun.exe [485944 2020-05-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D011B66B-EEA0-4618-BC79-942286A927E6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MpCmdRun.exe [485944 2020-05-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D2F7070E-90D4-4F35-87E9-D6C9DC5E24A2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MpCmdRun.exe [485944 2020-05-01] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{4ca10796-687f-47dc-ab0a-305811795174}: [DhcpNameServer] 213.46.172.37 213.46.172.36

Internet Explorer:
==================

Edge:
======
DownloadDir: C:\Users\annaj\Downloads

FireFox:
========
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\annaj\AppData\Local\Google\Chrome\User Data\Default [2020-05-03]
CHR HomePage: Default -> hxxp://seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/","hxxp://www.facebook.com/"
CHR Extension: (Prezentace) - C:\Users\annaj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-05-03]
CHR Extension: (Dokumenty) - C:\Users\annaj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-05-03]
CHR Extension: (Disk Google) - C:\Users\annaj\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-05-03]
CHR Extension: (YouTube) - C:\Users\annaj\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-05-03]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\annaj\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-05-03]
CHR Extension: (WAToolkit) - C:\Users\annaj\AppData\Local\Google\Chrome\User Data\Default\Extensions\fedimamkpgiemhacbdhkkaihgofncola [2020-05-03]
CHR Extension: (Tabulky) - C:\Users\annaj\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-05-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\annaj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-03]
CHR Extension: (Click&Clean) - C:\Users\annaj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2020-05-03]
CHR Extension: (VratnePenize.cz Připomínáček) - C:\Users\annaj\AppData\Local\Google\Chrome\User Data\Default\Extensions\iiekfaemafmplemocgimeccahephhdgf [2020-05-03]
CHR Extension: (TARDIS) - C:\Users\annaj\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjifgneioddlgbglnkppcblkccmninme [2020-05-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\annaj\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-05-03]
CHR Extension: (Gmail) - C:\Users\annaj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-05-03]
CHR Extension: (Chrome Media Router) - C:\Users\annaj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-03]
CHR Extension: (Rozšíření Kontrola hesel) - C:\Users\annaj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pncabnpcffmalkkjpajodfhijclecjno [2020-05-03]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [561568 2017-11-28] (Advanced Micro Devices, Inc. -> AMD)
R2 ibtsiva; C:\WINDOWS\System32\ibtsiva.exe [529912 2018-12-21] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-05-03] (Malwarebytes Inc -> Malwarebytes)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324544 2018-06-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [360872 2018-09-21] (Synaptics Incorporated -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\NisSrv.exe [3304992 2020-05-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MsMpEng.exe [103376 2020-05-01] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AmdAS4; C:\WINDOWS\System32\drivers\AmdAS4.sys [26984 2018-06-19] (Advanced Micro Devices Inc. -> Advanced Micro Devices, INC.)
R3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [34568 2019-04-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc)
R3 amdi2c; C:\WINDOWS\System32\drivers\amdi2c.sys [61728 2019-03-21] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0320980.inf_amd64_3ed2fc96d61aef2d\atikmdag.sys [36583328 2017-11-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDKMDAP; C:\WINDOWS\System32\DriverStore\FileRepository\c0320980.inf_amd64_3ed2fc96d61aef2d\atikmpag.sys [537504 2017-11-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [106416 2017-11-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdpsp; C:\WINDOWS\System32\drivers\amdpsp.sys [145792 2018-06-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
R3 amduart; C:\WINDOWS\System32\drivers\amduart.sys [91248 2018-06-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc)
R0 amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [93240 2018-06-19] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R0 amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [33336 2018-06-19] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [111080 2018-06-19] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [136216 2018-06-19] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-05-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [8720384 2019-08-27] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1024392 2018-06-19] (Realtek Semiconductor Corp. -> Realtek )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [416472 2016-07-27] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
R3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [53864 2018-09-21] (Synaptics Incorporated -> Synaptics Incorporated)
S3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [55400 2018-09-21] (Synaptics Incorporated -> Synaptics Incorporated)
R0 stormmc; C:\WINDOWS\System32\drivers\stormmc.sys [45416 2018-06-19] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-05-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [394680 2020-05-01] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64944 2020-05-01] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2019-11-15] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-03 11:18 - 2020-05-03 11:20 - 000014670 _____ C:\Users\annaj\Desktop\FRST.txt
2020-05-03 11:18 - 2020-05-03 11:19 - 000000000 ____D C:\FRST
2020-05-03 11:17 - 2020-05-03 11:17 - 002283520 _____ (Farbar) C:\Users\annaj\Desktop\FRST64.exe
2020-05-03 11:00 - 2020-05-03 11:00 - 000000000 ____D C:\rsit
2020-05-03 11:00 - 2020-05-03 11:00 - 000000000 ____D C:\Program Files\trend micro
2020-05-03 10:59 - 2020-05-03 10:59 - 001222144 _____ C:\Users\annaj\Desktop\RSITx64.exe
2020-05-03 10:41 - 2020-05-03 10:41 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-05-03 10:41 - 2020-05-03 10:41 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-05-03 10:41 - 2020-05-03 10:41 - 000000000 ____D C:\Users\annaj\AppData\Local\mbamtray
2020-05-03 10:41 - 2020-05-03 10:41 - 000000000 ____D C:\Users\annaj\AppData\Local\mbam
2020-05-03 10:40 - 2020-05-03 10:40 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-05-03 10:40 - 2020-05-03 10:40 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-05-03 10:40 - 2020-05-03 10:40 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-05-03 10:39 - 2020-05-03 10:39 - 000000000 ____D C:\Program Files\Malwarebytes
2020-05-03 10:36 - 2020-05-03 10:36 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-05-03 10:36 - 2020-05-03 10:36 - 000002888 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-05-03 10:36 - 2020-05-03 10:36 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-05-03 10:36 - 2020-05-03 10:36 - 000000000 ____D C:\Program Files\CCleaner
2020-05-03 10:35 - 2020-05-03 10:35 - 025306104 _____ (Piriform Software Ltd) C:\Users\annaj\Desktop\ccsetup566.exe
2020-05-03 10:23 - 2020-05-03 10:23 - 008196784 _____ (Malwarebytes) C:\Users\annaj\Desktop\adwcleaner_8.0.4.exe
2020-05-03 10:23 - 2020-05-03 10:23 - 000000000 ____D C:\Users\annaj\AppData\Local\Comms
2020-05-03 10:20 - 2020-05-03 10:20 - 000000000 ____D C:\Users\annaj\AppData\LocalLow\AMD
2020-05-03 10:17 - 2020-05-03 10:17 - 000000000 ___HD C:\OneDriveTemp
2020-05-01 21:16 - 2020-05-03 10:31 - 000000000 ___RD C:\Users\annaj\OneDrive
2020-05-01 21:16 - 2020-05-01 21:16 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4166479105-3376732293-2977569040-1002
2020-05-01 21:14 - 2020-05-01 21:14 - 000001450 _____ C:\Users\annaj\Desktop\Microsoft Edge.lnk
2020-05-01 21:14 - 2020-05-01 21:14 - 000000000 ___HD C:\Users\annaj\MicrosoftEdgeBackups
2020-05-01 21:14 - 2020-05-01 21:14 - 000000000 ____D C:\Users\annaj\AppData\Local\PlaceholderTileLogoFolder
2020-05-01 21:13 - 2020-05-03 10:17 - 000000000 ____D C:\Users\annaj\AppData\Local\MicrosoftEdge
2020-05-01 21:12 - 2020-05-03 10:23 - 000000000 ____D C:\Users\annaj\AppData\Local\PackageStaging
2020-05-01 21:12 - 2020-05-01 21:12 - 000000000 ____D C:\Users\annaj\AppData\Local\Publishers
2020-05-01 21:11 - 2020-05-03 10:25 - 000000000 ____D C:\Users\annaj\AppData\Local\Packages
2020-05-01 21:11 - 2020-05-03 10:24 - 000000000 ____D C:\Users\annaj\AppData\Local\Google
2020-05-01 21:11 - 2020-05-03 10:16 - 000000000 ____D C:\Users\annaj\AppData\Local\ConnectedDevicesPlatform
2020-05-01 21:11 - 2020-05-01 21:16 - 000002372 _____ C:\Users\annaj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-05-01 21:11 - 2020-05-01 21:16 - 000000000 ____D C:\Users\annaj
2020-05-01 21:11 - 2020-05-01 21:11 - 000000020 ___SH C:\Users\annaj\ntuser.ini
2020-05-01 21:11 - 2020-05-01 21:11 - 000000000 _SHDL C:\Users\annaj\Šablony
2020-05-01 21:11 - 2020-05-01 21:11 - 000000000 _SHDL C:\Users\annaj\Soubory cookie
2020-05-01 21:11 - 2020-05-01 21:11 - 000000000 _SHDL C:\Users\annaj\Poslední
2020-05-01 21:11 - 2020-05-01 21:11 - 000000000 _SHDL C:\Users\annaj\Okolní tiskárny
2020-05-01 21:11 - 2020-05-01 21:11 - 000000000 _SHDL C:\Users\annaj\Okolní síť
2020-05-01 21:11 - 2020-05-01 21:11 - 000000000 _SHDL C:\Users\annaj\Nabídka Start
2020-05-01 21:11 - 2020-05-01 21:11 - 000000000 _SHDL C:\Users\annaj\Dokumenty
2020-05-01 21:11 - 2020-05-01 21:11 - 000000000 _SHDL C:\Users\annaj\Documents\Obrázky
2020-05-01 21:11 - 2020-05-01 21:11 - 000000000 _SHDL C:\Users\annaj\Documents\Hudba
2020-05-01 21:11 - 2020-05-01 21:11 - 000000000 _SHDL C:\Users\annaj\Documents\Filmy
2020-05-01 21:11 - 2020-05-01 21:11 - 000000000 _SHDL C:\Users\annaj\Data aplikací
2020-05-01 21:11 - 2020-05-01 21:11 - 000000000 _SHDL C:\Users\annaj\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2020-05-01 21:11 - 2020-05-01 21:11 - 000000000 _SHDL C:\Users\annaj\AppData\Local\Data aplikací
2020-05-01 21:11 - 2020-05-01 21:11 - 000000000 ___RD C:\Users\annaj\3D Objects
2020-05-01 21:11 - 2020-05-01 21:11 - 000000000 ____D C:\Users\annaj\AppData\Roaming\Synaptics
2020-05-01 21:11 - 2020-05-01 21:11 - 000000000 ____D C:\Users\annaj\AppData\Roaming\Adobe
2020-05-01 21:11 - 2020-05-01 21:11 - 000000000 ____D C:\Users\annaj\AppData\Local\VirtualStore
2020-05-01 21:11 - 2020-05-01 21:11 - 000000000 ____D C:\Users\annaj\AppData\Local\AMD
2020-05-01 21:11 - 2016-09-23 07:36 - 000000000 ___HD C:\Users\annaj\Documents\hp.system.package.metadata
2020-05-01 21:11 - 2016-09-23 07:36 - 000000000 ___HD C:\Users\annaj\Documents\hp.applications.package.appdata
2020-05-01 20:36 - 2020-05-01 20:36 - 000000000 ____D C:\ProgramData\Synaptics
2020-05-01 12:38 - 2020-05-01 12:38 - 000001752 _____ C:\Users\Kayle\Desktop\MPC-HC x64.lnk
2020-05-01 12:38 - 2020-05-01 12:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64
2020-05-01 12:38 - 2020-05-01 12:38 - 000000000 ____D C:\Program Files\MPC-HC
2020-05-01 12:34 - 2020-05-01 12:34 - 014185472 _____ (MPC-HC Team ) C:\Users\Kayle\Desktop\MPC-HC.1.7.13.x64.exe
2020-05-01 12:27 - 2020-05-01 12:27 - 000001150 _____ C:\Users\Public\Desktop\VLC media player.lnk
2020-05-01 12:27 - 2020-05-01 12:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2020-05-01 12:26 - 2020-05-01 12:26 - 000000000 ____D C:\Program Files (x86)\VideoLAN
2020-05-01 12:25 - 2020-05-01 12:26 - 041210600 _____ C:\Users\Kayle\Desktop\vlc-3.0.10-win32.exe
2020-05-01 12:13 - 2020-05-01 12:13 - 000001390 _____ C:\Users\Public\Desktop\Skype.lnk
2020-05-01 12:13 - 2020-05-01 12:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-05-01 12:06 - 2020-05-01 12:07 - 069917744 _____ (Skype Technologies S.A.) C:\Users\Kayle\Desktop\Skype-8.59.0.77.exe
2020-05-01 12:06 - 2020-05-01 12:05 - 000744808 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-05-01 11:55 - 2020-05-01 11:55 - 000002384 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-05-01 11:55 - 2020-05-01 11:55 - 000002343 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-05-01 11:54 - 2020-05-01 11:59 - 000000000 ____D C:\Users\Kayle\AppData\Local\Google
2020-05-01 11:54 - 2020-05-01 11:55 - 000000000 ____D C:\Program Files (x86)\Google
2020-05-01 11:54 - 2020-05-01 11:54 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-05-01 11:54 - 2020-05-01 11:54 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-05-01 11:52 - 2020-05-01 11:52 - 000000000 ____D C:\Users\Kayle\AppData\Local\Comms
2020-05-01 02:34 - 2020-05-01 20:46 - 000000000 ____D C:\Users\Kayle\AppData\Local\PlaceholderTileLogoFolder
2020-05-01 02:34 - 2020-05-01 02:35 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4166479105-3376732293-2977569040-1001
2020-05-01 02:33 - 2020-05-01 02:33 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2020-05-01 02:32 - 2020-05-01 02:32 - 000001450 _____ C:\Users\Kayle\Desktop\Microsoft Edge.lnk
2020-05-01 02:31 - 2020-05-01 02:31 - 000000000 ____D C:\Users\Kayle\AppData\Local\MicrosoftEdge
2020-05-01 02:30 - 2020-05-01 12:05 - 000000000 ____D C:\ProgramData\Packages
2020-05-01 02:30 - 2020-05-01 02:30 - 000000000 ____D C:\Users\Kayle\AppData\Local\Publishers
2020-05-01 02:29 - 2020-05-01 20:46 - 000000000 ____D C:\Users\Kayle\AppData\Local\Packages
2020-05-01 02:29 - 2020-05-01 02:30 - 000000000 ____D C:\Users\Kayle\AppData\Local\ConnectedDevicesPlatform
2020-05-01 02:29 - 2020-05-01 02:29 - 000000020 ___SH C:\Users\Kayle\ntuser.ini
2020-05-01 02:29 - 2020-05-01 02:29 - 000000000 ____D C:\Users\Kayle\AppData\Roaming\Synaptics
2020-05-01 02:29 - 2020-05-01 02:29 - 000000000 ____D C:\Users\Kayle\AppData\Roaming\Adobe
2020-05-01 02:29 - 2020-05-01 02:29 - 000000000 ____D C:\Users\Kayle\AppData\Local\VirtualStore
2020-05-01 02:29 - 2020-05-01 02:29 - 000000000 ____D C:\Users\Kayle\AppData\Local\AMD
2020-05-01 01:45 - 2020-05-01 02:07 - 000000000 ____D C:\Windows.old
2020-05-01 01:43 - 2020-05-01 01:44 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2020-05-01 01:43 - 2020-05-01 01:43 - 000000000 ____D C:\Program Files\Synaptics
2020-05-01 01:41 - 2020-05-03 10:34 - 001693636 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-05-01 01:41 - 2020-05-01 01:41 - 000000000 ____D C:\WINDOWS\AMDTAs
2020-05-01 01:40 - 2020-05-01 01:40 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2020-05-01 01:39 - 2020-05-01 01:39 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2020-05-01 01:39 - 2020-05-01 01:39 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2020-05-01 01:39 - 2020-05-01 01:39 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Data aplikací
2020-05-01 01:39 - 2020-05-01 01:39 - 000000000 _SHDL C:\Users\Default User
2020-05-01 01:39 - 2020-05-01 01:39 - 000000000 _SHDL C:\Users\All Users
2020-05-01 01:39 - 2020-05-01 01:39 - 000000000 _SHDL C:\ProgramData\Šablony
2020-05-01 01:39 - 2020-05-01 01:39 - 000000000 _SHDL C:\ProgramData\Plocha
2020-05-01 01:39 - 2020-05-01 01:39 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2020-05-01 01:39 - 2020-05-01 01:39 - 000000000 _SHDL C:\ProgramData\Dokumenty
2020-05-01 01:39 - 2020-05-01 01:39 - 000000000 _SHDL C:\ProgramData\Data aplikací
2020-05-01 01:38 - 2020-05-03 10:27 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-05-01 01:38 - 2020-05-01 12:06 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-05-01 01:38 - 2020-05-01 01:38 - 000000000 ____D C:\WINDOWS\Setup
2020-05-01 01:37 - 2020-05-01 01:37 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2020-05-01 01:37 - 2020-05-01 01:37 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2020-05-01 01:37 - 2020-05-01 01:37 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2020-05-01 01:37 - 2020-05-01 01:37 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2020-05-01 01:37 - 2020-05-01 01:37 - 000000000 ____D C:\WINDOWS\OCR
2020-05-01 01:37 - 2020-05-01 01:37 - 000000000 ____D C:\ProgramData\ssh
2020-05-01 01:37 - 2020-05-01 01:37 - 000000000 ____D C:\Program Files\Reference Assemblies
2020-05-01 01:37 - 2020-05-01 01:37 - 000000000 ____D C:\Program Files\MSBuild
2020-05-01 01:37 - 2020-05-01 01:37 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2020-05-01 01:37 - 2020-05-01 01:37 - 000000000 ____D C:\Program Files (x86)\MSBuild
2020-05-01 01:35 - 2020-05-03 10:34 - 000718018 _____ C:\WINDOWS\system32\perfh005.dat
2020-05-01 01:35 - 2020-05-03 10:34 - 000145062 _____ C:\WINDOWS\system32\perfc005.dat
2020-05-01 01:35 - 2020-05-01 01:35 - 000296964 _____ C:\WINDOWS\system32\perfi005.dat
2020-05-01 01:35 - 2020-05-01 01:35 - 000038778 _____ C:\WINDOWS\system32\perfd005.dat
2020-05-01 01:35 - 2020-05-01 01:35 - 000036088 _____ C:\Users\Kayle\Desktop\Odebrané aplikace.html
2020-05-01 01:35 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2020-05-01 01:35 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2020-05-01 01:35 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2020-05-01 01:35 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2020-05-01 01:35 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2020-05-01 01:35 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2020-05-01 01:35 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\SysWOW64\0409
2020-05-01 01:35 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\system32\winrm
2020-05-01 01:35 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\system32\WCN
2020-05-01 01:35 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\system32\slmgr
2020-05-01 01:35 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2020-05-01 01:35 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\system32\cs
2020-05-01 01:35 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\system32\0409
2020-05-01 01:35 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\DigitalLocker
2020-05-01 01:35 - 2020-05-01 01:35 - 000000000 ____D C:\Users\Kayle\Documents\FreshStart
2020-05-01 01:31 - 2020-02-03 22:56 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-05-01 01:31 - 2020-02-03 22:56 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-05-01 01:27 - 2020-05-01 01:50 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2020-05-01 01:27 - 2020-05-01 01:22 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2020-05-01 01:27 - 2020-05-01 01:22 - 000215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2020-05-01 01:27 - 2020-05-01 01:22 - 000215943 _____ C:\WINDOWS\system32\dssec.dat
2020-05-01 01:27 - 2020-05-01 01:22 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2020-05-01 01:27 - 2020-05-01 01:22 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2020-05-01 01:27 - 2020-05-01 01:22 - 000018903 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2020-05-01 01:27 - 2020-05-01 01:22 - 000017635 _____ C:\WINDOWS\system32\Drivers\etc\services
2020-05-01 01:27 - 2020-05-01 01:22 - 000003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2020-05-01 01:27 - 2020-05-01 01:22 - 000003103 _____ C:\WINDOWS\SysWOW64\mmc.exe.config
2020-05-01 01:27 - 2020-05-01 01:22 - 000003103 _____ C:\WINDOWS\system32\mmc.exe.config
2020-05-01 01:27 - 2020-05-01 01:22 - 000001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol
2020-05-01 01:27 - 2020-05-01 01:22 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2020-05-01 01:27 - 2020-05-01 01:22 - 000000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2020-05-01 01:27 - 2020-05-01 01:22 - 000000741 _____ C:\WINDOWS\system32\NOISE.DAT
2020-05-01 01:27 - 2020-05-01 01:22 - 000000407 _____ C:\WINDOWS\system32\Drivers\etc\networks
2020-05-01 01:27 - 2020-05-01 01:22 - 000000219 _____ C:\WINDOWS\system.ini
2020-05-01 01:27 - 2020-05-01 01:22 - 000000092 _____ C:\WINDOWS\win.ini
2020-05-01 01:26 - 2020-05-03 11:12 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-05-01 01:26 - 2020-05-03 10:40 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-05-01 01:26 - 2020-05-03 10:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-05-01 01:26 - 2020-05-03 10:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-05-01 01:26 - 2020-05-01 20:58 - 000000000 ___HD C:\Program Files\WindowsApps
2020-05-01 01:26 - 2020-05-01 12:26 - 000000000 ___RD C:\Program Files (x86)
2020-05-01 01:26 - 2020-05-01 12:06 - 000000000 ____D C:\Program Files\Windows Defender
2020-05-01 01:26 - 2020-05-01 02:30 - 000000000 ____D C:\ProgramData\USOPrivate
2020-05-01 01:26 - 2020-05-01 02:07 - 000000000 ____D C:\WINDOWS\system32\spool
2020-05-01 01:26 - 2020-05-01 02:07 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2020-05-01 01:26 - 2020-05-01 01:49 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2020-05-01 01:26 - 2020-05-01 01:45 - 000000000 __RHD C:\Users\Public\Libraries
2020-05-01 01:26 - 2020-05-01 01:39 - 000000000 ____D C:\Program Files\Windows NT
2020-05-01 01:26 - 2020-05-01 01:37 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2020-05-01 01:26 - 2020-05-01 01:37 - 000000000 ____D C:\WINDOWS\SystemResources
2020-05-01 01:26 - 2020-05-01 01:37 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-05-01 01:26 - 2020-05-01 01:37 - 000000000 ____D C:\WINDOWS\system32\MUI
2020-05-01 01:26 - 2020-05-01 01:37 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-05-01 01:26 - 2020-05-01 01:35 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2020-05-01 01:26 - 2020-05-01 01:35 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2020-05-01 01:26 - 2020-05-01 01:35 - 000000000 ___SD C:\WINDOWS\system32\F12
2020-05-01 01:26 - 2020-05-01 01:35 - 000000000 ___SD C:\WINDOWS\system32\dsc
2020-05-01 01:26 - 2020-05-01 01:35 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-05-01 01:26 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-05-01 01:26 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-05-01 01:26 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-05-01 01:26 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2020-05-01 01:26 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-05-01 01:26 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2020-05-01 01:26 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\system32\setup
2020-05-01 01:26 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-05-01 01:26 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-05-01 01:26 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-05-01 01:26 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-05-01 01:26 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\system32\Com
2020-05-01 01:26 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\IME
2020-05-01 01:26 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\Help
2020-05-01 01:26 - 2020-05-01 01:35 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-05-01 01:26 - 2020-05-01 01:35 - 000000000 ____D C:\Program Files\Common Files\System
2020-05-01 01:26 - 2020-05-01 01:35 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-05-01 01:26 - 2020-05-01 01:35 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-05-01 01:26 - 2020-05-01 01:35 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 __RSD C:\WINDOWS\Media
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ___SD C:\WINDOWS\system32\Nui
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\TextInput
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\system32\ti-et
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\system32\ta-lk
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\system32\ta-in
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\system32\si-lk
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\system32\osa-Osge-001
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\system32\my-mm
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\system32\Keywords
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\system32\icsxml
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\system32\ias
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\system32\ff-Adlm-SN
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\system32\downlevel
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\system32\DDFs
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\system32\Bthprops
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\system32\appraiser
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\system32\am-et
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\ShellComponents
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\Registration
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\Provisioning
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\L2Schemas
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\IdentityCRL
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\DiagTrack
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\Cursors
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\addins
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\Program Files\Windows Portable Devices
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\Program Files\Common Files\Services
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 __SHD C:\Program Files\Windows Sidebar
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ___SD C:\WINDOWS\system32\Configuration
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ___HD C:\WINDOWS\LanguageOverlayCache
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\Web
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\WaaS
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\Vss
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\tracing
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\TAPI
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ras
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Msdtc
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\SystemApps
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\system32\winevt
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\system32\ras
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\system32\ProximityToast
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\system32\PointOfService
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\system32\Ipmi
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\system32\IME
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\system32\Hydrogen
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\system32\GroupPolicyUsers
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\system32\DriverState
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\system32\config\TxR
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\system32\config\RegBack
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\system32\config\Journal
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\System
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\SKB
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\schemas
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\SchCache
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\ServiceState
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\security
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\Resources
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\rescache
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\PLA
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\Performance
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\ModemLogs
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\InputMethod
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\Globalization
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\Containers
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\Branding
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\appcompat
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\ProgramData\USOShared
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\Program Files\Windows Security
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\Program Files\ModifiableWindowsApps
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\Program Files (x86)\Windows NT
2020-05-01 01:26 - 2020-05-01 01:13 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-05-01 01:26 - 2020-05-01 01:13 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-05-01 01:26 - 2020-05-01 01:11 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2020-05-01 01:23 - 2020-05-03 11:18 - 000000000 ____D C:\WINDOWS\INF
2020-05-01 01:22 - 2020-05-01 02:35 - 000002372 _____ C:\Users\Kayle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-05-01 01:22 - 2020-05-01 02:29 - 000000000 ____D C:\Users\Kayle
2020-05-01 01:22 - 2020-05-01 01:22 - 000000000 _SHDL C:\Users\Kayle\Šablony
2020-05-01 01:22 - 2020-05-01 01:22 - 000000000 _SHDL C:\Users\Kayle\Soubory cookie
2020-05-01 01:22 - 2020-05-01 01:22 - 000000000 _SHDL C:\Users\Kayle\Poslední
2020-05-01 01:22 - 2020-05-01 01:22 - 000000000 _SHDL C:\Users\Kayle\Okolní tiskárny
2020-05-01 01:22 - 2020-05-01 01:22 - 000000000 _SHDL C:\Users\Kayle\Okolní síť
2020-05-01 01:22 - 2020-05-01 01:22 - 000000000 _SHDL C:\Users\Kayle\Nabídka Start
2020-05-01 01:22 - 2020-05-01 01:22 - 000000000 _SHDL C:\Users\Kayle\Dokumenty
2020-05-01 01:22 - 2020-05-01 01:22 - 000000000 _SHDL C:\Users\Kayle\Documents\Obrázky
2020-05-01 01:22 - 2020-05-01 01:22 - 000000000 _SHDL C:\Users\Kayle\Documents\Hudba
2020-05-01 01:22 - 2020-05-01 01:22 - 000000000 _SHDL C:\Users\Kayle\Documents\Filmy
2020-05-01 01:22 - 2020-05-01 01:22 - 000000000 _SHDL C:\Users\Kayle\Data aplikací
2020-05-01 01:22 - 2020-05-01 01:22 - 000000000 _SHDL C:\Users\Kayle\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2020-05-01 01:22 - 2020-05-01 01:22 - 000000000 _SHDL C:\Users\Kayle\AppData\Local\Data aplikací
2020-05-01 01:12 - 2020-05-01 21:14 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-05-01 01:12 - 2020-05-01 01:12 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2020-05-01 01:11 - 2020-05-01 01:11 - 000046573 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2020-05-01 01:11 - 2020-05-01 01:11 - 000002065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DTS Audio Control.lnk
2020-05-01 01:11 - 2020-05-01 01:11 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_AMDASF_01011.Wdf
2020-05-01 01:11 - 2020-05-01 01:11 - 000000000 ____D C:\ProgramData\SRS Labs
2020-05-01 01:11 - 2020-05-01 01:11 - 000000000 ____D C:\ProgramData\SoundResearch
2020-05-01 01:11 - 2020-05-01 01:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
2020-05-01 01:11 - 2020-05-01 01:11 - 000000000 ____D C:\Program Files\ATI Technologies
2020-05-01 01:11 - 2020-05-01 01:11 - 000000000 ____D C:\Program Files (x86)\AMD
2020-05-01 01:10 - 2020-05-03 10:26 - 000065536 _____ C:\WINDOWS\psp_storage.bin
2020-05-01 01:10 - 2020-05-01 01:11 - 000000000 ____D C:\ProgramData\Package Cache
2020-05-01 01:10 - 2020-05-01 01:10 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2020-05-01 01:10 - 2020-05-01 01:10 - 000000000 ____D C:\WINDOWS\system32\SRSLabs
2020-05-01 01:10 - 2020-05-01 01:10 - 000000000 ____D C:\Program Files\Realtek
2020-05-01 01:09 - 2020-05-01 01:11 - 000000000 ____D C:\Program Files\AMD
2020-05-01 01:09 - 2020-05-01 01:09 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2020-05-01 01:09 - 2019-08-23 12:46 - 002874368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-05-01 01:03 - 2020-05-03 10:38 - 000000000 ____D C:\WINDOWS\Panther
2020-05-01 01:03 - 2020-05-03 10:26 - 082313216 _____ C:\WINDOWS\system32\config\SYSTEM
2020-05-01 01:03 - 2020-05-03 10:26 - 071303168 _____ C:\WINDOWS\system32\config\SOFTWARE
2020-05-01 01:03 - 2020-05-03 10:26 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-05-01 01:03 - 2020-05-03 10:26 - 000524288 _____ C:\WINDOWS\system32\config\DEFAULT
2020-05-01 01:03 - 2020-05-03 10:26 - 000065536 _____ C:\WINDOWS\system32\config\SAM
2020-05-01 01:03 - 2020-05-03 10:26 - 000032768 _____ C:\WINDOWS\system32\config\SECURITY
2020-05-01 01:03 - 2020-05-01 21:14 - 000000000 ____D C:\WINDOWS\servicing
2020-05-01 01:03 - 2020-05-01 01:38 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-05-01 01:03 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\system32\SMI
2020-05-01 00:56 - 2020-05-01 20:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-05-01 00:56 - 2020-05-01 01:24 - 000342352 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-04-30 23:38 - 2020-04-30 23:54 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-04-30 23:38 - 2020-04-30 23:54 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-04-30 23:17 - 2020-05-01 01:54 - 000000000 ___HD C:\$SysReset
2020-04-30 23:01 - 2020-05-03 10:25 - 000000000 ____D C:\AdwCleaner
2020-04-30 22:40 - 2019-09-28 22:31 - 007636680 _____ (Malwarebytes) C:\Users\Kayle\Desktop\adwcleaner_7.4.1.exe
2020-04-30 22:32 - 2020-04-30 22:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2020-04-16 22:12 - 2020-04-16 22:12 - 000002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-03 10:36 - 2018-01-24 03:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-05-03 10:25 - 2018-04-14 00:57 - 000000000 ____D C:\Users\Kayle\AppData\LocalLow\IObit
2020-05-01 21:11 - 2016-07-29 14:33 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-05-01 02:35 - 2017-07-30 20:18 - 000000000 ___RD C:\Users\Kayle\OneDrive
2020-05-01 02:29 - 2017-10-31 23:44 - 000000000 ___RD C:\Users\Kayle\3D Objects
2020-05-01 01:49 - 2019-04-05 19:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2020-05-01 01:49 - 2018-01-24 03:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X5
2020-05-01 01:49 - 2018-01-23 23:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2020-05-01 01:49 - 2018-01-22 16:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7
2020-05-01 01:49 - 2018-01-16 17:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2020-05-01 01:49 - 2017-08-23 14:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC
2020-05-01 01:49 - 2017-08-07 22:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2020-05-01 01:49 - 2016-09-23 07:36 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2020-05-01 01:45 - 2019-05-19 13:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher Enhanced Edition [GOG.com]
2020-05-01 01:45 - 2019-05-19 12:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2020-05-01 01:45 - 2018-03-05 19:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2020-05-01 01:45 - 2017-10-04 20:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameTop.com
2020-05-01 01:35 - 2018-01-16 17:55 - 000000000 ____D C:\Users\Kayle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2020-05-01 01:35 - 2017-07-30 21:25 - 000000000 ____D C:\Users\Kayle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2020-05-01 01:10 - 2017-07-30 23:02 - 000000000 ____D C:\AMD
2020-04-30 22:58 - 2018-01-24 03:27 - 000000000 ____D C:\Users\Kayle\Documents\CCLEaner

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================




Addition log:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-04-2020
Ran by annaj (03-05-2020 11:21:24)
Running from C:\Users\annaj\Desktop
Windows 10 Home Version 1903 18362.657 (X64) (2020-05-01 00:07:17)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4166479105-3376732293-2977569040-500 - Administrator - Disabled)
annaj (S-1-5-21-4166479105-3376732293-2977569040-1002 - Administrator - Enabled) => C:\Users\annaj
DefaultAccount (S-1-5-21-4166479105-3376732293-2977569040-503 - Limited - Disabled)
defaultuser100001 (S-1-5-21-4166479105-3376732293-2977569040-1004 - Limited - Enabled)
Guest (S-1-5-21-4166479105-3376732293-2977569040-501 - Limited - Disabled)
Kaylee (S-1-5-21-4166479105-3376732293-2977569040-1001 - Administrator - Enabled) => C:\Users\Kayle
WDAGUtilityAccount (S-1-5-21-4166479105-3376732293-2977569040-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{6EF6941D-4393-2231-3D29-C52ED8ED485F}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{7784F531-3276-EBB5-F590-F62151FE39A9}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{BEBEB9E8-D83E-FC1A-6EB4-EA3609DA4967}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{DE06415A-00C1-CA00-082B-693F3F04D9E9}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{19C0293F-9157-3931-F773-64F879906064}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{58C33198-3421-5C93-2993-B69796CD64FC}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{3FB42013-DFEA-42C7-2409-2A993F0A125F}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{E42B85E8-5E5C-F890-A943-CA53E9212DB0}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{45571752-4A06-D0B6-9626-AA42F733F06A}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{01ED4501-7134-67E5-0AF0-3B6003646E1A}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{FDFEBDEA-140C-AF32-5D1D-D85858CF589D}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{7EC80E29-C710-843D-AEF8-3E03473D0166}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{6DF59C47-EAA3-09D8-E1A1-ADF4ADD66771}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{DB3312FA-CD19-EDF6-1DDE-A53A796991B5}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{625D3128-2C37-F193-1346-0727DD1E6E96}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{CBD24DD2-87EF-84C3-CE61-7ACF33779AFA}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{08AE5F97-73E6-2049-1976-12C786CD1828}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{48ACCBEA-F85D-0908-24D6-A8DDBE0621C2}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{86521D14-67A5-D13B-44DD-64E3BDBEE245}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{EEB0FB79-C020-3725-867E-6FF3EA0782A1}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{B1DE4F1A-449C-75A6-16D1-CB7B6BCE526C}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.66 - Piriform)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 81.0.4044.129 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-4166479105-3376732293-2977569040-1002\...\OneDriveSetup.exe) (Version: 19.232.1124.0012 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconduct Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8372 - Realtek Semiconductor Corp.)
Skype verze 8.59 (HKLM-x32\...\Skype_is1) (Version: 8.59 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.5.10.75 - Synaptics Incorporated)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.10 - VideoLAN)

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-05-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-05-01] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.4282.0_x64__8wekyb3d8bbwe [2020-05-01] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-05-01] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-05-03] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-09-25] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-05-03] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2020-05-01 01:27 - 2020-05-01 01:22 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4166479105-3376732293-2977569040-1002\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1251C8BC-070D-46E9-8BF0-EFA9ACC92836}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{2145AE90-5EE9-47EA-A746-F25B9F1C53B0}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9E50C9D7-0B7F-4AAB-9EF6-D1394D4FB71B}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (05/03/2020 10:58:27 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7188,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/03/2020 10:49:42 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3168,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/03/2020 10:35:28 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3792,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/01/2020 09:12:35 PM) (Source: ESENT) (EventID: 455) (User: )
Description: StartMenuExperienceHost (6552,R,98) TILEREPOSITORYS-1-5-21-4166479105-3376732293-2977569040-1002: Při otevírání souboru protokolu C:\Users\annaj\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/01/2020 09:12:35 PM) (Source: ESENT) (EventID: 522) (User: )
Description: StartMenuExperienceHost (6552,P,98) TILEREPOSITORYS-1-5-21-4166479105-3376732293-2977569040-1002: Pokus o otevření zařízení s názvem \\.\C:, který obsahuje C:\, se nepodařil a došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace se nepodaří a dojde k chybě -1032 (0xfffffbf8).

Error: (05/01/2020 09:03:58 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11016,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/01/2020 08:51:54 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1488,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/01/2020 01:09:50 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8292,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (05/03/2020 10:26:07 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv04.dll

Error: (05/03/2020 10:26:07 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv04.dll

Error: (05/03/2020 10:26:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Microsoft Passport Container neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (05/03/2020 10:25:55 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv04.dll

Error: (05/03/2020 10:25:44 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SynTPEnh Caller Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/03/2020 10:25:44 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel Bluetooth Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/03/2020 10:25:44 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD External Events Utility byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/01/2020 08:43:05 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9WZDNCRFJBMP-MICROSOFT.WINDOWSSTORE.


==================== Memory info ===========================

BIOS: Insyde F.35 09/26/2016
Motherboard: HP 8223
Processor: AMD A10-9600P RADEON R5, 10 COMPUTE CORES 4C+6G
Percentage of memory in use: 52%
Total physical RAM: 7647.12 MB
Available physical RAM: 3604.75 MB
Total Virtual: 9503.12 MB
Available Virtual: 5398.8 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:919.14 GB) (Free:598.91 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:11.14 GB) (Free:1.68 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{65d0fd2b-1c1a-4d95-a418-11c126a556a7}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.39 GB) NTFS
\\?\Volume{d68b7eac-6af6-4df3-bb39-ee932dc82dc1}\ () (Fixed) (Total:0.25 GB) (Free:0.17 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: A50E1C7D)

Partition: GPT.

==================== End of Addition.txt =======================

[Rudy]

OK. Teď spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[Anna.ja]

Log z Adwcleaneru (stránka se po restartu zase otevřela)

# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build: 04-03-2020
# Database: 2020-04-08.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-03-2020
# Duration: 00:00:02
# OS: Windows 10 Home
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.HPSupportAssistant Folder C:\HP\SUPPORT


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner_Debug.log - [6060 octets] - [30/04/2020 23:01:00]
AdwCleaner[S00].txt - [1660 octets] - [03/05/2020 10:24:55]
AdwCleaner[C00].txt - [1786 octets] - [03/05/2020 10:25:46]
AdwCleaner[S01].txt - [1616 octets] - [03/05/2020 16:28:04]
AdwCleaner[S02].txt - [1677 octets] - [03/05/2020 16:31:52]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########

[Rudy]

Dejte nové logy FRST+Addition.

[Anna.ja]

FRST log:

# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build: 04-03-2020
# Database: 2020-04-08.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-03-2020
# Duration: 00:00:02
# OS: Windows 10 Home
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.HPSupportAssistant Folder C:\HP\SUPPORT


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner_Debug.log - [6060 octets] - [30/04/2020 23:01:00]
AdwCleaner[S00].txt - [1660 octets] - [03/05/2020 10:24:55]
AdwCleaner[C00].txt - [1786 octets] - [03/05/2020 10:25:46]
AdwCleaner[S01].txt - [1616 octets] - [03/05/2020 16:28:04]
AdwCleaner[S02].txt - [1677 octets] - [03/05/2020 16:31:52]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########



Addition log:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-05-2020
Ran by annaj (03-05-2020 17:11:46)
Running from C:\Users\annaj\Desktop
Windows 10 Home Version 1903 18362.657 (X64) (2020-05-01 00:07:17)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4166479105-3376732293-2977569040-500 - Administrator - Disabled)
annaj (S-1-5-21-4166479105-3376732293-2977569040-1002 - Administrator - Enabled) => C:\Users\annaj
DefaultAccount (S-1-5-21-4166479105-3376732293-2977569040-503 - Limited - Disabled)
Guest (S-1-5-21-4166479105-3376732293-2977569040-501 - Limited - Disabled)
Kaylee (S-1-5-21-4166479105-3376732293-2977569040-1001 - Administrator - Enabled) => C:\Users\Kayle
WDAGUtilityAccount (S-1-5-21-4166479105-3376732293-2977569040-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{6EF6941D-4393-2231-3D29-C52ED8ED485F}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{7784F531-3276-EBB5-F590-F62151FE39A9}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{BEBEB9E8-D83E-FC1A-6EB4-EA3609DA4967}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{DE06415A-00C1-CA00-082B-693F3F04D9E9}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{19C0293F-9157-3931-F773-64F879906064}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{58C33198-3421-5C93-2993-B69796CD64FC}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{3FB42013-DFEA-42C7-2409-2A993F0A125F}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{E42B85E8-5E5C-F890-A943-CA53E9212DB0}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{45571752-4A06-D0B6-9626-AA42F733F06A}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{01ED4501-7134-67E5-0AF0-3B6003646E1A}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{FDFEBDEA-140C-AF32-5D1D-D85858CF589D}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{7EC80E29-C710-843D-AEF8-3E03473D0166}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{6DF59C47-EAA3-09D8-E1A1-ADF4ADD66771}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{DB3312FA-CD19-EDF6-1DDE-A53A796991B5}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{625D3128-2C37-F193-1346-0727DD1E6E96}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{CBD24DD2-87EF-84C3-CE61-7ACF33779AFA}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{08AE5F97-73E6-2049-1976-12C786CD1828}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{48ACCBEA-F85D-0908-24D6-A8DDBE0621C2}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{86521D14-67A5-D13B-44DD-64E3BDBEE245}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{EEB0FB79-C020-3725-867E-6FF3EA0782A1}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{B1DE4F1A-449C-75A6-16D1-CB7B6BCE526C}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.66 - Piriform)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 81.0.4044.129 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-4166479105-3376732293-2977569040-1002\...\OneDriveSetup.exe) (Version: 19.232.1124.0012 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconduct Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8372 - Realtek Semiconductor Corp.)
Skype verze 8.59 (HKLM-x32\...\Skype_is1) (Version: 8.59 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.5.10.75 - Synaptics Incorporated)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.10 - VideoLAN)

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-05-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-05-01] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.4282.0_x64__8wekyb3d8bbwe [2020-05-01] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-05-01] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4166479105-3376732293-2977569040-1002_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-05-03] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-09-25] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-05-03] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2020-05-01 01:27 - 2020-05-01 01:22 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4166479105-3376732293-2977569040-1002\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1251C8BC-070D-46E9-8BF0-EFA9ACC92836}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{2145AE90-5EE9-47EA-A746-F25B9F1C53B0}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9E50C9D7-0B7F-4AAB-9EF6-D1394D4FB71B}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

03-05-2020 16:32:08 AdwCleaner_BeforeCleaning_03/05/2020_16:32:07

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (05/03/2020 04:48:58 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8220,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/03/2020 04:42:14 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2912,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/03/2020 04:29:52 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6496,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/03/2020 10:58:27 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7188,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/03/2020 10:49:42 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3168,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/03/2020 10:35:28 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3792,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/01/2020 09:12:35 PM) (Source: ESENT) (EventID: 455) (User: )
Description: StartMenuExperienceHost (6552,R,98) TILEREPOSITORYS-1-5-21-4166479105-3376732293-2977569040-1002: Při otevírání souboru protokolu C:\Users\annaj\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/01/2020 09:12:35 PM) (Source: ESENT) (EventID: 522) (User: )
Description: StartMenuExperienceHost (6552,P,98) TILEREPOSITORYS-1-5-21-4166479105-3376732293-2977569040-1002: Pokus o otevření zařízení s názvem \\.\C:, který obsahuje C:\, se nepodařil a došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace se nepodaří a dojde k chybě -1032 (0xfffffbf8).


System errors:
=============
Error: (05/03/2020 04:33:36 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv04.dll

Error: (05/03/2020 04:33:36 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv04.dll

Error: (05/03/2020 04:33:27 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv04.dll

Error: (05/03/2020 04:33:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SynTPEnh Caller Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/03/2020 04:33:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel Bluetooth Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/03/2020 04:33:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD External Events Utility byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/03/2020 11:29:05 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-EIDJQT3V)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/03/2020 11:29:05 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-EIDJQT3V)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.


==================== Memory info ===========================

BIOS: Insyde F.35 09/26/2016
Motherboard: HP 8223
Processor: AMD A10-9600P RADEON R5, 10 COMPUTE CORES 4C+6G
Percentage of memory in use: 58%
Total physical RAM: 7647.12 MB
Available physical RAM: 3146 MB
Total Virtual: 9503.12 MB
Available Virtual: 4667.88 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:919.14 GB) (Free:592.57 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:11.14 GB) (Free:1.68 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{65d0fd2b-1c1a-4d95-a418-11c126a556a7}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.39 GB) NTFS
\\?\Volume{d68b7eac-6af6-4df3-bb39-ee932dc82dc1}\ () (Fixed) (Total:0.25 GB) (Free:0.17 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: A50E1C7D)

Partition: GPT.

==================== End of Addition.txt =======================

[Rudy]

Toto je Addition+ADWCleaner. Potřebuji Addition+FRST.

[Anna.ja]

Pardon, zde je FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-05-2020
Ran by annaj (administrator) on LAPTOP-EIDJQT3V (HP HP Notebook) (03-05-2020 17:06:23)
Running from C:\Users\annaj\Desktop
Loaded Profiles: annaj (Available Profiles: Kaylee & annaj)
Platform: Windows 10 Home Version 1903 18362.657 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <17>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\annaj\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12004.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Micro
softEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.772_none_5f13f94c58ff41d3\TiWorker.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9268168 2018-06-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-4166479105-3376732293-2977569040-1002\...\Run: [GoogleChromeAutoLaunch_ADA758725F7AA6C3605C19B601173CCA] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-4166479105-3376732293-2977569040-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [27775672 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Installer\chrmstp.exe [2020-05-01] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\updateSteam.bat [2018-02-04] () [File not signed]

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {077207A0-4203-495A-AE37-A3A89DC76DB3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-01] (Google LLC -> Google LLC)
Task: {5B97E34F-4E92-4702-89AB-0C27A5015794} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {68C2EC07-2EEA-439D-B1C2-664CE2934D95} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-01] (Google LLC -> Google LLC)
Task: {7A6398C5-DD02-487D-92DF-FA37F19799DF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [23571128 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{4ca10796-687f-47dc-ab0a-305811795174}: [DhcpNameServer] 213.46.172.37 213.46.172.36

Internet Explorer:
==================

Edge:
======
DownloadDir: C:\Users\annaj\Downloads

FireFox:
========
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\annaj\AppData\Local\Google\Chrome\User Data\Default [2020-05-03]
CHR HomePage: Default -> hxxp://seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/","hxxp://www.facebook.com/"
CHR Extension: (Prezentace) - C:\Users\annaj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-05-03]
CHR Extension: (Dokumenty) - C:\Users\annaj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-05-03]
CHR Extension: (Disk Google) - C:\Users\annaj\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-05-03]
CHR Extension: (YouTube) - C:\Users\annaj\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-05-03]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\annaj\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-05-03]
CHR Extension: (WAToolkit) - C:\Users\annaj\AppData\Local\Google\Chrome\User Data\Default\Extensions\fedimamkpgiemhacbdhkkaihgofncola [2020-05-03]
CHR Extension: (Tabulky) - C:\Users\annaj\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-05-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\annaj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-03]
CHR Extension: (Click&Clean) - C:\Users\annaj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2020-05-03]
CHR Extension: (VratnePenize.cz Připomínáček) - C:\Users\annaj\AppData\Local\Google\Chrome\User Data\Default\Extensions\iiekfaemafmplemocgimeccahephhdgf [2020-05-03]
CHR Extension: (TARDIS) - C:\Users\annaj\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjifgneioddlgbglnkppcblkccmninme [2020-05-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\annaj\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-05-03]
CHR Extension: (Gmail) - C:\Users\annaj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-05-03]
CHR Extension: (Chrome Media Router) - C:\Users\annaj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-03]
CHR Extension: (Rozšíření Kontrola hesel) - C:\Users\annaj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pncabnpcffmalkkjpajodfhijclecjno [2020-05-03]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [561568 2017-11-28] (Advanced Micro Devices, Inc. -> AMD)
R2 ibtsiva; C:\WINDOWS\System32\ibtsiva.exe [529912 2018-12-21] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-05-03] (Malwarebytes Inc -> Malwarebytes)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324544 2018-06-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [360872 2018-09-21] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\NisSrv.exe [3304992 2020-05-01] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MsMpEng.exe [103376 2020-05-01] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AmdAS4; C:\WINDOWS\System32\drivers\AmdAS4.sys [26984 2018-06-19] (Advanced Micro Devices Inc. -> Advanced Micro Devices, INC.)
R3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [34568 2019-04-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc)
R3 amdi2c; C:\WINDOWS\System32\drivers\amdi2c.sys [61728 2019-03-21] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0320980.inf_amd64_3ed2fc96d61aef2d\atikmdag.sys [36583328 2017-11-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDKMDAP; C:\WINDOWS\System32\DriverStore\FileRepository\c0320980.inf_amd64_3ed2fc96d61aef2d\atikmpag.sys [537504 2017-11-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [106416 2017-11-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdpsp; C:\WINDOWS\System32\drivers\amdpsp.sys [145792 2018-06-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
R3 amduart; C:\WINDOWS\System32\drivers\amduart.sys [91248 2018-06-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc)
R0 amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [93240 2018-06-19] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R0 amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [33336 2018-06-19] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [111080 2018-06-19] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-05-03] (Malwarebytes Corporation -> Malwarebytes)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [136216 2018-06-19] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-05-03] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-05-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [195432 2020-05-03] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73368 2020-05-03] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-05-03] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [125088 2020-05-03] (Malwarebytes Inc -> Malwarebytes)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [8720384 2019-08-27] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1024392 2018-06-19] (Realtek Semiconductor Corp. -> Realtek )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [416472 2016-07-27] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
R3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [53864 2018-09-21] (Synaptics Incorporated -> Synaptics Incorporated)
S3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [55400 2018-09-21] (Synaptics Incorporated -> Synaptics Incorporated)
R0 stormmc; C:\WINDOWS\System32\drivers\stormmc.sys [45416 2018-06-19] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-05-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [394680 2020-05-01] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64944 2020-05-01] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2019-11-15] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-03 17:06 - 2020-05-03 17:09 - 000014234 _____ C:\Users\annaj\Desktop\FRST.txt
2020-05-03 17:06 - 2020-05-03 17:06 - 000000000 ____D C:\Users\annaj\Desktop\FRST-OlderVersion
2020-05-03 16:35 - 2020-05-03 16:35 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-05-03 16:35 - 2020-05-03 16:35 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-05-03 16:35 - 2020-05-03 16:35 - 000195432 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2020-05-03 16:35 - 2020-05-03 16:35 - 000125088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2020-05-03 16:35 - 2020-05-03 16:35 - 000073368 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2020-05-03 16:31 - 2020-05-03 16:31 - 008196784 _____ (Malwarebytes) C:\Users\annaj\Desktop\adwcleaner_8.0.4 (1).exe
2020-05-03 16:25 - 2020-05-03 16:25 - 000000000 ___HD C:\OneDriveTemp
2020-05-03 11:18 - 2020-05-03 17:07 - 000000000 ____D C:\FRST
2020-05-03 11:17 - 2020-05-03 17:06 - 002283520 _____ (Farbar) C:\Users\annaj\Desktop\FRST64.exe
2020-05-03 11:00 - 2020-05-03 11:00 - 000000000 ____D C:\rsit
2020-05-03 11:00 - 2020-05-03 11:00 - 000000000 ____D C:\Program Files\trend micro
2020-05-03 10:59 - 2020-05-03 10:59 - 001222144 _____ C:\Users\annaj\Desktop\RSITx64.exe
2020-05-03 10:41 - 2020-05-03 10:41 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-05-03 10:41 - 2020-05-03 10:41 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-05-03 10:41 - 2020-05-03 10:41 - 000000000 ____D C:\Users\annaj\AppData\Local\mbamtray
2020-05-03 10:41 - 2020-05-03 10:41 - 000000000 ____D C:\Users\annaj\AppData\Local\mbam
2020-05-03 10:40 - 2020-05-03 10:40 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-05-03 10:40 - 2020-05-03 10:40 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-05-03 10:40 - 2020-05-03 10:40 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-05-03 10:39 - 2020-05-03 10:39 - 000000000 ____D C:\Program Files\Malwarebytes
2020-05-03 10:36 - 2020-05-03 10:36 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-05-03 10:36 - 2020-05-03 10:36 - 000002888 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-05-03 10:36 - 2020-05-03 10:36 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-05-03 10:36 - 2020-05-03 10:36 - 000000000 ____D C:\Program Files\CCleaner
2020-05-03 10:35 - 2020-05-03 10:35 - 025306104 _____ (Piriform Software Ltd) C:\Users\annaj\Desktop\ccsetup566.exe
2020-05-03 10:23 - 2020-05-03 10:23 - 008196784 _____ (Malwarebytes) C:\Users\annaj\Desktop\adwcleaner_8.0.4.exe
2020-05-03 10:23 - 2020-05-03 10:23 - 000000000 ____D C:\Users\annaj\AppData\Local\Comms
2020-05-03 10:20 - 2020-05-03 10:20 - 000000000 ____D C:\Users\annaj\AppData\LocalLow\AMD
2020-05-01 21:16 - 2020-05-03 16:38 - 000000000 ___RD C:\Users\annaj\OneDrive
2020-05-01 21:16 - 2020-05-01 21:16 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4166479105-3376732293-2977569040-1002
2020-05-01 21:14 - 2020-05-01 21:14 - 000001450 _____ C:\Users\annaj\Desktop\Microsoft Edge.lnk
2020-05-01 21:14 - 2020-05-01 21:14 - 000000000 ___HD C:\Users\annaj\MicrosoftEdgeBackups
2020-05-01 21:14 - 2020-05-01 21:14 - 000000000 ____D C:\Users\annaj\AppData\Local\PlaceholderTileLogoFolder
2020-05-01 21:13 - 2020-05-03 10:17 - 000000000 ____D C:\Users\annaj\AppData\Local\MicrosoftEdge
2020-05-01 21:12 - 2020-05-03 10:23 - 000000000 ____D C:\Users\annaj\AppData\Local\PackageStaging
2020-05-01 21:12 - 2020-05-01 21:12 - 000000000 ____D C:\Users\annaj\AppData\Local\Publishers
2020-05-01 21:11 - 2020-05-03 10:25 - 000000000 ____D C:\Users\annaj\AppData\Local\Packages
2020-05-01 21:11 - 2020-05-03 10:24 - 000000000 ____D C:\Users\annaj\AppData\Local\Google
2020-05-01 21:11 - 2020-05-03 10:16 - 000000000 ____D C:\Users\annaj\AppData\Local\ConnectedDevicesPlatform
2020-05-01 21:11 - 2020-05-01 21:16 - 000002372 _____ C:\Users\annaj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-05-01 21:11 - 2020-05-01 21:16 - 000000000 ____D C:\Users\annaj
2020-05-01 21:11 - 2020-05-01 21:11 - 000000020 ___SH C:\Users\annaj\ntuser.ini
2020-05-01 21:11 - 2020-05-01 21:11 - 000000000 _SHDL C:\Users\annaj\Šablony
2020-05-01 21:11 - 2020-05-01 21:11 - 000000000 _SHDL C:\Users\annaj\Soubory cookie
2020-05-01 21:11 - 2020-05-01 21:11 - 000000000 _SHDL C:\Users\annaj\Poslední
2020-05-01 21:11 - 2020-05-01 21:11 - 000000000 _SHDL C:\Users\annaj\Okolní tiskárny
2020-05-01 21:11 - 2020-05-01 21:11 - 000000000 _SHDL C:\Users\annaj\Okolní síť
2020-05-01 21:11 - 2020-05-01 21:11 - 000000000 _SHDL C:\Users\annaj\Nabídka Start
2020-05-01 21:11 - 2020-05-01 21:11 - 000000000 _SHDL C:\Users\annaj\Dokumenty
2020-05-01 21:11 - 2020-05-01 21:11 - 000000000 _SHDL C:\Users\annaj\Documents\Obrázky
2020-05-01 21:11 - 2020-05-01 21:11 - 000000000 _SHDL C:\Users\annaj\Documents\Hudba
2020-05-01 21:11 - 2020-05-01 21:11 - 000000000 _SHDL C:\Users\annaj\Documents\Filmy
2020-05-01 21:11 - 2020-05-01 21:11 - 000000000 _SHDL C:\Users\annaj\Data aplikací
2020-05-01 21:11 - 2020-05-01 21:11 - 000000000 _SHDL C:\Users\annaj\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2020-05-01 21:11 - 2020-05-01 21:11 - 000000000 _SHDL C:\Users\annaj\AppData\Local\Data aplikací
2020-05-01 21:11 - 2020-05-01 21:11 - 000000000 ___RD C:\Users\annaj\3D Objects
2020-05-01 21:11 - 2020-05-01 21:11 - 000000000 ____D C:\Users\annaj\AppData\Roaming\Synaptics
2020-05-01 21:11 - 2020-05-01 21:11 - 000000000 ____D C:\Users\annaj\AppData\Roaming\Adobe
2020-05-01 21:11 - 2020-05-01 21:11 - 000000000 ____D C:\Users\annaj\AppData\Local\VirtualStore
2020-05-01 21:11 - 2020-05-01 21:11 - 000000000 ____D C:\Users\annaj\AppData\Local\AMD
2020-05-01 21:11 - 2016-09-23 07:36 - 000000000 ___HD C:\Users\annaj\Documents\hp.system.package.metadata
2020-05-01 21:11 - 2016-09-23 07:36 - 000000000 ___HD C:\Users\annaj\Documents\hp.applications.package.appdata
2020-05-01 20:36 - 2020-05-01 20:36 - 000000000 ____D C:\ProgramData\Synaptics
2020-05-01 12:38 - 2020-05-01 12:38 - 000001752 _____ C:\Users\Kayle\Desktop\MPC-HC x64.lnk
2020-05-01 12:38 - 2020-05-01 12:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64
2020-05-01 12:38 - 2020-05-01 12:38 - 000000000 ____D C:\Program Files\MPC-HC
2020-05-01 12:34 - 2020-05-01 12:34 - 014185472 _____ (MPC-HC Team ) C:\Users\Kayle\Desktop\MPC-HC.1.7.13.x64.exe
2020-05-01 12:27 - 2020-05-01 12:27 - 000001150 _____ C:\Users\Public\Desktop\VLC media player.lnk
2020-05-01 12:27 - 2020-05-01 12:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2020-05-01 12:26 - 2020-05-01 12:26 - 000000000 ____D C:\Program Files (x86)\VideoLAN
2020-05-01 12:25 - 2020-05-01 12:26 - 041210600 _____ C:\Users\Kayle\Desktop\vlc-3.0.10-win32.exe
2020-05-01 12:13 - 2020-05-01 12:13 - 000001390 _____ C:\Users\Public\Desktop\Skype.lnk
2020-05-01 12:13 - 2020-05-01 12:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-05-01 12:06 - 2020-05-01 12:07 - 069917744 _____ (Skype Technologies S.A.) C:\Users\Kayle\Desktop\Skype-8.59.0.77.exe
2020-05-01 12:06 - 2020-05-01 12:05 - 000744808 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-05-01 11:55 - 2020-05-01 11:55 - 000002384 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-05-01 11:55 - 2020-05-01 11:55 - 000002343 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-05-01 11:54 - 2020-05-01 11:59 - 000000000 ____D C:\Users\Kayle\AppData\Local\Google
2020-05-01 11:54 - 2020-05-01 11:55 - 000000000 ____D C:\Program Files (x86)\Google
2020-05-01 11:54 - 2020-05-01 11:54 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-05-01 11:54 - 2020-05-01 11:54 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-05-01 11:52 - 2020-05-01 11:52 - 000000000 ____D C:\Users\Kayle\AppData\Local\Comms
2020-05-01 02:34 - 2020-05-01 20:46 - 000000000 ____D C:\Users\Kayle\AppData\Local\PlaceholderTileLogoFolder
2020-05-01 02:34 - 2020-05-01 02:35 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4166479105-3376732293-2977569040-1001
2020-05-01 02:33 - 2020-05-01 02:33 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2020-05-01 02:32 - 2020-05-01 02:32 - 000001450 _____ C:\Users\Kayle\Desktop\Microsoft Edge.lnk
2020-05-01 02:31 - 2020-05-01 02:31 - 000000000 ____D C:\Users\Kayle\AppData\Local\MicrosoftEdge
2020-05-01 02:30 - 2020-05-01 12:05 - 000000000 ____D C:\ProgramData\Packages
2020-05-01 02:30 - 2020-05-01 02:30 - 000000000 ____D C:\Users\Kayle\AppData\Local\Publishers
2020-05-01 02:29 - 2020-05-01 20:46 - 000000000 ____D C:\Users\Kayle\AppData\Local\Packages
2020-05-01 02:29 - 2020-05-01 02:30 - 000000000 ____D C:\Users\Kayle\AppData\Local\ConnectedDevicesPlatform
2020-05-01 02:29 - 2020-05-01 02:29 - 000000020 ___SH C:\Users\Kayle\ntuser.ini
2020-05-01 02:29 - 2020-05-01 02:29 - 000000000 ____D C:\Users\Kayle\AppData\Roaming\Synaptics
2020-05-01 02:29 - 2020-05-01 02:29 - 000000000 ____D C:\Users\Kayle\AppData\Roaming\Adobe
2020-05-01 02:29 - 2020-05-01 02:29 - 000000000 ____D C:\Users\Kayle\AppData\Local\VirtualStore
2020-05-01 02:29 - 2020-05-01 02:29 - 000000000 ____D C:\Users\Kayle\AppData\Local\AMD
2020-05-01 01:45 - 2020-05-01 02:07 - 000000000 ____D C:\Windows.old
2020-05-01 01:43 - 2020-05-01 01:44 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2020-05-01 01:43 - 2020-05-01 01:43 - 000000000 ____D C:\Program Files\Synaptics
2020-05-01 01:41 - 2020-05-03 16:40 - 001693636 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-05-01 01:41 - 2020-05-01 01:41 - 000000000 ____D C:\WINDOWS\AMDTAs
2020-05-01 01:40 - 2020-05-01 01:40 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2020-05-01 01:39 - 2020-05-01 01:39 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2020-05-01 01:39 - 2020-05-01 01:39 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2020-05-01 01:39 - 2020-05-01 01:39 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Data aplikací
2020-05-01 01:39 - 2020-05-01 01:39 - 000000000 _SHDL C:\Users\Default User
2020-05-01 01:39 - 2020-05-01 01:39 - 000000000 _SHDL C:\Users\All Users
2020-05-01 01:39 - 2020-05-01 01:39 - 000000000 _SHDL C:\ProgramData\Šablony
2020-05-01 01:39 - 2020-05-01 01:39 - 000000000 _SHDL C:\ProgramData\Plocha
2020-05-01 01:39 - 2020-05-01 01:39 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2020-05-01 01:39 - 2020-05-01 01:39 - 000000000 _SHDL C:\ProgramData\Dokumenty
2020-05-01 01:39 - 2020-05-01 01:39 - 000000000 _SHDL C:\ProgramData\Data aplikací
2020-05-01 01:38 - 2020-05-03 16:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-05-01 01:38 - 2020-05-01 12:06 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-05-01 01:38 - 2020-05-01 01:38 - 000000000 ____D C:\WINDOWS\Setup
2020-05-01 01:37 - 2020-05-01 01:37 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2020-05-01 01:37 - 2020-05-01 01:37 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2020-05-01 01:37 - 2020-05-01 01:37 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2020-05-01 01:37 - 2020-05-01 01:37 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2020-05-01 01:37 - 2020-05-01 01:37 - 000000000 ____D C:\WINDOWS\OCR
2020-05-01 01:37 - 2020-05-01 01:37 - 000000000 ____D C:\ProgramData\ssh
2020-05-01 01:37 - 2020-05-01 01:37 - 000000000 ____D C:\Program Files\Reference Assemblies
2020-05-01 01:37 - 2020-05-01 01:37 - 000000000 ____D C:\Program Files\MSBuild
2020-05-01 01:37 - 2020-05-01 01:37 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2020-05-01 01:37 - 2020-05-01 01:37 - 000000000 ____D C:\Program Files (x86)\MSBuild
2020-05-01 01:35 - 2020-05-03 16:40 - 000718018 _____ C:\WINDOWS\system32\perfh005.dat
2020-05-01 01:35 - 2020-05-03 16:40 - 000145062 _____ C:\WINDOWS\system32\perfc005.dat
2020-05-01 01:35 - 2020-05-01 01:35 - 000296964 _____ C:\WINDOWS\system32\perfi005.dat
2020-05-01 01:35 - 2020-05-01 01:35 - 000038778 _____ C:\WINDOWS\system32\perfd005.dat
2020-05-01 01:35 - 2020-05-01 01:35 - 000036088 _____ C:\Users\Kayle\Desktop\Odebrané aplikace.html
2020-05-01 01:35 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2020-05-01 01:35 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2020-05-01 01:35 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2020-05-01 01:35 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2020-05-01 01:35 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2020-05-01 01:35 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2020-05-01 01:35 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\SysWOW64\0409
2020-05-01 01:35 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\system32\winrm
2020-05-01 01:35 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\system32\WCN
2020-05-01 01:35 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\system32\slmgr
2020-05-01 01:35 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2020-05-01 01:35 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\system32\cs
2020-05-01 01:35 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\system32\0409
2020-05-01 01:35 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\DigitalLocker
2020-05-01 01:35 - 2020-05-01 01:35 - 000000000 ____D C:\Users\Kayle\Documents\FreshStart
2020-05-01 01:31 - 2020-02-03 22:56 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-05-01 01:31 - 2020-02-03 22:56 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-05-01 01:27 - 2020-05-01 01:50 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2020-05-01 01:27 - 2020-05-01 01:22 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2020-05-01 01:27 - 2020-05-01 01:22 - 000215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2020-05-01 01:27 - 2020-05-01 01:22 - 000215943 _____ C:\WINDOWS\system32\dssec.dat
2020-05-01 01:27 - 2020-05-01 01:22 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2020-05-01 01:27 - 2020-05-01 01:22 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2020-05-01 01:27 - 2020-05-01 01:22 - 000018903 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2020-05-01 01:27 - 2020-05-01 01:22 - 000017635 _____ C:\WINDOWS\system32\Drivers\etc\services
2020-05-01 01:27 - 2020-05-01 01:22 - 000003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2020-05-01 01:27 - 2020-05-01 01:22 - 000003103 _____ C:\WINDOWS\SysWOW64\mmc.exe.config
2020-05-01 01:27 - 2020-05-01 01:22 - 000003103 _____ C:\WINDOWS\system32\mmc.exe.config
2020-05-01 01:27 - 2020-05-01 01:22 - 000001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol
2020-05-01 01:27 - 2020-05-01 01:22 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2020-05-01 01:27 - 2020-05-01 01:22 - 000000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2020-05-01 01:27 - 2020-05-01 01:22 - 000000741 _____ C:\WINDOWS\system32\NOISE.DAT
2020-05-01 01:27 - 2020-05-01 01:22 - 000000407 _____ C:\WINDOWS\system32\Drivers\etc\networks
2020-05-01 01:27 - 2020-05-01 01:22 - 000000219 _____ C:\WINDOWS\system.ini
2020-05-01 01:27 - 2020-05-01 01:22 - 000000092 _____ C:\WINDOWS\win.ini
2020-05-01 01:26 - 2020-05-03 16:59 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-05-01 01:26 - 2020-05-03 10:40 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-05-01 01:26 - 2020-05-03 10:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-05-01 01:26 - 2020-05-03 10:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-05-01 01:26 - 2020-05-01 20:58 - 000000000 ___HD C:\Program Files\WindowsApps
2020-05-01 01:26 - 2020-05-01 12:26 - 000000000 ___RD C:\Program Files (x86)
2020-05-01 01:26 - 2020-05-01 12:06 - 000000000 ____D C:\Program Files\Windows Defender
2020-05-01 01:26 - 2020-05-01 02:30 - 000000000 ____D C:\ProgramData\USOPrivate
2020-05-01 01:26 - 2020-05-01 02:07 - 000000000 ____D C:\WINDOWS\system32\spool
2020-05-01 01:26 - 2020-05-01 02:07 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2020-05-01 01:26 - 2020-05-01 01:49 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2020-05-01 01:26 - 2020-05-01 01:45 - 000000000 __RHD C:\Users\Public\Libraries
2020-05-01 01:26 - 2020-05-01 01:39 - 000000000 ____D C:\Program Files\Windows NT
2020-05-01 01:26 - 2020-05-01 01:37 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2020-05-01 01:26 - 2020-05-01 01:37 - 000000000 ____D C:\WINDOWS\SystemResources
2020-05-01 01:26 - 2020-05-01 01:37 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-05-01 01:26 - 2020-05-01 01:37 - 000000000 ____D C:\WINDOWS\system32\MUI
2020-05-01 01:26 - 2020-05-01 01:37 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-05-01 01:26 - 2020-05-01 01:35 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2020-05-01 01:26 - 2020-05-01 01:35 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2020-05-01 01:26 - 2020-05-01 01:35 - 000000000 ___SD C:\WINDOWS\system32\F12
2020-05-01 01:26 - 2020-05-01 01:35 - 000000000 ___SD C:\WINDOWS\system32\dsc
2020-05-01 01:26 - 2020-05-01 01:35 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-05-01 01:26 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-05-01 01:26 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-05-01 01:26 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-05-01 01:26 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2020-05-01 01:26 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-05-01 01:26 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2020-05-01 01:26 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\system32\setup
2020-05-01 01:26 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-05-01 01:26 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-05-01 01:26 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-05-01 01:26 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-05-01 01:26 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\system32\Com
2020-05-01 01:26 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\IME
2020-05-01 01:26 - 2020-05-01 01:35 - 000000000 ____D C:\WINDOWS\Help
2020-05-01 01:26 - 2020-05-01 01:35 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-05-01 01:26 - 2020-05-01 01:35 - 000000000 ____D C:\Program Files\Common Files\System
2020-05-01 01:26 - 2020-05-01 01:35 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-05-01 01:26 - 2020-05-01 01:35 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-05-01 01:26 - 2020-05-01 01:35 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 __RSD C:\WINDOWS\Media
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ___SD C:\WINDOWS\system32\Nui
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\TextInput
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\system32\ti-et
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\system32\ta-lk
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\system32\ta-in
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\system32\si-lk
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\system32\osa-Osge-001
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\system32\my-mm
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\system32\Keywords
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\system32\icsxml
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\system32\ias
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\system32\ff-Adlm-SN
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\system32\downlevel
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\system32\DDFs
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\system32\Bthprops
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\system32\appraiser
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\system32\am-et
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\ShellComponents
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\Registration
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\Provisioning
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\L2Schemas
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\IdentityCRL
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\DiagTrack
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\Cursors
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\WINDOWS\addins
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\Program Files\Windows Portable Devices
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\Program Files\Common Files\Services
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2020-05-01 01:26 - 2020-05-01 01:27 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 __SHD C:\Program Files\Windows Sidebar
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ___SD C:\WINDOWS\system32\Configuration
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ___HD C:\WINDOWS\LanguageOverlayCache
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\Web
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\WaaS
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\Vss
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\tracing
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\TAPI
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ras
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Msdtc
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\SystemApps
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\system32\winevt
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\system32\ras
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\system32\ProximityToast
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\system32\PointOfService
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\system32\Ipmi
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\system32\IME
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\system32\Hydrogen
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\system32\GroupPolicyUsers
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\system32\DriverState
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\system32\config\TxR
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\system32\config\RegBack
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\system32\config\Journal
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\System
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\SKB
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\schemas
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\SchCache
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\ServiceState
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\security
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\Resources
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\rescache
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\PLA
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\Performance
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\ModemLogs
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\InputMethod
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\Globalization
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\Containers
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\Branding
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\appcompat
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\ProgramData\USOShared
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\Program Files\Windows Security
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\Program Files\ModifiableWindowsApps
2020-05-01 01:26 - 2020-05-01 01:26 - 000000000 ____D C:\Program Files (x86)\Windows NT
2020-05-01 01:26 - 2020-05-01 01:13 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-05-01 01:26 - 2020-05-01 01:13 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-05-01 01:26 - 2020-05-01 01:11 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2020-05-01 01:23 - 2020-05-03 16:40 - 000000000 ____D C:\WINDOWS\INF
2020-05-01 01:22 - 2020-05-01 02:35 - 000002372 _____ C:\Users\Kayle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-05-01 01:22 - 2020-05-01 02:29 - 000000000 ____D C:\Users\Kayle
2020-05-01 01:22 - 2020-05-01 01:22 - 000000000 _SHDL C:\Users\Kayle\Šablony
2020-05-01 01:22 - 2020-05-01 01:22 - 000000000 _SHDL C:\Users\Kayle\Soubory cookie
2020-05-01 01:22 - 2020-05-01 01:22 - 000000000 _SHDL C:\Users\Kayle\Poslední
2020-05-01 01:22 - 2020-05-01 01:22 - 000000000 _SHDL C:\Users\Kayle\Okolní tiskárny
2020-05-01 01:22 - 2020-05-01 01:22 - 000000000 _SHDL C:\Users\Kayle\Okolní síť
2020-05-01 01:22 - 2020-05-01 01:22 - 000000000 _SHDL C:\Users\Kayle\Nabídka Start
2020-05-01 01:22 - 2020-05-01 01:22 - 000000000 _SHDL C:\Users\Kayle\Dokumenty
2020-05-01 01:22 - 2020-05-01 01:22 - 000000000 _SHDL C:\Users\Kayle\Documents\Obrázky
2020-05-01 01:22 - 2020-05-01 01:22 - 000000000 _SHDL C:\Users\Kayle\Documents\Hudba
2020-05-01 01:22 - 2020-05-01 01:22 - 000000000 _SHDL C:\Users\Kayle\Documents\Filmy
2020-05-01 01:22 - 2020-05-01 01:22 - 000000000 _SHDL C:\Users\Kayle\Data aplikací
2020-05-01 01:22 - 2020-05-01 01:22 - 000000000 _SHDL C:\Users\Kayle\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2020-05-01 01:22 - 2020-05-01 01:22 - 000000000 _SHDL C:\Users\Kayle\AppData\Local\Data aplikací
2020-05-01 01:12 - 2020-05-03 16:49 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-05-01 01:12 - 2020-05-01 01:12 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2020-05-01 01:11 - 2020-05-01 01:11 - 000046573 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2020-05-01 01:11 - 2020-05-01 01:11 - 000002065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DTS Audio Control.lnk
2020-05-01 01:11 - 2020-05-01 01:11 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_AMDASF_01011.Wdf
2020-05-01 01:11 - 2020-05-01 01:11 - 000000000 ____D C:\ProgramData\SRS Labs
2020-05-01 01:11 - 2020-05-01 01:11 - 000000000 ____D C:\ProgramData\SoundResearch
2020-05-01 01:11 - 2020-05-01 01:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
2020-05-01 01:11 - 2020-05-01 01:11 - 000000000 ____D C:\Program Files\ATI Technologies
2020-05-01 01:11 - 2020-05-01 01:11 - 000000000 ____D C:\Program Files (x86)\AMD
2020-05-01 01:10 - 2020-05-03 16:33 - 000065536 _____ C:\WINDOWS\psp_storage.bin
2020-05-01 01:10 - 2020-05-01 01:11 - 000000000 ____D C:\ProgramData\Package Cache
2020-05-01 01:10 - 2020-05-01 01:10 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2020-05-01 01:10 - 2020-05-01 01:10 - 000000000 ____D C:\WINDOWS\system32\SRSLabs
2020-05-01 01:10 - 2020-05-01 01:10 - 000000000 ____D C:\Program Files\Realtek
2020-05-01 01:09 - 2020-05-01 01:11 - 000000000 ____D C:\Program Files\AMD
2020-05-01 01:09 - 2020-05-01 01:09 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2020-05-01 01:09 - 2019-08-23 12:46 - 002874368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-05-01 01:03 - 2020-05-03 16:33 - 082313216 _____ C:\WINDOWS\system32\config\SYSTEM
2020-05-01 01:03 - 2020-05-03 16:33 - 071303168 _____ C:\WINDOWS\system32\config\SOFTWARE
2020-05-01 01:03 - 2020-05-03 16:33 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-05-01 01:03 - 2020-05-03 16:33 - 000524288 _____ C:\WINDOWS\system32\config\DEFAULT
2020-05-01 01:03 - 2020-05-03 16:33 - 000065536 _____ C:\WINDOWS\system32\config\SAM
2020-05-01 01:03 - 2020-05-03 16:33 - 000032768 _____ C:\WINDOWS\system32\config\SECURITY
2020-05-01 01:03 - 2020-05-03 10:38 - 000000000 ____D C:\WINDOWS\Panther
2020-05-01 01:03 - 2020-05-01 21:14 - 000000000 ____D C:\WINDOWS\servicing
2020-05-01 01:03 - 2020-05-01 01:38 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-05-01 01:03 - 2020-05-01 01:26 - 000000000 ____D C:\WINDOWS\system32\SMI
2020-05-01 00:56 - 2020-05-01 20:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-05-01 00:56 - 2020-05-01 01:24 - 000342352 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-04-30 23:38 - 2020-04-30 23:54 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-04-30 23:38 - 2020-04-30 23:54 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-04-30 23:17 - 2020-05-01 01:54 - 000000000 ___HD C:\$SysReset
2020-04-30 23:01 - 2020-05-03 10:25 - 000000000 ____D C:\AdwCleaner
2020-04-30 22:40 - 2019-09-28 22:31 - 007636680 _____ (Malwarebytes) C:\Users\Kayle\Desktop\adwcleaner_7.4.1.exe
2020-04-30 22:32 - 2020-04-30 22:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2020-04-16 22:12 - 2020-04-16 22:12 - 000002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-03 16:33 - 2016-09-23 16:57 - 000000000 ___HD C:\HP
2020-05-03 10:36 - 2018-01-24 03:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-05-03 10:25 - 2018-04-14 00:57 - 000000000 ____D C:\Users\Kayle\AppData\LocalLow\IObit
2020-05-01 21:11 - 2016-07-29 14:33 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-05-01 02:35 - 2017-07-30 20:18 - 000000000 ___RD C:\Users\Kayle\OneDrive
2020-05-01 02:29 - 2017-10-31 23:44 - 000000000 ___RD C:\Users\Kayle\3D Objects
2020-05-01 01:49 - 2019-04-05 19:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2020-05-01 01:49 - 2018-01-24 03:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X5
2020-05-01 01:49 - 2018-01-23 23:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2020-05-01 01:49 - 2018-01-22 16:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7
2020-05-01 01:49 - 2018-01-16 17:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2020-05-01 01:49 - 2017-08-23 14:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC
2020-05-01 01:49 - 2017-08-07 22:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2020-05-01 01:49 - 2016-09-23 07:36 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2020-05-01 01:45 - 2019-05-19 13:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher Enhanced Edition [GOG.com]
2020-05-01 01:45 - 2019-05-19 12:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2020-05-01 01:45 - 2018-03-05 19:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2020-05-01 01:45 - 2017-10-04 20:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameTop.com
2020-05-01 01:35 - 2018-01-16 17:55 - 000000000 ____D C:\Users\Kayle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2020-05-01 01:35 - 2017-07-30 21:25 - 000000000 ____D C:\Users\Kayle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2020-05-01 01:10 - 2017-07-30 23:02 - 000000000 ____D C:\AMD
2020-04-30 22:58 - 2018-01-24 03:27 - 000000000 ____D C:\Users\Kayle\Documents\CCLEaner

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Addition

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-05-2020
Ran by annaj (03-05-2020 17:11:46)
Running from C:\Users\annaj\Desktop
Windows 10 Home Version 1903 18362.657 (X64) (2020-05-01 00:07:17)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4166479105-3376732293-2977569040-500 - Administrator - Disabled)
annaj (S-1-5-21-4166479105-3376732293-2977569040-1002 - Administrator - Enabled) => C:\Users\annaj
DefaultAccount (S-1-5-21-4166479105-3376732293-2977569040-503 - Limited - Disabled)
Guest (S-1-5-21-4166479105-3376732293-2977569040-501 - Limited - Disabled)
Kaylee (S-1-5-21-4166479105-3376732293-2977569040-1001 - Administrator - Enabled) => C:\Users\Kayle
WDAGUtilityAccount (S-1-5-21-4166479105-3376732293-2977569040-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{6EF6941D-4393-2231-3D29-C52ED8ED485F}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{7784F531-3276-EBB5-F590-F62151FE39A9}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{BEBEB9E8-D83E-FC1A-6EB4-EA3609DA4967}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{DE06415A-00C1-CA00-082B-693F3F04D9E9}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{19C0293F-9157-3931-F773-64F879906064}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{58C33198-3421-5C93-2993-B69796CD64FC}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{3FB42013-DFEA-42C7-2409-2A993F0A125F}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{E42B85E8-5E5C-F890-A943-CA53E9212DB0}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{45571752-4A06-D0B6-9626-AA42F733F06A}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{01ED4501-7134-67E5-0AF0-3B6003646E1A}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{FDFEBDEA-140C-AF32-5D1D-D85858CF589D}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{7EC80E29-C710-843D-AEF8-3E03473D0166}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{6DF59C47-EAA3-09D8-E1A1-ADF4ADD66771}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{DB3312FA-CD19-EDF6-1DDE-A53A796991B5}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{625D3128-2C37-F193-1346-0727DD1E6E96}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{CBD24DD2-87EF-84C3-CE61-7ACF33779AFA}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{08AE5F97-73E6-2049-1976-12C786CD1828}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{48ACCBEA-F85D-0908-24D6-A8DDBE0621C2}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{86521D14-67A5-D13B-44DD-64E3BDBEE245}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{EEB0FB79-C020-3725-867E-6FF3EA0782A1}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{B1DE4F1A-449C-75A6-16D1-CB7B6BCE526C}) (Version: 2017.0925.532.8136 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.66 - Piriform)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 81.0.4044.129 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-4166479105-3376732293-2977569040-1002\...\OneDriveSetup.exe) (Version: 19.232.1124.0012 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconduct Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8372 - Realtek Semiconductor Corp.)
Skype verze 8.59 (HKLM-x32\...\Skype_is1) (Version: 8.59 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.5.10.75 - Synaptics Incorporated)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.10 - VideoLAN)

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-05-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-05-01] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.4282.0_x64__8wekyb3d8bbwe [2020-05-01] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-05-01] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4166479105-3376732293-2977569040-1002_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-05-03] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-09-25] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-05-03] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2020-05-01 01:27 - 2020-05-01 01:22 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4166479105-3376732293-2977569040-1002\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1251C8BC-070D-46E9-8BF0-EFA9ACC92836}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{2145AE90-5EE9-47EA-A746-F25B9F1C53B0}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9E50C9D7-0B7F-4AAB-9EF6-D1394D4FB71B}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

03-05-2020 16:32:08 AdwCleaner_BeforeCleaning_03/05/2020_16:32:07

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (05/03/2020 04:48:58 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8220,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/03/2020 04:42:14 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2912,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/03/2020 04:29:52 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6496,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/03/2020 10:58:27 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7188,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/03/2020 10:49:42 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3168,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/03/2020 10:35:28 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3792,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/01/2020 09:12:35 PM) (Source: ESENT) (EventID: 455) (User: )
Description: StartMenuExperienceHost (6552,R,98) TILEREPOSITORYS-1-5-21-4166479105-3376732293-2977569040-1002: Při otevírání souboru protokolu C:\Users\annaj\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/01/2020 09:12:35 PM) (Source: ESENT) (EventID: 522) (User: )
Description: StartMenuExperienceHost (6552,P,98) TILEREPOSITORYS-1-5-21-4166479105-3376732293-2977569040-1002: Pokus o otevření zařízení s názvem \\.\C:, který obsahuje C:\, se nepodařil a došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace se nepodaří a dojde k chybě -1032 (0xfffffbf8).


System errors:
=============
Error: (05/03/2020 04:33:36 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv04.dll

Error: (05/03/2020 04:33:36 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv04.dll

Error: (05/03/2020 04:33:27 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv04.dll

Error: (05/03/2020 04:33:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SynTPEnh Caller Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/03/2020 04:33:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel Bluetooth Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/03/2020 04:33:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD External Events Utility byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/03/2020 11:29:05 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-EIDJQT3V)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/03/2020 11:29:05 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-EIDJQT3V)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.


==================== Memory info ===========================

BIOS: Insyde F.35 09/26/2016
Motherboard: HP 8223
Processor: AMD A10-9600P RADEON R5, 10 COMPUTE CORES 4C+6G
Percentage of memory in use: 58%
Total physical RAM: 7647.12 MB
Available physical RAM: 3146 MB
Total Virtual: 9503.12 MB
Available Virtual: 4667.88 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:919.14 GB) (Free:592.57 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:11.14 GB) (Free:1.68 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{65d0fd2b-1c1a-4d95-a418-11c126a556a7}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.39 GB) NTFS
\\?\Volume{d68b7eac-6af6-4df3-bb39-ee932dc82dc1}\ () (Fixed) (Total:0.25 GB) (Free:0.17 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: A50E1C7D)

Partition: GPT.

==================== End of Addition.txt =======================

[Rudy]

OK. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
Task: {077207A0-4203-495A-AE37-A3A89DC76DB3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-01] (Google LLC -> Google LLC)
Task: {68C2EC07-2EEA-439D-B1C2-664CE2934D95} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-01] (Google LLC -> Google LLC)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[Anna.ja]

Provedeno podle návodu. Během následného restartu se aktualizoval systém. Po restartu se stránka opět otevřela.

Fix result of Farbar Recovery Scan Tool (x64) Version: 03-05-2020
Ran by annaj (03-05-2020 19:14:13) Run:1
Running from C:\Users\annaj\Desktop
Loaded Profiles: annaj (Available Profiles: Kaylee & annaj)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
Task: {077207A0-4203-495A-AE37-A3A89DC76DB3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-01] (Google LLC -> Google LLC)
Task: {68C2EC07-2EEA-439D-B1C2-664CE2934D95} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-01] (Google LLC -> Google LLC)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{077207A0-4203-495A-AE37-A3A89DC76DB3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{077207A0-4203-495A-AE37-A3A89DC76DB3}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{68C2EC07-2EEA-439D-B1C2-664CE2934D95}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{68C2EC07-2EEA-439D-B1C2-664CE2934D95}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 6578176 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9485180 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 98972 B
Edge => 586993 B
Chrome => 51114928 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 26854 B
NetworkService => 35472 B
Kayle => 40885910 B
annaj => 43023370 B

RecycleBin => 58721 B
EmptyTemp: => 144.9 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:14:41 ====

[Rudy]

OK. Tak ještě jednou.

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\updateSteam.bat [2018-02-04] ()

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[Anna.ja]

Provedeno, po restartu už se stránka neotevřela.

Fix result of Farbar Recovery Scan Tool (x64) Version: 03-05-2020
Ran by annaj (03-05-2020 19:57:08) Run:2
Running from C:\Users\annaj\Desktop
Loaded Profiles: annaj (Available Profiles: Kaylee & annaj)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\updateSteam.bat [2018-02-04] ()

EmptyTemp:
End
*****************

Processes closed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\updateSteam.bat => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 6578176 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 7369008 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 538374 B
Edge => 2819632 B
Chrome => 18703452 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 11860 B
NetworkService => 13726 B
Kayle => 13726 B
annaj => 54224 B

RecycleBin => 2758 B
EmptyTemp: => 34.4 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:57:18 ====

[Rudy]

To jsem rád. Nepřikládal jsem tomu význam, neboť Steam je víceméně regulérní aplikace.

[Anna.ja]

No já ho nepotřebuju, mladá to měla kvůli hrám, takže půjde odinstalovat. A ta stránka byla spíš otravná.
Díky za pomoc, jste super