Trojan:Win32/Ymacco.AACE

[czech 08]

Ahoj,
Windows Defender mi detekoval Trojan:Win32/Ymacco.AACE, jak ho mám odstranit.
Mám Windows 10, díky

[Rudy]

Zdravím!
Dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 .

[czech 08]

FRST.exe nejde nainstalovat, defender ho podezírá za virus. (Systém Windows ochránil váš počítač
Filtr SmartScreen v programu Microsoft Defender zabránil spuštění nerozpoznané aplikace. Spuštění této aplikace by mohlo ohrozit počítač.
Další informace)

Už jsem našel způsob, jak program spustit.

[czech 08]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-02-2021
Ran by PC (administrator) on DESKTOP-VNNSM0S (ATComputers CZC) (12-02-2021 17:47:49)
Running from C:\Users\PC\Desktop
Loaded Profiles: PC
Platform: Windows 10 Home Version 20H2 19042.804 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <24>
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2101.15643.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2012.21.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20566.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20566.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\NisSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Wondershare Technology Co.,Ltd -> Wondershare) C:\ProgramData\Wondershare\Service\InstallAssistService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9228800 2017-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\Run: [Zoner Photo Studio Autoupdate] => "C:\Users\PC\AppData\Local\Programs\Zoner\ZPS X\binary\Program32\ZPSTRAY.EXE"
HKLM\...\Windows x64\Print Processors\HP1020PrintProc: C:\Windows\System32\spool\prtprocs\x64\pphp1020.dll [65024 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\HPLJ1020LM: C:\Windows\system32\zlhp1020.dll [192512 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\88.0.4324.150\Installer\chrmstp.exe [2021-02-10] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {190B936F-B66F-4D86-BD72-67661AF35998} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {66227FA7-8D7C-443C-8BC4-9D5799F45745} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {72DF168F-C3D9-4B53-958E-2C5A0AC464FE} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [64936 2021-01-25] (Microsoft Corporation -> Microsoft)
Task: {83DC516A-74FA-41F7-A4B1-04CBD76A2B5C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-24] (Google LLC -> Google LLC)
Task: {9BA95D5F-6539-4BB4-947B-1BC637E5F3D0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AADDFD4F-EBA0-472A-85F3-3120A8C81380} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-321179341-2139502707-572524282-500 => C:\Users\PC\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {C22E2733-4F8F-4C14-BC1F-63EB53D6B01C} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [754104 2021-01-07] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {CFFCD1F3-8A0D-4131-8702-3B6E60E7BEEC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D30329F0-F9EF-4166-9877-670F5F5B2F01} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-24] (Google LLC -> Google LLC)
Task: {D51B55CD-FD32-45C3-B42F-745D0FEFFDD2} - System32\Tasks\Intel PTT EK Recertification => C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Intel PTT EK Recertification.job => C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.38 213.46.172.39
Tcpip\..\Interfaces\{03ed72bc-7c71-4e7f-9275-79a541e551fb}: [DhcpNameServer] 213.46.172.38 213.46.172.39

Edge:
=======
Edge Profile: C:\Users\PC\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-12]

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default [2021-02-12]
CHR Notifications: Default -> hxxps://meet.google.com; hxxps://web.whatsapp.com; hxxps://www.instagram.com; hxxps://www.youtube.com
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-01-24]
CHR Extension: (Dokumenty) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-01-24]
CHR Extension: (Disk Google) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-24]
CHR Extension: (YouTube) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-01-24]
CHR Extension: (Tabulky) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-01-24]
CHR Extension: (HTTPS Everywhere) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2021-02-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-01-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (AdBlock - #1 Popup tool for Chrome) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\oldifepkckfmnlokobgdbjjfjjmhfgag [2021-01-25]
CHR Extension: (Gmail) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-24]
CHR Extension: (Chrome Media Router) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-24]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [746944 2021-01-07] (Oracle Corporation -> Oracle Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\NisSrv.exe [2462960 2021-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MsMpEng.exe [128376 2021-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [269200 2020-09-27] (Wondershare Technology Co.,Ltd -> Wondershare)
S2 ElevationService; C:\Program Files (x86)\Wondershare\drfone\Addins\Recovery\ElevationService.exe [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-10-04] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 MpKsl64f7f93c; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BC50980E-19EA-42B0-9662-5E66DE82322A}\MpKslDrv.sys [47344 2021-02-12] (Microsoft Windows -> Microsoft Corporation)
R3 MpKsl8b5c3ee2; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C6774F5F-7C5D-423E-859A-9311B52117F4}\MpKslDrv.sys [47344 2021-02-12] (Microsoft Windows -> Microsoft Corporation)
R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [239872 2021-01-07] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [249776 2021-01-07] (Oracle Corporation -> Oracle Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [174968 2021-01-07] (Oracle Corporation -> Oracle Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49552 2021-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [419040 2021-02-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-10] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-12 17:47 - 2021-02-12 17:48 - 000012055 _____ C:\Users\PC\Desktop\FRST.txt
2021-02-12 17:46 - 2021-02-12 17:47 - 000000000 ____D C:\FRST
2021-02-12 16:51 - 2021-02-12 16:52 - 002297344 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2021-02-12 13:09 - 2021-02-12 13:11 - 000000000 ____D C:\Program Files (x86)\ExeScript
2021-02-11 18:43 - 2021-02-11 18:43 - 000000368 ____H C:\Windows\Tasks\Intel PTT EK Recertification.job
2021-02-11 18:31 - 2021-02-12 12:34 - 000004595 _____ C:\Users\PC\Desktop\ss.vbs
2021-02-11 18:22 - 2021-02-12 09:43 - 000000000 ____D C:\Users\PC\Desktop\VBS
2021-02-11 17:32 - 2021-02-11 17:32 - 000001441 _____ C:\Users\PC\Desktop\Antivirus.lnk
2021-02-11 17:18 - 2021-02-11 17:18 - 000000545 _____ C:\Users\PC\Desktop\nice.txt
2021-02-11 17:17 - 2021-02-11 17:25 - 000000096 ____R C:\Windows\system32\computer.vbs
2021-02-11 11:08 - 2021-02-11 11:18 - 3319478272 _____ C:\Users\PC\Desktop\en_windows_7_ultimate_x64_dvd.iso
2021-02-11 08:58 - 2021-02-11 08:58 - 000000000 ____D C:\Users\PC\AppData\Local\ElevatedDiagnostics
2021-02-11 08:16 - 2021-02-11 08:59 - 000000000 ____D C:\Users\PC\AppData\Local\AAR
2021-02-10 16:19 - 2021-02-10 16:19 - 000231232 _____ C:\Windows\system32\containerdevicemanagement.dll
2021-02-10 16:19 - 2021-02-10 16:19 - 000010892 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-02-10 13:08 - 2021-02-10 13:10 - 594287729 _____ C:\Users\PC\Desktop\Timeline 1.mov
2021-02-10 11:09 - 2021-02-10 11:09 - 000241086 _____ C:\Users\PC\Desktop\A-A-AND YOU FAIL!.mp4
2021-02-10 09:57 - 2021-02-10 09:57 - 000000000 ____D C:\Users\PC\AppData\Roaming\XuanZhi
2021-02-10 09:57 - 2021-02-10 09:57 - 000000000 ____D C:\Users\PC\AppData\Roaming\lddownloader
2021-02-08 14:27 - 2021-02-08 14:27 - 000010925 _____ C:\Users\PC\AppData\Local\recently-used.xbel
2021-02-06 11:34 - 2021-02-06 11:34 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2021-02-06 11:34 - 2021-02-06 11:34 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2021-02-06 11:34 - 2021-02-06 11:34 - 001314112 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2021-02-05 16:06 - 2021-02-05 16:06 - 000000000 ____D C:\Users\PC\AppData\Local\gtk-3.0
2021-02-05 16:02 - 2021-02-05 16:02 - 000000000 ____D C:\Users\PC\AppData\Local\RawTherapee
2021-02-05 16:02 - 2021-02-05 16:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RawTherapee
2021-02-05 16:02 - 2021-02-05 16:02 - 000000000 ____D C:\Program Files\RawTherapee
2021-02-05 15:33 - 2020-04-26 11:36 - 001566720 _____ C:\Users\PC\Desktop\MOV0AE.MOD
2021-02-05 12:28 - 2021-02-05 12:58 - 000000000 ____D C:\Users\PC\AppData\Local\gtk-2.0
2021-02-05 12:06 - 2021-02-09 10:59 - 000000000 ____D C:\Users\PC\AppData\Local\babl-0.1
2021-02-05 12:06 - 2021-02-05 12:06 - 000001304 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.22.lnk
2021-02-05 12:06 - 2021-02-05 12:06 - 000000000 ____D C:\Users\PC\AppData\Roaming\GIMP
2021-02-05 12:06 - 2021-02-05 12:06 - 000000000 ____D C:\Users\PC\AppData\Local\GIMP
2021-02-05 12:06 - 2021-02-05 12:06 - 000000000 ____D C:\Users\PC\AppData\Local\gegl-0.4
2021-02-04 16:34 - 2021-02-04 16:34 - 000000000 ____D C:\Users\PC\AppData\Roaming\com.ribbet.RibbetNative
2021-02-04 13:06 - 2021-02-04 13:06 - 000007605 _____ C:\Users\PC\AppData\Local\Resmon.ResmonCfg
2021-02-04 12:21 - 2021-02-04 12:21 - 000000000 ____D C:\Users\PC\AppData\Roaming\Zoner
2021-02-04 12:21 - 2021-02-04 12:21 - 000000000 ____D C:\Users\PC\AppData\Local\Zoner
2021-02-04 12:20 - 2021-02-05 11:52 - 000000000 ____D C:\ProgramData\Zoner
2021-02-04 09:33 - 2021-02-04 09:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 2020.2.3f1 (64-bit)
2021-02-04 09:30 - 2021-02-04 09:30 - 000000000 ____D C:\Program Files\Unity
2021-02-03 17:31 - 2021-02-03 17:31 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-02-03 17:31 - 2021-02-03 17:31 - 000000000 ____H C:\ProgramData\DP45977C.lfl
2021-02-03 17:31 - 2021-02-03 17:31 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2021-02-03 17:31 - 2021-02-03 17:31 - 000000000 ____D C:\Windows\system32\DAX3
2021-02-03 17:31 - 2021-02-03 17:31 - 000000000 ____D C:\Windows\system32\DAX2
2021-02-03 17:31 - 2021-02-03 17:31 - 000000000 ____D C:\Program Files\Realtek
2021-02-03 17:31 - 2021-02-03 17:31 - 000000000 ____D C:\Program Files (x86)\Realtek
2021-02-03 17:31 - 2017-06-29 18:55 - 013122576 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 012988336 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO4064.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 006410088 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV3apo.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 005938904 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV2apo.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 005593608 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 003509256 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 003507688 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 003410832 _____ (DTS, Inc.) C:\Windows\system32\slcnt64.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 003299816 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE2.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 003122656 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 003092336 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 002190976 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 001435136 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 001382232 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 001347136 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 001337640 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tossaeapo64.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 001016928 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDHF64.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 000984912 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 000965024 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 000923736 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 000877424 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SEHDHF32.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 000873456 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 000868176 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN64.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 000866640 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA64.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 000852128 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tosasfapo64.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 000737960 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SECOMN32.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 000691680 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 000677664 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 000604792 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tossaemaxapo64.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 000532376 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 000525768 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO64.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 000467152 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 000447712 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 000447176 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\toseaeapo64.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 000387312 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 000381408 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 000343704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 000341144 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 000341144 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 000321712 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 000321712 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 000231912 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 000221960 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 000214832 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 000209528 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 000192976 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 000166200 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 000158696 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 000151784 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 000134200 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 000110976 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 000090912 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 000088344 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 000088312 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 000084608 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 000083624 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2021-02-03 17:31 - 2017-06-29 18:55 - 000075536 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2021-02-03 17:31 - 2017-06-29 18:54 - 010536152 _____ (Intel Corporation) C:\Windows\system32\IntelSSTAPO.dll
2021-02-03 17:31 - 2017-06-29 18:54 - 004059960 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2021-02-03 17:31 - 2017-06-29 18:54 - 002291304 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO7064.dll
2021-02-03 17:31 - 2017-06-29 18:54 - 001780616 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2021-02-03 17:31 - 2017-06-29 18:54 - 001591056 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2021-02-03 17:31 - 2017-06-29 18:54 - 001422920 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2021-02-03 17:31 - 2017-06-29 18:54 - 001334376 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2021-02-03 17:31 - 2017-06-29 18:54 - 001213656 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2021-02-03 17:31 - 2017-06-29 18:54 - 001166152 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2021-02-03 17:31 - 2017-06-29 18:54 - 000999848 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2021-02-03 17:31 - 2017-06-29 18:54 - 000727432 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2021-02-03 17:31 - 2017-06-29 18:54 - 000708312 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2021-02-03 17:31 - 2017-06-29 18:54 - 000680544 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2021-02-03 17:31 - 2017-06-29 18:54 - 000678176 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2021-02-03 17:31 - 2017-06-29 18:54 - 000618184 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2021-02-03 17:31 - 2017-06-29 18:54 - 000514520 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2021-02-03 17:31 - 2017-06-29 18:54 - 000500552 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2021-02-03 17:31 - 2017-06-29 18:54 - 000428224 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2021-02-03 17:31 - 2017-06-29 18:54 - 000406448 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2APIPCLL.dll
2021-02-03 17:31 - 2017-06-29 18:54 - 000366120 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\HMAPO.dll
2021-02-03 17:31 - 2017-06-29 18:54 - 000360344 _____ (Harman) C:\Windows\system32\HMClariFi.dll
2021-02-03 17:31 - 2017-06-29 18:54 - 000330552 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2021-02-03 17:31 - 2017-06-29 18:54 - 000203840 _____ (Harman) C:\Windows\system32\HMHVS.dll
2021-02-03 17:31 - 2017-06-29 18:54 - 000190928 _____ (Harman) C:\Windows\system32\HMEQ_Voice.dll
2021-02-03 17:31 - 2017-06-29 18:54 - 000190928 _____ (Harman) C:\Windows\system32\HMEQ.dll
2021-02-03 17:31 - 2017-06-29 18:54 - 000179592 _____ (Harman) C:\Windows\system32\HMLimiter.dll
2021-02-03 17:31 - 2017-06-29 18:53 - 005346992 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll
2021-02-03 17:31 - 2017-06-29 18:53 - 002444680 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv201.dll
2021-02-03 17:31 - 2017-06-29 18:53 - 001965808 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2021-02-03 17:31 - 2017-06-29 18:53 - 001959600 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll
2021-02-03 17:31 - 2017-06-29 18:53 - 001616680 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll
2021-02-03 17:31 - 2017-06-29 18:53 - 001554600 _____ (Dolby Laboratories) C:\Windows\system32\DAX3APOProp.dll
2021-02-03 17:31 - 2017-06-29 18:53 - 001529136 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64Proxy.dll
2021-02-03 17:31 - 2017-06-29 18:53 - 001508928 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2021-02-03 17:31 - 2017-06-29 18:53 - 001326424 _____ (Dolby Laboratories) C:\Windows\system32\DAX3APOv251.dll
2021-02-03 17:31 - 2017-06-29 18:53 - 001170872 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOvlldp.dll
2021-02-03 17:31 - 2017-06-29 18:53 - 000743960 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2021-02-03 17:31 - 2017-06-29 18:53 - 000504304 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2021-02-03 17:31 - 2017-06-29 18:53 - 000445392 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2021-02-03 17:31 - 2017-06-29 18:53 - 000441264 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2021-02-03 17:31 - 2017-06-29 18:53 - 000362048 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll
2021-02-03 17:31 - 2017-06-29 18:53 - 000327448 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2021-02-03 17:31 - 2017-06-29 18:53 - 000310416 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll
2021-02-03 17:31 - 2017-06-29 18:53 - 000272712 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2021-02-03 17:31 - 2017-06-29 18:53 - 000253896 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2021-02-03 17:31 - 2017-06-29 18:53 - 000253864 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2021-02-03 17:31 - 2017-06-29 18:53 - 000252872 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2021-02-03 17:31 - 2017-06-29 18:52 - 005826560 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2021-02-03 17:31 - 2017-06-29 18:52 - 003677160 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2021-02-03 17:31 - 2017-06-29 18:52 - 003205120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2021-02-03 17:31 - 2017-06-29 18:52 - 002110592 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2021-02-03 17:31 - 2017-06-29 18:52 - 000574752 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2021-02-03 17:31 - 2017-06-29 18:52 - 000258856 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2021-02-03 17:31 - 2017-06-29 18:52 - 000118592 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2021-02-03 17:31 - 2017-06-29 18:51 - 072520712 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2021-02-03 17:31 - 2017-06-29 18:51 - 014057248 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2021-02-03 17:31 - 2017-06-29 18:51 - 007172912 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2021-02-03 17:31 - 2017-06-29 18:51 - 007096184 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2021-02-03 17:31 - 2017-06-29 18:51 - 006264632 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll
2021-02-03 17:31 - 2017-06-29 18:51 - 002210304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2021-02-03 17:31 - 2017-06-29 18:51 - 002050176 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2021-02-03 17:31 - 2017-06-29 18:51 - 001186832 _____ (Intel Corporation) C:\Windows\system32\IntelSstCApoPropPage.dll
2021-02-03 17:31 - 2017-06-29 18:51 - 001133064 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll
2021-02-03 17:31 - 2017-06-29 18:51 - 001003856 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll
2021-02-03 17:31 - 2017-06-29 18:51 - 000931616 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2021-02-03 17:31 - 2017-06-29 18:51 - 000416504 _____ (Harman) C:\Windows\system32\HMUI.dll
2021-02-03 17:31 - 2017-06-29 18:51 - 000378384 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll
2021-02-03 17:31 - 2017-06-29 18:51 - 000154360 _____ (Harman) C:\Windows\system32\HarmanAudioInterface.dll
2021-02-03 17:31 - 2017-06-29 18:51 - 000023688 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2021-02-03 17:31 - 2017-06-29 18:50 - 000122320 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2021-02-03 17:31 - 2017-06-29 18:50 - 000118584 _____ C:\Windows\system32\AcpiServiceVnA64.dll
2021-02-03 17:31 - 2017-06-29 18:50 - 000105304 _____ C:\Windows\system32\audioLibVc.dll
2021-02-03 17:31 - 2017-06-29 03:05 - 012334923 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2021-02-03 17:31 - 2017-06-29 03:05 - 005804772 _____ C:\Windows\system32\Drivers\rtvienna.dat
2021-02-03 17:31 - 2017-06-29 03:05 - 001920870 _____ C:\Windows\system32\Drivers\rtkSSTsetting.dat
2021-02-03 17:30 - 2021-02-03 17:32 - 000000000 ___HD C:\Program Files (x86)\Temp
2021-02-03 17:30 - 2016-09-22 14:55 - 002839520 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2021-02-01 15:49 - 2021-02-01 15:49 - 000003940 _____ C:\Windows\system32\Tasks\BlueStacksHelper
2021-02-01 15:46 - 2021-02-01 15:46 - 000002081 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks Multi-Instance Manager.lnk
2021-02-01 15:46 - 2021-02-01 15:46 - 000001920 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks.lnk
2021-02-01 15:45 - 2021-02-01 15:46 - 000000000 ____D C:\ProgramData\BlueStacks
2021-02-01 15:45 - 2021-02-01 15:45 - 000000000 ____D C:\Program Files\BlueStacks
2021-02-01 15:43 - 2021-02-01 15:45 - 000000000 ____D C:\Users\PC\AppData\Local\BlueStacksSetup
2021-02-01 15:37 - 2021-02-01 15:38 - 000000000 ____D C:\ProgramData\Wondershare
2021-02-01 15:37 - 2021-02-01 15:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2021-01-31 09:10 - 2021-02-11 17:21 - 000000000 ____D C:\Users\PC\.VirtualBox
2021-01-31 09:10 - 2021-02-11 14:45 - 000000000 ____D C:\Users\PC\VirtualBox VMs
2021-01-31 09:09 - 2021-01-31 09:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2021-01-31 09:09 - 2021-01-31 09:09 - 000000000 ____D C:\Program Files\Oracle
2021-01-31 09:09 - 2021-01-07 10:18 - 001037824 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2021-01-31 09:09 - 2021-01-07 10:18 - 000187888 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2021-01-31 09:08 - 2021-01-31 09:10 - 587763712 _____ C:\Users\PC\Desktop\Windows_XP_Professional_64-bit_CD_Key-VCFQD-V9FX9-46WVH-K3CD4-4J3JM).iso
2021-01-30 11:40 - 2021-01-30 11:40 - 006454114 _____ C:\Users\PC\Desktop\ratatatatata.mov
2021-01-30 11:40 - 2021-01-30 11:40 - 002285280 _____ C:\Users\PC\Desktop\zrnění.mov
2021-01-30 11:35 - 2021-01-30 11:35 - 004903008 _____ C:\Users\PC\Desktop\Error.mp4
2021-01-30 11:21 - 2021-01-30 11:21 - 000000000 ____D C:\Users\PC\youwave
2021-01-30 11:21 - 2021-01-30 11:21 - 000000000 ____D C:\Users\PC\Documents\webkit
2021-01-30 11:02 - 2021-02-06 12:08 - 000000000 ____D C:\Users\PC\Desktop\Hudba
2021-01-30 09:32 - 2021-01-30 09:32 - 000249618 _____ C:\Users\PC\Desktop\okay.mp4
2021-01-29 17:36 - 2021-01-29 17:36 - 001310310 _____ C:\Users\PC\Desktop\taková nabídka se neodmítá Clip finaaal.mp4
2021-01-29 17:36 - 2021-01-29 17:36 - 001226531 _____ C:\Users\PC\Desktop\ja jsem rád že jsem tady a uvidíme Clip finaaal.mp4
2021-01-29 17:36 - 2021-01-29 17:36 - 000546731 _____ C:\Users\PC\Desktop\tak určitě ne Clip finaaal.mp4
2021-01-29 17:36 - 2021-01-29 17:36 - 000433698 _____ C:\Users\PC\Desktop\jsme profíci Clip finaaal.mp4
2021-01-29 17:36 - 2021-01-29 17:36 - 000058903 _____ C:\Users\PC\Desktop\Directed by Robert B. Weide - Clip finaaal.mp4
2021-01-29 16:41 - 2021-01-29 16:38 - 005333815 _____ C:\Users\PC\Desktop\outro 2.mp4
2021-01-29 16:38 - 2021-01-29 16:41 - 008092549 _____ C:\Users\PC\Desktop\outro.mp4
2021-01-29 16:35 - 2021-01-29 16:35 - 017468064 _____ C:\Users\PC\Desktop\intro.mp4
2021-01-29 12:00 - 2021-01-29 12:00 - 000000000 ____D C:\Users\PC\Documents\Audacity
2021-01-29 11:56 - 2021-02-10 19:56 - 000000000 ____D C:\Users\PC\AppData\Roaming\audacity
2021-01-29 11:56 - 2021-01-29 11:56 - 000001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2021-01-29 11:56 - 2021-01-29 11:56 - 000000000 ____D C:\Users\PC\AppData\Local\Audacity
2021-01-29 11:56 - 2021-01-29 11:56 - 000000000 ____D C:\Program Files (x86)\Audacity
2021-01-29 10:39 - 2021-01-29 10:39 - 000000066 _____ C:\Users\PC\inittk.ini
2021-01-29 10:39 - 2021-01-29 10:39 - 000000045 _____ C:\Users\PC\nuuid.ini
2021-01-29 10:39 - 2021-01-29 10:39 - 000000041 _____ C:\Users\PC\inst.ini
2021-01-29 10:38 - 2021-01-29 10:41 - 000000000 ____D C:\Program Files (x86)\XePlayer
2021-01-29 10:38 - 2021-01-29 10:40 - 000000000 ____D C:\Users\PC\AppData\Local\XePlayer
2021-01-29 10:38 - 2021-01-29 10:40 - 000000000 ____D C:\Users\PC\AppData\Local\Nox
2021-01-29 09:21 - 2021-01-29 09:22 - 000000000 ____D C:\Program Files\Evolus
2021-01-29 09:21 - 2021-01-29 09:21 - 000000000 ____D C:\Users\PC\AppData\Roaming\Pencil
2021-01-29 09:21 - 2021-01-29 09:21 - 000000000 ____D C:\Users\PC\.pencil
2021-01-29 08:21 - 2021-01-29 08:21 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2021-01-29 08:16 - 2021-01-29 08:16 - 000000016 _____ C:\Users\PC\AppData\Roaming\obs-virtualcam.txt
2021-01-28 16:15 - 2021-01-28 16:15 - 000000000 ____D C:\Users\PC\AppData\Local\CEF
2021-01-28 16:11 - 2021-02-01 15:45 - 000000000 ____D C:\Users\PC\AppData\Local\Bluestacks
2021-01-28 10:31 - 2021-02-11 16:27 - 000000000 ____D C:\ProgramData\VirtualBox
2021-01-28 09:59 - 2021-02-04 07:27 - 000000000 ____D C:\Users\PC\AppData\Local\CrashDumps
2021-01-28 09:08 - 2021-01-28 09:08 - 000004504 _____ C:\Users\PC\Desktop\shutdown.lnk
2021-01-27 09:29 - 2021-01-27 09:29 - 000000000 ____D C:\Program Files\HP
2021-01-27 09:29 - 2012-09-18 15:27 - 000501760 _____ C:\Windows\system32\ZSHP1020.EXE
2021-01-27 09:29 - 2012-09-18 15:27 - 000192512 _____ C:\Windows\system32\ZLhp1020.DLL
2021-01-27 09:29 - 2012-09-18 08:34 - 000245248 _____ () C:\Windows\system32\zshp1020s.dll
2021-01-27 09:29 - 2012-09-18 08:34 - 000128380 _____ C:\Windows\system32\hp1018.img
2021-01-27 09:29 - 2012-09-18 08:34 - 000010632 _____ C:\Windows\system32\ZSHP1018.CHM
2021-01-27 09:28 - 2021-01-27 09:28 - 003204296 _____ C:\Users\PC\Desktop\lj1018_1020_1022-HB-pnp-win64-en.exe
2021-01-27 09:27 - 2021-01-27 11:49 - 2529230259 _____ C:\Users\PC\Downloads\Hledá se Nemo-Anim.-2003-CZ.mkv
2021-01-27 08:40 - 2021-01-27 08:40 - 000900834 _____ C:\Users\PC\Desktop\2021-01-26 15-23-19.mp4
2021-01-27 08:35 - 2021-01-27 08:35 - 000000000 ____D C:\Users\PC\AppData\Local\NVIDIA
2021-01-27 08:34 - 2021-01-27 08:34 - 000001986 _____ C:\Users\PC\Desktop\Resolve.lnk
2021-01-27 08:34 - 2021-01-27 08:34 - 000000000 ____D C:\Users\PC\Documents\Blackmagic Design
2021-01-27 08:34 - 2021-01-27 08:34 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2021-01-27 08:33 - 2021-01-29 07:18 - 000000000 ____D C:\Program Files (x86)\Blackmagic Design
2021-01-27 08:20 - 2021-01-27 08:20 - 000000000 ____D C:\Users\PC\AppData\Roaming\NVIDIA
2021-01-27 08:20 - 2021-01-27 08:20 - 000000000 ____D C:\ProgramData\Reprise
2021-01-27 07:42 - 2021-01-27 07:42 - 000000000 ____D C:\Users\PC\AppData\Roaming\Blackmagic Design
2021-01-27 07:32 - 2021-01-29 07:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2021-01-27 07:32 - 2021-01-27 07:32 - 000000000 ____D C:\ProgramData\Blackmagic Design
2021-01-27 07:32 - 2021-01-27 07:32 - 000000000 ____D C:\Program Files\Blackmagic Design
2021-01-26 15:22 - 2021-02-12 11:42 - 000000000 ____D C:\Users\PC\AppData\Roaming\obs-studio
2021-01-26 15:22 - 2021-01-26 15:22 - 000000000 ____D C:\ProgramData\obs-studio-hook
2021-01-26 15:22 - 2021-01-26 15:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2021-01-26 15:22 - 2021-01-26 15:22 - 000000000 ____D C:\Program Files\obs-studio
2021-01-26 12:46 - 2021-02-05 07:52 - 000000000 ____D C:\Users\PC\Documents\Zvukové záznamy
2021-01-26 09:46 - 2021-01-26 09:46 - 004842608 _____ (Novostrim, OOO) C:\Users\PC\Downloads\cif-setup.exe
2021-01-25 18:22 - 2021-01-25 18:22 - 001710283 _____ C:\Users\PC\Desktop\puzzle.apk
2021-01-25 17:35 - 2021-01-25 18:16 - 000000000 ____D C:\Users\PC\AppData\Roaming\GDevelop 5
2021-01-25 17:35 - 2021-01-25 17:35 - 000000000 ____D C:\Users\PC\AppData\Local\gdevelop-updater
2021-01-25 16:59 - 2021-01-25 16:59 - 000000000 ____D C:\Users\PC\AppData\LocalLow\Benedikt Audy
2021-01-25 16:50 - 2021-01-25 16:50 - 000000000 ____D C:\Users\PC\AppData\Local\Android
2021-01-25 16:49 - 2021-01-25 16:50 - 000000000 ____D C:\Users\PC\AppData\Roaming\Google
2021-01-25 16:48 - 2021-01-25 17:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android Studio
2021-01-25 16:47 - 2021-01-25 17:10 - 000000000 ____D C:\Program Files\Android
2021-01-25 13:12 - 2021-01-25 13:12 - 001710283 ____N C:\Users\PC\Desktop\super game.apk
2021-01-25 12:16 - 2021-01-25 12:16 - 001913140 ____N C:\Users\PC\Desktop\game.apk
2021-01-25 11:19 - 2021-01-25 11:19 - 000000000 ____D C:\Windows\system32\Tasks\Agent Activation Runtime
2021-01-25 11:15 - 2021-02-10 13:44 - 000000000 ____D C:\Users\PC\Documents\Zoom
2021-01-25 10:22 - 2021-02-03 13:07 - 000000000 ____D C:\Users\PC\AppData\Local\D3DSCache
2021-01-25 10:19 - 2021-01-25 10:19 - 000000000 ____D C:\Users\PC\source
2021-01-25 10:19 - 2021-01-25 10:19 - 000000000 ____D C:\Users\PC\AppData\Local\IdentityNexusIntegration
2021-01-25 10:06 - 2021-02-11 08:43 - 000000000 ____D C:\Users\PC\AppData\Local\.IdentityService
2021-01-25 10:06 - 2021-01-25 10:19 - 000000000 ____D C:\Users\PC\Documents\Visual Studio 2019
2021-01-25 10:05 - 2021-01-25 10:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2019 Tools for Unity
2021-01-25 10:05 - 2021-01-25 10:05 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity
2021-01-25 10:03 - 2021-01-25 10:06 - 000000000 ____D C:\Program Files (x86)\Microsoft SDKs
2021-01-25 10:03 - 2021-01-25 10:03 - 000001795 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2019.lnk
2021-01-25 10:03 - 2021-01-25 10:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2019
2021-01-25 10:03 - 2021-01-25 10:03 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2021-01-25 10:02 - 2021-01-25 10:06 - 000000000 ____D C:\Users\PC\AppData\Roaming\Visual Studio Setup
2021-01-25 10:02 - 2021-01-25 10:03 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2021-01-25 10:02 - 2021-01-25 10:02 - 000001355 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk
2021-01-25 10:02 - 2021-01-25 10:02 - 000000000 ____D C:\Users\PC\AppData\Roaming\vstelemetry
2021-01-25 10:02 - 2021-01-25 10:02 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft Visual Studio
2021-01-25 10:02 - 2021-01-25 10:02 - 000000000 ____D C:\Users\PC\AppData\Local\ServiceHub
2021-01-25 10:02 - 2021-01-25 10:02 - 000000000 ____D C:\ProgramData\Microsoft Visual Studio
2021-01-25 08:18 - 2021-01-25 08:18 - 000000000 ____H C:\Users\PC\Documents\Default.rdp
2021-01-25 07:30 - 2021-01-30 14:56 - 000000000 ____D C:\Users\PC\Desktop\Filmy
2021-01-25 07:23 - 2021-01-25 07:23 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2021-01-24 19:57 - 2021-01-24 19:57 - 252001400 _____ (Unity Technologies ApS) C:\Users\PC\Downloads\UnitySetup-Android-Support-for-Editor-2020.2.2f1.exe
2021-01-24 19:52 - 2021-01-24 20:02 - 000000000 ____D C:\Users\PC\AppData\LocalLow\DefaultCompany
2021-01-24 19:52 - 2021-01-24 19:52 - 000000000 ____D C:\Users\PC\AppData\Local\OneDrive
2021-01-24 19:43 - 2021-01-25 10:03 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-01-24 19:43 - 2021-01-24 19:43 - 000000000 ____D C:\Windows\SysWOW64\XPSViewer
2021-01-24 19:43 - 2021-01-24 19:43 - 000000000 ____D C:\Program Files\Reference Assemblies
2021-01-24 19:43 - 2021-01-24 19:43 - 000000000 ____D C:\Program Files\MSBuild
2021-01-24 19:43 - 2021-01-24 19:43 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2021-01-24 19:42 - 2021-01-24 19:42 - 000001074 _____ C:\Users\PC\Desktop\Total Commander 64 bit.lnk
2021-01-24 19:42 - 2021-01-24 19:42 - 000000000 ____D C:\Users\PC\AppData\Roaming\GHISLER
2021-01-24 19:42 - 2021-01-24 19:42 - 000000000 ____D C:\Users\PC\AppData\Local\GHISLER
2021-01-24 19:42 - 2021-01-24 19:42 - 000000000 ____D C:\Program Files\totalcmd
2021-01-24 19:41 - 2021-01-24 19:41 - 005489944 _____ (Ghisler Software GmbH) C:\Users\PC\Downloads\tcmd951x64.exe
2021-01-24 19:32 - 2021-02-08 17:15 - 000000000 ____D C:\Users\PC\AppData\Roaming\UnityHub
2021-01-24 19:32 - 2021-01-24 19:32 - 000001882 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity Hub.lnk
2021-01-24 19:32 - 2021-01-24 19:32 - 000000000 ____D C:\Users\PC\AppData\Roaming\Unity Hub
2021-01-24 19:32 - 2021-01-24 19:32 - 000000000 ____D C:\Users\PC\AppData\Local\unityhub-updater
2021-01-24 19:32 - 2021-01-24 19:32 - 000000000 ____D C:\Program Files\Unity Hub
2021-01-24 19:31 - 2021-02-08 16:50 - 000000000 ____D C:\Users\PC\Desktop\Distanční výuka
2021-01-24 19:31 - 2021-02-08 15:01 - 000000000 ____D C:\Users\PC\AppData\LocalLow\Unity
2021-01-24 19:31 - 2021-01-25 10:06 - 000000000 ____D C:\Users\PC\AppData\Roaming\Unity
2021-01-24 19:31 - 2021-01-24 19:51 - 000000000 ____D C:\Users\PC\AppData\Local\Unity
2021-01-24 19:31 - 2021-01-24 19:34 - 000000000 ____D C:\ProgramData\Unity
2021-01-24 19:31 - 2021-01-24 19:31 - 054022120 _____ (Unity Technologies Inc.) C:\Users\PC\Downloads\UnityHubSetup.exe
2021-01-24 19:29 - 2021-02-04 09:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 2020.2.2f1 (64-bit)
2021-01-24 19:26 - 2021-01-27 07:31 - 000000000 ____D C:\ProgramData\Package Cache
2021-01-24 19:21 - 2021-01-24 19:21 - 000581120 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2021-01-24 19:21 - 2021-01-24 19:21 - 000575488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2021-01-24 19:21 - 2021-01-24 19:21 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoScreensaver.scr
2021-01-24 19:21 - 2021-01-24 19:21 - 000469504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl
2021-01-24 19:21 - 2021-01-24 19:21 - 000304128 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2021-01-24 19:21 - 2021-01-24 19:21 - 000234496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2021-01-24 19:21 - 2021-01-24 19:21 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\VBICodec.ax
2021-01-24 19:21 - 2021-01-24 19:21 - 000135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VBICodec.ax
2021-01-24 19:21 - 2021-01-24 19:21 - 000095744 _____ C:\Windows\system32\VirtualMonitorManager.dll
2021-01-24 19:21 - 2021-01-24 19:21 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl
2021-01-24 19:21 - 2021-01-24 19:21 - 000072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2021-01-24 19:21 - 2021-01-24 19:21 - 000067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscui.cpl
2021-01-24 19:21 - 2021-01-24 19:21 - 000053760 _____ C:\Windows\SysWOW64\BWContextHandler.dll
2021-01-24 19:20 - 2021-01-24 19:20 - 002260992 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2021-01-24 19:20 - 2021-01-24 19:20 - 002254336 _____ C:\Windows\system32\dwmscene.dll
2021-01-24 19:20 - 2021-01-24 19:20 - 001822272 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2021-01-24 19:20 - 2021-01-24 19:20 - 001393496 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2021-01-24 19:20 - 2021-01-24 19:20 - 001333760 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll
2021-01-24 19:20 - 2021-01-24 19:20 - 001162240 _____ C:\Windows\system32\MBR2GPT.EXE
2021-01-24 19:20 - 2021-01-24 19:20 - 000729600 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2021-01-24 19:20 - 2021-01-24 19:20 - 000643072 _____ C:\Windows\system32\WindowManagementAPI.dll
2021-01-24 19:20 - 2021-01-24 19:20 - 000595968 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2021-01-24 19:20 - 2021-01-24 19:20 - 000562688 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2021-01-24 19:20 - 2021-01-24 19:20 - 000544768 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl
2021-01-24 19:20 - 2021-01-24 19:20 - 000455680 _____ C:\Windows\SysWOW64\WindowManagementAPI.dll
2021-01-24 19:20 - 2021-01-24 19:20 - 000455168 _____ C:\Windows\system32\ssdm.dll
2021-01-24 19:20 - 2021-01-24 19:20 - 000446976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmsys.cpl
2021-01-24 19:20 - 2021-01-24 19:20 - 000422912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2021-01-24 19:20 - 2021-01-24 19:20 - 000363520 _____ C:\Windows\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-01-24 19:20 - 2021-01-24 19:20 - 000330752 _____ C:\Windows\SysWOW64\ssdm.dll
2021-01-24 19:20 - 2021-01-24 19:20 - 000306688 _____ C:\Windows\system32\HeatCore.dll
2021-01-24 19:20 - 2021-01-24 19:20 - 000287232 _____ C:\Windows\system32\CoreMas.dll
2021-01-24 19:20 - 2021-01-24 19:20 - 000266240 _____ C:\Windows\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-01-24 19:20 - 2021-01-24 19:20 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2021-01-24 19:20 - 2021-01-24 19:20 - 000240640 _____ C:\Windows\SysWOW64\CoreMas.dll
2021-01-24 19:20 - 2021-01-24 19:20 - 000238592 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl
2021-01-24 19:20 - 2021-01-24 19:20 - 000235520 _____ C:\Windows\SysWOW64\HeatCore.dll
2021-01-24 19:20 - 2021-01-24 19:20 - 000197632 _____ C:\Windows\system32\IHDS.dll
2021-01-24 19:20 - 2021-01-24 19:20 - 000190976 _____ C:\Windows\system32\BthpanContextHandler.dll
2021-01-24 19:20 - 2021-01-24 19:20 - 000182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2021-01-24 19:20 - 2021-01-24 19:20 - 000178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2021-01-24 19:20 - 2021-01-24 19:20 - 000165888 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2021-01-24 19:20 - 2021-01-24 19:20 - 000152064 _____ C:\Windows\system32\EoAExperiences.exe
2021-01-24 19:20 - 2021-01-24 19:20 - 000102912 _____ (Microsoft Corporation) C:\Windows\system32\ncpa.cpl
2021-01-24 19:20 - 2021-01-24 19:20 - 000100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncpa.cpl
2021-01-24 19:20 - 2021-01-24 19:20 - 000089088 _____ C:\Windows\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2021-01-24 19:20 - 2021-01-24 19:20 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2021-01-24 19:20 - 2021-01-24 19:20 - 000074240 _____ C:\Windows\system32\rdsxvmaudio.dll
2021-01-24 19:20 - 2021-01-24 19:20 - 000073216 _____ C:\Windows\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2021-01-24 19:20 - 2021-01-24 19:20 - 000067072 _____ C:\Windows\system32\BWContextHandler.dll
2021-01-24 19:20 - 2021-01-24 19:20 - 000060928 _____ C:\Windows\system32\runexehelper.exe
2021-01-24 19:20 - 2021-01-24 19:20 - 000048640 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2021-01-24 19:20 - 2021-01-24 19:20 - 000039936 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2021-01-24 19:20 - 2021-01-24 19:20 - 000013312 _____ C:\Windows\system32\agentactivationruntimestarter.exe
2021-01-24 19:20 - 2021-01-24 19:20 - 000010752 _____ C:\Windows\SysWOW64\agentactivationruntimestarter.exe
2021-01-24 19:20 - 2021-01-24 19:20 - 000001370 _____ C:\Windows\system32\ThirdPartyNoticesBySHS.txt
2021-01-24 19:17 - 2021-01-24 19:17 - 000001922 _____ C:\Users\PC\Desktop\Zoom.lnk
2021-01-24 19:16 - 2021-02-12 12:03 - 000000000 ____D C:\Users\PC\AppData\Roaming\vlc
2021-01-24 19:16 - 2021-01-24 19:16 - 014779520 _____ (Zoom Video Communications, Inc.) C:\Users\PC\Downloads\ZoomInstaller.exe
2021-01-24 19:16 - 2021-01-24 19:16 - 000000000 ____D C:\Users\PC\AppData\Roaming\Zoom
2021-01-24 19:16 - 2021-01-24 19:16 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2021-01-24 19:16 - 2021-01-24 19:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2021-01-24 19:15 - 2021-01-24 19:15 - 042585440 _____ C:\Users\PC\Downloads\vlc-3.0.12-win64.exe
2021-01-24 19:15 - 2021-01-24 19:15 - 000000000 ____D C:\Program Files\VideoLAN
2021-01-24 19:13 - 2021-01-24 19:22 - 2844645616 _____ (Unity Technologies ApS) C:\Users\PC\Downloads\UnitySetup64-2020.2.2f1.exe
2021-01-24 19:13 - 2021-01-24 19:13 - 000003840 _____ C:\Windows\system32\Tasks\Intel PTT EK Recertification
2021-01-24 19:13 - 2021-01-24 19:13 - 000000000 ___HD C:\OneDriveTemp
2021-01-24 19:10 - 2021-02-10 16:17 - 000000000 ____D C:\Windows\system32\MRT
2021-01-24 19:10 - 2021-01-24 19:10 - 000000000 ___HD C:\$WinREAgent
2021-01-24 19:08 - 2021-02-12 13:31 - 000000000 ____D C:\ProgramData\NVIDIA
2021-01-24 19:08 - 2021-01-24 19:08 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-01-24 19:08 - 2020-10-01 06:19 - 005510968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2021-01-24 19:08 - 2020-10-01 06:19 - 002635064 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2021-01-24 19:08 - 2020-10-01 06:19 - 001759032 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2021-01-24 19:08 - 2020-10-01 06:19 - 000992232 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2021-01-24 19:08 - 2020-10-01 06:19 - 000195560 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2021-01-24 19:08 - 2020-10-01 06:19 - 000122344 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2021-01-24 19:08 - 2020-10-01 06:19 - 000083256 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2021-01-24 19:08 - 2020-09-30 11:06 - 009339287 _____ C:\Windows\system32\nvcoproc.bin
2021-01-24 19:08 - 2020-06-13 17:38 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2021-01-24 19:07 - 2021-01-25 08:30 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-01-24 19:07 - 2021-01-24 19:08 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-01-24 19:07 - 2021-01-24 19:07 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2021-01-24 19:07 - 2020-10-05 14:05 - 001769688 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2021-01-24 19:07 - 2020-10-05 14:05 - 001769688 _____ C:\Windows\system32\vulkaninfo.exe
2021-01-24 19:07 - 2020-10-05 14:05 - 001492800 _____ (NVIDIA Corporation) C:\Windows\system32\nvppcgenco64_145831832.dll
2021-01-24 19:07 - 2020-10-05 14:05 - 001370328 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-01-24 19:07 - 2020-10-05 14:05 - 001370328 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2021-01-24 19:07 - 2020-10-05 14:05 - 001054944 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2021-01-24 19:07 - 2020-10-05 14:05 - 001054944 _____ C:\Windows\system32\vulkan-1.dll
2021-01-24 19:07 - 2020-10-05 14:05 - 000917728 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2021-01-24 19:07 - 2020-10-05 14:05 - 000917728 _____ C:\Windows\SysWOW64\vulkan-1.dll
2021-01-24 19:07 - 2020-10-05 14:05 - 000455408 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2021-01-24 19:07 - 2020-10-05 14:05 - 000351128 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2021-01-24 19:07 - 2020-10-05 14:03 - 001690976 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2021-01-24 19:07 - 2020-10-05 14:03 - 001507224 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2021-01-24 19:07 - 2020-10-05 14:03 - 001161112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2021-01-24 19:07 - 2020-10-05 14:03 - 000816368 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll
2021-01-24 19:07 - 2020-10-05 14:03 - 000673520 _____ C:\Windows\system32\nvofapi64.dll
2021-01-24 19:07 - 2020-10-05 14:03 - 000670616 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2021-01-24 19:07 - 2020-10-05 14:03 - 000555248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2021-01-24 19:07 - 2020-10-05 14:03 - 000543128 _____ C:\Windows\SysWOW64\nvofapi.dll
2021-01-24 19:07 - 2020-10-05 14:03 - 000230720 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2021-01-24 19:07 - 2020-10-05 14:03 - 000047424 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2021-01-24 19:07 - 2020-10-05 14:02 - 007707544 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2021-01-24 19:07 - 2020-10-05 14:02 - 006860184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2021-01-24 19:07 - 2020-10-05 14:02 - 004174064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2021-01-24 19:07 - 2020-10-05 14:02 - 002508528 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2021-01-24 19:07 - 2020-10-05 14:02 - 002098072 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2021-01-24 19:07 - 2020-10-05 14:02 - 001731824 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6445671.dll
2021-01-24 19:07 - 2020-10-05 14:02 - 001585560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2021-01-24 19:07 - 2020-10-05 14:02 - 001482992 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6445671.dll
2021-01-24 19:07 - 2020-10-05 14:02 - 000813464 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2021-01-24 19:07 - 2020-10-05 14:02 - 000657304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2021-01-24 19:07 - 2020-10-05 14:00 - 007001536 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2021-01-24 19:07 - 2020-10-05 14:00 - 005972824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2021-01-24 19:07 - 2020-10-05 13:42 - 000058620 _____ C:\Windows\system32\nvinfo.pb
2021-01-24 19:06 - 2021-02-10 07:40 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-24 19:06 - 2021-01-24 19:06 - 000000000 ____D C:\Program Files\Google
2021-01-24 19:05 - 2021-02-12 13:38 - 001693136 _____ C:\Windows\system32\PerfStringBackup.INI
2021-01-24 19:05 - 2021-02-02 07:18 - 000003472 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-01-24 19:05 - 2021-02-02 07:18 - 000003348 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-01-24 19:05 - 2021-01-25 16:49 - 000000000 ____D C:\Users\PC\AppData\Local\Google
2021-01-24 19:05 - 2021-01-24 19:05 - 001321688 _____ (Google LLC) C:\Users\PC\Downloads\ChromeSetup.exe
2021-01-24 19:05 - 2021-01-24 19:05 - 000000000 ____D C:\Program Files (x86)\Google
2021-01-24 19:04 - 2021-01-27 08:35 - 000000000 ____D C:\Users\PC\AppData\Local\Comms
2021-01-22 15:57 - 2021-02-11 09:07 - 000000000 ____D C:\Users\PC\AppData\Local\PlaceholderTileLogoFolder
2021-01-22 15:57 - 2021-01-25 10:47 - 000000000 ___RD C:\Users\PC\OneDrive
2021-01-22 15:56 - 2021-02-11 09:07 - 000000000 ____D C:\Users\PC\AppData\Local\Packages
2021-01-22 15:56 - 2021-01-31 09:10 - 000000000 ____D C:\Users\PC
2021-01-22 15:56 - 2021-01-29 09:17 - 000000000 ____D C:\Users\PC\AppData\Local\VirtualStore
2021-01-22 15:56 - 2021-01-24 19:13 - 000000000 ____D C:\Users\PC\AppData\Local\ConnectedDevicesPlatform
2021-01-22 15:56 - 2021-01-22 15:56 - 000000020 ___SH C:\Users\PC\ntuser.ini
2021-01-22 15:56 - 2021-01-22 15:56 - 000000000 _SHDL C:\Users\PC\Šablony
2021-01-22 15:56 - 2021-01-22 15:56 - 000000000 _SHDL C:\Users\PC\Soubory cookie
2021-01-22 15:56 - 2021-01-22 15:56 - 000000000 _SHDL C:\Users\PC\Poslední
2021-01-22 15:56 - 2021-01-22 15:56 - 000000000 _SHDL C:\Users\PC\Okolní tiskárny
2021-01-22 15:56 - 2021-01-22 15:56 - 000000000 _SHDL C:\Users\PC\Okolní síť
2021-01-22 15:56 - 2021-01-22 15:56 - 000000000 _SHDL C:\Users\PC\Nabídka Start
2021-01-22 15:56 - 2021-01-22 15:56 - 000000000 _SHDL C:\Users\PC\Dokumenty
2021-01-22 15:56 - 2021-01-22 15:56 - 000000000 _SHDL C:\Users\PC\Documents\Obrázky
2021-01-22 15:56 - 2021-01-22 15:56 - 000000000 _SHDL C:\Users\PC\Documents\Hudba
2021-01-22 15:56 - 2021-01-22 15:56 - 000000000 _SHDL C:\Users\PC\Documents\Filmy
2021-01-22 15:56 - 2021-01-22 15:56 - 000000000 _SHDL C:\Users\PC\Data aplikací
2021-01-22 15:56 - 2021-01-22 15:56 - 000000000 _SHDL C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2021-01-22 15:56 - 2021-01-22 15:56 - 000000000 _SHDL C:\Users\PC\AppData\Local\Data aplikací
2021-01-22 15:56 - 2021-01-22 15:56 - 000000000 ___RD C:\Users\PC\3D Objects
2021-01-22 15:56 - 2021-01-22 15:56 - 000000000 ____D C:\Users\PC\AppData\Roaming\Adobe
2021-01-22 15:56 - 2021-01-22 15:56 - 000000000 ____D C:\Users\PC\AppData\Local\Publishers
2021-01-22 15:54 - 2021-01-22 15:54 - 000000000 _SHDL C:\Users\Default\Šablony
2021-01-22 15:54 - 2021-01-22 15:54 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2021-01-22 15:54 - 2021-01-22 15:54 - 000000000 _SHDL C:\Users\Default\Poslední
2021-01-22 15:54 - 2021-01-22 15:54 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2021-01-22 15:54 - 2021-01-22 15:54 - 000000000 _SHDL C:\Users\Default\Okolní síť
2021-01-22 15:54 - 2021-01-22 15:54 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2021-01-22 15:54 - 2021-01-22 15:54 - 000000000 _SHDL C:\Users\Default\Dokumenty
2021-01-22 15:54 - 2021-01-22 15:54 - 000000000 _SHDL C:\Users\Default\Documents\Obrázky
2021-01-22 15:54 - 2021-01-22 15:54 - 000000000 _SHDL C:\Users\Default\Documents\Hudba
2021-01-22 15:54 - 2021-01-22 15:54 - 000000000 _SHDL C:\Users\Default\Documents\Filmy
2021-01-22 15:54 - 2021-01-22 15:54 - 000000000 _SHDL C:\Users\Default\Data aplikací
2021-01-22 15:54 - 2021-01-22 15:54 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2021-01-22 15:54 - 2021-01-22 15:54 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2021-01-22 15:54 - 2021-01-22 15:54 - 000000000 _SHDL C:\Users\Default User\Šablony
2021-01-22 15:54 - 2021-01-22 15:54 - 000000000 _SHDL C:\Users\Default User\Soubory cookie
2021-01-22 15:54 - 2021-01-22 15:54 - 000000000 _SHDL C:\Users\Default User\Poslední
2021-01-22 15:54 - 2021-01-22 15:54 - 000000000 _SHDL C:\Users\Default User\Okolní tiskárny
2021-01-22 15:54 - 2021-01-22 15:54 - 000000000 _SHDL C:\Users\Default User\Okolní síť
2021-01-22 15:54 - 2021-01-22 15:54 - 000000000 _SHDL C:\Users\Default User\Nabídka Start
2021-01-22 15:54 - 2021-01-22 15:54 - 000000000 _SHDL C:\Users\Default User\Dokumenty
2021-01-22 15:54 - 2021-01-22 15:54 - 000000000 _SHDL C:\Users\Default User\Documents\Obrázky
2021-01-22 15:54 - 2021-01-22 15:54 - 000000000 _SHDL C:\Users\Default User\Documents\Hudba
2021-01-22 15:54 - 2021-01-22 15:54 - 000000000 _SHDL C:\Users\Default User\Documents\Filmy
2021-01-22 15:54 - 2021-01-22 15:54 - 000000000 _SHDL C:\Users\Default User\Data aplikací
2021-01-22 15:54 - 2021-01-22 15:54 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2021-01-22 15:54 - 2021-01-22 15:54 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Data aplikací
2021-01-22 15:54 - 2021-01-22 15:54 - 000000000 _SHDL C:\ProgramData\Šablony
2021-01-22 15:54 - 2021-01-22 15:54 - 000000000 _SHDL C:\ProgramData\Plocha
2021-01-22 15:54 - 2021-01-22 15:54 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2021-01-22 15:54 - 2021-01-22 15:54 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2021-01-22 15:54 - 2021-01-22 15:54 - 000000000 _SHDL C:\ProgramData\Dokumenty
2021-01-22 15:54 - 2021-01-22 15:54 - 000000000 _SHDL C:\ProgramData\Data aplikací
2021-01-22 15:54 - 2021-01-22 15:54 - 000000000 _SHDL C:\Documents and Settings
2021-01-22 15:53 - 2021-01-22 15:53 - 000002850 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-321179341-2139502707-572524282-500
2021-01-22 15:52 - 2021-01-24 19:05 - 000000000 ____D C:\Windows\Panther
2021-01-22 10:31 - 2021-02-08 15:01 - 000000000 ____D C:\Users\PC\Desktop\adventure

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-12 16:59 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-12 15:33 - 2020-09-27 06:50 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-02-12 13:38 - 2019-12-07 15:41 - 000716744 _____ C:\Windows\system32\perfh005.dat
2021-02-12 13:38 - 2019-12-07 15:41 - 000144922 _____ C:\Windows\system32\perfc005.dat
2021-02-12 13:38 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2021-02-12 13:31 - 2020-09-27 08:51 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-02-12 13:31 - 2020-09-27 06:50 - 000008192 ___SH C:\DumpStack.log.tmp
2021-02-12 13:30 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2021-02-11 18:32 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-02-11 18:32 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-02-11 18:32 - 2019-12-07 15:43 - 000000000 ____D C:\Windows\OCR
2021-02-11 18:32 - 2019-12-07 15:41 - 000000000 ____D C:\Windows\SysWOW64\WCN
2021-02-11 18:32 - 2019-12-07 15:41 - 000000000 ____D C:\Windows\system32\WCN
2021-02-11 18:32 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\SysWOW64\F12
2021-02-11 18:32 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\F12
2021-02-11 18:32 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-02-11 18:32 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2021-02-11 18:32 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2021-02-11 18:32 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2021-02-11 18:32 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\migwiz
2021-02-11 18:32 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-02-11 18:32 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\IME
2021-02-11 18:32 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-02-11 18:32 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-11 18:32 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-02-11 18:32 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\servicing
2021-02-11 09:25 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2021-02-11 09:07 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2021-02-11 08:57 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-11 07:03 - 2020-09-27 08:53 - 000003584 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-11 07:03 - 2020-09-27 08:53 - 000003460 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-10 17:02 - 2020-09-27 06:50 - 000266576 _____ C:\Windows\system32\FNTCACHE.DAT
2021-02-10 17:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2021-02-10 17:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2021-02-10 07:48 - 2020-09-27 08:51 - 000000000 ____D C:\Windows\system32\Drivers\wd
2021-02-06 11:56 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Keywords
2021-02-06 11:56 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Keywords
2021-02-06 11:56 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\es-MX
2021-02-06 09:33 - 2020-09-27 08:53 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-04 09:30 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-01-29 10:38 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Registration
2021-01-29 07:30 - 2020-09-27 08:55 - 000000000 ____D C:\ProgramData\Packages
2021-01-28 13:32 - 2019-12-07 15:41 - 000000000 ____D C:\Windows\SysWOW64\winrm
2021-01-28 13:32 - 2019-12-07 15:41 - 000000000 ____D C:\Windows\SysWOW64\slmgr
2021-01-28 13:32 - 2019-12-07 15:41 - 000000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2021-01-28 13:32 - 2019-12-07 15:41 - 000000000 ____D C:\Windows\system32\winrm
2021-01-28 13:32 - 2019-12-07 15:41 - 000000000 ____D C:\Windows\system32\slmgr
2021-01-28 13:32 - 2019-12-07 15:41 - 000000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2021-01-28 13:32 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2021-01-28 13:32 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2021-01-28 13:32 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2021-01-28 13:32 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2021-01-27 12:46 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\LiveKernelReports
2021-01-24 19:43 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\UNP
2021-01-24 19:43 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\PrintDialog
2021-01-24 19:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2021-01-24 19:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2021-01-24 19:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\MUI
2021-01-24 19:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-01-24 19:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Com
2021-01-24 19:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2021-01-24 19:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Sysprep
2021-01-24 19:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2021-01-24 19:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\MUI
2021-01-24 19:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2021-01-24 19:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Com
2021-01-24 19:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\AdvancedInstallers
2021-01-24 19:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellExperiences
2021-01-24 19:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellComponents
2021-01-24 19:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Provisioning
2021-01-24 19:19 - 2020-09-27 08:53 - 002877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2021-01-24 19:05 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\appcompat
2021-01-22 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate
2021-01-22 15:56 - 2019-12-07 15:42 - 000000000 ____D C:\Windows\system32\FxsTmp
2021-01-22 15:55 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2021-01-22 15:54 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows NT
2021-01-22 15:52 - 2019-12-07 10:14 - 000028672 _____ C:\Windows\system32\config\BCD-Template

==================== Files in the root of some directories ========

2021-01-29 08:16 - 2021-01-29 08:16 - 000000016 _____ () C:\Users\PC\AppData\Roaming\obs-virtualcam.txt
2021-02-08 14:27 - 2021-02-08 14:27 - 000010925 _____ () C:\Users\PC\AppData\Local\recently-used.xbel
2021-02-04 13:06 - 2021-02-04 13:06 - 000007605 _____ () C:\Users\PC\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-02-2021
Ran by PC (12-02-2021 17:49:13)
Running from C:\Users\PC\Desktop
Windows 10 Home Version 20H2 19042.804 (X64) (2021-01-22 14:54:55)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-321179341-2139502707-572524282-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-321179341-2139502707-572524282-503 - Limited - Disabled)
Guest (S-1-5-21-321179341-2139502707-572524282-501 - Limited - Disabled)
PC (S-1-5-21-321179341-2139502707-572524282-1001 - Administrator - Enabled) => C:\Users\PC
WDAGUtilityAccount (S-1-5-21-321179341-2139502707-572524282-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Audacity 2.4.2 (HKLM-x32\...\Audacity_is1) (Version: 2.4.2 - Audacity Team)
Blackmagic RAW Common Components (HKLM\...\{60461BA6-AFA0-4D54-AFE1-54EC717AA7D9}) (Version: 1.8.2 - Blackmagic Design)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.260.0.1032 - BlueStack Systems, Inc.)
DaVinci Resolve (HKLM\...\{47B30418-F683-4F19-BEF9-BA5E490154BF}) (Version: 16.2.8005 - Blackmagic Design)
GIMP 2.10.22 (HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\GIMP-2_is1) (Version: 2.10.22 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.150 - Google LLC)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.63 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - )
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 2.8.3077.1211 - Microsoft Corporation)
NVIDIA Ovladač HD audia 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 456.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 456.71 - NVIDIA Corporation)
NVIDIA USBC Driver 1.45.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.45.831.832 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 26.1.1 - OBS Project)
Oracle VM VirtualBox 6.1.18 (HKLM\...\{A8F42E56-8D1F-4080-BD79-8375D3AD18BE}) (Version: 6.1.18 - Oracle Corporation)
Ovládací panel NVIDIA 456.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 456.71 - NVIDIA Corporation) Hidden
RawTherapee verze 5.8 (HKLM\...\RawTherapee5.8_is1) (Version: 5.8 - rawtherapee.com)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
Unity (HKLM-x32\...\Unity) (Version: 2020.2.3f1 - Unity Technologies ApS)
Unity Hub 2.4.2 (HKLM\...\{Unity Technologies - Hub}) (Version: 2.4.2 - Unity Technologies Inc.)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
vcpp_crt.redist.clickonce (HKLM-x32\...\{7C6166AB-7B4D-47A1-840D-723D2B6A1DAC}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Visual Studio Community 2019 (HKLM-x32\...\9601d9a3) (Version: 16.8.30907.101 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
VS Script Debugging Common (HKLM\...\{A4272808-82F5-410F-A5F9-1BF6F63F6B9A}) (Version: 16.0.102.0 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{DEB11EB7-B61A-4883-8CB0-99013A4873AB}) (Version: 16.8.30608 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{72E86320-AFF2-44F8-9C8B-0BD51E5B14DE}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{AD0C92A4-1514-4BC1-A723-A272A8343924}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{E9439DB7-BF01-4820-8CB1-80957150AB86}) (Version: 16.8.30530 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{8990F1B6-F880-4E73-A2D9-7A611F4C38A1}) (Version: 16.8.30530 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{3C4B2ED3-2296-4203-A420-AC042BE8484D}) (Version: 16.8.30509 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{27B16914-BC5D-4018-8074-071262A27F6D}) (Version: 16.2.28917 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{08AF5DA9-F3BD-4B59-8D99-C47CC4D53CAD}) (Version: 16.8.30530 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{4A143624-67D1-42E7-BADA-E3574DB7157E}) (Version: 16.8.30530 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{E208E682-50EE-4F2F-9860-C91B906B8A03}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_vswebprotocolselectormsi (HKLM-x32\...\{BEEB2E56-91DB-4AFB-AC88-8E98B18DD889}) (Version: 16.8.30509 - Microsoft Corporation) Hidden
vs_vswebprotocolselectormsires (HKLM-x32\...\{1E54D106-5773-4D9E-AEDF-AC5AFEAF1395}) (Version: 16.8.30509 - Microsoft Corporation) Hidden
Zoom (HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\ZoomUMX) (Version: 5.4.9 (59931.0110) - Zoom Video Communications, Inc.)

Packages:
=========
7-Zip File Manager (Unofficial) -> C:\Program Files\WindowsApps\HaukeGtze.7-ZipFileManagerUnofficial_1.1900.3.0_x64__6bk20wvc8rfx2 [2021-01-28] (Hauke Hasselberg)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-02-03] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-321179341-2139502707-572524282-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-321179341-2139502707-572524282-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-321179341-2139502707-572524282-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-321179341-2139502707-572524282-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-321179341-2139502707-572524282-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-321179341-2139502707-572524282-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2020-10-01] (NVIDIA Corporation -> NVIDIA Corporation)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-321179341-2139502707-572524282-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 213.46.172.38 - 213.46.172.39
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

Network Binding:
=============
VirtualBox Host-Only Network: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\StartupApproved\StartupFolder: => "Rainmeter.lnk"
HKU\S-1-5-21-321179341-2139502707-572524282-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{6F83D56F-E9D0-4F6A-8F1C-183856A0645C}] => (Allow) C:\Users\PC\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{D2050B7D-030C-40CB-BD2E-20746EE829B0}] => (Allow) C:\Users\PC\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{D4DAA026-BAF5-4DAD-A2E5-F036A13EA70B}] => (Allow) C:\Users\PC\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{4F8BE6A7-C9E3-4E9C-B326-104306CEC99A}] => (Allow) C:\Program Files\Unity Hub\Unity Hub.exe (Unity Technologies SF -> Unity Technologies Inc.)
FirewallRules: [TCP Query User{FE29EDBD-45BA-44D9-B7B4-8723141687AD}C:\program files\unity hub\unity hub.exe] => (Allow) C:\program files\unity hub\unity hub.exe (Unity Technologies SF -> Unity Technologies Inc.)
FirewallRules: [UDP Query User{EE5B2756-C55B-443A-A7ED-F2FEA6A2E6ED}C:\program files\unity hub\unity hub.exe] => (Allow) C:\program files\unity hub\unity hub.exe (Unity Technologies SF -> Unity Technologies Inc.)
FirewallRules: [TCP Query User{375934B7-D766-4025-9F26-448B0523CF7D}C:\users\pc\appdata\local\programs\gdevelop\gdevelop 5.exe] => (Allow) C:\users\pc\appdata\local\programs\gdevelop\gdevelop 5.exe => No File
FirewallRules: [UDP Query User{8069C550-3B33-44FA-9731-996102EADCBB}C:\users\pc\appdata\local\programs\gdevelop\gdevelop 5.exe] => (Allow) C:\users\pc\appdata\local\programs\gdevelop\gdevelop 5.exe => No File
FirewallRules: [{264308A3-862C-4EAB-B219-5C7410C99038}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{D9619BF0-4C69-49E9-A8EE-41EBA17C1702}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{74DB4444-F4B1-45EF-AA91-CCF1D58AFA57}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{B2A1A579-252D-41D5-9A93-35AD2308B1D3}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{DCF4FA70-80B1-417C-8A51-858DA3EBB029}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{4D5BFBC5-142E-4056-B27E-B5D3FBA33700}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [{62E743BA-53EB-4D37-9E1D-524DA3746ECB}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\OxygenPanelDaemon.exe => No File
FirewallRules: [{3DFE2E81-843E-400C-A50B-27FCEF03680C}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{F1520CE6-E4F8-47F6-B938-694A4D878D76}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe => No File
FirewallRules: [TCP Query User{13DCFA05-C019-47B3-A8D4-E549308002BE}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{EF6C534C-354C-412B-AB61-A3A6F0141773}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{577950EC-5496-4217-8679-53A2C35D908B}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{DF75C06A-3198-4AD2-887C-B9CE3E09569D}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{0D00CF72-3A75-472E-890A-5A46CE445BC5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5A69C4EF-C897-42B5-9117-74F2F4F3B672}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{307A0060-69FA-4203-A3ED-F46BC66EC9DA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E4486EB4-763B-428E-911B-229434FE193B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{12C8F0CE-8BD4-4423-B151-DEFF2FFEB6AA}] => (Allow) C:\Program Files (x86)\XePlayer\bin\XePlayer.exe => No File
FirewallRules: [{45F5CA7A-9AC7-4CE6-868D-363390100F90}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe => No File
FirewallRules: [TCP Query User{EE047074-B7F4-4717-8551-A8C626896537}C:\program files (x86)\youwave android\vb\vboxsdl.exe] => (Allow) C:\program files (x86)\youwave android\vb\vboxsdl.exe => No File
FirewallRules: [UDP Query User{90C9518A-6005-487D-AC33-3C5AE347B99C}C:\program files (x86)\youwave android\vb\vboxsdl.exe] => (Allow) C:\program files (x86)\youwave android\vb\vboxsdl.exe => No File
FirewallRules: [{B3CDFEEB-82AD-41A4-925E-C26A94D8A9B7}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [{D6B2DDEC-CDAA-47E3-A4B1-76F4F796F4CE}] => (Allow) C:\Program Files\Unity\Editor\Unity.exe (Unity Technologies Aps -> Unity Technologies ApS)
FirewallRules: [{9164A233-E972-4DD5-87A4-2E58C35BE0A3}] => (Block) C:\Program Files\Unity\Editor\Unity.exe (Unity Technologies Aps -> Unity Technologies ApS)
FirewallRules: [TCP Query User{7DEC9534-C4D1-470E-9CF5-0F0D4D68469A}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe (Unity Technologies Aps -> Unity Technologies ApS)
FirewallRules: [UDP Query User{41745206-C875-4416-B4DA-3A8C7BCB604D}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe (Unity Technologies Aps -> Unity Technologies ApS)
FirewallRules: [{F64F65D8-E7AB-40AF-84C5-630D55ABA40F}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

06-02-2021 11:30:55 Instalační služba modulů systému Windows
10-02-2021 10:26:58 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/12/2021 01:33:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AUDIODG.EXE, verze: 10.0.19041.804, časové razítko: 0x985b4154
Název chybujícího modulu: NAHIMICV3apo.dll, verze: 6.3.9600.17336, časové razítko: 0x5914cc69
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000337647
ID chybujícího procesu: 0x1768
Čas spuštění chybující aplikace: 0x01d7013aef722479
Cesta k chybující aplikaci: C:\Windows\system32\AUDIODG.EXE
Cesta k chybujícímu modulu: C:\Windows\system32\NAHIMICV3apo.dll
ID zprávy: 973067fe-d5a3-4c20-9d16-ad21e43edf5e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/12/2021 01:10:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_camsvc, verze: 10.0.19041.546, časové razítko: 0x058e175a
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.19041.789, časové razítko: 0x2bd748bf
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007286e
ID chybujícího procesu: 0x770
Čas spuštění chybující aplikace: 0x01d70108842c2987
Cesta k chybující aplikaci: C:\Windows\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\ucrtbase.dll
ID zprávy: 262e9885-a42e-461f-9ef9-237d25e126f2
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/12/2021 07:30:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AUDIODG.EXE, verze: 10.0.19041.804, časové razítko: 0x985b4154
Název chybujícího modulu: NAHIMICV3apo.dll, verze: 6.3.9600.17336, časové razítko: 0x5914cc69
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000337647
ID chybujícího procesu: 0xa30
Čas spuštění chybující aplikace: 0x01d7010885ce1b79
Cesta k chybující aplikaci: C:\Windows\system32\AUDIODG.EXE
Cesta k chybujícímu modulu: C:\Windows\system32\NAHIMICV3apo.dll
ID zprávy: 7856bc98-1462-4c84-b467-32169291432b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/11/2021 06:42:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AUDIODG.EXE, verze: 10.0.19041.804, časové razítko: 0x985b4154
Název chybujícího modulu: NAHIMICV3apo.dll, verze: 6.3.9600.17336, časové razítko: 0x5914cc69
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000337647
ID chybujícího procesu: 0x16d4
Čas spuštění chybující aplikace: 0x01d7009d433ee7c7
Cesta k chybující aplikaci: C:\Windows\system32\AUDIODG.EXE
Cesta k chybujícímu modulu: C:\Windows\system32\NAHIMICV3apo.dll
ID zprávy: db17e925-28ff-4e00-8ddf-95331d1f8825
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/10/2021 05:19:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AUDIODG.EXE, verze: 10.0.19041.804, časové razítko: 0x985b4154
Název chybujícího modulu: NAHIMICV3apo.dll, verze: 6.3.9600.17336, časové razítko: 0x5914cc69
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000337647
ID chybujícího procesu: 0x1798
Čas spuštění chybující aplikace: 0x01d6ffc88a218c71
Cesta k chybující aplikaci: C:\Windows\system32\AUDIODG.EXE
Cesta k chybujícímu modulu: C:\Windows\system32\NAHIMICV3apo.dll
ID zprávy: 129801c3-3c2e-4099-9509-184d33080083
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/09/2021 12:15:49 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na jedno tera (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (02/08/2021 05:13:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AUDIODG.EXE, verze: 10.0.19041.789, časové razítko: 0x985b4154
Název chybujícího modulu: NAHIMICV3apo.dll, verze: 6.3.9600.17336, časové razítko: 0x5914cc69
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000337647
ID chybujícího procesu: 0x18ac
Čas spuštění chybující aplikace: 0x01d6fe3553a1a3ae
Cesta k chybující aplikaci: C:\Windows\system32\AUDIODG.EXE
Cesta k chybujícímu modulu: C:\Windows\system32\NAHIMICV3apo.dll
ID zprávy: 4f04d41e-8422-4553-87ed-8f6f9d47ad3f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/06/2021 11:56:20 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.


System errors:
=============
Error: (02/12/2021 01:31:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba ElevationService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (02/12/2021 01:11:39 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {08728914-3F57-4D52-9E31-49DAECA5A80A} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/12/2021 01:10:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Capability Access Manager byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (02/12/2021 01:10:43 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {08728914-3F57-4D52-9E31-49DAECA5A80A} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/12/2021 01:10:43 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {08728914-3F57-4D52-9E31-49DAECA5A80A} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/12/2021 01:10:43 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {08728914-3F57-4D52-9E31-49DAECA5A80A} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/12/2021 01:10:43 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {08728914-3F57-4D52-9E31-49DAECA5A80A} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/12/2021 01:10:43 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {08728914-3F57-4D52-9E31-49DAECA5A80A} se v daném časovém limitu neregistroval u služby DCOM.

Windows Defender:
=================

Date: 2021-02-12 13:10:46.4450000Z
Description:
Antivirov� ochrana v programu Microsoft Defender zjistil malware nebo jin� potenci�ln� ne��douc� software.
Dal�� informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
N�zev: Trojan:Win32/Ymacco.AACE
ID: 2147757163
Z�va�nost: V�n�
Kategorie: Trojsk� k��
Cesta: file:_C:\Users\PC\Desktop\RCXBB62.tmp; file:_C:\Users\PC\Desktop\RCXBB91.tmp; file:_C:\Users\PC\Desktop\RCXBBB2.tmp; file:_C:\Users\PC\Desktop\RCXBC01.tmp; file:_C:\Users\PC\Desktop\RCXBC6F.tmp; file:_C:\Users\PC\Desktop\RCXBC8F.tmp; file:_C:\Users\PC\Desktop\RCXBCBF.tmp; file:_C:\Users\PC\Desktop\RCXBCE0.tmp; file:_C:\Users\PC\Desktop\RCXBD00.tmp; file:_C:\Users\PC\Desktop\RCXBD20.tmp; file:_C:\Users\PC\Desktop\RCXBD40.tmp; file:_C:\Users\PC\Desktop\RCXBD61.tmp; file:_C:\Users\PC\Desktop\RCXBDBF.tmp; file:_C:\Users\PC\Desktop\RCXBDD0.tmp; file:_C:\Users\PC\Desktop\RCXBDF0.tmp; file:_C:\Users\PC\Desktop\RCXBE10.tmp; file:_C:\Users\PC\Desktop\RCXBE31.tmp; file:_C:\Users\PC\Desktop\RCXBE51.tmp; file:_C:\Users\PC\Desktop\RCXBE71.tmp; file:_C:\Users\PC\Desktop\RCXBE91.tmp; file:_C:\Users\PC\Desktop\RCXBEB2.tmp; file:_C:\Users\PC\Desktop\RCXBED2.tmp; file:_C:\Users\PC\Desktop\RCXBEF2.tmp; file:_C:\Users\PC\Desktop\RCXBF22.tmp; file:_C:\Users\PC\Desktop\RCXBF42.tmp; file:_C:\Users\PC\Desktop\RCXBF63.tmp; file:_C:\
P�vod detekce: M�stn� po��ta�
Typ detekce: Konkr�tn�
Zdroj detekce: Ochrana v re�ln�m �ase
U�ivatel: DESKTOP-VNNSM0S\PC
N�zev procesu: C:\Program Files (x86)\ExeScript\ExeScript.exe
Verze bezpe�nostn�ch informac�: AV: 1.331.789.0, AS: 1.331.789.0, NIS: 1.331.789.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-02-12 13:10:46.3930000Z
Description:
Antivirov� ochrana v programu Microsoft Defender zjistil malware nebo jin� potenci�ln� ne��douc� software.
Dal�� informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
N�zev: Trojan:Win32/Ymacco.AACE
ID: 2147757163
Z�va�nost: V�n�
Kategorie: Trojsk� k��
Cesta: file:_C:\Users\PC\Desktop\RCXBB62.tmp; file:_C:\Users\PC\Desktop\RCXBB91.tmp; file:_C:\Users\PC\Desktop\RCXBBB2.tmp; file:_C:\Users\PC\Desktop\RCXBC01.tmp; file:_C:\Users\PC\Desktop\RCXBC6F.tmp; file:_C:\Users\PC\Desktop\RCXBC8F.tmp; file:_C:\Users\PC\Desktop\RCXBCBF.tmp; file:_C:\Users\PC\Desktop\RCXBCE0.tmp; file:_C:\Users\PC\Desktop\RCXBD00.tmp; file:_C:\Users\PC\Desktop\RCXBD20.tmp; file:_C:\Users\PC\Desktop\RCXBD40.tmp; file:_C:\Users\PC\Desktop\RCXBD61.tmp; file:_C:\Users\PC\Desktop\RCXBDBF.tmp; file:_C:\Users\PC\Desktop\RCXBDD0.tmp; file:_C:\Users\PC\Desktop\RCXBDF0.tmp; file:_C:\Users\PC\Desktop\RCXBE10.tmp; file:_C:\Users\PC\Desktop\RCXBE31.tmp; file:_C:\Users\PC\Desktop\RCXBE51.tmp; file:_C:\Users\PC\Desktop\RCXBE71.tmp; file:_C:\Users\PC\Desktop\RCXBE91.tmp; file:_C:\Users\PC\Desktop\RCXBEB2.tmp; file:_C:\Users\PC\Desktop\RCXBED2.tmp; file:_C:\Users\PC\Desktop\RCXBEF2.tmp; file:_C:\Users\PC\Desktop\RCXBF22.tmp; file:_C:\Users\PC\Desktop\RCXBF42.tmp; file:_C:\Users\PC\Desktop\RCXBF63.tmp; file:_C:\
P�vod detekce: M�stn� po��ta�
Typ detekce: Konkr�tn�
Zdroj detekce: Ochrana v re�ln�m �ase
U�ivatel: DESKTOP-VNNSM0S\PC
N�zev procesu: C:\Program Files (x86)\ExeScript\ExeScript.exe
Verze bezpe�nostn�ch informac�: AV: 1.331.789.0, AS: 1.331.789.0, NIS: 1.331.789.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-02-12 13:10:46.1720000Z
Description:
Antivirov� ochrana v programu Microsoft Defender zjistil malware nebo jin� potenci�ln� ne��douc� software.
Dal�� informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
N�zev: Trojan:Win32/Ymacco.AACE
ID: 2147757163
Z�va�nost: V�n�
Kategorie: Trojsk� k��
Cesta: file:_C:\Users\PC\Desktop\RCXBB62.tmp; file:_C:\Users\PC\Desktop\RCXBB91.tmp; file:_C:\Users\PC\Desktop\RCXBBB2.tmp; file:_C:\Users\PC\Desktop\RCXBC01.tmp; file:_C:\Users\PC\Desktop\RCXBC6F.tmp; file:_C:\Users\PC\Desktop\RCXBC8F.tmp; file:_C:\Users\PC\Desktop\RCXBCBF.tmp; file:_C:\Users\PC\Desktop\RCXBCE0.tmp; file:_C:\Users\PC\Desktop\RCXBD00.tmp; file:_C:\Users\PC\Desktop\RCXBD20.tmp; file:_C:\Users\PC\Desktop\RCXBD40.tmp; file:_C:\Users\PC\Desktop\RCXBD61.tmp; file:_C:\Users\PC\Desktop\RCXBDBF.tmp; file:_C:\Users\PC\Desktop\RCXBDD0.tmp; file:_C:\Users\PC\Desktop\RCXBDF0.tmp; file:_C:\Users\PC\Desktop\RCXBE10.tmp; file:_C:\Users\PC\Desktop\RCXBE31.tmp; file:_C:\Users\PC\Desktop\RCXBE51.tmp; file:_C:\Users\PC\Desktop\RCXBE71.tmp; file:_C:\Users\PC\Desktop\RCXBE91.tmp; file:_C:\Users\PC\Desktop\RCXBEB2.tmp; file:_C:\Users\PC\Desktop\RCXBED2.tmp; file:_C:\Users\PC\Desktop\RCXBEF2.tmp; file:_C:\Users\PC\Desktop\RCXBF22.tmp; file:_C:\Users\PC\Desktop\RCXBF42.tmp; file:_C:\Users\PC\Desktop\RCXBF63.tmp; file:_C:\
P�vod detekce: M�stn� po��ta�
Typ detekce: Konkr�tn�
Zdroj detekce: Ochrana v re�ln�m �ase
U�ivatel: DESKTOP-VNNSM0S\PC
N�zev procesu: C:\Program Files (x86)\ExeScript\ExeScript.exe
Verze bezpe�nostn�ch informac�: AV: 1.331.789.0, AS: 1.331.789.0, NIS: 1.331.789.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-02-12 13:10:46.1290000Z
Description:
Antivirov� ochrana v programu Microsoft Defender zjistil malware nebo jin� potenci�ln� ne��douc� software.
Dal�� informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
N�zev: Trojan:Win32/Ymacco.AACE
ID: 2147757163
Z�va�nost: V�n�
Kategorie: Trojsk� k��
Cesta: file:_C:\Users\PC\Desktop\RCXBB62.tmp; file:_C:\Users\PC\Desktop\RCXBB91.tmp; file:_C:\Users\PC\Desktop\RCXBBB2.tmp; file:_C:\Users\PC\Desktop\RCXBC01.tmp; file:_C:\Users\PC\Desktop\RCXBC6F.tmp; file:_C:\Users\PC\Desktop\RCXBC8F.tmp; file:_C:\Users\PC\Desktop\RCXBCBF.tmp; file:_C:\Users\PC\Desktop\RCXBCE0.tmp; file:_C:\Users\PC\Desktop\RCXBD00.tmp; file:_C:\Users\PC\Desktop\RCXBD20.tmp; file:_C:\Users\PC\Desktop\RCXBD40.tmp; file:_C:\Users\PC\Desktop\RCXBD61.tmp; file:_C:\Users\PC\Desktop\RCXBDBF.tmp; file:_C:\Users\PC\Desktop\RCXBDD0.tmp; file:_C:\Users\PC\Desktop\RCXBDF0.tmp; file:_C:\Users\PC\Desktop\RCXBE10.tmp; file:_C:\Users\PC\Desktop\RCXBE31.tmp; file:_C:\Users\PC\Desktop\RCXBE51.tmp; file:_C:\Users\PC\Desktop\RCXBE71.tmp; file:_C:\Users\PC\Desktop\RCXBE91.tmp; file:_C:\Users\PC\Desktop\RCXBEB2.tmp; file:_C:\Users\PC\Desktop\RCXBED2.tmp; file:_C:\Users\PC\Desktop\RCXBEF2.tmp; file:_C:\Users\PC\Desktop\RCXBF22.tmp; file:_C:\Users\PC\Desktop\RCXBF42.tmp; file:_C:\Users\PC\Desktop\RCXBF63.tmp; file:_C:\
P�vod detekce: M�stn� po��ta�
Typ detekce: Konkr�tn�
Zdroj detekce: Ochrana v re�ln�m �ase
U�ivatel: DESKTOP-VNNSM0S\PC
N�zev procesu: C:\Program Files (x86)\ExeScript\ExeScript.exe
Verze bezpe�nostn�ch informac�: AV: 1.331.789.0, AS: 1.331.789.0, NIS: 1.331.789.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-02-12 13:10:45.8770000Z
Description:
Antivirov� ochrana v programu Microsoft Defender zjistil malware nebo jin� potenci�ln� ne��douc� software.
Dal�� informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
N�zev: Trojan:Win32/Ymacco.AACE
ID: 2147757163
Z�va�nost: V�n�
Kategorie: Trojsk� k��
Cesta: file:_C:\Users\PC\Desktop\RCXBB62.tmp; file:_C:\Users\PC\Desktop\RCXBB91.tmp; file:_C:\Users\PC\Desktop\RCXBBB2.tmp; file:_C:\Users\PC\Desktop\RCXBC01.tmp; file:_C:\Users\PC\Desktop\RCXBC6F.tmp; file:_C:\Users\PC\Desktop\RCXBC8F.tmp; file:_C:\Users\PC\Desktop\RCXBCBF.tmp; file:_C:\Users\PC\Desktop\RCXBCE0.tmp; file:_C:\Users\PC\Desktop\RCXBD00.tmp; file:_C:\Users\PC\Desktop\RCXBD20.tmp; file:_C:\Users\PC\Desktop\RCXBD40.tmp; file:_C:\Users\PC\Desktop\RCXBD61.tmp; file:_C:\Users\PC\Desktop\RCXBDBF.tmp; file:_C:\Users\PC\Desktop\RCXBDD0.tmp; file:_C:\Users\PC\Desktop\RCXBDF0.tmp; file:_C:\Users\PC\Desktop\RCXBE10.tmp; file:_C:\Users\PC\Desktop\RCXBE31.tmp; file:_C:\Users\PC\Desktop\RCXBE51.tmp; file:_C:\Users\PC\Desktop\RCXBE71.tmp; file:_C:\Users\PC\Desktop\RCXBE91.tmp; file:_C:\Users\PC\Desktop\RCXBEB2.tmp; file:_C:\Users\PC\Desktop\RCXBED2.tmp; file:_C:\Users\PC\Desktop\RCXBEF2.tmp; file:_C:\Users\PC\Desktop\RCXBF22.tmp; file:_C:\Users\PC\Desktop\RCXBF42.tmp; file:_C:\Users\PC\Desktop\RCXBF63.tmp; file:_C:\
P�vod detekce: M�stn� po��ta�
Typ detekce: Konkr�tn�
Zdroj detekce: Ochrana v re�ln�m �ase
U�ivatel: DESKTOP-VNNSM0S\PC
N�zev procesu: C:\Program Files (x86)\ExeScript\ExeScript.exe
Verze bezpe�nostn�ch informac�: AV: 1.331.789.0, AS: 1.331.789.0, NIS: 1.331.789.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5
CodeIntegrity:
=================

==================== Memory info ===========================

BIOS: American Megatrends Inc. 2002 06/18/2020
Motherboard: ASUSTeK COMPUTER INC. ROG STRIX B360-G GAMING
Processor: Intel(R) Core(TM) i5-9400F CPU @ 2.90GHz
Percentage of memory in use: 46%
Total physical RAM: 16301.14 MB
Available physical RAM: 8702.89 MB
Total Virtual: 18733.14 MB
Available Virtual: 9459.87 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.28 GB) (Free:95.67 GB) NTFS
Drive d: (jedno tera) (Fixed) (Total:931.51 GB) (Free:927.99 GB) NTFS
Drive e: (BOOT DISK) (Removable) (Total:7.48 GB) (Free:1.72 GB) FAT32

\\?\Volume{4db49cc0-02dc-4aa3-b614-f2947070d456}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS
\\?\Volume{99ea9264-2460-4ac8-8899-e953b4c89a6c}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: F5D14A7A)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (Size: 7.5 GB) (Disk ID: 11BC3C5A)
Partition 1: (Active) - (Size=7.5 GB) - (Type=0C)

==================== End of Addition.txt =======================

[Rudy]

FRST není virus, jen umí mazat položky ze systému. OK, teď spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[czech 08]

# -------------------------------
# Malwarebytes AdwCleaner 8.0.9.1
# -------------------------------
# Build: 01-20-2021
# Database: 2021-01-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-12-2021
# Duration: 00:00:00
# OS: Windows 10 Home
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1406 octets] - [12/02/2021 18:05:37]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

[Rudy]

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
Task: {83DC516A-74FA-41F7-A4B1-04CBD76A2B5C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-24] (Google LLC -> Google LLC)
Task: {D30329F0-F9EF-4166-9877-670F5F5B2F01} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-24] (Google LLC -> Google LLC)
C:\ProgramData\DP45977C.lfl
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
FirewallRules: [{D2050B7D-030C-40CB-BD2E-20746EE829B0}] => (Allow) C:\Users\PC\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{D4DAA026-BAF5-4DAD-A2E5-F036A13EA70B}] => (Allow) C:\Users\PC\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [TCP Query User{375934B7-D766-4025-9F26-448B0523CF7D}C:\users\pc\appdata\local\programs\gdevelop\gdevelop 5.exe] => (Allow) C:\users\pc\appdata\local\programs\gdevelop\gdevelop 5.exe => No File
FirewallRules: [UDP Query User{8069C550-3B33-44FA-9731-996102EADCBB}C:\users\pc\appdata\local\programs\gdevelop\gdevelop 5.exe] => (Allow) C:\users\pc\appdata\local\programs\gdevelop\gdevelop 5.exe => No File
FirewallRules: [{4D5BFBC5-142E-4056-B27E-B5D3FBA33700}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [{62E743BA-53EB-4D37-9E1D-524DA3746ECB}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\OxygenPanelDaemon.exe => No File
FirewallRules: [{F1520CE6-E4F8-47F6-B938-694A4D878D76}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe => No File
FirewallRules: [{12C8F0CE-8BD4-4423-B151-DEFF2FFEB6AA}] => (Allow) C:\Program Files (x86)\XePlayer\bin\XePlayer.exe => No File
FirewallRules: [{45F5CA7A-9AC7-4CE6-868D-363390100F90}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe => No File
FirewallRules: [TCP Query User{EE047074-B7F4-4717-8551-A8C626896537}C:\program files (x86)\youwave android\vb\vboxsdl.exe] => (Allow) C:\program files (x86)\youwave android\vb\vboxsdl.exe => No File
FirewallRules: [UDP Query User{90C9518A-6005-487D-AC33-3C5AE347B99C}C:\program files (x86)\youwave android\vb\vboxsdl.exe] => (Allow) C:\program files (x86)\youwave android\vb\vboxsdl.exe => No File

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[czech 08]

Fix result of Farbar Recovery Scan Tool (x64) Version: 12-02-2021
Ran by PC (12-02-2021 19:23:09) Run:1
Running from C:\Users\PC\Desktop
Loaded Profiles: PC
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
Task: {83DC516A-74FA-41F7-A4B1-04CBD76A2B5C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-24] (Google LLC -> Google LLC)
Task: {D30329F0-F9EF-4166-9877-670F5F5B2F01} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-24] (Google LLC -> Google LLC)
C:\ProgramData\DP45977C.lfl
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
FirewallRules: [{D2050B7D-030C-40CB-BD2E-20746EE829B0}] => (Allow) C:\Users\PC\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{D4DAA026-BAF5-4DAD-A2E5-F036A13EA70B}] => (Allow) C:\Users\PC\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [TCP Query User{375934B7-D766-4025-9F26-448B0523CF7D}C:\users\pc\appdata\local\programs\gdevelop\gdevelop 5.exe] => (Allow) C:\users\pc\appdata\local\programs\gdevelop\gdevelop 5.exe => No File
FirewallRules: [UDP Query User{8069C550-3B33-44FA-9731-996102EADCBB}C:\users\pc\appdata\local\programs\gdevelop\gdevelop 5.exe] => (Allow) C:\users\pc\appdata\local\programs\gdevelop\gdevelop 5.exe => No File
FirewallRules: [{4D5BFBC5-142E-4056-B27E-B5D3FBA33700}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [{62E743BA-53EB-4D37-9E1D-524DA3746ECB}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\OxygenPanelDaemon.exe => No File
FirewallRules: [{F1520CE6-E4F8-47F6-B938-694A4D878D76}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe => No File
FirewallRules: [{12C8F0CE-8BD4-4423-B151-DEFF2FFEB6AA}] => (Allow) C:\Program Files (x86)\XePlayer\bin\XePlayer.exe => No File
FirewallRules: [{45F5CA7A-9AC7-4CE6-868D-363390100F90}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe => No File
FirewallRules: [TCP Query User{EE047074-B7F4-4717-8551-A8C626896537}C:\program files (x86)\youwave android\vb\vboxsdl.exe] => (Allow) C:\program files (x86)\youwave android\vb\vboxsdl.exe => No File
FirewallRules: [UDP Query User{90C9518A-6005-487D-AC33-3C5AE347B99C}C:\program files (x86)\youwave android\vb\vboxsdl.exe] => (Allow) C:\program files (x86)\youwave android\vb\vboxsdl.exe => No File

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{83DC516A-74FA-41F7-A4B1-04CBD76A2B5C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{83DC516A-74FA-41F7-A4B1-04CBD76A2B5C}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D30329F0-F9EF-4166-9877-670F5F5B2F01}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D30329F0-F9EF-4166-9877-670F5F5B2F01}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
C:\ProgramData\DP45977C.lfl => moved successfully
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Local Page"="C:\Windows\System32\blank.htm" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Local Page"="C:\Windows\SysWOW64\blank.htm" => value restored successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D2050B7D-030C-40CB-BD2E-20746EE829B0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D4DAA026-BAF5-4DAD-A2E5-F036A13EA70B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{375934B7-D766-4025-9F26-448B0523CF7D}C:\users\pc\appdata\local\programs\gdevelop\gdevelop 5.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8069C550-3B33-44FA-9731-996102EADCBB}C:\users\pc\appdata\local\programs\gdevelop\gdevelop 5.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4D5BFBC5-142E-4056-B27E-B5D3FBA33700}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{62E743BA-53EB-4D37-9E1D-524DA3746ECB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F1520CE6-E4F8-47F6-B938-694A4D878D76}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{12C8F0CE-8BD4-4423-B151-DEFF2FFEB6AA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{45F5CA7A-9AC7-4CE6-868D-363390100F90}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{EE047074-B7F4-4717-8551-A8C626896537}C:\program files (x86)\youwave android\vb\vboxsdl.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{90C9518A-6005-487D-AC33-3C5AE347B99C}C:\program files (x86)\youwave android\vb\vboxsdl.exe" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8937472 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 214359656 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 1035621 B
Edge => 0 B
Chrome => 973002572 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 5976968 B
PC => 146908536 B

RecycleBin => 0 B
EmptyTemp: => 1.3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:23:42 ====

[czech 08]

Teď jsem se podíval do Windows Defender. Trojan:Win32/Ymacco.AACE je již zablokován a není aktivní. Už je tedy hrozba pryč úplně, nebo je třeba provést ještě nějaký krok?

Děkuji moc.

[czech 08]

Dá se z toho zjistit, kde se ten virus vzal?

[Rudy]

Bylo smazáno, další akce nejsou třeba. Pokud je to troják, určitě jste ho nevědomě stáhl z internetu. Ale odkud, těžko říci.

[czech 08]

Díky moc, nevím co bych bez Vás dělal.

[Rudy]

Rádo se stalo!