Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Preventivka pomalého notebooku

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
gully
Návštěvník
Návštěvník
Příspěvky: 85
Registrován: 21 pro 2014 07:39

Preventivka pomalého notebooku

#1 Příspěvek od gully »

Zdravím a chtěl bych poprosit o preventivní kontrolu notebooku, který se mi zdá zpomalený.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-06-2021
Ran by Jaroslav Onderka (administrator) on LAPTOP (HP HP Laptop 15-bs0xx) (10-06-2021 17:27:48)
Running from C:\Users\Jaroslav Onderka\Desktop
Loaded Profiles: Jaroslav Onderka
Platform: Windows 10 Home Version 20H2 19042.928 (X64) Language: Slovenština (Slovensko) -> Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe <2>
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Firebird Project) [File not signed] C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe
(Firebird Project) [File not signed] C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki135422.inf_amd64_819df826076efbf4\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki135422.inf_amd64_819df826076efbf4\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki135422.inf_amd64_819df826076efbf4\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki135422.inf_amd64_819df826076efbf4\IntelCpHeciSvc.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corp.) C:\Windows\System32\Defrag.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(philandro Software GmbH -> AnyDesk Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <3>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor Corp. -> Realtek) C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe
(Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Seznam.cz, a.s. -> ) C:\Users\Jaroslav Onderka\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Seznam.cz, a.s. -> ) C:\Users\Jaroslav Onderka\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-04-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [703312 2017-07-21] (HP Inc. -> HP Inc.)
HKLM-x32\...\Run: [RtlS5Wake] => C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [1660760 2017-06-26] (Realtek Semiconductor Corp. -> Realtek)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKLM-x32\...\Run: [ICAMaintenance_ICAPKIService_RegKeysRefresh] => C:\Program Files (x86)\I.CA\I.CA Maintenance\ICAMaintenance.exe [283904 2019-08-02] (Prvni certifikacni autorita, a.s. -> I.CA, a.s.)
HKU\S-1-5-21-282034895-1388947201-4270146023-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Jaroslav Onderka\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-282034895-1388947201-4270146023-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Jaroslav Onderka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] (Seznam.cz, a.s. -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.77\Installer\chrmstp.exe [2021-05-28] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2021-06-08]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
Startup: C:\Users\Jaroslav Onderka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2019-04-09]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0EFF89F8-1DEB-4684-8FBB-7E26CB31F8A8} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118088 2021-06-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {12DCCA18-DA4D-42D1-BEC7-A586043B2F8B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [651632 2017-09-27] (HP Inc. -> HP Inc.)
Task: {1FE0DA36-60E8-4DED-A6D6-7430E0C93D1E} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [461824 2017-10-06] (HP Inc. -> HP Inc.)
Task: {27FED210-330A-46B7-9CB7-B19DDFD7F8C0} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\windows\system32\MRT-KB890830.exe [133315992 2018-07-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {3C188DEB-E8D2-45C7-ACF4-551D55B6592A} - System32\Tasks\StartCN => c:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-05-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {4235D08A-8F6D-410C-B714-A8640B8ACBE4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124336 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {4C379B30-0A29-42C0-B99F-83D3E8DF3A3B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {4CBEA4D9-D880-4382-A632-D567ED72AAAE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [119664 2017-09-27] (HP Inc. -> HP Inc.)
Task: {505282B3-D6F8-4F99-A4D6-2CAC39E48633} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [216432 2017-09-27] (HP Inc. -> HP Inc.)
Task: {52FD769D-8B33-4D23-8EAA-9CAC3FAA901F} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {72E6966D-BCDE-41C7-8B44-6A18D00D9CC4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-27] (Google Inc -> Google Inc.)
Task: {7629A1F1-766D-4715-93CD-D4CB8A52BDD1} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118088 2021-06-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {7B802A19-406F-4F76-97B1-6F322E3D792D} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe
Task: {7D297025-402B-420F-A376-F0EAEA278571} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1490800 2017-09-27] (HP Inc. -> HP Inc.)
Task: {80BA2026-6538-4B6A-AD10-76F52F7B956B} - System32\Tasks\OneDrive Standalone Update Task v2 => C:\Users\Jaroslav Onderka\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {9B26CB9A-AF00-48FC-AB25-976062EEE879} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1490800 2017-09-27] (HP Inc. -> HP Inc.)
Task: {A8F0E328-85F6-42B7-AE8D-CAB359EA2543} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1122200 2021-06-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {B296CB3A-1C29-4757-89CF-29ECAFC74E7B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-27] (Google Inc -> Google Inc.)
Task: {C3F442BC-5502-4504-B0A3-46FC688E4D41} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124336 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {DD11A531-FCF7-4FF7-BD66-E1235787EB92} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644960 2017-02-02] (HP Inc. -> HP Inc.)
Task: {EB8FE8C6-C276-430D-B516-815E6D3473F6} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2017-09-27] (HP Inc. -> HP Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.88.1 192.168.0.1
Tcpip\..\Interfaces\{6805ce75-f37c-4541-9c4f-f89c6ab96cbf}: [DhcpNameServer] 192.168.88.1 192.168.0.1

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Jaroslav Onderka\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-10]
Edge HomePage: Default -> hxxp://google.cz/

FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-06-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-05-28] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Jaroslav Onderka\AppData\Local\Google\Chrome\User Data\Default [2021-06-10]
CHR Notifications: Default -> hxxps://mail.google.com; hxxps://top-captcharesolver.com; hxxps://www.youtube.com
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTab.html"
CHR Extension: (Prezentace) - C:\Users\Jaroslav Onderka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-27]
CHR Extension: (Dokumenty) - C:\Users\Jaroslav Onderka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-27]
CHR Extension: (Disk Google) - C:\Users\Jaroslav Onderka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-26]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Jaroslav Onderka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2020-04-06]
CHR Extension: (YouTube) - C:\Users\Jaroslav Onderka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-27]
CHR Extension: (Elektronický podpis ČSOB) - C:\Users\Jaroslav Onderka\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahecpanklnlonjjlojnjjcigcbflego [2019-02-22]
CHR Extension: (Tabulky) - C:\Users\Jaroslav Onderka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-08-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jaroslav Onderka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jaroslav Onderka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Jaroslav Onderka\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2020-04-06]
CHR Extension: (Gmail) - C:\Users\Jaroslav Onderka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-26]
CHR Extension: (Chrome Media Router) - C:\Users\Jaroslav Onderka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-05-28]
CHR HKU\S-1-5-21-282034895-1388947201-4270146023-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-282034895-1388947201-4270146023-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3763944 2021-06-08] (philandro Software GmbH -> AnyDesk Software GmbH)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [127488 2017-08-30] (Realtek Semiconductor Corp.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11279752 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)
R2 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2017-02-15] (Firebird Project) [File not signed]
R3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [3825664 2017-02-15] (Firebird Project) [File not signed]
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1327400 2017-09-05] (HP Inc. -> HP Inc.)
R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [477184 2017-10-06] (HP Inc. -> HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [323952 2017-09-27] (HP Inc. -> HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [628768 2017-07-13] (HP Inc. -> HP Inc.)
S3 I.CA Maintenance Service; C:\Program Files (x86)\I.CA\I.CA Maintenance\ICAMaintenance.exe [283904 2019-08-02] (Prvni certifikacni autorita, a.s. -> I.CA, a.s.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7391408 2021-06-08] (Malwarebytes Inc -> Malwarebytes)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13261608 2021-05-28] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.4-0\NisSrv.exe [2644760 2021-06-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.4-0\MsMpEng.exe [136656 2021-06-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-06-08] (Malwarebytes Inc -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-06-08] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-06-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-06-08] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-06-08] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-06-08] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [156880 2021-06-08] (Malwarebytes Inc -> Malwarebytes)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49560 2021-06-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [425208 2021-06-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76008 2021-06-07] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-06-10 17:27 - 2021-06-10 17:30 - 000021198 _____ C:\Users\Jaroslav Onderka\Desktop\FRST.txt
2021-06-10 17:26 - 2021-06-10 17:29 - 000000000 ____D C:\FRST
2021-06-10 17:26 - 2021-06-10 17:26 - 002300416 _____ (Farbar) C:\Users\Jaroslav Onderka\Desktop\FRST64.exe
2021-06-10 16:35 - 2021-06-10 16:35 - 000000000 ____D C:\Users\Jaroslav Onderka\AppData\Local\GHISLER
2021-06-09 20:02 - 2021-06-09 20:02 - 000412013 _____ C:\Users\Jaroslav Onderka\Downloads\A1 Řez A1 (1).dwg
2021-06-09 20:01 - 2021-06-09 20:01 - 000235434 _____ C:\Users\Jaroslav Onderka\Downloads\2. Střechax
2021-06-09 19:59 - 2021-06-09 19:59 - 000660504 _____ C:\Users\Jaroslav Onderka\Downloads\2. Střecha.dwg
2021-06-09 19:39 - 2021-06-09 19:39 - 000239799 _____ C:\Users\Jaroslav Onderka\Downloads\04 Řezy (1).pdf
2021-06-09 19:35 - 2021-06-09 19:35 - 000278479 _____ C:\Users\Jaroslav Onderka\Downloads\03.1 Půdorys 2.NP_STROP (1).pdf
2021-06-09 19:34 - 2021-06-09 19:34 - 000412013 _____ C:\Users\Jaroslav Onderka\Downloads\A1 Řez A1.dwg
2021-06-09 19:31 - 2021-06-09 19:31 - 000278479 _____ C:\Users\Jaroslav Onderka\Downloads\03.1 Půdorys 2.NP_STROP.pdf
2021-06-09 19:30 - 2021-06-09 19:30 - 000152383 _____ C:\Users\Jaroslav Onderka\Downloads\06 Pohledy.pdf
2021-06-09 19:28 - 2021-06-09 19:28 - 000239799 _____ C:\Users\Jaroslav Onderka\Downloads\04 Řezy.pdf
2021-06-09 19:28 - 2021-06-09 19:28 - 000175754 _____ C:\Users\Jaroslav Onderka\Downloads\05 Pohledy.pdf
2021-06-09 19:08 - 2021-06-09 19:08 - 000407760 _____ C:\Users\Jaroslav Onderka\Downloads\03 Půdorys 1.NP.pdf
2021-06-09 19:08 - 2021-06-09 19:08 - 000222565 _____ C:\Users\Jaroslav Onderka\Downloads\02 Půdorys 1.PP.pdf
2021-06-09 04:34 - 2021-06-09 04:34 - 000000000 ____D C:\Users\Jaroslav Onderka\AppData\Local\CrashDumps
2021-06-08 01:33 - 2021-06-10 17:08 - 000000000 ____D C:\ProgramData\AnyDesk
2021-06-08 01:33 - 2021-06-08 01:33 - 000001964 _____ C:\Users\Public\Desktop\AnyDesk.lnk
2021-06-08 01:33 - 2021-06-08 01:33 - 000001964 _____ C:\ProgramData\Desktop\AnyDesk.lnk
2021-06-08 01:33 - 2021-06-08 01:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnyDesk
2021-06-08 01:33 - 2021-06-08 01:33 - 000000000 ____D C:\Program Files (x86)\AnyDesk
2021-06-08 01:32 - 2021-06-08 01:33 - 000000000 ____D C:\Users\Jaroslav Onderka\AppData\Roaming\AnyDesk
2021-06-08 01:07 - 2021-06-10 17:10 - 000000000 ____D C:\Users\Jaroslav Onderka\AppData\LocalLow\IGDump
2021-06-08 01:07 - 2021-06-08 01:07 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-06-08 01:07 - 2021-06-08 01:07 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-06-08 01:06 - 2021-06-08 01:06 - 000156880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-06-08 00:44 - 2021-06-08 00:44 - 000000000 ____D C:\Users\Jaroslav Onderka\AppData\Local\mbam
2021-06-08 00:43 - 2021-06-08 00:43 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-06-08 00:43 - 2021-06-08 00:43 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-06-08 00:43 - 2021-06-08 00:43 - 000002028 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2021-06-08 00:42 - 2021-06-08 00:42 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-06-08 00:42 - 2021-06-08 00:42 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-06-08 00:42 - 2021-06-08 00:41 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-06-08 00:42 - 2021-06-08 00:41 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-06-08 00:41 - 2021-06-08 00:41 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-06-08 00:40 - 2021-06-08 00:40 - 000000000 ____D C:\Program Files\Malwarebytes
2021-06-08 00:10 - 2021-06-07 23:53 - 000000000 ____D C:\Windows.old
2021-06-08 00:04 - 2021-06-08 00:10 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2021-06-08 00:04 - 2021-06-08 00:04 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-06-07 23:58 - 2021-06-08 00:03 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-06-07 23:58 - 2021-06-07 23:58 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-06-07 23:55 - 2021-06-07 23:55 - 000000020 ___SH C:\Users\Jaroslav Onderka\ntuser.ini
2021-06-07 23:51 - 2021-06-08 01:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-06-07 23:51 - 2021-06-07 23:52 - 000003384 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-06-07 23:51 - 2021-06-07 23:52 - 000002768 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task v2
2021-06-07 23:51 - 2021-06-07 23:51 - 000003504 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-06-07 23:51 - 2021-06-07 23:51 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-06-07 23:51 - 2021-06-07 23:51 - 000003280 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-06-07 23:51 - 2021-06-07 23:51 - 000003160 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-06-07 23:51 - 2021-06-07 23:51 - 000002856 _____ C:\WINDOWS\system32\Tasks\HPJumpStartLaunch
2021-06-07 23:51 - 2021-06-07 23:51 - 000002500 _____ C:\WINDOWS\system32\Tasks\HPEA3JOBS
2021-06-07 23:51 - 2021-06-07 23:51 - 000002440 _____ C:\WINDOWS\system32\Tasks\HPAudioSwitch
2021-06-07 23:51 - 2021-06-07 23:51 - 000002146 _____ C:\WINDOWS\system32\Tasks\StartCN
2021-06-07 23:51 - 2021-06-07 23:51 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2021-06-07 23:51 - 2021-06-07 23:51 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2021-06-07 23:51 - 2021-06-07 23:51 - 000000000 ____D C:\ProgramData\ssh
2021-06-07 23:49 - 2021-06-07 23:51 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2021-06-07 23:49 - 2021-06-07 23:51 - 000011433 _____ C:\WINDOWS\diagerr.xml
2021-06-07 23:37 - 2021-06-10 15:57 - 001924234 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-06-07 23:37 - 2021-06-07 23:37 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-06-07 23:37 - 2021-06-07 23:37 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-06-07 23:37 - 2021-06-07 23:37 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-06-07 23:37 - 2021-06-07 23:37 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2021-06-07 23:37 - 2021-06-07 23:37 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-06-07 23:37 - 2021-06-07 23:37 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-06-07 23:37 - 2021-06-07 23:37 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-06-07 23:36 - 2021-06-07 23:36 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-06-07 23:36 - 2021-06-07 23:36 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-06-07 23:36 - 2021-06-07 23:36 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-06-07 23:36 - 2021-06-07 23:36 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-06-07 23:36 - 2021-06-07 23:36 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2021-06-07 23:36 - 2021-06-07 23:36 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-06-07 23:36 - 2021-06-07 23:36 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-06-07 23:36 - 2021-06-07 23:36 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-06-07 23:36 - 2021-06-07 23:36 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-06-07 23:36 - 2021-06-07 23:36 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2021-06-07 23:35 - 2021-06-07 23:35 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2021-06-07 23:35 - 2021-06-07 23:35 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-06-07 23:35 - 2021-06-07 23:35 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-06-07 23:35 - 2021-06-07 23:35 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2021-06-07 23:35 - 2021-06-07 23:35 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2021-06-07 23:35 - 2021-06-07 23:35 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2021-06-07 23:35 - 2021-06-07 23:35 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-06-07 23:35 - 2021-06-07 23:35 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-06-07 23:35 - 2021-06-07 23:35 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-06-07 23:35 - 2021-06-07 23:35 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2021-06-07 23:35 - 2021-06-07 23:35 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-06-07 23:35 - 2021-06-07 23:35 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-06-07 23:35 - 2021-06-07 23:35 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2021-06-07 23:35 - 2021-06-07 23:35 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-06-07 23:34 - 2021-06-07 23:34 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-06-07 23:34 - 2021-06-07 23:34 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-06-07 23:34 - 2021-06-07 23:34 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-06-07 23:34 - 2021-06-07 23:34 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-06-07 23:34 - 2021-06-07 23:34 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-06-07 23:34 - 2021-06-07 23:34 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2021-06-07 23:34 - 2021-06-07 23:34 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb
2021-06-07 23:34 - 2021-06-07 23:34 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2021-06-07 23:34 - 2021-06-07 23:34 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2021-06-07 23:33 - 2021-06-07 23:33 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2021-06-07 23:33 - 2021-06-07 23:33 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2021-06-07 23:33 - 2021-06-07 23:33 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-06-07 23:33 - 2021-06-07 23:33 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2021-06-07 23:33 - 2021-06-07 23:33 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2021-06-07 23:33 - 2021-06-07 23:33 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-06-07 23:33 - 2021-06-07 23:33 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-06-07 23:33 - 2021-06-07 23:33 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-06-07 23:33 - 2021-06-07 23:33 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2021-06-07 23:33 - 2021-06-07 23:33 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-06-07 23:33 - 2021-06-07 23:33 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2021-06-07 23:33 - 2021-06-07 23:33 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv
2021-06-07 23:33 - 2021-06-07 23:33 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2021-06-07 23:32 - 2021-06-07 23:32 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-06-07 23:32 - 2021-06-07 23:32 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2021-06-07 23:31 - 2021-06-07 23:31 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-06-07 23:31 - 2021-06-07 23:31 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-06-07 23:31 - 2021-06-07 23:31 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-06-07 23:31 - 2021-06-07 23:31 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-06-07 23:31 - 2021-06-07 23:31 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2021-06-07 23:31 - 2021-06-07 23:31 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-06-07 23:31 - 2021-06-07 23:31 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-06-07 23:31 - 2021-06-07 23:31 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb
2021-06-07 23:31 - 2021-06-07 23:31 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-06-07 23:31 - 2021-06-07 23:31 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2021-06-07 23:31 - 2021-06-07 23:31 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2021-06-07 23:30 - 2021-06-07 23:30 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-06-07 23:30 - 2021-06-07 23:30 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-06-07 23:30 - 2021-06-07 23:30 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-06-07 23:30 - 2021-06-07 23:30 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-06-07 23:30 - 2021-06-07 23:30 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2021-06-07 23:30 - 2021-06-07 23:30 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2021-06-07 23:29 - 2021-06-07 23:29 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-06-07 23:29 - 2021-06-07 23:29 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-06-07 23:29 - 2021-06-07 23:29 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-06-07 23:29 - 2021-06-07 23:29 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-06-07 23:28 - 2021-06-07 23:28 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2021-06-07 23:28 - 2021-06-07 23:28 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-06-07 23:28 - 2021-06-07 23:28 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-06-07 23:28 - 2021-06-07 23:28 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-06-07 23:28 - 2021-06-07 23:28 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-06-07 23:28 - 2021-06-07 23:28 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2021-06-07 23:28 - 2021-06-07 23:28 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-06-07 23:28 - 2021-06-07 23:28 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2021-06-07 23:28 - 2021-06-07 23:28 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-06-07 23:28 - 2021-06-07 23:28 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2021-06-07 23:28 - 2021-06-07 23:28 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2021-06-07 23:28 - 2021-06-07 23:28 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv
2021-06-07 23:28 - 2021-06-07 23:28 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-06-07 23:21 - 2021-06-07 23:55 - 000000000 ____D C:\Users\Jaroslav Onderka
2021-06-07 23:21 - 2021-06-07 23:32 - 000000000 ____D C:\Users\sken
2021-06-07 23:21 - 2021-06-07 23:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2021-06-07 23:21 - 2021-06-07 23:21 - 000000000 ____D C:\Program Files (x86)\AMD
2021-06-07 23:21 - 2019-12-07 11:10 - 000001105 _____ C:\Users\sken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-06-07 23:21 - 2019-12-07 11:10 - 000001105 _____ C:\Users\Jaroslav Onderka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-06-07 23:18 - 2021-06-07 23:18 - 000002063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Control.lnk
2021-06-07 23:11 - 2021-06-10 15:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-06-07 23:11 - 2021-06-07 23:11 - 000527408 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-06-07 23:10 - 2021-06-08 01:04 - 000008192 ___SH C:\DumpStack.log.tmp
2021-06-07 23:07 - 2021-06-07 23:07 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2021-06-07 23:07 - 2021-06-07 23:07 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2021-06-07 22:59 - 2021-06-10 15:57 - 000719718 _____ C:\WINDOWS\system32\perfh005.dat
2021-06-07 22:59 - 2021-06-10 15:57 - 000145864 _____ C:\WINDOWS\system32\perfc005.dat
2021-06-07 22:59 - 2021-06-07 22:59 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2021-06-07 22:59 - 2021-06-07 22:59 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2021-06-07 22:59 - 2021-06-07 22:59 - 000000000 ____D C:\WINDOWS\system32\cs
2021-06-07 22:59 - 2021-06-07 22:58 - 000296964 _____ C:\WINDOWS\system32\perfi005.dat
2021-06-07 22:59 - 2021-06-07 22:58 - 000038778 _____ C:\WINDOWS\system32\perfd005.dat
2021-06-07 22:41 - 2021-06-07 22:41 - 000000000 ____D C:\Program Files\Reference Assemblies
2021-06-07 22:41 - 2021-06-07 22:41 - 000000000 ____D C:\Program Files\MSBuild
2021-06-07 22:41 - 2021-06-07 22:41 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2021-06-07 22:41 - 2021-06-07 22:41 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-06-07 22:41 - 2021-06-07 22:41 - 000000000 ____D C:\inetpub
2021-06-07 20:46 - 2021-06-10 17:25 - 000000000 ____D C:\Users\Jaroslav Onderka\AppData\Roaming\GHISLER
2021-06-07 20:46 - 2021-06-08 00:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Commander
2021-06-07 20:46 - 2021-06-07 20:46 - 000001081 _____ C:\Users\Public\Desktop\Total Commander 64 bit.lnk
2021-06-07 20:46 - 2021-06-07 20:46 - 000001081 _____ C:\ProgramData\Desktop\Total Commander 64 bit.lnk
2021-06-07 20:46 - 2021-06-07 20:46 - 000000000 ____D C:\Program Files\totalcmd
2021-06-06 11:10 - 2021-06-06 11:10 - 000479809 _____ C:\Users\Jaroslav Onderka\Downloads\210003976.pdf
2021-06-05 14:23 - 2021-06-05 14:23 - 000255780 _____ C:\Users\Jaroslav Onderka\Downloads\380_PFFV1542102407.PDF
2021-06-05 14:22 - 2021-06-05 14:22 - 000091716 _____ C:\Users\Jaroslav Onderka\Downloads\Faktura_2101056 Onderax.pdf
2021-06-05 14:21 - 2021-06-05 14:21 - 000228414 _____ C:\Users\Jaroslav Onderka\Downloads\380_PFFV1542102493.PDF
2021-06-05 14:20 - 2021-06-05 14:20 - 000095247 _____ C:\Users\Jaroslav Onderka\Downloads\faktura_4 (7).pdf
2021-06-05 14:19 - 2021-06-05 14:19 - 000851312 _____ C:\Users\Jaroslav Onderka\Downloads\epsonh20210531_151355.pdf
2021-06-05 14:19 - 2021-06-05 14:19 - 000376190 _____ C:\Users\Jaroslav Onderka\Downloads\epsonh20210531_150752.pdf
2021-06-05 14:18 - 2021-06-05 14:18 - 000239419 _____ C:\Users\Jaroslav Onderka\Downloads\FAV-11210350-20210531152536-bicanova.pdf
2021-06-05 14:18 - 2021-06-05 14:18 - 000226245 _____ C:\Users\Jaroslav Onderka\Downloads\380_PFFV1542102590.PDF
2021-06-05 14:17 - 2021-06-05 14:17 - 000229919 _____ C:\Users\Jaroslav Onderka\Downloads\380_PFFV1542102594.PDF
2021-06-05 14:08 - 2021-06-05 14:08 - 000079588 _____ C:\Users\Jaroslav Onderka\Downloads\2021-06-01-3622269425-5_95944_10_00_100000-fs.pdf
2021-06-05 14:07 - 2021-06-05 14:07 - 000481461 _____ C:\Users\Jaroslav Onderka\Downloads\faktura_id_621407109.pdf
2021-05-28 16:07 - 2021-05-28 16:10 - 000044544 _____ C:\Users\Jaroslav Onderka\Downloads\297 5 2021 Pro-doma Olomouc.xls
2021-05-26 05:00 - 2021-05-26 05:00 - 000002685 _____ C:\Users\Jaroslav Onderka\Downloads\DPHKH-05714303-2021-duben_radne_24.05.2021_Veta.xml
2021-05-26 05:00 - 2021-05-26 05:00 - 000001008 _____ C:\Users\Jaroslav Onderka\Downloads\DPHDP-05714303-2021-duben_radne_24.05.2021_Veta.xml
2021-05-23 21:33 - 2021-05-23 21:34 - 000147968 _____ C:\Users\Jaroslav Onderka\Downloads\RD Přáslavice P9 - krytina.xls
2021-05-23 20:46 - 2021-06-08 00:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2021-05-20 16:46 - 2021-05-20 16:46 - 000506268 _____ C:\Users\Jaroslav Onderka\Downloads\Potvrzení přijetí platby 04-2021.pdf
2021-05-20 16:45 - 2021-05-20 16:45 - 000506284 _____ C:\Users\Jaroslav Onderka\Downloads\Potvrzení přijetí platby 05-2021.pdf
2021-05-20 16:44 - 2021-05-20 16:44 - 000508584 _____ C:\Users\Jaroslav Onderka\Downloads\Potvrzení přijetí platby - stočné.pdf
2021-05-18 17:23 - 2021-05-18 17:23 - 000271541 _____ C:\Users\Jaroslav Onderka\Downloads\Prodeje Nabídka P215422029858.pdf
2021-05-18 17:22 - 2021-05-18 17:22 - 000496051 _____ C:\Users\Jaroslav Onderka\Downloads\210003935.pdf
2021-05-16 16:53 - 2021-05-16 16:53 - 000231048 _____ C:\Users\Jaroslav Onderka\Downloads\380_PFFV1542101946.PDF
2021-05-16 16:52 - 2021-05-16 16:52 - 000228376 _____ C:\Users\Jaroslav Onderka\Downloads\380_PFFV1592103262.PDF
2021-05-16 16:51 - 2021-05-16 16:51 - 000256012 _____ C:\Users\Jaroslav Onderka\Downloads\380_PFFV1542102055.PDF
2021-05-16 16:51 - 2021-05-16 16:51 - 000252284 _____ C:\Users\Jaroslav Onderka\Downloads\380_PFFV1542102056.PDF
2021-05-16 16:43 - 2021-05-16 16:43 - 000558224 _____ C:\Users\Jaroslav Onderka\Downloads\210003897.pdf
2021-05-16 16:28 - 2021-05-16 16:28 - 000066763 _____ C:\Users\Jaroslav Onderka\Downloads\210003897_Kollarova_302_14_Sternberk_PSC_78501.pdf
2021-05-16 16:25 - 2021-05-16 16:25 - 000271484 _____ C:\Users\Jaroslav Onderka\Downloads\Prodeje Nabídka P215422029555.pdf
2021-05-16 16:14 - 2021-05-16 16:14 - 000227482 _____ C:\Users\Jaroslav Onderka\Downloads\380_PFFV1542102094.PDF
2021-05-16 16:13 - 2021-05-16 16:13 - 000287989 _____ C:\Users\Jaroslav Onderka\Downloads\Nabídka N327759056.pdf
2021-05-16 16:08 - 2021-05-16 16:08 - 000032467 _____ C:\Users\Jaroslav Onderka\Downloads\282086577_20210430_4_MCZB.pdf
2021-05-11 04:46 - 2021-05-11 04:46 - 000001867 _____ C:\Users\Jaroslav Onderka\Downloads\DPZVD6-0005714303-20210509-212513-pracovni.xml

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-06-10 17:34 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-06-10 17:27 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-06-10 16:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-06-10 16:35 - 2018-11-23 13:39 - 000000000 ____D C:\Users\Jaroslav Onderka\Desktop\JAROUŠEK
2021-06-10 16:35 - 2018-11-13 10:15 - 000000000 ____D C:\Users\Jaroslav Onderka\Desktop\JAROUŠEK S.R.O
2021-06-10 15:57 - 2020-03-22 22:28 - 000114514 _____ C:\WINDOWS\system32\perfh01B.dat
2021-06-10 15:57 - 2020-03-22 22:28 - 000028874 _____ C:\WINDOWS\system32\perfc01B.dat
2021-06-09 19:48 - 2018-08-27 13:09 - 000000000 ____D C:\Users\sken\Desktop\skenkyocera
2021-06-09 18:44 - 2018-12-07 09:40 - 000000000 ____D C:\Users\Jaroslav Onderka\AppData\Roaming\Seznam.cz
2021-06-09 18:37 - 2018-07-06 15:49 - 000000000 __SHD C:\Users\Jaroslav Onderka\IntelGraphicsProfiles
2021-06-09 04:59 - 2018-11-23 14:07 - 000000000 ____D C:\Users\Jaroslav Onderka\Desktop\ZALOHA-MRP
2021-06-09 04:59 - 2018-11-23 13:57 - 000000000 ____D C:\ProgramData\firebird
2021-06-09 04:42 - 2018-08-27 15:50 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-06-08 01:10 - 2018-08-27 15:19 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-06-08 01:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-06-08 01:03 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-06-08 01:02 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-06-08 00:42 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-06-08 00:19 - 2018-07-06 15:49 - 000000000 ____D C:\Users\Jaroslav Onderka\AppData\Local\Packages
2021-06-08 00:18 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-06-08 00:15 - 2019-05-09 19:34 - 000000000 ____D C:\Users\Jaroslav Onderka\AppData\Local\PackageStaging
2021-06-08 00:10 - 2020-03-27 10:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.CA SecureStore
2021-06-08 00:10 - 2019-12-07 11:18 - 000000000 ____D C:\WINDOWS\Setup
2021-06-08 00:10 - 2019-12-07 11:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-06-08 00:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-06-08 00:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\spool
2021-06-08 00:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-06-08 00:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Registration
2021-06-08 00:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-06-08 00:10 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-06-08 00:10 - 2019-06-19 11:48 - 000000000 ____D C:\Program Files\UNP
2021-06-08 00:10 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2021-06-08 00:10 - 2018-11-23 13:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firebird 2.5 (Win32)
2021-06-08 00:10 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2021-06-08 00:10 - 2018-08-27 14:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kyocera
2021-06-08 00:10 - 2018-05-29 20:08 - 000000000 ____D C:\Program Files\Intel
2021-06-08 00:10 - 2017-11-16 06:53 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2021-06-08 00:09 - 2019-12-07 11:14 - 000000000 __RHD C:\Users\Public\Libraries
2021-06-08 00:06 - 2018-05-29 20:10 - 000000000 ____D C:\WINDOWS\system32\SRSLabs
2021-06-08 00:06 - 2018-05-29 20:09 - 000000000 ____D C:\WINDOWS\system32\Intel
2021-06-08 00:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Resources
2021-06-08 00:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Help
2021-06-08 00:04 - 2018-05-29 20:14 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2021-06-08 00:04 - 2018-05-29 20:10 - 000000000 ____D C:\Program Files\Realtek
2021-06-08 00:01 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-06-08 00:01 - 2018-08-27 14:56 - 000000000 ____D C:\ProgramData\Packages
2021-06-07 23:58 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-06-07 23:58 - 2018-11-24 00:34 - 000002339 _____ C:\Users\Jaroslav Onderka\Desktop\Google Chrome.lnk
2021-06-07 23:58 - 2018-07-06 15:49 - 000000000 ___RD C:\Users\Jaroslav Onderka\3D Objects
2021-06-07 23:58 - 2017-10-06 01:38 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-06-07 23:56 - 2021-04-18 16:02 - 000000000 ___DC C:\WINDOWS\Panther
2021-06-07 23:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-06-07 23:53 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\USOPrivate
2021-06-07 23:52 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-06-07 23:51 - 2019-12-07 16:39 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-06-07 23:51 - 2019-12-07 16:39 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-06-07 23:51 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-06-07 23:51 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-06-07 23:51 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-06-07 23:51 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-06-07 23:51 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-06-07 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-06-07 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-06-07 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-06-07 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-06-07 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2021-06-07 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-06-07 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2021-06-07 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-06-07 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-06-07 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-06-07 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-06-07 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-06-07 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-06-07 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-06-07 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-06-07 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-06-07 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-06-07 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-06-07 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-06-07 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-06-07 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-06-07 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-06-07 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2021-06-07 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-06-07 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-06-07 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-06-07 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-06-07 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-06-07 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-06-07 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-06-07 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-06-07 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-06-07 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-06-07 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\IME
2021-06-07 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-06-07 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-06-07 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-06-07 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-06-07 23:51 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-06-07 23:51 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-06-07 23:47 - 2019-12-07 16:39 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-06-07 23:47 - 2019-12-07 16:39 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-06-07 23:33 - 2018-08-27 14:19 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-06-07 23:27 - 2018-11-23 13:55 - 000000000 ____D C:\Users\Jaroslav Onderka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MRP
2021-06-07 23:23 - 2018-08-27 13:07 - 000000000 ____D C:\Users\sken\AppData\Local\Packages
2021-06-07 23:20 - 2018-05-29 20:12 - 000000000 ____D C:\Program Files\AMD
2021-06-07 23:19 - 2018-11-13 12:23 - 000000000 ____D C:\AMD
2021-06-07 23:19 - 2018-05-29 20:16 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2021-06-07 23:18 - 2018-05-29 20:10 - 003849681 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2021-06-07 23:18 - 2018-05-29 20:10 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2021-06-07 23:17 - 2020-06-10 21:42 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-06-07 23:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2021-06-07 23:17 - 2018-05-29 20:09 - 000000000 ____D C:\Intel
2021-06-07 23:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-06-07 23:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-06-07 23:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-06-07 23:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2021-06-07 23:05 - 2019-12-07 16:38 - 000000000 ____D C:\WINDOWS\OCR
2021-06-07 23:03 - 2019-12-07 16:36 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2021-06-07 23:03 - 2019-12-07 16:36 - 000000000 ____D C:\WINDOWS\system32\WCN
2021-06-07 22:59 - 2019-12-07 16:36 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2021-06-07 22:59 - 2019-12-07 16:36 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2021-06-07 22:59 - 2019-12-07 16:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2021-06-07 22:59 - 2019-12-07 16:36 - 000000000 ____D C:\WINDOWS\system32\winrm
2021-06-07 22:59 - 2019-12-07 16:36 - 000000000 ____D C:\WINDOWS\system32\slmgr
2021-06-07 22:59 - 2019-12-07 16:36 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2021-06-07 22:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2021-06-07 22:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\MUI
2021-06-07 19:58 - 2018-10-04 19:36 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-06-05 12:50 - 2019-03-25 17:36 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-05-27 15:52 - 2018-08-04 17:23 - 000000000 ____D C:\Users\Jaroslav Onderka\AppData\Local\PlaceholderTileLogoFolder
2021-05-23 20:46 - 2019-03-25 18:40 - 000002566 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2021-05-23 20:46 - 2019-03-25 18:40 - 000002560 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-05-23 20:46 - 2019-03-25 18:40 - 000002537 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-05-23 20:46 - 2019-03-25 18:40 - 000002532 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-05-23 10:52 - 2018-09-01 14:20 - 000091648 _____ C:\Users\Jaroslav Onderka\Desktop\Seznam zakázek 2021.xls
2021-05-17 18:50 - 2018-11-23 13:55 - 000001133 _____ C:\Users\Jaroslav Onderka\Desktop\MRP-KS, účetní systém.lnk
2021-05-14 16:15 - 2018-07-07 21:32 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-05-14 16:15 - 2018-07-07 21:32 - 000000000 ____D C:\WINDOWS\system32\MRT

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Addition.zip
(12.12 KiB) Staženo 49 x
Děkuji.

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Preventivka pomalého notebooku

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Odporucam odinstalovat Seznam Software (= Seznam Listicka)

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Spustit skenovani a pockaj na dokoncenie
  • V pripade nalezov nechaj vsetky nalezy oznacene a klikni na Karantena (ak nie su ziadne nalezy, tak na Spustit zakladni opravu)
  • V pripade, ze sa detekuje aj "predinstalovany software", tieto programy mozes, ale nemusis zmazat (toto nie su skodlive programy, ale iba zbytocnosti)
  • Potvrd vyzvu, pockaj na dokoncenie a potvrd restartovanie PC
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah skopiruj a vloz do dalsej odpovede
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

gully
Návštěvník
Návštěvník
Příspěvky: 85
Registrován: 21 pro 2014 07:39

Re: Preventivka pomalého notebooku

#3 Příspěvek od gully »

# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build: 03-22-2021
# Database: 2021-05-17.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-11-2021
# Duration: 00:00:22
# OS: Windows 10 Home
# Cleaned: 10
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\Users\Jaroslav Onderka\AppData\Roaming\Seznam.cz

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
Deleted HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|seznam-listicka-distribuce

***** [ Chromium (and derivatives) ] *****

Deleted Seznam doplněk - Email - bgjpfhpjcgdppjbgnpnjllokbmcdllig
Deleted Seznam doplněk - Esko - olfeabkoenfaoljndfecamgilllcpiak

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [5478 octets] - [11/06/2021 08:05:55]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Preventivka pomalého notebooku

#4 Příspěvek od Conder »

Poprosim o obidva nove logy z FRST.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Odpovědět