Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Problém s USB flashdisky

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
northendcz
Návštěvník
Návštěvník
Příspěvky: 79
Registrován: 03 úno 2009 15:25

Problém s USB flashdisky

#1 Příspěvek od northendcz »

Ahoj, kamarádův počítač při vložení flashdisků po otevření "smaže/skyje" obsah - flashdisk vypadá že na něm data jsou ale místo 4GB mají třeba 12kb, dále již nelze disk číst

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15.04.2019 01
Ran by karel (administrator) on DESKTOP-SBNC4S4 (17-04-2019 19:44:04)
Running from C:\Users\karel\Desktop
Loaded Profiles: karel (Available Profiles: karel)
Platform: Windows 10 Pro Version 1803 17134.706 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Panda Security S.L -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security S.L -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Panda Security S.L -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Samsung Electronics CO., LTD. -> ) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(The-Sims-3-CZ-PLNÁ-VERZE!!-+-VIDEONÁVOD) [File not signed] C:\Users\karel\AppData\Roaming\system83.exe
() [File not signed] C:\Users\karel\AppData\Roaming\system42.exe
(Dell Inc -> Dell) C:\Users\karel\AppData\Local\Apps\2.0\ODO5MOVB.8CT\7H5TP88N.W33\dell..tion_831211ca63b981c5_0008.0003_e23fe183534fdbc1\DellSystemDetect.exe
(Seznam.cz, a.s. -> ) C:\Users\karel\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Seznam.cz, a.s. -> ) C:\Users\karel\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
() [File not signed] C:\Users\karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ACEJNPTTTW.exe
(Panda Security S.L -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19021.18010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.27.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\karel\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [745288 2015-06-25] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] (Samsung Electronics CO., LTD. -> )
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [54520 2015-10-22] (Panda Security S.L -> Panda Security, S.L.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] (Seznam.cz, a.s. -> )
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1178912 2016-05-09] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3146016 2019-03-06] (Valve -> Valve Corporation)
HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\karel\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\karel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\Run: [microsystem40] => C:\Users\karel\AppData\Roaming\system83.exe [1333760 2017-06-29] (The-Sims-3-CZ-PLNÁ-VERZE!!-+-VIDEONÁVOD) [File not signed]
HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\Run: [microsystem58] => C:\Users\karel\AppData\Roaming\system42.exe [259938 2017-11-07] () [File not signed]
HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\Run: [DellSystemDetect] => C:\Users\karel\AppData\Local\Apps\2.0\ODO5MOVB.8CT\7H5TP88N.W33\dell..tion_831211ca63b981c5_0008.0003_e23fe183534fdbc1\DellSystemDetect.exe [311216 2017-02-21] (Dell Inc -> Dell)
HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\karel\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\karel\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\RunOnce: [Uninstall 19.033.0218.0011\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\karel\AppData\Local\Microsoft\OneDrive\19.033.0218.0011\amd64"
HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\RunOnce: [Uninstall 19.033.0218.0011] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\karel\AppData\Local\Microsoft\OneDrive\19.033.0218.0011"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-11] (Google LLC -> Google Inc.)
Startup: C:\Users\karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ACEJNPTTTW.exe [2018-11-30] () [File not signed]
Startup: C:\Users\karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\system61.lnk [2019-04-11]
ShortcutTarget: system61.lnk -> C:\Users\karel\AppData\Roaming\system83.exe (The-Sims-3-CZ-PLNÁ-VERZE!!-+-VIDEONÁVOD) [File not signed]
Startup: C:\Users\karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\system72.lnk [2019-04-11]
ShortcutTarget: system72.lnk -> C:\Users\karel\AppData\Roaming\system42.exe () [File not signed]

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.31.1
Tcpip\..\Interfaces\{dc906c29-c555-47b8-8697-f6d42de0c85a}: [DhcpNameServer] 192.168.31.1

Internet Explorer:
==================
HKU\S-1-5-21-1188319757-1600937067-96752618-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=12454
SearchScopes: HKU\S-1-5-21-1188319757-1600937067-96752618-1001 -> {438ABC7D-C9B2-4C72-A111-426A229E211B} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1188319757-1600937067-96752618-1001 -> {536F6941-4CA9-4951-B497-A6B22C3A6D98} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-1188319757-1600937067-96752618-1001 -> {6171CF28-964C-4D58-9E0D-CEE67614012C} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1188319757-1600937067-96752618-1001 -> {714F0E2A-EC4F-4574-BE62-396490C3DE02} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-1188319757-1600937067-96752618-1001 -> {755C765F-B1ED-4808-8F5F-AD2AC99605DD} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-1188319757-1600937067-96752618-1001 -> {76425BB0-FF4D-45D9-B3CA-59A1E70ED24B} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1188319757-1600937067-96752618-1001 -> {85304AF4-44D0-4D8C-BC83-25CBAAE457E2} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1188319757-1600937067-96752618-1001 -> {893E0474-5B22-4331-87C3-2A8998B5DC5B} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1188319757-1600937067-96752618-1001 -> {FD22EB30-FB78-4A35-AA62-90D225DF5C94} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: yzzgcn04.default
FF ProfilePath: C:\Users\karel\AppData\Roaming\Mozilla\Firefox\Profiles\yzzgcn04.default [2019-04-15]
FF Homepage: Mozilla\Firefox\Profiles\yzzgcn04.default -> www.seznam.cz
FF Extension: (Seznam pro Firefox - Esko) - C:\Users\karel\AppData\Roaming\Mozilla\Firefox\Profiles\yzzgcn04.default\Extensions\sko-extension@firma.seznam.cz.xpi [2017-11-29]
FF Extension: (Seznam pro Firefox - Email) - C:\Users\karel\AppData\Roaming\Mozilla\Firefox\Profiles\yzzgcn04.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-11-06]
FF Extension: (Seznam pro Firefox - Email) - C:\Users\karel\AppData\Roaming\Mozilla\Firefox\Profiles\yzzgcn04.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2017-11-03]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-03-25] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR Profile: C:\Users\karel\AppData\Local\Google\Chrome\User Data\Default [2019-04-17]
CHR Extension: (Prezentace) - C:\Users\karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-17]
CHR Extension: (YouTube) - C:\Users\karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-17]
CHR Extension: (Vyhledávání Google) - C:\Users\karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-17]
CHR Extension: (Tabulky) - C:\Users\karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2019-02-13]
CHR Extension: (Gmail) - C:\Users\karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-17]
CHR Extension: (Chrome Media Router) - C:\Users\karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-24]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [96120 2015-06-25] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [319096 2016-06-15] (Intel Corporation - pGFX -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335360 2016-03-18] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-18] (Intel Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-05-10] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142072 2015-10-18] (Panda Security S.L -> Panda Security, S.L.)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [73464 2015-10-28] (Panda Security S.L -> Panda Security, S.L.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-10-22] (Panda Security S.L -> Panda Security, S.L.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5074120 2019-03-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [208184 2015-10-29] (Broadcom Corporation -> Broadcom Corporation.)
R3 BCMWL63A; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [11794352 2017-06-21] (Broadcom Corporation -> Broadcom Corp)
S3 btwampfl; C:\WINDOWS\system32\DRIVERS\btwampfl.sys [223040 2015-10-29] (Broadcom Corporation -> Broadcom Corporation.)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [19440 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> OSR Open Systems Resources, Inc.)
R1 NNSALPC; C:\WINDOWS\system32\DRIVERS\NNSALPC.sys [103824 2015-07-17] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTP; C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys [211352 2015-07-17] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTPS; C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys [120216 2015-07-17] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSIDS; C:\WINDOWS\system32\DRIVERS\NNSIDS.sys [120208 2015-07-17] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSNAHSL; C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys [58616 2015-06-19] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPICC; C:\WINDOWS\system32\DRIVERS\NNSPICC.sys [112536 2015-07-17] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPIHSW; C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys [89472 2015-09-01] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPOP3; C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys [133528 2015-07-17] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPROT; C:\WINDOWS\system32\DRIVERS\NNSPROT.sys [309648 2015-07-17] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPRV; C:\WINDOWS\system32\DRIVERS\NNSPRV.sys [179608 2015-07-17] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSSMTP; C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys [122776 2015-07-17] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSSTRM; C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys [267160 2015-07-17] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSTLSC; C:\WINDOWS\system32\DRIVERS\NNSTLSC.sys [115600 2015-07-17] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINAflt; C:\WINDOWS\system32\DRIVERS\PSINAflt.sys [173464 2015-07-22] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [130968 2015-07-22] (Panda Security S.L. -> Panda Security, S.L.)
R1 PSINKNC; C:\WINDOWS\system32\DRIVERS\PSINKNC.sys [207256 2015-07-22] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [133528 2015-07-22] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINProt; C:\WINDOWS\system32\DRIVERS\PSINProt.sys [143768 2015-07-22] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINReg; C:\WINDOWS\system32\DRIVERS\PSINReg.sys [117144 2015-07-22] (Panda Security S.L. -> Panda Security, S.L.)
R3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [62080 2015-06-16] (Microsoft Windows Hardware Compatibility Publisher -> Panda Security, S.L.)
R0 stdcfltn; C:\WINDOWS\System32\DRIVERS\stdcfltn.sys [30352 2016-10-07] (STMICROELECTRONICS S.R.L. -> ST Microelectronics)
R3 ST_Accel; C:\WINDOWS\system32\DRIVERS\ST_Accel.sys [154280 2016-10-12] (STMICROELECTRONICS S.R.L. -> STMicroelectronics)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-17 19:44 - 2019-04-17 19:46 - 000024027 _____ C:\Users\karel\Desktop\FRST.txt
2019-04-17 19:43 - 2019-04-17 19:44 - 000000000 ____D C:\FRST
2019-04-17 19:42 - 2019-04-17 19:42 - 002434048 _____ (Farbar) C:\Users\karel\Desktop\FRST64.exe
2019-04-17 19:35 - 2019-04-17 19:35 - 000000000 ____D C:\Users\karel\AppData\Local\D3DSCache
2019-04-15 13:11 - 2019-04-15 13:11 - 000027307 _____ C:\Users\karel\Downloads\Avizo o neprovedene platbe (1).pdf
2019-04-13 13:09 - 2019-04-13 13:09 - 000000000 ___HD C:\OneDriveTemp
2019-04-11 16:30 - 2019-04-11 16:30 - 000000000 ____D C:\Users\karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TouchPad
2019-04-10 22:11 - 2019-04-02 14:19 - 012730880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-04-10 22:11 - 2019-04-02 14:12 - 003643904 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-04-10 22:11 - 2019-04-02 11:11 - 011919360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-04-10 22:11 - 2019-04-02 11:08 - 002889216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-04-10 22:11 - 2019-04-02 10:36 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-04-10 22:11 - 2019-04-02 10:22 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-04-10 22:11 - 2019-04-02 10:21 - 007520136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-04-10 22:11 - 2019-04-02 10:21 - 002822160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-04-10 22:11 - 2019-04-02 10:21 - 002467536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-04-10 22:11 - 2019-04-02 10:19 - 009083704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-04-10 22:11 - 2019-04-02 10:01 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-04-10 22:11 - 2019-04-02 09:53 - 022717440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-04-10 22:11 - 2019-04-02 09:53 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-04-10 22:11 - 2019-04-02 09:51 - 003399680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-04-10 22:11 - 2019-04-02 09:50 - 007591936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-04-10 22:11 - 2019-04-02 07:04 - 006572120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-04-10 22:11 - 2019-04-02 06:56 - 022018048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-04-10 22:11 - 2019-04-02 06:50 - 019404800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-04-10 22:11 - 2019-04-02 06:43 - 005788160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-04-10 22:11 - 2019-03-14 10:37 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-04-10 22:11 - 2019-03-14 10:37 - 002256248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-04-10 22:11 - 2019-03-14 10:26 - 007436016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-04-10 22:11 - 2019-03-14 10:26 - 002768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-04-10 22:11 - 2019-03-14 10:01 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-04-10 22:11 - 2019-03-14 09:58 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-04-10 22:11 - 2019-03-14 09:58 - 002509824 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-04-10 22:11 - 2019-03-14 09:57 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-04-10 22:11 - 2019-03-14 09:56 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-04-10 22:11 - 2019-03-14 09:55 - 003601920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2019-04-10 22:11 - 2019-03-14 09:55 - 002739200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-04-10 22:10 - 2019-04-02 14:38 - 000094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-04-10 22:10 - 2019-04-02 14:33 - 001634912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-04-10 22:10 - 2019-04-02 14:33 - 000719984 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-04-10 22:10 - 2019-04-02 14:19 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-04-10 22:10 - 2019-04-02 14:18 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-04-10 22:10 - 2019-04-02 14:16 - 001030144 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-04-10 22:10 - 2019-04-02 14:15 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2019-04-10 22:10 - 2019-04-02 14:13 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-04-10 22:10 - 2019-04-02 14:12 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-04-10 22:10 - 2019-04-02 14:11 - 004053504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-04-10 22:10 - 2019-04-02 14:11 - 001857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-04-10 22:10 - 2019-04-02 14:11 - 001662976 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-04-10 22:10 - 2019-04-02 14:10 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2019-04-10 22:10 - 2019-04-02 14:10 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2019-04-10 22:10 - 2019-04-02 11:25 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-04-10 22:10 - 2019-04-02 11:25 - 000607960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-04-10 22:10 - 2019-04-02 11:11 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-04-10 22:10 - 2019-04-02 11:10 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2019-04-10 22:10 - 2019-04-02 11:07 - 004054528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-04-10 22:10 - 2019-04-02 11:07 - 001586688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-04-10 22:10 - 2019-04-02 11:06 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-04-10 22:10 - 2019-04-02 10:24 - 000135184 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-04-10 22:10 - 2019-04-02 10:23 - 001023800 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-04-10 22:10 - 2019-04-02 10:22 - 000567592 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-04-10 22:10 - 2019-04-02 10:22 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-04-10 22:10 - 2019-04-02 10:21 - 000735680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-04-10 22:10 - 2019-04-02 10:20 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-04-10 22:10 - 2019-04-02 10:20 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-04-10 22:10 - 2019-04-02 10:19 - 000793400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-04-10 22:10 - 2019-04-02 10:19 - 000786080 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-04-10 22:10 - 2019-04-02 10:19 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-04-10 22:10 - 2019-04-02 09:50 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-04-10 22:10 - 2019-04-02 09:49 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-04-10 22:10 - 2019-04-02 09:49 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-04-10 22:10 - 2019-04-02 09:48 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-04-10 22:10 - 2019-04-02 09:48 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2019-04-10 22:10 - 2019-04-02 09:48 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-04-10 22:10 - 2019-04-02 09:47 - 001214464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-04-10 22:10 - 2019-04-02 09:47 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-04-10 22:10 - 2019-04-02 09:46 - 002174976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-04-10 22:10 - 2019-04-02 09:45 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-04-10 22:10 - 2019-04-02 09:44 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-04-10 22:10 - 2019-04-02 09:44 - 001724416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-04-10 22:10 - 2019-04-02 09:44 - 001421312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-04-10 22:10 - 2019-04-02 09:43 - 000542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-04-10 22:10 - 2019-04-02 08:22 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2019-04-10 22:10 - 2019-04-02 07:05 - 001989544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-04-10 22:10 - 2019-04-02 07:04 - 000604008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-04-10 22:10 - 2019-04-02 07:04 - 000581832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-04-10 22:10 - 2019-04-02 07:04 - 000560600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-04-10 22:10 - 2019-04-02 06:43 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-04-10 22:10 - 2019-04-02 06:43 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-04-10 22:10 - 2019-04-02 06:42 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-04-10 22:10 - 2019-04-02 06:41 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-04-10 22:10 - 2019-04-02 06:41 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2019-04-10 22:10 - 2019-04-02 06:41 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-04-10 22:10 - 2019-04-02 06:40 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-04-10 22:10 - 2019-04-02 06:40 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-04-10 22:10 - 2019-03-16 14:54 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-04-10 22:10 - 2019-03-16 11:03 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-04-10 22:10 - 2019-03-14 16:55 - 001786680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2019-04-10 22:10 - 2019-03-14 16:53 - 001626928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2019-04-10 22:10 - 2019-03-14 16:53 - 001038136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2019-04-10 22:10 - 2019-03-14 16:53 - 000652088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2019-04-10 22:10 - 2019-03-14 16:53 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2019-04-10 22:10 - 2019-03-14 16:52 - 003933296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-04-10 22:10 - 2019-03-14 16:52 - 001424696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2019-04-10 22:10 - 2019-03-14 16:52 - 000954160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2019-04-10 22:10 - 2019-03-14 16:52 - 000830264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2019-04-10 22:10 - 2019-03-14 16:52 - 000827704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2019-04-10 22:10 - 2019-03-14 16:52 - 000825144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2019-04-10 22:10 - 2019-03-14 16:52 - 000749880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2019-04-10 22:10 - 2019-03-14 16:52 - 000670008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2019-04-10 22:10 - 2019-03-14 16:52 - 000495416 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2019-04-10 22:10 - 2019-03-14 16:52 - 000164664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppvVemgr.sys
2019-04-10 22:10 - 2019-03-14 16:51 - 000157192 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2019-04-10 22:10 - 2019-03-14 16:35 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfoext.dll
2019-04-10 22:10 - 2019-03-14 16:34 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-04-10 22:10 - 2019-03-14 16:33 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2019-04-10 22:10 - 2019-03-14 16:33 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2019-04-10 22:10 - 2019-03-14 16:33 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcPing.exe
2019-04-10 22:10 - 2019-03-14 16:31 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2019-04-10 22:10 - 2019-03-14 16:30 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll
2019-04-10 22:10 - 2019-03-14 16:30 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2019-04-10 22:10 - 2019-03-14 16:29 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2019-04-10 22:10 - 2019-03-14 16:29 - 000727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscsvc.dll
2019-04-10 22:10 - 2019-03-14 16:28 - 000560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsound.dll
2019-04-10 22:10 - 2019-03-14 16:08 - 003611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-04-10 22:10 - 2019-03-14 15:56 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2019-04-10 22:10 - 2019-03-14 15:55 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RpcPing.exe
2019-04-10 22:10 - 2019-03-14 15:53 - 000625664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2019-04-10 22:10 - 2019-03-14 15:53 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll
2019-04-10 22:10 - 2019-03-14 15:53 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2019-04-10 22:10 - 2019-03-14 15:52 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsound.dll
2019-04-10 22:10 - 2019-03-14 10:57 - 000611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-04-10 22:10 - 2019-03-14 10:56 - 000375096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-04-10 22:10 - 2019-03-14 10:38 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-04-10 22:10 - 2019-03-14 10:38 - 000090360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpr.dll
2019-04-10 22:10 - 2019-03-14 10:37 - 001171568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-04-10 22:10 - 2019-03-14 10:28 - 000152072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2019-04-10 22:10 - 2019-03-14 10:27 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-04-10 22:10 - 2019-03-14 10:27 - 000097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpr.dll
2019-04-10 22:10 - 2019-03-14 10:26 - 002421048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-04-10 22:10 - 2019-03-14 10:26 - 001457576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-04-10 22:10 - 2019-03-14 10:26 - 001258688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-04-10 22:10 - 2019-03-14 10:26 - 001140984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-04-10 22:10 - 2019-03-14 10:26 - 001014344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-04-10 22:10 - 2019-03-14 10:26 - 000983424 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-04-10 22:10 - 2019-03-14 10:26 - 000481048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-04-10 22:10 - 2019-03-14 10:26 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-04-10 22:10 - 2019-03-14 10:22 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-04-10 22:10 - 2019-03-14 10:20 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-04-10 22:10 - 2019-03-14 10:19 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-04-10 22:10 - 2019-03-14 10:19 - 002969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-04-10 22:10 - 2019-03-14 10:18 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-04-10 22:10 - 2019-03-14 10:18 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2019-04-10 22:10 - 2019-03-14 10:18 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credui.dll
2019-04-10 22:10 - 2019-03-14 10:18 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-04-10 22:10 - 2019-03-14 10:17 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-04-10 22:10 - 2019-03-14 10:17 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-04-10 22:10 - 2019-03-14 10:17 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-04-10 22:10 - 2019-03-14 10:17 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2019-04-10 22:10 - 2019-03-14 10:17 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcmapi.dll
2019-04-10 22:10 - 2019-03-14 10:17 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntlanman.dll
2019-04-10 22:10 - 2019-03-14 10:16 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-04-10 22:10 - 2019-03-14 10:16 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-04-10 22:10 - 2019-03-14 10:15 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-04-10 22:10 - 2019-03-14 10:15 - 000318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-04-10 22:10 - 2019-03-14 10:15 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShellCommonCommonProxyStub.dll
2019-04-10 22:10 - 2019-03-14 10:15 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\negoexts.dll
2019-04-10 22:10 - 2019-03-14 10:14 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-04-10 22:10 - 2019-03-14 10:14 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-04-10 22:10 - 2019-03-14 10:14 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-04-10 22:10 - 2019-03-14 10:14 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-04-10 22:10 - 2019-03-14 10:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-04-10 22:10 - 2019-03-14 10:14 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-04-10 22:10 - 2019-03-14 10:14 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2019-04-10 22:10 - 2019-03-14 10:13 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2019-04-10 22:10 - 2019-03-14 10:13 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-04-10 22:10 - 2019-03-14 10:13 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-04-10 22:10 - 2019-03-14 09:58 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-04-10 22:10 - 2019-03-14 09:57 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-04-10 22:10 - 2019-03-14 09:56 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-04-10 22:10 - 2019-03-14 09:56 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-04-10 22:10 - 2019-03-14 09:56 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-04-10 22:10 - 2019-03-14 09:56 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-04-10 22:10 - 2019-03-14 09:55 - 000528896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-04-10 22:10 - 2019-03-14 09:55 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2019-04-10 22:10 - 2019-03-14 09:55 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-04-10 22:10 - 2019-03-14 09:55 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2019-04-10 22:10 - 2019-03-14 09:55 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmapi.dll
2019-04-10 22:10 - 2019-03-14 09:55 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
2019-04-10 22:10 - 2019-03-14 09:55 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntlanman.dll
2019-04-10 22:10 - 2019-03-14 09:55 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2019-04-10 22:10 - 2019-03-14 09:55 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\credui.dll
2019-04-10 22:10 - 2019-03-14 09:54 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-04-10 22:10 - 2019-03-14 09:54 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-04-10 22:10 - 2019-03-14 09:54 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-04-10 22:10 - 2019-03-14 09:54 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-04-10 22:10 - 2019-03-14 09:54 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2019-04-10 22:10 - 2019-03-14 09:54 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-04-10 22:10 - 2019-03-14 09:54 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2019-04-10 22:10 - 2019-03-14 09:54 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-04-10 22:10 - 2019-03-14 09:54 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\negoexts.dll
2019-04-10 22:10 - 2019-03-14 09:54 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-04-10 22:10 - 2019-03-14 09:53 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-04-10 22:10 - 2019-03-14 09:53 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-04-10 22:10 - 2019-03-14 09:53 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-04-10 22:10 - 2019-03-14 09:53 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-04-10 22:10 - 2019-03-14 09:52 - 002909696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-04-10 22:10 - 2019-03-14 09:52 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-04-10 22:10 - 2019-03-14 09:52 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShellCommonCommonProxyStub.dll
2019-04-10 22:10 - 2019-03-14 09:52 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-04-10 22:10 - 2019-03-14 09:51 - 001216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-04-10 22:10 - 2019-03-14 09:51 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-04-10 22:10 - 2019-03-14 09:51 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2019-04-10 22:10 - 2019-03-14 09:50 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2019-04-10 22:10 - 2019-03-14 09:50 - 001410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-04-10 22:10 - 2019-03-14 09:50 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-04-10 22:10 - 2019-03-14 09:50 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2019-04-10 22:10 - 2019-03-14 09:50 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-04-10 22:10 - 2019-03-14 09:50 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-04-10 22:10 - 2019-03-14 09:50 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-04-10 22:10 - 2019-03-14 09:50 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-04-10 22:10 - 2019-03-14 09:50 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-04-10 22:10 - 2019-03-14 03:57 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-04-10 22:10 - 2019-03-14 03:57 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2019-04-10 22:10 - 2019-03-14 03:57 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-04-10 22:10 - 2019-03-14 03:57 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-04-10 22:10 - 2019-03-14 03:57 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-04-10 21:52 - 2019-04-10 21:52 - 000000000 ____D C:\Users\karel\In Flames - I, the Mask (Limited Edition) (2019)
2019-04-10 21:49 - 2019-04-10 21:50 - 132558774 _____ C:\Users\karel\Downloads\In Flames - I, the Mask (Limited Edition) (2019).zip
2019-03-20 16:33 - 2019-03-20 16:34 - 000000000 ____D C:\ProgramData\Mozilla

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-17 19:40 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-04-17 19:40 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-04-17 19:38 - 2017-07-18 16:23 - 000000000 __SHD C:\ProgramData\ProgramFile
2019-04-17 19:34 - 2018-05-20 21:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-04-16 20:44 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-15 13:58 - 2016-12-15 10:39 - 000000000 ____D C:\Users\karel\AppData\LocalLow\Mozilla
2019-04-15 13:56 - 2016-12-14 08:30 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-04-15 13:02 - 2015-12-13 22:50 - 000000000 ___RD C:\Users\karel\OneDrive
2019-04-13 13:09 - 2018-05-20 22:09 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1188319757-1600937067-96752618-1001
2019-04-13 13:09 - 2018-05-20 21:50 - 000002363 _____ C:\Users\karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-04-11 18:37 - 2015-12-13 23:00 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-04-11 16:37 - 2018-05-20 22:00 - 001689050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-04-11 16:37 - 2018-04-12 17:51 - 000716358 _____ C:\WINDOWS\system32\perfh005.dat
2019-04-11 16:37 - 2018-04-12 17:51 - 000144616 _____ C:\WINDOWS\system32\perfc005.dat
2019-04-11 16:37 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-04-11 16:36 - 2016-10-23 13:59 - 000000000 ____D C:\Users\karel\AppData\Roaming\Seznam.cz
2019-04-11 16:31 - 2015-12-21 19:37 - 000000000 ____D C:\Program Files (x86)\Steam
2019-04-11 16:30 - 2015-12-13 22:50 - 000000000 __SHD C:\Users\karel\IntelGraphicsProfiles
2019-04-11 16:29 - 2018-05-20 22:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-04-11 16:29 - 2018-05-20 21:46 - 000367216 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-04-11 16:28 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-04-11 16:27 - 2018-04-12 17:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-04-11 16:27 - 2018-04-12 01:38 - 000000000 ___RD C:\Program Files\Windows Defender
2019-04-11 16:27 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-04-11 16:27 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-04-11 16:27 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-04-11 16:26 - 2015-12-13 22:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2019-04-11 16:24 - 2015-10-30 09:24 - 000000167 _____ C:\WINDOWS\win.ini
2019-04-11 11:33 - 2015-12-17 21:34 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-11 11:33 - 2015-12-17 21:34 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-04-11 11:30 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-04-10 22:05 - 2015-12-13 23:35 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-04-10 21:52 - 2018-05-20 21:50 - 000000000 ____D C:\Users\karel
2019-04-10 21:48 - 2015-12-13 23:35 - 131129288 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-04-08 19:07 - 2015-12-13 22:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-04-07 16:40 - 2018-11-04 20:17 - 000000000 ____D C:\Users\karel\Desktop\d5200
2019-04-06 08:46 - 2018-11-17 17:43 - 000000000 ____D C:\Program Files\rempl
2019-04-04 17:12 - 2019-02-28 21:45 - 000000000 ____D C:\Users\karel\Desktop\Pad Ikar´s flight
2019-04-01 19:51 - 2018-07-11 20:08 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-04-01 19:51 - 2018-07-11 20:08 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-04-01 14:55 - 2015-12-13 22:58 - 000001230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-03-28 16:08 - 2018-05-20 22:09 - 000003470 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-28 16:08 - 2018-05-20 22:09 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-03-24 09:37 - 2016-01-29 22:04 - 000000000 ____D C:\Users\karel\Documents\lesní družstvo
2019-03-18 20:28 - 2016-01-05 20:41 - 000000000 ____D C:\Users\karel\Documents\Myslivecký spolek

==================== Files in the root of some directories =======

2019-03-04 12:31 - 2017-11-07 19:18 - 000259938 ___SH () C:\Users\karel\AppData\Roaming\system42.exe
2018-10-24 20:19 - 2017-06-29 20:49 - 001333760 ___SH (The-Sims-3-CZ-PLNÁ-VERZE!!-+-VIDEONÁVOD) C:\Users\karel\AppData\Roaming\system83.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-20 21:46

==================== End of FRST.txt ============================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15.04.2019 01
Ran by karel (17-04-2019 19:47:30)
Running from C:\Users\karel\Desktop
Windows 10 Pro Version 1803 17134.706 (X64) (2018-05-20 20:10:34)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1188319757-1600937067-96752618-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1188319757-1600937067-96752618-503 - Limited - Disabled)
Guest (S-1-5-21-1188319757-1600937067-96752618-501 - Limited - Disabled)
karel (S-1-5-21-1188319757-1600937067-96752618-1001 - Administrator - Enabled) => C:\Users\karel
WDAGUtilityAccount (S-1-5-21-1188319757-1600937067-96752618-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Panda Internet Security 2016 (Enabled - Up to date) {AAF74A68-8713-CDF1-004F-30003398BE9E}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Internet Security 2016 (Enabled - Up to date) {1196AB8C-A129-C27F-3AFF-0B72481FF423}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Firewall (Disabled) {92CCCB4D-CD7C-CCA9-2B10-9935CD4BF9E5}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20099 - Adobe Systems Incorporated)
Common Desktop Agent (HKLM\...\{A38002C3-BA08-466A-A813-7F9D578B13A1}) (Version: 1.62.0 - OEM) Hidden
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.3.6855.61 - Dell)
Dell System Detect (HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\d24084d039586cae) (Version: 8.3.0.8 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.1207.101.103 - ALPS ELECTRIC CO., LTD.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.11.1193 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4425 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{B294CE94-FE0F-4427-910C-180AF9FCFED1}) (Version: 1.0.1.620 - Intel Corporation)
Kodi (HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\Kodi) (Version: - XBMC-Foundation)
Microsoft Office Standard 2013 (HKLM-x32\...\Office15.STANDARD) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\OneDriveSetup.exe) (Version: 19.043.0304.0007 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 66.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 66.0.2 (x64 cs)) (Version: 66.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 66.0.2.7024 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM-x32\...\{90150000-001F-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM-x32\...\{90150000-001F-041B-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Panda Devices Agent (HKLM-x32\...\{DDE3DECA-9139-4A39-9276-143ECA1DB75E}) (Version: 1.06.00 - Panda Security) Hidden
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.05 - Panda Security) Hidden
Panda Internet Security 2016 (HKLM\...\{293AA48A-DFC2-4F7D-9ED7-1A0F25CB5368}) (Version: 8.04.00.0000 - Panda Security) Hidden
Panda Internet Security 2016 (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 16.00.02.0000 - Panda Security)
Room Arranger (64-bit) (HKLM-x32\...\Room Arranger x64) (Version: 9.5.4 - Jan Adamec)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0012-0000-0000-0000000FF1CE}_Office15.STANDARD_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
Seznam Software (HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\SeznamInstall) (Version: 2.1.32 - Seznam.cz)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Taroky (HKLM-x32\...\Taroky_is1) (Version: - )
Total Commander 64-bit (Remove or Repair) (HKLM-x32\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH)
Update for Skype for Business 2015 (KB4462207) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.STANDARD_{E78636E8-8D6F-494B-917B-3F5D79693E95}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
Xerox Easy Printer Manager (HKLM-x32\...\Xerox Easy Printer Manager) (Version: 1.03.97.00(21.04.2014) - Xerox Corporation.)
Xerox Easy Wireless Setup (HKLM-x32\...\Xerox Easy Wireless Setup) (Version: 3.70.18.0 - Xerox Corporation)
Xerox Phaser 3020 (HKLM-x32\...\Xerox Phaser 3020) (Version: () - Xerox Corporation)
Zobrazit uživatelskou příručku (HKLM-x32\...\Xerox View User Guide ) (Version: 3.60.45.0 - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1188319757-1600937067-96752618-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-1188319757-1600937067-96752618-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2015-10-22] (Panda Security S.L -> Panda Security, S.L.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2015-10-22] (Panda Security S.L -> Panda Security, S.L.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {079BAB30-4BEB-4218-9255-1EF8FB37DB6F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {1F3FC014-5FFE-4EB2-82F3-FEA855B2D4E2} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {2DFBD6CD-D4B8-4BD0-AA6E-4124D4B62EA1} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {49315F32-6E3A-4F75-B9E5-61F93F024A6C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {5C3D5D3F-0C24-413B-943E-08D31E1EA296} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {6402C65E-305C-4F01-8222-6A948034936D} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe (Dell Inc. -> PC-Doctor, Inc.)
Task: {8443DF20-D2B1-4EFA-9396-E6B20F0F88C1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {BBE985A0-6CF2-41BF-8828-A11B67B81516} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {CBC78012-B541-4C62-BE1A-C458AC4E2AF6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {CD7BDBD6-47F4-45F3-BBBC-DF3E18609799} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures
Task: {DEDE91E9-059A-47FA-9D2C-34ED09AB3F85} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-10-24 20:19 - 2017-06-29 20:49 - 001333760 ___SH (The-Sims-3-CZ-PLNÁ-VERZE!!-+-VIDEONÁVOD) [File not signed] C:\Users\karel\AppData\Roaming\system83.exe
2019-03-04 12:31 - 2017-11-07 19:18 - 000259938 ___SH () [File not signed] C:\Users\karel\AppData\Roaming\system42.exe
2018-11-30 16:21 - 2018-11-30 16:21 - 000010240 _____ () [File not signed] C:\Users\karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ACEJNPTTTW.exe
2016-03-18 12:03 - 2016-03-18 12:03 - 000335360 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
2013-04-12 19:23 - 2013-04-12 19:23 - 000612664 _____ () [File not signed] C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 09:24 - 2015-10-30 09:21 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1188319757-1600937067-96752618-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\karel\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\DSC_4086.JPG
DNS Servers: 192.168.31.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{246226EA-F14F-4CFB-A316-49316EEF95A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{5E9AD6CD-5F0A-4729-9701-7E233751DA63}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [UDP Query User{687C1481-E893-48C6-BFBF-52355F74D347}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe (XBMC-Foundation) [File not signed]
FirewallRules: [TCP Query User{908FD3C1-8E91-4CED-B82F-D00E1B38752E}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe (XBMC-Foundation) [File not signed]
FirewallRules: [{1FD597B8-05DD-4B71-8280-AEBAEB2CA787}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{A3F259BC-6E60-4511-B0B4-660D4F253845}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{5E2763A2-65EE-43ED-9666-CE54E3425B13}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{93C913EF-F6B7-4DF1-B0B5-B969B5C7848D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3181DA00-A415-4C4C-A329-AE76625D59B8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{0DF3BF88-D801-440F-95B4-9B9AF6D7C6D7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{5EDFD3BE-C9DA-4969-BC51-FEF20C148AD5}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe No File
FirewallRules: [{A4B9536B-9122-4883-81B7-154216D29AB8}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe No File
FirewallRules: [{B0741471-ACB8-4197-9559-17D3F60AA506}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe (New World Interactive LLC -> New World Interactive LLC)
FirewallRules: [{5E77EB0D-72FD-41B2-9CB8-FF2D7F76C955}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe (New World Interactive LLC -> New World Interactive LLC)
FirewallRules: [{E8E22A40-965D-49B8-9F5E-B866299B8B71}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{72B414A7-BCBA-4C6E-8302-2ACF83665E07}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{46025DE2-30AB-4D95-ABD1-5E79343C78D0}] => (Allow) D:\setup.exe No File
FirewallRules: [{7C72B61C-4DBC-4087-9F2D-B2F74B743AD5}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{750CFD56-5CAD-48EC-A02D-4EFAE247590D}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{C4D3C7D2-EB4E-4F1C-B3C3-ABC133ADCA58}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Application.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{6A4B4A9A-7EC8-493A-87C3-A9B0AD8FA526}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Application.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{957F81A0-2C1B-4BF7-BCF5-9FC303791CDC}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.OrderSupplies.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{EF64D1BD-EC0D-4E36-8A7D-67D241FE652E}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.OrderSupplies.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{D1A1BF60-42B3-489E-9665-3728AC5A4CAC}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Alert.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{1AFB8B2B-4027-4F7D-B016-C31DD4AE968A}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Alert.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{4045A30C-EA5B-4899-9F34-01453BC20D50}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\uninstall.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{BF5B2980-EA7F-4628-AB48-7A2D8EBFADFF}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\uninstall.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{85291A44-D8DC-4581-ABF3-CC0AEE3A507D}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\CDAS2PC\Xerox.CDAS2PC.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{C052FC69-80A6-468E-B983-3377F9C1414B}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\CDAS2PC\Xerox.CDAS2PC.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{79509127-B148-41D5-91F9-0388B3421B50}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{59880587-4529-408A-B97A-81D96AD90CC3}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{DDDA2A2C-943F-48A4-A781-4F1B1A6A5F73}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe (Telltale Games) [File not signed]
FirewallRules: [{74C22421-970D-4986-8D5D-EAD03D743DB5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe (Telltale Games) [File not signed]
FirewallRules: [{FEFCD199-4654-4D56-9DD7-5A224C1D9AA3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Oddworld Abes Oddysee\AbeWin.exe (Oddworld Inhabitants, Inc.) [File not signed]
FirewallRules: [{678E1001-4A63-4D44-B8D1-7206AD5D476C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Oddworld Abes Oddysee\AbeWin.exe (Oddworld Inhabitants, Inc.) [File not signed]
FirewallRules: [{307D9E66-20F5-4601-A715-74C440464D3C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{025BB957-B6B1-4814-B264-19A9F24EDC3A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{41C6459C-5618-43D9-AC69-963E8BCB4055}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

20-03-2019 22:54:56 Windows Update
06-04-2019 08:44:56 Windows Update
10-04-2019 22:05:24 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/11/2019 04:39:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: PSUAMain.exe, verze: 4.0.0.646, časové razítko: 0x56291049
Název chybujícího modulu: CC3290MT.DLL, verze: 9.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0005d522
ID chybujícího procesu: 0x2f34
Čas spuštění chybující aplikace: 0x01d4f074647507c2
Cesta k chybující aplikaci: C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Panda Security\Panda Security Protection\CC3290MT.DLL
ID zprávy: 5e4cbb77-f631-4202-bcf1-101178810e5e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/11/2019 04:39:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: PSUAMain.exe, verze: 4.0.0.646, časové razítko: 0x56291049
Název chybujícího modulu: CC3290MT.DLL, verze: 9.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x000193ee
ID chybujícího procesu: 0x2f34
Čas spuštění chybující aplikace: 0x01d4f074647507c2
Cesta k chybující aplikaci: C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Panda Security\Panda Security Protection\CC3290MT.DLL
ID zprávy: fa95f732-847a-4bcf-bdcc-5ee8903f9555
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/10/2019 09:48:32 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = c:\windows\system32\svchost.exe -k netsvcs -p; Popis = Windows Update; Chyba = 0x81000101).

Error: (04/09/2019 06:20:07 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-SBNC4S4)
Description: httphttp-2147467263

Error: (04/09/2019 05:26:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: PSUAMain.exe, verze: 4.0.0.646, časové razítko: 0x56291049
Název chybujícího modulu: CC3290MT.DLL, verze: 9.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0005d522
ID chybujícího procesu: 0x18ac
Čas spuštění chybující aplikace: 0x01d4ee2f05b13530
Cesta k chybující aplikaci: C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Panda Security\Panda Security Protection\CC3290MT.DLL
ID zprávy: e903a2c8-5d03-4391-8bf1-b7980e79e302
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/09/2019 05:26:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: PSUAMain.exe, verze: 4.0.0.646, časové razítko: 0x56291049
Název chybujícího modulu: CC3290MT.DLL, verze: 9.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x000193ee
ID chybujícího procesu: 0x18ac
Čas spuštění chybující aplikace: 0x01d4ee2f05b13530
Cesta k chybující aplikaci: C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Panda Security\Panda Security Protection\CC3290MT.DLL
ID zprávy: 3e6495d7-ebdf-4e74-bd05-db1d9e052d77
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/08/2019 07:09:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: system42.exe, verze: 1.0.0.0, časové razítko: 0x5a0195e5
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17134.556, časové razítko: 0xb9f4a0f1
Kód výjimky: 0xe0434352
Posun chyby: 0x000000000003a388
ID chybujícího procesu: 0x294c
Čas spuštění chybující aplikace: 0x01d4ee2dba39973f
Cesta k chybující aplikaci: C:\Users\karel\AppData\Roaming\system42.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 922f72c1-5746-488d-a7ef-0071059172df
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/08/2019 07:09:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: system42.exe, verze: 1.0.0.0, časové razítko: 0x5a0195e5
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17134.556, časové razítko: 0xb9f4a0f1
Kód výjimky: 0xe0434352
Posun chyby: 0x000000000003a388
ID chybujícího procesu: 0x2834
Čas spuštění chybující aplikace: 0x01d4ee2db7fa681f
Cesta k chybující aplikaci: C:\Users\karel\AppData\Roaming\system42.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: fe6e7f93-a04d-4621-8589-a75edd63913c
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (04/16/2019 12:15:38 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-SBNC4S4)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-SBNC4S4\karel (SID: S-1-5-21-1188319757-1600937067-96752618-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/16/2019 11:56:56 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-SBNC4S4)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-SBNC4S4\karel (SID: S-1-5-21-1188319757-1600937067-96752618-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/15/2019 09:34:37 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-SBNC4S4)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-SBNC4S4\karel (SID: S-1-5-21-1188319757-1600937067-96752618-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/15/2019 07:34:58 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-SBNC4S4)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-SBNC4S4\karel (SID: S-1-5-21-1188319757-1600937067-96752618-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/14/2019 07:05:58 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-SBNC4S4)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-SBNC4S4\karel (SID: S-1-5-21-1188319757-1600937067-96752618-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/13/2019 01:36:49 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-SBNC4S4)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-SBNC4S4\karel (SID: S-1-5-21-1188319757-1600937067-96752618-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/13/2019 01:24:31 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-SBNC4S4)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-SBNC4S4\karel (SID: S-1-5-21-1188319757-1600937067-96752618-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/12/2019 08:25:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění výchozí pro počítač neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{0358B920-0AC7-461F-98F4-58E32CD89148}
a APPID
{3EB3C877-1F16-487C-9050-104DBCD66683}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-3120M CPU @ 2.50GHz
Percentage of memory in use: 76%
Total physical RAM: 4000.77 MB
Available physical RAM: 924.73 MB
Total Virtual: 5452.49 MB
Available Virtual: 824.27 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:453.99 GB) (Free:284.07 GB) NTFS

\\?\Volume{b3b3c41b-0000-0000-0000-100100000000}\ (RECOVERY) (Fixed) (Total:11.76 GB) (Free:4.93 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: B3B3C41B)
Partition 1: (Not Active) - (Size=16 MB) - (Type=DE)
Partition 2: (Active) - (Size=11.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=454 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Problém s USB flashdisky

#2 Příspěvek od Rudy »

Zdravím!
Flešku připojte a pusťte na ní USBFix: https://forum.viry.cz/viewtopic.php?f=24&t=140144 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

putifuk
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 17 dub 2019 18:53

Re: Problém s USB flashdisky

#3 Příspěvek od putifuk »

Když projedu flashdisk tím programem dostanu se k datům, ale po odpojení a připojení se složky zobrazí, ale obsah ne.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Problém s USB flashdisky

#4 Příspěvek od Rudy »

OK. Flešku nechte připojenou a spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Bude to možná nějaká nová varianta šmejdu, který toto způsoboval. Vidím to poprvé, na varianty dřívější USBFix postačoval.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

putifuk
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 17 dub 2019 18:53

Re: Problém s USB flashdisky

#5 Příspěvek od putifuk »

První pokus.
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-18.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-18-2019
# Duration: 00:00:04
# OS: Windows 10 Pro
# Cleaned: 11
# Failed: 1


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Seznam.cz
Not Deleted C:\Users\karel\AppData\Roaming\Seznam.cz

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\warthunder.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\warthunder.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
Deleted HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|seznam-listicka-distribuce

***** [ Chromium (and derivatives) ] *****

Deleted Seznam doplněk - Esko

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2535 octets] - [18/04/2019 13:21:09]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

putifuk
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 17 dub 2019 18:53

Re: Problém s USB flashdisky

#6 Příspěvek od putifuk »

Druhý pokus.

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-18.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-18-2019
# Duration: 00:00:01
# OS: Windows 10 Pro
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\karel\AppData\Roaming\Seznam.cz

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2535 octets] - [18/04/2019 13:21:09]
AdwCleaner[C00].txt - [2499 octets] - [18/04/2019 13:21:29]
AdwCleaner[S01].txt - [1416 octets] - [18/04/2019 15:37:29]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Problém s USB flashdisky

#7 Příspěvek od Rudy »

Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

putifuk
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 17 dub 2019 18:53

Re: Problém s USB flashdisky

#8 Příspěvek od putifuk »

soubory na flashdisku vidím 2x jednou v kořenovém adresáři kde mají 11kB, podruhé v podsložce ProgramFile ve které už část souborů mají správnou velikost a zbytek je v další podsložce ProgramFile

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18.04.2019
Ran by karel (administrator) on DESKTOP-SBNC4S4 (18-04-2019 21:31:19)
Running from C:\Users\karel\Desktop
Loaded Profiles: karel (Available Profiles: karel)
Platform: Windows 10 Pro Version 1803 17134.706 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Panda Security S.L -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Panda Security S.L -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security S.L -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Samsung Electronics CO., LTD. -> ) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\karel\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(The-Sims-3-CZ-PLNÁ-VERZE!!-+-VIDEONÁVOD) [File not signed] C:\Users\karel\AppData\Roaming\system83.exe
(Dell Inc -> Dell) C:\Users\karel\AppData\Local\Apps\2.0\ODO5MOVB.8CT\7H5TP88N.W33\dell..tion_831211ca63b981c5_0008.0003_e23fe183534fdbc1\DellSystemDetect.exe
() [File not signed] C:\Users\karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ACEJNPTTTW.exe
() [File not signed] C:\Users\karel\AppData\Roaming\system42.exe
(Panda Security S.L -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19021.18010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [745288 2015-06-25] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] (Samsung Electronics CO., LTD. -> )
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [54520 2015-10-22] (Panda Security S.L -> Panda Security, S.L.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1178912 2016-05-09] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3152160 2019-04-17] (Valve -> Valve Corporation)
HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\Run: [microsystem40] => C:\Users\karel\AppData\Roaming\system83.exe [1333760 2017-06-29] (The-Sims-3-CZ-PLNÁ-VERZE!!-+-VIDEONÁVOD) [File not signed]
HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\Run: [microsystem58] => C:\Users\karel\AppData\Roaming\system42.exe [259938 2017-11-07] () [File not signed]
HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\Run: [DellSystemDetect] => C:\Users\karel\AppData\Local\Apps\2.0\ODO5MOVB.8CT\7H5TP88N.W33\dell..tion_831211ca63b981c5_0008.0003_e23fe183534fdbc1\DellSystemDetect.exe [311216 2017-02-21] (Dell Inc -> Dell)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-11] (Google LLC -> Google Inc.)
Startup: C:\Users\karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ACEJNPTTTW.exe [2018-11-30] () [File not signed]
Startup: C:\Users\karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\system61.lnk [2019-04-18]
ShortcutTarget: system61.lnk -> C:\Users\karel\AppData\Roaming\system83.exe (The-Sims-3-CZ-PLNÁ-VERZE!!-+-VIDEONÁVOD) [File not signed]
Startup: C:\Users\karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\system72.lnk [2019-04-18]
ShortcutTarget: system72.lnk -> C:\Users\karel\AppData\Roaming\system42.exe () [File not signed]

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.31.1
Tcpip\..\Interfaces\{dc906c29-c555-47b8-8697-f6d42de0c85a}: [DhcpNameServer] 192.168.31.1

Internet Explorer:
==================
HKU\S-1-5-21-1188319757-1600937067-96752618-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=12454
SearchScopes: HKU\S-1-5-21-1188319757-1600937067-96752618-1001 -> {438ABC7D-C9B2-4C72-A111-426A229E211B} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1188319757-1600937067-96752618-1001 -> {536F6941-4CA9-4951-B497-A6B22C3A6D98} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-1188319757-1600937067-96752618-1001 -> {6171CF28-964C-4D58-9E0D-CEE67614012C} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1188319757-1600937067-96752618-1001 -> {714F0E2A-EC4F-4574-BE62-396490C3DE02} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-1188319757-1600937067-96752618-1001 -> {755C765F-B1ED-4808-8F5F-AD2AC99605DD} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-1188319757-1600937067-96752618-1001 -> {76425BB0-FF4D-45D9-B3CA-59A1E70ED24B} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1188319757-1600937067-96752618-1001 -> {85304AF4-44D0-4D8C-BC83-25CBAAE457E2} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1188319757-1600937067-96752618-1001 -> {893E0474-5B22-4331-87C3-2A8998B5DC5B} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1188319757-1600937067-96752618-1001 -> {FD22EB30-FB78-4A35-AA62-90D225DF5C94} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: yzzgcn04.default
FF ProfilePath: C:\Users\karel\AppData\Roaming\Mozilla\Firefox\Profiles\yzzgcn04.default [2019-04-15]
FF Homepage: Mozilla\Firefox\Profiles\yzzgcn04.default -> www.seznam.cz
FF Extension: (Seznam pro Firefox - Esko) - C:\Users\karel\AppData\Roaming\Mozilla\Firefox\Profiles\yzzgcn04.default\Extensions\sko-extension@firma.seznam.cz.xpi [2017-11-29]
FF Extension: (Seznam pro Firefox - Email) - C:\Users\karel\AppData\Roaming\Mozilla\Firefox\Profiles\yzzgcn04.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-11-06]
FF Extension: (Seznam pro Firefox - Email) - C:\Users\karel\AppData\Roaming\Mozilla\Firefox\Profiles\yzzgcn04.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2017-11-03]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-03-25] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\karel\AppData\Local\Google\Chrome\User Data\Default [2019-04-18]
CHR Extension: (Prezentace) - C:\Users\karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-17]
CHR Extension: (YouTube) - C:\Users\karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-17]
CHR Extension: (Vyhledávání Google) - C:\Users\karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-17]
CHR Extension: (Tabulky) - C:\Users\karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2019-04-18]
CHR Extension: (Gmail) - C:\Users\karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-17]
CHR Extension: (Chrome Media Router) - C:\Users\karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-24]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [96120 2015-06-25] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [319096 2016-06-15] (Intel Corporation - pGFX -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335360 2016-03-18] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-18] (Intel Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-05-10] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142072 2015-10-18] (Panda Security S.L -> Panda Security, S.L.)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [73464 2015-10-28] (Panda Security S.L -> Panda Security, S.L.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-10-22] (Panda Security S.L -> Panda Security, S.L.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5074120 2019-03-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [208184 2015-10-29] (Broadcom Corporation -> Broadcom Corporation.)
R3 BCMWL63A; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [11794352 2017-06-21] (Broadcom Corporation -> Broadcom Corp)
S3 btwampfl; C:\WINDOWS\system32\DRIVERS\btwampfl.sys [223040 2015-10-29] (Broadcom Corporation -> Broadcom Corporation.)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [19440 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> OSR Open Systems Resources, Inc.)
R1 NNSALPC; C:\WINDOWS\system32\DRIVERS\NNSALPC.sys [103824 2015-07-17] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTP; C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys [211352 2015-07-17] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTPS; C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys [120216 2015-07-17] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSIDS; C:\WINDOWS\system32\DRIVERS\NNSIDS.sys [120208 2015-07-17] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSNAHSL; C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys [58616 2015-06-19] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPICC; C:\WINDOWS\system32\DRIVERS\NNSPICC.sys [112536 2015-07-17] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPIHSW; C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys [89472 2015-09-01] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPOP3; C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys [133528 2015-07-17] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPROT; C:\WINDOWS\system32\DRIVERS\NNSPROT.sys [309648 2015-07-17] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPRV; C:\WINDOWS\system32\DRIVERS\NNSPRV.sys [179608 2015-07-17] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSSMTP; C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys [122776 2015-07-17] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSSTRM; C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys [267160 2015-07-17] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSTLSC; C:\WINDOWS\system32\DRIVERS\NNSTLSC.sys [115600 2015-07-17] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINAflt; C:\WINDOWS\system32\DRIVERS\PSINAflt.sys [173464 2015-07-22] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [130968 2015-07-22] (Panda Security S.L. -> Panda Security, S.L.)
R1 PSINKNC; C:\WINDOWS\system32\DRIVERS\PSINKNC.sys [207256 2015-07-22] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [133528 2015-07-22] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINProt; C:\WINDOWS\system32\DRIVERS\PSINProt.sys [143768 2015-07-22] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINReg; C:\WINDOWS\system32\DRIVERS\PSINReg.sys [117144 2015-07-22] (Panda Security S.L. -> Panda Security, S.L.)
U3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [62080 2015-06-16] (Microsoft Windows Hardware Compatibility Publisher -> Panda Security, S.L.)
R0 stdcfltn; C:\WINDOWS\System32\DRIVERS\stdcfltn.sys [30352 2016-10-07] (STMICROELECTRONICS S.R.L. -> ST Microelectronics)
R3 ST_Accel; C:\WINDOWS\system32\DRIVERS\ST_Accel.sys [154280 2016-10-12] (STMICROELECTRONICS S.R.L. -> STMicroelectronics)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-18 21:30 - 2019-04-18 21:33 - 000021232 _____ C:\Users\karel\Desktop\FRST.txt
2019-04-18 21:30 - 2019-04-18 21:30 - 000000000 ____D C:\Users\karel\Desktop\FRST-OlderVersion
2019-04-18 15:39 - 2019-04-18 15:39 - 000000000 ____D C:\Users\karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TouchPad
2019-04-18 13:19 - 2019-04-18 13:21 - 000000000 ____D C:\AdwCleaner
2019-04-18 13:18 - 2019-04-18 13:18 - 007025360 _____ (Malwarebytes) C:\Users\karel\Desktop\adwcleaner_7.3.exe
2019-04-17 22:17 - 2019-04-17 22:28 - 000001958 _____ C:\Users\karel\Desktop\UsbFix Anti-Malware.lnk
2019-04-17 22:17 - 2019-04-17 22:17 - 000000000 ____D C:\Program Files (x86)\UsbFix
2019-04-17 19:51 - 2019-04-17 19:51 - 000000075 _____ C:\Users\karel\Desktop\VIRY.CZ • Zobrazit téma - Problém s USB flashdisky.url
2019-04-17 19:43 - 2019-04-18 21:30 - 000000000 ____D C:\FRST
2019-04-17 19:42 - 2019-04-18 21:30 - 002434048 _____ (Farbar) C:\Users\karel\Desktop\FRST64.exe
2019-04-17 19:35 - 2019-04-17 19:35 - 000000000 ____D C:\Users\karel\AppData\Local\D3DSCache
2019-04-15 13:11 - 2019-04-15 13:11 - 000027307 _____ C:\Users\karel\Downloads\Avizo o neprovedene platbe (1).pdf
2019-04-13 13:09 - 2019-04-13 13:09 - 000000000 ___HD C:\OneDriveTemp
2019-04-10 22:11 - 2019-04-02 14:19 - 012730880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-04-10 22:11 - 2019-04-02 14:12 - 003643904 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-04-10 22:11 - 2019-04-02 11:11 - 011919360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-04-10 22:11 - 2019-04-02 11:08 - 002889216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-04-10 22:11 - 2019-04-02 10:36 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-04-10 22:11 - 2019-04-02 10:22 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-04-10 22:11 - 2019-04-02 10:21 - 007520136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-04-10 22:11 - 2019-04-02 10:21 - 002822160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-04-10 22:11 - 2019-04-02 10:21 - 002467536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-04-10 22:11 - 2019-04-02 10:19 - 009083704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-04-10 22:11 - 2019-04-02 10:01 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-04-10 22:11 - 2019-04-02 09:53 - 022717440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-04-10 22:11 - 2019-04-02 09:53 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-04-10 22:11 - 2019-04-02 09:51 - 003399680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-04-10 22:11 - 2019-04-02 09:50 - 007591936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-04-10 22:11 - 2019-04-02 07:04 - 006572120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-04-10 22:11 - 2019-04-02 06:56 - 022018048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-04-10 22:11 - 2019-04-02 06:50 - 019404800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-04-10 22:11 - 2019-04-02 06:43 - 005788160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-04-10 22:11 - 2019-03-14 10:37 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-04-10 22:11 - 2019-03-14 10:37 - 002256248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-04-10 22:11 - 2019-03-14 10:26 - 007436016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-04-10 22:11 - 2019-03-14 10:26 - 002768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-04-10 22:11 - 2019-03-14 10:01 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-04-10 22:11 - 2019-03-14 09:58 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-04-10 22:11 - 2019-03-14 09:58 - 002509824 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-04-10 22:11 - 2019-03-14 09:57 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-04-10 22:11 - 2019-03-14 09:56 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-04-10 22:11 - 2019-03-14 09:55 - 003601920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2019-04-10 22:11 - 2019-03-14 09:55 - 002739200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-04-10 22:10 - 2019-04-02 14:38 - 000094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-04-10 22:10 - 2019-04-02 14:33 - 001634912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-04-10 22:10 - 2019-04-02 14:33 - 000719984 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-04-10 22:10 - 2019-04-02 14:19 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-04-10 22:10 - 2019-04-02 14:18 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-04-10 22:10 - 2019-04-02 14:16 - 001030144 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-04-10 22:10 - 2019-04-02 14:15 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2019-04-10 22:10 - 2019-04-02 14:13 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-04-10 22:10 - 2019-04-02 14:12 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-04-10 22:10 - 2019-04-02 14:11 - 004053504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-04-10 22:10 - 2019-04-02 14:11 - 001857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-04-10 22:10 - 2019-04-02 14:11 - 001662976 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-04-10 22:10 - 2019-04-02 14:10 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2019-04-10 22:10 - 2019-04-02 14:10 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2019-04-10 22:10 - 2019-04-02 11:25 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-04-10 22:10 - 2019-04-02 11:25 - 000607960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-04-10 22:10 - 2019-04-02 11:11 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-04-10 22:10 - 2019-04-02 11:10 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2019-04-10 22:10 - 2019-04-02 11:07 - 004054528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-04-10 22:10 - 2019-04-02 11:07 - 001586688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-04-10 22:10 - 2019-04-02 11:06 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-04-10 22:10 - 2019-04-02 10:24 - 000135184 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-04-10 22:10 - 2019-04-02 10:23 - 001023800 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-04-10 22:10 - 2019-04-02 10:22 - 000567592 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-04-10 22:10 - 2019-04-02 10:22 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-04-10 22:10 - 2019-04-02 10:21 - 000735680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-04-10 22:10 - 2019-04-02 10:20 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-04-10 22:10 - 2019-04-02 10:20 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-04-10 22:10 - 2019-04-02 10:19 - 000793400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-04-10 22:10 - 2019-04-02 10:19 - 000786080 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-04-10 22:10 - 2019-04-02 10:19 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-04-10 22:10 - 2019-04-02 09:50 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-04-10 22:10 - 2019-04-02 09:49 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-04-10 22:10 - 2019-04-02 09:49 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-04-10 22:10 - 2019-04-02 09:48 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-04-10 22:10 - 2019-04-02 09:48 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2019-04-10 22:10 - 2019-04-02 09:48 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-04-10 22:10 - 2019-04-02 09:47 - 001214464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-04-10 22:10 - 2019-04-02 09:47 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-04-10 22:10 - 2019-04-02 09:46 - 002174976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-04-10 22:10 - 2019-04-02 09:45 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-04-10 22:10 - 2019-04-02 09:44 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-04-10 22:10 - 2019-04-02 09:44 - 001724416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-04-10 22:10 - 2019-04-02 09:44 - 001421312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-04-10 22:10 - 2019-04-02 09:43 - 000542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-04-10 22:10 - 2019-04-02 08:22 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2019-04-10 22:10 - 2019-04-02 07:05 - 001989544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-04-10 22:10 - 2019-04-02 07:04 - 000604008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-04-10 22:10 - 2019-04-02 07:04 - 000581832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-04-10 22:10 - 2019-04-02 07:04 - 000560600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-04-10 22:10 - 2019-04-02 06:43 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-04-10 22:10 - 2019-04-02 06:43 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-04-10 22:10 - 2019-04-02 06:42 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-04-10 22:10 - 2019-04-02 06:41 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-04-10 22:10 - 2019-04-02 06:41 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2019-04-10 22:10 - 2019-04-02 06:41 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-04-10 22:10 - 2019-04-02 06:40 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-04-10 22:10 - 2019-04-02 06:40 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-04-10 22:10 - 2019-03-16 14:54 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-04-10 22:10 - 2019-03-16 11:03 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-04-10 22:10 - 2019-03-14 16:55 - 001786680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2019-04-10 22:10 - 2019-03-14 16:53 - 001626928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2019-04-10 22:10 - 2019-03-14 16:53 - 001038136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2019-04-10 22:10 - 2019-03-14 16:53 - 000652088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2019-04-10 22:10 - 2019-03-14 16:53 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2019-04-10 22:10 - 2019-03-14 16:52 - 003933296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-04-10 22:10 - 2019-03-14 16:52 - 001424696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2019-04-10 22:10 - 2019-03-14 16:52 - 000954160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2019-04-10 22:10 - 2019-03-14 16:52 - 000830264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2019-04-10 22:10 - 2019-03-14 16:52 - 000827704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2019-04-10 22:10 - 2019-03-14 16:52 - 000825144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2019-04-10 22:10 - 2019-03-14 16:52 - 000749880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2019-04-10 22:10 - 2019-03-14 16:52 - 000670008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2019-04-10 22:10 - 2019-03-14 16:52 - 000495416 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2019-04-10 22:10 - 2019-03-14 16:52 - 000164664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppvVemgr.sys
2019-04-10 22:10 - 2019-03-14 16:51 - 000157192 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2019-04-10 22:10 - 2019-03-14 16:35 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfoext.dll
2019-04-10 22:10 - 2019-03-14 16:34 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-04-10 22:10 - 2019-03-14 16:33 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2019-04-10 22:10 - 2019-03-14 16:33 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2019-04-10 22:10 - 2019-03-14 16:33 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcPing.exe
2019-04-10 22:10 - 2019-03-14 16:31 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2019-04-10 22:10 - 2019-03-14 16:30 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll
2019-04-10 22:10 - 2019-03-14 16:30 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2019-04-10 22:10 - 2019-03-14 16:29 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2019-04-10 22:10 - 2019-03-14 16:29 - 000727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscsvc.dll
2019-04-10 22:10 - 2019-03-14 16:28 - 000560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsound.dll
2019-04-10 22:10 - 2019-03-14 16:08 - 003611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-04-10 22:10 - 2019-03-14 15:56 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2019-04-10 22:10 - 2019-03-14 15:55 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RpcPing.exe
2019-04-10 22:10 - 2019-03-14 15:53 - 000625664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2019-04-10 22:10 - 2019-03-14 15:53 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll
2019-04-10 22:10 - 2019-03-14 15:53 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2019-04-10 22:10 - 2019-03-14 15:52 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsound.dll
2019-04-10 22:10 - 2019-03-14 10:57 - 000611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-04-10 22:10 - 2019-03-14 10:56 - 000375096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-04-10 22:10 - 2019-03-14 10:38 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-04-10 22:10 - 2019-03-14 10:38 - 000090360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpr.dll
2019-04-10 22:10 - 2019-03-14 10:37 - 001171568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-04-10 22:10 - 2019-03-14 10:28 - 000152072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2019-04-10 22:10 - 2019-03-14 10:27 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-04-10 22:10 - 2019-03-14 10:27 - 000097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpr.dll
2019-04-10 22:10 - 2019-03-14 10:26 - 002421048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-04-10 22:10 - 2019-03-14 10:26 - 001457576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-04-10 22:10 - 2019-03-14 10:26 - 001258688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-04-10 22:10 - 2019-03-14 10:26 - 001140984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-04-10 22:10 - 2019-03-14 10:26 - 001014344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-04-10 22:10 - 2019-03-14 10:26 - 000983424 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-04-10 22:10 - 2019-03-14 10:26 - 000481048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-04-10 22:10 - 2019-03-14 10:26 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-04-10 22:10 - 2019-03-14 10:22 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-04-10 22:10 - 2019-03-14 10:20 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-04-10 22:10 - 2019-03-14 10:19 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-04-10 22:10 - 2019-03-14 10:19 - 002969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-04-10 22:10 - 2019-03-14 10:18 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-04-10 22:10 - 2019-03-14 10:18 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2019-04-10 22:10 - 2019-03-14 10:18 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credui.dll
2019-04-10 22:10 - 2019-03-14 10:18 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-04-10 22:10 - 2019-03-14 10:17 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-04-10 22:10 - 2019-03-14 10:17 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-04-10 22:10 - 2019-03-14 10:17 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-04-10 22:10 - 2019-03-14 10:17 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2019-04-10 22:10 - 2019-03-14 10:17 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcmapi.dll
2019-04-10 22:10 - 2019-03-14 10:17 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntlanman.dll
2019-04-10 22:10 - 2019-03-14 10:16 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-04-10 22:10 - 2019-03-14 10:16 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-04-10 22:10 - 2019-03-14 10:15 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-04-10 22:10 - 2019-03-14 10:15 - 000318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-04-10 22:10 - 2019-03-14 10:15 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShellCommonCommonProxyStub.dll
2019-04-10 22:10 - 2019-03-14 10:15 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\negoexts.dll
2019-04-10 22:10 - 2019-03-14 10:14 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-04-10 22:10 - 2019-03-14 10:14 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-04-10 22:10 - 2019-03-14 10:14 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-04-10 22:10 - 2019-03-14 10:14 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-04-10 22:10 - 2019-03-14 10:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-04-10 22:10 - 2019-03-14 10:14 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-04-10 22:10 - 2019-03-14 10:14 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2019-04-10 22:10 - 2019-03-14 10:13 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2019-04-10 22:10 - 2019-03-14 10:13 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-04-10 22:10 - 2019-03-14 10:13 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-04-10 22:10 - 2019-03-14 09:58 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-04-10 22:10 - 2019-03-14 09:57 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-04-10 22:10 - 2019-03-14 09:56 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-04-10 22:10 - 2019-03-14 09:56 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-04-10 22:10 - 2019-03-14 09:56 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-04-10 22:10 - 2019-03-14 09:56 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-04-10 22:10 - 2019-03-14 09:55 - 000528896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-04-10 22:10 - 2019-03-14 09:55 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2019-04-10 22:10 - 2019-03-14 09:55 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-04-10 22:10 - 2019-03-14 09:55 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2019-04-10 22:10 - 2019-03-14 09:55 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmapi.dll
2019-04-10 22:10 - 2019-03-14 09:55 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
2019-04-10 22:10 - 2019-03-14 09:55 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntlanman.dll
2019-04-10 22:10 - 2019-03-14 09:55 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2019-04-10 22:10 - 2019-03-14 09:55 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\credui.dll
2019-04-10 22:10 - 2019-03-14 09:54 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-04-10 22:10 - 2019-03-14 09:54 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-04-10 22:10 - 2019-03-14 09:54 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-04-10 22:10 - 2019-03-14 09:54 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-04-10 22:10 - 2019-03-14 09:54 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2019-04-10 22:10 - 2019-03-14 09:54 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-04-10 22:10 - 2019-03-14 09:54 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2019-04-10 22:10 - 2019-03-14 09:54 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-04-10 22:10 - 2019-03-14 09:54 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\negoexts.dll
2019-04-10 22:10 - 2019-03-14 09:54 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-04-10 22:10 - 2019-03-14 09:53 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-04-10 22:10 - 2019-03-14 09:53 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-04-10 22:10 - 2019-03-14 09:53 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-04-10 22:10 - 2019-03-14 09:53 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-04-10 22:10 - 2019-03-14 09:52 - 002909696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-04-10 22:10 - 2019-03-14 09:52 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-04-10 22:10 - 2019-03-14 09:52 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShellCommonCommonProxyStub.dll
2019-04-10 22:10 - 2019-03-14 09:52 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-04-10 22:10 - 2019-03-14 09:51 - 001216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-04-10 22:10 - 2019-03-14 09:51 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-04-10 22:10 - 2019-03-14 09:51 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2019-04-10 22:10 - 2019-03-14 09:50 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2019-04-10 22:10 - 2019-03-14 09:50 - 001410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-04-10 22:10 - 2019-03-14 09:50 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-04-10 22:10 - 2019-03-14 09:50 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2019-04-10 22:10 - 2019-03-14 09:50 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-04-10 22:10 - 2019-03-14 09:50 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-04-10 22:10 - 2019-03-14 09:50 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-04-10 22:10 - 2019-03-14 09:50 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-04-10 22:10 - 2019-03-14 09:50 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-04-10 22:10 - 2019-03-14 03:57 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-04-10 22:10 - 2019-03-14 03:57 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2019-04-10 22:10 - 2019-03-14 03:57 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-04-10 22:10 - 2019-03-14 03:57 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-04-10 22:10 - 2019-03-14 03:57 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-04-10 21:52 - 2019-04-10 21:52 - 000000000 ____D C:\Users\karel\In Flames - I, the Mask (Limited Edition) (2019)
2019-04-10 21:49 - 2019-04-10 21:50 - 132558774 _____ C:\Users\karel\Downloads\In Flames - I, the Mask (Limited Edition) (2019).zip
2019-03-20 16:33 - 2019-03-20 16:34 - 000000000 ____D C:\ProgramData\Mozilla

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-18 21:29 - 2018-05-20 21:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-04-18 15:58 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-18 15:45 - 2018-05-20 22:00 - 001689050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-04-18 15:45 - 2018-04-12 17:51 - 000716358 _____ C:\WINDOWS\system32\perfh005.dat
2019-04-18 15:45 - 2018-04-12 17:51 - 000144616 _____ C:\WINDOWS\system32\perfc005.dat
2019-04-18 15:45 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-04-18 15:40 - 2015-12-21 19:37 - 000000000 ____D C:\Program Files (x86)\Steam
2019-04-18 15:40 - 2015-12-13 22:50 - 000000000 ___RD C:\Users\karel\OneDrive
2019-04-18 15:39 - 2015-12-13 22:50 - 000000000 __SHD C:\Users\karel\IntelGraphicsProfiles
2019-04-18 15:38 - 2018-05-20 22:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-04-18 15:38 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-04-18 13:32 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-04-17 22:34 - 2017-07-18 16:23 - 000000000 __SHD C:\ProgramData\ProgramFile
2019-04-17 22:23 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-04-15 13:58 - 2016-12-15 10:39 - 000000000 ____D C:\Users\karel\AppData\LocalLow\Mozilla
2019-04-15 13:56 - 2016-12-14 08:30 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-04-13 13:09 - 2018-05-20 22:09 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1188319757-1600937067-96752618-1001
2019-04-13 13:09 - 2018-05-20 21:50 - 000002363 _____ C:\Users\karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-04-11 18:37 - 2015-12-13 23:00 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-04-11 16:29 - 2018-05-20 21:46 - 000367216 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-04-11 16:27 - 2018-04-12 17:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-04-11 16:27 - 2018-04-12 01:38 - 000000000 ___RD C:\Program Files\Windows Defender
2019-04-11 16:27 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-04-11 16:27 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-04-11 16:27 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-04-11 16:26 - 2015-12-13 22:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2019-04-11 16:24 - 2015-10-30 09:24 - 000000167 _____ C:\WINDOWS\win.ini
2019-04-11 11:33 - 2015-12-17 21:34 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-11 11:33 - 2015-12-17 21:34 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-04-11 11:30 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-04-10 22:05 - 2015-12-13 23:35 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-04-10 21:52 - 2018-05-20 21:50 - 000000000 ____D C:\Users\karel
2019-04-10 21:48 - 2015-12-13 23:35 - 131129288 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-04-08 19:07 - 2015-12-13 22:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-04-07 16:40 - 2018-11-04 20:17 - 000000000 ____D C:\Users\karel\Desktop\d5200
2019-04-06 08:46 - 2018-11-17 17:43 - 000000000 ____D C:\Program Files\rempl
2019-04-04 17:12 - 2019-02-28 21:45 - 000000000 ____D C:\Users\karel\Desktop\Pad Ikar´s flight
2019-04-01 19:51 - 2018-07-11 20:08 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-04-01 19:51 - 2018-07-11 20:08 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-04-01 14:55 - 2015-12-13 22:58 - 000001230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-03-28 16:08 - 2018-05-20 22:09 - 000003470 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-28 16:08 - 2018-05-20 22:09 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-03-24 09:37 - 2016-01-29 22:04 - 000000000 ____D C:\Users\karel\Documents\lesní družstvo

==================== Files in the root of some directories =======

2019-03-04 12:31 - 2017-11-07 19:18 - 000259938 ___SH () C:\Users\karel\AppData\Roaming\system42.exe
2018-10-24 20:19 - 2017-06-29 20:49 - 001333760 ___SH (The-Sims-3-CZ-PLNÁ-VERZE!!-+-VIDEONÁVOD) C:\Users\karel\AppData\Roaming\system83.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-20 21:46

==================== End of FRST.txt ============================






Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18.04.2019
Ran by karel (18-04-2019 21:34:25)
Running from C:\Users\karel\Desktop
Windows 10 Pro Version 1803 17134.706 (X64) (2018-05-20 20:10:34)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1188319757-1600937067-96752618-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1188319757-1600937067-96752618-503 - Limited - Disabled)
Guest (S-1-5-21-1188319757-1600937067-96752618-501 - Limited - Disabled)
karel (S-1-5-21-1188319757-1600937067-96752618-1001 - Administrator - Enabled) => C:\Users\karel
WDAGUtilityAccount (S-1-5-21-1188319757-1600937067-96752618-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Panda Internet Security 2016 (Enabled - Up to date) {AAF74A68-8713-CDF1-004F-30003398BE9E}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Internet Security 2016 (Enabled - Up to date) {1196AB8C-A129-C27F-3AFF-0B72481FF423}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Firewall (Disabled) {92CCCB4D-CD7C-CCA9-2B10-9935CD4BF9E5}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20099 - Adobe Systems Incorporated)
Common Desktop Agent (HKLM\...\{A38002C3-BA08-466A-A813-7F9D578B13A1}) (Version: 1.62.0 - OEM) Hidden
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.3.6855.61 - Dell)
Dell System Detect (HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\d24084d039586cae) (Version: 8.3.0.8 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.1207.101.103 - ALPS ELECTRIC CO., LTD.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.11.1193 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4425 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{B294CE94-FE0F-4427-910C-180AF9FCFED1}) (Version: 1.0.1.620 - Intel Corporation)
Kodi (HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\Kodi) (Version: - XBMC-Foundation)
Microsoft Office Standard 2013 (HKLM-x32\...\Office15.STANDARD) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\OneDriveSetup.exe) (Version: 19.043.0304.0007 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 66.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 66.0.2 (x64 cs)) (Version: 66.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 66.0.2.7024 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM-x32\...\{90150000-001F-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM-x32\...\{90150000-001F-041B-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Panda Devices Agent (HKLM-x32\...\{DDE3DECA-9139-4A39-9276-143ECA1DB75E}) (Version: 1.06.00 - Panda Security) Hidden
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.05 - Panda Security) Hidden
Panda Internet Security 2016 (HKLM\...\{293AA48A-DFC2-4F7D-9ED7-1A0F25CB5368}) (Version: 8.04.00.0000 - Panda Security) Hidden
Panda Internet Security 2016 (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 16.00.02.0000 - Panda Security)
Room Arranger (64-bit) (HKLM-x32\...\Room Arranger x64) (Version: 9.5.4 - Jan Adamec)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0012-0000-0000-0000000FF1CE}_Office15.STANDARD_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Taroky (HKLM-x32\...\Taroky_is1) (Version: - )
Total Commander 64-bit (Remove or Repair) (HKLM-x32\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH)
Update for Skype for Business 2015 (KB4462207) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.STANDARD_{E78636E8-8D6F-494B-917B-3F5D79693E95}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
UsbFix Anti-Malware Premium (HKLM-x32\...\Usbfix) (Version: 11.0.1.4 - SOSVirus (SOSVirus.Net))
Xerox Easy Printer Manager (HKLM-x32\...\Xerox Easy Printer Manager) (Version: 1.03.97.00(21.04.2014) - Xerox Corporation.)
Xerox Easy Wireless Setup (HKLM-x32\...\Xerox Easy Wireless Setup) (Version: 3.70.18.0 - Xerox Corporation)
Xerox Phaser 3020 (HKLM-x32\...\Xerox Phaser 3020) (Version: () - Xerox Corporation)
Zobrazit uživatelskou příručku (HKLM-x32\...\Xerox View User Guide ) (Version: 3.60.45.0 - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1188319757-1600937067-96752618-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2015-10-22] (Panda Security S.L -> Panda Security, S.L.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2015-10-22] (Panda Security S.L -> Panda Security, S.L.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {079BAB30-4BEB-4218-9255-1EF8FB37DB6F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {1F3FC014-5FFE-4EB2-82F3-FEA855B2D4E2} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {2DFBD6CD-D4B8-4BD0-AA6E-4124D4B62EA1} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {49315F32-6E3A-4F75-B9E5-61F93F024A6C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {5C3D5D3F-0C24-413B-943E-08D31E1EA296} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {6402C65E-305C-4F01-8222-6A948034936D} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe (Dell Inc. -> PC-Doctor, Inc.)
Task: {8443DF20-D2B1-4EFA-9396-E6B20F0F88C1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {BBE985A0-6CF2-41BF-8828-A11B67B81516} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {CBC78012-B541-4C62-BE1A-C458AC4E2AF6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {CD7BDBD6-47F4-45F3-BBBC-DF3E18609799} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures
Task: {DEDE91E9-059A-47FA-9D2C-34ED09AB3F85} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-10-24 20:19 - 2017-06-29 20:49 - 001333760 ___SH (The-Sims-3-CZ-PLNÁ-VERZE!!-+-VIDEONÁVOD) [File not signed] C:\Users\karel\AppData\Roaming\system83.exe
2018-11-30 16:21 - 2018-11-30 16:21 - 000010240 _____ () [File not signed] C:\Users\karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ACEJNPTTTW.exe
2019-03-04 12:31 - 2017-11-07 19:18 - 000259938 ___SH () [File not signed] C:\Users\karel\AppData\Roaming\system42.exe
2016-03-18 12:03 - 2016-03-18 12:03 - 000335360 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
2013-04-12 19:23 - 2013-04-12 19:23 - 000612664 _____ () [File not signed] C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 09:24 - 2015-10-30 09:21 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1188319757-1600937067-96752618-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\karel\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\DSC_4086.JPG
DNS Servers: 192.168.31.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{246226EA-F14F-4CFB-A316-49316EEF95A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{5E9AD6CD-5F0A-4729-9701-7E233751DA63}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [UDP Query User{687C1481-E893-48C6-BFBF-52355F74D347}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe (XBMC-Foundation) [File not signed]
FirewallRules: [TCP Query User{908FD3C1-8E91-4CED-B82F-D00E1B38752E}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe (XBMC-Foundation) [File not signed]
FirewallRules: [{1FD597B8-05DD-4B71-8280-AEBAEB2CA787}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{A3F259BC-6E60-4511-B0B4-660D4F253845}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{5E2763A2-65EE-43ED-9666-CE54E3425B13}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{93C913EF-F6B7-4DF1-B0B5-B969B5C7848D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3181DA00-A415-4C4C-A329-AE76625D59B8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{0DF3BF88-D801-440F-95B4-9B9AF6D7C6D7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{5EDFD3BE-C9DA-4969-BC51-FEF20C148AD5}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe No File
FirewallRules: [{A4B9536B-9122-4883-81B7-154216D29AB8}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe No File
FirewallRules: [{B0741471-ACB8-4197-9559-17D3F60AA506}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe (New World Interactive LLC -> New World Interactive LLC)
FirewallRules: [{5E77EB0D-72FD-41B2-9CB8-FF2D7F76C955}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe (New World Interactive LLC -> New World Interactive LLC)
FirewallRules: [{E8E22A40-965D-49B8-9F5E-B866299B8B71}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{72B414A7-BCBA-4C6E-8302-2ACF83665E07}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{46025DE2-30AB-4D95-ABD1-5E79343C78D0}] => (Allow) D:\setup.exe No File
FirewallRules: [{7C72B61C-4DBC-4087-9F2D-B2F74B743AD5}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{750CFD56-5CAD-48EC-A02D-4EFAE247590D}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{C4D3C7D2-EB4E-4F1C-B3C3-ABC133ADCA58}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Application.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{6A4B4A9A-7EC8-493A-87C3-A9B0AD8FA526}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Application.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{957F81A0-2C1B-4BF7-BCF5-9FC303791CDC}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.OrderSupplies.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{EF64D1BD-EC0D-4E36-8A7D-67D241FE652E}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.OrderSupplies.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{D1A1BF60-42B3-489E-9665-3728AC5A4CAC}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Alert.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{1AFB8B2B-4027-4F7D-B016-C31DD4AE968A}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Alert.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{4045A30C-EA5B-4899-9F34-01453BC20D50}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\uninstall.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{BF5B2980-EA7F-4628-AB48-7A2D8EBFADFF}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\uninstall.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{85291A44-D8DC-4581-ABF3-CC0AEE3A507D}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\CDAS2PC\Xerox.CDAS2PC.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{C052FC69-80A6-468E-B983-3377F9C1414B}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\CDAS2PC\Xerox.CDAS2PC.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{79509127-B148-41D5-91F9-0388B3421B50}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{59880587-4529-408A-B97A-81D96AD90CC3}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{DDDA2A2C-943F-48A4-A781-4F1B1A6A5F73}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe (Telltale Games) [File not signed]
FirewallRules: [{74C22421-970D-4986-8D5D-EAD03D743DB5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe (Telltale Games) [File not signed]
FirewallRules: [{FEFCD199-4654-4D56-9DD7-5A224C1D9AA3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Oddworld Abes Oddysee\AbeWin.exe (Oddworld Inhabitants, Inc.) [File not signed]
FirewallRules: [{678E1001-4A63-4D44-B8D1-7206AD5D476C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Oddworld Abes Oddysee\AbeWin.exe (Oddworld Inhabitants, Inc.) [File not signed]
FirewallRules: [{307D9E66-20F5-4601-A715-74C440464D3C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{025BB957-B6B1-4814-B264-19A9F24EDC3A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{41C6459C-5618-43D9-AC69-963E8BCB4055}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

20-03-2019 22:54:56 Windows Update
06-04-2019 08:44:56 Windows Update
10-04-2019 22:05:24 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/18/2019 09:31:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program FRST64.exe verze 18.4.2019.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 1a28

Čas spuštění: 01d4f61d320f6445

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Users\karel\Desktop\FRST64.exe

ID hlášení: ce5775b3-6eb5-4b4c-b53f-c0acffb8d2d7

Úplný název balíčku s chybou:

ID aplikace související s balíčkem s chybou:

Error: (04/18/2019 03:50:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: PSUAMain.exe, verze: 4.0.0.646, časové razítko: 0x56291049
Název chybujícího modulu: CC3290MT.DLL, verze: 9.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0005d522
ID chybujícího procesu: 0x1d6c
Čas spuštění chybující aplikace: 0x01d4f5ed760814e8
Cesta k chybující aplikaci: C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Panda Security\Panda Security Protection\CC3290MT.DLL
ID zprávy: bd00d30f-62e6-4bbc-b1a5-d9119ad2831e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/18/2019 03:50:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: PSUAMain.exe, verze: 4.0.0.646, časové razítko: 0x56291049
Název chybujícího modulu: CC3290MT.DLL, verze: 9.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x000193ee
ID chybujícího procesu: 0x1d6c
Čas spuštění chybující aplikace: 0x01d4f5ed760814e8
Cesta k chybující aplikaci: C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Panda Security\Panda Security Protection\CC3290MT.DLL
ID zprávy: 97a71ac8-964b-4df6-bbaf-174709b0e6e2
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/18/2019 03:43:52 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-SBNC4S4)
Description: httphttp-2147467263

Error: (04/18/2019 03:40:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: system42.exe, verze: 1.0.0.0, časové razítko: 0x5a0195e5
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17134.556, časové razítko: 0xb9f4a0f1
Kód výjimky: 0xe0434352
Posun chyby: 0x000000000003a388
ID chybujícího procesu: 0x26b0
Čas spuštění chybující aplikace: 0x01d4f5ec272d9e7a
Cesta k chybující aplikaci: C:\Users\karel\AppData\Roaming\system42.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: b73e1e86-dd93-4e38-a0d8-5e9c98470c3e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/18/2019 03:40:01 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: system42.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.Runtime.InteropServices.ExternalException
na System.Windows.Forms.Clipboard.ThrowIfFailed(Int32)
na System.Windows.Forms.Clipboard.SetDataObject(System.Object, Boolean, Int32, Int32)
na System.Windows.Forms.Clipboard.SetText(System.String, System.Windows.Forms.TextDataFormat)
na WindowsFormsApp11.Program.Main()

Error: (04/18/2019 01:33:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: system42.exe, verze: 1.0.0.0, časové razítko: 0x5a0195e5
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17134.556, časové razítko: 0xb9f4a0f1
Kód výjimky: 0xe0434352
Posun chyby: 0x000000000003a388
ID chybujícího procesu: 0x2740
Čas spuštění chybující aplikace: 0x01d4f5da6d0ad445
Cesta k chybující aplikaci: C:\Users\karel\AppData\Roaming\system42.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 04d46d49-d348-4d80-9b5c-bafb6b677644
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/18/2019 01:33:15 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: system42.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.Runtime.InteropServices.ExternalException
na System.Windows.Forms.Clipboard.ThrowIfFailed(Int32)
na System.Windows.Forms.Clipboard.SetDataObject(System.Object, Boolean, Int32, Int32)
na System.Windows.Forms.Clipboard.SetText(System.String, System.Windows.Forms.TextDataFormat)
na WindowsFormsApp11.Program.Main()


System errors:
=============
Error: (04/18/2019 05:35:31 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-SBNC4S4)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-SBNC4S4\karel (SID: S-1-5-21-1188319757-1600937067-96752618-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/18/2019 03:50:17 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-SBNC4S4)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-SBNC4S4\karel (SID: S-1-5-21-1188319757-1600937067-96752618-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/18/2019 03:47:10 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-SBNC4S4)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-SBNC4S4\karel (SID: S-1-5-21-1188319757-1600937067-96752618-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/18/2019 03:40:42 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-SBNC4S4)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-SBNC4S4\karel (SID: S-1-5-21-1188319757-1600937067-96752618-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/18/2019 03:39:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/18/2019 03:39:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/18/2019 03:37:56 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\System32\bcmihvsrv64.dll

Error: (04/18/2019 03:37:56 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\System32\bcmihvsrv64.dll


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-3120M CPU @ 2.50GHz
Percentage of memory in use: 62%
Total physical RAM: 4000.77 MB
Available physical RAM: 1503.23 MB
Total Virtual: 4896.77 MB
Available Virtual: 1622.77 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:453.99 GB) (Free:285.38 GB) NTFS
Drive e: (Samsung USB) (Removable) (Total:59.75 GB) (Free:7.01 GB) exFAT
Drive f: (KINGSTON) (Removable) (Total:14.55 GB) (Free:14.34 GB) FAT32

\\?\Volume{b3b3c41b-0000-0000-0000-100100000000}\ (RECOVERY) (Fixed) (Total:11.76 GB) (Free:4.93 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: B3B3C41B)
Partition 1: (Not Active) - (Size=16 MB) - (Type=DE)
Partition 2: (Active) - (Size=11.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=454 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Protective MBR) (Size: 59.8 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 2 (Size: 14.6 GB) (Disk ID: 04DD5721)
Partition 1: (Active) - (Size=14.6 GB) - (Type=0C)

==================== End of Addition.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Problém s USB flashdisky

#9 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {079BAB30-4BEB-4218-9255-1EF8FB37DB6F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {2DFBD6CD-D4B8-4BD0-AA6E-4124D4B62EA1} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {CBC78012-B541-4C62-BE1A-C458AC4E2AF6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
FirewallRules: [{1FD597B8-05DD-4B71-8280-AEBAEB2CA787}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{A3F259BC-6E60-4511-B0B4-660D4F253845}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{5EDFD3BE-C9DA-4969-BC51-FEF20C148AD5}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe No File
FirewallRules: [{A4B9536B-9122-4883-81B7-154216D29AB8}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe No File
FirewallRules: [{46025DE2-30AB-4D95-ABD1-5E79343C78D0}] => (Allow) D:\setup.exe No File

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

putifuk
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 17 dub 2019 18:53

Re: Problém s USB flashdisky

#10 Příspěvek od putifuk »

Fix result of Farbar Recovery Scan Tool (x64) Version: 18.04.2019
Ran by karel (19-04-2019 08:30:39) Run:1
Running from C:\Users\karel\Desktop
Loaded Profiles: karel (Available Profiles: karel)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {079BAB30-4BEB-4218-9255-1EF8FB37DB6F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {2DFBD6CD-D4B8-4BD0-AA6E-4124D4B62EA1} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {CBC78012-B541-4C62-BE1A-C458AC4E2AF6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
FirewallRules: [{1FD597B8-05DD-4B71-8280-AEBAEB2CA787}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{A3F259BC-6E60-4511-B0B4-660D4F253845}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{5EDFD3BE-C9DA-4969-BC51-FEF20C148AD5}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe No File
FirewallRules: [{A4B9536B-9122-4883-81B7-154216D29AB8}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe No File
FirewallRules: [{46025DE2-30AB-4D95-ABD1-5E79343C78D0}] => (Allow) D:\setup.exe No File

EmptyTemp:
End
*****************

Processes closed successfully.
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{079BAB30-4BEB-4218-9255-1EF8FB37DB6F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{079BAB30-4BEB-4218-9255-1EF8FB37DB6F}" => removed successfully
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2DFBD6CD-D4B8-4BD0-AA6E-4124D4B62EA1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2DFBD6CD-D4B8-4BD0-AA6E-4124D4B62EA1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CBC78012-B541-4C62-BE1A-C458AC4E2AF6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CBC78012-B541-4C62-BE1A-C458AC4E2AF6}" => removed successfully
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1FD597B8-05DD-4B71-8280-AEBAEB2CA787}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A3F259BC-6E60-4511-B0B4-660D4F253845}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5EDFD3BE-C9DA-4969-BC51-FEF20C148AD5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A4B9536B-9122-4883-81B7-154216D29AB8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{46025DE2-30AB-4D95-ABD1-5E79343C78D0}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 1077963534 B
Java, Flash, Steam htmlcache => 165530426 B
Windows/system/drivers => 33819186 B
Edge => 66833799 B
Chrome => 540083548 B

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Problém s USB flashdisky

#11 Příspěvek od Rudy »

OK. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

putifuk
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 17 dub 2019 18:53

Re: Problém s USB flashdisky

#12 Příspěvek od putifuk »

Na flash disk jsem nahrál složku "komín" s pár fotkama, po odpojení a připojení nejde složka komín otevřít, ale je tam složka programy files, kde je složka komín ještě dvakrát a dokonce jednou jde otevřít a jsou tam i fotky.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Problém s USB flashdisky

#13 Příspěvek od Rudy »

Udělejte ještě tento sken. AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 . Utilitu stáhněte, spusťte, nechte pracovat a po skončení akce smažte vše, co najde.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

putifuk
Návštěvník
Návštěvník
Příspěvky: 8
Registrován: 17 dub 2019 18:53

Re: Problém s USB flashdisky

#14 Příspěvek od putifuk »

Tak avptool, kaspersky, proběhl našel 15 věcí smazal jsem to, ale nevím jak ukázat výsledek. Jenže: jiná formátovaná flash ADATA opět složka komín s fotkama po odpojení a připojení prázdná po opravě v USBFIX zase složka programy files a v ní komín z fotkama. :roll:

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Problém s USB flashdisky

#15 Příspěvek od Rudy »

Pokud problém i po smazání přetrvává, udělejte na flešce kontrolu chyb, případně ještě jednou spusťte USBFix.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět