Notebook se přehřívá

Zpráva

LV1234 · #1 Příspěvek od **LV1234** » 17 lis 2020 18:25

Dobrý den,
ráda bych poprosila o pomoc. V poslední době se mi při sledování filmů ( ale i při jiných činnostech, např. při práci s gimpem) začne přehřívat notebook a chlazení jede nepřetržitě a velmi hlasitě, jako když startuje dron.

FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-11-2020
Ran by Líba (administrator) on LÍBA (HP HP Laptop 14-bp1xx) (17-11-2020 18:02:06)
Running from C:\Users\croft\Downloads
Loaded Profiles: Líba
Platform: Windows 10 Home Version 1909 18363.1139 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0346830.inf_amd64_f723e13ffb3b2652\B345901\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0346830.inf_amd64_f723e13ffb3b2652\B345901\atiesrxx.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files (x86)\totalcmd\TOTALCMD64.EXE
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <58>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> HP) C:\Windows\System32\hpservice.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\IntelCpHeciSvc.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.1190_none_1716e3ef2a15f08c\TiWorker.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.231\WsAppService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [ACUW10EN] => C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\acdIDInTouch2.exe [2157000 2017-04-21] (ACD Systems International -> ACD Systems)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3674720 2018-05-11] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [175504 2020-10-29] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5866032 2020-10-22] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\Run: [ACDSeeCommanderUltimate10] => C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\ACDSeeCommanderUltimate10.exe [3427272 2017-04-25] (ACD Systems International -> )
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4179288 2015-11-18] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5491248 2020-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [29271224 2020-08-05] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\...\Windows x64\Print Processors\hpcpp101: C:\Windows\System32\spool\prtprocs\x64\hpcpp101.dll [323584 2010-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [65496 2020-10-22] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\HP C411 Status Monitor: C:\WINDOWS\system32\hpinkstsC411LM.dll [333496 2013-02-04] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\86.0.4240.198\Installer\chrmstp.exe [2020-11-12] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {08393777-2384-440D-91E4-AEBC7CB6ED0A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24770744 2020-08-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3321AC99-6979-4ADA-B63C-90A8469281F4} - System32\Tasks\GoogleUpdateTaskMachineCore1d5ff7dc8e0a443 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {4DC24594-1BA1-45EC-9939-FFEBCD1CAD3B} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3723532541-349634963-3060968088-500 => C:\Users\croft\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {6821FE11-081E-4D55-8806-9D4B3DEC6A8C} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\croft\Downloads\esetonlinescanner_csy.exe
Task: {892F5E2F-A0EC-4EBB-AFC1-CE247EE87C0E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.)
Task: {989B7C29-748C-483A-898E-12FDE1FE5C06} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\croft\Downloads\esetonlinescanner_csy.exe
Task: {B4EF7188-3BC3-47C3-A0CF-8312A44C8780} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-08-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C23CA36A-F7C9-4E42-9761-4A7AE2A2EAC4} - System32\Tasks\GoogleUpdateTaskMachineUA1d57dbef5a66ad0 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {C71BBFD2-11D4-4C98-BE85-499A63738AE6} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269296 2018-10-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {C791C6D2-BA93-4234-AF14-816A47B4DE09} - System32\Tasks\GoogleUpdateTaskMachineCore1d57dbef58d7204 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {CA125255-6F8A-48EF-BD5B-4A8AF0C5121B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {D07DA521-5711-4294-B45F-9112A1BABCDD} - System32\Tasks\GoogleUpdateTaskMachineUA1d5ff7dc90708cf => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {DCA8ABD7-A530-428C-B2BA-DE5250B23511} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [660688 2020-11-02] (Mozilla Corporation -> Mozilla Foundation)
Task: {DDB512BA-0014-491C-A822-3E5B7C2B1542} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61112 2019-08-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {DEBB26FF-7B21-4D1E-9658-B4A2F3DFE592} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {FACE49CD-51CC-4B22-860A-013ED31E0D0B} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [68280 2019-08-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.38 213.46.172.39
Tcpip\..\Interfaces\{01d9789d-5705-45b7-962a-a2adffa4a1ce}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{0cee5351-1667-498a-8c34-0a45e0c35c49}: [DhcpNameServer] 213.46.172.38 213.46.172.39

Edge:
======
DownloadDir: C:\Users\croft\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\croft\AppData\Local\Microsoft\Edge\User Data\Default [2020-11-05]

FireFox:
========
FF DefaultProfile: 8yk82u7g.default
FF ProfilePath: C:\Users\croft\AppData\Roaming\Mozilla\Firefox\Profiles\0blfb8qd.default-release-1 [2020-11-05]
FF ProfilePath: C:\Users\croft\AppData\Roaming\Mozilla\Firefox\Profiles\8yk82u7g.default [2020-01-22]
FF ProfilePath: C:\Users\croft\AppData\Roaming\Mozilla\Firefox\Profiles\dm8nxv80.default-release [2020-11-17]
FF Extension: (Video DownloadHelper) - C:\Users\croft\AppData\Roaming\Mozilla\Firefox\Profiles\dm8nxv80.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-08-04]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2020-10-22] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2020-11-15]

Chrome:
=======
CHR Profile: C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default [2020-11-17]
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://cs.nex-software.com; hxxps://dev1security.blogspot.com; hxxps://dp32.ru; hxxps://drive.google.com; hxxps://et.piratihk.cz; hxxps://m.facebook.com; hxxps://mrak.pirati.cz; hxxps://trycracksoftware.com; hxxps://upload.facebook.com; hxxps://vk.com; hxxps://www.dreamstime.com; hxxps://www.facebook.com; hxxps://www.instagram.com; hxxps://www.reddit.com; hxxps://www.viry.cz; hxxps://www.vitalia.cz; hxxps://www.wondershare.com; hxxps://zulip.pirati.cz
CHR NewTab: Default -> Active:"chrome-extension://llaficoajjainaijghjlofdfmbjpebpa/newtab.html"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-09]
CHR Extension: (Dokumenty) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-09]
CHR Extension: (Disk Google) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (YouTube) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-09]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-09-11]
CHR Extension: (Tabulky) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-16]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2020-09-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-07]
CHR Extension: (Switch to Classic design on Facebook™) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\oancckmjgaoejmbedngcoiakblhacbog [2020-11-15]
CHR Extension: (Video & Audio Downloader) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pchlfebelfohhojoomlngjbkcjponfha [2020-03-19]
CHR Extension: (Gmail) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-26]
CHR Extension: (Chrome Media Router) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-10-15]
CHR Profile: C:\Users\croft\AppData\Local\Google\Chrome\User Data\System Profile [2020-11-05]
CHR HKU\S-1-5-21-3723532541-349634963-3060968088-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1369432 2015-11-18] (Disc Soft Ltd -> Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-10-29] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-10-29] (ESET, spol. s r.o. -> ESET)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-19] (Malwarebytes Inc -> Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\NisSrv.exe [2372048 2020-10-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MsMpEng.exe [128376 2020-10-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.231\WsAppService.exe [493792 2017-10-24] (Wondershare Technology Co.,Ltd -> Wondershare)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R0 C981D415; C:\WINDOWS\System32\drivers\C981D415.sys [478392 2020-08-06] (Kaspersky Lab -> Kaspersky Lab ZAO)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2019-04-14] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47160 2019-04-14] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [160992 2020-10-27] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [109360 2020-10-27] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15288 2020-09-15] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [190464 2020-10-27] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [43720 2020-10-27] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [70048 2020-10-27] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107784 2020-10-27] (ESET, spol. s r.o. -> ESET)
S3 HPMoA407; C:\WINDOWS\System32\drivers\HPMoA407.sys [25088 2011-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.)
S3 HPubA407; C:\WINDOWS\System32\Drivers\HPubA407.sys [18944 2012-06-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-10-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [428264 2020-10-08] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69864 2020-10-08] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-11-17 18:02 - 2020-11-17 18:04 - 000021958 _____ C:\Users\croft\Downloads\FRST.txt
2020-11-17 17:59 - 2020-11-17 17:59 - 002294784 _____ (Farbar) C:\Users\croft\Downloads\FRST64.exe
2020-11-11 10:26 - 2020-11-11 10:27 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-11-11 10:26 - 2020-11-11 10:27 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-11-09 09:12 - 2020-11-09 09:12 - 003648128 _____ C:\Users\croft\Downloads\ratzfatz-muetze-in-vielen-varianten-gr-39-bis-60.zip
2020-11-09 09:12 - 2019-10-28 15:23 - 004286813 _____ C:\Users\croft\Downloads\Anleitung_RatzFatz_Textilsucht.pdf
2020-11-09 09:12 - 2019-10-28 15:23 - 000152420 _____ C:\Users\croft\Downloads\Schnittmuster RatzFatz Muetze.pdf
2020-11-06 20:12 - 2020-11-06 20:12 - 000012756 _____ C:\Users\croft\Documents\adresy.xlsx
2020-11-06 20:11 - 2020-11-06 20:11 - 000048238 _____ C:\Users\croft\AppData\Local\recently-used.xbel
2020-11-06 12:26 - 2020-11-06 12:26 - 000099723 _____ C:\Users\croft\Downloads\stanovy MS.pdf
2020-11-06 07:22 - 2020-11-06 07:22 - 000458853 ____H C:\Users\croft\Downloads\~WRL0004.tmp
2020-11-05 18:14 - 2020-11-05 18:14 - 000020282 _____ C:\Users\croft\Documents\cc_20201105_181449.reg
2020-11-03 13:08 - 2020-11-03 13:08 - 000579771 _____ C:\Users\croft\Downloads\Vítej_u_pirátů_královehradecky.pdf
2020-11-03 09:56 - 2020-11-03 09:56 - 000000000 ____D C:\Users\croft\AppData\Roaming\DataRecommendations
2020-11-03 09:55 - 2020-11-03 09:55 - 000000000 ____D C:\Users\croft\AppData\Local\Microsoft_Corporation
2020-11-02 17:53 - 2020-11-02 17:53 - 000408944 _____ C:\Users\croft\Downloads\damska-kapsa-do-svu.pdf
2020-11-02 12:55 - 2020-11-02 12:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-10-30 08:10 - 2017-12-29 14:52 - 208430445 _____ C:\Users\croft\Downloads\Earth - Den na zázračné planetě (2017) CZ dabing 4K HD(MOJEFILMY.XYZ).mkv
2020-10-25 17:54 - 2020-10-25 17:54 - 000310002 _____ C:\Users\croft\Downloads\201025_Shrnutí-voleb-pro-krajskou-schůzi.pdf
2020-10-24 14:49 - 2020-10-24 14:50 - 000000000 ____D C:\Users\croft\Downloads\z flešky
2020-10-24 14:40 - 2020-10-24 14:40 - 000042541 _____ C:\Users\croft\Downloads\proformaInvoice_2020011130.pdf
2020-10-22 23:42 - 2020-10-22 23:42 - 000065496 _____ (Adobe Systems Inc) C:\WINDOWS\system32\AdobePDF.dll
2020-10-22 23:42 - 2020-10-22 23:42 - 000036312 _____ (Adobe Systems Inc.) C:\WINDOWS\system32\AdobePDFUI.dll
2020-10-20 10:24 - 2020-10-20 10:24 - 002474437 _____ C:\Users\croft\Downloads\návod.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-11-17 18:03 - 2019-05-21 07:35 - 000000000 ____D C:\FRST
2020-11-17 18:02 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-11-17 17:07 - 2020-03-31 18:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-11-17 12:08 - 2019-10-05 09:46 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-11-17 12:08 - 2019-10-05 09:46 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-11-17 10:10 - 2020-03-31 18:22 - 001606106 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-11-17 10:10 - 2019-03-19 12:55 - 000685252 _____ C:\WINDOWS\system32\perfh005.dat
2020-11-17 10:10 - 2019-03-19 12:55 - 000137918 _____ C:\WINDOWS\system32\perfc005.dat
2020-11-17 10:10 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-11-17 09:20 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-11-16 15:43 - 2019-04-10 16:58 - 000000000 ____D C:\Users\Líba záloha
2020-11-16 15:07 - 2019-04-11 09:02 - 000000000 ____D C:\Users\Pracovní\Piráti
2020-11-16 15:02 - 2020-10-09 13:36 - 000000000 ____D C:\Users\croft\Downloads\inspirace
2020-11-16 15:01 - 2019-04-09 12:42 - 000000000 ____D C:\Users\croft\AppData\Local\Packages
2020-11-16 14:45 - 2019-10-13 08:29 - 000000000 ____D C:\Users\croft\AppData\Roaming\vlc
2020-11-15 14:12 - 2020-06-02 23:28 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-11-14 19:03 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-11-13 20:33 - 2019-10-29 11:16 - 000000000 ____D C:\Users\croft\AppData\LocalLow\Mozilla
2020-11-12 10:00 - 2019-04-09 12:45 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-11-11 12:19 - 2020-08-06 15:34 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-11-11 11:08 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-11-11 11:06 - 2019-03-08 15:39 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-11-11 11:03 - 2019-03-08 15:39 - 133736600 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-11-06 20:11 - 2019-04-09 21:08 - 000000000 ____D C:\Users\croft\AppData\Local\gtk-2.0
2020-11-06 20:11 - 2019-04-09 18:48 - 000000000 ____D C:\Users\croft\AppData\Local\babl-0.1
2020-11-06 18:33 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-11-06 17:51 - 2019-05-05 07:39 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2020-11-06 17:51 - 2019-05-05 07:39 - 000002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2020-11-05 16:57 - 2020-03-31 18:29 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-11-05 16:57 - 2019-11-05 14:32 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-11-05 16:55 - 2020-03-31 18:11 - 000000000 ____D C:\Users\croft
2020-11-05 16:55 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-11-05 16:35 - 2020-08-06 15:34 - 000000000 ____D C:\Program Files\CCleaner
2020-11-03 14:33 - 2020-07-15 15:36 - 000000000 ___HD C:\Users\croft\Downloads\[Originals]
2020-11-02 12:55 - 2019-10-30 18:20 - 000001273 _____ C:\Users\croft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-11-02 12:55 - 2019-10-29 11:16 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-11-01 09:18 - 2020-06-02 23:28 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-11-01 09:18 - 2020-06-02 23:28 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-10-29 11:55 - 2019-04-09 12:44 - 000000000 ____D C:\Users\croft\AppData\Local\PlaceholderTileLogoFolder
2020-10-28 19:51 - 2019-10-13 08:29 - 000000916 _____ C:\Users\Public\Desktop\VLC media player.lnk
2020-10-28 19:51 - 2019-10-13 08:29 - 000000916 _____ C:\ProgramData\Desktop\VLC media player.lnk
2020-10-27 17:34 - 2020-02-01 13:24 - 000000000 ____D C:\Users\croft\AppData\Roaming\uTorrent
2020-10-27 16:04 - 2020-04-02 12:43 - 000190464 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2020-10-27 16:04 - 2020-04-02 12:43 - 000160992 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2020-10-27 16:04 - 2020-04-02 12:43 - 000109360 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2020-10-27 16:04 - 2020-04-02 12:43 - 000107784 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2020-10-27 16:04 - 2020-04-02 12:43 - 000070048 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2020-10-27 16:04 - 2020-04-02 12:43 - 000043720 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2020-10-19 14:27 - 2019-11-21 15:21 - 000000000 ____D C:\Users\croft\Downloads\šití
2020-10-19 13:24 - 2020-03-30 15:58 - 000000000 ____D C:\Users\Pracovní\spolek
2020-10-19 13:23 - 2020-05-05 09:30 - 000000000 ____D C:\Users\Pracovní\Sika

==================== Files in the root of some directories ========

2019-04-10 21:09 - 2019-04-10 21:09 - 000000000 _____ () C:\Users\croft\AppData\Local\oobelibMkey.log
2020-11-06 20:11 - 2020-11-06 20:11 - 000048238 _____ () C:\Users\croft\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Addition:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-11-2020
Ran by Líba (administrator) on LÍBA (HP HP Laptop 14-bp1xx) (17-11-2020 18:02:06)
Running from C:\Users\croft\Downloads
Loaded Profiles: Líba
Platform: Windows 10 Home Version 1909 18363.1139 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0346830.inf_amd64_f723e13ffb3b2652\B345901\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0346830.inf_amd64_f723e13ffb3b2652\B345901\atiesrxx.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files (x86)\totalcmd\TOTALCMD64.EXE
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <58>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> HP) C:\Windows\System32\hpservice.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\IntelCpHeciSvc.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.1190_none_1716e3ef2a15f08c\TiWorker.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.231\WsAppService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [ACUW10EN] => C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\acdIDInTouch2.exe [2157000 2017-04-21] (ACD Systems International -> ACD Systems)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3674720 2018-05-11] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [175504 2020-10-29] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5866032 2020-10-22] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\Run: [ACDSeeCommanderUltimate10] => C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\ACDSeeCommanderUltimate10.exe [3427272 2017-04-25] (ACD Systems International -> )
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4179288 2015-11-18] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5491248 2020-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [29271224 2020-08-05] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\...\Windows x64\Print Processors\hpcpp101: C:\Windows\System32\spool\prtprocs\x64\hpcpp101.dll [323584 2010-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [65496 2020-10-22] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\HP C411 Status Monitor: C:\WINDOWS\system32\hpinkstsC411LM.dll [333496 2013-02-04] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\86.0.4240.198\Installer\chrmstp.exe [2020-11-12] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {08393777-2384-440D-91E4-AEBC7CB6ED0A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24770744 2020-08-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3321AC99-6979-4ADA-B63C-90A8469281F4} - System32\Tasks\GoogleUpdateTaskMachineCore1d5ff7dc8e0a443 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {4DC24594-1BA1-45EC-9939-FFEBCD1CAD3B} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3723532541-349634963-3060968088-500 => C:\Users\croft\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {6821FE11-081E-4D55-8806-9D4B3DEC6A8C} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\croft\Downloads\esetonlinescanner_csy.exe
Task: {892F5E2F-A0EC-4EBB-AFC1-CE247EE87C0E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.)
Task: {989B7C29-748C-483A-898E-12FDE1FE5C06} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\croft\Downloads\esetonlinescanner_csy.exe
Task: {B4EF7188-3BC3-47C3-A0CF-8312A44C8780} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-08-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C23CA36A-F7C9-4E42-9761-4A7AE2A2EAC4} - System32\Tasks\GoogleUpdateTaskMachineUA1d57dbef5a66ad0 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {C71BBFD2-11D4-4C98-BE85-499A63738AE6} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269296 2018-10-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {C791C6D2-BA93-4234-AF14-816A47B4DE09} - System32\Tasks\GoogleUpdateTaskMachineCore1d57dbef58d7204 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {CA125255-6F8A-48EF-BD5B-4A8AF0C5121B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {D07DA521-5711-4294-B45F-9112A1BABCDD} - System32\Tasks\GoogleUpdateTaskMachineUA1d5ff7dc90708cf => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {DCA8ABD7-A530-428C-B2BA-DE5250B23511} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [660688 2020-11-02] (Mozilla Corporation -> Mozilla Foundation)
Task: {DDB512BA-0014-491C-A822-3E5B7C2B1542} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61112 2019-08-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {DEBB26FF-7B21-4D1E-9658-B4A2F3DFE592} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {FACE49CD-51CC-4B22-860A-013ED31E0D0B} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [68280 2019-08-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.38 213.46.172.39
Tcpip\..\Interfaces\{01d9789d-5705-45b7-962a-a2adffa4a1ce}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{0cee5351-1667-498a-8c34-0a45e0c35c49}: [DhcpNameServer] 213.46.172.38 213.46.172.39

Edge:
======
DownloadDir: C:\Users\croft\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\croft\AppData\Local\Microsoft\Edge\User Data\Default [2020-11-05]

FireFox:
========
FF DefaultProfile: 8yk82u7g.default
FF ProfilePath: C:\Users\croft\AppData\Roaming\Mozilla\Firefox\Profiles\0blfb8qd.default-release-1 [2020-11-05]
FF ProfilePath: C:\Users\croft\AppData\Roaming\Mozilla\Firefox\Profiles\8yk82u7g.default [2020-01-22]
FF ProfilePath: C:\Users\croft\AppData\Roaming\Mozilla\Firefox\Profiles\dm8nxv80.default-release [2020-11-17]
FF Extension: (Video DownloadHelper) - C:\Users\croft\AppData\Roaming\Mozilla\Firefox\Profiles\dm8nxv80.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-08-04]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2020-10-22] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2020-11-15]

Chrome:
=======
CHR Profile: C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default [2020-11-17]
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://cs.nex-software.com; hxxps://dev1security.blogspot.com; hxxps://dp32.ru; hxxps://drive.google.com; hxxps://et.piratihk.cz; hxxps://m.facebook.com; hxxps://mrak.pirati.cz; hxxps://trycracksoftware.com; hxxps://upload.facebook.com; hxxps://vk.com; hxxps://www.dreamstime.com; hxxps://www.facebook.com; hxxps://www.instagram.com; hxxps://www.reddit.com; hxxps://www.viry.cz; hxxps://www.vitalia.cz; hxxps://www.wondershare.com; hxxps://zulip.pirati.cz
CHR NewTab: Default -> Active:"chrome-extension://llaficoajjainaijghjlofdfmbjpebpa/newtab.html"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-09]
CHR Extension: (Dokumenty) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-09]
CHR Extension: (Disk Google) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (YouTube) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-09]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-09-11]
CHR Extension: (Tabulky) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-16]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2020-09-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-07]
CHR Extension: (Switch to Classic design on Facebook™) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\oancckmjgaoejmbedngcoiakblhacbog [2020-11-15]
CHR Extension: (Video & Audio Downloader) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pchlfebelfohhojoomlngjbkcjponfha [2020-03-19]
CHR Extension: (Gmail) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-26]
CHR Extension: (Chrome Media Router) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-10-15]
CHR Profile: C:\Users\croft\AppData\Local\Google\Chrome\User Data\System Profile [2020-11-05]
CHR HKU\S-1-5-21-3723532541-349634963-3060968088-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1369432 2015-11-18] (Disc Soft Ltd -> Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-10-29] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-10-29] (ESET, spol. s r.o. -> ESET)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-19] (Malwarebytes Inc -> Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\NisSrv.exe [2372048 2020-10-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MsMpEng.exe [128376 2020-10-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.231\WsAppService.exe [493792 2017-10-24] (Wondershare Technology Co.,Ltd -> Wondershare)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R0 C981D415; C:\WINDOWS\System32\drivers\C981D415.sys [478392 2020-08-06] (Kaspersky Lab -> Kaspersky Lab ZAO)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2019-04-14] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47160 2019-04-14] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [160992 2020-10-27] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [109360 2020-10-27] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15288 2020-09-15] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [190464 2020-10-27] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [43720 2020-10-27] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [70048 2020-10-27] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107784 2020-10-27] (ESET, spol. s r.o. -> ESET)
S3 HPMoA407; C:\WINDOWS\System32\drivers\HPMoA407.sys [25088 2011-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.)
S3 HPubA407; C:\WINDOWS\System32\Drivers\HPubA407.sys [18944 2012-06-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-10-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [428264 2020-10-08] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69864 2020-10-08] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-11-17 18:02 - 2020-11-17 18:04 - 000021958 _____ C:\Users\croft\Downloads\FRST.txt
2020-11-17 17:59 - 2020-11-17 17:59 - 002294784 _____ (Farbar) C:\Users\croft\Downloads\FRST64.exe
2020-11-11 10:26 - 2020-11-11 10:27 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-11-11 10:26 - 2020-11-11 10:27 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-11-09 09:12 - 2020-11-09 09:12 - 003648128 _____ C:\Users\croft\Downloads\ratzfatz-muetze-in-vielen-varianten-gr-39-bis-60.zip
2020-11-09 09:12 - 2019-10-28 15:23 - 004286813 _____ C:\Users\croft\Downloads\Anleitung_RatzFatz_Textilsucht.pdf
2020-11-09 09:12 - 2019-10-28 15:23 - 000152420 _____ C:\Users\croft\Downloads\Schnittmuster RatzFatz Muetze.pdf
2020-11-06 20:12 - 2020-11-06 20:12 - 000012756 _____ C:\Users\croft\Documents\adresy.xlsx
2020-11-06 20:11 - 2020-11-06 20:11 - 000048238 _____ C:\Users\croft\AppData\Local\recently-used.xbel
2020-11-06 12:26 - 2020-11-06 12:26 - 000099723 _____ C:\Users\croft\Downloads\stanovy MS.pdf
2020-11-06 07:22 - 2020-11-06 07:22 - 000458853 ____H C:\Users\croft\Downloads\~WRL0004.tmp
2020-11-05 18:14 - 2020-11-05 18:14 - 000020282 _____ C:\Users\croft\Documents\cc_20201105_181449.reg
2020-11-03 13:08 - 2020-11-03 13:08 - 000579771 _____ C:\Users\croft\Downloads\Vítej_u_pirátů_královehradecky.pdf
2020-11-03 09:56 - 2020-11-03 09:56 - 000000000 ____D C:\Users\croft\AppData\Roaming\DataRecommendations
2020-11-03 09:55 - 2020-11-03 09:55 - 000000000 ____D C:\Users\croft\AppData\Local\Microsoft_Corporation
2020-11-02 17:53 - 2020-11-02 17:53 - 000408944 _____ C:\Users\croft\Downloads\damska-kapsa-do-svu.pdf
2020-11-02 12:55 - 2020-11-02 12:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-10-30 08:10 - 2017-12-29 14:52 - 208430445 _____ C:\Users\croft\Downloads\Earth - Den na zázračné planetě (2017) CZ dabing 4K HD(MOJEFILMY.XYZ).mkv
2020-10-25 17:54 - 2020-10-25 17:54 - 000310002 _____ C:\Users\croft\Downloads\201025_Shrnutí-voleb-pro-krajskou-schůzi.pdf
2020-10-24 14:49 - 2020-10-24 14:50 - 000000000 ____D C:\Users\croft\Downloads\z flešky
2020-10-24 14:40 - 2020-10-24 14:40 - 000042541 _____ C:\Users\croft\Downloads\proformaInvoice_2020011130.pdf
2020-10-22 23:42 - 2020-10-22 23:42 - 000065496 _____ (Adobe Systems Inc) C:\WINDOWS\system32\AdobePDF.dll
2020-10-22 23:42 - 2020-10-22 23:42 - 000036312 _____ (Adobe Systems Inc.) C:\WINDOWS\system32\AdobePDFUI.dll
2020-10-20 10:24 - 2020-10-20 10:24 - 002474437 _____ C:\Users\croft\Downloads\návod.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-11-17 18:03 - 2019-05-21 07:35 - 000000000 ____D C:\FRST
2020-11-17 18:02 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-11-17 17:07 - 2020-03-31 18:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-11-17 12:08 - 2019-10-05 09:46 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-11-17 12:08 - 2019-10-05 09:46 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-11-17 10:10 - 2020-03-31 18:22 - 001606106 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-11-17 10:10 - 2019-03-19 12:55 - 000685252 _____ C:\WINDOWS\system32\perfh005.dat
2020-11-17 10:10 - 2019-03-19 12:55 - 000137918 _____ C:\WINDOWS\system32\perfc005.dat
2020-11-17 10:10 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-11-17 09:20 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-11-16 15:43 - 2019-04-10 16:58 - 000000000 ____D C:\Users\Líba záloha
2020-11-16 15:07 - 2019-04-11 09:02 - 000000000 ____D C:\Users\Pracovní\Piráti
2020-11-16 15:02 - 2020-10-09 13:36 - 000000000 ____D C:\Users\croft\Downloads\inspirace
2020-11-16 15:01 - 2019-04-09 12:42 - 000000000 ____D C:\Users\croft\AppData\Local\Packages
2020-11-16 14:45 - 2019-10-13 08:29 - 000000000 ____D C:\Users\croft\AppData\Roaming\vlc
2020-11-15 14:12 - 2020-06-02 23:28 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-11-14 19:03 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-11-13 20:33 - 2019-10-29 11:16 - 000000000 ____D C:\Users\croft\AppData\LocalLow\Mozilla
2020-11-12 10:00 - 2019-04-09 12:45 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-11-11 12:19 - 2020-08-06 15:34 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-11-11 11:08 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-11-11 11:06 - 2019-03-08 15:39 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-11-11 11:03 - 2019-03-08 15:39 - 133736600 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-11-06 20:11 - 2019-04-09 21:08 - 000000000 ____D C:\Users\croft\AppData\Local\gtk-2.0
2020-11-06 20:11 - 2019-04-09 18:48 - 000000000 ____D C:\Users\croft\AppData\Local\babl-0.1
2020-11-06 18:33 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-11-06 17:51 - 2019-05-05 07:39 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2020-11-06 17:51 - 2019-05-05 07:39 - 000002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2020-11-05 16:57 - 2020-03-31 18:29 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-11-05 16:57 - 2019-11-05 14:32 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-11-05 16:55 - 2020-03-31 18:11 - 000000000 ____D C:\Users\croft
2020-11-05 16:55 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-11-05 16:35 - 2020-08-06 15:34 - 000000000 ____D C:\Program Files\CCleaner
2020-11-03 14:33 - 2020-07-15 15:36 - 000000000 ___HD C:\Users\croft\Downloads\[Originals]
2020-11-02 12:55 - 2019-10-30 18:20 - 000001273 _____ C:\Users\croft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-11-02 12:55 - 2019-10-29 11:16 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-11-01 09:18 - 2020-06-02 23:28 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-11-01 09:18 - 2020-06-02 23:28 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-10-29 11:55 - 2019-04-09 12:44 - 000000000 ____D C:\Users\croft\AppData\Local\PlaceholderTileLogoFolder
2020-10-28 19:51 - 2019-10-13 08:29 - 000000916 _____ C:\Users\Public\Desktop\VLC media player.lnk
2020-10-28 19:51 - 2019-10-13 08:29 - 000000916 _____ C:\ProgramData\Desktop\VLC media player.lnk
2020-10-27 17:34 - 2020-02-01 13:24 - 000000000 ____D C:\Users\croft\AppData\Roaming\uTorrent
2020-10-27 16:04 - 2020-04-02 12:43 - 000190464 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2020-10-27 16:04 - 2020-04-02 12:43 - 000160992 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2020-10-27 16:04 - 2020-04-02 12:43 - 000109360 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2020-10-27 16:04 - 2020-04-02 12:43 - 000107784 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2020-10-27 16:04 - 2020-04-02 12:43 - 000070048 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2020-10-27 16:04 - 2020-04-02 12:43 - 000043720 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2020-10-19 14:27 - 2019-11-21 15:21 - 000000000 ____D C:\Users\croft\Downloads\šití
2020-10-19 13:24 - 2020-03-30 15:58 - 000000000 ____D C:\Users\Pracovní\spolek
2020-10-19 13:23 - 2020-05-05 09:30 - 000000000 ____D C:\Users\Pracovní\Sika

==================== Files in the root of some directories ========

2019-04-10 21:09 - 2019-04-10 21:09 - 000000000 _____ () C:\Users\croft\AppData\Local\oobelibMkey.log
2020-11-06 20:11 - 2020-11-06 20:11 - 000048238 _____ () C:\Users\croft\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

#2 Příspěvek od **Rudy** » 17 lis 2020 18:53

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

LV1234 · #3 Příspěvek od **LV1234** » 17 lis 2020 21:01

# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2020-09-29.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-17-2020
# Duration: 00:00:02
# OS: Windows 10 Home
# Cleaned: 1
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\Gramblr

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1406 octets] - [20/05/2019 13:03:41]
AdwCleaner[C00].txt - [1514 octets] - [20/05/2019 13:04:00]
AdwCleaner[S01].txt - [2067 octets] - [22/01/2020 15:14:16]
AdwCleaner[C01].txt - [2105 octets] - [22/01/2020 15:14:54]
AdwCleaner[S02].txt - [1677 octets] - [17/11/2020 20:54:48]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########

#4 Příspěvek od **Rudy** » 17 lis 2020 22:01

Toto je OK. Přidejte ještě log Addition (je v C:\Users\croft\Downloads v souboru addition.txt) a dočistíme ručně.

LV1234 · #5 Příspěvek od **LV1234** » 18 lis 2020 09:05

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-11-2020
Ran by Líba (17-11-2020 18:38:46)
Running from C:\Users\croft\Downloads
Windows 10 Home Version 1909 18363.1139 (X64) (2020-03-31 17:30:22)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3723532541-349634963-3060968088-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3723532541-349634963-3060968088-503 - Limited - Disabled)
Guest (S-1-5-21-3723532541-349634963-3060968088-501 - Limited - Disabled)
Líba (S-1-5-21-3723532541-349634963-3060968088-1002 - Administrator - Enabled) => C:\Users\croft
WDAGUtilityAccount (S-1-5-21-3723532541-349634963-3060968088-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AS: ESET Security (Disabled - Up to date) {333C65BB-8923-0EAA-C47E-C486E687BEFD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 3.1.3.26837 - emc, uTorrent.CZ)
64 Bit HP CIO Components Installer (HKLM\...\{C788B026-20BD-4E96-B698-533F1D6C5013}) (Version: 7.2.4 - Hewlett-Packard) Hidden
ACDSee Ultimate 10 (64-bit) (HKLM\...\{F1BD782B-A54A-4BC1-9A4E-CF64CFF019BD}) (Version: 10.4.0.912 - ACD Systems International Inc.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 20.013.20064 - Adobe Systems Incorporated)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2019.0816.1152.21357 - Advanced Micro Devices, Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.70 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0112 - Disc Soft Ltd)
ELAN Touchpad 18.2.26.3_X64_WHQL (HKLM\...\Elantech) (Version: 18.2.26.3 - ELAN Microelectronic Corp.)
ESET Security (HKLM\...\{0C3F76CB-98AA-49B1-9B72-CD040E3E17E8}) (Version: 14.0.22.0 - ESET, spol. s r.o.)
GIMP 2.10.10 (HKLM\...\GIMP-2_is1) (Version: 2.10.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 86.0.4240.198 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 86.0.622.69 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.137.99 - )
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{97238E8A-4919-4A1E-965A-C6C36938F4CE}) (Version: 2.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
Mozilla Firefox 81.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 81.0.2 (x64 cs)) (Version: 81.0.2 - Mozilla)
Mumble 1.3.0 (HKLM\...\{A44AF5DC-C413-4CBD-99BD-651AA5CDFFFF}) (Version: 1.3.0 - The Mumble Developers)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8554 - Realtek Semiconductor Corp.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22 - Ghisler Software GmbH)
VdhCoApp 1.5.0 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Wondershare Filmora9(Build 9.3.0) (HKLM\...\Wondershare Filmora9_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
YTD (pepak) (HKLM-x32\...\YTD_Pepak) (Version: - )

Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2019-05-21] (Adobe Systems Incorporated)
HP Scan and Capture -> C:\Program Files\WindowsApps\AD2F1837.HPScanandCapture_40.0.245.0_x64__v10z8vjag6ke6 [2019-05-21] (Hewlett-Packard Company)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_121.1.193.0_x64__v10z8vjag6ke6 [2020-11-05] (HP Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12109.10002.53004.0_x64__nzyj5cx40ttqa [2020-10-22] (Apple Inc.) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-07-31] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [PicaViewCtxMenuShlExt] -> {F3CBBA61-EE3F-4D6D-B1C6-B3474E579936} => C:\Program Files\Common Files\ACD Systems\PicaView\ACDSeePV.dll [2015-08-28] (ACD Systems International -> ACD Systems International Inc.)
ContextMenuHandlers1: [_MovaviSuite10] -> {9D700AB0-33CE-4ab3-BD66-3A73CC2CEDE3} => -> No File
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-02-20] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-08-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxDTCM.dll [2018-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-07-31] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-02-20] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [_MovaviSuite10] -> {9D700AB0-33CE-4ab3-BD66-3A73CC2CEDE3} => -> No File

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

#6 Příspěvek od **Rudy** » 18 lis 2020 10:19

Log není kompletní. Měl by vypadat asi takto: https://forum.viry.cz/viewtopic.php?p=1536546#p1536546 .

LV1234 · #7 Příspěvek od **LV1234** » 18 lis 2020 11:15

vybrala a zkopírovala jsem vše co je v tom souboru. Mám tedy pustit test ještě jednou?

LV1234 · #8 Příspěvek od **LV1234** » 18 lis 2020 11:42

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-11-2020
Ran by Líba (administrator) on LÍBA (HP HP Laptop 14-bp1xx) (18-11-2020 11:27:51)
Running from C:\Users\croft\Downloads
Loaded Profiles: Líba
Platform: Windows 10 Home Version 1909 18363.1198 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0346830.inf_amd64_f723e13ffb3b2652\B345901\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0346830.inf_amd64_f723e13ffb3b2652\B345901\atiesrxx.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <31>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> HP) C:\Windows\System32\hpservice.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\IntelCpHeciSvc.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.231\WsAppService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [ACUW10EN] => C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\acdIDInTouch2.exe [2157000 2017-04-21] (ACD Systems International -> ACD Systems)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3674720 2018-05-11] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [175504 2020-10-29] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5866032 2020-10-22] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\Run: [ACDSeeCommanderUltimate10] => C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\ACDSeeCommanderUltimate10.exe [3427272 2017-04-25] (ACD Systems International -> )
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4179288 2015-11-18] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5491248 2020-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [29271224 2020-08-05] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\...\Windows x64\Print Processors\hpcpp101: C:\Windows\System32\spool\prtprocs\x64\hpcpp101.dll [323584 2010-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [65496 2020-10-22] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\HP C411 Status Monitor: C:\WINDOWS\system32\hpinkstsC411LM.dll [333496 2013-02-04] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.66\Installer\chrmstp.exe [2020-11-17] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {08393777-2384-440D-91E4-AEBC7CB6ED0A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24770744 2020-08-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3321AC99-6979-4ADA-B63C-90A8469281F4} - System32\Tasks\GoogleUpdateTaskMachineCore1d5ff7dc8e0a443 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {4DC24594-1BA1-45EC-9939-FFEBCD1CAD3B} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3723532541-349634963-3060968088-500 => C:\Users\croft\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {6821FE11-081E-4D55-8806-9D4B3DEC6A8C} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\croft\Downloads\esetonlinescanner_csy.exe
Task: {892F5E2F-A0EC-4EBB-AFC1-CE247EE87C0E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.)
Task: {989B7C29-748C-483A-898E-12FDE1FE5C06} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\croft\Downloads\esetonlinescanner_csy.exe
Task: {B4EF7188-3BC3-47C3-A0CF-8312A44C8780} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-08-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C23CA36A-F7C9-4E42-9761-4A7AE2A2EAC4} - System32\Tasks\GoogleUpdateTaskMachineUA1d57dbef5a66ad0 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {C71BBFD2-11D4-4C98-BE85-499A63738AE6} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269296 2018-10-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {C791C6D2-BA93-4234-AF14-816A47B4DE09} - System32\Tasks\GoogleUpdateTaskMachineCore1d57dbef58d7204 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {CA125255-6F8A-48EF-BD5B-4A8AF0C5121B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {D07DA521-5711-4294-B45F-9112A1BABCDD} - System32\Tasks\GoogleUpdateTaskMachineUA1d5ff7dc90708cf => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {DCA8ABD7-A530-428C-B2BA-DE5250B23511} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [660688 2020-11-02] (Mozilla Corporation -> Mozilla Foundation)
Task: {DDB512BA-0014-491C-A822-3E5B7C2B1542} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61112 2019-08-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {DEBB26FF-7B21-4D1E-9658-B4A2F3DFE592} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {FACE49CD-51CC-4B22-860A-013ED31E0D0B} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [68280 2019-08-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.38 213.46.172.39
Tcpip\..\Interfaces\{01d9789d-5705-45b7-962a-a2adffa4a1ce}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{0cee5351-1667-498a-8c34-0a45e0c35c49}: [DhcpNameServer] 213.46.172.38 213.46.172.39

Edge:
======
DownloadDir: C:\Users\croft\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\croft\AppData\Local\Microsoft\Edge\User Data\Default [2020-11-17]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: 8yk82u7g.default
FF ProfilePath: C:\Users\croft\AppData\Roaming\Mozilla\Firefox\Profiles\0blfb8qd.default-release-1 [2020-11-05]
FF ProfilePath: C:\Users\croft\AppData\Roaming\Mozilla\Firefox\Profiles\8yk82u7g.default [2020-01-22]
FF ProfilePath: C:\Users\croft\AppData\Roaming\Mozilla\Firefox\Profiles\dm8nxv80.default-release [2020-11-18]
FF Extension: (Video DownloadHelper) - C:\Users\croft\AppData\Roaming\Mozilla\Firefox\Profiles\dm8nxv80.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-08-04]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2020-10-22] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2020-11-18]

Chrome:
=======
CHR Profile: C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default [2020-11-18]
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://cs.nex-software.com; hxxps://dev1security.blogspot.com; hxxps://dp32.ru; hxxps://drive.google.com; hxxps://et.piratihk.cz; hxxps://m.facebook.com; hxxps://mrak.pirati.cz; hxxps://trycracksoftware.com; hxxps://upload.facebook.com; hxxps://vk.com; hxxps://www.dreamstime.com; hxxps://www.facebook.com; hxxps://www.instagram.com; hxxps://www.reddit.com; hxxps://www.viry.cz; hxxps://www.vitalia.cz; hxxps://www.wondershare.com; hxxps://zulip.pirati.cz
CHR NewTab: Default -> Active:"chrome-extension://llaficoajjainaijghjlofdfmbjpebpa/newtab.html"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-09]
CHR Extension: (Dokumenty) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-09]
CHR Extension: (Disk Google) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (YouTube) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-09]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-11-17]
CHR Extension: (Tabulky) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-17]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2020-09-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-07]
CHR Extension: (Switch to Classic design on Facebook™) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\oancckmjgaoejmbedngcoiakblhacbog [2020-11-15]
CHR Extension: (Video & Audio Downloader) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pchlfebelfohhojoomlngjbkcjponfha [2020-03-19]
CHR Extension: (Gmail) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-26]
CHR Extension: (Chrome Media Router) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-17]
CHR Profile: C:\Users\croft\AppData\Local\Google\Chrome\User Data\System Profile [2020-11-05]
CHR HKU\S-1-5-21-3723532541-349634963-3060968088-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1369432 2015-11-18] (Disc Soft Ltd -> Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-10-29] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-10-29] (ESET, spol. s r.o. -> ESET)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7269976 2020-11-17] (Malwarebytes Inc -> Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\NisSrv.exe [2372048 2020-10-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MsMpEng.exe [128376 2020-10-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.231\WsAppService.exe [493792 2017-10-24] (Wondershare Technology Co.,Ltd -> Wondershare)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R0 C981D415; C:\WINDOWS\System32\drivers\C981D415.sys [478392 2020-08-06] (Kaspersky Lab -> Kaspersky Lab ZAO)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2019-04-14] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47160 2019-04-14] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [160992 2020-10-27] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [109360 2020-10-27] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15288 2020-09-15] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [190464 2020-10-27] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [43720 2020-10-27] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [70048 2020-10-27] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107784 2020-10-27] (ESET, spol. s r.o. -> ESET)
S3 HPMoA407; C:\WINDOWS\System32\drivers\HPMoA407.sys [25088 2011-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.)
S3 HPubA407; C:\WINDOWS\System32\Drivers\HPubA407.sys [18944 2012-06-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-11-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-11-17] (Malwarebytes Inc -> Malwarebytes)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-10-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [428264 2020-10-08] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69864 2020-10-08] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-11-18 09:16 - 2020-11-18 09:16 - 000018746 _____ C:\Users\croft\Downloads\Výplatní_lístek_10.2020.pdf
2020-11-17 20:52 - 2020-11-17 20:52 - 008447152 _____ (Malwarebytes) C:\Users\croft\Desktop\AdwCleaner.exe
2020-11-17 20:22 - 2020-11-17 20:22 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-11-17 20:22 - 2020-11-17 20:22 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-11-17 20:22 - 2020-11-17 20:21 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-11-17 20:16 - 2020-11-17 20:16 - 002077648 _____ (Malwarebytes) C:\Users\croft\Downloads\MBSetup.exe
2020-11-17 19:22 - 2020-11-17 20:02 - 726800384 _____ C:\Users\croft\Downloads\Králova řeč cz.avi
2020-11-17 18:05 - 2020-11-17 18:39 - 000015306 _____ C:\Users\croft\Downloads\Addition.txt
2020-11-17 18:02 - 2020-11-18 11:30 - 000021580 _____ C:\Users\croft\Downloads\FRST.txt
2020-11-17 17:59 - 2020-11-17 17:59 - 002294784 _____ (Farbar) C:\Users\croft\Downloads\FRST64.exe
2020-11-11 10:55 - 2020-11-11 10:55 - 025445888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 022651392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 019812352 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 018038784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 008011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 007761408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 007292928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 007008256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 006311424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 005906944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 005770336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 004855808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 004608000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 004547072 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 003820032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 003694392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 003525592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 003506688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 002948920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 002737152 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 002495264 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 002315984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 002230240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 001996800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 001842368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 001615360 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 001491160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 001419328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 001397568 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-11-11 10:55 - 2020-11-11 10:55 - 001285120 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 001272160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 001108376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 001098728 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 001077056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-11-11 10:55 - 2020-11-11 10:55 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000784000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-11-11 10:55 - 2020-11-11 10:55 - 000775480 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-11-11 10:55 - 2020-11-11 10:55 - 000774144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000743936 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2020-11-11 10:55 - 2020-11-11 10:55 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000516536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000431104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000406992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000366184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000345568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000300704 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2020-11-11 10:55 - 2020-11-11 10:55 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2020-11-11 10:55 - 2020-11-11 10:55 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HoloShellRuntime.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000172352 _____ (Microsoft Corporation) C:\WINDOWS\system32\PktMon.exe
2020-11-11 10:55 - 2020-11-11 10:55 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtm.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\raserver.exe
2020-11-11 10:55 - 2020-11-11 10:55 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbnetlib.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbnetlib.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raserver.exe
2020-11-11 10:55 - 2020-11-11 10:55 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000099712 _____ (Microsoft Corporation) C:\WINDOWS\system32\FsIso.exe
2020-11-11 10:55 - 2020-11-11 10:55 - 000097088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PktMon.sys
2020-11-11 10:55 - 2020-11-11 10:55 - 000093512 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcXtrnal.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000084280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-11-11 10:55 - 2020-11-11 10:55 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\delegatorprovider.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi_passthru.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\delegatorprovider.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000021320 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi_passthru.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
2020-11-11 10:55 - 2020-11-11 10:55 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcXtrnal.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe
2020-11-11 10:55 - 2020-11-11 10:55 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtprio.dll
2020-11-11 10:55 - 2020-11-11 10:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-11-11 10:55 - 2020-11-11 10:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-11-11 10:55 - 2020-11-11 10:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-11-11 10:55 - 2020-11-11 10:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-11-11 10:55 - 2020-11-11 10:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-11-11 10:55 - 2020-11-11 10:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-11-11 10:55 - 2020-11-11 10:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-11-11 10:55 - 2020-11-11 10:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-11-11 10:55 - 2020-11-11 10:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-11-11 10:55 - 2020-11-11 10:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-11-11 10:55 - 2020-11-11 10:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-11-11 10:55 - 2020-11-11 10:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-11-11 10:54 - 2020-11-11 10:54 - 009925944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-11-11 10:54 - 2020-11-11 10:54 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 007274304 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 006527992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 006438400 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 006196736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 006071392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 005112320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 005003824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-11-11 10:54 - 2020-11-11 10:54 - 004032776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-11-11 10:54 - 2020-11-11 10:54 - 003806208 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 003761664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 003741520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 003728384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-11-11 10:54 - 2020-11-11 10:54 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 003387904 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 003371168 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 002993976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-11-11 10:54 - 2020-11-11 10:54 - 002799616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-11-11 10:54 - 2020-11-11 10:54 - 002777712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 002695992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-11-11 10:54 - 2020-11-11 10:54 - 002585032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 002564608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 002306048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 002263296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 001998936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 001991608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 001957528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 001859072 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 001835520 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 001834296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 001824768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 001743672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 001698816 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 001693696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 001673568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 001669120 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 001668312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 001665192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 001656904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 001632256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 001565504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 001488384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-11-11 10:54 - 2020-11-11 10:54 - 001480512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-11-11 10:54 - 2020-11-11 10:54 - 001459712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 001393968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 001369088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 001307448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 001285448 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 001260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 001259720 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 001170960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 001154952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 001101312 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 001101312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 001096704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 001053120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 001048992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 001022264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 001014784 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2020-11-11 10:54 - 2020-11-11 10:54 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000951296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000938984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-11-11 10:54 - 2020-11-11 10:54 - 000911872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000894016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000893616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000891984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000889408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2020-11-11 10:54 - 2020-11-11 10:54 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000862208 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000851768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000833336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-11-11 10:54 - 2020-11-11 10:54 - 000767984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000752592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2020-11-11 10:54 - 2020-11-11 10:54 - 000733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000716312 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000696832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000694160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000684872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000680248 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2020-11-11 10:54 - 2020-11-11 10:54 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000675024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-11-11 10:54 - 2020-11-11 10:54 - 000638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000634880 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-11-11 10:54 - 2020-11-11 10:54 - 000618296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000598568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000592936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000586552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2020-11-11 10:54 - 2020-11-11 10:54 - 000580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000572200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000564496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000551624 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-11-11 10:54 - 2020-11-11 10:54 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000538680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000535040 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000531472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000518464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-11-11 10:54 - 2020-11-11 10:54 - 000512512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-11-11 10:54 - 2020-11-11 10:54 - 000473584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000467944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000456072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2020-11-11 10:54 - 2020-11-11 10:54 - 000453944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-11-11 10:54 - 2020-11-11 10:54 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000423424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000405928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-11-11 10:54 - 2020-11-11 10:54 - 000398656 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000372544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2020-11-11 10:54 - 2020-11-11 10:54 - 000364856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-11-11 10:54 - 2020-11-11 10:54 - 000335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-11-11 10:54 - 2020-11-11 10:54 - 000323904 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2020-11-11 10:54 - 2020-11-11 10:54 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000295936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2020-11-11 10:54 - 2020-11-11 10:54 - 000285568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000247864 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000222528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-11-11 10:54 - 2020-11-11 10:54 - 000214848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ifsutil.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-11-11 10:54 - 2020-11-11 10:54 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000199992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-11-11 10:54 - 2020-11-11 10:54 - 000193600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSoftwareInstallationClient.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000188216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ifsutil.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000180024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ulib.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-11-11 10:54 - 2020-11-11 10:54 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtm.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\diskpart.exe
2020-11-11 10:54 - 2020-11-11 10:54 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000165176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000149304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ulib.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000132408 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Taskbar.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000117056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2020-11-11 10:54 - 2020-11-11 10:54 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2020-11-11 10:54 - 2020-11-11 10:54 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000108856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000105272 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000094024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-11-11 10:54 - 2020-11-11 10:54 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManagerApi.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000090944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpnUserService.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000089336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardDlg.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msobjs.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msobjs.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\amsi.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000051632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel.appcore.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardBi.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scfilter.sys
2020-11-11 10:54 - 2020-11-11 10:54 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-11-11 10:54 - 2020-11-11 10:54 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcicda.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2020-11-11 10:54 - 2020-11-11 10:54 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-11-11 10:54 - 2020-11-11 10:54 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000024792 _____ (Microsoft Corporation) C:\WINDOWS\system32\nsi.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mciwave.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mciseq.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000020144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nsi.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsregtask.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\localui.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindflt.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtprio.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2020-11-11 10:54 - 2020-11-11 10:54 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 017790976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 007913776 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 007846632 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 006233088 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 005284328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 004685120 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-11-11 10:53 - 2020-11-11 10:53 - 004471296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 004005376 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 003732480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 003581240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-11-11 10:53 - 2020-11-11 10:53 - 003265024 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 003136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 002985472 _____ (Microsoft Corporation) C:\WINDOWS\system32\FluencyDS.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 002712064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-11-11 10:53 - 2020-11-11 10:53 - 002656768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 002505496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 002466296 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 002296832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 002261848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 002073088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 001841152 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 001816528 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 001784832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 001766400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 001751552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 001746240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 001606144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 001588224 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 001385704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 001282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsf3gip.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 001183232 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 001150256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-11-11 10:53 - 2020-11-11 10:53 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 001083696 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 001075200 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskbarcpl.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 001017656 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000916760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-11-11 10:53 - 2020-11-11 10:53 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-11-11 10:53 - 2020-11-11 10:53 - 000825344 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000804168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2020-11-11 10:53 - 2020-11-11 10:53 - 000642008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChxAPDS.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChxHAPDS.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChtCangjieDS.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChtBopomofoDS.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChtHkStrokeDS.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChsStrokeDS.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChtQuickDS.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-11-11 10:53 - 2020-11-11 10:53 - 000435000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2020-11-11 10:53 - 2020-11-11 10:53 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000425056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-11-11 10:53 - 2020-11-11 10:53 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2020-11-11 10:53 - 2020-11-11 10:53 - 000374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jpndecoder.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChxDecoder.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysFxUI.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000363120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\chxinputrouter.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000357376 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2020-11-11 10:53 - 2020-11-11 10:53 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MtfDecoder.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-11-11 10:53 - 2020-11-11 10:53 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000293176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2020-11-11 10:53 - 2020-11-11 10:53 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\jpnranker.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiCloudStore.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000246592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2020-11-11 10:53 - 2020-11-11 10:53 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-11-11 10:53 - 2020-11-11 10:53 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000209208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000200704 _____ C:\WINDOWS\system32\IHDS.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\diskpart.exe
2020-11-11 10:53 - 2020-11-11 10:53 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\trie.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.System.UserProfile.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000164864 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-11-11 10:53 - 2020-11-11 10:53 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MTFFuzzyDS.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AdvancedEmojiDS.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\VocabRoamingHandler.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerApi.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\chxranker.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MTFSpellcheckDS.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\HashtagDS.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000104256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChtAdvancedDS.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\MTFAppServiceDS.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\drmk.sys
2020-11-11 10:53 - 2020-11-11 10:53 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\RuleBasedDS.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-11-11 10:53 - 2020-11-11 10:53 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\jpninputrouter.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-11-11 10:53 - 2020-11-11 10:53 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\amsi.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransliterationRanker.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel.appcore.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmojiDS.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcicda.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2020-11-11 10:53 - 2020-11-11 10:53 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\devauthe.sys
2020-11-11 10:53 - 2020-11-11 10:53 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-11-11 10:53 - 2020-11-11 10:53 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mciwave.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-11-11 10:53 - 2020-11-11 10:53 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mciseq.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregtask.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsilog.dll
2020-11-11 10:53 - 2020-11-11 10:53 - 000016144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\drmkaud.sys
2020-11-11 10:53 - 2020-11-11 10:53 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\amsiproxy.dll
2020-11-11 10:26 - 2020-11-11 10:27 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-11-11 10:26 - 2020-11-11 10:27 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-11-09 09:12 - 2020-11-09 09:12 - 003648128 _____ C:\Users\croft\Downloads\ratzfatz-muetze-in-vielen-varianten-gr-39-bis-60.zip
2020-11-09 09:12 - 2019-10-28 15:23 - 004286813 _____ C:\Users\croft\Downloads\Anleitung_RatzFatz_Textilsucht.pdf
2020-11-09 09:12 - 2019-10-28 15:23 - 000152420 _____ C:\Users\croft\Downloads\Schnittmuster RatzFatz Muetze.pdf
2020-11-06 20:12 - 2020-11-06 20:12 - 000012756 _____ C:\Users\croft\Documents\adresy.xlsx
2020-11-06 20:11 - 2020-11-06 20:11 - 000048238 _____ C:\Users\croft\AppData\Local\recently-used.xbel
2020-11-06 12:26 - 2020-11-06 12:26 - 000099723 _____ C:\Users\croft\Downloads\stanovy MS.pdf
2020-11-06 07:22 - 2020-11-06 07:22 - 000458853 ____H C:\Users\croft\Downloads\~WRL0004.tmp
2020-11-05 18:14 - 2020-11-05 18:14 - 000020282 _____ C:\Users\croft\Documents\cc_20201105_181449.reg
2020-11-03 13:08 - 2020-11-03 13:08 - 000579771 _____ C:\Users\croft\Downloads\Vítej_u_pirátů_královehradecky.pdf
2020-11-03 09:56 - 2020-11-03 09:56 - 000000000 ____D C:\Users\croft\AppData\Roaming\DataRecommendations
2020-11-03 09:55 - 2020-11-03 09:55 - 000000000 ____D C:\Users\croft\AppData\Local\Microsoft_Corporation
2020-11-02 17:53 - 2020-11-02 17:53 - 000408944 _____ C:\Users\croft\Downloads\damska-kapsa-do-svu.pdf
2020-11-02 12:55 - 2020-11-02 12:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-10-30 08:10 - 2017-12-29 14:52 - 208430445 _____ C:\Users\croft\Downloads\Earth - Den na zázračné planetě (2017) CZ dabing 4K HD(MOJEFILMY.XYZ).mkv
2020-10-25 17:54 - 2020-10-25 17:54 - 000310002 _____ C:\Users\croft\Downloads\201025_Shrnutí-voleb-pro-krajskou-schůzi.pdf
2020-10-24 14:49 - 2020-10-24 14:50 - 000000000 ____D C:\Users\croft\Downloads\z flešky
2020-10-24 14:40 - 2020-10-24 14:40 - 000042541 _____ C:\Users\croft\Downloads\proformaInvoice_2020011130.pdf
2020-10-22 23:42 - 2020-10-22 23:42 - 000065496 _____ (Adobe Systems Inc) C:\WINDOWS\system32\AdobePDF.dll
2020-10-22 23:42 - 2020-10-22 23:42 - 000036312 _____ (Adobe Systems Inc.) C:\WINDOWS\system32\AdobePDFUI.dll
2020-10-20 10:24 - 2020-10-20 10:24 - 002474437 _____ C:\Users\croft\Downloads\návod.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-11-18 11:29 - 2019-05-21 07:35 - 000000000 ____D C:\FRST
2020-11-18 11:25 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-11-18 11:16 - 2020-03-31 18:22 - 001606106 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-11-18 11:16 - 2019-03-19 12:55 - 000685252 _____ C:\WINDOWS\system32\perfh005.dat
2020-11-18 11:16 - 2019-03-19 12:55 - 000137918 _____ C:\WINDOWS\system32\perfc005.dat
2020-11-18 11:16 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-11-18 11:08 - 2020-03-31 18:29 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-11-18 11:07 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-11-18 10:51 - 2020-03-31 18:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-11-18 10:32 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-11-18 10:32 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-11-18 09:16 - 2019-10-05 09:46 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-11-18 09:16 - 2019-10-05 09:46 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-11-17 20:45 - 2019-04-09 12:42 - 000000000 ___RD C:\Users\croft\3D Objects
2020-11-17 20:45 - 2019-03-08 15:31 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-11-17 20:41 - 2020-03-31 18:02 - 000449600 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-11-17 20:36 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\TextInput
2020-11-17 20:36 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-11-17 20:36 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-11-17 20:36 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\setup
2020-11-17 20:36 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-11-17 20:36 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-11-17 20:35 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-11-17 20:35 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-11-17 20:35 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-11-17 20:35 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-11-17 20:22 - 2020-02-20 07:20 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-11-17 20:22 - 2020-02-20 07:20 - 000002021 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-11-17 20:22 - 2019-10-29 11:16 - 000000000 ____D C:\Users\croft\AppData\LocalLow\Mozilla
2020-11-17 20:22 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-11-17 20:21 - 2020-02-20 07:19 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-11-17 19:42 - 2019-04-09 12:45 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-11-16 15:43 - 2019-04-10 16:58 - 000000000 ____D C:\Users\Líba záloha
2020-11-16 15:07 - 2019-04-11 09:02 - 000000000 ____D C:\Users\Pracovní\Piráti
2020-11-16 15:02 - 2020-10-09 13:36 - 000000000 ____D C:\Users\croft\Downloads\inspirace
2020-11-16 15:01 - 2019-04-09 12:42 - 000000000 ____D C:\Users\croft\AppData\Local\Packages
2020-11-16 14:45 - 2019-10-13 08:29 - 000000000 ____D C:\Users\croft\AppData\Roaming\vlc
2020-11-15 14:12 - 2020-06-02 23:28 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-11-11 12:19 - 2020-08-06 15:34 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-11-11 11:08 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-11-11 11:06 - 2019-03-08 15:39 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-11-11 11:03 - 2019-03-08 15:39 - 133736600 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-11-11 10:53 - 2020-03-31 18:08 - 002876928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-11-06 20:11 - 2019-04-09 21:08 - 000000000 ____D C:\Users\croft\AppData\Local\gtk-2.0
2020-11-06 20:11 - 2019-04-09 18:48 - 000000000 ____D C:\Users\croft\AppData\Local\babl-0.1
2020-11-06 18:33 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-11-06 17:51 - 2019-05-05 07:39 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2020-11-06 17:51 - 2019-05-05 07:39 - 000002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2020-11-05 16:57 - 2019-11-05 14:32 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-11-05 16:55 - 2020-03-31 18:11 - 000000000 ____D C:\Users\croft
2020-11-05 16:35 - 2020-08-06 15:34 - 000000000 ____D C:\Program Files\CCleaner
2020-11-03 14:33 - 2020-07-15 15:36 - 000000000 ___HD C:\Users\croft\Downloads\[Originals]
2020-11-02 12:55 - 2019-10-30 18:20 - 000001273 _____ C:\Users\croft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-11-02 12:55 - 2019-10-29 11:16 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-11-01 09:18 - 2020-06-02 23:28 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-11-01 09:18 - 2020-06-02 23:28 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-10-29 11:55 - 2019-04-09 12:44 - 000000000 ____D C:\Users\croft\AppData\Local\PlaceholderTileLogoFolder
2020-10-28 19:51 - 2019-10-13 08:29 - 000000916 _____ C:\Users\Public\Desktop\VLC media player.lnk
2020-10-28 19:51 - 2019-10-13 08:29 - 000000916 _____ C:\ProgramData\Desktop\VLC media player.lnk
2020-10-27 17:34 - 2020-02-01 13:24 - 000000000 ____D C:\Users\croft\AppData\Roaming\uTorrent
2020-10-27 16:04 - 2020-04-02 12:43 - 000190464 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2020-10-27 16:04 - 2020-04-02 12:43 - 000160992 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2020-10-27 16:04 - 2020-04-02 12:43 - 000109360 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2020-10-27 16:04 - 2020-04-02 12:43 - 000107784 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2020-10-27 16:04 - 2020-04-02 12:43 - 000070048 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2020-10-27 16:04 - 2020-04-02 12:43 - 000043720 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2020-10-19 14:27 - 2019-11-21 15:21 - 000000000 ____D C:\Users\croft\Downloads\šití
2020-10-19 13:24 - 2020-03-30 15:58 - 000000000 ____D C:\Users\Pracovní\spolek
2020-10-19 13:23 - 2020-05-05 09:30 - 000000000 ____D C:\Users\Pracovní\Sika

==================== Files in the root of some directories ========

2019-04-10 21:09 - 2019-04-10 21:09 - 000000000 _____ () C:\Users\croft\AppData\Local\oobelibMkey.log
2020-11-06 20:11 - 2020-11-06 20:11 - 000048238 _____ () C:\Users\croft\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

LV1234 · #9 Příspěvek od **LV1234** » 18 lis 2020 12:16

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-11-2020
Ran by Líba (18-11-2020 11:31:56)
Running from C:\Users\croft\Downloads
Windows 10 Home Version 1909 18363.1198 (X64) (2020-03-31 17:30:22)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3723532541-349634963-3060968088-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3723532541-349634963-3060968088-503 - Limited - Disabled)
Guest (S-1-5-21-3723532541-349634963-3060968088-501 - Limited - Disabled)
Líba (S-1-5-21-3723532541-349634963-3060968088-1002 - Administrator - Enabled) => C:\Users\croft
WDAGUtilityAccount (S-1-5-21-3723532541-349634963-3060968088-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AS: ESET Security (Disabled - Up to date) {333C65BB-8923-0EAA-C47E-C486E687BEFD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}
FW: ESET Firewall (Disabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 3.1.3.26837 - emc, uTorrent.CZ)
64 Bit HP CIO Components Installer (HKLM\...\{C788B026-20BD-4E96-B698-533F1D6C5013}) (Version: 7.2.4 - Hewlett-Packard) Hidden
ACDSee Ultimate 10 (64-bit) (HKLM\...\{F1BD782B-A54A-4BC1-9A4E-CF64CFF019BD}) (Version: 10.4.0.912 - ACD Systems International Inc.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 20.013.20064 - Adobe Systems Incorporated)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2019.0816.1152.21357 - Advanced Micro Devices, Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.70 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0112 - Disc Soft Ltd)
ELAN Touchpad 18.2.26.3_X64_WHQL (HKLM\...\Elantech) (Version: 18.2.26.3 - ELAN Microelectronic Corp.)
ESET Security (HKLM\...\{0C3F76CB-98AA-49B1-9B72-CD040E3E17E8}) (Version: 14.0.22.0 - ESET, spol. s r.o.)
GIMP 2.10.10 (HKLM\...\GIMP-2_is1) (Version: 2.10.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.66 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
Malwarebytes version 4.2.3.96 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.3.96 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 86.0.622.69 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.137.99 - )
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{97238E8A-4919-4A1E-965A-C6C36938F4CE}) (Version: 2.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
Mozilla Firefox 81.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 81.0.2 (x64 cs)) (Version: 81.0.2 - Mozilla)
Mumble 1.3.0 (HKLM\...\{A44AF5DC-C413-4CBD-99BD-651AA5CDFFFF}) (Version: 1.3.0 - The Mumble Developers)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8554 - Realtek Semiconductor Corp.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22 - Ghisler Software GmbH)
VdhCoApp 1.5.0 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Wondershare Filmora9(Build 9.3.0) (HKLM\...\Wondershare Filmora9_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
YTD (pepak) (HKLM-x32\...\YTD_Pepak) (Version: - )

Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2019-05-21] (Adobe Systems Incorporated)
HP Scan and Capture -> C:\Program Files\WindowsApps\AD2F1837.HPScanandCapture_40.0.245.0_x64__v10z8vjag6ke6 [2019-05-21] (Hewlett-Packard Company)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_121.1.193.0_x64__v10z8vjag6ke6 [2020-11-05] (HP Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12109.10002.53004.0_x64__nzyj5cx40ttqa [2020-10-22] (Apple Inc.) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-07-31] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [PicaViewCtxMenuShlExt] -> {F3CBBA61-EE3F-4D6D-B1C6-B3474E579936} => C:\Program Files\Common Files\ACD Systems\PicaView\ACDSeePV.dll [2015-08-28] (ACD Systems International -> ACD Systems International Inc.)
ContextMenuHandlers1: [_MovaviSuite10] -> {9D700AB0-33CE-4ab3-BD66-3A73CC2CEDE3} => -> No File
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-02-20] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-08-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxDTCM.dll [2018-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-07-31] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-02-20] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [_MovaviSuite10] -> {9D700AB0-33CE-4ab3-BD66-3A73CC2CEDE3} => -> No File

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-06-28 16:32 - 2019-06-28 16:32 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2019-06-28 16:32 - 2019-06-28 16:32 - 003598336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2010-01-18 11:29 - 2010-01-18 11:29 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-01-18 11:29 - 2010-01-18 11:29 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2019-06-28 16:32 - 2019-06-28 16:32 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2019-06-28 16:32 - 2019-06-28 16:32 - 000040960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2019-06-28 16:32 - 2019-06-28 16:32 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2019-06-28 16:32 - 2019-06-28 16:32 - 000414208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2019-06-28 16:32 - 2019-06-28 16:32 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2019-06-28 16:32 - 2019-06-28 16:32 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2019-06-28 16:32 - 2019-06-28 16:32 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2019-06-28 16:32 - 2019-06-28 16:32 - 000516608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2019-06-28 16:32 - 2019-06-28 16:32 - 001441280 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2019-08-16 10:49 - 2019-08-16 10:49 - 005999104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2019-06-28 16:32 - 2019-06-28 16:32 - 006413824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2019-06-28 16:32 - 2019-06-28 16:32 - 001141760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2019-06-28 16:32 - 2019-06-28 16:32 - 000339968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2019-06-28 16:32 - 2019-06-28 16:32 - 004143104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2019-06-28 16:32 - 2019-06-28 16:32 - 003840000 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2019-06-28 16:32 - 2019-06-28 16:32 - 000332800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2019-06-28 16:32 - 2019-06-28 16:32 - 000349184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2019-06-28 16:32 - 2019-06-28 16:32 - 080959488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2019-06-28 16:32 - 2019-06-28 16:32 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2019-06-28 16:32 - 2019-06-28 16:32 - 005622272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2019-06-28 16:32 - 2019-06-28 16:32 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2019-06-28 16:32 - 2019-06-28 16:32 - 000190464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-06-28 16:32 - 2019-06-28 16:32 - 002825216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2019-06-28 16:33 - 2019-06-28 16:33 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-06-28 16:33 - 2019-06-28 16:33 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-06-28 16:33 - 2019-06-28 16:33 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2019-06-28 16:33 - 2019-06-28 16:33 - 000330752 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-06-28 16:33 - 2019-06-28 16:33 - 000137216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2019-06-28 16:33 - 2019-06-28 16:33 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-06-28 16:33 - 2019-06-28 16:33 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2019-06-28 16:33 - 2019-06-28 16:33 - 000136192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\styles\qwindowsvistastyle.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\C981D415.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\C981D415.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3723532541-349634963-3060968088-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://icewarp.ajptech.cz:8090/webmail/
SearchScopes: HKU\S-1-5-21-3723532541-349634963-3060968088-1002 -> DefaultScope {197966BA-D2CF-4684-858F-225A7A9B8D88} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
SearchScopes: HKU\S-1-5-21-3723532541-349634963-3060968088-1002 -> {197966BA-D2CF-4684-858F-225A7A9B8D88} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-06-25 03:44 - 2019-06-25 03:44 - 000000000 _____ C:\WINDOWS\system32\drivers\etc\hosts

2020-06-16 16:52 - 2020-06-16 17:57 - 000000434 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3723532541-349634963-3060968088-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\croft\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 213.46.172.38 - 213.46.172.39
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "ETDCtrl"
HKLM\...\StartupApproved\Run: => "ACUW10EN"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\StartupApproved\Run: => "ACDSeeCommanderUltimate10"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{AB603749-DB79-4F4E-A263-48333E666020}C:\users\croft\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\croft\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{FD868332-7372-4E4D-AEE7-B03347DB60AB}C:\users\croft\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\croft\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{8BFD1336-8F8E-4AFB-8761-B3C7C73A033B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B0702882-5733-4D65-946B-AB4DC07F4FCF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{46719A2D-6600-41EC-B62D-E574AC32765F}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{AEEB9EE6-4114-4DB4-9DF2-44C0C69B254E}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{6EF24A4F-E5A1-462C-9C90-3C311F57A2D4}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{9BA664A9-33EE-4FF1-A88A-FB3A429769C7}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{5E99CE29-1832-4162-B535-42FFCF2347D4}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{E81E2122-76ED-4F82-BF27-26331081B54B}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{32DF4F75-7A78-46E2-80F3-C3B12A49129C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12109.10002.53004.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3A43AACA-6AB8-4E8C-9C78-94259376408B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12109.10002.53004.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{054AC479-52E4-450A-9017-86A0507A098A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12109.10002.53004.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{34300882-1F41-4F2D-A707-C77BE1672814}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12109.10002.53004.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FFF9841C-8FFF-4BE4-BCB1-C59C5C6D453D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12109.10002.53004.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D196B5DD-0B08-4B2F-802F-E5EB4EBD24A0}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12109.10002.53004.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4F037845-2D02-4EBD-A75E-0EAD948D5937}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12109.10002.53004.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CEBA4618-9D8B-46D5-8F9C-8116233F00A4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12109.10002.53004.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1C630564-993D-4D12-86AA-CE12DA041A08}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

07-11-2020 17:00:12 Naplánovaný kontrolní bod
11-11-2020 10:25:12 Windows Update

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (11/18/2020 11:30:43 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4328,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (11/18/2020 11:24:25 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10304,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (11/18/2020 11:18:30 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2240,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (11/18/2020 11:07:14 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (11/18/2020 11:07:14 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (11/18/2020 10:37:54 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5584,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (11/18/2020 09:42:42 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8472,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (11/18/2020 09:14:12 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1292,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

System errors:
=============
Error: (11/18/2020 11:07:16 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelIHVRouter04.dll

Error: (11/18/2020 11:07:16 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelIHVRouter04.dll

Error: (11/18/2020 11:07:10 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelIHVRouter04.dll

Error: (11/18/2020 11:06:59 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/18/2020 11:06:59 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Genuine Software Integrity Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/18/2020 11:06:59 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Content Protection HECI Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/18/2020 11:06:59 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Genuine Monitor Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/18/2020 11:06:59 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Wondershare Application Framework Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Windows Defender:
===================================
Date: 2020-04-30 16:38:16.972
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.313.2652.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16900.4
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.

Date: 2020-04-30 16:38:16.972
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.313.2652.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16900.4
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.

Date: 2020-04-30 16:38:16.971
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.313.2652.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16900.4
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.

CodeIntegrity:
===================================

Date: 2020-11-18 11:13:29.490
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-11-18 11:13:29.480
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-11-18 11:13:29.458
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-11-18 11:11:18.719
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-11-18 11:11:18.677
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-11-18 11:11:16.560
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-11-18 11:11:16.503
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-11-18 11:11:16.177
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: Insyde F.33 12/17/2019
Motherboard: HP 840D
Processor: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz
Percentage of memory in use: 63%
Total physical RAM: 8078.22 MB
Available physical RAM: 2928.55 MB
Total Virtual: 15220.32 MB
Available Virtual: 8686.35 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.39 GB) (Free:813.63 GB) NTFS

\\?\Volume{ed2eee43-14d4-443f-ad1f-1aca40cc50e0}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{860939b6-fb5f-463e-8b3c-02d4a2ddb0a6}\ () (Fixed) (Total:0.57 GB) (Free:0.08 GB) NTFS
\\?\Volume{a589f2bd-e2ea-4634-bc15-d5c483e23c1a}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

#10 Příspěvek od **Rudy** » 18 lis 2020 16:43

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [_MovaviSuite10] -> {9D700AB0-33CE-4ab3-BD66-3A73CC2CEDE3} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [_MovaviSuite10] -> {9D700AB0-33CE-4ab3-BD66-3A73CC2CEDE3} => -> No File
HKLM-x32\...\Run: [] => [X]
Task: {3321AC99-6979-4ADA-B63C-90A8469281F4} - System32\Tasks\GoogleUpdateTaskMachineCore1d5ff7dc8e0a443 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {C23CA36A-F7C9-4E42-9761-4A7AE2A2EAC4} - System32\Tasks\GoogleUpdateTaskMachineUA1d57dbef5a66ad0 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {C791C6D2-BA93-4234-AF14-816A47B4DE09} - System32\Tasks\GoogleUpdateTaskMachineCore1d57dbef58d7204 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {D07DA521-5711-4294-B45F-9112A1BABCDD} - System32\Tasks\GoogleUpdateTaskMachineUA1d5ff7dc90708cf => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)

EmptyTemp:
End

Uložte do C:\Users\croft\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

LV1234 · #11 Příspěvek od **LV1234** » 18 lis 2020 18:53

Fix result of Farbar Recovery Scan Tool (x64) Version: 17-11-2020
Ran by Líba (18-11-2020 18:44:23) Run:2
Running from C:\Users\croft\Downloads
Loaded Profiles: Líba
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [_MovaviSuite10] -> {9D700AB0-33CE-4ab3-BD66-3A73CC2CEDE3} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [_MovaviSuite10] -> {9D700AB0-33CE-4ab3-BD66-3A73CC2CEDE3} => -> No File
HKLM-x32\...\Run: [] => [X]
Task: {3321AC99-6979-4ADA-B63C-90A8469281F4} - System32\Tasks\GoogleUpdateTaskMachineCore1d5ff7dc8e0a443 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {C23CA36A-F7C9-4E42-9761-4A7AE2A2EAC4} - System32\Tasks\GoogleUpdateTaskMachineUA1d57dbef5a66ad0 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {C791C6D2-BA93-4234-AF14-816A47B4DE09} - System32\Tasks\GoogleUpdateTaskMachineCore1d57dbef58d7204 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {D07DA521-5711-4294-B45F-9112A1BABCDD} - System32\Tasks\GoogleUpdateTaskMachineUA1d5ff7dc90708cf => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrivePro1 (ErrorConflict) => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrivePro2 (SyncInProgress) => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrivePro3 (InSync) => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\_MovaviSuite10 => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\_MovaviSuite10 => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3321AC99-6979-4ADA-B63C-90A8469281F4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3321AC99-6979-4ADA-B63C-90A8469281F4}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1d5ff7dc8e0a443 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore1d5ff7dc8e0a443" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C23CA36A-F7C9-4E42-9761-4A7AE2A2EAC4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C23CA36A-F7C9-4E42-9761-4A7AE2A2EAC4}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d57dbef5a66ad0 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA1d57dbef5a66ad0" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C791C6D2-BA93-4234-AF14-816A47B4DE09}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C791C6D2-BA93-4234-AF14-816A47B4DE09}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1d57dbef58d7204 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore1d57dbef58d7204" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D07DA521-5711-4294-B45F-9112A1BABCDD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D07DA521-5711-4294-B45F-9112A1BABCDD}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d5ff7dc90708cf => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA1d5ff7dc90708cf" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 32732675 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 9832382 B
Edge => 43008 B
Chrome => 490306163 B
Firefox => 33503351 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 18928017 B
NetworkService => 18928017 B
croft => 52907799 B

RecycleBin => 30006224806 B
EmptyTemp: => 28.6 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 18:46:30 ====

#12 Příspěvek od **Rudy** » 18 lis 2020 19:54

Smazáno. Nastala nějaká změna?

LV1234 · #13 Příspěvek od **LV1234** » 18 lis 2020 19:57

nenastala, stále se hřeje, hučí větrák a vypadá to že se vznese

#14 Příspěvek od **Rudy** » 18 lis 2020 20:04

Stáhněte, nainstalujte a spusťte HWMonitor: https://www.instaluj.cz/hwmonitor a po ustálení hodnot sem dejte screen okna.

LV1234 · #15 Příspěvek od **LV1234** » 19 lis 2020 12:27

: Bez názvu1.png (72.43 KiB) Zobrazeno 1658 x

VIRY.CZ

Notebook se přehřívá

Notebook se přehřívá

Re: Notebook se přehřívá

Re: Notebook se přehřívá

Re: Notebook se přehřívá

Re: Notebook se přehřívá

Re: Notebook se přehřívá

Re: Notebook se přehřívá

Re: Notebook se přehřívá

Re: Notebook se přehřívá

Re: Notebook se přehřívá

Re: Notebook se přehřívá

Re: Notebook se přehřívá

Re: Notebook se přehřívá

Re: Notebook se přehřívá

Re: Notebook se přehřívá