Dobrý večer prajem,
prosím o kontrolu logu - notebook, spomalenie, zasekávanie, mrznutie app.
Ďakujem veľmi pekne.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-02-2021
Ran by Seka (administrator) on SEKA-THINK (LENOVO 1143K4G) (03-02-2021 19:22:26)
Running from C:\Users\Seka\Desktop
Loaded Profiles: Seka
Platform: Windows 10 Home Version 2004 19041.789 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(AuthenTec, Inc. -> Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel® Identity Protection Technology Software -> Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(LENOVO -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Lenovo(Japan)Ltd. -> Lenovo.) C:\Windows\System32\TpShocks.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Protexis Inc. -> Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated -> Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [TpShocks] => C:\WINDOWS\system32\TpShocks.exe [380776 2011-03-29] (Lenovo(Japan)Ltd. -> Lenovo.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [310912 2011-04-26] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [SynLenovoHelper] => C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe [146600 2015-07-28] (Synaptics Incorporated -> Synaptics)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [175504 2020-11-06] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3936936 2015-07-28] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2384984 2016-12-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498720 2016-04-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4046335105-2706149465-2342894865-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32440376 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.146\Installer\chrmstp.exe [2021-02-03] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{18CBEEAA-6708-41A1-9379-D08915333CF2}] -> C:\Program Files\ThinkVantage Fingerprint Software\provider.dll [2013-03-05] (AuthenTec, Inc. -> Authentec Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\ThinkPad\Bluetooth Software\\BtwCP.dll [2011-04-28] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Provider Filters: [{AE583D93-8D1B-424F-9858-5623FB7824EE}] -> C:\Program Files\ThinkVantage Fingerprint Software\provider.dll [2013-03-05] (AuthenTec, Inc. -> Authentec Inc.)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0CEB39A4-E2EE-404A-89D1-64ADBEEA8C5C} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {0D12E138-D7F3-4DE3-851F-896D8297FD0E} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {0F3D2144-5143-4334-B51F-E209ADA72B68} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {13E1661C-E62E-4C52-8454-E85DCE734B70} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe
Task: {13F75735-CE1E-4182-BC02-BC134AD48CCA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {1528944E-E527-4935-9E38-0C1D864C7427} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {176D591F-C89A-4095-B309-7B82CDDD9365} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {1F9C0194-A14C-42F6-A9C0-AAFFB7D7B212} - \TVT\TVSUUpdateTask -> No File <==== ATTENTION
Task: {29D5BDB6-834B-4AAF-9FE4-984E2228BD8A} - \Lenovo\SimpleTap\Start SimpleTap for Seka-THINK.Seka -> No File <==== ATTENTION
Task: {2A182089-A1BE-4921-8A9D-E663A462DF7F} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {30A7A56D-07E9-44D2-92B0-C1176F63BE08} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [1923584 2017-09-21] () [File not signed]
Task: {357F7257-003D-42D0-B7EE-9A19117187BD} - \PMTask -> No File <==== ATTENTION
Task: {3754B992-6D38-49AC-9968-DE82A3F0DB2F} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe
Task: {3C8B22BE-6FA9-4FCB-9140-2EE3286FE7AB} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
Task: {3D25C612-24EA-4380-8ACE-0E0BFE3C1A83} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [16832 2015-07-01] (LENOVO -> Lenovo)
Task: {41EBF7F3-9CAE-4D38-8056-05D5308C253C} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [16744 2013-05-17] (Lenovo Information Products (Shenzhen) Co.,Ltd -> Lenovo)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4A2E024C-2AA2-4C6F-9B3C-77E0DA6D9149} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe
Task: {4B9BC86B-B068-46D5-8DE0-D1D94A80BD1D} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {4CB00FE0-BAAF-46A8-A3C2-F73C69316F1C} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4E5E933B-E5C3-4733-BC86-DF4E5C83D9EB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-05-24] (Google Inc -> Google Inc.)
Task: {51376539-ABC9-4D03-BA8C-B8967D76978B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {55241966-A525-483A-80B3-912957AB1D5B} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {56404826-2F5D-485F-909D-7095EC3616C3} - System32\Tasks\{FE676A99-C3C9-4654-B702-48A2EA121D67} => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://ui.skype.com/ui/0/5.0.0.152.375/ ... d;disabled
Task: {5844785E-665F-48DA-B893-7A3DEA19CE95} - System32\Tasks\Lenovo\Message Center Plus Launcher => C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe [66000 2015-03-23] (LENOVO -> Lenovo)
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5BA07DE9-AFE8-4F78-BA8C-DD084C955095} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5CF2AB8A-7390-41C7-8F37-4219EEA150F3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {5E83E5C9-F789-491B-B810-470460FB8D8F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-10-23] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {6620AE60-7FD9-4C82-852A-4C59BE211304} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {663ACE0B-01C8-4889-B9A9-7983D2C89DA8} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {6D8247F1-2793-44EA-8594-F74737F2A75E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6FBADC38-20D1-4D7E-B89C-61CF0343D2A1} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {6FE09C4F-2D11-4E38-89E0-A3354BF67A4C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {71FDBDDA-6EF7-4745-A483-A280C6F28C47} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {786BCF61-2646-44DE-B342-49EC99CC9127} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {7C161B70-6E67-4B1E-8B31-A6150B589654} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {7CECE398-FFE1-42E3-9DDF-8A8A6860A96A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {7FEEE41B-7CC1-4381-BE94-69D187C5D542} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {81B9AE31-23E3-4E62-BCFF-F4E245BF02F6} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {83045E4E-2579-4BB6-BB31-3C1D0A44412A} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
Task: {85271B66-7DA3-48C3-8004-F59373A19F40} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe
Task: {856AD02D-4D25-4243-8205-AA39BFF61532} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26913848 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {8A6A6671-259F-439F-BAD9-D0C15F0AD26A} - System32\Tasks\AdobeAAMUpdater-1.0-Seka-THINK-Seka => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {8A6F6665-22CB-4A09-87C6-E04B977D0151} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {98491E51-716F-4F6E-8C8D-555E534C9579} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-05-24] (Google Inc -> Google Inc.)
Task: {9E62B164-AA32-4503-8B34-352992245D8F} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {A1B491D2-3F94-4DA5-950F-B488DE727980} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A22C0023-BD18-4275-A741-3642F39D13E1} - System32\Tasks\{3C8038B0-FFC1-49AA-B35E-C70EEFA6BB83} => "c:\program files (x86)\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/5.0.0.152.375/ ... d;disabled
Task: {A57CDDA4-929F-4106-A334-0367875C4063} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A7750A4F-F000-4DE2-8B48-02AFE3A7AC81} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {ADBA3FD8-51B8-4EA8-A84A-FC0E33ABEA71} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\PowerMgrInst.exe [62152 2020-12-20] (Lenovo -> )
Task: {AE1224E2-27C9-4A12-97D2-4778E3DD0A47} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {BD13DE06-B699-47D0-9469-B0D784E0E16C} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C421AFD3-E9F2-44A7-BEC8-03ACB2E8E28C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C6F56AB7-33D5-4FF7-8A70-3601E9EC66DA} - System32\Tasks\{C9061E2F-7A8C-4A89-8B1B-AE1E28212795} => "c:\program files (x86)\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/6.6.0.106/sk/a ... age=tsBing
Task: {C853121A-866A-438F-89E0-43E73D5285C9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {CBF5BBC6-8397-42A6-8C88-968311A3945A} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {CE28BDD0-7FC6-4571-BF6E-4708EDB92050} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {CE47A082-0881-4AA7-A508-83DDCD3488D0} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D70B7B9F-CD48-423C-8571-6B17353970CF} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {D8D937D2-8E84-4F41-AA15-368D19A4AD0A} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D98C6D61-054B-41BE-BF91-67CCD7846385} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EF19F11F-F341-48CA-B4EF-EE727F3EC5D8} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F030A6A8-E074-454D-B7A5-A6AB8E738883} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FD954E36-1AAB-42B1-A18F-41936D055067} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\WINDOWS\AutoKMS\AutoKMS.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{71a532dc-7913-42c7-9982-e221a1907aa7}: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{cebd36e8-bc97-4ad5-a884-1a6052248d5b}: [DhcpNameServer] 192.168.100.1
Edge:
=======
Edge Profile: C:\Users\Seka\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-03]
FireFox:
========
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2017-09-25] [Legacy]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-12-09] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2016-04-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-12-09] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Seka\AppData\Local\Google\Chrome\User Data\Default [2021-02-03]
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://svetserialov.to; hxxps://www.facebook.com; hxxps://www.fotor.com
CHR StartupUrls: Default -> "hxxps://www.google.sk/"
CHR Extension: (Prezentácie) - C:\Users\Seka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Dokumenty) - C:\Users\Seka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Disk Google) - C:\Users\Seka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25]
CHR Extension: (YouTube) - C:\Users\Seka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\Seka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Adobe Acrobat) - C:\Users\Seka\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-12-17]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Seka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Seka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\Seka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-25]
CHR Extension: (Chrome Media Router) - C:\Users\Seka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-21]
CHR Profile: C:\Users\Seka\AppData\Local\Google\Chrome\User Data\System Profile [2021-02-03]
CHR HKU\S-1-5-21-4046335105-2706149465-2342894865-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2016-04-23]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [753240 2016-12-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-11-06] (ESET, spol. s r.o. -> ESET)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo(Japan)Ltd. -> Lenovo Group Limited)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 5U877; C:\WINDOWS\system32\DRIVERS\5U877.sys [166016 2011-03-05] (Microsoft Windows Hardware Compatibility Publisher -> Ricoh co.,Ltd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [160992 2020-11-06] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15288 2020-09-15] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [190464 2020-11-06] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\System32\DRIVERS\ekbdflt.sys [43720 2020-11-06] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\System32\DRIVERS\epfw.sys [70048 2020-11-06] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107784 2020-11-06] (ESET, spol. s r.o. -> ESET)
R3 iwdbus; C:\WINDOWS\System32\drivers\iwdbus.sys [25496 2011-06-21] (Wireless Display -> Intel Corporation)
R2 risdxc; C:\WINDOWS\system32\DRIVERS\risdxc64.sys [101888 2011-05-26] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13128 2011-05-30] (AuthenTec, Inc. -> Authentec Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-03 19:22 - 2021-02-03 19:24 - 000028381 _____ C:\Users\Seka\Desktop\FRST.txt
2021-02-03 19:21 - 2021-02-03 19:23 - 000000000 ____D C:\FRST
2021-02-03 19:19 - 2021-02-03 19:19 - 002297856 _____ (Farbar) C:\Users\Seka\Desktop\FRST64.exe
2021-02-03 18:26 - 2021-02-03 18:26 - 000000829 _____ C:\Users\Seka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2021-02-03 17:11 - 2021-02-03 17:11 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-03 17:11 - 2021-02-03 17:11 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-03 17:10 - 2021-02-03 17:10 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-02-03 17:10 - 2021-02-03 17:10 - 000010908 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-03 17:08 - 2021-02-03 17:08 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-02-03 16:15 - 2021-02-03 16:15 - 000000279 _____ C:\WINDOWS\SysWOW64\InstallUtil.InstallLog
2021-02-03 16:08 - 2021-02-03 16:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\TVT
2021-02-03 16:07 - 2021-02-03 16:16 - 000000000 ____D C:\WINDOWS\TempInst
2021-02-03 16:07 - 2021-02-03 16:07 - 000000000 ____D C:\Users\Seka\AppData\Local\LenovoServiceBridge
2021-02-03 15:57 - 2021-02-03 15:57 - 000000848 _____ C:\Users\Public\Desktop\Speccy.lnk
2021-02-03 15:57 - 2021-02-03 15:57 - 000000848 _____ C:\ProgramData\Desktop\Speccy.lnk
2021-02-03 15:57 - 2021-02-03 15:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2021-02-03 15:57 - 2021-02-03 15:57 - 000000000 ____D C:\Program Files\Speccy
2021-02-01 10:07 - 2021-02-01 10:07 - 002753606 _____ C:\Users\Seka\Downloads\Monitorovacia správa 1..pdf
2021-02-01 10:07 - 2021-02-01 10:07 - 002084967 _____ C:\Users\Seka\Downloads\Prílohy k monitorovacej správe 1.pdf
2021-02-01 10:07 - 2021-02-01 10:07 - 000615220 _____ C:\Users\Seka\Downloads\Personálna matica 2 - od 01.02.2021.pdf
2021-02-01 08:51 - 2021-02-01 08:51 - 000042228 _____ C:\Users\Seka\Downloads\Príloha 14_Personalna matica 4.xlsx
2021-02-01 07:25 - 2021-02-01 07:25 - 001559653 _____ C:\Users\Seka\Downloads\FW__ziadost_o_opravu_udajov_karta_ucastnika.zip
2021-02-01 07:25 - 2021-02-01 07:25 - 000049769 _____ C:\Users\Seka\Downloads\Zmeny v systéme finančného riadenia.pdf
2021-02-01 06:15 - 2020-12-20 22:57 - 005408968 _____ (Lenovo Group Limited) C:\WINDOWS\SysWOW64\PWMTR32V.dll
2021-02-01 06:15 - 2020-12-20 22:57 - 002351304 _____ (Lenovo Group Limited) C:\WINDOWS\SysWOW64\EasyResume.exe
2021-02-01 06:15 - 2020-12-20 22:57 - 000158920 _____ (Lenovo) C:\WINDOWS\SysWOW64\InstHelper.dll
2021-02-01 06:15 - 2020-12-20 22:57 - 000090312 _____ (Lenovo) C:\WINDOWS\SysWOW64\EventLogger.dll
2021-02-01 06:15 - 2020-12-20 22:57 - 000062152 _____ () C:\WINDOWS\SysWOW64\PowerMgrInst.exe
2021-01-31 13:31 - 2021-01-31 13:31 - 000000000 _____ C:\WINDOWS\system32\Drivers\SETF4B7.tmp
2021-01-29 23:16 - 2021-01-29 23:16 - 000000000 ____D C:\ProgramData\ATI
2021-01-29 23:14 - 2021-01-29 23:14 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-01-29 23:03 - 2021-01-29 23:03 - 000000020 ___SH C:\Users\Seka\ntuser.ini
2021-01-29 23:02 - 2021-02-03 19:13 - 000002956 _____ C:\WINDOWS\system32\Tasks\AutoKMS
2021-01-29 23:02 - 2021-02-03 19:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-29 23:02 - 2021-02-03 16:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2021-01-29 23:02 - 2021-01-29 23:03 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4046335105-2706149465-2342894865-1000
2021-01-29 23:02 - 2021-01-29 23:03 - 000002238 _____ C:\WINDOWS\system32\Tasks\{C9061E2F-7A8C-4A89-8B1B-AE1E28212795}
2021-01-29 23:02 - 2021-01-29 23:02 - 000003504 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-01-29 23:02 - 2021-01-29 23:02 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-01-29 23:02 - 2021-01-29 23:02 - 000003384 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-01-29 23:02 - 2021-01-29 23:02 - 000003280 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-01-29 23:02 - 2021-01-29 23:02 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-01-29 23:02 - 2021-01-29 23:02 - 000003160 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-01-29 23:02 - 2021-01-29 23:02 - 000002762 _____ C:\WINDOWS\system32\Tasks\AdobeAAMUpdater-1.0-Seka-THINK-Seka
2021-01-29 23:02 - 2021-01-29 23:02 - 000002612 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2021-01-29 23:02 - 2021-01-29 23:02 - 000002428 _____ C:\WINDOWS\system32\Tasks\{FE676A99-C3C9-4654-B702-48A2EA121D67}
2021-01-29 23:02 - 2021-01-29 23:02 - 000002422 _____ C:\WINDOWS\system32\Tasks\{3C8038B0-FFC1-49AA-B35E-C70EEFA6BB83}
2021-01-29 23:02 - 2021-01-29 23:02 - 000002286 _____ C:\WINDOWS\system32\Tasks\Microsoft_Hardware_Launch_IPoint_exe
2021-01-29 23:02 - 2021-01-29 23:02 - 000002238 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-01-29 23:02 - 2021-01-29 23:02 - 000000000 ____D C:\WINDOWS\system32\Tasks\WPD
2021-01-29 23:02 - 2021-01-29 23:02 - 000000000 ____D C:\WINDOWS\system32\Tasks\OfficeSoftwareProtectionPlatform
2021-01-29 23:01 - 2021-01-29 23:02 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2021-01-29 23:01 - 2021-01-29 23:02 - 000007623 _____ C:\WINDOWS\diagerr.xml
2021-01-29 22:51 - 2021-02-03 19:18 - 006482974 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-29 22:36 - 2021-01-29 22:36 - 000001332 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerXpress.lnk
2021-01-29 22:36 - 2021-01-29 22:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2021-01-29 22:35 - 2021-01-29 23:03 - 000000000 ____D C:\Users\Seka
2021-01-29 22:35 - 2021-01-29 22:34 - 000000000 ____D C:\Users\Seka\AppData\Roaming\ATI
2021-01-29 22:35 - 2021-01-29 22:34 - 000000000 ____D C:\Users\Seka\AppData\Local\ATI
2021-01-29 22:35 - 2019-12-07 10:10 - 000001105 _____ C:\Users\Seka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-01-29 22:34 - 2021-01-29 22:34 - 000000000 ____D C:\Users\Default\AppData\Roaming\ATI
2021-01-29 22:34 - 2021-01-29 22:34 - 000000000 ____D C:\Users\Default\AppData\Local\ATI
2021-01-29 22:34 - 2021-01-29 22:34 - 000000000 ____D C:\Users\Default User\AppData\Roaming\ATI
2021-01-29 22:34 - 2021-01-29 22:34 - 000000000 ____D C:\Users\Default User\AppData\Local\ATI
2021-01-29 22:27 - 2021-02-03 19:10 - 000008192 ___SH C:\DumpStack.log.tmp
2021-01-29 22:27 - 2021-02-03 17:44 - 005380888 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-29 22:27 - 2021-02-03 17:09 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-29 22:26 - 2021-01-29 23:03 - 000000000 ____D C:\Windows.old
2021-01-29 22:17 - 2021-01-29 22:26 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2021-01-29 22:17 - 2021-01-29 22:17 - 000000000 ____D C:\Program Files\Common Files\SpeechEngines
2021-01-29 22:13 - 2021-01-29 22:16 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-01-29 22:12 - 2021-01-29 22:12 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-01-29 22:06 - 2021-01-29 22:06 - 000000000 ____D C:\ProgramData\ssh
2021-01-29 21:55 - 2021-01-29 21:55 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-29 21:55 - 2021-01-29 21:55 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-29 21:55 - 2021-01-29 21:55 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-29 21:54 - 2021-01-29 21:54 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-29 21:54 - 2021-01-29 21:54 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-29 21:54 - 2021-01-29 21:54 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-29 21:54 - 2021-01-29 21:54 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2021-01-29 21:54 - 2021-01-29 21:54 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-29 21:54 - 2021-01-29 21:54 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2021-01-29 21:54 - 2021-01-29 21:54 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-29 21:54 - 2021-01-29 21:54 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-29 21:54 - 2021-01-29 21:54 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-29 21:54 - 2021-01-29 21:54 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-29 21:54 - 2021-01-29 21:54 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-29 21:54 - 2021-01-29 21:54 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-29 21:54 - 2021-01-29 21:54 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2021-01-29 21:53 - 2021-01-29 21:53 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2021-01-29 21:53 - 2021-01-29 21:53 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2021-01-29 21:53 - 2021-01-29 21:53 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2021-01-29 21:53 - 2021-01-29 21:53 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2021-01-29 21:53 - 2021-01-29 21:53 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-29 21:53 - 2021-01-29 21:53 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-29 21:53 - 2021-01-29 21:53 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-29 21:53 - 2021-01-29 21:53 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2021-01-29 21:53 - 2021-01-29 21:53 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-29 21:53 - 2021-01-29 21:53 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-29 21:53 - 2021-01-29 21:53 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2021-01-29 21:52 - 2021-01-29 21:52 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-29 21:52 - 2021-01-29 21:52 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-01-29 21:52 - 2021-01-29 21:52 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-01-29 21:52 - 2021-01-29 21:52 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-29 21:52 - 2021-01-29 21:52 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-29 21:52 - 2021-01-29 21:52 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2021-01-29 21:52 - 2021-01-29 21:52 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb
2021-01-29 21:52 - 2021-01-29 21:52 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2021-01-29 21:52 - 2021-01-29 21:52 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2021-01-29 21:51 - 2021-01-29 21:51 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2021-01-29 21:51 - 2021-01-29 21:51 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2021-01-29 21:51 - 2021-01-29 21:51 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-01-29 21:51 - 2021-01-29 21:51 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2021-01-29 21:51 - 2021-01-29 21:51 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2021-01-29 21:51 - 2021-01-29 21:51 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-29 21:51 - 2021-01-29 21:51 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-29 21:51 - 2021-01-29 21:51 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-01-29 21:51 - 2021-01-29 21:51 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2021-01-29 21:51 - 2021-01-29 21:51 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-29 21:51 - 2021-01-29 21:51 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2021-01-29 21:51 - 2021-01-29 21:51 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2021-01-29 21:51 - 2021-01-29 21:51 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv
2021-01-29 21:51 - 2021-01-29 21:51 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2021-01-29 21:50 - 2021-01-29 21:50 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-29 21:50 - 2021-01-29 21:50 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-01-29 21:50 - 2021-01-29 21:50 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2021-01-29 21:49 - 2021-01-29 21:49 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-29 21:49 - 2021-01-29 21:49 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-01-29 21:49 - 2021-01-29 21:49 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-01-29 21:49 - 2021-01-29 21:49 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-29 21:49 - 2021-01-29 21:49 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2021-01-29 21:49 - 2021-01-29 21:49 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-29 21:49 - 2021-01-29 21:49 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-01-29 21:49 - 2021-01-29 21:49 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb
2021-01-29 21:49 - 2021-01-29 21:49 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2021-01-29 21:48 - 2021-01-29 21:48 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-29 21:48 - 2021-01-29 21:48 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-01-29 21:48 - 2021-01-29 21:48 - 000707544 _____ C:\WINDOWS\system32\TextShaping.dll
2021-01-29 21:48 - 2021-01-29 21:48 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-01-29 21:48 - 2021-01-29 21:48 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-29 21:48 - 2021-01-29 21:48 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2021-01-29 21:48 - 2021-01-29 21:48 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2021-01-29 21:47 - 2021-01-29 21:47 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2021-01-29 21:47 - 2021-01-29 21:47 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-29 21:47 - 2021-01-29 21:47 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-29 21:47 - 2021-01-29 21:47 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-01-29 21:47 - 2021-01-29 21:47 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-01-29 21:47 - 2021-01-29 21:47 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-29 21:47 - 2021-01-29 21:47 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2021-01-29 21:47 - 2021-01-29 21:47 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-29 21:47 - 2021-01-29 21:47 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2021-01-29 21:47 - 2021-01-29 21:47 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-29 21:47 - 2021-01-29 21:47 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2021-01-29 21:47 - 2021-01-29 21:47 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2021-01-29 21:47 - 2021-01-29 21:47 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv
2021-01-29 21:47 - 2021-01-29 21:47 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-01-29 21:28 - 2021-01-29 21:28 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2021-01-29 21:28 - 2021-01-29 21:28 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2021-01-29 21:10 - 2021-01-29 22:26 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-01-29 21:10 - 2021-01-29 21:10 - 000000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2021-01-29 21:10 - 2021-01-29 21:10 - 000000000 ____D C:\WINDOWS\system32\msmq
2021-01-29 21:10 - 2021-01-29 21:10 - 000000000 ____D C:\WINDOWS\system32\BestPractices
2021-01-29 21:10 - 2021-01-29 21:10 - 000000000 ____D C:\Program Files\Reference Assemblies
2021-01-29 21:10 - 2021-01-29 21:10 - 000000000 ____D C:\Program Files\MSBuild
2021-01-29 21:10 - 2021-01-29 21:10 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2021-01-29 21:10 - 2021-01-29 21:10 - 000000000 ____D C:\inetpub
2021-01-29 06:39 - 2021-01-29 06:39 - 000020619 _____ C:\Users\Seka\Downloads\01-03-Veršíky-Jaro.odt
2021-01-28 16:23 - 2021-02-01 07:13 - 000000000 ___DC C:\WINDOWS\Panther
2021-01-28 15:44 - 2021-01-28 15:44 - 000000000 ___HD C:\$WinREAgent
2021-01-21 16:11 - 2021-01-21 16:30 - 000038400 _____ C:\Users\Seka\Documents\Priloha_c_2-Hlasenie-o-testovanych-osobach TABULKA_Sekulová.xls
2021-01-21 16:07 - 2021-01-21 16:07 - 000037888 _____ C:\Users\Seka\Downloads\Priloha_c_2-Hlasenie-o-testovanych-osobach TABULKA (3).xls
2021-01-21 15:45 - 2021-01-21 15:45 - 000102455 _____ C:\Users\Seka\Downloads\ČASOVY HARMONOGRAM TESTOVANIE 22_01_2021 (3).pdf
2021-01-21 15:43 - 2021-01-21 15:43 - 000037888 _____ C:\Users\Seka\Downloads\Priloha_c_2-Hlasenie-o-testovanych-osobach TABULKA (2).xls
2021-01-21 15:42 - 2021-01-21 15:42 - 000138583 _____ C:\Users\Seka\Downloads\POTVRDENIE AG TESTY (1).pdf
2021-01-21 15:42 - 2021-01-21 15:42 - 000102455 _____ C:\Users\Seka\Downloads\ČASOVY HARMONOGRAM TESTOVANIE 22_01_2021 (2).pdf
2021-01-21 15:40 - 2021-01-21 15:40 - 000037888 _____ C:\Users\Seka\Downloads\Priloha_c_2-Hlasenie-o-testovanych-osobach TABULKA (1).xls
2021-01-21 15:34 - 2021-01-21 15:34 - 000102455 _____ C:\Users\Seka\Downloads\ČASOVY HARMONOGRAM TESTOVANIE 22_01_2021 (1).pdf
2021-01-21 15:31 - 2021-01-21 15:31 - 000037888 _____ C:\Users\Seka\Downloads\Priloha_c_2-Hlasenie-o-testovanych-osobach TABULKA.xls
2021-01-21 15:29 - 2021-01-21 15:29 - 000138583 _____ C:\Users\Seka\Downloads\POTVRDENIE AG TESTY.pdf
2021-01-21 15:28 - 2021-01-21 15:28 - 000102455 _____ C:\Users\Seka\Downloads\ČASOVY HARMONOGRAM TESTOVANIE 22_01_2021.pdf
2021-01-19 17:31 - 2021-01-19 17:31 - 000188726 _____ C:\Users\Seka\Downloads\Orange_doklad_FR_202012_CN0308513803.pdf
2021-01-19 17:31 - 2021-01-19 17:31 - 000159410 _____ C:\Users\Seka\Downloads\Orange_doklad_FR_202011_CN0308513803 (1).pdf
2021-01-19 17:21 - 2021-01-19 17:21 - 000183865 _____ C:\Users\Seka\Downloads\Orange_doklad_FR_202006_CN0308513803.pdf
2021-01-19 17:17 - 2021-01-19 17:17 - 000187821 _____ C:\Users\Seka\Downloads\Orange_doklad_FR_202101_CN0308513803.pdf
2021-01-16 15:05 - 2021-01-16 15:05 - 000002027 _____ C:\Users\Public\Desktop\ESET Ochrana online platieb.lnk
2021-01-16 15:05 - 2021-01-16 15:05 - 000002027 _____ C:\ProgramData\Desktop\ESET Ochrana online platieb.lnk
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-03 19:23 - 2019-03-13 18:14 - 000000000 ____D C:\Program Files\CCleaner
2021-02-03 19:18 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-02-03 19:18 - 2012-11-16 23:01 - 004199040 _____ C:\WINDOWS\system32\perfh01B.dat
2021-02-03 19:18 - 2012-11-16 23:01 - 001265888 _____ C:\WINDOWS\system32\perfc01B.dat
2021-02-03 19:13 - 2017-09-21 17:14 - 000000296 _____ C:\WINDOWS\Tasks\AutoKMS.job
2021-02-03 19:12 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-03 19:09 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-02-03 19:07 - 2012-05-02 14:31 - 000000000 ____D C:\Users\Seka\Documents\zaloha ccleaner
2021-02-03 18:57 - 2019-12-09 17:42 - 000000000 ____D C:\WINDOWS\system32\Lenovo
2021-02-03 18:57 - 2018-12-05 17:37 - 000000000 ____D C:\WINDOWS\SysWOW64\Lenovo
2021-02-03 18:57 - 2016-06-27 15:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2021-02-03 18:57 - 2012-04-05 19:06 - 000000000 ____D C:\Program Files (x86)\Lenovo
2021-02-03 18:57 - 2012-04-05 18:59 - 000000000 ____D C:\Program Files\Lenovo
2021-02-03 18:26 - 2012-05-28 21:44 - 000000000 ____D C:\Users\Seka\AppData\Local\ESET
2021-02-03 18:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-03 17:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-03 17:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-03 17:39 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-03 17:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-03 17:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-03 17:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-03 17:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-03 17:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-03 17:39 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-02-03 17:21 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-03 16:40 - 2019-10-03 16:53 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-02-03 16:40 - 2019-10-03 16:53 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2021-02-03 16:23 - 2018-12-04 17:25 - 000000000 ____D C:\Users\Seka\AppData\Local\Apowersoft
2021-02-03 16:19 - 2015-05-18 21:19 - 000000000 ____D C:\ProgramData\Bentley
2021-02-03 16:16 - 2012-04-05 18:32 - 000000000 ____D C:\ProgramData\Lenovo
2021-02-03 16:09 - 2012-04-05 19:07 - 000000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2021-02-03 15:58 - 2015-05-24 13:58 - 000002324 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-03 15:58 - 2015-05-24 13:58 - 000002283 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-02-03 15:58 - 2015-05-24 13:58 - 000002283 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-02-03 15:50 - 2012-04-27 14:27 - 000000000 ____D C:\Users\Seka\AppData\Local\Adobe
2021-02-02 17:34 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-31 13:14 - 2020-09-30 15:05 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-01-30 22:00 - 2020-07-17 13:47 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-30 22:00 - 2020-07-17 13:47 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-01-30 22:00 - 2020-07-17 13:47 - 000002276 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-01-30 21:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\appcompat
2021-01-29 23:29 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-29 23:29 - 2017-12-07 17:13 - 000000000 ____D C:\Users\Seka\AppData\Local\Packages
2021-01-29 23:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-01-29 23:07 - 2018-07-11 15:42 - 000000000 ____D C:\ProgramData\Packages
2021-01-29 23:07 - 2017-12-07 17:38 - 000000000 ___RD C:\Users\Seka\3D Objects
2021-01-29 23:07 - 2016-08-04 16:46 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-01-29 23:05 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate
2021-01-29 22:50 - 2019-12-07 10:14 - 000000000 __RSD C:\WINDOWS\Media
2021-01-29 22:42 - 2019-06-21 16:47 - 000000000 ____D C:\Users\Seka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center
2021-01-29 22:42 - 2017-09-26 17:06 - 000000000 ___RD C:\Users\Seka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Azure Information Protection Viewer
2021-01-29 22:42 - 2015-07-04 12:03 - 000000000 ____D C:\Users\Seka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-01-29 22:42 - 2012-07-12 17:32 - 000000000 ____D C:\Users\Seka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2021-01-29 22:36 - 2017-07-15 17:12 - 000000000 ____D C:\Program Files\ATI Technologies
2021-01-29 22:36 - 2017-07-15 17:12 - 000000000 ____D C:\Program Files (x86)\ATI Technologies
2021-01-29 22:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-29 22:33 - 2016-08-04 16:12 - 000000000 ____D C:\AMD
2021-01-29 22:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-01-29 22:26 - 2019-12-07 10:18 - 000000000 ____D C:\WINDOWS\Setup
2021-01-29 22:26 - 2019-12-07 10:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-01-29 22:26 - 2019-12-07 10:14 - 000000000 __SHD C:\Program Files\Windows Sidebar
2021-01-29 22:26 - 2019-12-07 10:14 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2021-01-29 22:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2021-01-29 22:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2021-01-29 22:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2021-01-29 22:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-01-29 22:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\spool
2021-01-29 22:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-01-29 22:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2021-01-29 22:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\IME
2021-01-29 22:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\schemas
2021-01-29 22:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Registration
2021-01-29 22:26 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-01-29 22:26 - 2019-09-22 10:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2021-01-29 22:26 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2021-01-29 22:26 - 2019-03-13 18:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-01-29 22:26 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2021-01-29 22:26 - 2018-04-07 14:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone
2021-01-29 22:26 - 2017-09-21 16:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2021-01-29 22:26 - 2017-09-21 16:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2021-01-29 22:26 - 2017-07-15 17:10 - 000000000 ____D C:\Program Files\Synaptics
2021-01-29 22:26 - 2017-07-15 17:10 - 000000000 ____D C:\Program Files\CONEXANT
2021-01-29 22:26 - 2017-07-09 11:32 - 000000000 ____D C:\Program Files\UNP
2021-01-29 22:26 - 2015-10-30 15:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack 64bit
2021-01-29 22:26 - 2015-07-04 12:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-01-29 22:26 - 2015-06-30 17:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2021-01-29 22:26 - 2015-06-10 20:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage
2021-01-29 22:26 - 2015-05-18 19:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2021-01-29 22:26 - 2014-09-26 13:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Parhelia Tools
2021-01-29 22:26 - 2014-05-05 18:41 - 000000000 ___HD C:\WINDOWS\system32\WLANProfiles
2021-01-29 22:26 - 2014-04-05 15:26 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2021-01-29 22:26 - 2013-03-20 20:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
2021-01-29 22:26 - 2012-05-14 16:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2021-01-29 22:26 - 2012-04-05 19:29 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2021-01-29 22:26 - 2012-04-05 19:29 - 000000000 ____D C:\WINDOWS\sk
2021-01-29 22:26 - 2012-04-05 19:29 - 000000000 ____D C:\WINDOWS\en
2021-01-29 22:26 - 2012-04-05 19:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel
2021-01-29 22:26 - 2012-04-05 19:05 - 000000000 ____D C:\Program Files\Intel
2021-01-29 22:26 - 2010-11-21 08:16 - 000000000 ____D C:\WINDOWS\ShellNew
2021-01-29 22:25 - 2019-12-07 10:14 - 000000000 __RHD C:\Users\Public\Libraries
2021-01-29 22:19 - 2012-06-13 15:54 - 000000000 ____D C:\WINDOWS\SysWOW64\spool
2021-01-29 22:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Resources
2021-01-29 22:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Help
2021-01-29 22:17 - 2018-02-22 10:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2021-01-29 22:17 - 2017-07-15 17:11 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2021-01-29 22:17 - 2017-07-15 17:11 - 000000000 ____D C:\Program Files\AuthenTec
2021-01-29 22:17 - 2017-07-15 17:11 - 000000000 ____D C:\Program Files\AMD
2021-01-29 22:17 - 2015-05-18 21:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bentley
2021-01-29 22:17 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files\Microsoft Games
2021-01-29 22:07 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-29 22:07 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-29 22:07 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-29 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-01-29 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-29 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-29 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-01-29 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2021-01-29 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-29 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-29 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-29 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-01-29 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-29 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-01-29 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-01-29 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-29 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-29 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-01-29 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2021-01-29 22:06 - 2019-12-07 15:39 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-29 22:06 - 2019-12-07 15:39 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-29 22:06 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-29 22:06 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-29 22:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-29 22:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-29 22:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-01-29 22:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-29 22:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-29 22:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-29 22:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-29 22:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2021-01-29 22:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-01-29 22:06 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-29 22:06 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-01-29 22:06 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-01-29 22:04 - 2019-12-07 15:39 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-01-29 22:04 - 2019-12-07 15:39 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-01-29 21:31 - 2019-12-07 15:38 - 000000000 ____D C:\WINDOWS\OCR
2021-01-29 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-01-29 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-01-29 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-01-29 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2021-01-29 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-01-29 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-01-29 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-01-29 21:27 - 2019-12-07 15:36 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2021-01-29 21:27 - 2019-12-07 15:36 - 000000000 ____D C:\WINDOWS\system32\WCN
2021-01-20 16:00 - 2013-08-14 10:12 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-20 15:59 - 2012-04-26 15:21 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Files in the root of some directories ========
2014-10-06 23:03 - 2019-07-05 20:46 - 000000132 _____ () C:\Users\Seka\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2017-04-07 14:14 - 2018-06-16 13:16 - 000000034 _____ () C:\Users\Seka\AppData\Roaming\AdobeWLCMCache.dat
2014-09-09 18:12 - 2014-09-09 18:12 - 000004096 ____H () C:\Users\Seka\AppData\Local\keyfile3.drm
2018-09-29 13:18 - 2018-09-29 13:18 - 000000000 _____ () C:\Users\Seka\AppData\Local\oobelibMkey.log
2014-12-02 17:26 - 2014-12-02 17:26 - 000000017 _____ () C:\Users\Seka\AppData\Local\resmon.resmoncfg
2013-03-14 16:54 - 2013-03-14 17:24 - 000001080 _____ () C:\Users\Seka\AppData\Local\SRDownloader (1).nast
2012-05-02 15:25 - 2013-08-31 12:14 - 000001012 _____ () C:\Users\Seka\AppData\Local\SRDownloader.err
2012-05-02 15:28 - 2013-08-31 15:30 - 000001104 _____ () C:\Users\Seka\AppData\Local\SRDownloader.nast
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-02-2021
Ran by Seka (03-02-2021 19:32:32)
Running from C:\Users\Seka\Desktop
Windows 10 Home Version 2004 19041.789 (X64) (2021-01-29 22:03:48)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4046335105-2706149465-2342894865-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4046335105-2706149465-2342894865-503 - Limited - Disabled)
Guest (S-1-5-21-4046335105-2706149465-2342894865-501 - Limited - Disabled)
Seka (S-1-5-21-4046335105-2706149465-2342894865-1000 - Administrator - Enabled) => C:\Users\Seka
WDAGUtilityAccount (S-1-5-21-4046335105-2706149465-2342894865-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}
FW: ESET Firewall (Disabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-4046335105-2706149465-2342894865-1000\...\uTorrent) (Version: 3.5.5.45838 - BitTorrent Inc.)
Active Directory Rights Management Services Client 2.1 (HKLM\...\{EF541964-8162-4E20-8943-17FFD1666446}) (Version: 1.0.3102.0221 - Microsoft Corporation)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.16 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.180 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.5.353 - Adobe Systems Incorporated)
Adobe Illustrator CC 2017 (HKLM-x32\...\ILST_21_0_2) (Version: 21.0.2 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.7 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
ai (HKLM\...\{66C2EA78-E284-47C1-BFEA-56340D0C68CD}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{94186311-E456-6757-02D9-8E6E0B54A38A}) (Version: 3.0.868.0 - Advanced Micro Devices, Inc.)
ATI Uninstaller (HKLM\...\ATI Uninstaller) (Version: 8.951-120308a-137408C-Lenovo - Advanced Micro Devices, Inc.)
Broadcom InConcert Maestro (HKLM\...\{57DD35E9-D9BB-4089-BB05-EF933C586CB3}) (Version: 1.0.1.2200 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.76 - Piriform)
Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec Pack 64bit_is1) (Version: 2015.10.19.0 - CCCP Project)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.27.0 - Conexant)
CopyTrans Control Center Uninstall Only (HKU\S-1-5-21-4046335105-2706149465-2342894865-1000\...\CopyTrans Suite) (Version: 4.100 - WindSolutions)
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.828 - Corel Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0002 - Microsoft Corporation)
Emergency Download Driver (HKLM-x32\...\{05DBF996-83D0-4C40-8D3A-A6850800BC88}) (Version: 1.1.7.1439 - Nokia)
ESET Security (HKLM\...\{B489BC2D-0079-4631-97BF-CA2378299D43}) (Version: 14.0.22.0 - ESET, spol. s r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.146 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
HDR Preview (HKLM\...\{9F7815C9-A323-4215-905C-73137D21BCC0}) (Version: 1.0.0.2 - Bentley Systems, Incorporated)
i-model ODBC Driver for Windows 7 (HKLM-x32\...\{775616F7-2D4C-4D73-8773-A66C0BCECB38}) (Version: 01.01.00019 - Bentley Systems, Incorporated)
i-model ODBC Driver for Windows 7 (x64) (HKLM\...\{454AD0FD-21D2-4E73-99E9-A40CAC75A636}) (Version: 01.01.00019 - Bentley Systems, Incorporated)
Integrated Camera Driver Installer Package Ver.1.1.0.1147 (HKLM-x32\...\{B2CA6F37-1602-4823-81B5-0384B6888AA6}) (Version: 1.1.0.1147 - RICOH)
Integrated Camera TWAIN (HKLM-x32\...\{9CA0DEE4-E84B-466F-9B96-FC255F3A929F}) (Version: 1.0.11.1223 - Chicony Electronics Co.,Ltd.)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation)
Intel(R) Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) WiDi (HKLM-x32\...\{781A93CD-1608-427D-B7F0-D05C07795B25}) (Version: 2.1.41.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel® Chipset Device Software (HKLM-x32\...\{619e726e-d2b4-4e28-9568-c964fd81ee6c}) (Version: 10.1.1.14 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{aa2c2346-d0c0-4d3e-9ab1-11a48b4cb9f3}) (Version: 19.20.3 - Intel Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.11 - )
Lenovo Patch Utility (HKLM-x32\...\{24E92E7A-6848-4747-A3EA-3AAC0576BE52}) (Version: 1.0.1.1 - Lenovo Group Limited)
Lenovo Patch Utility 64 bit (HKLM\...\{39A04221-294E-4D90-A0F2-CCB1EF15CB56}) (Version: 1.2.0.1 - Lenovo Group Limited)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.10.15 - Lenovo)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0008.00 - Lenovo)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo)
Logitech Options (HKLM\...\LogiOptions) (Version: - Logitech)
Lumia UEFI Blue Driver (HKLM-x32\...\{D6EEB835-5BBF-4F6B-8382-1681148D7771}) (Version: 1.1.8.1448 - Nokia)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft Azure Information Protection Viewer (HKU\S-1-5-21-4046335105-2706149465-2342894865-1000\...\{f91f607b-e0fd-4bd3-a71f-e2f349aa32d4}) (Version: 1.10.56.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.56 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.71 - )
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Language Pack 2010 - Slovak/Slovenčina (HKLM-x32\...\Office14.OMUI.sk-sk) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4046335105-2706149465-2342894865-1000\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{143E35D3-F0A4-4E90-96C9-B1B72F11343A}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MSVC80_x64_v2 (HKLM\...\{4D668D4F-FAA2-4726-834C-31F4614F312E}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (HKLM-x32\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PowerXpressHybrid (HKLM-x32\...\{51FDC2DE-0917-46B7-EAEC-5377504701DE}) (Version: 1.00.0000 - Název společnosti:) Hidden
PX Profile Update (HKLM-x32\...\{09415C3E-4DF1-EE91-8641-DBD2E6EB9F87}) (Version: 1.00.1. - AMD) Hidden
PX Profile Update (HKLM-x32\...\{9607EDB9-C843-309D-9262-427BE667EBE1}) (Version: 1.00.1. - AMD) Hidden
RapidBoot (HKLM\...\{5E2652DF-743F-482B-A593-C95F431A5769}) (Version: 1.11 - Lenovo)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.37.1229.2010 - Realtek)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
Revo Uninstaller Pro 3.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.8 - VS Revo Group, Ltd.)
RICOH_Media_Driver_v2.14.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.14.18.01 - RICOH)
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (HKLM-x32\...\{90140000-0100-041B-0000-0000000FF1CE}_Office14.OMUI.sk-sk_{8D105F24-6B95-44FA-BCF5-776FE39E0A46}) (Version: - Microsoft)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.16.0 - Synaptics Incorporated)
Synaptics WBF DDK 5011 (Advanced) (HKLM\...\{9C7B6DA0-852C-46DB-8D8C-F8B25C7F1354}) (Version: 4.5.507.0 - Synaptics)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6C9D5F7-630C-4125-8C4E-94AF77C1896E}) (Version: 6.4.0.2200 - Broadcom Corporation)
ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.75 - Lenovo)
ThinkVantage AutoLock (HKLM\...\{E224B44B-B5EB-4af3-A80A-A255358E241A}_is1) (Version: 1.03 - Lenovo)
ThinkVantage Fingerprint Software (HKLM\...\{F58DA859-016E-492D-A588-317D9BB28002}) (Version: 5.9.9.7282 - Authentec Inc.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.0 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
USB Serial Port Driver (HKLM-x32\...\{3D924542-36BE-49DE-8805-8887C0C8A912}) (Version: 1.1.6.1439 - Nokia)
Windows Driver Package - Intel (iaStor) hdc (11/06/2010 10.1.0.1008) (HKLM\...\73C6BE3E3B6FC5418F2B47E6C75F6C8F9552DC12) (Version: 11/06/2010 10.1.0.1008 - Intel)
Windows Driver Package - Lenovo 1.64.00.00 (07/28/2011 1.64.00.00) (HKLM\...\01E3B64834B04ABAC85D8E1D3EBDC567D83AD29B) (Version: 07/28/2011 1.64.00.00 - Lenovo)
Windows Driver Package - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Windows Driver Package - Realtek (RTL8167) Net (12/29/2010 7.037.1229.2010) (HKLM\...\828B05D2B647CDAEA22493F7BFB96847265EE596) (Version: 12/29/2010 7.037.1229.2010 - Realtek)
Windows Driver Package - Synaptics (SynTP) Mouse (05/19/2011 15.3.8.0) (HKLM\...\DDD8A532E361E9A878EBEF69C338B306810DF059) (Version: 05/19/2011 15.3.8.0 - Synaptics)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Phone app for desktop (HKLM-x32\...\{F0752A78-37C4-4C76-8B97-EFF334BF5298}) (Version: 1.1.2726.0 - Microsoft Corporation)
WinRAR 5.21 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinUsb CoInstallers (HKLM-x32\...\{B7D4B08A-9D89-4369-B51C-92CF8C03D2F8}) (Version: 1.1.8.1406 - Nokia)
WinUSB Compatible ID Drivers (HKLM-x32\...\{316ED84C-ACDA-4F1F-8E64-52B7AFF8677D}) (Version: 1.1.9.1439 - Nokia)
WinUSB Drivers ext (HKLM-x32\...\{238EAE31-4E9E-43CF-B244-C4879279E6AF}) (Version: 1.1.12.1439 - Nokia)
Packages:
=========
Asphalt 8: Airborne -> C:\Program Files\WindowsApps\GAMELOFTSA.Asphalt8Airborne_5.5.11.0_x86__0pp20fcewvvtj [2021-01-16] (GAMELOFT SA)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.185.400.0_x86__kgqvnymyfvs32 [2021-01-21] (king.com)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_5.7.11.0_x86__h6adky7gbf63m [2021-01-28] (Gameloft SE)
Doplnok mediálneho nástroja pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-01-10] (Microsoft Corporation)
Doplnok pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-02-28] (Microsoft Corporation)
FarmVille 2: Country Escape -> C:\Program Files\WindowsApps\D52A8D61.FarmVille2CountryEscape_16.9.6507.0_x86__jwbwg6xx0377a [2021-01-23] (Zynga Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa [2020-11-18] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-01-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-01-29] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-01] (Microsoft Studios) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-15] (Netflix, Inc.)
TuneIn Radio -> C:\Program Files\WindowsApps\TuneIn.TuneInRadio_4.0.7.0_x64__6bhtb546zcxnj [2019-09-22] (TuneIn) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)
Xbox One SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxOneSmartGlass_2.2.1702.2004_x64__8wekyb3d8bbwe [2017-09-10] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4046335105-2706149465-2342894865-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6723984 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4222864 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-11-06] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [miranda.shlext] -> {72013A26-A94C-11d6-8540-A5E62932711D} => -> No File
ContextMenuHandlers1: [MRAICQCMenu] -> {7C9E7B90-88EC-4852-AC7A-C938268A5D04} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-11-06] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [miranda.shlext] -> {72013A26-A94C-11d6-8540-A5E62932711D} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-11-06] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2012-12-29] (VS Revo Group -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2008-09-04] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2008-09-04] (Electronic Arts -> On2.com)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
==================== Loaded Modules (Whitelisted) =============
2012-09-23 19:44 - 2012-09-23 19:44 - 000010240 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\sk_sk\Acrobat Elements\ContextMenuShim64.sky
2021-02-01 08:15 - 2021-02-01 08:15 - 000031232 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\A4.Foundation\299bf2e4e23af02175445e6a26f183b3\A4.Foundation.ni.dll
2021-02-01 08:16 - 2021-02-01 08:16 - 000022528 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Actions5dc83b46#\a24c26eba4ea3ddce65e74fa4668e293\AEM.Actions.CCAA.Shared.ni.dll
2021-02-01 08:16 - 2021-02-01 08:16 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.0a1309f7#\b1c480fea6a1f23d52c3e56efa0e3568\AEM.Plugin.EEU.Shared.ni.dll
2021-02-01 08:16 - 2021-02-01 08:16 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.2b6a6775#\ab84ec371d67664b2b3835984aa2dce2\AEM.Plugin.Hotkeys.Shared.ni.dll
2021-02-01 08:16 - 2021-02-01 08:16 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.54d8abe3#\067d1b4cc2a05184c6e0a89aaee60af6\AEM.Plugin.DPPE.Shared.ni.dll
2021-02-01 08:16 - 2021-02-01 08:16 - 000281600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.5d945b6b#\f535d9aad773e6d356547f8e5efc5a55\AEM.Plugin.Source.Kit.Server.ni.dll
2021-02-01 08:16 - 2021-02-01 08:16 - 000014848 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.674d2b8a#\20e43f89b55b6c6d58c04b22890cbbc3\AEM.Plugin.WinMessages.Shared.ni.dll
2021-02-01 08:16 - 2021-02-01 08:16 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.88aba5d2#\2cb21aaa54b1116e4ceda042a9d4ce1e\AEM.Plugin.REG.Shared.ni.dll
2021-02-01 08:16 - 2021-02-01 08:16 - 000011776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.GD.Shared\a0c3b8ce9c35481a6521f517227bbbe2\AEM.Plugin.GD.Shared.ni.dll
2021-02-01 08:16 - 2021-02-01 08:16 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Server.Shared\6cfd22563e0e2c727f094a3de46cf569\AEM.Server.Shared.ni.dll
2021-02-01 08:17 - 2021-02-01 08:17 - 000267776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Server\8e824043be59343847600763c50d6229\AEM.Server.ni.dll
2021-02-01 08:17 - 2021-02-01 08:17 - 000055808 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\APM.Foundation\8b0dfc591b480594610bbaa94430d4db\APM.Foundation.ni.dll
2021-02-01 08:26 - 2021-02-01 08:26 - 000122880 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ATICCCom\4f9523253033d141734969c0866c932c\ATICCCom.ni.dll
2021-02-01 08:17 - 2021-02-01 08:17 - 000204288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CCC.Implementation\af1df7a28635d8dc2019da4ad419ebaa\CCC.Implementation.ni.dll
2021-02-01 08:22 - 2021-02-01 08:22 - 000154112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.21d2ac78#\cd69cd6c682b5af8e5d39cf83d69e86b\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.ni.dll
2021-02-01 08:19 - 2021-02-01 08:19 - 000026112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.37d3d968#\1de0b258089f746ad04d1233cf969b29\CLI.Aspect.AMDHome.Graphics.Shared.ni.dll
2021-02-01 08:26 - 2021-02-01 08:26 - 000045568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.382a3def#\dd5cc863637abdfb436e9ceaee87b61a\CLI.Aspect.AMDOverDrive.Platform.Shared.ni.dll
2021-02-01 08:23 - 2021-02-01 08:23 - 000107008 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3a6f1658#\119e8f5a6e9313af4844f1cb23d04601\CLI.Aspect.TransCode.Graphics.Shared.ni.dll
2021-02-01 08:22 - 2021-02-01 08:22 - 000132608 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.46819220#\bf72cdb8017728ac2915993a05842fee\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.ni.dll
2021-02-01 08:23 - 2021-02-01 08:23 - 000074752 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4bbb0755#\7d0c76fec9fac2df51435a2a0f823cde\CLI.Aspect.TransCode.Graphics.Dashboard.ni.dll
2021-02-01 08:20 - 2021-02-01 08:20 - 000037888 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.52c6dbaa#\7ee8d68f2500cbf06d0e1339d0509d76\CLI.Aspect.FPS.Graphics.Shared.ni.dll
2021-02-01 08:22 - 2021-02-01 08:22 - 000074752 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.59a12d95#\ea99ad5efa6b77f631f17f3f6514113d\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.ni.dll
2021-02-01 08:23 - 2021-02-01 08:23 - 000064000 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8350f5c6#\d8be2b25b0caf7f3d2433074ff98e9bb\CLI.Aspect.UpdateNotification.Graphics.Runtime.ni.dll
2021-02-01 08:21 - 2021-02-01 08:21 - 000678912 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.846fa813#\5c996f5c11ac17ef06f84931ef195935\CLI.Aspect.MMVideo.Graphics.Dashboard.ni.dll
2021-02-01 08:23 - 2021-02-01 08:23 - 000745472 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8d333b6b#\528e8766b99ec47ea476e036a210492b\CLI.Aspect.Radeon3D.Graphics.Shared.ni.dll
2021-02-01 08:19 - 2021-02-01 08:19 - 000449536 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8e996306#\65cd434862baef10fc07bd43d6d2167e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.ni.dll
2021-02-01 08:20 - 2021-02-01 08:20 - 000089088 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.9cd1e9e7#\7f049fbbcaafea4d4220a3b532b5c57b\CLI.Aspect.FPS.Graphics.Dashboard.ni.dll
2021-02-01 08:20 - 2021-02-01 08:20 - 000057856 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a6cd7fff#\ebccb64be88b1b07b48f2652531555a7\CLI.Aspect.FPS.Graphics.Runtime.ni.dll
2021-02-01 08:23 - 2021-02-01 08:23 - 000082944 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a765109e#\d52f956e96982557fc647f907c8b6ba8\CLI.Aspect.UpdateNotification.Graphics.Dashboard.ni.dll
2021-02-01 08:19 - 2021-02-01 08:19 - 000067072 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.b0a7c1fb#\7b74f226074a5fac1e09e0def576b8c4\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.ni.dll
2021-02-01 08:22 - 2021-02-01 08:22 - 000340992 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c7aaa0f8#\3e009bed5e4d5046f36f132a1b75aa95\CLI.Aspect.OverDrive5.Graphics.Shared.ni.dll
2021-02-01 08:19 - 2021-02-01 08:19 - 000017920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c854b457#\e62039c5f426da0d2aa0415ba6806c9e\CLI.Aspect.HotkeysHandling.Graphics.Shared.ni.dll
2021-02-01 08:19 - 2021-02-01 08:19 - 000096256 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.d4f2f79c#\44975e3ee24433a1e9af1a654e25d48e\CLI.Aspect.CrossFireX.Graphics.Dashboard.ni.dll
2021-02-01 08:20 - 2021-02-01 08:20 - 000276480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e8635fc7#\24a2cc20fd43f0a9ca86f44040cb1067\CLI.Aspect.InfoCentre.Graphics.Dashboard.ni.dll
2021-02-01 08:23 - 2021-02-01 08:23 - 003312640 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e9fd7406#\711a19b2cdab61f725d7b781b2b2978e\CLI.Aspect.Radeon3D.Graphics.Dashboard.ni.dll
2021-02-01 08:19 - 2021-02-01 08:19 - 000240640 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.eda8935e#\44b63310c195cfc86fdc7b385b24d1af\CLI.Aspect.MMVideo.Graphics.Shared.ni.dll
2021-02-01 08:23 - 2021-02-01 08:23 - 000047616 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ef3eaa4d#\2597fa5cfc6bbd186558dd3ddb3875f3\CLI.Aspect.TransCode.Graphics.Runtime.ni.dll
2021-02-01 08:23 - 2021-02-01 08:23 - 000050688 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.f480a2f3#\0e5e46fe8262765fc01f531393cea826\CLI.Aspect.UpdateNotification.Graphics.Shared.ni.dll
2021-02-01 08:24 - 2021-02-01 08:24 - 000051200 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Runtime\1b793612380f60d287e5c5f86122e89c\CLI.Caste.A4.Runtime.ni.dll
2021-02-01 08:18 - 2021-02-01 08:18 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Shared\0f047cf9e2239851a811b935d7b109d0\CLI.Caste.A4.Shared.ni.dll
2021-02-01 08:24 - 2021-02-01 08:24 - 000027136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Af820fedc#\1ac15d58e991bba3119174c4cacbd430\CLI.Caste.A4.Dashboard.ni.dll
2021-02-01 08:19 - 2021-02-01 08:19 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F24de14fe#\756be47d421c14309af0c8d9dddc6a29\CLI.Caste.Fuel.Shared.ni.dll
2021-02-01 08:25 - 2021-02-01 08:25 - 000311296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F36b07a2b#\237f6779fe63e0a2c1d282dcaae5138d\CLI.Caste.Fuel.Runtime.ni.dll
2021-02-01 08:24 - 2021-02-01 08:24 - 000027136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Ff3085433#\0b593db358de3dccf526e300e41ec80b\CLI.Caste.Fuel.Dashboard.ni.dll
2021-02-01 08:20 - 2021-02-01 08:20 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60338cc0#\a5e2e36025e5e42aeff913bbda1aa6d6\CLI.Caste.Graphics.Runtime.Shared.Private.ni.dll
2021-02-01 08:19 - 2021-02-01 08:19 - 001555456 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gd9d9b43b#\90403123119c49c266bf1258a7b5a427\CLI.Caste.Graphics.Dashboard.Shared.ni.dll
2021-02-01 08:19 - 2021-02-01 08:19 - 000587776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gee7d2dbc#\c3db145be9238bed851ff93311846c1e\CLI.Caste.Graphics.Dashboard.ni.dll
2021-02-01 08:25 - 2021-02-01 08:25 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H18c99613#\67666baee565c9b0f6a67df38462c2f3\CLI.Caste.HydraVision.Runtime.ni.dll
2021-02-01 08:25 - 2021-02-01 08:25 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H92ba4e46#\be62787dd2bab6bbe758bb473b72c8e4\CLI.Caste.HydraVision.Shared.ni.dll
2021-02-01 08:25 - 2021-02-01 08:25 - 000025600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Hbb906c0b#\afe6578340859949a1f8c04b3ec1a950\CLI.Caste.HydraVision.Dashboard.ni.dll
2021-02-01 08:25 - 2021-02-01 08:25 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pac40511b#\0552c276520bab46992e3d931c858708\CLI.Caste.Platform.Shared.ni.dll
2021-02-01 08:25 - 2021-02-01 08:25 - 000044032 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pdb36d56e#\753c0337e60bbef84ae2e4d415b423f7\CLI.Caste.Platform.Runtime.ni.dll
2021-02-01 08:25 - 2021-02-01 08:25 - 000024064 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pfeefa2b6#\2b493f8b9b0a19c02d3185fd55a06479\CLI.Caste.Platform.Dashboard.ni.dll
2021-02-01 08:16 - 2021-02-01 08:16 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone1b4a8c97#\0619ae2c3e8cc53377fbecef51f243ed\CLI.Component.Runtime.Shared.ni.dll
2021-02-01 08:26 - 2021-02-01 08:26 - 000173568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone29e547cc#\a5d4f7bc274570e961d31ef54ab7a5b6\CLI.Component.Dashboard.ProfileManager2.ni.dll
2021-02-01 08:18 - 2021-02-01 08:18 - 000151040 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone59f353b4#\780c8bd8339ff2def14b0207cd808a3b\CLI.Component.Runtime.Shared.Private.ni.dll
2021-02-01 08:26 - 2021-02-01 08:26 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componeb4d0485c#\c2b5ee81f835f248ac92e192a11b37f2\CLI.Component.Runtime.Extension.EEU.ni.dll
2021-02-01 08:17 - 2021-02-01 08:17 - 001609728 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componec89c3bec#\af1109fbe4d7fc6179633ab8d88da5e7\CLI.Component.Dashboard.Shared.Private.ni.dll
2021-02-01 08:18 - 2021-02-01 08:18 - 000018432 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componef1fd67b2#\6b3ed4c60de00ed811251fa44d4ba20d\CLI.Component.Client.Shared.ni.dll
2021-02-01 08:18 - 2021-02-01 08:18 - 000085504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componef4cf054f#\007e57a69242e84ff334564a788165c0\CLI.Component.Dashboard.Shared.ni.dll
2021-02-01 08:26 - 2021-02-01 08:26 - 000495104 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Component.Eeu\bd601c8af027275ad0aa1623c49e12bf\CLI.Component.Eeu.ni.dll
2021-02-01 08:17 - 2021-02-01 08:17 - 000089600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundat3d5d3945#\a0a2b615cdc294c7d3af29f42d6f3369\CLI.Foundation.Private.ni.dll
2021-02-01 08:26 - 2021-02-01 08:26 - 000061440 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundat60cdf5df#\4e50f43f222133081bca51d4ec374497\CLI.Foundation.XManifest.ni.dll
2021-02-01 08:16 - 2021-02-01 08:16 - 000091136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundat619559bd#\bcdee5c6fe25466f8c29767f6b2b1294\CLI.Foundation.CoreAudioAPI.ni.dll
2021-02-01 08:18 - 2021-02-01 08:18 - 001079808 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundatd3771151#\7ae69decea6a4aa96956ffd2f2a3c7c7\CLI.Foundation.Client.ni.dll
2021-02-01 08:17 - 2021-02-01 08:17 - 000301568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundation\0d8463856ff1e00efd68259f58d6728c\CLI.Foundation.ni.dll
2021-02-01 08:16 - 2021-02-01 08:16 - 000025600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Foundation\5d12a5ba7cfcf92e2bdedb9c65064c74\DEM.Foundation.ni.dll
2021-02-01 08:16 - 2021-02-01 08:16 - 000115200 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0601\5658790b6d8ee4f840d1ca57866316ce\DEM.Graphics.I0601.ni.dll
2021-02-01 08:16 - 2021-02-01 08:16 - 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics\dfa1099aca23fc47444238db01432d1e\DEM.Graphics.ni.dll
2021-02-01 08:25 - 2021-02-01 08:25 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Fuel.Foundation\7224c4f48b25b446a37e68bf70496628\Fuel.Foundation.ni.dll
2021-02-01 08:27 - 2021-02-01 08:27 - 000296960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundat03490438#\a78770c1aa6c2dab44748ff83862ffd8\LOG.Foundation.Implementation.ni.dll
2021-02-01 08:15 - 2021-02-01 08:15 - 000150016 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundat5023f8e7#\bb140c3f749aad3e194c37b732486584\LOG.Foundation.Private.ni.dll
2021-02-01 08:17 - 2021-02-01 08:17 - 000087552 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundatcaafa75b#\941a6700366b94ec64b62cc506f95d74\LOG.Foundation.Implementation.Private.ni.dll
2021-02-01 08:15 - 2021-02-01 08:15 - 000132608 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundation\8bffc8512084e42bddfb1d3d77870062\LOG.Foundation.ni.dll
2021-02-01 08:17 - 2021-02-01 08:17 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\MOM.Foundation\c718fcd8c25b703ccad4cb802f9c7dca\MOM.Foundation.ni.dll
2021-02-01 08:28 - 2021-02-01 08:28 - 000402944 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\MOM.Implementation\942416935b21cacc907f56d100506704\MOM.Implementation.ni.dll
2021-02-01 08:16 - 2021-02-01 08:16 - 000055296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\NEWAEM.Foundation\ae9a13269043d55e4140d5868270661d\NEWAEM.Foundation.ni.dll
2021-02-01 08:16 - 2021-02-01 08:16 - 000897024 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ADL.Foundation\79c00831b1c30bf18fb586d85535361d\ADL.Foundation.ni.dll
2021-02-01 08:17 - 2021-02-01 08:17 - 000256000 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\APM.Server\11725f354a5e8c6ce052906bd4a8e5e8\APM.Server.ni.dll
2021-02-01 08:23 - 2021-02-01 08:23 - 000783872 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.79734f7a#\afe147c6208bc23f2a925029af109475\CLI.Aspect.PowerXpress.Graphics.Runtime.ni.dll
2021-02-01 08:19 - 2021-02-01 08:19 - 000357888 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.b3da5a8f#\37acbd45f67c3cc7e678f66a363091f5\CLI.Aspect.PowerXpress.Graphics.Shared.ni.dll
2021-02-01 08:23 - 2021-02-01 08:23 - 000595456 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.d4846ba2#\56881ab2c6fcc6c32f4e6ff58191142a\CLI.Aspect.PowerXpress.Graphics.Dashboard.ni.dll
2021-02-01 08:25 - 2021-02-01 08:25 - 008027648 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Combine0616f305#\e186c12376d44c5b6a15c283351ab6dd\CLI.Combined.Graphics.Aspects1.Dashboard.ni.dll
2021-02-01 08:18 - 2021-02-01 08:18 - 000136704 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone168638d1#\fbe1091865f44020e04b0a581e5b965c\CLI.Component.Client.Shared.Private.ni.dll
2021-02-01 08:26 - 2021-02-01 08:26 - 000234496 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone6692ca50#\e6ebbe99ad169505a7b1614029784799\CLI.Component.Runtime.ni.dll
2021-02-01 08:26 - 2021-02-01 08:26 - 000929280 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone6bf88b08#\9f85e53cf5df5a8956d5924c1641875a\CLI.Component.Dashboard.ni.dll
2021-02-01 08:23 - 2021-02-01 08:23 - 000011264 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0702\b412bf450c79457c9c6e02719fef3a99\DEM.Graphics.I0702.ni.dll
2021-02-01 08:20 - 2021-02-01 08:20 - 000084480 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0709\5252f14189e3677767b454164fb541cf\DEM.Graphics.I0709.ni.dll
2021-02-01 08:23 - 2021-02-01 08:23 - 000009728 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0710\8eeed39b8e461125c3b64ec004190ba5\DEM.Graphics.I0710.ni.dll
2021-02-01 08:19 - 2021-02-01 08:19 - 000012288 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0712\5e93aedbce33eb9d7f84de52de38623c\DEM.Graphics.I0712.ni.dll
2021-02-01 08:19 - 2021-02-01 08:19 - 000018432 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0804\aa9984e9a16523bb1fd71b855c687aa6\DEM.Graphics.I0804.ni.dll
2021-02-01 08:23 - 2021-02-01 08:23 - 000009728 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0901\2fe32ec8719bc5e139d20434f117fd6f\DEM.Graphics.I0901.ni.dll
2021-02-01 08:25 - 2021-02-01 08:25 - 000013312 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0906\58c6e0a82fa1629f5583fd56b7323d3c\DEM.Graphics.I0906.ni.dll
2021-02-01 08:25 - 2021-02-01 08:25 - 000035840 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I1010\4fe945ea0f126bb4dccba474e3ee74dd\DEM.Graphics.I1010.ni.dll
2021-02-01 08:17 - 2021-02-01 08:17 - 001139200 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Localizatio01dbc1c0#\850f9ba397907bdd65f8b39b38d30802\Localization.Foundation.Private.ni.dll
2021-02-01 08:28 - 2021-02-01 08:28 - 000244736 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ResourceMan446ca0e5#\df9086090f8f6de10c94d705341b97b2\ResourceManagement.Foundation.Implementation.ni.dll
2021-02-01 08:18 - 2021-02-01 08:18 - 000023552 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ResourceManf163905a#\efe86db00af2e0b19c8260888e88ed76\ResourceManagement.Foundation.Private.ni.dll
2021-02-01 08:19 - 2021-02-01 08:19 - 000091648 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ec8786e5#\a802237af3bb77d74574a5a45b0f1093\CLI.Aspect.AMDHome.Graphics.Dashboard.ni.dll
2021-02-01 08:17 - 2021-02-01 08:17 - 002845696 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60a7b4d1#\4a7c17df5f87f28d7f3bf2f2aee0ca6c\CLI.Caste.Graphics.Shared.ni.dll
2021-02-01 08:25 - 2021-02-01 08:25 - 003268096 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G962aa464#\38fb846f3a344f93b10dfd7394da66e1\CLI.Caste.Graphics.Runtime.ni.dll
2012-04-05 19:06 - 2011-02-22 03:45 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2012-04-05 19:06 - 2011-02-22 03:41 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
2021-02-01 08:18 - 2021-02-01 08:18 - 000335360 _____ (Microsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.W8090224c#\4f0fd874313da401477c46c3cec85dc9\Microsoft.WindowsAPICodePack.ni.dll
2021-02-01 08:18 - 2021-02-01 08:18 - 002546688 _____ (Microsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.Wfbf9373c#\afcccd3abf9b676c4caf03c205a9fc45\Microsoft.WindowsAPICodePack.Shell.ni.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4046335105-2706149465-2342894865-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.sk/
HKU\S-1-5-21-4046335105-2706149465-2342894865-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-4046335105-2706149465-2342894865-1000 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... NP_skSK481
SearchScopes: HKU\S-1-5-21-4046335105-2706149465-2342894865-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... NP_skSK481
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-4046335105-2706149465-2342894865-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2012-05-17 22:52 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
2012-07-14 17:37 - 2012-07-14 17:40 - 000000439 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\PC Connectivity Solution\;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files\ThinkPad\Bluetooth Software;C:\Program Files\ThinkPad\Bluetooth Software\syswow64;C:\Program Files\Broadcom\WHL;C:\Program Files\Broadcom\WHL\syswow64;C:\Program Files\Broadcom\WHL\SysWow64;C:\Program Files\Broadcom\WHL\SysWow64\syswow64;C:\Program Files\Intel\WiFi\bin;C:\Program Files\Common Files\Intel\WirelessCommon;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Common Files\Lenovo;C:\Program Files (x86)\Windows Live\Shared;C:\SWTOOLS\ReadyApps;C:\Program Files (x86)\Intel\Services\IPT;C:\Program Files (x86)\Symantec\VIP Access Client;C:\Program Files (x86)\Common Files\Lenovo;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-4046335105-2706149465-2342894865-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Seka\Pictures\galaxy-universe-wallpaper-hd.jpg
DNS Servers: 192.168.100.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: ALCKRESI.EXE => C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE
MSCONFIG\startupreg: IntelliPoint => "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
MSCONFIG\startupreg: JavaInstallRetry => RUNONCE=1 SPONSORS=0
MSCONFIG\startupreg: LogiOptionsAppBroker => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe /noui
MSCONFIG\startupreg: RotateImage => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "SynLenovoHelper"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0"
HKU\S-1-5-21-4046335105-2706149465-2342894865-1000\...\StartupApproved\Run: => "Uninstall 17.3.6816.0313"
HKU\S-1-5-21-4046335105-2706149465-2342894865-1000\...\StartupApproved\Run: => "Uninstall 17.3.6816.0313\amd64"
HKU\S-1-5-21-4046335105-2706149465-2342894865-1000\...\StartupApproved\Run: => "Uninstall 17.3.6917.0607"
HKU\S-1-5-21-4046335105-2706149465-2342894865-1000\...\StartupApproved\Run: => "Uninstall 17.3.6917.0607\amd64"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{FDA3A19E-50FE-49FA-B047-2E2B16BD49CE}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BDFE04CD-621D-44C0-9019-C421B6CC966E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D6B8AC70-9F45-46FE-8B1A-1DDC246BDBD5}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8DB48079-D563-4AA8-A485-D227F07946B2}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8B2DE8CC-44CD-48AC-8B02-3A36DBF7CD06}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{98D575D8-B9FD-4D75-A40F-BA40913A3AC4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0036FB72-7144-4783-AC42-1365BCD45CCD}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{846C71E5-50DA-465B-A543-16211BBBAEF0}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{15DBF197-B3F5-4E15-A17F-F7576CB8E6BC}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )
FirewallRules: [{281A3AAD-C0F1-4E3D-91AD-1A904442F2BF}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7B365C11-6FA0-4CD3-B9FE-486384648124}] => (Allow) LPort=2869
FirewallRules: [{C2278287-16A7-4D4E-8217-6568D57818A4}] => (Allow) LPort=1900
FirewallRules: [{690B9A6F-966D-41BB-ACD8-EC213DE6DC4F}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{46791BB8-A05D-4556-A365-6A24A9968650}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B57AE7E2-BC74-47FF-9F54-F4CE136DD2F6}] => (Allow) C:\Users\Seka\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{C34E4A86-D5B8-4866-98E6-904692479201}] => (Allow) C:\Users\Seka\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{E9C391F3-BF83-4EA1-9458-CC1FAD0655F4}] => (Allow) C:\Users\Seka\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{D1A82560-EB7E-474D-BA7B-2FF240A09276}] => (Allow) C:\Users\Seka\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{21336BD2-5F6B-4F57-AD6F-442C5FC80A17}C:\users\seka\appdata\roaming\utorrent\updates\3.5.5_45291.exe] => (Allow) C:\users\seka\appdata\roaming\utorrent\updates\3.5.5_45291.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{475C2FD1-1EC3-4A4B-A116-4288676B4AC9}C:\users\seka\appdata\roaming\utorrent\updates\3.5.5_45291.exe] => (Allow) C:\users\seka\appdata\roaming\utorrent\updates\3.5.5_45291.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{6FCF98D9-7D80-4325-A62F-7DB7BB62AB0C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4DC096BE-7339-45F4-9B9E-F1BFDC3A6584}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B6976BB1-6B46-4BEA-ABD4-57F0CADD92F0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CA871DCD-244B-4951-BCBF-AB6E69AE6DCC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{30098DD6-9BA9-4750-97EE-ED3F0FF7E1C2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
System errors:
=============
Error: (02/03/2021 07:11:36 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.
Error: (02/03/2021 07:09:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Lenovo PM Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (02/03/2021 06:57:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Message Queuing sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 2-krát.
Error: (02/03/2021 06:57:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Bluetooth Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 60000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
Error: (02/03/2021 06:52:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Message Queuing sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 120000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
Error: (02/03/2021 06:52:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) PROSet/Wireless Zero Configuration Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (02/03/2021 06:52:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Modules Installer sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 120000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
Error: (02/03/2021 06:52:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management and Security Application User Notification Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
CodeIntegrity:
===================================
Date: 2021-02-03 19:14:41.0120000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-02-03 19:14:41.0000000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-02-03 19:14:40.9770000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-02-03 19:13:52.9150000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-02-03 19:13:52.8760000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-02-03 19:13:52.6960000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-02-03 19:13:52.6800000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-02-03 18:58:59.8790000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: LENOVO LENOVO - 125 03/01/2013
Motherboard: LENOVO 1143K4G
Processor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz
Percentage of memory in use: 84%
Total physical RAM: 4007.23 MB
Available physical RAM: 630.53 MB
Total Virtual: 8103.23 MB
Available Virtual: 4675.25 MB
==================== Drives ================================
Drive c: (Windows7_OS) (Fixed) (Total:447.85 GB) (Free:125.83 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive q: (Lenovo_Recovery) (Fixed) (Total:15.62 GB) (Free:4.24 GB) NTFS
\\?\Volume{0751cdc4-7f48-11e1-b9a7-806e6f6e6963}\ (SYSTEM_DRV) (Fixed) (Total:1.46 GB) (Free:1.12 GB) NTFS
\\?\Volume{ccd2e061-0000-0000-0000-005470000000}\ () (Fixed) (Total:0.82 GB) (Free:0.27 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: CCD2E061)
Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=447.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=842 MB) - (Type=27)
Partition 4: (Not Active) - (Size=15.6 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118375
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Vkladám log.
# -------------------------------
# Malwarebytes AdwCleaner 8.0.9.1
# -------------------------------
# Build: 01-20-2021
# Database: 2021-01-11.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-03-2021
# Duration: 00:00:03
# OS: Windows 10 Home
# Cleaned: 0
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1406 octets] - [03/02/2021 19:51:21]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 8.0.9.1
# -------------------------------
# Build: 01-20-2021
# Database: 2021-01-11.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-03-2021
# Duration: 00:00:03
# OS: Windows 10 Home
# Cleaned: 0
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1406 octets] - [03/02/2021 19:51:21]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118375
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Task: {1F9C0194-A14C-42F6-A9C0-AAFFB7D7B212} - \TVT\TVSUUpdateTask -> No File <==== ATTENTION
Task: {29D5BDB6-834B-4AAF-9FE4-984E2228BD8A} - \Lenovo\SimpleTap\Start SimpleTap for Seka-THINK.Seka -> No File <==== ATTENTION
Task: {30A7A56D-07E9-44D2-92B0-C1176F63BE08} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [1923584 2017-09-21] () [File not signed]
Task: {357F7257-003D-42D0-B7EE-9A19117187BD} - \PMTask -> No File <==== ATTENTION
Task: {4E5E933B-E5C3-4733-BC86-DF4E5C83D9EB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-05-24] (Google Inc -> Google Inc.)
Task: {5CF2AB8A-7390-41C7-8F37-4219EEA150F3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {6FBADC38-20D1-4D7E-B89C-61CF0343D2A1} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {6FE09C4F-2D11-4E38-89E0-A3354BF67A4C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {786BCF61-2646-44DE-B342-49EC99CC9127} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {7C161B70-6E67-4B1E-8B31-A6150B589654} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {7CECE398-FFE1-42E3-9DDF-8A8A6860A96A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {7FEEE41B-7CC1-4381-BE94-69D187C5D542} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {98491E51-716F-4F6E-8C8D-555E534C9579} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-05-24] (Google Inc -> Google Inc.)
Task: {CE28BDD0-7FC6-4571-BF6E-4708EDB92050} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {D70B7B9F-CD48-423C-8571-6B17353970CF} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\WINDOWS\AutoKMS\AutoKMS.exe
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
U3 idsvc; no ImagePath
C:\WINDOWS\system32\Drivers\SETF4B7.tmp
C:\WINDOWS\system32\Tasks\AutoKMS
C:\WINDOWS\system32\Tasks\{C9061E2F-7A8C-4A89-8B1B-AE1E28212795}
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\system32\Tasks\{FE676A99-C3C9-4654-B702-48A2EA121D67}
C:\WINDOWS\system32\Tasks\{3C8038B0-FFC1-49AA-B35E-C70EEFA6BB83}
C:\WINDOWS\Tasks\AutoKMS.job
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [miranda.shlext] -> {72013A26-A94C-11d6-8540-A5E62932711D} => -> No File
ContextMenuHandlers1: [MRAICQCMenu] -> {7C9E7B90-88EC-4852-AC7A-C938268A5D04} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [miranda.shlext] -> {72013A26-A94C-11d6-8540-A5E62932711D} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
Toolbar: HKU\S-1-5-21-4046335105-2706149465-2342894865-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Hotovo. 
Fix result of Farbar Recovery Scan Tool (x64) Version: 03-02-2021
Ran by Seka (03-02-2021 21:17:52) Run:1
Running from C:\Users\Seka\Desktop
Loaded Profiles: Seka
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Task: {1F9C0194-A14C-42F6-A9C0-AAFFB7D7B212} - \TVT\TVSUUpdateTask -> No File <==== ATTENTION
Task: {29D5BDB6-834B-4AAF-9FE4-984E2228BD8A} - \Lenovo\SimpleTap\Start SimpleTap for Seka-THINK.Seka -> No File <==== ATTENTION
Task: {30A7A56D-07E9-44D2-92B0-C1176F63BE08} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [1923584 2017-09-21] () [File not signed]
Task: {357F7257-003D-42D0-B7EE-9A19117187BD} - \PMTask -> No File <==== ATTENTION
Task: {4E5E933B-E5C3-4733-BC86-DF4E5C83D9EB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-05-24] (Google Inc -> Google Inc.)
Task: {5CF2AB8A-7390-41C7-8F37-4219EEA150F3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {6FBADC38-20D1-4D7E-B89C-61CF0343D2A1} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {6FE09C4F-2D11-4E38-89E0-A3354BF67A4C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {786BCF61-2646-44DE-B342-49EC99CC9127} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {7C161B70-6E67-4B1E-8B31-A6150B589654} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {7CECE398-FFE1-42E3-9DDF-8A8A6860A96A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {7FEEE41B-7CC1-4381-BE94-69D187C5D542} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {98491E51-716F-4F6E-8C8D-555E534C9579} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-05-24] (Google Inc -> Google Inc.)
Task: {CE28BDD0-7FC6-4571-BF6E-4708EDB92050} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {D70B7B9F-CD48-423C-8571-6B17353970CF} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\WINDOWS\AutoKMS\AutoKMS.exe
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
U3 idsvc; no ImagePath
C:\WINDOWS\system32\Drivers\SETF4B7.tmp
C:\WINDOWS\system32\Tasks\AutoKMS
C:\WINDOWS\system32\Tasks\{C9061E2F-7A8C-4A89-8B1B-AE1E28212795}
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\system32\Tasks\{FE676A99-C3C9-4654-B702-48A2EA121D67}
C:\WINDOWS\system32\Tasks\{3C8038B0-FFC1-49AA-B35E-C70EEFA6BB83}
C:\WINDOWS\Tasks\AutoKMS.job
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [miranda.shlext] -> {72013A26-A94C-11d6-8540-A5E62932711D} => -> No File
ContextMenuHandlers1: [MRAICQCMenu] -> {7C9E7B90-88EC-4852-AC7A-C938268A5D04} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [miranda.shlext] -> {72013A26-A94C-11d6-8540-A5E62932711D} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
Toolbar: HKU\S-1-5-21-4046335105-2706149465-2342894865-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{503739d0-4c5e-4cfd-b3ba-d881334f0df2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1F9C0194-A14C-42F6-A9C0-AAFFB7D7B212}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F9C0194-A14C-42F6-A9C0-AAFFB7D7B212}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TVT\TVSUUpdateTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{29D5BDB6-834B-4AAF-9FE4-984E2228BD8A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{29D5BDB6-834B-4AAF-9FE4-984E2228BD8A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\SimpleTap\Start SimpleTap for Seka-THINK.Seka" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{30A7A56D-07E9-44D2-92B0-C1176F63BE08}" => not found
C:\WINDOWS\System32\Tasks\AutoKMS => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{357F7257-003D-42D0-B7EE-9A19117187BD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{357F7257-003D-42D0-B7EE-9A19117187BD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PMTask" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4E5E933B-E5C3-4733-BC86-DF4E5C83D9EB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4E5E933B-E5C3-4733-BC86-DF4E5C83D9EB}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5CF2AB8A-7390-41C7-8F37-4219EEA150F3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5CF2AB8A-7390-41C7-8F37-4219EEA150F3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6FBADC38-20D1-4D7E-B89C-61CF0343D2A1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6FBADC38-20D1-4D7E-B89C-61CF0343D2A1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6FE09C4F-2D11-4E38-89E0-A3354BF67A4C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6FE09C4F-2D11-4E38-89E0-A3354BF67A4C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{786BCF61-2646-44DE-B342-49EC99CC9127}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{786BCF61-2646-44DE-B342-49EC99CC9127}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7C161B70-6E67-4B1E-8B31-A6150B589654}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C161B70-6E67-4B1E-8B31-A6150B589654}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7CECE398-FFE1-42E3-9DDF-8A8A6860A96A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7CECE398-FFE1-42E3-9DDF-8A8A6860A96A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7FEEE41B-7CC1-4381-BE94-69D187C5D542}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7FEEE41B-7CC1-4381-BE94-69D187C5D542}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{98491E51-716F-4F6E-8C8D-555E534C9579}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{98491E51-716F-4F6E-8C8D-555E534C9579}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CE28BDD0-7FC6-4571-BF6E-4708EDB92050}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CE28BDD0-7FC6-4571-BF6E-4708EDB92050}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D70B7B9F-CD48-423C-8571-6B17353970CF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D70B7B9F-CD48-423C-8571-6B17353970CF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
C:\WINDOWS\Tasks\AutoKMS.job => moved successfully
"HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com" => removed successfully
HKLM\System\CurrentControlSet\Services\idsvc => removed successfully
idsvc => service removed successfully
C:\WINDOWS\system32\Drivers\SETF4B7.tmp => moved successfully
"C:\WINDOWS\system32\Tasks\AutoKMS" => not found
C:\WINDOWS\system32\Tasks\{C9061E2F-7A8C-4A89-8B1B-AE1E28212795} => moved successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\WINDOWS\system32\Tasks\{FE676A99-C3C9-4654-B702-48A2EA121D67} => moved successfully
C:\WINDOWS\system32\Tasks\{3C8038B0-FFC1-49AA-B35E-C70EEFA6BB83} => moved successfully
"C:\WINDOWS\Tasks\AutoKMS.job" => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\miranda.shlext => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\MRAICQCMenu => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\miranda.shlext => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
"HKU\S-1-5-21-4046335105-2706149465-2342894865-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => removed successfully
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry.
=========== EmptyTemp: ==========
BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 24179653 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 4649888 B
Edge => 51200 B
Chrome => 2955150 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 6656 B
NetworkService => 6656 B
Seka => 57436684 B
RecycleBin => 0 B
EmptyTemp: => 95.5 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 21:18:21 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 03-02-2021
Ran by Seka (03-02-2021 21:17:52) Run:1
Running from C:\Users\Seka\Desktop
Loaded Profiles: Seka
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Task: {1F9C0194-A14C-42F6-A9C0-AAFFB7D7B212} - \TVT\TVSUUpdateTask -> No File <==== ATTENTION
Task: {29D5BDB6-834B-4AAF-9FE4-984E2228BD8A} - \Lenovo\SimpleTap\Start SimpleTap for Seka-THINK.Seka -> No File <==== ATTENTION
Task: {30A7A56D-07E9-44D2-92B0-C1176F63BE08} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [1923584 2017-09-21] () [File not signed]
Task: {357F7257-003D-42D0-B7EE-9A19117187BD} - \PMTask -> No File <==== ATTENTION
Task: {4E5E933B-E5C3-4733-BC86-DF4E5C83D9EB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-05-24] (Google Inc -> Google Inc.)
Task: {5CF2AB8A-7390-41C7-8F37-4219EEA150F3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {6FBADC38-20D1-4D7E-B89C-61CF0343D2A1} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {6FE09C4F-2D11-4E38-89E0-A3354BF67A4C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {786BCF61-2646-44DE-B342-49EC99CC9127} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {7C161B70-6E67-4B1E-8B31-A6150B589654} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {7CECE398-FFE1-42E3-9DDF-8A8A6860A96A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {7FEEE41B-7CC1-4381-BE94-69D187C5D542} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {98491E51-716F-4F6E-8C8D-555E534C9579} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-05-24] (Google Inc -> Google Inc.)
Task: {CE28BDD0-7FC6-4571-BF6E-4708EDB92050} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {D70B7B9F-CD48-423C-8571-6B17353970CF} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\WINDOWS\AutoKMS\AutoKMS.exe
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
U3 idsvc; no ImagePath
C:\WINDOWS\system32\Drivers\SETF4B7.tmp
C:\WINDOWS\system32\Tasks\AutoKMS
C:\WINDOWS\system32\Tasks\{C9061E2F-7A8C-4A89-8B1B-AE1E28212795}
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\system32\Tasks\{FE676A99-C3C9-4654-B702-48A2EA121D67}
C:\WINDOWS\system32\Tasks\{3C8038B0-FFC1-49AA-B35E-C70EEFA6BB83}
C:\WINDOWS\Tasks\AutoKMS.job
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [miranda.shlext] -> {72013A26-A94C-11d6-8540-A5E62932711D} => -> No File
ContextMenuHandlers1: [MRAICQCMenu] -> {7C9E7B90-88EC-4852-AC7A-C938268A5D04} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [miranda.shlext] -> {72013A26-A94C-11d6-8540-A5E62932711D} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
Toolbar: HKU\S-1-5-21-4046335105-2706149465-2342894865-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{503739d0-4c5e-4cfd-b3ba-d881334f0df2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1F9C0194-A14C-42F6-A9C0-AAFFB7D7B212}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F9C0194-A14C-42F6-A9C0-AAFFB7D7B212}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TVT\TVSUUpdateTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{29D5BDB6-834B-4AAF-9FE4-984E2228BD8A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{29D5BDB6-834B-4AAF-9FE4-984E2228BD8A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\SimpleTap\Start SimpleTap for Seka-THINK.Seka" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{30A7A56D-07E9-44D2-92B0-C1176F63BE08}" => not found
C:\WINDOWS\System32\Tasks\AutoKMS => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{357F7257-003D-42D0-B7EE-9A19117187BD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{357F7257-003D-42D0-B7EE-9A19117187BD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PMTask" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4E5E933B-E5C3-4733-BC86-DF4E5C83D9EB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4E5E933B-E5C3-4733-BC86-DF4E5C83D9EB}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5CF2AB8A-7390-41C7-8F37-4219EEA150F3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5CF2AB8A-7390-41C7-8F37-4219EEA150F3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6FBADC38-20D1-4D7E-B89C-61CF0343D2A1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6FBADC38-20D1-4D7E-B89C-61CF0343D2A1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6FE09C4F-2D11-4E38-89E0-A3354BF67A4C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6FE09C4F-2D11-4E38-89E0-A3354BF67A4C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{786BCF61-2646-44DE-B342-49EC99CC9127}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{786BCF61-2646-44DE-B342-49EC99CC9127}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7C161B70-6E67-4B1E-8B31-A6150B589654}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C161B70-6E67-4B1E-8B31-A6150B589654}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7CECE398-FFE1-42E3-9DDF-8A8A6860A96A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7CECE398-FFE1-42E3-9DDF-8A8A6860A96A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7FEEE41B-7CC1-4381-BE94-69D187C5D542}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7FEEE41B-7CC1-4381-BE94-69D187C5D542}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{98491E51-716F-4F6E-8C8D-555E534C9579}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{98491E51-716F-4F6E-8C8D-555E534C9579}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CE28BDD0-7FC6-4571-BF6E-4708EDB92050}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CE28BDD0-7FC6-4571-BF6E-4708EDB92050}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D70B7B9F-CD48-423C-8571-6B17353970CF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D70B7B9F-CD48-423C-8571-6B17353970CF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
C:\WINDOWS\Tasks\AutoKMS.job => moved successfully
"HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com" => removed successfully
HKLM\System\CurrentControlSet\Services\idsvc => removed successfully
idsvc => service removed successfully
C:\WINDOWS\system32\Drivers\SETF4B7.tmp => moved successfully
"C:\WINDOWS\system32\Tasks\AutoKMS" => not found
C:\WINDOWS\system32\Tasks\{C9061E2F-7A8C-4A89-8B1B-AE1E28212795} => moved successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\WINDOWS\system32\Tasks\{FE676A99-C3C9-4654-B702-48A2EA121D67} => moved successfully
C:\WINDOWS\system32\Tasks\{3C8038B0-FFC1-49AA-B35E-C70EEFA6BB83} => moved successfully
"C:\WINDOWS\Tasks\AutoKMS.job" => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\miranda.shlext => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\MRAICQCMenu => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\miranda.shlext => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
"HKU\S-1-5-21-4046335105-2706149465-2342894865-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => removed successfully
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry.
=========== EmptyTemp: ==========
BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 24179653 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 4649888 B
Edge => 51200 B
Chrome => 2955150 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 6656 B
NetworkService => 6656 B
Seka => 57436684 B
RecycleBin => 0 B
EmptyTemp: => 95.5 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 21:18:21 ====
-
Rudy
- Site Admin
- Příspěvky: 118375
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Vyzerá to byť lepšie.
Len ten štart, nabiehanie win trvá, kus dlhšie čierna obrazovka.
Inak za tak krátku dobu zlepšenie otváranie app, aj web, celkovo svižnejšie.
Ďakujem veľmi pekne za promptnú pomoc.
Len ten štart, nabiehanie win trvá, kus dlhšie čierna obrazovka.
Inak za tak krátku dobu zlepšenie otváranie app, aj web, celkovo svižnejšie.
Ďakujem veľmi pekne za promptnú pomoc.
-
Rudy
- Site Admin
- Příspěvky: 118375
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Přes příkazový řádek příkazem:
Otevřte konfigurační okno Windows. Na záložkách "Po spuštění" a "Služby" odstraňte zatržítka u všech ne-microsoftích položek (s vyjímkou antiviru a ovladačů). Nastavení uložte a restartujte.
Entermsconfig
Otevřte konfigurační okno Windows. Na záložkách "Po spuštění" a "Služby" odstraňte zatržítka u všech ne-microsoftích položek (s vyjímkou antiviru a ovladačů). Nastavení uložte a restartujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Pozdravujem,
skúsila som vypnúť, čo sa dalo, nebola som si celkom istá.
Nemôže tam byť vírus ešte nejaký, prosím?
skúsila som vypnúť, čo sa dalo, nebola som si celkom istá.
Nemôže tam byť vírus ešte nejaký, prosím?
-
Rudy
- Site Admin
- Příspěvky: 118375
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Podle mého ne. Můžeme zkusit sken AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 . Utilitu stáhněte, spusťte, nechte pracovat a po skončení akce smažte vše, co případně najde. Nakonec restartujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Opakovaná modrá smrť obrazovka. Notebook sa dokola restartuje, potom diagnostika, automatické opravy a ponúka 2 možnosti - reštart a rozšírené možnosti. Nespustí sa vôbec.
-
Rudy
- Site Admin
- Příspěvky: 118375
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Pravděpodobně poškozený systém. Zkuste obnovu do továrního nastavení se zachováním souborů.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Dobrý deň prajem,
čistá inštalácia, ale dáky bordel sa mi tam naťahal a pri prihlásení je nejaký problém s kontami, neviem.
Prosím o kontrolu, vkladám log.
Ďakujem.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-02-2021 01
Ran by Seka (administrator) on SEKA-THINK (LENOVO 1143K4G) (12-02-2021 11:53:45)
Running from C:\Users\Seka\Desktop
Loaded Profiles: Seka
Platform: Windows 10 Home Version 20H2 19042.804 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(LENOVO -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\NisSrv.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3936936 2015-07-28] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [SynLenovoHelper] => C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe [146600 2015-07-28] (Synaptics Incorporated -> Synaptics)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-4046335105-2706149465-2342894865-1000\...\Run: [uTorrent] => C:\Windows.old\Users\Seka\AppData\Roaming\uTorrent\uTorrent.exe [2146776 2021-02-05] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-4046335105-2706149465-2342894865-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32440376 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\88.0.4324.150\Installer\chrmstp.exe [2021-02-09] (Google LLC -> Google LLC)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
GroupPolicy: Restriction - Chrome <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {07B1D3D6-5B5A-4848-9064-85773A74A0B2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0D1886C8-5A6A-4C93-8D67-9C7AA0DEC3E6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26913848 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {253481C4-293E-46EB-89B3-0357C70FBD49} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-09] (Google LLC -> Google LLC)
Task: {2AB3B680-6657-4DAB-A440-3411A7485D60} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4F555DD1-E636-462E-AE29-1AE48D32E119} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\PowerMgrInst.exe [62152 2020-12-20] (Lenovo -> )
Task: {59F705C8-AF05-4259-AB0A-533C14D8F800} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-09] (Google LLC -> Google LLC)
Task: {740E398E-5DD1-47B6-976C-DDB9CF2469D5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {79081348-4356-411E-BB15-63BC0BA461CD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BD570226-CBEE-4E0A-8AFB-5C9CAB440FD6} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
Task: {DCCA0DFF-0191-4ED1-B888-37F6E3B75AC8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E8589ACE-A938-42E1-9269-EAA68761F8D8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{f06c9e1d-6c66-4450-b99f-3ac97e98c758}: [DhcpNameServer] 192.168.100.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Seka\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-12]
Edge Extension: (Outlook) - C:\Users\Seka\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2021-02-09]
Edge Extension: (Word) - C:\Users\Seka\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2021-02-09]
Edge Extension: (Excel) - C:\Users\Seka\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2021-02-09]
Edge Extension: (PowerPoint) - C:\Users\Seka\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf [2021-02-09]
Edge HKLM-x32\...\Edge\Extension: [eofogjfkadmolbbmnlbohhbkhbodcjjm]
FireFox:
========
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Seka\AppData\Local\Google\Chrome\User Data\Default [2021-02-12]
CHR Notifications: Default -> hxxps://mail-notification.info
CHR Extension: (Slides) - C:\Users\Seka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-02-09]
CHR Extension: (Docs) - C:\Users\Seka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-02-09]
CHR Extension: (Google Drive) - C:\Users\Seka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-02-09]
CHR Extension: (YouTube) - C:\Users\Seka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-02-09]
CHR Extension: (Sheets) - C:\Users\Seka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-02-09]
CHR Extension: (Google Docs Offline) - C:\Users\Seka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-02-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Seka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-09]
CHR Extension: (Gmail) - C:\Users\Seka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-02-09]
CHR Extension: (Chrome Media Router) - C:\Users\Seka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-02-09]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\NisSrv.exe [2462960 2021-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MsMpEng.exe [128376 2021-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 5U877; C:\WINDOWS\system32\DRIVERS\5U877.sys [166016 2011-03-05] (Microsoft Windows Hardware Compatibility Publisher -> Ricoh co.,Ltd.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ekbdflt; C:\WINDOWS\System32\drivers\ekbdflt.sys [43720 2020-11-06] (ESET, spol. s r.o. -> ESET)
S3 iwdbus; C:\WINDOWS\System32\drivers\iwdbus.sys [25496 2011-06-21] (Wireless Display -> Intel Corporation)
R2 risdxc; C:\WINDOWS\System32\drivers\risdxc64.sys [101888 2011-05-26] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64880 2020-11-11] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49552 2021-02-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [419040 2021-02-11] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-11] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-12 11:53 - 2021-02-12 11:55 - 000011009 _____ C:\Users\Seka\Desktop\FRST.txt
2021-02-12 11:51 - 2021-02-12 11:51 - 002297344 _____ (Farbar) C:\Users\Seka\Downloads\FRST64.exe
2021-02-12 11:51 - 2021-02-12 11:51 - 002297344 _____ (Farbar) C:\Users\Seka\Desktop\FRST64.exe
2021-02-12 11:16 - 2021-02-12 11:16 - 000000000 ____D C:\Users\Seka\AppData\Roaming\WinRAR
2021-02-12 11:15 - 2021-02-12 11:17 - 000000000 ____D C:\Program Files\WinRAR
2021-02-12 11:12 - 2021-02-12 11:12 - 000000000 ____D C:\Users\Default\AppData\Local\AdvinstAnalytics
2021-02-12 11:12 - 2021-02-12 11:12 - 000000000 ____D C:\Users\Default User\AppData\Local\AdvinstAnalytics
2021-02-12 11:12 - 2021-02-12 11:12 - 000000000 ____D C:\Program Files (x86)\AdvancedWindowsManager
2021-02-12 11:11 - 2021-02-12 11:11 - 000000290 __RSH C:\ProgramData\ntuser.pol
2021-02-12 11:09 - 2021-02-12 11:30 - 000000000 ____D C:\Users\Seka\AppData\Local\AdvinstAnalytics
2021-02-12 11:01 - 2021-02-12 11:01 - 000782095 _____ C:\Users\Seka\Downloads\001398.pdf
2021-02-12 09:27 - 2021-02-12 09:27 - 000011718 _____ C:\Users\Seka\Downloads\Prerozdelene projektov_02_2021.xlsx
2021-02-11 17:17 - 2021-02-11 17:17 - 000136085 _____ C:\Users\Seka\Downloads\dopis_300842531_602557f098955.pdf
2021-02-11 17:14 - 2021-02-11 17:14 - 000066395 _____ C:\Users\Seka\Downloads\1604059150_sekulova_katarina.pdf
2021-02-09 20:09 - 2021-02-11 16:37 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-02-09 20:09 - 2021-02-09 20:09 - 000002135 _____ C:\ProgramData\Desktop\Acrobat Reader DC.lnk
2021-02-09 20:08 - 2021-02-09 20:08 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-02-09 20:07 - 2021-02-09 20:11 - 000000000 ____D C:\ProgramData\Adobe
2021-02-09 20:06 - 2021-02-11 16:37 - 000000000 ____D C:\Users\Seka\AppData\Local\Adobe
2021-02-09 19:59 - 2021-02-09 19:59 - 000000000 ____D C:\Users\Seka\AppData\Local\ElevatedDiagnostics
2021-02-09 19:43 - 2021-02-09 19:43 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-02-09 19:43 - 2021-02-09 19:43 - 000010892 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-09 19:03 - 2021-02-12 11:45 - 000000000 ____D C:\Program Files\CCleaner
2021-02-09 19:03 - 2021-02-09 19:03 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-02-09 19:03 - 2021-02-09 19:03 - 000002876 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-02-09 19:03 - 2021-02-09 19:03 - 000000874 _____ C:\ProgramData\Desktop\CCleaner.lnk
2021-02-09 18:49 - 2021-02-09 18:58 - 000002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-09 18:49 - 2021-02-09 18:58 - 000002229 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-02-09 18:48 - 2021-02-09 18:48 - 000003456 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-09 18:48 - 2021-02-09 18:48 - 000003332 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-09 18:48 - 2021-02-09 18:48 - 000000000 ____D C:\Program Files\Google
2021-02-09 18:48 - 2021-02-09 18:48 - 000000000 ____D C:\Program Files (x86)\Google
2021-02-09 18:44 - 2021-02-09 18:44 - 000002929 _____ C:\Users\Seka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-02-09 18:44 - 2021-02-09 18:44 - 000002919 _____ C:\Users\Seka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-02-09 18:44 - 2021-02-09 18:44 - 000002917 _____ C:\Users\Seka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-02-09 18:41 - 2021-02-12 11:08 - 000000000 ____D C:\Users\Seka\AppData\Local\BitTorrentHelper
2021-02-09 18:36 - 2021-02-11 16:41 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-09 18:36 - 2021-02-11 16:41 - 000002293 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-02-09 18:35 - 2021-02-11 16:34 - 000003576 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-09 18:35 - 2021-02-11 16:34 - 000003452 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-09 18:32 - 2021-02-09 18:32 - 000000000 ____D C:\Users\Seka\AppData\Local\OneDrive
2021-02-07 08:50 - 2021-02-07 08:50 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2021-02-05 20:42 - 2021-02-05 20:42 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-05 20:38 - 2021-02-09 19:26 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-05 18:10 - 2021-02-05 18:10 - 000000000 ____D C:\Users\Seka\AppData\Local\Comms
2021-02-05 17:56 - 2021-02-05 17:56 - 000000000 ___HD C:\OneDriveTemp
2021-02-05 17:55 - 2021-02-06 17:56 - 000003368 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4046335105-2706149465-2342894865-1000
2021-02-05 17:54 - 2021-02-09 19:00 - 000000000 ____D C:\Users\Seka\AppData\Local\Google
2021-02-05 17:53 - 2021-02-06 17:35 - 000000000 ____D C:\Users\Seka\AppData\Local\PlaceholderTileLogoFolder
2021-02-05 17:52 - 2021-02-05 17:52 - 000000000 ____D C:\Users\Seka\AppData\Roaming\ATI
2021-02-05 17:52 - 2021-02-05 17:52 - 000000000 ____D C:\Users\Seka\AppData\Local\MicrosoftEdge
2021-02-05 17:52 - 2021-02-05 17:52 - 000000000 ____D C:\Users\Seka\AppData\Local\ATI
2021-02-05 17:52 - 2021-02-05 17:52 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-02-05 17:52 - 2021-02-05 17:52 - 000000000 ____D C:\ProgramData\ATI
2021-02-05 17:49 - 2021-02-05 18:11 - 000000000 ____D C:\ProgramData\Packages
2021-02-05 17:49 - 2021-02-05 17:49 - 000000000 ____D C:\Users\Seka\AppData\Local\Publishers
2021-02-05 17:48 - 2021-02-12 10:36 - 000000000 ____D C:\Users\Seka\AppData\Local\Packages
2021-02-05 17:48 - 2021-02-09 20:10 - 000000000 ____D C:\Users\Seka\AppData\Roaming\Adobe
2021-02-05 17:48 - 2021-02-05 17:48 - 000000000 ____D C:\Users\Seka\AppData\Local\VirtualStore
2021-02-05 17:48 - 2021-02-05 17:48 - 000000000 ____D C:\Users\Seka\AppData\Local\Lenovo
2021-02-05 17:47 - 2021-02-09 18:21 - 000000000 ____D C:\Users\Seka\AppData\Local\ConnectedDevicesPlatform
2021-02-05 17:47 - 2021-02-05 17:47 - 000000020 ___SH C:\Users\Seka\ntuser.ini
2021-02-05 17:42 - 2021-02-05 17:42 - 000000000 _____ C:\WINDOWS\ativpsrm.bin
2021-02-05 17:34 - 2021-02-05 17:34 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2021-02-05 17:34 - 2021-02-05 17:34 - 000000000 ____D C:\ProgramData\Lenovo
2021-02-05 17:30 - 2021-02-09 19:56 - 000840598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-05 17:22 - 2021-02-06 17:56 - 000002363 _____ C:\Users\Seka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-05 17:22 - 2021-02-05 17:48 - 000000000 ____D C:\Users\Seka
2021-02-05 17:16 - 2020-12-20 22:57 - 005408968 _____ (Lenovo Group Limited) C:\WINDOWS\SysWOW64\PWMTR32V.dll
2021-02-05 17:16 - 2020-12-20 22:57 - 002351304 _____ (Lenovo Group Limited) C:\WINDOWS\SysWOW64\EasyResume.exe
2021-02-05 17:16 - 2020-12-20 22:57 - 000158920 _____ (Lenovo) C:\WINDOWS\SysWOW64\InstHelper.dll
2021-02-05 17:16 - 2020-12-20 22:57 - 000090312 _____ (Lenovo) C:\WINDOWS\SysWOW64\EventLogger.dll
2021-02-05 17:16 - 2020-12-20 22:57 - 000062152 _____ () C:\WINDOWS\SysWOW64\PowerMgrInst.exe
2021-02-05 17:15 - 2021-02-05 17:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2021-02-05 17:15 - 2021-02-05 17:15 - 000000000 ____D C:\Program Files\ATI Technologies
2021-02-05 17:14 - 2021-02-05 17:15 - 000000000 ____D C:\Program Files (x86)\ATI Technologies
2021-02-05 17:14 - 2021-02-05 17:14 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_tcwbf_01_09_00.Wdf
2021-02-05 17:14 - 2021-02-05 17:14 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_winusb_01009.Wdf
2021-02-05 17:14 - 2021-02-05 17:14 - 000000000 ____D C:\ProgramData\Package Cache
2021-02-05 17:13 - 2021-02-05 17:13 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2021-02-05 17:13 - 2021-02-05 17:13 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2021-02-05 17:13 - 2021-02-05 17:13 - 000000000 ____D C:\Program Files\AuthenTec
2021-02-05 17:13 - 2021-02-05 17:13 - 000000000 ____D C:\Program Files\AMD
2021-02-05 17:12 - 2021-02-05 17:12 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2021-02-05 17:12 - 2021-02-05 17:12 - 000000000 ____D C:\Program Files\CONEXANT
2021-02-05 17:09 - 2021-02-12 11:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-05 17:09 - 2021-02-11 16:36 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-02-05 17:06 - 2021-02-12 10:13 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-05 17:06 - 2021-02-09 19:49 - 000258088 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-05 17:03 - 2021-02-12 11:24 - 000000000 ____D C:\WINDOWS\Panther
2021-02-05 17:01 - 2021-02-05 17:42 - 000000000 ____D C:\Windows.old
2021-02-05 17:00 - 2021-02-05 17:00 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-02-05 16:56 - 2021-02-05 16:56 - 000000000 ____D C:\ProgramData\ssh
2021-02-05 16:45 - 2021-02-05 16:45 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-02-05 16:45 - 2021-02-05 16:45 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-02-05 16:45 - 2021-02-05 16:45 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2021-02-05 16:45 - 2021-02-05 16:45 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-02-05 16:45 - 2021-02-05 16:45 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-02-05 16:45 - 2021-02-05 16:45 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-02-05 16:44 - 2021-02-05 16:44 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-05 16:44 - 2021-02-05 16:44 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-02-05 16:44 - 2021-02-05 16:44 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-02-05 16:44 - 2021-02-05 16:44 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-02-05 16:44 - 2021-02-05 16:44 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2021-02-05 16:44 - 2021-02-05 16:44 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-02-05 16:44 - 2021-02-05 16:44 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-02-05 16:44 - 2021-02-05 16:44 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-02-05 16:44 - 2021-02-05 16:44 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-02-05 16:44 - 2021-02-05 16:44 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-02-05 16:44 - 2021-02-05 16:44 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2021-02-05 16:43 - 2021-02-05 16:43 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2021-02-05 16:43 - 2021-02-05 16:43 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-05 16:43 - 2021-02-05 16:43 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-02-05 16:43 - 2021-02-05 16:43 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2021-02-05 16:43 - 2021-02-05 16:43 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2021-02-05 16:43 - 2021-02-05 16:43 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2021-02-05 16:43 - 2021-02-05 16:43 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-02-05 16:43 - 2021-02-05 16:43 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-02-05 16:43 - 2021-02-05 16:43 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-02-05 16:43 - 2021-02-05 16:43 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2021-02-05 16:43 - 2021-02-05 16:43 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-02-05 16:43 - 2021-02-05 16:43 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-02-05 16:43 - 2021-02-05 16:43 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2021-02-05 16:42 - 2021-02-05 16:42 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-02-05 16:42 - 2021-02-05 16:42 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-02-05 16:42 - 2021-02-05 16:42 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-02-05 16:42 - 2021-02-05 16:42 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-02-05 16:42 - 2021-02-05 16:42 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-02-05 16:42 - 2021-02-05 16:42 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2021-02-05 16:42 - 2021-02-05 16:42 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb
2021-02-05 16:42 - 2021-02-05 16:42 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2021-02-05 16:42 - 2021-02-05 16:42 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2021-02-05 16:41 - 2021-02-05 16:41 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2021-02-05 16:41 - 2021-02-05 16:41 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2021-02-05 16:41 - 2021-02-05 16:41 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-02-05 16:41 - 2021-02-05 16:41 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2021-02-05 16:41 - 2021-02-05 16:41 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2021-02-05 16:41 - 2021-02-05 16:41 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-02-05 16:41 - 2021-02-05 16:41 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-02-05 16:41 - 2021-02-05 16:41 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-02-05 16:41 - 2021-02-05 16:41 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2021-02-05 16:41 - 2021-02-05 16:41 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-02-05 16:41 - 2021-02-05 16:41 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2021-02-05 16:41 - 2021-02-05 16:41 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2021-02-05 16:41 - 2021-02-05 16:41 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv
2021-02-05 16:41 - 2021-02-05 16:41 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2021-02-05 16:40 - 2021-02-05 16:40 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-02-05 16:40 - 2021-02-05 16:40 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-02-05 16:40 - 2021-02-05 16:40 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-02-05 16:40 - 2021-02-05 16:40 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2021-02-05 16:40 - 2021-02-05 16:40 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2021-02-05 16:39 - 2021-02-05 16:39 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-02-05 16:39 - 2021-02-05 16:39 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-02-05 16:39 - 2021-02-05 16:39 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-02-05 16:39 - 2021-02-05 16:39 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2021-02-05 16:39 - 2021-02-05 16:39 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-02-05 16:39 - 2021-02-05 16:39 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-02-05 16:39 - 2021-02-05 16:39 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb
2021-02-05 16:38 - 2021-02-05 16:38 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-02-05 16:38 - 2021-02-05 16:38 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-02-05 16:38 - 2021-02-05 16:38 - 000707544 _____ C:\WINDOWS\system32\TextShaping.dll
2021-02-05 16:38 - 2021-02-05 16:38 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-02-05 16:38 - 2021-02-05 16:38 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-02-05 16:38 - 2021-02-05 16:38 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2021-02-05 16:38 - 2021-02-05 16:38 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2021-02-05 16:37 - 2021-02-05 16:37 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2021-02-05 16:37 - 2021-02-05 16:37 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-02-05 16:37 - 2021-02-05 16:37 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-02-05 16:37 - 2021-02-05 16:37 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-02-05 16:37 - 2021-02-05 16:37 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-02-05 16:37 - 2021-02-05 16:37 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-02-05 16:37 - 2021-02-05 16:37 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2021-02-05 16:37 - 2021-02-05 16:37 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-02-05 16:37 - 2021-02-05 16:37 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2021-02-05 16:37 - 2021-02-05 16:37 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-02-05 16:37 - 2021-02-05 16:37 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2021-02-05 16:37 - 2021-02-05 16:37 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2021-02-05 16:37 - 2021-02-05 16:37 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv
2021-02-05 16:37 - 2021-02-05 16:37 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-02-05 16:22 - 2021-02-05 16:22 - 000000000 ____D C:\Program Files\Reference Assemblies
2021-02-05 16:22 - 2021-02-05 16:22 - 000000000 ____D C:\Program Files\MSBuild
2021-02-05 16:22 - 2021-02-05 16:22 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2021-02-05 16:22 - 2021-02-05 16:22 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-02-05 16:21 - 2019-10-15 13:53 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2021-02-05 16:21 - 2019-04-18 18:49 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2021-02-05 16:14 - 2021-02-12 11:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Lenovo
2021-02-05 16:14 - 2021-02-12 11:38 - 000000000 ____D C:\WINDOWS\system32\Lenovo
2021-02-05 16:14 - 2021-02-05 16:14 - 000000000 ____D C:\Program Files\Synaptics
2021-02-05 16:12 - 2021-02-05 16:12 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-02-04 23:06 - 2021-02-09 20:12 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-02-04 21:50 - 2021-02-05 17:31 - 000006544 _____ C:\Users\Seka\Desktop\Odstránené aplikácie.html
2021-02-04 19:02 - 2021-02-04 19:21 - 000000000 ____D C:\KVRT_Data
2021-02-03 19:21 - 2021-02-12 11:54 - 000000000 ____D C:\FRST
2021-02-03 15:57 - 2021-02-05 17:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2021-02-01 10:07 - 2021-02-01 10:07 - 002753606 _____ C:\Users\Seka\Downloads\Monitorovacia správa 1..pdf
2021-02-01 10:07 - 2021-02-01 10:07 - 002084967 _____ C:\Users\Seka\Downloads\Prílohy k monitorovacej správe 1.pdf
2021-02-01 10:07 - 2021-02-01 10:07 - 000615220 _____ C:\Users\Seka\Downloads\Personálna matica 2 - od 01.02.2021.pdf
2021-02-01 08:51 - 2021-02-01 08:51 - 000042228 _____ C:\Users\Seka\Downloads\Príloha 14_Personalna matica 4.xlsx
2021-02-01 07:25 - 2021-02-01 07:25 - 001559653 _____ C:\Users\Seka\Downloads\FW__ziadost_o_opravu_udajov_karta_ucastnika.zip
2021-02-01 07:25 - 2021-02-01 07:25 - 000049769 _____ C:\Users\Seka\Downloads\Zmeny v systéme finančného riadenia.pdf
2021-01-29 22:36 - 2021-01-29 22:36 - 000001332 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerXpress.lnk
2021-01-29 22:27 - 2021-02-12 11:40 - 000008192 ___SH C:\DumpStack.log.tmp
2021-01-29 06:39 - 2021-01-29 06:39 - 000020619 _____ C:\Users\Seka\Downloads\01-03-Veršíky-Jaro.odt
2021-01-28 15:44 - 2021-01-28 15:44 - 000000000 ___HD C:\$WinREAgent
2021-01-21 16:11 - 2021-01-21 16:30 - 000038400 _____ C:\Users\Seka\Documents\Priloha_c_2-Hlasenie-o-testovanych-osobach TABULKA_Sekulová.xls
2021-01-21 16:07 - 2021-01-21 16:07 - 000037888 _____ C:\Users\Seka\Downloads\Priloha_c_2-Hlasenie-o-testovanych-osobach TABULKA (3).xls
2021-01-21 15:45 - 2021-01-21 15:45 - 000102455 _____ C:\Users\Seka\Downloads\ČASOVY HARMONOGRAM TESTOVANIE 22_01_2021 (3).pdf
2021-01-21 15:43 - 2021-01-21 15:43 - 000037888 _____ C:\Users\Seka\Downloads\Priloha_c_2-Hlasenie-o-testovanych-osobach TABULKA (2).xls
2021-01-21 15:42 - 2021-01-21 15:42 - 000138583 _____ C:\Users\Seka\Downloads\POTVRDENIE AG TESTY (1).pdf
2021-01-21 15:42 - 2021-01-21 15:42 - 000102455 _____ C:\Users\Seka\Downloads\ČASOVY HARMONOGRAM TESTOVANIE 22_01_2021 (2).pdf
2021-01-21 15:40 - 2021-01-21 15:40 - 000037888 _____ C:\Users\Seka\Downloads\Priloha_c_2-Hlasenie-o-testovanych-osobach TABULKA (1).xls
2021-01-21 15:34 - 2021-01-21 15:34 - 000102455 _____ C:\Users\Seka\Downloads\ČASOVY HARMONOGRAM TESTOVANIE 22_01_2021 (1).pdf
2021-01-21 15:31 - 2021-01-21 15:31 - 000037888 _____ C:\Users\Seka\Downloads\Priloha_c_2-Hlasenie-o-testovanych-osobach TABULKA.xls
2021-01-21 15:29 - 2021-01-21 15:29 - 000138583 _____ C:\Users\Seka\Downloads\POTVRDENIE AG TESTY.pdf
2021-01-21 15:28 - 2021-01-21 15:28 - 000102455 _____ C:\Users\Seka\Downloads\ČASOVY HARMONOGRAM TESTOVANIE 22_01_2021.pdf
2021-01-20 16:06 - 2020-11-11 03:54 - 000167280 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2021-01-19 17:31 - 2021-01-19 17:31 - 000188726 _____ C:\Users\Seka\Downloads\Orange_doklad_FR_202012_CN0308513803.pdf
2021-01-19 17:31 - 2021-01-19 17:31 - 000159410 _____ C:\Users\Seka\Downloads\Orange_doklad_FR_202011_CN0308513803 (1).pdf
2021-01-19 17:21 - 2021-01-19 17:21 - 000183865 _____ C:\Users\Seka\Downloads\Orange_doklad_FR_202006_CN0308513803.pdf
2021-01-19 17:17 - 2021-01-19 17:17 - 000187821 _____ C:\Users\Seka\Downloads\Orange_doklad_FR_202101_CN0308513803.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-12 11:44 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-12 11:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-02-12 11:40 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-02-12 11:24 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-02-12 11:20 - 2016-11-12 09:40 - 000000000 ____D C:\Users\Seka\Downloads\XXX
2021-02-12 11:15 - 2015-07-04 12:03 - 000000000 ____D C:\Users\Seka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-02-12 11:15 - 2015-07-04 12:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-02-12 11:12 - 2014-05-15 16:41 - 000001239 _____ C:\Users\Seka\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2021-02-12 11:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
2021-02-12 10:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-12 10:35 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-09 19:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-09 19:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-09 19:48 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-09 19:47 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-02-09 19:47 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-09 18:42 - 2016-08-04 16:49 - 000000000 ___RD C:\Users\Seka\OneDrive
2021-02-09 18:30 - 2014-05-15 16:41 - 000001215 _____ C:\Users\Seka\Desktop\µTorrent.lnk
2021-02-06 04:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\appcompat
2021-02-05 19:49 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-02-05 18:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-02-05 18:06 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-02-05 17:48 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-05 17:48 - 2017-12-07 17:38 - 000000000 ___RD C:\Users\Seka\3D Objects
2021-02-05 17:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\spool
2021-02-05 17:42 - 2019-12-07 15:37 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2021-02-05 17:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-05 17:42 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate
2021-02-05 17:31 - 2019-06-21 16:47 - 000000000 ____D C:\Users\Seka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center
2021-02-05 17:31 - 2017-09-26 17:06 - 000000000 ___RD C:\Users\Seka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Azure Information Protection Viewer
2021-02-05 17:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-02-05 17:13 - 2016-08-04 16:12 - 000000000 ____D C:\AMD
2021-02-05 17:10 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-02-05 17:03 - 2019-12-07 10:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-02-05 17:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-02-05 17:03 - 2019-03-13 18:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-02-05 17:03 - 2018-04-07 14:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone
2021-02-05 17:03 - 2015-10-30 15:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack 64bit
2021-02-05 17:03 - 2015-06-30 17:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2021-02-05 17:03 - 2015-06-10 20:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage
2021-02-05 17:03 - 2015-05-18 19:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2021-02-05 17:03 - 2014-09-26 13:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Parhelia Tools
2021-02-05 17:03 - 2013-03-20 20:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
2021-02-05 17:03 - 2012-05-14 16:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2021-02-05 17:03 - 2012-04-05 19:29 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2021-02-05 17:03 - 2012-04-05 19:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel
2021-02-05 17:03 - 2012-04-05 19:07 - 000000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2021-02-05 17:01 - 2018-02-22 10:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2021-02-05 17:01 - 2017-09-21 16:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2021-02-05 17:01 - 2015-05-18 21:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bentley
2021-02-05 16:56 - 2019-12-07 15:39 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-02-05 16:56 - 2019-12-07 15:39 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-02-05 16:53 - 2019-12-07 15:39 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-02-05 16:53 - 2019-12-07 15:39 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-02-05 16:23 - 2019-12-07 15:38 - 000000000 ____D C:\WINDOWS\OCR
2021-02-05 16:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-02-05 16:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-02-05 16:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-02-05 16:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2021-02-05 16:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-02-05 16:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-02-05 16:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-02-05 16:20 - 2019-12-07 15:36 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2021-02-05 16:20 - 2019-12-07 15:36 - 000000000 ____D C:\WINDOWS\system32\WCN
2021-02-05 15:40 - 2012-04-27 14:27 - 000000000 ____D C:\Users\Seka\AppData\LocalLow\Adobe
2021-02-04 21:04 - 2017-09-21 16:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2021-02-04 17:14 - 2019-10-03 16:53 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2021-02-03 22:31 - 2012-09-12 18:08 - 000000000 ____D C:\Users\Seka\Documents\My Games
2021-02-03 21:52 - 2012-05-02 16:32 - 000000000 ____D C:\Users\Seka\Games
2021-02-03 19:07 - 2012-05-02 14:31 - 000000000 ____D C:\Users\Seka\Documents\zaloha ccleaner
2021-02-03 18:57 - 2016-06-27 15:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2021-01-29 22:42 - 2012-07-12 17:32 - 000000000 ____D C:\Users\Seka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-02-2021 01
Ran by Seka (12-02-2021 12:02:19)
Running from C:\Users\Seka\Desktop
Windows 10 Home Version 20H2 19042.804 (X64) (2021-02-05 16:42:25)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4046335105-2706149465-2342894865-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4046335105-2706149465-2342894865-503 - Limited - Disabled)
Guest (S-1-5-21-4046335105-2706149465-2342894865-501 - Limited - Disabled)
Seka (S-1-5-21-4046335105-2706149465-2342894865-1000 - Administrator - Enabled) => C:\Users\Seka
WDAGUtilityAccount (S-1-5-21-4046335105-2706149465-2342894865-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
CCleaner (HKLM\...\CCleaner) (Version: 5.76 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.27.0 - Conexant)
Excel (HKU\S-1-5-21-4046335105-2706149465-2342894865-1000\...\1fc5b090eab9aa41f8a2f5987367e6da) (Version: 1.0 - Excel)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.150 - Google LLC)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.10.15 - Lenovo)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.63 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - )
Microsoft OneDrive (HKU\S-1-5-21-4046335105-2706149465-2342894865-1000\...\OneDriveSetup.exe) (Version: 21.002.0104.0005 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{143E35D3-F0A4-4E90-96C9-B1B72F11343A}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
PowerPoint (HKU\S-1-5-21-4046335105-2706149465-2342894865-1000\...\319814cb56b667dff88f54e08be8f51f) (Version: 1.0 - PowerPoint)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.16.0 - Synaptics Incorporated)
WinRAR 6.00 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
Word (HKU\S-1-5-21-4046335105-2706149465-2342894865-1000\...\1b837d0bf93d01407352736c91b7bf50) (Version: 1.0 - Word)
Packages:
=========
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-05] (Microsoft Studios) [MS Ad]
Outlook -> C:\Program Files\WindowsApps\outlook.com-78C9D47_1.0.0.0_neutral__3t89ybq5n4y7r [2021-02-12] (outlook.com)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Seka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=leffmjdabcgaflkikcefahmlgpodjkdm
ShortcutWithArgument: C:\Users\Seka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=opfacbhaojodjaojgocnibmklknchehf
ShortcutWithArgument: C:\Users\Seka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=hikhggiobiflkdfdgdajcfklmcibbopi
==================== Loaded Modules (Whitelisted) =============
2015-11-04 16:40 - 2015-11-04 16:40 - 000004608 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamenu.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4046335105-2706149465-2342894865-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Seka\Pictures\hd-wallpaper-black.jpg
DNS Servers: 192.168.100.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-4046335105-2706149465-2342894865-1000\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-4046335105-2706149465-2342894865-1000\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{6765EB1E-74DF-4E8B-86D1-2E6ECE106E8D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{12102B25-2467-499E-963D-976739FBF789}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7FC152BE-DAE9-45B6-A9D3-B9B1C6C0D1A0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{20589F5B-F5A0-4177-9D25-B55E3CFEE62D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{FBCC092F-D287-4662-83E1-D7DB97D9E45D}C:\windows.old\users\seka\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\windows.old\users\seka\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{94B2352B-066B-46CD-B491-C0F0ADD5A0E9}C:\windows.old\users\seka\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\windows.old\users\seka\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{28666F42-53A3-4EDB-81D9-37449140EC79}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
12-02-2021 11:29:39 Removed Windows Installer
12-02-2021 11:37:47 AdwCleaner_BeforeCleaning_12/02/2021_11:37:46
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/09/2021 07:47:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: wuauclt.exe, verzia: 10.0.19041.789, časová značka: 0x01b4b287
Názov chybujúceho modulu: wuuhosdeployment.dll_unloaded, verzia: 10.0.19041.789, časová značka: 0xfdb9af83
Kód výnimky: 0xc0000005
Odstup chyby: 0x000000000001a303
Identifikácia chybujúceho procesu: 0x5bc
Čas spustenia chybujúcej aplikácie: 0x01d6ff11b5af4681
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\wuauclt.exe
Cesta chybujúceho modulu: wuuhosdeployment.dll
Identifikácia hlásenia: 1ad3400e-6af7-4cca-b53b-40f66033e351
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Error: (02/09/2021 06:51:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SystemSettings.exe version 10.0.19041.789 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 12f4
Start Time: 01d6ff0b2c4a4418
Termination Time: 4294967295
Application Path: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Report Id: 258f3259-d0b2-45d9-b381-96248c89d641
Faulting package full name: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel
Hang type: Quiesce
Error: (02/09/2021 06:43:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SystemSettings.exe version 10.0.19041.789 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 1834
Start Time: 01d6ff0af014bb9e
Termination Time: 4294967295
Application Path: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Report Id: 12dc6c46-3f80-4f90-a19e-09d8a6070de5
Faulting package full name: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel
Hang type: Cross-thread
Error: (02/09/2021 06:33:04 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (02/09/2021 06:33:04 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (02/07/2021 08:56:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: MicrosoftEdgeSH.exe, verzia: 11.0.19041.1, časová značka: 0xdd99950e
Názov chybujúceho modulu: unknown, verzia: 0.0.0.0, časová značka: 0x00000000
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000000020a
Identifikácia chybujúceho procesu: 0x275c
Čas spustenia chybujúcej aplikácie: 0x01d6fd26b21e26f6
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\MicrosoftEdgeSH.exe
Cesta chybujúceho modulu: unknown
Identifikácia hlásenia: d9b1705b-616b-4be9-bfd4-eb120ac796fe
Celé meno chybujúceho balíka: Microsoft.MicrosoftEdge_44.19041.423.0_neutral__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: MicrosoftEdge
Error: (02/05/2021 05:49:11 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: SEKA-THINK)
Description: microsoft.microsoftedge_8wekyb3d8bbwe-2147024893
Error: (02/05/2021 05:43:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program dwm.exe version 10.0.19041.746 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 44c
Start Time: 01d6fbdb5d89e66c
Termination Time: 37
Application Path: C:\Windows\System32\dwm.exe
Report Id: 92180cdb-f3de-4d6c-9802-c1c47c6b1865
Faulting package full name:
Faulting package-relative application ID:
Hang type: Unknown
System errors:
=============
Error: (02/12/2021 11:49:01 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (02/12/2021 11:49:01 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SynTPEnh Caller Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (02/12/2021 11:49:01 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD External Events Utility sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (02/12/2021 11:42:16 AM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.
Error: (02/12/2021 11:40:53 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: The password notification DLL C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll failed to load with error 126. Please verify that the notification DLL path defined in the registry, HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages, refers to a correct and absolute path (<drive>:\<path>\<filename>.<ext>) and not a relative or invalid path. If the DLL path is correct, please validate that any supporting files are located in the same directory, and that the system account has read access to both the DLL path and any supporting files. Contact the provider of the notification DLL for additional support. Further details can be found on the web at http://go.microsoft.com/fwlink/?LinkId=245898.
Error: (02/12/2021 11:39:40 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Lenovo PM Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (02/12/2021 11:38:25 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (02/12/2021 11:38:25 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SynTPEnh Caller Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Windows Defender:
===================================
Date: 2021-02-12 12:03:25.8380000Z
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: App:Utorrent
ID: 268641
Severity: Nízka
Category: Potenciálne nežiaduci softvér
Path: file:_C:\Users\Seka\Downloads\uTorrent.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.331.815.0, AS: 1.331.815.0, NIS: 1.331.815.0
Engine Version: AM: 1.1.17800.5, NIS: 1.1.17800.5
Date: 2021-02-12 12:02:07.4070000Z
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: PUA:Win32/CandyOpen
ID: 213956
Severity: Nízka
Category: Potenciálne nežiaduci softvér
Path: containerfile:_C:\Users\Seka\Downloads\uTorrent.exe; file:_C:\Users\Seka\Downloads\uTorrent.exe->(UPX)
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Users\Seka\Desktop\FRST64.exe
Security intelligence Version: AV: 1.331.815.0, AS: 1.331.815.0, NIS: 1.331.815.0
Engine Version: AM: 1.1.17800.5, NIS: 1.1.17800.5
Date: 2021-02-12 11:24:48.4330000Z
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: PUA:Win32/LittleRegClean
ID: 227480
Severity: Nízka
Category: Potenciálne nežiaduci softvér
Path: file:_C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe; file:_C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files\CCleaner\CCleaner64.exe
Security intelligence Version: AV: 1.331.815.0, AS: 1.331.815.0, NIS: 1.331.815.0
Engine Version: AM: 1.1.17800.5, NIS: 1.1.17800.5
Date: 2021-02-12 11:24:47.6440000Z
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: PUA:Win32/LittleRegClean
ID: 227480
Severity: Nízka
Category: Potenciálne nežiaduci softvér
Path: file:_C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files\CCleaner\CCleaner64.exe
Security intelligence Version: AV: 1.331.815.0, AS: 1.331.815.0, NIS: 1.331.815.0
Engine Version: AM: 1.1.17800.5, NIS: 1.1.17800.5
Date: 2021-02-12 11:24:42.1680000Z
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: PUA:Win32/Presenoker
ID: 242420
Severity: Nízka
Category: Potenciálne nežiaduci softvér
Path: file:_C:\Program Files (x86)\AdvancedWindowsManager\Windows Installer\AdvancedWindowsManager.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files\CCleaner\CCleaner64.exe
Security intelligence Version: AV: 1.331.815.0, AS: 1.331.815.0, NIS: 1.331.815.0
Engine Version: AM: 1.1.17800.5, NIS: 1.1.17800.5
Date: 2021-02-07 10:58:05.1330000Z
Description:
Microsoft Defender Antivirus has encountered an error trying to load security intelligence and will attempt reverting back to a known-good version.
Security intelligence Attempted: Backup
Error Code: 0x80004004
Error description: Operation aborted
Security intelligence version: 1.331.374.0;1.331.374.0
Engine version: 1.1.17800.5
Date: 2021-02-07 10:58:02.5220000Z
Description:
Microsoft Defender Antivirus has encountered an error trying to load security intelligence and will attempt reverting back to a known-good version.
Security intelligence Attempted: Current
Error Code: 0x80004004
Error description: Operation aborted
Security intelligence version: 1.331.384.0;1.331.384.0
Engine version: 1.1.17800.5
==================== Memory info ===========================
BIOS: LENOVO LENOVO - 125 03/01/2013
Motherboard: LENOVO 1143K4G
Processor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz
Percentage of memory in use: 73%
Total physical RAM: 4007.23 MB
Available physical RAM: 1056.51 MB
Total Virtual: 5415.23 MB
Available Virtual: 2482.29 MB
==================== Drives ================================
Drive c: (Windows7_OS) (Fixed) (Total:447.85 GB) (Free:230.69 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive q: (Lenovo_Recovery) (Fixed) (Total:15.62 GB) (Free:4.24 GB) NTFS
\\?\Volume{0751cdc4-7f48-11e1-b9a7-806e6f6e6963}\ (SYSTEM_DRV) (Fixed) (Total:1.46 GB) (Free:1.12 GB) NTFS
\\?\Volume{ccd2e061-0000-0000-0000-005470000000}\ () (Fixed) (Total:0.82 GB) (Free:0.27 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: CCD2E061)
Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=447.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=842 MB) - (Type=27)
Partition 4: (Not Active) - (Size=15.6 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
čistá inštalácia, ale dáky bordel sa mi tam naťahal a pri prihlásení je nejaký problém s kontami, neviem.
Prosím o kontrolu, vkladám log.
Ďakujem.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-02-2021 01
Ran by Seka (administrator) on SEKA-THINK (LENOVO 1143K4G) (12-02-2021 11:53:45)
Running from C:\Users\Seka\Desktop
Loaded Profiles: Seka
Platform: Windows 10 Home Version 20H2 19042.804 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(LENOVO -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\NisSrv.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3936936 2015-07-28] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [SynLenovoHelper] => C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe [146600 2015-07-28] (Synaptics Incorporated -> Synaptics)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-4046335105-2706149465-2342894865-1000\...\Run: [uTorrent] => C:\Windows.old\Users\Seka\AppData\Roaming\uTorrent\uTorrent.exe [2146776 2021-02-05] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-4046335105-2706149465-2342894865-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32440376 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\88.0.4324.150\Installer\chrmstp.exe [2021-02-09] (Google LLC -> Google LLC)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
GroupPolicy: Restriction - Chrome <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {07B1D3D6-5B5A-4848-9064-85773A74A0B2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0D1886C8-5A6A-4C93-8D67-9C7AA0DEC3E6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26913848 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {253481C4-293E-46EB-89B3-0357C70FBD49} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-09] (Google LLC -> Google LLC)
Task: {2AB3B680-6657-4DAB-A440-3411A7485D60} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4F555DD1-E636-462E-AE29-1AE48D32E119} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\PowerMgrInst.exe [62152 2020-12-20] (Lenovo -> )
Task: {59F705C8-AF05-4259-AB0A-533C14D8F800} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-09] (Google LLC -> Google LLC)
Task: {740E398E-5DD1-47B6-976C-DDB9CF2469D5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {79081348-4356-411E-BB15-63BC0BA461CD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BD570226-CBEE-4E0A-8AFB-5C9CAB440FD6} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
Task: {DCCA0DFF-0191-4ED1-B888-37F6E3B75AC8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E8589ACE-A938-42E1-9269-EAA68761F8D8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{f06c9e1d-6c66-4450-b99f-3ac97e98c758}: [DhcpNameServer] 192.168.100.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Seka\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-12]
Edge Extension: (Outlook) - C:\Users\Seka\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2021-02-09]
Edge Extension: (Word) - C:\Users\Seka\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2021-02-09]
Edge Extension: (Excel) - C:\Users\Seka\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2021-02-09]
Edge Extension: (PowerPoint) - C:\Users\Seka\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf [2021-02-09]
Edge HKLM-x32\...\Edge\Extension: [eofogjfkadmolbbmnlbohhbkhbodcjjm]
FireFox:
========
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Seka\AppData\Local\Google\Chrome\User Data\Default [2021-02-12]
CHR Notifications: Default -> hxxps://mail-notification.info
CHR Extension: (Slides) - C:\Users\Seka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-02-09]
CHR Extension: (Docs) - C:\Users\Seka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-02-09]
CHR Extension: (Google Drive) - C:\Users\Seka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-02-09]
CHR Extension: (YouTube) - C:\Users\Seka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-02-09]
CHR Extension: (Sheets) - C:\Users\Seka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-02-09]
CHR Extension: (Google Docs Offline) - C:\Users\Seka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-02-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Seka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-09]
CHR Extension: (Gmail) - C:\Users\Seka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-02-09]
CHR Extension: (Chrome Media Router) - C:\Users\Seka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-02-09]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\NisSrv.exe [2462960 2021-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MsMpEng.exe [128376 2021-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 5U877; C:\WINDOWS\system32\DRIVERS\5U877.sys [166016 2011-03-05] (Microsoft Windows Hardware Compatibility Publisher -> Ricoh co.,Ltd.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ekbdflt; C:\WINDOWS\System32\drivers\ekbdflt.sys [43720 2020-11-06] (ESET, spol. s r.o. -> ESET)
S3 iwdbus; C:\WINDOWS\System32\drivers\iwdbus.sys [25496 2011-06-21] (Wireless Display -> Intel Corporation)
R2 risdxc; C:\WINDOWS\System32\drivers\risdxc64.sys [101888 2011-05-26] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64880 2020-11-11] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49552 2021-02-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [419040 2021-02-11] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-11] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-12 11:53 - 2021-02-12 11:55 - 000011009 _____ C:\Users\Seka\Desktop\FRST.txt
2021-02-12 11:51 - 2021-02-12 11:51 - 002297344 _____ (Farbar) C:\Users\Seka\Downloads\FRST64.exe
2021-02-12 11:51 - 2021-02-12 11:51 - 002297344 _____ (Farbar) C:\Users\Seka\Desktop\FRST64.exe
2021-02-12 11:16 - 2021-02-12 11:16 - 000000000 ____D C:\Users\Seka\AppData\Roaming\WinRAR
2021-02-12 11:15 - 2021-02-12 11:17 - 000000000 ____D C:\Program Files\WinRAR
2021-02-12 11:12 - 2021-02-12 11:12 - 000000000 ____D C:\Users\Default\AppData\Local\AdvinstAnalytics
2021-02-12 11:12 - 2021-02-12 11:12 - 000000000 ____D C:\Users\Default User\AppData\Local\AdvinstAnalytics
2021-02-12 11:12 - 2021-02-12 11:12 - 000000000 ____D C:\Program Files (x86)\AdvancedWindowsManager
2021-02-12 11:11 - 2021-02-12 11:11 - 000000290 __RSH C:\ProgramData\ntuser.pol
2021-02-12 11:09 - 2021-02-12 11:30 - 000000000 ____D C:\Users\Seka\AppData\Local\AdvinstAnalytics
2021-02-12 11:01 - 2021-02-12 11:01 - 000782095 _____ C:\Users\Seka\Downloads\001398.pdf
2021-02-12 09:27 - 2021-02-12 09:27 - 000011718 _____ C:\Users\Seka\Downloads\Prerozdelene projektov_02_2021.xlsx
2021-02-11 17:17 - 2021-02-11 17:17 - 000136085 _____ C:\Users\Seka\Downloads\dopis_300842531_602557f098955.pdf
2021-02-11 17:14 - 2021-02-11 17:14 - 000066395 _____ C:\Users\Seka\Downloads\1604059150_sekulova_katarina.pdf
2021-02-09 20:09 - 2021-02-11 16:37 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-02-09 20:09 - 2021-02-09 20:09 - 000002135 _____ C:\ProgramData\Desktop\Acrobat Reader DC.lnk
2021-02-09 20:08 - 2021-02-09 20:08 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-02-09 20:07 - 2021-02-09 20:11 - 000000000 ____D C:\ProgramData\Adobe
2021-02-09 20:06 - 2021-02-11 16:37 - 000000000 ____D C:\Users\Seka\AppData\Local\Adobe
2021-02-09 19:59 - 2021-02-09 19:59 - 000000000 ____D C:\Users\Seka\AppData\Local\ElevatedDiagnostics
2021-02-09 19:43 - 2021-02-09 19:43 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-02-09 19:43 - 2021-02-09 19:43 - 000010892 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-09 19:03 - 2021-02-12 11:45 - 000000000 ____D C:\Program Files\CCleaner
2021-02-09 19:03 - 2021-02-09 19:03 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-02-09 19:03 - 2021-02-09 19:03 - 000002876 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-02-09 19:03 - 2021-02-09 19:03 - 000000874 _____ C:\ProgramData\Desktop\CCleaner.lnk
2021-02-09 18:49 - 2021-02-09 18:58 - 000002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-09 18:49 - 2021-02-09 18:58 - 000002229 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-02-09 18:48 - 2021-02-09 18:48 - 000003456 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-09 18:48 - 2021-02-09 18:48 - 000003332 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-09 18:48 - 2021-02-09 18:48 - 000000000 ____D C:\Program Files\Google
2021-02-09 18:48 - 2021-02-09 18:48 - 000000000 ____D C:\Program Files (x86)\Google
2021-02-09 18:44 - 2021-02-09 18:44 - 000002929 _____ C:\Users\Seka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-02-09 18:44 - 2021-02-09 18:44 - 000002919 _____ C:\Users\Seka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-02-09 18:44 - 2021-02-09 18:44 - 000002917 _____ C:\Users\Seka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-02-09 18:41 - 2021-02-12 11:08 - 000000000 ____D C:\Users\Seka\AppData\Local\BitTorrentHelper
2021-02-09 18:36 - 2021-02-11 16:41 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-09 18:36 - 2021-02-11 16:41 - 000002293 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-02-09 18:35 - 2021-02-11 16:34 - 000003576 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-09 18:35 - 2021-02-11 16:34 - 000003452 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-09 18:32 - 2021-02-09 18:32 - 000000000 ____D C:\Users\Seka\AppData\Local\OneDrive
2021-02-07 08:50 - 2021-02-07 08:50 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2021-02-05 20:42 - 2021-02-05 20:42 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-05 20:38 - 2021-02-09 19:26 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-05 18:10 - 2021-02-05 18:10 - 000000000 ____D C:\Users\Seka\AppData\Local\Comms
2021-02-05 17:56 - 2021-02-05 17:56 - 000000000 ___HD C:\OneDriveTemp
2021-02-05 17:55 - 2021-02-06 17:56 - 000003368 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4046335105-2706149465-2342894865-1000
2021-02-05 17:54 - 2021-02-09 19:00 - 000000000 ____D C:\Users\Seka\AppData\Local\Google
2021-02-05 17:53 - 2021-02-06 17:35 - 000000000 ____D C:\Users\Seka\AppData\Local\PlaceholderTileLogoFolder
2021-02-05 17:52 - 2021-02-05 17:52 - 000000000 ____D C:\Users\Seka\AppData\Roaming\ATI
2021-02-05 17:52 - 2021-02-05 17:52 - 000000000 ____D C:\Users\Seka\AppData\Local\MicrosoftEdge
2021-02-05 17:52 - 2021-02-05 17:52 - 000000000 ____D C:\Users\Seka\AppData\Local\ATI
2021-02-05 17:52 - 2021-02-05 17:52 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-02-05 17:52 - 2021-02-05 17:52 - 000000000 ____D C:\ProgramData\ATI
2021-02-05 17:49 - 2021-02-05 18:11 - 000000000 ____D C:\ProgramData\Packages
2021-02-05 17:49 - 2021-02-05 17:49 - 000000000 ____D C:\Users\Seka\AppData\Local\Publishers
2021-02-05 17:48 - 2021-02-12 10:36 - 000000000 ____D C:\Users\Seka\AppData\Local\Packages
2021-02-05 17:48 - 2021-02-09 20:10 - 000000000 ____D C:\Users\Seka\AppData\Roaming\Adobe
2021-02-05 17:48 - 2021-02-05 17:48 - 000000000 ____D C:\Users\Seka\AppData\Local\VirtualStore
2021-02-05 17:48 - 2021-02-05 17:48 - 000000000 ____D C:\Users\Seka\AppData\Local\Lenovo
2021-02-05 17:47 - 2021-02-09 18:21 - 000000000 ____D C:\Users\Seka\AppData\Local\ConnectedDevicesPlatform
2021-02-05 17:47 - 2021-02-05 17:47 - 000000020 ___SH C:\Users\Seka\ntuser.ini
2021-02-05 17:42 - 2021-02-05 17:42 - 000000000 _____ C:\WINDOWS\ativpsrm.bin
2021-02-05 17:34 - 2021-02-05 17:34 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2021-02-05 17:34 - 2021-02-05 17:34 - 000000000 ____D C:\ProgramData\Lenovo
2021-02-05 17:30 - 2021-02-09 19:56 - 000840598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-05 17:22 - 2021-02-06 17:56 - 000002363 _____ C:\Users\Seka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-05 17:22 - 2021-02-05 17:48 - 000000000 ____D C:\Users\Seka
2021-02-05 17:16 - 2020-12-20 22:57 - 005408968 _____ (Lenovo Group Limited) C:\WINDOWS\SysWOW64\PWMTR32V.dll
2021-02-05 17:16 - 2020-12-20 22:57 - 002351304 _____ (Lenovo Group Limited) C:\WINDOWS\SysWOW64\EasyResume.exe
2021-02-05 17:16 - 2020-12-20 22:57 - 000158920 _____ (Lenovo) C:\WINDOWS\SysWOW64\InstHelper.dll
2021-02-05 17:16 - 2020-12-20 22:57 - 000090312 _____ (Lenovo) C:\WINDOWS\SysWOW64\EventLogger.dll
2021-02-05 17:16 - 2020-12-20 22:57 - 000062152 _____ () C:\WINDOWS\SysWOW64\PowerMgrInst.exe
2021-02-05 17:15 - 2021-02-05 17:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2021-02-05 17:15 - 2021-02-05 17:15 - 000000000 ____D C:\Program Files\ATI Technologies
2021-02-05 17:14 - 2021-02-05 17:15 - 000000000 ____D C:\Program Files (x86)\ATI Technologies
2021-02-05 17:14 - 2021-02-05 17:14 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_tcwbf_01_09_00.Wdf
2021-02-05 17:14 - 2021-02-05 17:14 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_winusb_01009.Wdf
2021-02-05 17:14 - 2021-02-05 17:14 - 000000000 ____D C:\ProgramData\Package Cache
2021-02-05 17:13 - 2021-02-05 17:13 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2021-02-05 17:13 - 2021-02-05 17:13 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2021-02-05 17:13 - 2021-02-05 17:13 - 000000000 ____D C:\Program Files\AuthenTec
2021-02-05 17:13 - 2021-02-05 17:13 - 000000000 ____D C:\Program Files\AMD
2021-02-05 17:12 - 2021-02-05 17:12 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2021-02-05 17:12 - 2021-02-05 17:12 - 000000000 ____D C:\Program Files\CONEXANT
2021-02-05 17:09 - 2021-02-12 11:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-05 17:09 - 2021-02-11 16:36 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-02-05 17:06 - 2021-02-12 10:13 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-05 17:06 - 2021-02-09 19:49 - 000258088 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-05 17:03 - 2021-02-12 11:24 - 000000000 ____D C:\WINDOWS\Panther
2021-02-05 17:01 - 2021-02-05 17:42 - 000000000 ____D C:\Windows.old
2021-02-05 17:00 - 2021-02-05 17:00 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-02-05 16:56 - 2021-02-05 16:56 - 000000000 ____D C:\ProgramData\ssh
2021-02-05 16:45 - 2021-02-05 16:45 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-02-05 16:45 - 2021-02-05 16:45 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-02-05 16:45 - 2021-02-05 16:45 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2021-02-05 16:45 - 2021-02-05 16:45 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-02-05 16:45 - 2021-02-05 16:45 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-02-05 16:45 - 2021-02-05 16:45 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-02-05 16:44 - 2021-02-05 16:44 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-05 16:44 - 2021-02-05 16:44 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-02-05 16:44 - 2021-02-05 16:44 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-02-05 16:44 - 2021-02-05 16:44 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-02-05 16:44 - 2021-02-05 16:44 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2021-02-05 16:44 - 2021-02-05 16:44 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-02-05 16:44 - 2021-02-05 16:44 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-02-05 16:44 - 2021-02-05 16:44 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-02-05 16:44 - 2021-02-05 16:44 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-02-05 16:44 - 2021-02-05 16:44 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-02-05 16:44 - 2021-02-05 16:44 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2021-02-05 16:43 - 2021-02-05 16:43 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2021-02-05 16:43 - 2021-02-05 16:43 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-05 16:43 - 2021-02-05 16:43 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-02-05 16:43 - 2021-02-05 16:43 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2021-02-05 16:43 - 2021-02-05 16:43 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2021-02-05 16:43 - 2021-02-05 16:43 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2021-02-05 16:43 - 2021-02-05 16:43 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-02-05 16:43 - 2021-02-05 16:43 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-02-05 16:43 - 2021-02-05 16:43 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-02-05 16:43 - 2021-02-05 16:43 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2021-02-05 16:43 - 2021-02-05 16:43 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-02-05 16:43 - 2021-02-05 16:43 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-02-05 16:43 - 2021-02-05 16:43 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2021-02-05 16:42 - 2021-02-05 16:42 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-02-05 16:42 - 2021-02-05 16:42 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-02-05 16:42 - 2021-02-05 16:42 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-02-05 16:42 - 2021-02-05 16:42 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-02-05 16:42 - 2021-02-05 16:42 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-02-05 16:42 - 2021-02-05 16:42 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2021-02-05 16:42 - 2021-02-05 16:42 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb
2021-02-05 16:42 - 2021-02-05 16:42 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2021-02-05 16:42 - 2021-02-05 16:42 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2021-02-05 16:41 - 2021-02-05 16:41 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2021-02-05 16:41 - 2021-02-05 16:41 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2021-02-05 16:41 - 2021-02-05 16:41 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-02-05 16:41 - 2021-02-05 16:41 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2021-02-05 16:41 - 2021-02-05 16:41 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2021-02-05 16:41 - 2021-02-05 16:41 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-02-05 16:41 - 2021-02-05 16:41 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-02-05 16:41 - 2021-02-05 16:41 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-02-05 16:41 - 2021-02-05 16:41 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2021-02-05 16:41 - 2021-02-05 16:41 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-02-05 16:41 - 2021-02-05 16:41 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2021-02-05 16:41 - 2021-02-05 16:41 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2021-02-05 16:41 - 2021-02-05 16:41 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv
2021-02-05 16:41 - 2021-02-05 16:41 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2021-02-05 16:40 - 2021-02-05 16:40 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-02-05 16:40 - 2021-02-05 16:40 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-02-05 16:40 - 2021-02-05 16:40 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-02-05 16:40 - 2021-02-05 16:40 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2021-02-05 16:40 - 2021-02-05 16:40 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2021-02-05 16:39 - 2021-02-05 16:39 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-02-05 16:39 - 2021-02-05 16:39 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-02-05 16:39 - 2021-02-05 16:39 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-02-05 16:39 - 2021-02-05 16:39 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2021-02-05 16:39 - 2021-02-05 16:39 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-02-05 16:39 - 2021-02-05 16:39 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-02-05 16:39 - 2021-02-05 16:39 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb
2021-02-05 16:38 - 2021-02-05 16:38 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-02-05 16:38 - 2021-02-05 16:38 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-02-05 16:38 - 2021-02-05 16:38 - 000707544 _____ C:\WINDOWS\system32\TextShaping.dll
2021-02-05 16:38 - 2021-02-05 16:38 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-02-05 16:38 - 2021-02-05 16:38 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-02-05 16:38 - 2021-02-05 16:38 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2021-02-05 16:38 - 2021-02-05 16:38 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2021-02-05 16:37 - 2021-02-05 16:37 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2021-02-05 16:37 - 2021-02-05 16:37 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-02-05 16:37 - 2021-02-05 16:37 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-02-05 16:37 - 2021-02-05 16:37 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-02-05 16:37 - 2021-02-05 16:37 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-02-05 16:37 - 2021-02-05 16:37 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-02-05 16:37 - 2021-02-05 16:37 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2021-02-05 16:37 - 2021-02-05 16:37 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-02-05 16:37 - 2021-02-05 16:37 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2021-02-05 16:37 - 2021-02-05 16:37 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-02-05 16:37 - 2021-02-05 16:37 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2021-02-05 16:37 - 2021-02-05 16:37 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2021-02-05 16:37 - 2021-02-05 16:37 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv
2021-02-05 16:37 - 2021-02-05 16:37 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-02-05 16:22 - 2021-02-05 16:22 - 000000000 ____D C:\Program Files\Reference Assemblies
2021-02-05 16:22 - 2021-02-05 16:22 - 000000000 ____D C:\Program Files\MSBuild
2021-02-05 16:22 - 2021-02-05 16:22 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2021-02-05 16:22 - 2021-02-05 16:22 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-02-05 16:21 - 2019-10-15 13:53 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2021-02-05 16:21 - 2019-04-18 18:49 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2021-02-05 16:14 - 2021-02-12 11:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Lenovo
2021-02-05 16:14 - 2021-02-12 11:38 - 000000000 ____D C:\WINDOWS\system32\Lenovo
2021-02-05 16:14 - 2021-02-05 16:14 - 000000000 ____D C:\Program Files\Synaptics
2021-02-05 16:12 - 2021-02-05 16:12 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-02-04 23:06 - 2021-02-09 20:12 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-02-04 21:50 - 2021-02-05 17:31 - 000006544 _____ C:\Users\Seka\Desktop\Odstránené aplikácie.html
2021-02-04 19:02 - 2021-02-04 19:21 - 000000000 ____D C:\KVRT_Data
2021-02-03 19:21 - 2021-02-12 11:54 - 000000000 ____D C:\FRST
2021-02-03 15:57 - 2021-02-05 17:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2021-02-01 10:07 - 2021-02-01 10:07 - 002753606 _____ C:\Users\Seka\Downloads\Monitorovacia správa 1..pdf
2021-02-01 10:07 - 2021-02-01 10:07 - 002084967 _____ C:\Users\Seka\Downloads\Prílohy k monitorovacej správe 1.pdf
2021-02-01 10:07 - 2021-02-01 10:07 - 000615220 _____ C:\Users\Seka\Downloads\Personálna matica 2 - od 01.02.2021.pdf
2021-02-01 08:51 - 2021-02-01 08:51 - 000042228 _____ C:\Users\Seka\Downloads\Príloha 14_Personalna matica 4.xlsx
2021-02-01 07:25 - 2021-02-01 07:25 - 001559653 _____ C:\Users\Seka\Downloads\FW__ziadost_o_opravu_udajov_karta_ucastnika.zip
2021-02-01 07:25 - 2021-02-01 07:25 - 000049769 _____ C:\Users\Seka\Downloads\Zmeny v systéme finančného riadenia.pdf
2021-01-29 22:36 - 2021-01-29 22:36 - 000001332 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerXpress.lnk
2021-01-29 22:27 - 2021-02-12 11:40 - 000008192 ___SH C:\DumpStack.log.tmp
2021-01-29 06:39 - 2021-01-29 06:39 - 000020619 _____ C:\Users\Seka\Downloads\01-03-Veršíky-Jaro.odt
2021-01-28 15:44 - 2021-01-28 15:44 - 000000000 ___HD C:\$WinREAgent
2021-01-21 16:11 - 2021-01-21 16:30 - 000038400 _____ C:\Users\Seka\Documents\Priloha_c_2-Hlasenie-o-testovanych-osobach TABULKA_Sekulová.xls
2021-01-21 16:07 - 2021-01-21 16:07 - 000037888 _____ C:\Users\Seka\Downloads\Priloha_c_2-Hlasenie-o-testovanych-osobach TABULKA (3).xls
2021-01-21 15:45 - 2021-01-21 15:45 - 000102455 _____ C:\Users\Seka\Downloads\ČASOVY HARMONOGRAM TESTOVANIE 22_01_2021 (3).pdf
2021-01-21 15:43 - 2021-01-21 15:43 - 000037888 _____ C:\Users\Seka\Downloads\Priloha_c_2-Hlasenie-o-testovanych-osobach TABULKA (2).xls
2021-01-21 15:42 - 2021-01-21 15:42 - 000138583 _____ C:\Users\Seka\Downloads\POTVRDENIE AG TESTY (1).pdf
2021-01-21 15:42 - 2021-01-21 15:42 - 000102455 _____ C:\Users\Seka\Downloads\ČASOVY HARMONOGRAM TESTOVANIE 22_01_2021 (2).pdf
2021-01-21 15:40 - 2021-01-21 15:40 - 000037888 _____ C:\Users\Seka\Downloads\Priloha_c_2-Hlasenie-o-testovanych-osobach TABULKA (1).xls
2021-01-21 15:34 - 2021-01-21 15:34 - 000102455 _____ C:\Users\Seka\Downloads\ČASOVY HARMONOGRAM TESTOVANIE 22_01_2021 (1).pdf
2021-01-21 15:31 - 2021-01-21 15:31 - 000037888 _____ C:\Users\Seka\Downloads\Priloha_c_2-Hlasenie-o-testovanych-osobach TABULKA.xls
2021-01-21 15:29 - 2021-01-21 15:29 - 000138583 _____ C:\Users\Seka\Downloads\POTVRDENIE AG TESTY.pdf
2021-01-21 15:28 - 2021-01-21 15:28 - 000102455 _____ C:\Users\Seka\Downloads\ČASOVY HARMONOGRAM TESTOVANIE 22_01_2021.pdf
2021-01-20 16:06 - 2020-11-11 03:54 - 000167280 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2021-01-19 17:31 - 2021-01-19 17:31 - 000188726 _____ C:\Users\Seka\Downloads\Orange_doklad_FR_202012_CN0308513803.pdf
2021-01-19 17:31 - 2021-01-19 17:31 - 000159410 _____ C:\Users\Seka\Downloads\Orange_doklad_FR_202011_CN0308513803 (1).pdf
2021-01-19 17:21 - 2021-01-19 17:21 - 000183865 _____ C:\Users\Seka\Downloads\Orange_doklad_FR_202006_CN0308513803.pdf
2021-01-19 17:17 - 2021-01-19 17:17 - 000187821 _____ C:\Users\Seka\Downloads\Orange_doklad_FR_202101_CN0308513803.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-12 11:44 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-12 11:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-02-12 11:40 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-02-12 11:24 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-02-12 11:20 - 2016-11-12 09:40 - 000000000 ____D C:\Users\Seka\Downloads\XXX
2021-02-12 11:15 - 2015-07-04 12:03 - 000000000 ____D C:\Users\Seka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-02-12 11:15 - 2015-07-04 12:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-02-12 11:12 - 2014-05-15 16:41 - 000001239 _____ C:\Users\Seka\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2021-02-12 11:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
2021-02-12 10:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-12 10:35 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-09 19:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-09 19:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-09 19:48 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-09 19:47 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-02-09 19:47 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-09 18:42 - 2016-08-04 16:49 - 000000000 ___RD C:\Users\Seka\OneDrive
2021-02-09 18:30 - 2014-05-15 16:41 - 000001215 _____ C:\Users\Seka\Desktop\µTorrent.lnk
2021-02-06 04:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\appcompat
2021-02-05 19:49 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-02-05 18:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-02-05 18:06 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-02-05 17:48 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-05 17:48 - 2017-12-07 17:38 - 000000000 ___RD C:\Users\Seka\3D Objects
2021-02-05 17:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\spool
2021-02-05 17:42 - 2019-12-07 15:37 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2021-02-05 17:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-05 17:42 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate
2021-02-05 17:31 - 2019-06-21 16:47 - 000000000 ____D C:\Users\Seka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center
2021-02-05 17:31 - 2017-09-26 17:06 - 000000000 ___RD C:\Users\Seka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Azure Information Protection Viewer
2021-02-05 17:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-02-05 17:13 - 2016-08-04 16:12 - 000000000 ____D C:\AMD
2021-02-05 17:10 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-02-05 17:03 - 2019-12-07 10:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-02-05 17:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-02-05 17:03 - 2019-03-13 18:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-02-05 17:03 - 2018-04-07 14:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone
2021-02-05 17:03 - 2015-10-30 15:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack 64bit
2021-02-05 17:03 - 2015-06-30 17:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2021-02-05 17:03 - 2015-06-10 20:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage
2021-02-05 17:03 - 2015-05-18 19:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2021-02-05 17:03 - 2014-09-26 13:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Parhelia Tools
2021-02-05 17:03 - 2013-03-20 20:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
2021-02-05 17:03 - 2012-05-14 16:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2021-02-05 17:03 - 2012-04-05 19:29 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2021-02-05 17:03 - 2012-04-05 19:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel
2021-02-05 17:03 - 2012-04-05 19:07 - 000000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2021-02-05 17:01 - 2018-02-22 10:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2021-02-05 17:01 - 2017-09-21 16:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2021-02-05 17:01 - 2015-05-18 21:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bentley
2021-02-05 16:56 - 2019-12-07 15:39 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-02-05 16:56 - 2019-12-07 15:39 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-02-05 16:53 - 2019-12-07 15:39 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-02-05 16:53 - 2019-12-07 15:39 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-02-05 16:23 - 2019-12-07 15:38 - 000000000 ____D C:\WINDOWS\OCR
2021-02-05 16:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-02-05 16:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-02-05 16:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-02-05 16:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2021-02-05 16:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-02-05 16:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-02-05 16:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-02-05 16:20 - 2019-12-07 15:36 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2021-02-05 16:20 - 2019-12-07 15:36 - 000000000 ____D C:\WINDOWS\system32\WCN
2021-02-05 15:40 - 2012-04-27 14:27 - 000000000 ____D C:\Users\Seka\AppData\LocalLow\Adobe
2021-02-04 21:04 - 2017-09-21 16:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2021-02-04 17:14 - 2019-10-03 16:53 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2021-02-03 22:31 - 2012-09-12 18:08 - 000000000 ____D C:\Users\Seka\Documents\My Games
2021-02-03 21:52 - 2012-05-02 16:32 - 000000000 ____D C:\Users\Seka\Games
2021-02-03 19:07 - 2012-05-02 14:31 - 000000000 ____D C:\Users\Seka\Documents\zaloha ccleaner
2021-02-03 18:57 - 2016-06-27 15:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2021-01-29 22:42 - 2012-07-12 17:32 - 000000000 ____D C:\Users\Seka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-02-2021 01
Ran by Seka (12-02-2021 12:02:19)
Running from C:\Users\Seka\Desktop
Windows 10 Home Version 20H2 19042.804 (X64) (2021-02-05 16:42:25)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4046335105-2706149465-2342894865-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4046335105-2706149465-2342894865-503 - Limited - Disabled)
Guest (S-1-5-21-4046335105-2706149465-2342894865-501 - Limited - Disabled)
Seka (S-1-5-21-4046335105-2706149465-2342894865-1000 - Administrator - Enabled) => C:\Users\Seka
WDAGUtilityAccount (S-1-5-21-4046335105-2706149465-2342894865-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
CCleaner (HKLM\...\CCleaner) (Version: 5.76 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.27.0 - Conexant)
Excel (HKU\S-1-5-21-4046335105-2706149465-2342894865-1000\...\1fc5b090eab9aa41f8a2f5987367e6da) (Version: 1.0 - Excel)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.150 - Google LLC)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.10.15 - Lenovo)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.63 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - )
Microsoft OneDrive (HKU\S-1-5-21-4046335105-2706149465-2342894865-1000\...\OneDriveSetup.exe) (Version: 21.002.0104.0005 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{143E35D3-F0A4-4E90-96C9-B1B72F11343A}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
PowerPoint (HKU\S-1-5-21-4046335105-2706149465-2342894865-1000\...\319814cb56b667dff88f54e08be8f51f) (Version: 1.0 - PowerPoint)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.16.0 - Synaptics Incorporated)
WinRAR 6.00 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
Word (HKU\S-1-5-21-4046335105-2706149465-2342894865-1000\...\1b837d0bf93d01407352736c91b7bf50) (Version: 1.0 - Word)
Packages:
=========
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-05] (Microsoft Studios) [MS Ad]
Outlook -> C:\Program Files\WindowsApps\outlook.com-78C9D47_1.0.0.0_neutral__3t89ybq5n4y7r [2021-02-12] (outlook.com)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Seka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=leffmjdabcgaflkikcefahmlgpodjkdm
ShortcutWithArgument: C:\Users\Seka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=opfacbhaojodjaojgocnibmklknchehf
ShortcutWithArgument: C:\Users\Seka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=hikhggiobiflkdfdgdajcfklmcibbopi
==================== Loaded Modules (Whitelisted) =============
2015-11-04 16:40 - 2015-11-04 16:40 - 000004608 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamenu.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4046335105-2706149465-2342894865-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Seka\Pictures\hd-wallpaper-black.jpg
DNS Servers: 192.168.100.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-4046335105-2706149465-2342894865-1000\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-4046335105-2706149465-2342894865-1000\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{6765EB1E-74DF-4E8B-86D1-2E6ECE106E8D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{12102B25-2467-499E-963D-976739FBF789}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7FC152BE-DAE9-45B6-A9D3-B9B1C6C0D1A0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{20589F5B-F5A0-4177-9D25-B55E3CFEE62D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{FBCC092F-D287-4662-83E1-D7DB97D9E45D}C:\windows.old\users\seka\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\windows.old\users\seka\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{94B2352B-066B-46CD-B491-C0F0ADD5A0E9}C:\windows.old\users\seka\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\windows.old\users\seka\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{28666F42-53A3-4EDB-81D9-37449140EC79}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
12-02-2021 11:29:39 Removed Windows Installer
12-02-2021 11:37:47 AdwCleaner_BeforeCleaning_12/02/2021_11:37:46
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/09/2021 07:47:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: wuauclt.exe, verzia: 10.0.19041.789, časová značka: 0x01b4b287
Názov chybujúceho modulu: wuuhosdeployment.dll_unloaded, verzia: 10.0.19041.789, časová značka: 0xfdb9af83
Kód výnimky: 0xc0000005
Odstup chyby: 0x000000000001a303
Identifikácia chybujúceho procesu: 0x5bc
Čas spustenia chybujúcej aplikácie: 0x01d6ff11b5af4681
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\wuauclt.exe
Cesta chybujúceho modulu: wuuhosdeployment.dll
Identifikácia hlásenia: 1ad3400e-6af7-4cca-b53b-40f66033e351
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Error: (02/09/2021 06:51:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SystemSettings.exe version 10.0.19041.789 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 12f4
Start Time: 01d6ff0b2c4a4418
Termination Time: 4294967295
Application Path: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Report Id: 258f3259-d0b2-45d9-b381-96248c89d641
Faulting package full name: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel
Hang type: Quiesce
Error: (02/09/2021 06:43:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SystemSettings.exe version 10.0.19041.789 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 1834
Start Time: 01d6ff0af014bb9e
Termination Time: 4294967295
Application Path: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Report Id: 12dc6c46-3f80-4f90-a19e-09d8a6070de5
Faulting package full name: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel
Hang type: Cross-thread
Error: (02/09/2021 06:33:04 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (02/09/2021 06:33:04 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (02/07/2021 08:56:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: MicrosoftEdgeSH.exe, verzia: 11.0.19041.1, časová značka: 0xdd99950e
Názov chybujúceho modulu: unknown, verzia: 0.0.0.0, časová značka: 0x00000000
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000000020a
Identifikácia chybujúceho procesu: 0x275c
Čas spustenia chybujúcej aplikácie: 0x01d6fd26b21e26f6
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\MicrosoftEdgeSH.exe
Cesta chybujúceho modulu: unknown
Identifikácia hlásenia: d9b1705b-616b-4be9-bfd4-eb120ac796fe
Celé meno chybujúceho balíka: Microsoft.MicrosoftEdge_44.19041.423.0_neutral__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: MicrosoftEdge
Error: (02/05/2021 05:49:11 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: SEKA-THINK)
Description: microsoft.microsoftedge_8wekyb3d8bbwe-2147024893
Error: (02/05/2021 05:43:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program dwm.exe version 10.0.19041.746 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 44c
Start Time: 01d6fbdb5d89e66c
Termination Time: 37
Application Path: C:\Windows\System32\dwm.exe
Report Id: 92180cdb-f3de-4d6c-9802-c1c47c6b1865
Faulting package full name:
Faulting package-relative application ID:
Hang type: Unknown
System errors:
=============
Error: (02/12/2021 11:49:01 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (02/12/2021 11:49:01 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SynTPEnh Caller Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (02/12/2021 11:49:01 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD External Events Utility sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (02/12/2021 11:42:16 AM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.
Error: (02/12/2021 11:40:53 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: The password notification DLL C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll failed to load with error 126. Please verify that the notification DLL path defined in the registry, HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages, refers to a correct and absolute path (<drive>:\<path>\<filename>.<ext>) and not a relative or invalid path. If the DLL path is correct, please validate that any supporting files are located in the same directory, and that the system account has read access to both the DLL path and any supporting files. Contact the provider of the notification DLL for additional support. Further details can be found on the web at http://go.microsoft.com/fwlink/?LinkId=245898.
Error: (02/12/2021 11:39:40 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Lenovo PM Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (02/12/2021 11:38:25 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (02/12/2021 11:38:25 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SynTPEnh Caller Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Windows Defender:
===================================
Date: 2021-02-12 12:03:25.8380000Z
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: App:Utorrent
ID: 268641
Severity: Nízka
Category: Potenciálne nežiaduci softvér
Path: file:_C:\Users\Seka\Downloads\uTorrent.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.331.815.0, AS: 1.331.815.0, NIS: 1.331.815.0
Engine Version: AM: 1.1.17800.5, NIS: 1.1.17800.5
Date: 2021-02-12 12:02:07.4070000Z
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: PUA:Win32/CandyOpen
ID: 213956
Severity: Nízka
Category: Potenciálne nežiaduci softvér
Path: containerfile:_C:\Users\Seka\Downloads\uTorrent.exe; file:_C:\Users\Seka\Downloads\uTorrent.exe->(UPX)
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Users\Seka\Desktop\FRST64.exe
Security intelligence Version: AV: 1.331.815.0, AS: 1.331.815.0, NIS: 1.331.815.0
Engine Version: AM: 1.1.17800.5, NIS: 1.1.17800.5
Date: 2021-02-12 11:24:48.4330000Z
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: PUA:Win32/LittleRegClean
ID: 227480
Severity: Nízka
Category: Potenciálne nežiaduci softvér
Path: file:_C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe; file:_C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files\CCleaner\CCleaner64.exe
Security intelligence Version: AV: 1.331.815.0, AS: 1.331.815.0, NIS: 1.331.815.0
Engine Version: AM: 1.1.17800.5, NIS: 1.1.17800.5
Date: 2021-02-12 11:24:47.6440000Z
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: PUA:Win32/LittleRegClean
ID: 227480
Severity: Nízka
Category: Potenciálne nežiaduci softvér
Path: file:_C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files\CCleaner\CCleaner64.exe
Security intelligence Version: AV: 1.331.815.0, AS: 1.331.815.0, NIS: 1.331.815.0
Engine Version: AM: 1.1.17800.5, NIS: 1.1.17800.5
Date: 2021-02-12 11:24:42.1680000Z
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: PUA:Win32/Presenoker
ID: 242420
Severity: Nízka
Category: Potenciálne nežiaduci softvér
Path: file:_C:\Program Files (x86)\AdvancedWindowsManager\Windows Installer\AdvancedWindowsManager.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files\CCleaner\CCleaner64.exe
Security intelligence Version: AV: 1.331.815.0, AS: 1.331.815.0, NIS: 1.331.815.0
Engine Version: AM: 1.1.17800.5, NIS: 1.1.17800.5
Date: 2021-02-07 10:58:05.1330000Z
Description:
Microsoft Defender Antivirus has encountered an error trying to load security intelligence and will attempt reverting back to a known-good version.
Security intelligence Attempted: Backup
Error Code: 0x80004004
Error description: Operation aborted
Security intelligence version: 1.331.374.0;1.331.374.0
Engine version: 1.1.17800.5
Date: 2021-02-07 10:58:02.5220000Z
Description:
Microsoft Defender Antivirus has encountered an error trying to load security intelligence and will attempt reverting back to a known-good version.
Security intelligence Attempted: Current
Error Code: 0x80004004
Error description: Operation aborted
Security intelligence version: 1.331.384.0;1.331.384.0
Engine version: 1.1.17800.5
==================== Memory info ===========================
BIOS: LENOVO LENOVO - 125 03/01/2013
Motherboard: LENOVO 1143K4G
Processor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz
Percentage of memory in use: 73%
Total physical RAM: 4007.23 MB
Available physical RAM: 1056.51 MB
Total Virtual: 5415.23 MB
Available Virtual: 2482.29 MB
==================== Drives ================================
Drive c: (Windows7_OS) (Fixed) (Total:447.85 GB) (Free:230.69 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive q: (Lenovo_Recovery) (Fixed) (Total:15.62 GB) (Free:4.24 GB) NTFS
\\?\Volume{0751cdc4-7f48-11e1-b9a7-806e6f6e6963}\ (SYSTEM_DRV) (Fixed) (Total:1.46 GB) (Free:1.12 GB) NTFS
\\?\Volume{ccd2e061-0000-0000-0000-005470000000}\ () (Fixed) (Total:0.82 GB) (Free:0.27 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: CCD2E061)
Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=447.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=842 MB) - (Type=27)
Partition 4: (Not Active) - (Size=15.6 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 118375
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
GroupPolicy: Restriction - Chrome <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {253481C4-293E-46EB-89B3-0357C70FBD49} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-09] (Google LLC -> Google LLC)
Task: {59F705C8-AF05-4259-AB0A-533C14D8F800} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-09] (Google LLC -> Google LLC)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Hotovo.
Fix result of Farbar Recovery Scan Tool (x64) Version: 12-02-2021
Ran by Seka (12-02-2021 14:48:32) Run:2
Running from C:\Users\Seka\Desktop
Loaded Profiles: Seka
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
GroupPolicy: Restriction - Chrome <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {253481C4-293E-46EB-89B3-0357C70FBD49} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-09] (Google LLC -> Google LLC)
Task: {59F705C8-AF05-4259-AB0A-533C14D8F800} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-09] (Google LLC -> Google LLC)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
EmptyTemp:
End
*****************
Processes closed successfully.
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{253481C4-293E-46EB-89B3-0357C70FBD49}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{253481C4-293E-46EB-89B3-0357C70FBD49}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{59F705C8-AF05-4259-AB0A-533C14D8F800}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{59F705C8-AF05-4259-AB0A-533C14D8F800}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
=========== EmptyTemp: ==========
BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 7403097 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 1344075 B
Edge => 25530 B
Chrome => 8848728 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 13312 B
ProgramData => 13312 B
Public => 13312 B
systemprofile => 13312 B
systemprofile32 => 13312 B
LocalService => 13312 B
NetworkService => 14830 B
Seka => 3120739 B
RecycleBin => 0 B
EmptyTemp: => 27.4 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 14:48:47 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 12-02-2021
Ran by Seka (12-02-2021 14:48:32) Run:2
Running from C:\Users\Seka\Desktop
Loaded Profiles: Seka
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
GroupPolicy: Restriction - Chrome <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {253481C4-293E-46EB-89B3-0357C70FBD49} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-09] (Google LLC -> Google LLC)
Task: {59F705C8-AF05-4259-AB0A-533C14D8F800} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-09] (Google LLC -> Google LLC)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
EmptyTemp:
End
*****************
Processes closed successfully.
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{253481C4-293E-46EB-89B3-0357C70FBD49}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{253481C4-293E-46EB-89B3-0357C70FBD49}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{59F705C8-AF05-4259-AB0A-533C14D8F800}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{59F705C8-AF05-4259-AB0A-533C14D8F800}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
=========== EmptyTemp: ==========
BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 7403097 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 1344075 B
Edge => 25530 B
Chrome => 8848728 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 13312 B
ProgramData => 13312 B
Public => 13312 B
systemprofile => 13312 B
systemprofile32 => 13312 B
LocalService => 13312 B
NetworkService => 14830 B
Seka => 3120739 B
RecycleBin => 0 B
EmptyTemp: => 27.4 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 14:48:47 ====
Přispějete na provoz fóra?