Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Win Zabezpecenie Zavazna hrozba

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
valachmar
Návštěvník
Návštěvník
Příspěvky: 56
Registrován: 17 dub 2009 22:33

Win Zabezpecenie Zavazna hrozba

#1 Příspěvek od valachmar »

Dobry den
Na Win 10, mam vo Windows Zapezpecenie, závažnú hrozbu, ktoru nejde vymazat, ani dat do karanteny.
Prosim o pomoc s tymto problemom.
Prikladam logy:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-02-2021
Ran by Richard (administrator) on DESKTOP-PUNF98O (ASUS All Series) (16-02-2021 10:13:40)
Running from C:\Users\Richard\OneDrive\Počítač
Loaded Profiles: Richard
Platform: Windows 10 Pro Version 20H2 19042.804 (X64) Language: Angličtina (USA)
Default browser: Opera
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Richard\AppData\Roaming\BitTorrent\BitTorrent.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Richard\AppData\Roaming\BitTorrent\helper\helper.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Richard\AppData\Roaming\BitTorrent\updates\7.10.5_45857\bittorrentie.exe <2>
(ESI Audiotechnik GmbH -> ESI Audiotechnik GmbH) C:\Windows\System32\JulaPAN.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <17>
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett Packard -> Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Intel(R) Intel Network Drivers -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(LAVASOFT SOFTWARE CANADA INC -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1002.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_2.34.28001.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\NisSrv.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <2>
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
HKLM\...\Run: [RtHDVBg_DTS] => "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /DTSU2P
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [julapan.exe] => C:\Windows\system32\julapan.exe [514792 2015-09-16] (ESI Audiotechnik GmbH -> ESI Audiotechnik GmbH)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\Run: [btweb] => C:\Users\Richard\AppData\Roaming\BitTorrent Web\btweb.exe [5691520 2020-12-18] (Jenkins Win Client Build CA -> BitTorrent Inc.) [File not signed]
HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [8442464 2021-01-17] (LAVASOFT SOFTWARE CANADA INC -> Lavasoft)
HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\Run: [Opera Browser Assistant] => C:\Users\Richard\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3366040 2021-01-14] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3412696 2021-02-13] (Valve -> Valve Corporation)
HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\Run: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1941352 2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\Run: [BitTorrent] => C:\Users\Richard\AppData\Roaming\BitTorrent\BitTorrent.exe [1960416 2021-01-17] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-3697634085-1141814390-3545286870-1008\...\Run: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1941352 2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\PCL hpz3lw71: C:\WINDOWS\system32\hpz3lw71.dll [46080 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\88.0.4324.150\Installer\chrmstp.exe [2021-02-09] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2021-01-19]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {14CA1CEF-3318-47B7-86D2-2ECBC74E5372} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-17] (Google LLC -> Google LLC)
Task: {1797563B-38D4-4545-AEE4-BEE4F8CBB71C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993800 2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {17D42D8E-77AA-4914-A8C2-C57E6B303742} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [2856304 2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {1D9274BB-A3C2-42C6-9B7F-59052CEEFEBD} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-11-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {54DC7C6D-40E2-46A1-8AFE-336572E8DE68} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1710464 2020-11-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {5AA1B47D-35FB-4999-81FD-14DBA06B7044} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1710464 2020-11-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {5FE15614-C0AE-4613-9677-6493B9439427} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {608B8562-311F-4FD1-9F0B-CDD0C6399B85} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [693216 2021-01-05] (Mozilla Corporation -> Mozilla Foundation)
Task: {63DB492F-514A-4B02-84AB-6550C5183A3A} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-11-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {65EF3569-7125-45A0-8EEF-9566FB5D938F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {670C8D12-809A-4015-9BB9-97B1C14B033A} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {6BFB181D-1739-47E9-B521-1A776DE7F437} - System32\Tasks\Opera scheduled Autoupdate 1610919243 => C:\Users\Richard\AppData\Local\Programs\Opera\launcher.exe [1793688 2021-02-09] (Opera Software AS -> Opera Software)
Task: {C072A348-D7D7-48AA-A64D-E380E1B016DE} - System32\Tasks\Opera scheduled assistant Autoupdate 1610919256 => C:\Users\Richard\AppData\Local\Programs\Opera\launcher.exe [1793688 2021-02-09] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Richard\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {CE3400A4-2453-474E-A977-376B9A83CA13} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142216 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {D316DF82-ACCE-48A1-836A-13E2FCB6FCB8} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [855352 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {D537E333-ACE3-471B-99B1-6D5F29E1884A} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1710464 2020-11-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {D5A8195B-A0A8-4CE3-A6EB-E8D490BCB440} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142216 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {D793B4FB-3A77-493F-8A0D-EAFD24C68C7E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-17] (Google LLC -> Google LLC)
Task: {D87EE80B-5F26-48DE-9AA6-B1339967EBEC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DC8600F3-B462-4969-BD02-AADC0047FEE2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DE8A4910-911A-40D7-B150-86C7AA89784E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5199792 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {E19C5F7F-122D-468D-AB87-245CE4EACE71} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5199792 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {F40592F5-BE40-48DD-AC47-CEA9D36DEF61} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993800 2021-02-03] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{79a0aa48-88c9-4278-80d1-7970b601bf4a}: [DhcpNameServer] 192.168.100.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Richard\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-16]

FireFox:
========
FF DefaultProfile: 1yn368nw.default
FF ProfilePath: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\1yn368nw.default [2021-01-17]
FF Homepage: Mozilla\Firefox\Profiles\1yn368nw.default -> hxxps://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=BT171002&iDate=2021-01-17 09:34:10&bName=
FF NewTab: Mozilla\Firefox\Profiles\1yn368nw.default -> hxxps://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=BT171002&iDate=2021-01-17 09:34:10&bName=
FF ProfilePath: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\o1iww0dk.default-release [2021-01-17]
FF Homepage: Mozilla\Firefox\Profiles\o1iww0dk.default-release -> hxxps://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=BT171002&iDate=2021-01-17 09:34:10&bName=
FF NewTab: Mozilla\Firefox\Profiles\o1iww0dk.default-release -> hxxps://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=BT171002&iDate=2021-01-17 09:34:10&bName=
FF SearchPlugin: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\o1iww0dk.default-release\searchplugins\My Bing Search.xml [2021-01-17]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-01-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-01-31] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default [2021-02-16]
CHR Notifications: Default -> hxxps://drive.google.com
CHR HomePage: Default -> hxxps://www.google.sk/
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Slides) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-01-17]
CHR Extension: (Docs) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-01-17]
CHR Extension: (Google Drive) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-17]
CHR Extension: (YouTube) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-01-17]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-01-29]
CHR Extension: (CzTorrent - 1. CZ Free Torrent Tracker -) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\chalkflaflbkojghgfddnifalamblkkd [2021-01-17]
CHR Extension: (Sheets) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-01-17]
CHR Extension: (Google Docs Offline) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-01-17]
CHR Extension: (Save to Facebook) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfikkaogpplgnfjmbjdpalkhclendgd [2021-01-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-17]
CHR Extension: (Chrome Media Router) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-29]

Opera:
=======
OPR Profile: C:\Users\Richard\AppData\Roaming\Opera Software\Opera Stable [2021-02-16]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Richard\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-02-09]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936456 2015-05-13] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2021-01-16] (ASUSTeK Computer Inc. -> ) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8905608 2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
S3 FileSyncHelper; C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\FileSyncHelper.exe [2194288 2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2020-12-08] (FUTUREMARK INC -> Futuremark)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335360 2016-03-18] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-18] (Intel Corporation) [File not signed]
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S3 OneDrive Updater Service; C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\OneDriveUpdaterService.exe [2567552 2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5198064 2021-01-23] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12835096 2021-01-28] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [29280 2021-01-17] (LAVASOFT SOFTWARE CANADA INC -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\NisSrv.exe [2462960 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MsMpEng.exe [128376 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15368 2015-05-13] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 DIRECTIO; C:\Program Files\PerformanceTest\DirectIo64.sys [42352 2020-08-24] (PassMark Software Pty Ltd -> )
R1 Jula.sys; C:\WINDOWS\system32\DRIVERS\Jula.sys [62696 2015-09-16] (ESI Audiotechnik GmbH -> ESI Audiotechnik GmbH)
R3 JulaWDM.sys; C:\WINDOWS\system32\DRIVERS\JulaWDM.sys [45288 2015-09-16] (ESI Audiotechnik GmbH -> ESI Audiotechnik GmbH)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49552 2021-02-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [419040 2021-02-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-16 10:13 - 2021-02-16 10:13 - 000000000 ____D C:\FRST
2021-02-15 23:56 - 2021-02-15 23:56 - 005290371 _____ C:\Users\Richard\Downloads\Office Tool Plus 7.6.0.1 Multilingual (1).rar
2021-02-15 13:47 - 2021-02-15 13:47 - 000143008 _____ C:\Users\Richard\Downloads\Etuda30new1.mp4.sfk
2021-02-15 13:38 - 2021-02-15 13:38 - 210725668 _____ C:\Users\Richard\Downloads\Etuda30new1.mp4
2021-02-15 12:58 - 2021-02-15 12:58 - 000989584 _____ (GridinSoft LLC) C:\Users\Richard\Downloads\install-antimalware-fix.exe
2021-02-15 12:49 - 2021-02-15 12:49 - 000000086 _____ C:\Users\Richard\AppData\Roaming\remoteclient.ini
2021-02-15 12:48 - 2021-02-15 12:48 - 000458752 _____ C:\Users\Richard\AppData\Local\sqlite_pass
2021-02-15 12:45 - 2021-02-15 12:45 - 000505093 _____ C:\Users\Richard\AppData\Roaming\sex.txt
2021-02-15 12:45 - 2021-02-15 12:45 - 000188416 _____ (NirSoft) C:\Users\Richard\AppData\Roaming\1.exe
2021-02-15 12:45 - 2021-02-15 12:45 - 000005120 _____ (Microsoft) C:\Users\Richard\AppData\Roaming\0.exe
2021-02-15 12:45 - 2021-02-15 12:45 - 000000032 _____ C:\Users\Richard\AppData\Roaming\++.bat
2021-02-15 12:44 - 2021-02-15 12:44 - 000015872 _____ (Microsoft) C:\Users\Richard\AppData\Roaming\specific.exe
2021-02-15 10:57 - 2021-02-15 10:57 - 000147822 _____ C:\Users\Richard\Downloads\potvrdenie.pdf
2021-02-13 23:50 - 2021-02-13 23:50 - 000000000 ____D C:\Users\Richard\Downloads\Office Tool Plus 7.6.0.1 Multilingual
2021-02-13 17:03 - 2021-02-13 17:04 - 005290371 _____ C:\Users\Richard\Downloads\Office Tool Plus 7.6.0.1 Multilingual.rar
2021-02-12 15:53 - 2021-02-12 15:53 - 006385465 _____ C:\Users\Katinka\Downloads\Vianocna ozdoba diplom 1.pptx
2021-02-11 18:20 - 2021-02-11 18:20 - 048708248 _____ C:\Users\Richard\Downloads\y2mate.com - Guy Lacour 50 Etude 34 Tenor Saxophone_1080pFHR.mp4
2021-02-11 14:24 - 2021-02-11 14:24 - 000031675 _____ C:\Users\Richard\Downloads\let_it_be_gr_kar (1).mid
2021-02-11 14:20 - 2021-02-11 14:20 - 000031675 _____ C:\Users\Richard\Downloads\let_it_be_gr_kar.mid
2021-02-11 14:19 - 2021-02-11 14:19 - 000023513 _____ C:\Users\Richard\Downloads\Let_It_Be.mid
2021-02-11 00:33 - 2021-02-11 00:33 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-11 00:33 - 2021-02-11 00:33 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-11 00:33 - 2021-02-11 00:33 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-02-11 00:33 - 2021-02-11 00:33 - 000010892 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-11 00:32 - 2021-02-11 00:32 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-02-10 23:17 - 2021-02-10 23:17 - 000166467 _____ C:\Users\Richard\Downloads\jazz-883.mus
2021-02-10 23:12 - 2021-02-10 23:12 - 006385255 _____ C:\Users\Katinka\Downloads\Vianocna ozdoba diplom.pptx
2021-02-10 21:00 - 2021-02-10 21:00 - 000000000 ____D C:\Users\Katinka\AppData\Roaming\ACD Systems
2021-02-10 21:00 - 2021-02-10 21:00 - 000000000 ____D C:\Users\Katinka\AppData\Local\ACD Systems
2021-02-10 20:53 - 2021-02-10 20:57 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Scribus
2021-02-10 20:53 - 2021-02-10 20:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scribus 1.4.8
2021-02-10 20:53 - 2021-02-10 20:53 - 000000000 ____D C:\Program Files (x86)\Scribus 1.4.8
2021-02-10 20:51 - 2021-02-10 20:51 - 085773505 _____ (The Scribus Team) C:\Users\Richard\Downloads\scribus-1.4.8-windows.exe
2021-02-10 18:53 - 2021-02-10 18:53 - 000132715 _____ C:\Users\Richard\Downloads\jazz-982.mus
2021-02-10 18:53 - 2021-02-10 18:53 - 000132715 _____ C:\Users\Richard\Downloads\jazz-982 (1).mus
2021-02-10 18:48 - 2021-02-10 18:48 - 000000000 ____D C:\Users\Richard\Downloads\prednesoveskladby
2021-02-10 10:20 - 2021-02-16 09:55 - 000000000 ____D C:\Users\Richard\AppData\LocalLow\BitTorrent
2021-02-09 19:27 - 2021-02-09 19:27 - 000054590 _____ C:\Users\Richard\Downloads\birdland (1).mid
2021-02-09 19:27 - 2021-02-09 19:27 - 000050846 _____ C:\Users\Richard\Downloads\birdland (2).mid
2021-02-09 13:32 - 2021-02-09 13:32 - 000000000 ____D C:\Users\Richard\Downloads\Gazovic koncert
2021-02-08 20:06 - 2021-02-08 20:43 - 000000000 ____D C:\Users\Richard\Downloads\Diera zvana John subory
2021-02-08 17:09 - 2021-02-08 17:09 - 074527128 _____ (Skype Technologies S.A.) C:\Users\Richard\Downloads\Skype-8.68.0.96.exe
2021-02-08 17:09 - 2021-02-08 17:09 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Skype
2021-02-08 17:09 - 2021-02-08 17:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2021-02-08 14:55 - 2021-02-08 14:55 - 000187307 _____ C:\Users\Richard\Downloads\Hatikva tempo 70.m4a
2021-02-08 13:15 - 2021-02-08 13:15 - 000167843 _____ C:\Users\Richard\Downloads\[SkT]Mr._Robot_-_2.serie_(CZ)[HEVC][1080p]_=_CSFD_84% (1).torrent
2021-02-05 15:17 - 2021-02-05 15:17 - 004704192 _____ (Crystal Dew World ) C:\Users\Richard\Downloads\CrystalDiskInfo8_10_0.exe
2021-02-05 15:17 - 2021-02-05 15:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2021-02-05 15:17 - 2021-02-05 15:17 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2021-02-05 00:10 - 2021-02-05 00:10 - 000027347 _____ C:\Users\Richard\Downloads\[SkT]The_Expanse_-_1.serie_[TvRip][720p]_=_CSFD_77%.torrent
2021-02-05 00:08 - 2021-02-05 00:08 - 000167843 _____ C:\Users\Richard\Downloads\[SkT]Mr._Robot_-_2.serie_(CZ)[HEVC][1080p]_=_CSFD_84%.torrent
2021-02-03 14:46 - 2021-02-03 14:46 - 000450496 _____ C:\Users\Richard\Downloads\Blues_Shuffle.mp4.sfk
2021-02-02 19:54 - 2021-02-02 19:54 - 000000000 ____D C:\Users\Katinka\AppData\Roaming\HpUpdate
2021-02-02 19:50 - 2021-02-02 19:50 - 000000000 ____D C:\Users\Katinka\AppData\Roaming\WinRAR
2021-02-01 22:20 - 2021-02-01 22:20 - 000024537 _____ C:\Users\Richard\Downloads\[SkT]Sveraci_kazajka___The_Jacket_(2005)(CZ_EN)[720pHD]_=_CSFD_78%.torrent
2021-02-01 22:20 - 2021-02-01 22:20 - 000013673 _____ C:\Users\Richard\Downloads\[SkT]Sveraci_kazajka___Jacket,_The_(2005)(CZ)_=_CSFD_78%.torrent
2021-02-01 22:19 - 2021-02-01 22:19 - 000012249 _____ C:\Users\Richard\Downloads\[SkT]Hranice_zivota___Stay_(2005)(CZ_EN)[1080p]_=_CSFD_73%.torrent
2021-02-01 22:15 - 2021-02-01 22:15 - 000011406 _____ C:\Users\Richard\Downloads\[SkT]Osviceni___The_Shining_(1980)[1080p]_=_CSFD_88%.torrent
2021-02-01 21:57 - 2021-02-01 21:58 - 663258021 _____ C:\Users\Richard\Downloads\Blues_Shuffle.mp4
2021-02-01 21:57 - 2021-02-01 21:58 - 358977604 _____ C:\Users\Richard\Downloads\Etuda30.mp4
2021-02-01 21:17 - 2021-02-01 21:17 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Webshare klient
2021-02-01 21:17 - 2021-02-01 21:17 - 000000000 ____D C:\Program Files (x86)\Webshare klient
2021-02-01 21:16 - 2021-02-01 21:17 - 005741167 _____ C:\Users\Richard\Downloads\webshare-klient-beta-2020-10-17.exe
2021-02-01 21:06 - 2021-02-01 21:06 - 000011730 _____ C:\Users\Richard\Downloads\[SkT]Osudovy_dotek___Butterfly_Effect,_The_(2004)(CZ)_=_CSFD_87%.torrent
2021-02-01 15:57 - 2021-02-01 15:57 - 000006485 _____ C:\Users\Richard\Downloads\hatikva6.mid
2021-02-01 15:57 - 2021-02-01 15:57 - 000003094 _____ C:\Users\Richard\Downloads\hatikvah (1).mid
2021-02-01 15:57 - 2021-02-01 15:57 - 000003068 _____ C:\Users\Richard\Downloads\hatikva3.mid
2021-02-01 15:56 - 2021-02-01 15:56 - 000021500 _____ C:\Users\Richard\Downloads\Hatikvah.mid
2021-02-01 15:20 - 2021-02-01 15:20 - 000017261 _____ C:\Users\Richard\Downloads\Yesterday (1).mid
2021-02-01 15:20 - 2021-02-01 15:20 - 000014948 _____ C:\Users\Richard\Downloads\yesterday.mid
2021-02-01 15:20 - 2021-02-01 15:20 - 000014948 _____ C:\Users\Richard\Downloads\yesterday (2).mid
2021-01-29 21:55 - 2021-01-29 21:55 - 000672126 _____ C:\Users\Richard\Downloads\zmluva_20-131-08565.pdf
2021-01-29 21:42 - 2021-01-29 21:42 - 002534603 _____ C:\Users\Richard\Downloads\[SkT]Ebook_2020_(CZ) (1).torrent
2021-01-29 21:24 - 2021-01-29 23:06 - 000000000 ____D C:\Users\Richard\AppData\Local\transmission
2021-01-29 21:24 - 2021-01-29 23:06 - 000000000 ____D C:\ProgramData\Transmission
2021-01-29 21:24 - 2021-01-29 21:24 - 016310272 _____ C:\Users\Richard\Downloads\transmission-3.00-x64.msi
2021-01-29 21:24 - 2021-01-29 21:24 - 000002471 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transmission Qt Client.lnk
2021-01-29 21:24 - 2021-01-29 21:24 - 000000000 ____D C:\Program Files\Transmission
2021-01-29 21:15 - 2021-01-29 21:15 - 001012654 _____ C:\Users\Richard\Downloads\[SkT]Ebook_Tematicke.torrent
2021-01-29 21:14 - 2021-01-29 21:14 - 000626467 _____ C:\Users\Richard\Downloads\tematicke_2020.pdf
2021-01-29 16:59 - 2021-01-29 16:59 - 063102319 _____ (XBMC Foundation) C:\Users\Richard\Downloads\kodi-18.9-Leia-x64.exe
2021-01-29 16:58 - 2021-01-29 16:58 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Kodi
2021-01-29 16:58 - 2021-01-29 16:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodi
2021-01-29 16:58 - 2021-01-29 16:58 - 000000000 ____D C:\Program Files\Kodi
2021-01-29 16:27 - 2021-01-29 16:27 - 017633114 _____ C:\Users\Richard\Downloads\E.Rocherolle Two¨Companz.pdf
2021-01-29 16:27 - 2021-01-29 16:27 - 004814641 _____ C:\Users\Richard\Downloads\bela bartok for children.pdf
2021-01-29 15:06 - 2021-01-29 15:52 - 000000000 ____D C:\Users\Richard\AppData\Local\VideoComparer
2021-01-29 15:06 - 2021-01-29 15:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Comparer
2021-01-29 15:06 - 2021-01-29 15:06 - 000000000 ____D C:\Program Files\VideoComparer
2021-01-29 15:05 - 2021-01-29 15:05 - 014373040 _____ (Video Comparer) C:\Users\Richard\Downloads\VideoComparer_Win64_1.07.002.exe
2021-01-29 01:02 - 2021-01-29 01:02 - 002100755 _____ C:\Users\Richard\Downloads\beletrie_2020.pdf
2021-01-29 00:59 - 2021-01-29 00:59 - 002534603 _____ C:\Users\Richard\Downloads\[SkT]Ebook_2020_(CZ).torrent
2021-01-29 00:58 - 2021-01-29 00:58 - 000010371 _____ C:\Users\Richard\Downloads\[SkT]dTest_09-12_2020_(CZ).torrent
2021-01-29 00:58 - 2021-01-29 00:58 - 000002591 _____ C:\Users\Richard\Downloads\[SkT]dTest_01_2021_(CZ).torrent
2021-01-28 19:20 - 2021-01-28 19:20 - 000012041 _____ C:\Users\Richard\Downloads\[SkT]Havel_(2020)(CZ)[WebRip][720p]_=_CSFD_62%.torrent
2021-01-28 19:19 - 2021-01-28 19:19 - 000018025 _____ C:\Users\Richard\Downloads\[SkT]Pokoj___The_Room_(2019)(CZ)[1080p]_=_CSFD_66%.torrent
2021-01-28 16:39 - 2021-01-28 16:39 - 000119737 _____ C:\Users\Richard\Downloads\[SkT]Star_Wars_KOMPLET_FILMY_(1977-2020_1080p_CZ)_=_CSFD_88%.torrent
2021-01-28 14:09 - 2021-01-28 14:09 - 000017527 _____ C:\Users\Richard\Downloads\[SkT]Laska_v_male_Italii___Little_Italy_(2018)(SK)[WebRip][1080p]_=_CSFD_56%.torrent
2021-01-28 14:07 - 2021-01-28 14:07 - 000012697 _____ C:\Users\Richard\Downloads\[SkT]Vrazedna_stena___Nordwand_(2008)(CZ)_=_CSFD_82%.torrent
2021-01-27 23:48 - 2021-01-27 23:48 - 000000020 ___SH C:\Users\Katinka\ntuser.ini
2021-01-27 23:48 - 2021-01-27 23:48 - 000000000 ____D C:\Users\Katinka\AppData\Roaming\TeamViewer
2021-01-27 23:48 - 2021-01-27 23:48 - 000000000 ____D C:\Users\Katinka\AppData\Local\TeamViewer
2021-01-27 23:48 - 2021-01-27 23:48 - 000000000 ____D C:\Users\Katinka\AppData\Local\PlaceholderTileLogoFolder
2021-01-27 22:52 - 2021-01-27 22:52 - 000043979 _____ C:\Users\Richard\Downloads\Program - Online koncert - 28012021.pdf
2021-01-27 18:46 - 2021-01-27 18:46 - 000512765 _____ C:\Users\Richard\Downloads\5114617373.pdf
2021-01-27 15:32 - 2021-01-27 15:32 - 000000000 ____D C:\Users\Richard\Downloads\Ziadost dane 2020
2021-01-26 23:25 - 2021-02-05 14:27 - 000003206 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2021-01-26 23:25 - 2021-02-05 14:27 - 000002174 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-01-26 23:25 - 2021-02-05 14:27 - 000000000 ___RD C:\Users\Katinka\OneDrive
2021-01-26 23:25 - 2021-01-26 23:25 - 000000000 ___RD C:\Users\Default\OneDrive
2021-01-26 23:25 - 2021-01-26 23:25 - 000000000 ___RD C:\Users\Default User\OneDrive
2021-01-26 23:24 - 2021-02-06 16:37 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2021-01-26 23:21 - 2021-02-01 22:31 - 000000000 ____D C:\Users\Richard\OneDrive\Dokumenty\TrackmaniaTurbo
2021-01-26 23:21 - 2021-01-26 23:21 - 000000000 ___HD C:\OneDriveTemp
2021-01-26 23:21 - 2021-01-26 23:21 - 000000000 ____D C:\Users\Richard\OneDrive\Dokumenty\WD TV®_files
2021-01-26 23:21 - 2021-01-26 23:21 - 000000000 ____D C:\Users\Richard\OneDrive\Dokumenty\Vlastní šablony Office
2021-01-26 23:21 - 2021-01-26 23:21 - 000000000 ____D C:\Users\Richard\OneDrive\Dokumenty\Updater5
2021-01-26 23:21 - 2021-01-26 23:21 - 000000000 ____D C:\Users\Richard\OneDrive\Dokumenty\PassMark
2021-01-26 23:21 - 2021-01-26 23:21 - 000000000 ____D C:\Users\Richard\OneDrive\Dokumenty\NFS Most Wanted
2021-01-26 23:21 - 2021-01-26 23:21 - 000000000 ____D C:\Users\Richard\OneDrive\Dokumenty\MyScans
2021-01-26 23:21 - 2021-01-26 23:21 - 000000000 ____D C:\Users\Richard\OneDrive\Dokumenty\MuseScore3
2021-01-26 23:21 - 2021-01-26 23:21 - 000000000 ____D C:\Users\Richard\OneDrive\Dokumenty\MAXON
2021-01-26 23:21 - 2021-01-26 23:21 - 000000000 ____D C:\Users\Richard\OneDrive\Dokumenty\3DMark
2021-01-26 23:21 - 2017-08-08 18:09 - 000062266 _____ C:\Users\Richard\OneDrive\Dokumenty\WD TV®.html
2021-01-26 23:21 - 2017-05-11 13:05 - 000000868 _____ C:\Users\Richard\OneDrive\Dokumenty\Internet Explorer.lnk
2021-01-26 23:21 - 2017-03-27 16:41 - 003289702 _____ C:\Users\Richard\OneDrive\Dokumenty\Pirates-of-the-Caribbean-1-book-=) (1).pdf
2021-01-26 23:21 - 2017-03-20 17:37 - 000865801 _____ C:\Users\Richard\OneDrive\Dokumenty\Pirates-of-the-Caribbean---Piano-Arrangement.pdf
2021-01-26 23:21 - 2017-03-13 15:41 - 000139692 _____ C:\Users\Richard\OneDrive\Dokumenty\[Free-scores.com]_telemann-georg-philipp-sonata-1-in-f-major-for-harp-48212.pdf
2021-01-26 23:21 - 2017-03-13 15:39 - 000104108 _____ C:\Users\Richard\OneDrive\Dokumenty\telemann-sonata-no1-in-f-major-vivace.pdf
2021-01-26 23:21 - 2017-01-20 14:17 - 000000290 _____ C:\Users\Richard\OneDrive\Dokumenty\Kafe zahranicne.txt
2021-01-26 23:21 - 2016-09-18 10:39 - 001342213 _____ C:\Users\Richard\OneDrive\Dokumenty\História a vývoj tlačových médií.pptx
2021-01-26 21:03 - 2021-02-16 09:55 - 000000000 ____D C:\Program Files (x86)\Steam
2021-01-26 21:03 - 2021-01-26 21:03 - 000000000 ____D C:\Users\Richard\AppData\Local\Steam
2021-01-26 21:03 - 2021-01-26 21:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2021-01-26 21:02 - 2021-01-26 21:02 - 001573568 _____ C:\Users\Richard\Downloads\SteamSetup.exe
2021-01-26 20:52 - 2021-01-26 20:52 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2021-01-26 20:43 - 2021-01-26 20:43 - 024690748 _____ C:\Users\Richard\OneDrive\Dokumenty\Robmitozas.mxf
2021-01-26 20:43 - 2021-01-26 20:43 - 000014032 _____ C:\Users\Richard\OneDrive\Dokumenty\Robmitozas.mxf.sfk
2021-01-26 20:43 - 2021-01-26 20:43 - 000000076 _____ C:\Users\Richard\OneDrive\Dokumenty\Robmitozas.mxf.sfl
2021-01-26 19:58 - 2021-01-26 20:50 - 000000000 ____D C:\Users\Richard\AppData\Roaming\VEGAS
2021-01-26 19:58 - 2021-01-26 19:58 - 000000000 ____D C:\Users\Richard\AppData\Roaming\VEGAS Pro
2021-01-26 19:58 - 2021-01-26 19:58 - 000000000 ____D C:\Users\Richard\AppData\Roaming\MAGIX
2021-01-26 19:58 - 2021-01-26 19:58 - 000000000 ____D C:\Users\Richard\AppData\Local\VEGAS Pro
2021-01-26 19:58 - 2021-01-26 19:58 - 000000000 ____D C:\Users\Richard\AppData\Local\Sony
2021-01-26 19:58 - 2021-01-26 19:58 - 000000000 ____D C:\Users\Richard\AppData\Local\Plugin.OfxStitch
2021-01-26 19:58 - 2021-01-26 19:58 - 000000000 ____D C:\Users\Richard\AppData\Local\Plugin.ofx360Stabilizer
2021-01-26 19:58 - 2021-01-26 19:58 - 000000000 ____D C:\Users\Richard\AppData\Local\Plugin.MxOfxRotation
2021-01-26 19:58 - 2021-01-26 19:58 - 000000000 ____D C:\Users\Richard\AppData\Local\MAGIX
2021-01-26 19:57 - 2021-01-26 19:57 - 000000000 ____D C:\ProgramData\Magix
2021-01-26 19:56 - 2021-01-26 19:56 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Sony
2021-01-26 19:56 - 2021-01-26 19:56 - 000000000 ____D C:\Users\Richard\AppData\Local\VEGAS
2021-01-26 19:56 - 2021-01-26 19:56 - 000000000 ____D C:\ProgramData\VEGAS Pro
2021-01-26 19:56 - 2021-01-26 19:56 - 000000000 ____D C:\ProgramData\VEGAS
2021-01-26 19:56 - 2021-01-26 19:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS
2021-01-26 19:56 - 2021-01-26 19:56 - 000000000 ____D C:\Program Files\VEGAS
2021-01-26 19:56 - 2021-01-26 19:56 - 000000000 ____D C:\Program Files (x86)\VEGAS
2021-01-26 10:29 - 2021-01-26 11:19 - 215884026 _____ C:\Users\Richard\Downloads\Maria_Blahova_Caravan.mp4
2021-01-26 10:29 - 2021-01-26 10:29 - 052371949 _____ C:\Users\Richard\Downloads\Maria_Blahova_Caravan_bezpodkladu.mp4
2021-01-25 15:37 - 2021-01-25 15:38 - 000000000 ___HD C:\Users\Richard\Downloads\[Originals]
2021-01-25 15:09 - 2021-01-25 15:09 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2021-01-25 15:09 - 2021-01-25 15:09 - 000000000 ____D C:\Program Files (x86)\ASIO4ALL v2
2021-01-25 14:55 - 2021-01-25 14:55 - 000000000 ____D C:\Users\Richard\Downloads\Brouk Bohuslav - Sport - stoupa života _ Český Sigmund Freud (Hmyzí Silvestr 2002)
2021-01-25 14:55 - 2021-01-25 14:55 - 000000000 ____D C:\Users\Richard\Downloads\Bohuslav Brouk - Choditi s koulí na noze je sotva vtipný nápad
2021-01-25 14:15 - 2009-10-11 21:58 - 001177600 _____ (AD) C:\WINDOWS\SysWOW64\SYNSOEMU.DLL
2021-01-25 14:14 - 2021-01-25 14:14 - 000000000 ____D C:\ProgramData\VST3 Presets
2021-01-25 14:13 - 2021-01-25 14:13 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg HALionOne
2021-01-25 14:13 - 2021-01-25 14:13 - 000000000 ____D C:\ProgramData\Steinberg
2021-01-25 14:11 - 2021-01-25 14:16 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Steinberg
2021-01-25 14:11 - 2021-01-25 14:15 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase 5
2021-01-25 14:11 - 2021-01-25 14:11 - 000000000 ____D C:\Program Files (x86)\Steinberg
2021-01-24 21:54 - 2021-01-24 21:54 - 077493402 _____ C:\Users\Richard\Downloads\Brouk Bohuslav - Sport - stoupa života _ Český Sigmund Freud (Hmyzí Silvestr 2002).zip
2021-01-24 21:54 - 2021-01-24 21:54 - 059021281 _____ C:\Users\Richard\Downloads\Bohuslav Brouk - Choditi s koulí na noze je sotva vtipný nápad.rar
2021-01-24 21:54 - 2021-01-24 21:54 - 058119796 _____ C:\Users\Richard\Downloads\Víkendová příloha - Kamen Jiří - Český Sigmund Freud (Bohuslav Brouk).rar
2021-01-24 18:15 - 2021-01-24 18:15 - 000017653 _____ C:\Users\Richard\Downloads\[SkT]Sarlatan_(2020)(CZ)[WebRip][1080p]_=_CSFD_79%.torrent
2021-01-24 18:10 - 2021-01-24 18:10 - 000151195 _____ C:\Users\Richard\Downloads\[SkT]____Koruna___The_Crown_-_2._serie_(CZ)[WebRip][1080p]_=_CSFD_90%.torrent
2021-01-24 18:01 - 2021-01-24 18:01 - 000043676 _____ C:\Users\Richard\Downloads\[SkT]____Koruna___The_Crown_-_1._serie_(CZ)[WebRip][1080p]_=_CSFD_90%.torrent
2021-01-23 18:29 - 2021-02-11 12:05 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-01-23 18:29 - 2021-02-11 12:05 - 000003386 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6f120800843a7
2021-01-23 10:39 - 2021-01-23 10:40 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2021-01-23 10:38 - 2021-01-23 10:39 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-01-23 10:38 - 2021-01-23 10:38 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-01-23 10:37 - 2021-01-23 10:37 - 000000000 ____D C:\ProgramData\ssh
2021-01-23 10:34 - 2021-01-23 10:34 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-01-23 10:34 - 2021-01-23 10:34 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-01-23 10:34 - 2021-01-23 10:34 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-01-23 10:34 - 2021-01-23 10:34 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-23 10:34 - 2021-01-23 10:34 - 000707544 _____ C:\WINDOWS\system32\TextShaping.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-23 10:34 - 2021-01-23 10:34 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-23 10:34 - 2021-01-23 10:34 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-23 10:34 - 2021-01-23 10:34 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000467968 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-23 10:34 - 2021-01-23 10:34 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-23 10:34 - 2021-01-23 10:34 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2021-01-23 10:34 - 2021-01-23 10:34 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-23 10:34 - 2021-01-23 10:34 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2021-01-23 10:34 - 2021-01-23 10:34 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-23 10:34 - 2021-01-23 10:34 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-01-23 10:34 - 2021-01-23 10:34 - 000138056 _____ C:\WINDOWS\system32\HvsiManagementApi.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-23 10:34 - 2021-01-23 10:34 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb
2021-01-23 10:34 - 2021-01-23 10:34 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb
2021-01-23 10:34 - 2021-01-23 10:34 - 000111616 _____ C:\WINDOWS\system32\RDVGHelper.exe
2021-01-23 10:34 - 2021-01-23 10:34 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000101704 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-23 10:34 - 2021-01-23 10:34 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-23 10:34 - 2021-01-23 10:34 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-01-23 10:34 - 2021-01-23 10:34 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv
2021-01-23 10:34 - 2021-01-23 10:34 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2021-01-23 10:34 - 2021-01-23 10:34 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2021-01-23 10:33 - 2021-01-23 10:33 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2021-01-23 10:33 - 2021-01-23 10:33 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-23 10:33 - 2021-01-23 10:33 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-23 10:33 - 2021-01-23 10:33 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-01-23 10:33 - 2021-01-23 10:33 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-01-23 10:33 - 2021-01-23 10:33 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-23 10:33 - 2021-01-23 10:33 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2021-01-23 10:33 - 2021-01-23 10:33 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-23 10:33 - 2021-01-23 10:33 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2021-01-23 10:33 - 2021-01-23 10:33 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-23 10:33 - 2021-01-23 10:33 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2021-01-23 10:33 - 2021-01-23 10:33 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2021-01-23 10:33 - 2021-01-23 10:33 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv
2021-01-23 10:33 - 2021-01-23 10:33 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-01-23 10:30 - 2021-01-23 10:30 - 000000000 ____D C:\WINDOWS\system32\sk
2021-01-23 10:28 - 2021-01-23 10:28 - 000000000 ____D C:\Program Files\Reference Assemblies
2021-01-23 10:28 - 2021-01-23 10:28 - 000000000 ____D C:\Program Files\MSBuild
2021-01-23 10:28 - 2021-01-23 10:28 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2021-01-23 10:28 - 2021-01-23 10:28 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-01-23 01:47 - 2021-01-23 01:47 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-01-23 01:45 - 2021-02-15 13:43 - 000842414 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-23 01:45 - 2021-01-23 01:45 - 000000020 ___SH C:\Users\Richard\ntuser.ini
2021-01-23 01:44 - 2021-02-16 09:55 - 000003130 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2021-01-23 01:44 - 2021-02-16 09:55 - 000003114 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2021-01-23 01:44 - 2021-02-15 12:56 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-23 01:44 - 2021-02-15 10:16 - 000004226 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1610919243
2021-01-23 01:44 - 2021-02-05 17:44 - 000003418 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-01-23 01:44 - 2021-02-05 17:44 - 000003294 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-01-23 01:44 - 2021-01-23 01:44 - 000015243 _____ C:\WINDOWS\diagwrn.xml
2021-01-23 01:44 - 2021-01-23 01:44 - 000015243 _____ C:\WINDOWS\diagerr.xml
2021-01-23 01:44 - 2021-01-23 01:44 - 000003874 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1610919256
2021-01-23 01:44 - 2021-01-23 01:44 - 000003118 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2021-01-23 01:44 - 2021-01-23 01:44 - 000002672 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2021-01-23 01:44 - 2021-01-23 01:44 - 000002590 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2021-01-23 01:44 - 2021-01-23 01:44 - 000002202 _____ C:\WINDOWS\system32\Tasks\StartCN
2021-01-23 01:44 - 2021-01-23 01:44 - 000002122 _____ C:\WINDOWS\system32\Tasks\StartDVR
2021-01-23 01:44 - 2021-01-23 01:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-01-23 01:41 - 2021-02-13 01:55 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-23 01:41 - 2021-02-10 23:16 - 000000000 ____D C:\Users\Katinka
2021-01-23 01:41 - 2021-02-07 01:00 - 000000000 ____D C:\Users\Richard
2021-01-23 01:41 - 2021-02-03 12:06 - 000000000 ____D C:\Users\kioskUser0
2021-01-23 01:41 - 2016-11-01 23:05 - 000099848 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2021-01-23 01:40 - 2021-02-15 23:56 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-23 01:40 - 2021-02-15 12:56 - 000008192 ___SH C:\DumpStack.log.tmp
2021-01-23 01:40 - 2021-02-11 02:06 - 000530440 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-22 22:03 - 2021-01-22 22:03 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2021-01-22 14:36 - 2021-01-23 01:42 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2021-01-22 14:36 - 2021-01-22 14:36 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Zoom
2021-01-21 19:36 - 2021-02-10 10:30 - 000000000 ___DC C:\WINDOWS\Panther
2021-01-21 19:33 - 2021-01-21 19:33 - 000000000 ___HD C:\$WinREAgent
2021-01-21 17:33 - 2021-01-21 17:33 - 041750105 _____ C:\Users\Richard\Downloads\Birdland Blahova.mp4
2021-01-21 15:08 - 2021-01-23 10:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-01-20 23:08 - 2021-02-15 12:56 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-01-20 23:08 - 2021-01-24 17:28 - 000000000 ____D C:\Users\Richard\AppData\Roaming\TeamViewer
2021-01-20 23:08 - 2021-01-21 19:52 - 000000000 ____D C:\Users\Richard\AppData\Local\TeamViewer
2021-01-20 23:08 - 2021-01-20 23:08 - 000001116 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2021-01-20 22:46 - 2021-01-20 22:46 - 000373009 _____ C:\Users\Richard\Downloads\Svetova kultura (1).pdf
2021-01-20 22:24 - 2021-01-20 22:24 - 000373379 _____ C:\Users\Richard\Downloads\svetova kultura.pdf
2021-01-20 19:52 - 2021-01-20 19:52 - 000337013 _____ C:\Users\Richard\Downloads\3_1_I_polrok (1).pdf
2021-01-20 17:46 - 2021-02-01 22:31 - 000000000 ____D C:\ProgramData\TrackmaniaTurbo
2021-01-20 17:36 - 2021-01-20 17:36 - 000000234 _____ C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trackmania Turbo.url
2021-01-20 17:36 - 2021-01-20 17:36 - 000000234 _____ C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Config.url
2021-01-20 17:34 - 2021-02-01 22:32 - 000000000 ____D C:\Users\Richard\AppData\Local\Ubisoft Game Launcher
2021-01-20 17:34 - 2021-01-23 01:42 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2021-01-20 17:34 - 2021-01-20 17:34 - 000000000 ____D C:\ProgramData\Ubisoft
2021-01-20 17:34 - 2021-01-20 17:34 - 000000000 ____D C:\Program Files (x86)\Ubisoft
2021-01-20 16:53 - 2021-01-20 16:53 - 000055452 _____ C:\Users\Richard\Downloads\birdland.mid
2021-01-20 15:53 - 2021-01-23 10:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daum
2021-01-20 15:53 - 2021-01-20 15:53 - 000000000 ____D C:\Users\Richard\AppData\Roaming\PotPlayerMini64
2021-01-20 15:53 - 2021-01-20 15:53 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Daum
2021-01-20 15:53 - 2021-01-20 15:53 - 000000000 ____D C:\Program Files\DAUM
2021-01-19 20:15 - 2021-01-19 20:15 - 000000000 ____D C:\Users\Katinka\AppData\Roaming\Intel Corporation
2021-01-19 20:14 - 2021-01-19 20:14 - 000000000 ____D C:\Users\Katinka\AppData\Local\MicrosoftEdge
2021-01-19 20:14 - 2021-01-19 20:14 - 000000000 ____D C:\Users\Katinka\AppData\Local\Comms
2021-01-19 20:13 - 2021-02-12 15:54 - 000000000 ____D C:\Users\Katinka\AppData\Local\Packages
2021-01-19 20:13 - 2021-02-12 15:52 - 000000000 __SHD C:\Users\Katinka\IntelGraphicsProfiles
2021-01-19 20:13 - 2021-01-27 23:52 - 000000000 ____D C:\Users\Katinka\AppData\Local\Google
2021-01-19 20:13 - 2021-01-27 23:48 - 000000000 ___RD C:\Users\Katinka\3D Objects
2021-01-19 20:13 - 2021-01-19 20:14 - 000000000 ____D C:\Users\Katinka\AppData\Roaming\Adobe
2021-01-19 20:13 - 2021-01-19 20:13 - 000000000 ____D C:\Users\Katinka\AppData\Local\VirtualStore
2021-01-19 20:13 - 2021-01-19 20:13 - 000000000 ____D C:\Users\Katinka\AppData\Local\Publishers
2021-01-19 20:13 - 2021-01-19 20:13 - 000000000 ____D C:\Users\Katinka\AppData\Local\ConnectedDevicesPlatform
2021-01-19 20:12 - 2021-01-19 20:13 - 000000000 ____D C:\Users\Katinka\AppData\Local\AMD
2021-01-19 18:55 - 2012-09-26 16:48 - 000000584 _____ C:\WINDOWS\hpomdl28.dat.temp
2021-01-19 18:54 - 2021-01-19 18:54 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Macromedia
2021-01-19 18:53 - 2021-01-19 18:54 - 000000000 ____D C:\Users\Richard\AppData\Roaming\HP
2021-01-19 18:53 - 2021-01-19 18:53 - 000000000 ____D C:\ProgramData\WEBREG
2021-01-19 18:52 - 2021-01-26 19:41 - 000000000 ____D C:\Users\Richard\AppData\Roaming\HpUpdate
2021-01-19 18:52 - 2021-01-19 18:52 - 000001398 _____ C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk
2021-01-19 18:52 - 2021-01-19 18:52 - 000001078 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
2021-01-19 18:52 - 2021-01-19 18:52 - 000000000 ____D C:\ProgramData\HP Product Assistant
2021-01-19 18:52 - 2021-01-19 18:52 - 000000000 ____D C:\ProgramData\HP Photo Creations
2021-01-19 18:52 - 2021-01-19 18:52 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2021-01-19 18:52 - 2021-01-19 18:52 - 000000000 ____D C:\Program Files (x86)\HP Photo Creations
2021-01-19 18:51 - 2021-01-23 10:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2021-01-19 18:51 - 2021-01-19 18:52 - 000000000 ____D C:\Program Files (x86)\HP
2021-01-19 18:50 - 2021-01-19 18:55 - 000188219 _____ C:\WINDOWS\hpoins28.dat
2021-01-19 18:50 - 2012-09-26 16:48 - 000000584 _____ C:\WINDOWS\hpomdl28.dat
2021-01-19 18:48 - 2021-01-19 18:53 - 000000000 ____D C:\ProgramData\HP
2021-01-19 18:48 - 2012-09-25 08:52 - 003867040 _____ C:\WINDOWS\system32\PortChanger.exe
2021-01-19 18:48 - 2012-09-25 08:52 - 000151968 ____N (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\Dot4.sys
2021-01-19 18:48 - 2012-09-25 08:52 - 000049056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dot4usb.sys
2021-01-19 18:48 - 2012-09-25 08:52 - 000027040 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\Dot4Prt.sys
2021-01-19 18:48 - 2009-07-14 02:41 - 000046080 _____ (Hewlett-Packard Corporation) C:\WINDOWS\system32\hpz3lw71.dll
2021-01-19 18:48 - 2009-07-08 11:51 - 000938496 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpowiax7.dll
2021-01-19 18:48 - 2009-07-08 11:51 - 000740864 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\hpotscl6.dll
2021-01-19 18:48 - 2009-07-08 11:51 - 000551424 _____ (Hewlett-Packard) C:\WINDOWS\system32\hppldcoi.dll
2021-01-19 18:48 - 2009-07-08 11:51 - 000505344 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\hpovst15.dll
2021-01-19 18:30 - 2021-02-10 20:46 - 000000000 ____D C:\Users\Richard\AppData\Roaming\MuseScore
2021-01-19 18:30 - 2021-01-23 01:42 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MuseScore 3
2021-01-19 18:30 - 2021-01-19 18:30 - 000000000 ____D C:\Users\Richard\AppData\Local\MuseScore
2021-01-19 18:30 - 2021-01-19 18:30 - 000000000 ____D C:\Program Files\MuseScore 3
2021-01-19 17:19 - 2021-01-19 17:19 - 000000000 ___HD C:\Users\kioskUser0\MicrosoftEdgeBackups
2021-01-19 17:05 - 2021-01-19 17:05 - 000000000 ____D C:\Users\kioskUser0\AppData\Local\PlaceholderTileLogoFolder
2021-01-19 15:33 - 2021-01-19 15:33 - 000037361 _____ C:\Users\Richard\Downloads\Orange_doklad_FR_202012_CNnull_SN0902876219.pdf
2021-01-19 15:33 - 2021-01-19 15:33 - 000037056 _____ C:\Users\Richard\Downloads\Orange_doklad_FR_202012_CNnull_SN0949811763.pdf
2021-01-18 23:47 - 2021-01-18 23:47 - 000000000 ____D C:\Users\Richard\AppData\Local\OneDrive
2021-01-18 21:48 - 2021-01-21 15:08 - 000002411 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-01-18 21:48 - 2021-01-21 15:08 - 000002410 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-01-18 21:48 - 2021-01-21 15:08 - 000002373 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-01-18 21:47 - 2021-02-15 10:17 - 000000000 ____D C:\Program Files\Microsoft Office
2021-01-18 21:47 - 2021-01-18 21:47 - 000000000 ____D C:\Program Files\Microsoft Office 15
2021-01-18 21:47 - 2021-01-18 21:47 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2021-01-18 20:32 - 2021-01-20 15:52 - 000000000 ____D C:\Program Files\VideoLAN
2021-01-18 20:06 - 2021-01-18 20:06 - 000000000 ____D C:\Users\defaultuser100000
2021-01-18 15:59 - 2021-01-18 15:59 - 000337013 _____ C:\Users\Richard\Downloads\3_1_I_polrok.pdf
2021-01-18 15:36 - 2021-01-20 15:29 - 000000000 ____D C:\Users\Richard\AppData\Local\Adobe
2021-01-18 15:36 - 2021-01-20 15:29 - 000000000 ____D C:\ProgramData\Adobe
2021-01-18 15:36 - 2021-01-18 15:37 - 000000000 ____D C:\Users\Richard\AppData\LocalLow\Netopsystems
2021-01-18 00:47 - 2021-01-18 00:47 - 000014230 _____ C:\Users\Richard\Downloads\[SkT]Windows_10_Permanent_Activator_ultimate__ALL (1).torrent
2021-01-18 00:40 - 2021-01-18 00:40 - 000014230 _____ C:\Users\Richard\Downloads\[SkT]Windows_10_Permanent_Activator_ultimate__ALL.torrent
2021-01-18 00:37 - 2021-01-18 00:37 - 000000000 ____D C:\Users\kioskUser0\AppData\Local\cache
2021-01-18 00:33 - 2021-01-22 15:07 - 000000000 ____D C:\Users\Richard\AppData\Local\CrashDumps
2021-01-18 00:32 - 2021-01-18 00:32 - 000000000 ____D C:\Users\kioskUser0\AppData\Local\Google
2021-01-18 00:28 - 2021-02-05 14:27 - 000000000 ___RD C:\Users\Richard\OneDrive
2021-01-18 00:24 - 2021-01-18 21:27 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-01-17 23:10 - 2021-01-23 10:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-01-17 23:10 - 2021-01-23 01:42 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-01-17 23:10 - 2021-01-18 00:32 - 000000000 ____D C:\Program Files\WinRAR
2021-01-17 23:10 - 2021-01-17 23:10 - 000000000 ____D C:\Users\Richard\AppData\Roaming\WinRAR
2021-01-17 23:09 - 2021-01-17 23:09 - 000016964 _____ C:\Users\Richard\Downloads\[SkT]____WinRAR_v.5.90_Final_Official_(x86_x64)(CZ_SK).torrent
2021-01-17 23:06 - 2021-01-17 23:06 - 000002327 _____ C:\Users\Richard\Downloads\[SkT]WinRAR_v.6.00_Final_Official_(x86_x64).torrent
2021-01-17 23:06 - 2021-01-17 23:06 - 000002327 _____ C:\Users\Richard\Downloads\[SkT]WinRAR_v.6.00_Final_Official_(x86_x64) (1).torrent
2021-01-17 22:59 - 2021-01-17 22:59 - 000009613 _____ C:\Users\Richard\Downloads\[SkT]AAct_4.0_Release_1.torrent
2021-01-17 22:48 - 2021-01-17 22:48 - 000027319 _____ C:\Users\Richard\Downloads\[SkT]Microsoft_Office_Professional_Plus_2019_MSO_(16.0.11929.20370) (1).torrent
2021-01-17 22:45 - 2021-02-16 10:14 - 000000000 ____D C:\Users\Richard\AppData\Roaming\BitTorrent
2021-01-17 22:45 - 2021-01-18 00:32 - 000000000 ____D C:\ProgramData\Avast Software
2021-01-17 22:38 - 2021-01-17 22:40 - 004898768 _____ (BitTorrent Inc.) C:\Users\Richard\Downloads\BitTorrent.exe
2021-01-17 22:35 - 2021-01-17 22:35 - 000027319 _____ C:\Users\Richard\Downloads\[SkT]Microsoft_Office_Professional_Plus_2019_MSO_(16.0.11929.20370).torrent
2021-01-17 22:34 - 2021-02-16 09:56 - 000000000 ____D C:\Users\Richard\AppData\Local\BitTorrentHelper
2021-01-17 22:34 - 2021-02-15 10:16 - 000001415 _____ C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2021-01-17 22:34 - 2021-01-23 10:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2021-01-17 22:34 - 2021-01-17 22:34 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Lavasoft
2021-01-17 22:34 - 2021-01-17 22:34 - 000000000 ____D C:\Users\Richard\AppData\Local\Opera Software
2021-01-17 22:34 - 2021-01-17 22:34 - 000000000 ____D C:\Users\Richard\AppData\Local\Lavasoft
2021-01-17 22:34 - 2021-01-17 22:34 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2021-01-17 22:33 - 2021-01-25 12:40 - 000000000 ____D C:\Users\Richard\AppData\Roaming\BitTorrent Web
2021-01-17 22:33 - 2021-01-18 00:33 - 000001893 _____ C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitTorrent Web.lnk
2021-01-17 22:33 - 2021-01-17 22:33 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Opera Software
2021-01-17 22:33 - 2021-01-17 22:33 - 000000000 ____D C:\ProgramData\Lavasoft
2021-01-17 22:19 - 2021-01-23 10:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACD Systems
2021-01-17 22:19 - 2021-01-17 22:19 - 000000000 ____D C:\Users\Richard\AppData\Roaming\ACD Systems
2021-01-17 22:19 - 2021-01-17 22:19 - 000000000 ____D C:\Users\Richard\AppData\Local\ACD Systems
2021-01-17 22:19 - 2021-01-17 22:19 - 000000000 ____D C:\ProgramData\ACD Systems
2021-01-17 22:19 - 2021-01-17 22:19 - 000000000 ____D C:\Program Files\Common Files\ACD Systems
2021-01-17 22:19 - 2021-01-17 22:19 - 000000000 ____D C:\Program Files\ACD Systems
2021-01-17 21:57 - 2021-01-17 21:57 - 000000000 ____D C:\Users\Richard\AppData\Local\PeerDistRepub
2021-01-17 21:45 - 2021-01-17 21:45 - 000000000 ____D C:\Users\kioskUser0\AppData\Local\Comms
2021-01-17 21:38 - 2021-02-09 22:51 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-17 21:37 - 2021-01-17 21:40 - 000000000 ____D C:\Users\Richard\AppData\Local\Google
2021-01-17 21:37 - 2021-01-17 21:37 - 000000000 ____D C:\Program Files\Google
2021-01-17 21:37 - 2021-01-17 21:37 - 000000000 ____D C:\Program Files (x86)\Google
2021-01-17 21:30 - 2021-02-05 14:27 - 000000000 ___RD C:\Users\kioskUser0\OneDrive
2021-01-17 21:30 - 2021-01-17 21:30 - 000000000 ____D C:\Users\kioskUser0\AppData\Roaming\Intel Corporation
2021-01-17 21:30 - 2021-01-17 21:30 - 000000000 ____D C:\Users\kioskUser0\AppData\Local\MicrosoftEdge
2021-01-17 21:29 - 2021-01-23 01:42 - 000000000 ____D C:\Users\kioskUser0\AppData\Local\Packages
2021-01-17 21:29 - 2021-01-19 16:23 - 000000000 __SHD C:\Users\kioskUser0\IntelGraphicsProfiles
2021-01-17 21:29 - 2021-01-18 19:23 - 000000000 ____D C:\Users\kioskUser0\AppData\Roaming\Adobe
2021-01-17 21:29 - 2021-01-18 00:37 - 000000000 ____D C:\Users\kioskUser0\AppData\Local\AMD
2021-01-17 21:29 - 2021-01-17 21:29 - 000000000 ___RD C:\Users\kioskUser0\3D Objects
2021-01-17 21:29 - 2021-01-17 21:29 - 000000000 ____D C:\Users\kioskUser0\AppData\Local\VirtualStore
2021-01-17 21:29 - 2021-01-17 21:29 - 000000000 ____D C:\Users\kioskUser0\AppData\Local\Publishers
2021-01-17 21:29 - 2021-01-17 21:29 - 000000000 ____D C:\Users\kioskUser0\AppData\Local\ConnectedDevicesPlatform
2021-01-17 21:22 - 2021-01-25 19:21 - 000000000 ____D C:\Users\Richard\AppData\Local\D3DSCache
2021-01-17 19:02 - 2021-01-23 10:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESI
2021-01-17 19:02 - 2021-01-17 19:02 - 000000000 ____D C:\Users\Richard\Downloads\Juli@-x2v-v1_21
2021-01-17 19:02 - 2021-01-17 19:02 - 000000000 ____D C:\Program Files\ESI
2021-01-17 19:02 - 2021-01-17 19:02 - 000000000 ____D C:\Program Files\DIFX
2021-01-17 19:02 - 2015-09-16 10:25 - 000514792 _____ (ESI Audiotechnik GmbH) C:\WINDOWS\system32\JulaPAN.exe
2021-01-17 19:02 - 2015-09-16 10:25 - 000126696 _____ (ESI Audiotechnik GmbH) C:\WINDOWS\system32\JulaASIO.dll
2021-01-17 19:02 - 2015-09-16 10:25 - 000111336 _____ (ESI Audiotechnik GmbH) C:\WINDOWS\SysWOW64\JulaASIO32.dll
2021-01-17 19:02 - 2015-09-16 10:25 - 000062696 _____ (ESI Audiotechnik GmbH) C:\WINDOWS\system32\Drivers\Jula.sys
2021-01-17 19:02 - 2015-09-16 10:25 - 000045288 _____ (ESI Audiotechnik GmbH) C:\WINDOWS\system32\Drivers\JulaWDM.sys
2021-01-17 18:58 - 2021-01-17 18:58 - 000000000 ____D C:\Users\Richard\AppData\Local\ElevatedDiagnostics
2021-01-17 02:04 - 2021-01-17 02:07 - 000000000 ___HD C:\$SysReset

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-16 09:56 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-16 09:55 - 2021-01-16 17:27 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-02-16 09:55 - 2021-01-16 17:27 - 000000000 __SHD C:\Users\Richard\IntelGraphicsProfiles
2021-02-15 13:43 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-02-15 12:55 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2021-02-14 20:46 - 2021-01-16 09:18 - 000000000 ____D C:\Users\Richard\AppData\Local\Packages
2021-02-13 01:55 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-13 01:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-12 15:52 - 2021-01-16 09:16 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-02-11 02:05 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-11 02:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-11 02:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-11 02:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-11 02:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-11 02:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-11 02:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-11 02:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-11 02:05 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-11 02:05 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-02-11 00:34 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-11 00:29 - 2021-01-16 09:31 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-11 00:27 - 2021-01-16 09:31 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-01 14:08 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-29 18:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-01-29 15:06 - 2021-01-16 09:43 - 000000000 ____D C:\ProgramData\Package Cache
2021-01-23 10:40 - 2021-01-16 17:32 - 000000000 ____D C:\Program Files\UNP
2021-01-23 10:40 - 2021-01-16 10:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PerformanceTest
2021-01-23 10:40 - 2021-01-16 10:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Software
2021-01-23 10:40 - 2021-01-16 10:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2021-01-23 10:40 - 2021-01-16 09:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2021-01-23 10:40 - 2021-01-16 09:54 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2021-01-23 10:40 - 2021-01-16 09:43 - 000000000 ____D C:\Program Files\Intel
2021-01-23 10:40 - 2019-12-07 10:18 - 000000000 ____D C:\WINDOWS\Setup
2021-01-23 10:40 - 2019-12-07 10:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-01-23 10:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-01-23 10:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\spool
2021-01-23 10:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-01-23 10:40 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-01-23 10:40 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2021-01-23 10:40 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2021-01-23 10:39 - 2021-01-16 11:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UL
2021-01-23 10:39 - 2021-01-16 09:47 - 000000000 ____D C:\Program Files\Realtek
2021-01-23 10:39 - 2021-01-16 09:22 - 000000000 ____D C:\Program Files\ASUS
2021-01-23 10:39 - 2021-01-16 09:21 - 000000000 ____D C:\WINDOWS\system32\AMD
2021-01-23 10:37 - 2019-12-07 10:54 - 000000000 ___SD C:\WINDOWS\system32\AppV
2021-01-23 10:37 - 2019-12-07 10:54 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-23 10:37 - 2019-12-07 10:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-01-23 10:37 - 2019-12-07 10:54 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-01-23 10:36 - 2019-12-07 10:54 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-01-23 10:36 - 2019-12-07 10:54 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-01-23 10:30 - 2019-12-07 10:52 - 000000000 ____D C:\WINDOWS\OCR
2021-01-23 10:30 - 2019-12-07 10:50 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2021-01-23 10:30 - 2019-12-07 10:50 - 000000000 ____D C:\WINDOWS\system32\WCN
2021-01-23 03:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\appcompat
2021-01-23 02:01 - 2021-01-16 09:35 - 000000000 ____D C:\ProgramData\Packages
2021-01-23 01:46 - 2021-01-16 09:21 - 000000000 ____D C:\Users\Richard\AppData\Local\PlaceholderTileLogoFolder
2021-01-23 01:45 - 2021-01-16 09:58 - 000840598 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2021-01-23 01:45 - 2021-01-16 09:18 - 000000000 ___RD C:\Users\Richard\3D Objects
2021-01-23 01:45 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate
2021-01-23 01:45 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-01-23 01:44 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-23 01:41 - 2021-01-16 17:27 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2021-01-23 01:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-01-23 00:02 - 2021-01-16 09:21 - 000799104 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-01-19 18:53 - 2019-03-19 05:49 - 000000127 _____ C:\WINDOWS\win.ini
2021-01-18 15:36 - 2021-01-16 09:18 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Adobe
2021-01-17 21:21 - 2021-01-16 10:05 - 000000000 ____D C:\Users\Richard\AppData\LocalLow\Mozilla
2021-01-17 18:47 - 2021-01-16 17:27 - 000000000 ____D C:\Intel

==================== Files in the root of some directories ========

2021-02-15 12:45 - 2021-02-15 12:45 - 000000032 _____ () C:\Users\Richard\AppData\Roaming\++.bat
2021-02-15 12:45 - 2021-02-15 12:45 - 000005120 _____ (Microsoft) C:\Users\Richard\AppData\Roaming\0.exe
2021-02-15 12:45 - 2021-02-15 12:45 - 000188416 _____ (NirSoft) C:\Users\Richard\AppData\Roaming\1.exe
2021-02-15 12:49 - 2021-02-15 12:49 - 000000086 _____ () C:\Users\Richard\AppData\Roaming\remoteclient.ini
2021-02-15 12:45 - 2021-02-15 12:45 - 000505093 _____ () C:\Users\Richard\AppData\Roaming\sex.txt
2021-02-15 12:44 - 2021-02-15 12:44 - 000015872 _____ (Microsoft) C:\Users\Richard\AppData\Roaming\specific.exe
2021-02-15 12:48 - 2021-02-15 12:48 - 000458752 _____ () C:\Users\Richard\AppData\Local\sqlite_pass

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================



Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-02-2021
Ran by Richard (16-02-2021 10:15:40)
Running from C:\Users\Richard\OneDrive\Počítač
Windows 10 Pro Version 20H2 19042.804 (X64) (2021-01-23 00:45:03)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3697634085-1141814390-3545286870-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3697634085-1141814390-3545286870-503 - Limited - Disabled)
Guest (S-1-5-21-3697634085-1141814390-3545286870-501 - Limited - Disabled)
Katinka (S-1-5-21-3697634085-1141814390-3545286870-1008 - Limited - Enabled) => C:\Users\Katinka
Richard (S-1-5-21-3697634085-1141814390-3545286870-1001 - Administrator - Enabled) => C:\Users\Richard
WDAGUtilityAccount (S-1-5-21-3697634085-1141814390-3545286870-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DMark (HKLM\...\{C11C8EB4-326A-4224-9424-45DDC2623322}) (Version: 2.16.7117.0 - UL) Hidden
3DMark (HKLM-x32\...\{a0974e13-e65d-475e-99e6-2bbaf41bbdd7}) (Version: 2.16.7117.0 - UL)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
ACDSee Photo Studio Ultimate 2020 (HKLM\...\ACDSee Photo Studio Ultimate 2020) (Version: 13.0.1.2023 - ACD Systems International Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.11.2 - Advanced Micro Devices, Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
BitTorrent (HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\BitTorrent) (Version: 7.10.5.45857 - BitTorrent Inc.)
BitTorrent Web (HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\btweb) (Version: 1.1.3 - BitTorrent, Inc.)
Branding64 (HKLM\...\{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden
BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
Copy (HKLM-x32\...\{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
CrystalDiskInfo 8.10.0 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.10.0 - Crystal Dew World)
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F4200_Software_Min (HKLM-x32\...\{CFA33E6D-2D7D-4785-8025-974398E940D1}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 140.0.185.000 - Hewlett-Packard) Hidden
F4200 (HKLM-x32\...\{C86E1E36-6D30-4834-9C85-5501F31F7BB4}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
F4200_NCL_Help (HKLM-x32\...\{367E84FF-D436-4513-A237-FF638B048761}) (Version: 110.0.206.000 - Hewlett-Packard) Hidden
Futuremark SystemInfo (HKLM-x32\...\{F608ED5F-3818-4F87-A277-E52E8790C039}) (Version: 5.35.871.0 - Futuremark)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.150 - Google LLC)
GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F4200 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{8C925017-72A8-4C4A-AF21-84901E26638F}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
HWiNFO64 Version 6.40 (HKLM\...\HWiNFO64_is1) (Version: 6.40 - Martin Malik - REALiX)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.6.1194 - Intel Corporation)
Intel(R) Network Connections 20.1.2019.0 (HKLM\...\PROSetDX) (Version: 20.1.2019.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{B294CE94-FE0F-4427-910C-180AF9FCFED1}) (Version: 1.0.1.620 - Intel Corporation)
Juli@ PCI Driver version v1.2.1.0 (HKLM\...\{2C649BA4-D482-408F-9148-2EC10E1E3193}_is1) (Version: v1.2.1.0 - ESI-Audiotechnik)
Kodi (HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\Kodi) (Version: - XBMC Foundation)
MarketResearch (HKLM-x32\...\{D360FA88-17C8-4F14-B67F-13AAF9607B12}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.68 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - )
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Volume - cs-cz) (Version: 16.0.13628.20380 - Microsoft Corporation)
Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 21.002.0104.0005 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Mozilla Firefox 84.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 84.0.2 (x64 en-US)) (Version: 84.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 84.0.2 - Mozilla)
MuseScore 3 (HKLM\...\{778D5D3D-5448-40F4-AACC-47D443C3E8A1}) (Version: 3.4.2.9788 - Werner Schweer and Others)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20380 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Opera Stable 74.0.3911.107 (HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\Opera 74.0.3911.107) (Version: 74.0.3911.107 - Opera Software)
PerformanceTest v10.0 (HKLM\...\PerformanceTest 10_is1) (Version: 10.0.1010.0 - Passmark Software)
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 210201 - Kakao Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7848 - Realtek Semiconductor Corp.)
Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
Scribus 1.4.8 (HKLM-x32\...\Scribus 1.4.8) (Version: 1.4.8 - The Scribus Team)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype verzia 8.68 (HKLM-x32\...\Skype_is1) (Version: 8.68 - Skype Technologies S.A.)
SolutionCenter (HKLM-x32\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden
Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.342.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steinberg Cubase 5 (HKLM-x32\...\{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}) (Version: 5.1.0 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 1.0.0.1 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg HALionOne (HKLM-x32\...\{E70E7159-93B1-470D-9FBD-D8E9EF34B538}) (Version: 1.1.0.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Additional Content Set 01 (HKLM-x32\...\{F3AFD063-8BAD-485E-B641-E7F5A2C5AE71}) (Version: 1.0.0.001 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Expression Set (HKLM-x32\...\{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}) (Version: 1.0.1.0 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Drum Set (HKLM-x32\...\{AC997F93-0757-4ED4-A701-F40C2D654D09}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Set (HKLM-x32\...\{F057965A-D974-4C64-ADB1-4381CD4B8956}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Pro Set (HKLM-x32\...\{D82CDA0D-C182-42C8-8FF2-5649C98D6003}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Drum Set (HKLM-x32\...\{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Set (HKLM-x32\...\{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content (HKLM-x32\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 1.0.0.005 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 1.0.0.006 - Steinberg Media Technologies GmbH)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.14.5 - TeamViewer)
Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.596.000 - Hewlett-Packard) Hidden
Trackmania Turbo (HKLM-x32\...\Uplay Install 2070) (Version: - Ubisoft)
Transmission 3.00 (bb6b5a062e) (x64) (HKLM\...\{B206C51C-27D2-4251-95E2-B4B28DE80633}) (Version: 3.00.0 - Transmission Project)
TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 117.0.10324 - Ubisoft)
VEGAS Pro 18.0 (HKLM\...\{75111FE1-CE55-11EA-8B12-00155D43CFCE}) (Version: 18.0.284 - VEGAS)
Video Comparer Win64 (HKLM-x32\...\{6a43795f-0427-4e7b-a1f0-fb351c9c6491}) (Version: 1.7.2 - Video Comparer)
Video Comparer Win64 1.07.002 (HKLM\...\{2ABEE3D8-00C2-4A44-AA66-C7F192D7E4EC}) (Version: 1.07.002 - Video Comparer) Hidden
Web Companion (HKLM-x32\...\{b4a59e41-cba2-46c7-a99b-8a80a0017024}) (Version: 7.0.2388.4219 - Lavasoft)
WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.297.017 - Hewlett-Packard) Hidden
Webshare klient (HKLM-x32\...\Webshare klient) (Version: - )
Windows Driver Package - ESI (Jula.sys) MEDIA (09/16/2015 1.2.1.0) (HKLM\...\9351121A70A5DD84065790FA90941B0BB03521DA) (Version: 09/16/2015 1.2.1.0 - ESI)
WinRAR 5.90 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\ZoomUMX) (Version: 5.4.9 (59931.0110) - Zoom Video Communications, Inc.)

Packages:
=========
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_1.1911.21713.0_x64__8wekyb3d8bbwe [2021-01-27] (Microsoft Corporation)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2021-01-27] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2021-01-23] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2021-02-01] (Microsoft Studios) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.25.20211.0_x64__8wekyb3d8bbwe [2021-01-23] (Microsoft Corporation) [MS Ad]
Rozšírenie pre video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2021-01-17] (Microsoft Corporation)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c [2021-02-01] (Skype)
Your Phone -> C:\Program Files\WindowsApps\Microsoft.YourPhone_0.19051.7.0_x64__8wekyb3d8bbwe [2021-02-01] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3697634085-1141814390-3545286870-1001_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\20.201.1005.0009_1\MicrosoftListSync.exe" => No File
CustomCLSID: HKU\S-1-5-21-3697634085-1141814390-3545286870-1001_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\20.201.1005.0009_1\MicrosoftListSync.exe" => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-01-16 09:22 - 2021-02-15 12:56 - 000036648 _____ (ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2009-11-17 22:58 - 2009-11-17 22:58 - 000342656 _____ (Hewlett Packard -> Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqmif08.dll
2009-11-17 22:58 - 2009-11-17 22:58 - 000559232 _____ (Hewlett Packard -> Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusg.dll
2012-05-27 16:44 - 2012-05-27 16:44 - 000015360 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.rsc
2011-04-29 11:34 - 2011-04-29 11:34 - 000927232 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsem08.rsc
2011-04-29 11:34 - 2011-04-29 11:34 - 000012288 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqstp08.rsc
2011-04-29 19:08 - 2011-04-29 19:08 - 000048128 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc
2010-08-06 11:15 - 2010-08-06 11:15 - 000079872 _____ (Hewlett-Packard) [File not signed] C:\WINDOWS\SYSTEM32\hpzidr12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000054784 _____ (Hewlett-Packard) [File not signed] C:\WINDOWS\SYSTEM32\hpzipr12.dll
2015-06-23 16:00 - 2015-06-23 16:00 - 000285696 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2015-06-23 16:00 - 2015-06-23 16:00 - 000562688 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=BT171002&iDate=2021-01-17 09:34:10&iid=3b49db3c-48f5-4258-af00-dcbcede4dcff&bName=
SearchScopes: HKU\S-1-5-21-3697634085-1141814390-3545286870-1001 -> {993F5746-4C15-42BC-99C1-064A1764271B} URL = hxxps://securesearch.org?q={searchTerms}
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-31] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT
HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3697634085-1141814390-3545286870-1008\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.100.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\StartupApproved\Run: => "btweb"
HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\StartupApproved\Run: => "Opera Browser Assistant"
HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\StartupApproved\Run: => "Web Companion"
HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B64A91DA-D9C7-49DB-BE96-9A190FF95EEC}] => (Allow) C:\Users\Richard\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{D72D9B09-5198-4D7E-AE1A-5DEE4EDCFCA2}] => (Allow) C:\Users\Richard\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{9B0924C2-730A-4B7F-BD44-ACEC2E6A67FB}] => (Allow) C:\Users\Richard\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{1B566F4C-3F0F-417B-B643-03B9F23EA465}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{19340763-4C30-4AC0-9806-983EF7A8F227}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{A198A8F0-2924-4D58-BF0B-D9486BE51922}C:\users\richard\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\richard\appdata\roaming\bittorrent\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{F878BB44-DE8C-4254-8000-D1435EC57AF1}C:\users\richard\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\richard\appdata\roaming\bittorrent\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{D911B001-A672-4A1D-A041-377CE9DBF3C9}C:\users\richard\appdata\roaming\bittorrent web\btweb.exe] => (Allow) C:\users\richard\appdata\roaming\bittorrent web\btweb.exe (Jenkins Win Client Build CA -> BitTorrent Inc.) [File not signed]
FirewallRules: [TCP Query User{085597F5-B5C5-4453-8D9F-A3F8AE5434EB}C:\users\richard\appdata\roaming\bittorrent web\btweb.exe] => (Allow) C:\users\richard\appdata\roaming\bittorrent web\btweb.exe (Jenkins Win Client Build CA -> BitTorrent Inc.) [File not signed]
FirewallRules: [TCP Query User{2EDEA5AB-EFD8-4D1A-9D5A-AA5873489F13}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{3CCA6878-55E6-4A5E-A665-17C996641F4A}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{3141937D-2BC9-4784-929C-578D788A610F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{C3FEE606-E841-4E3B-8FE2-280B7E829FF3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{12C6A28E-305A-4451-A200-6067F74AAB75}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{D6D8BCB9-E791-41E6-B5B1-8845B4404933}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{6F1D6EE4-04BE-4B00-AC17-2FBE95D4EB1E}C:\program files\transmission\transmission-qt.exe] => (Allow) C:\program files\transmission\transmission-qt.exe (SignPath Foundation -> Transmission Project)
FirewallRules: [UDP Query User{C27F2C55-47B6-47C4-AFE9-3ADF5323C0AD}C:\program files\transmission\transmission-qt.exe] => (Allow) C:\program files\transmission\transmission-qt.exe (SignPath Foundation -> Transmission Project)
FirewallRules: [{870859CE-4E48-4FE2-88A0-68DE135D7475}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{788A5923-AB56-4E5D-A1DF-2DF0F19B771C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{CEC4BB71-49CA-4B82-8E29-9143A641E7E8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1D4FF73F-DB2B-45E9-B8DA-CBDCAEBD547E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1F2E61F7-F25C-45AA-94C8-AB196B0A5C99}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{21AB2924-6B77-4428-B45A-33ECAC23D207}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{D685C368-FC26-4B74-BCCD-9B99E5C565AB}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{09361179-AD4C-429A-81E6-00E3721F8FB4}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7720DACE-C3CE-4025-A885-8A9E242DAA4F}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{99CE45D0-E597-4BEF-8AB0-1FFCE4F18817}] => (Allow) C:\Users\Richard\AppData\Local\Programs\Opera\74.0.3911.107\opera.exe (Opera Software AS -> Opera Software)

==================== Restore Points =========================

11-02-2021 00:29:20 Windows Modules Installer

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/15/2021 01:49:17 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-PUNF98O)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (02/14/2021 01:58:58 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť retrim v Giant (D:), pretože: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (02/14/2021 01:58:41 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť retrim v Supernova (E:), pretože: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (02/08/2021 09:08:51 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-PUNF98O)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (02/07/2021 02:31:08 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť retrim v Giant (D:), pretože: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (02/07/2021 02:30:51 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť retrim v Supernova (E:), pretože: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (02/03/2021 05:59:52 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-PUNF98O)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (01/31/2021 04:41:04 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť retrim v Giant (D:), pretože: The operation requested is not supported by the hardware backing the volume. (0x8900002A)


System errors:
=============
Error: (02/16/2021 10:08:39 AM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Filter Manager failed to attach to volume '\Device\HarddiskVolume7'. This volume will be unavailable for filtering until a reboot. The final status was 0xc03a001c.

Error: (02/16/2021 10:08:39 AM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Filter Manager failed to attach to volume '\Device\HarddiskVolume7'. This volume will be unavailable for filtering until a reboot. The final status was 0xc03a001c.

Error: (02/16/2021 10:08:39 AM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Filter Manager failed to attach to volume '\Device\HarddiskVolume7'. This volume will be unavailable for filtering until a reboot. The final status was 0xc03a001c.

Error: (02/16/2021 10:08:39 AM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Filter Manager failed to attach to volume '\Device\HarddiskVolume7'. This volume will be unavailable for filtering until a reboot. The final status was 0xc03a001c.

Error: (02/16/2021 10:08:39 AM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Filter Manager failed to attach to volume '\Device\HarddiskVolume7'. This volume will be unavailable for filtering until a reboot. The final status was 0xc03a001c.

Error: (02/16/2021 10:08:39 AM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Filter Manager failed to attach to volume '\Device\HarddiskVolume7'. This volume will be unavailable for filtering until a reboot. The final status was 0xc03a001c.

Error: (02/16/2021 10:08:39 AM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Filter Manager failed to attach to volume '\Device\HarddiskVolume7'. This volume will be unavailable for filtering until a reboot. The final status was 0xc03a001c.

Error: (02/16/2021 10:08:39 AM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Filter Manager failed to attach to volume '\Device\HarddiskVolume7'. This volume will be unavailable for filtering until a reboot. The final status was 0xc03a001c.

Windows Defender:
================
Date: 2021-02-16 10:15:32
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: PUA:Win32/ICBundler
ID: 286849
Severity: Low
Category: Potentially Unwanted Software
Path: file:_C:\Users\Richard\Downloads\BitTorrent.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Users\Richard\OneDrive\Poc�tac\FRST64.exe
Security intelligence Version: AV: 1.331.1118.0, AS: 1.331.1118.0, NIS: 1.331.1118.0
Engine Version: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-02-15 12:54:58
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Backdoor:MSIL/Bladabindi
ID: 2147678468
Severity: Severe
Category: Backdoor
Path: file:_C:\Users\Richard\AppData\Local\Temp\Rar$EXb11628.7908\SETUP.exe; process:_pid:12088,ProcessStart:132578628549820755
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: System
Process Name: C:\Users\Richard\AppData\Local\Temp\Rar$EXb11628.7908\SETUP.exe
Security intelligence Version: AV: 1.331.1036.0, AS: 1.331.1036.0, NIS: 1.331.1036.0
Engine Version: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-02-15 12:54:57
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Backdoor:MSIL/Bladabindi
ID: 2147678468
Severity: Severe
Category: Backdoor
Path: file:_C:\Users\Richard\AppData\Local\Temp\Rar$EXb11628.7908\SETUP.exe; process:_pid:12088,ProcessStart:132578628549820755
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Users\Richard\AppData\Local\Temp\Rar$EXb11628.7908\SETUP.exe
Security intelligence Version: AV: 1.331.1036.0, AS: 1.331.1036.0, NIS: 1.331.1036.0
Engine Version: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-02-15 12:54:37
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Backdoor:MSIL/Bladabindi
ID: 2147678468
Severity: Severe
Category: Backdoor
Path: file:_C:\Users\Richard\AppData\Local\Temp\Rar$EXb11628.7908\SETUP.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\System32\taskhostw.exe
Security intelligence Version: AV: 1.331.1036.0, AS: 1.331.1036.0, NIS: 1.331.1036.0
Engine Version: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-02-15 12:49:46
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Trojan:Win32/Dynamer!dtc
ID: 2147638124
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Richard\AppData\Roaming\remoteclient.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Users\Richard\AppData\Local\Temp\Rar$EXb11628.7908\SETUP.exe
Security intelligence Version: AV: 1.331.1036.0, AS: 1.331.1036.0, NIS: 1.331.1036.0
Engine Version: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-02-15 12:49:26
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Backdoor:MSIL/Quasar.GG!MTB
ID: 2147772079
Severity: Severe
Category: Backdoor
Path: file:_C:\Users\Richard\AppData\Local\Temp\tmpB31A.tmp.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Users\Richard\AppData\Local\Temp\Rar$EXb11628.7908\SETUP.exe
Security intelligence Version: AV: 1.331.1036.0, AS: 1.331.1036.0, NIS: 1.331.1036.0
Engine Version: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-02-15 12:48:32
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Program:Win32/Wacapew.C!ml
ID: 265744
Severity: Low
Category: Potentially Unwanted Software
Path: file:_C:\Users\Richard\AppData\Roaming\xxxx.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Users\Richard\AppData\Roaming\xxxx.exe
Security intelligence Version: AV: 1.331.1036.0, AS: 1.331.1036.0, NIS: 1.331.1036.0
Engine Version: AM: 1.1.17800.5, NIS: 1.1.17800.5

==================== Memory info ===========================

BIOS: American Megatrends Inc. 2801 11/11/2015
Motherboard: ASUSTeK COMPUTER INC. Z97-AR
Processor: Intel(R) Core(TM) i5-4690K CPU @ 3.50GHz
Percentage of memory in use: 67%
Total physical RAM: 7867.52 MB
Available physical RAM: 2564.05 MB
Total Virtual: 10043.52 MB
Available Virtual: 4354.43 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:223 GB) (Free:149.22 GB) NTFS
Drive d: (Giant) (Fixed) (Total:3725.9 GB) (Free:815.77 GB) NTFS
Drive e: (Supernova) (Fixed) (Total:5588.9 GB) (Free:2664.58 GB) NTFS

\\?\Volume{0af65774-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.57 GB) (Free:0.12 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 0AF65774)
Partition 1: (Active) - (Size=579 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Protective MBR) (Size: 5589 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (Size: 3726 GB) (Disk ID: 44C00C96)

Partition: GPT.

==================== End of Addition.txt =======================
Nahoru
valachmar
Návštěvník
Návštěvník
Příspěvky: 56
Registrován: 17 dub 2009 22:33

Re: Win Zabezpecenie Zavazna hrozba

#2 Příspěvek od valachmar »

Este rar z RSIT
rsit.rar
(47.03 KiB) Staženo 62 x
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119418
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Win Zabezpecenie Zavazna hrozba

#3 Příspěvek od Rudy »

Zdravím!
Zkusíme PC vyčistit. Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
valachmar
Návštěvník
Návštěvník
Příspěvky: 56
Registrován: 17 dub 2009 22:33

Re: Win Zabezpecenie Zavazna hrozba

#4 Příspěvek od valachmar »

Dakujem.
Malwarebytes, ma troska ine prostredie ako pisete,
nainstalovala sa mi 14 dnova free verzia,
dal so scannovat a potom ulozit do karanteny.Tu je log:

Malwarebytes
www.malwarebytes.com

-Podrobnosti denníka-
Dátum skenovania: 16. 2. 2021
Čas skenovania: 15:41
Súbor denníka: ffa85dba-7064-11eb-b44c-10c37b6d33d0.json

-Údaje o softvéri-
Verzia: 4.3.0.98
Verzia súčastí: 1.0.1173
Aktualizovať verziu balíka: 1.0.37201
Licencia: Skúšobná verzia

-Systémové informácie-
OS: Windows 10 (Build 19042.804)
Procesor: x64
Systém súborov: NTFS
Používateľ: DESKTOP-PUNF98O\Richard

-Zhrnutie skenovania-
Typ skenovania: Vyhľadávanie hrozieb
Skenovanie bolo spustené: Manuálne
Výsledok: Dokončené
Preskenované objekty: 335290
Zistené hrozby: 13
Hrozby umiestnené do karantény: 0
Uplynulý čas: 1 min, 13 s

-Možnosti skenovania-
Pamäť: Povolené
Spúšťanie: Povolené
Systém súborov: Povolené
Archívy: Povolené
Rootkity: Zakázané
Heuristika: Povolené
PUP: Zistiť
PUM: Zistiť

-Podrobnosti skenovania-
Proces: 0
(Nezistili sa nijaké škodlivé položky)

Modul: 0
(Nezistili sa nijaké škodlivé položky)

Kľúč databázy Registry: 1
PUP.Optional.SearchYa, HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{993F5746-4C15-42BC-99C1-064A1764271B}, Bez zásahu používateľa, 2160, 242794, 1.0.37201, , ame, , ,

Hodnota databázy Registry: 1
PUP.Optional.SearchYa, HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{993F5746-4C15-42BC-99C1-064A1764271B}|DISPLAYNAME, Bez zásahu používateľa, 2160, 242794, 1.0.37201, , ame, , ,

Údaje databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)

Prúd údajov: 0
(Nezistili sa nijaké škodlivé položky)

Priečinok: 1
PUP.Optional.Delta, C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, Bez zásahu používateľa, 615, 455070, , , , , ,

Súbor: 10
PUP.Optional.Delta, C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000005.ldb, Bez zásahu používateľa, 615, 455070, , , , , C2DD6EF20CD59AB6B613580BD820FC69, EDFE1226D8D9369EFDB4B67EE6D74792F3BDBEE940D77F94B78B24DDD22CA63A
PUP.Optional.Delta, C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\001661.ldb, Bez zásahu používateľa, 615, 455070, , , , , 6624EFCA2F4E924F3CE8269AA57039E6, 25EE63E29C6E66BC680E6AFB345B1D3A437561F4B3CBFB70415D82D5971144E7
PUP.Optional.Delta, C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\001662.log, Bez zásahu používateľa, 615, 455070, , , , , 3CE0394D9F9D4A042A9F250DF93AFBC4, DD33AD4E73914E7DBB41043FA9D9BDA57E3703EFA841F587741F3110C3C18664
PUP.Optional.Delta, C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\001663.ldb, Bez zásahu používateľa, 615, 455070, , , , , 8631137CE9C9B1DC938F8B986E7B48F3, 5758CC73583B0E0B991BE1BC94A951EE5B78D350569DEBAA3C43EFA23F6E7DB7
PUP.Optional.Delta, C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\CURRENT, Bez zásahu používateľa, 615, 455070, , , , , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
PUP.Optional.Delta, C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOCK, Bez zásahu používateľa, 615, 455070, , , , , ,
PUP.Optional.Delta, C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG, Bez zásahu používateľa, 615, 455070, , , , , 9EFAC303C54FDBCF9E03FBD5135F958D, B6BA63C071B6B4F57574CE6FAA4BB2E233F215AA4DA8DB51AF5D6EDD3D9F9C7E
PUP.Optional.Delta, C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old, Bez zásahu používateľa, 615, 455070, , , , , C62C2A934A48AD1F7BBBF540615A2FA0, 5CB7A6B078C9360094A0AC6B1C3B3F30B828B398351EAD7373F847D9F0684FD6
PUP.Optional.Delta, C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000001, Bez zásahu používateľa, 615, 455070, , , , , 2119812F870F030905C9C376A9B06FC3, 5EC4D9DC559FB7404FCF99591F805693B53722C36C9342BC063DB00F9D56F6C3
PUP.Optional.Delta, C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Bez zásahu používateľa, 615, 455070, 1.0.37201, , ame, , 91CC89983081329CF35699E5213DF9EB, D8FDB8CF6B7C79C6EC1A68C3352BADEFF7AC8D6878FF1E309B941A996EE857FF

Fyzický sektor: 0
(Nezistili sa nijaké škodlivé položky)

WMI: 0
(Nezistili sa nijaké škodlivé položky)


(end)
Nahoru
valachmar
Návštěvník
Návštěvník
Příspěvky: 56
Registrován: 17 dub 2009 22:33

Re: Win Zabezpecenie Zavazna hrozba

#5 Příspěvek od valachmar »

Uz to vyzera dobre, len Windows Defender vypisuje
Riesenie sa nedokoncilo,
Zistene: Backdoor:MSIL/Bladabindi
Stav: Zrušené
Tato aplikacia nemusi byt upne napravena.
Tento program poskytuje vzdialený prístup k počítaču, v ktorom je nainštalovaný
Ovplyvnene polozky : file: C:\Users\Richard\AppData\Local\Temp\Rar$EXb11628.7908\SETUP.exe
process: pid:12088,ProcessStart:132578628549820755
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119418
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Win Zabezpecenie Zavazna hrozba

#6 Příspěvek od Rudy »

Nalezené položky smažte (dejte do karantény) a pak dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
valachmar
Návštěvník
Návštěvník
Příspěvky: 56
Registrován: 17 dub 2009 22:33

Re: Win Zabezpecenie Zavazna hrozba

#7 Příspěvek od valachmar »

Dakujem,
Prikladam FRST a Addiction:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-02-2021
Ran by Richard (administrator) on DESKTOP-PUNF98O (ASUS All Series) (16-02-2021 18:06:49)
Running from C:\Users\Richard\OneDrive\Počítač
Loaded Profiles: Richard
Platform: Windows 10 Pro Version 20H2 19042.804 (X64) Language: Angličtina (USA)
Default browser: Opera
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Richard\AppData\Roaming\BitTorrent\BitTorrent.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Richard\AppData\Roaming\BitTorrent\helper\helper.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Richard\AppData\Roaming\BitTorrent\updates\7.10.5_45857\bittorrentie.exe <2>
(ESI Audiotechnik GmbH -> ESI Audiotechnik GmbH) C:\Windows\System32\JulaPAN.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett Packard -> Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Intel(R) Intel Network Drivers -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(LAVASOFT SOFTWARE CANADA INC -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(MAGIX Software GmbH -> MAGIX Computer Products Intl. Co.) [File not signed] C:\Program Files\VEGAS\VEGAS Pro 18.0\vegas180.exe
(MAGIX Software GmbH -> MAGIX Computer Products Intl. Co.) C:\Program Files\VEGAS\VEGAS Pro 18.0\ErrorReportLauncher.exe
(MAGIX Software GmbH -> MAGIX Computer Products Intl. Co.) C:\Program Files\VEGAS\VEGAS Pro 18.0\x86\FileIOSurrogate.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1002.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_2.34.28001.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <2>
(Opera Software AS -> Opera Software) C:\Users\Richard\AppData\Local\Programs\Opera\74.0.3911.107\opera.exe <12>
(Opera Software AS -> Opera Software) C:\Users\Richard\AppData\Local\Programs\Opera\74.0.3911.107\opera_crashreporter.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
HKLM\...\Run: [RtHDVBg_DTS] => "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /DTSU2P
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [julapan.exe] => C:\Windows\system32\julapan.exe [514792 2015-09-16] (ESI Audiotechnik GmbH -> ESI Audiotechnik GmbH)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\Run: [btweb] => C:\Users\Richard\AppData\Roaming\BitTorrent Web\btweb.exe [5691520 2020-12-18] (Jenkins Win Client Build CA -> BitTorrent Inc.) [File not signed]
HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [8442464 2021-01-17] (LAVASOFT SOFTWARE CANADA INC -> Lavasoft)
HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\Run: [Opera Browser Assistant] => C:\Users\Richard\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3366040 2021-01-14] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3412696 2021-02-13] (Valve -> Valve Corporation)
HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\Run: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1941352 2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\Run: [BitTorrent] => C:\Users\Richard\AppData\Roaming\BitTorrent\BitTorrent.exe [1960416 2021-01-17] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-3697634085-1141814390-3545286870-1008\...\Run: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1941352 2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\PCL hpz3lw71: C:\WINDOWS\system32\hpz3lw71.dll [46080 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\88.0.4324.150\Installer\chrmstp.exe [2021-02-09] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2021-01-19]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {14CA1CEF-3318-47B7-86D2-2ECBC74E5372} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-17] (Google LLC -> Google LLC)
Task: {1797563B-38D4-4545-AEE4-BEE4F8CBB71C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993800 2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {17D42D8E-77AA-4914-A8C2-C57E6B303742} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [2856304 2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {1D9274BB-A3C2-42C6-9B7F-59052CEEFEBD} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-11-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {5AA1B47D-35FB-4999-81FD-14DBA06B7044} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1710464 2020-11-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {608B8562-311F-4FD1-9F0B-CDD0C6399B85} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [693216 2021-01-05] (Mozilla Corporation -> Mozilla Foundation)
Task: {63DB492F-514A-4B02-84AB-6550C5183A3A} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-11-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {670C8D12-809A-4015-9BB9-97B1C14B033A} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {6BFB181D-1739-47E9-B521-1A776DE7F437} - System32\Tasks\Opera scheduled Autoupdate 1610919243 => C:\Users\Richard\AppData\Local\Programs\Opera\launcher.exe [1793688 2021-02-09] (Opera Software AS -> Opera Software)
Task: {8F2417A7-2E9F-4267-BF63-B5A048A0D830} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1710464 2020-11-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {C072A348-D7D7-48AA-A64D-E380E1B016DE} - System32\Tasks\Opera scheduled assistant Autoupdate 1610919256 => C:\Users\Richard\AppData\Local\Programs\Opera\launcher.exe [1793688 2021-02-09] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Richard\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {C835E0DB-DC3F-4B9C-9095-D1BDDE18B049} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1710464 2020-11-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {CE3400A4-2453-474E-A977-376B9A83CA13} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142216 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {D316DF82-ACCE-48A1-836A-13E2FCB6FCB8} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [855352 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {D5A8195B-A0A8-4CE3-A6EB-E8D490BCB440} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142216 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {D793B4FB-3A77-493F-8A0D-EAFD24C68C7E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-17] (Google LLC -> Google LLC)
Task: {DE8A4910-911A-40D7-B150-86C7AA89784E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5199792 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {E19C5F7F-122D-468D-AB87-245CE4EACE71} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5199792 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {F40592F5-BE40-48DD-AC47-CEA9D36DEF61} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993800 2021-02-03] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{79a0aa48-88c9-4278-80d1-7970b601bf4a}: [DhcpNameServer] 192.168.100.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Richard\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-16]

FireFox:
========
FF DefaultProfile: 1yn368nw.default
FF ProfilePath: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\1yn368nw.default [2021-01-17]
FF Homepage: Mozilla\Firefox\Profiles\1yn368nw.default -> hxxps://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=BT171002&iDate=2021-01-17 09:34:10&bName=
FF NewTab: Mozilla\Firefox\Profiles\1yn368nw.default -> hxxps://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=BT171002&iDate=2021-01-17 09:34:10&bName=
FF ProfilePath: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\o1iww0dk.default-release [2021-01-17]
FF Homepage: Mozilla\Firefox\Profiles\o1iww0dk.default-release -> hxxps://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=BT171002&iDate=2021-01-17 09:34:10&bName=
FF NewTab: Mozilla\Firefox\Profiles\o1iww0dk.default-release -> hxxps://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=BT171002&iDate=2021-01-17 09:34:10&bName=
FF SearchPlugin: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\o1iww0dk.default-release\searchplugins\My Bing Search.xml [2021-01-17]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-01-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-01-31] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default [2021-02-16]
CHR Notifications: Default -> hxxps://drive.google.com
CHR HomePage: Default -> hxxps://www.google.sk/
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Slides) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-01-17]
CHR Extension: (Docs) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-01-17]
CHR Extension: (Google Drive) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-17]
CHR Extension: (YouTube) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-01-17]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-01-29]
CHR Extension: (CzTorrent - 1. CZ Free Torrent Tracker -) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\chalkflaflbkojghgfddnifalamblkkd [2021-01-17]
CHR Extension: (Sheets) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-01-17]
CHR Extension: (Google Docs Offline) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-01-17]
CHR Extension: (Save to Facebook) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfikkaogpplgnfjmbjdpalkhclendgd [2021-01-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-17]
CHR Extension: (Chrome Media Router) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-29]

Opera:
=======
OPR Profile: C:\Users\Richard\AppData\Roaming\Opera Software\Opera Stable [2021-02-16]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Richard\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-02-16]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936456 2015-05-13] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2021-01-16] (ASUSTeK Computer Inc. -> ) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8905608 2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
S3 FileSyncHelper; C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\FileSyncHelper.exe [2194288 2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2020-12-08] (FUTUREMARK INC -> Futuremark)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335360 2016-03-18] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-18] (Intel Corporation) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-02-16] (Malwarebytes Inc -> Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S3 OneDrive Updater Service; C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\OneDriveUpdaterService.exe [2567552 2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5198064 2021-01-23] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12835096 2021-01-28] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [29280 2021-01-17] (LAVASOFT SOFTWARE CANADA INC -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\NisSrv.exe [2462960 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MsMpEng.exe [128376 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15368 2015-05-13] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 DIRECTIO; C:\Program Files\PerformanceTest\DirectIo64.sys [42352 2020-08-24] (PassMark Software Pty Ltd -> )
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2021-02-16] (Malwarebytes Corporation -> Malwarebytes)
R1 Jula.sys; C:\WINDOWS\system32\DRIVERS\Jula.sys [62696 2015-09-16] (ESI Audiotechnik GmbH -> ESI Audiotechnik GmbH)
R3 JulaWDM.sys; C:\WINDOWS\system32\DRIVERS\JulaWDM.sys [45288 2015-09-16] (ESI Audiotechnik GmbH -> ESI Audiotechnik GmbH)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220616 2021-02-16] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-02-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198248 2021-02-16] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-02-16] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-02-16] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [142416 2021-02-16] (Malwarebytes Inc -> Malwarebytes)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49552 2021-02-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [419040 2021-02-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-16 16:59 - 2021-02-16 16:59 - 266081772 _____ C:\Users\Richard\Downloads\Etuda30new2 (1).mp4
2021-02-16 16:59 - 2021-02-16 16:59 - 000220616 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-02-16 16:59 - 2021-02-16 16:59 - 000198248 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-02-16 16:59 - 2021-02-16 16:59 - 000142416 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-02-16 16:59 - 2021-02-16 16:59 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-02-16 15:40 - 2021-02-16 15:40 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-02-16 15:40 - 2021-02-16 15:40 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-02-16 15:40 - 2021-02-16 15:40 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-02-16 15:40 - 2021-02-16 15:40 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-02-16 15:40 - 2021-02-16 15:40 - 000000000 ____D C:\Users\Richard\AppData\Local\mbam
2021-02-16 15:40 - 2021-02-16 15:40 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-02-16 15:39 - 2021-02-16 15:39 - 000000000 ____D C:\Program Files\Malwarebytes
2021-02-16 15:37 - 2021-02-16 15:38 - 002086424 _____ (Malwarebytes) C:\Users\Richard\Downloads\MBSetup.exe
2021-02-16 14:06 - 2021-02-16 14:07 - 266081772 _____ C:\Users\Richard\Downloads\Etuda30new2.mp4
2021-02-16 10:25 - 2021-02-16 10:29 - 000000000 ____D C:\rsit
2021-02-16 10:25 - 2021-02-16 10:27 - 000000000 ____D C:\Program Files\trend micro
2021-02-16 10:13 - 2021-02-16 18:07 - 000000000 ____D C:\FRST
2021-02-15 23:56 - 2021-02-15 23:56 - 005290371 _____ C:\Users\Richard\Downloads\Office Tool Plus 7.6.0.1 Multilingual (1).rar
2021-02-15 13:47 - 2021-02-15 13:47 - 000143008 _____ C:\Users\Richard\Downloads\Etuda30new1.mp4.sfk
2021-02-15 13:38 - 2021-02-15 13:38 - 210725668 _____ C:\Users\Richard\Downloads\Etuda30new1.mp4
2021-02-15 12:58 - 2021-02-15 12:58 - 000989584 _____ (GridinSoft LLC) C:\Users\Richard\Downloads\install-antimalware-fix.exe
2021-02-15 12:49 - 2021-02-15 12:49 - 000000086 _____ C:\Users\Richard\AppData\Roaming\remoteclient.ini
2021-02-15 12:48 - 2021-02-15 12:48 - 000458752 _____ C:\Users\Richard\AppData\Local\sqlite_pass
2021-02-15 12:45 - 2021-02-15 12:45 - 000505093 _____ C:\Users\Richard\AppData\Roaming\sex.txt
2021-02-15 12:45 - 2021-02-15 12:45 - 000188416 _____ (NirSoft) C:\Users\Richard\AppData\Roaming\1.exe
2021-02-15 12:45 - 2021-02-15 12:45 - 000005120 _____ (Microsoft) C:\Users\Richard\AppData\Roaming\0.exe
2021-02-15 12:45 - 2021-02-15 12:45 - 000000032 _____ C:\Users\Richard\AppData\Roaming\++.bat
2021-02-15 12:44 - 2021-02-15 12:44 - 000015872 _____ (Microsoft) C:\Users\Richard\AppData\Roaming\specific.exe
2021-02-15 10:57 - 2021-02-15 10:57 - 000147822 _____ C:\Users\Richard\Downloads\potvrdenie.pdf
2021-02-13 23:50 - 2021-02-13 23:50 - 000000000 ____D C:\Users\Richard\Downloads\Office Tool Plus 7.6.0.1 Multilingual
2021-02-13 17:03 - 2021-02-13 17:04 - 005290371 _____ C:\Users\Richard\Downloads\Office Tool Plus 7.6.0.1 Multilingual.rar
2021-02-12 15:53 - 2021-02-12 15:53 - 006385465 _____ C:\Users\Katinka\Downloads\Vianocna ozdoba diplom 1.pptx
2021-02-11 18:20 - 2021-02-11 18:20 - 048708248 _____ C:\Users\Richard\Downloads\y2mate.com - Guy Lacour 50 Etude 34 Tenor Saxophone_1080pFHR.mp4
2021-02-11 14:24 - 2021-02-11 14:24 - 000031675 _____ C:\Users\Richard\Downloads\let_it_be_gr_kar (1).mid
2021-02-11 14:20 - 2021-02-11 14:20 - 000031675 _____ C:\Users\Richard\Downloads\let_it_be_gr_kar.mid
2021-02-11 14:19 - 2021-02-11 14:19 - 000023513 _____ C:\Users\Richard\Downloads\Let_It_Be.mid
2021-02-11 00:33 - 2021-02-11 00:33 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-11 00:33 - 2021-02-11 00:33 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-11 00:33 - 2021-02-11 00:33 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-02-11 00:33 - 2021-02-11 00:33 - 000010892 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-11 00:32 - 2021-02-11 00:32 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-02-10 23:17 - 2021-02-10 23:17 - 000166467 _____ C:\Users\Richard\Downloads\jazz-883.mus
2021-02-10 23:12 - 2021-02-10 23:12 - 006385255 _____ C:\Users\Katinka\Downloads\Vianocna ozdoba diplom.pptx
2021-02-10 21:00 - 2021-02-10 21:00 - 000000000 ____D C:\Users\Katinka\AppData\Roaming\ACD Systems
2021-02-10 21:00 - 2021-02-10 21:00 - 000000000 ____D C:\Users\Katinka\AppData\Local\ACD Systems
2021-02-10 20:53 - 2021-02-10 20:57 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Scribus
2021-02-10 20:53 - 2021-02-10 20:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scribus 1.4.8
2021-02-10 20:53 - 2021-02-10 20:53 - 000000000 ____D C:\Program Files (x86)\Scribus 1.4.8
2021-02-10 20:51 - 2021-02-10 20:51 - 085773505 _____ (The Scribus Team) C:\Users\Richard\Downloads\scribus-1.4.8-windows.exe
2021-02-10 18:53 - 2021-02-10 18:53 - 000132715 _____ C:\Users\Richard\Downloads\jazz-982.mus
2021-02-10 18:53 - 2021-02-10 18:53 - 000132715 _____ C:\Users\Richard\Downloads\jazz-982 (1).mus
2021-02-10 18:48 - 2021-02-10 18:48 - 000000000 ____D C:\Users\Richard\Downloads\prednesoveskladby
2021-02-10 10:20 - 2021-02-16 16:13 - 000000000 ____D C:\Users\Richard\AppData\LocalLow\BitTorrent
2021-02-09 19:27 - 2021-02-09 19:27 - 000054590 _____ C:\Users\Richard\Downloads\birdland (1).mid
2021-02-09 19:27 - 2021-02-09 19:27 - 000050846 _____ C:\Users\Richard\Downloads\birdland (2).mid
2021-02-09 13:32 - 2021-02-09 13:32 - 000000000 ____D C:\Users\Richard\Downloads\Gazovic koncert
2021-02-08 20:06 - 2021-02-08 20:43 - 000000000 ____D C:\Users\Richard\Downloads\Diera zvana John subory
2021-02-08 17:09 - 2021-02-08 17:09 - 074527128 _____ (Skype Technologies S.A.) C:\Users\Richard\Downloads\Skype-8.68.0.96.exe
2021-02-08 17:09 - 2021-02-08 17:09 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Skype
2021-02-08 17:09 - 2021-02-08 17:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2021-02-08 14:55 - 2021-02-08 14:55 - 000187307 _____ C:\Users\Richard\Downloads\Hatikva tempo 70.m4a
2021-02-08 13:15 - 2021-02-08 13:15 - 000167843 _____ C:\Users\Richard\Downloads\[SkT]Mr._Robot_-_2.serie_(CZ)[HEVC][1080p]_=_CSFD_84% (1).torrent
2021-02-05 15:17 - 2021-02-05 15:17 - 004704192 _____ (Crystal Dew World ) C:\Users\Richard\Downloads\CrystalDiskInfo8_10_0.exe
2021-02-05 15:17 - 2021-02-05 15:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2021-02-05 15:17 - 2021-02-05 15:17 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2021-02-05 00:10 - 2021-02-05 00:10 - 000027347 _____ C:\Users\Richard\Downloads\[SkT]The_Expanse_-_1.serie_[TvRip][720p]_=_CSFD_77%.torrent
2021-02-05 00:08 - 2021-02-05 00:08 - 000167843 _____ C:\Users\Richard\Downloads\[SkT]Mr._Robot_-_2.serie_(CZ)[HEVC][1080p]_=_CSFD_84%.torrent
2021-02-03 14:46 - 2021-02-03 14:46 - 000450496 _____ C:\Users\Richard\Downloads\Blues_Shuffle.mp4.sfk
2021-02-02 19:54 - 2021-02-02 19:54 - 000000000 ____D C:\Users\Katinka\AppData\Roaming\HpUpdate
2021-02-02 19:50 - 2021-02-02 19:50 - 000000000 ____D C:\Users\Katinka\AppData\Roaming\WinRAR
2021-02-01 22:20 - 2021-02-01 22:20 - 000024537 _____ C:\Users\Richard\Downloads\[SkT]Sveraci_kazajka___The_Jacket_(2005)(CZ_EN)[720pHD]_=_CSFD_78%.torrent
2021-02-01 22:20 - 2021-02-01 22:20 - 000013673 _____ C:\Users\Richard\Downloads\[SkT]Sveraci_kazajka___Jacket,_The_(2005)(CZ)_=_CSFD_78%.torrent
2021-02-01 22:19 - 2021-02-01 22:19 - 000012249 _____ C:\Users\Richard\Downloads\[SkT]Hranice_zivota___Stay_(2005)(CZ_EN)[1080p]_=_CSFD_73%.torrent
2021-02-01 22:15 - 2021-02-01 22:15 - 000011406 _____ C:\Users\Richard\Downloads\[SkT]Osviceni___The_Shining_(1980)[1080p]_=_CSFD_88%.torrent
2021-02-01 21:57 - 2021-02-01 21:58 - 663258021 _____ C:\Users\Richard\Downloads\Blues_Shuffle.mp4
2021-02-01 21:57 - 2021-02-01 21:58 - 358977604 _____ C:\Users\Richard\Downloads\Etuda30.mp4
2021-02-01 21:17 - 2021-02-01 21:17 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Webshare klient
2021-02-01 21:17 - 2021-02-01 21:17 - 000000000 ____D C:\Program Files (x86)\Webshare klient
2021-02-01 21:16 - 2021-02-01 21:17 - 005741167 _____ C:\Users\Richard\Downloads\webshare-klient-beta-2020-10-17.exe
2021-02-01 21:06 - 2021-02-01 21:06 - 000011730 _____ C:\Users\Richard\Downloads\[SkT]Osudovy_dotek___Butterfly_Effect,_The_(2004)(CZ)_=_CSFD_87%.torrent
2021-02-01 15:57 - 2021-02-01 15:57 - 000006485 _____ C:\Users\Richard\Downloads\hatikva6.mid
2021-02-01 15:57 - 2021-02-01 15:57 - 000003094 _____ C:\Users\Richard\Downloads\hatikvah (1).mid
2021-02-01 15:57 - 2021-02-01 15:57 - 000003068 _____ C:\Users\Richard\Downloads\hatikva3.mid
2021-02-01 15:56 - 2021-02-01 15:56 - 000021500 _____ C:\Users\Richard\Downloads\Hatikvah.mid
2021-02-01 15:20 - 2021-02-01 15:20 - 000017261 _____ C:\Users\Richard\Downloads\Yesterday (1).mid
2021-02-01 15:20 - 2021-02-01 15:20 - 000014948 _____ C:\Users\Richard\Downloads\yesterday.mid
2021-02-01 15:20 - 2021-02-01 15:20 - 000014948 _____ C:\Users\Richard\Downloads\yesterday (2).mid
2021-01-29 21:55 - 2021-01-29 21:55 - 000672126 _____ C:\Users\Richard\Downloads\zmluva_20-131-08565.pdf
2021-01-29 21:42 - 2021-01-29 21:42 - 002534603 _____ C:\Users\Richard\Downloads\[SkT]Ebook_2020_(CZ) (1).torrent
2021-01-29 21:24 - 2021-01-29 23:06 - 000000000 ____D C:\Users\Richard\AppData\Local\transmission
2021-01-29 21:24 - 2021-01-29 23:06 - 000000000 ____D C:\ProgramData\Transmission
2021-01-29 21:24 - 2021-01-29 21:24 - 016310272 _____ C:\Users\Richard\Downloads\transmission-3.00-x64.msi
2021-01-29 21:24 - 2021-01-29 21:24 - 000002471 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transmission Qt Client.lnk
2021-01-29 21:24 - 2021-01-29 21:24 - 000000000 ____D C:\Program Files\Transmission
2021-01-29 21:15 - 2021-01-29 21:15 - 001012654 _____ C:\Users\Richard\Downloads\[SkT]Ebook_Tematicke.torrent
2021-01-29 21:14 - 2021-01-29 21:14 - 000626467 _____ C:\Users\Richard\Downloads\tematicke_2020.pdf
2021-01-29 16:59 - 2021-01-29 16:59 - 063102319 _____ (XBMC Foundation) C:\Users\Richard\Downloads\kodi-18.9-Leia-x64.exe
2021-01-29 16:58 - 2021-01-29 16:58 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Kodi
2021-01-29 16:58 - 2021-01-29 16:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodi
2021-01-29 16:58 - 2021-01-29 16:58 - 000000000 ____D C:\Program Files\Kodi
2021-01-29 16:27 - 2021-01-29 16:27 - 017633114 _____ C:\Users\Richard\Downloads\E.Rocherolle Two¨Companz.pdf
2021-01-29 16:27 - 2021-01-29 16:27 - 004814641 _____ C:\Users\Richard\Downloads\bela bartok for children.pdf
2021-01-29 15:06 - 2021-01-29 15:52 - 000000000 ____D C:\Users\Richard\AppData\Local\VideoComparer
2021-01-29 15:06 - 2021-01-29 15:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Comparer
2021-01-29 15:06 - 2021-01-29 15:06 - 000000000 ____D C:\Program Files\VideoComparer
2021-01-29 15:05 - 2021-01-29 15:05 - 014373040 _____ (Video Comparer) C:\Users\Richard\Downloads\VideoComparer_Win64_1.07.002.exe
2021-01-29 01:02 - 2021-01-29 01:02 - 002100755 _____ C:\Users\Richard\Downloads\beletrie_2020.pdf
2021-01-29 00:59 - 2021-01-29 00:59 - 002534603 _____ C:\Users\Richard\Downloads\[SkT]Ebook_2020_(CZ).torrent
2021-01-29 00:58 - 2021-01-29 00:58 - 000010371 _____ C:\Users\Richard\Downloads\[SkT]dTest_09-12_2020_(CZ).torrent
2021-01-29 00:58 - 2021-01-29 00:58 - 000002591 _____ C:\Users\Richard\Downloads\[SkT]dTest_01_2021_(CZ).torrent
2021-01-28 19:20 - 2021-01-28 19:20 - 000012041 _____ C:\Users\Richard\Downloads\[SkT]Havel_(2020)(CZ)[WebRip][720p]_=_CSFD_62%.torrent
2021-01-28 19:19 - 2021-01-28 19:19 - 000018025 _____ C:\Users\Richard\Downloads\[SkT]Pokoj___The_Room_(2019)(CZ)[1080p]_=_CSFD_66%.torrent
2021-01-28 16:39 - 2021-01-28 16:39 - 000119737 _____ C:\Users\Richard\Downloads\[SkT]Star_Wars_KOMPLET_FILMY_(1977-2020_1080p_CZ)_=_CSFD_88%.torrent
2021-01-28 14:09 - 2021-01-28 14:09 - 000017527 _____ C:\Users\Richard\Downloads\[SkT]Laska_v_male_Italii___Little_Italy_(2018)(SK)[WebRip][1080p]_=_CSFD_56%.torrent
2021-01-28 14:07 - 2021-01-28 14:07 - 000012697 _____ C:\Users\Richard\Downloads\[SkT]Vrazedna_stena___Nordwand_(2008)(CZ)_=_CSFD_82%.torrent
2021-01-27 23:48 - 2021-01-27 23:48 - 000000020 ___SH C:\Users\Katinka\ntuser.ini
2021-01-27 23:48 - 2021-01-27 23:48 - 000000000 ____D C:\Users\Katinka\AppData\Roaming\TeamViewer
2021-01-27 23:48 - 2021-01-27 23:48 - 000000000 ____D C:\Users\Katinka\AppData\Local\TeamViewer
2021-01-27 23:48 - 2021-01-27 23:48 - 000000000 ____D C:\Users\Katinka\AppData\Local\PlaceholderTileLogoFolder
2021-01-27 22:52 - 2021-01-27 22:52 - 000043979 _____ C:\Users\Richard\Downloads\Program - Online koncert - 28012021.pdf
2021-01-27 18:46 - 2021-01-27 18:46 - 000512765 _____ C:\Users\Richard\Downloads\5114617373.pdf
2021-01-27 15:32 - 2021-01-27 15:32 - 000000000 ____D C:\Users\Richard\Downloads\Ziadost dane 2020
2021-01-26 23:25 - 2021-02-05 14:27 - 000003206 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2021-01-26 23:25 - 2021-02-05 14:27 - 000002174 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-01-26 23:25 - 2021-02-05 14:27 - 000000000 ___RD C:\Users\Katinka\OneDrive
2021-01-26 23:25 - 2021-01-26 23:25 - 000000000 ___RD C:\Users\Default\OneDrive
2021-01-26 23:25 - 2021-01-26 23:25 - 000000000 ___RD C:\Users\Default User\OneDrive
2021-01-26 23:24 - 2021-02-06 16:37 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2021-01-26 23:21 - 2021-02-01 22:31 - 000000000 ____D C:\Users\Richard\OneDrive\Dokumenty\TrackmaniaTurbo
2021-01-26 23:21 - 2021-01-26 23:21 - 000000000 ___HD C:\OneDriveTemp
2021-01-26 23:21 - 2021-01-26 23:21 - 000000000 ____D C:\Users\Richard\OneDrive\Dokumenty\WD TV®_files
2021-01-26 23:21 - 2021-01-26 23:21 - 000000000 ____D C:\Users\Richard\OneDrive\Dokumenty\Vlastní šablony Office
2021-01-26 23:21 - 2021-01-26 23:21 - 000000000 ____D C:\Users\Richard\OneDrive\Dokumenty\Updater5
2021-01-26 23:21 - 2021-01-26 23:21 - 000000000 ____D C:\Users\Richard\OneDrive\Dokumenty\PassMark
2021-01-26 23:21 - 2021-01-26 23:21 - 000000000 ____D C:\Users\Richard\OneDrive\Dokumenty\NFS Most Wanted
2021-01-26 23:21 - 2021-01-26 23:21 - 000000000 ____D C:\Users\Richard\OneDrive\Dokumenty\MyScans
2021-01-26 23:21 - 2021-01-26 23:21 - 000000000 ____D C:\Users\Richard\OneDrive\Dokumenty\MuseScore3
2021-01-26 23:21 - 2021-01-26 23:21 - 000000000 ____D C:\Users\Richard\OneDrive\Dokumenty\MAXON
2021-01-26 23:21 - 2021-01-26 23:21 - 000000000 ____D C:\Users\Richard\OneDrive\Dokumenty\3DMark
2021-01-26 23:21 - 2017-08-08 18:09 - 000062266 _____ C:\Users\Richard\OneDrive\Dokumenty\WD TV®.html
2021-01-26 23:21 - 2017-05-11 13:05 - 000000868 _____ C:\Users\Richard\OneDrive\Dokumenty\Internet Explorer.lnk
2021-01-26 23:21 - 2017-03-27 16:41 - 003289702 _____ C:\Users\Richard\OneDrive\Dokumenty\Pirates-of-the-Caribbean-1-book-=) (1).pdf
2021-01-26 23:21 - 2017-03-20 17:37 - 000865801 _____ C:\Users\Richard\OneDrive\Dokumenty\Pirates-of-the-Caribbean---Piano-Arrangement.pdf
2021-01-26 23:21 - 2017-03-13 15:41 - 000139692 _____ C:\Users\Richard\OneDrive\Dokumenty\[Free-scores.com]_telemann-georg-philipp-sonata-1-in-f-major-for-harp-48212.pdf
2021-01-26 23:21 - 2017-03-13 15:39 - 000104108 _____ C:\Users\Richard\OneDrive\Dokumenty\telemann-sonata-no1-in-f-major-vivace.pdf
2021-01-26 23:21 - 2017-01-20 14:17 - 000000290 _____ C:\Users\Richard\OneDrive\Dokumenty\Kafe zahranicne.txt
2021-01-26 23:21 - 2016-09-18 10:39 - 001342213 _____ C:\Users\Richard\OneDrive\Dokumenty\História a vývoj tlačových médií.pptx
2021-01-26 21:03 - 2021-02-16 16:13 - 000000000 ____D C:\Program Files (x86)\Steam
2021-01-26 21:03 - 2021-01-26 21:03 - 000000000 ____D C:\Users\Richard\AppData\Local\Steam
2021-01-26 21:03 - 2021-01-26 21:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2021-01-26 21:02 - 2021-01-26 21:02 - 001573568 _____ C:\Users\Richard\Downloads\SteamSetup.exe
2021-01-26 20:52 - 2021-01-26 20:52 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2021-01-26 20:43 - 2021-01-26 20:43 - 024690748 _____ C:\Users\Richard\OneDrive\Dokumenty\Robmitozas.mxf
2021-01-26 20:43 - 2021-01-26 20:43 - 000014032 _____ C:\Users\Richard\OneDrive\Dokumenty\Robmitozas.mxf.sfk
2021-01-26 20:43 - 2021-01-26 20:43 - 000000076 _____ C:\Users\Richard\OneDrive\Dokumenty\Robmitozas.mxf.sfl
2021-01-26 19:58 - 2021-01-26 20:50 - 000000000 ____D C:\Users\Richard\AppData\Roaming\VEGAS
2021-01-26 19:58 - 2021-01-26 19:58 - 000000000 ____D C:\Users\Richard\AppData\Roaming\VEGAS Pro
2021-01-26 19:58 - 2021-01-26 19:58 - 000000000 ____D C:\Users\Richard\AppData\Roaming\MAGIX
2021-01-26 19:58 - 2021-01-26 19:58 - 000000000 ____D C:\Users\Richard\AppData\Local\VEGAS Pro
2021-01-26 19:58 - 2021-01-26 19:58 - 000000000 ____D C:\Users\Richard\AppData\Local\Sony
2021-01-26 19:58 - 2021-01-26 19:58 - 000000000 ____D C:\Users\Richard\AppData\Local\Plugin.OfxStitch
2021-01-26 19:58 - 2021-01-26 19:58 - 000000000 ____D C:\Users\Richard\AppData\Local\Plugin.ofx360Stabilizer
2021-01-26 19:58 - 2021-01-26 19:58 - 000000000 ____D C:\Users\Richard\AppData\Local\Plugin.MxOfxRotation
2021-01-26 19:58 - 2021-01-26 19:58 - 000000000 ____D C:\Users\Richard\AppData\Local\MAGIX
2021-01-26 19:57 - 2021-01-26 19:57 - 000000000 ____D C:\ProgramData\Magix
2021-01-26 19:56 - 2021-01-26 19:56 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Sony
2021-01-26 19:56 - 2021-01-26 19:56 - 000000000 ____D C:\Users\Richard\AppData\Local\VEGAS
2021-01-26 19:56 - 2021-01-26 19:56 - 000000000 ____D C:\ProgramData\VEGAS Pro
2021-01-26 19:56 - 2021-01-26 19:56 - 000000000 ____D C:\ProgramData\VEGAS
2021-01-26 19:56 - 2021-01-26 19:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS
2021-01-26 19:56 - 2021-01-26 19:56 - 000000000 ____D C:\Program Files\VEGAS
2021-01-26 19:56 - 2021-01-26 19:56 - 000000000 ____D C:\Program Files (x86)\VEGAS
2021-01-26 10:29 - 2021-01-26 11:19 - 215884026 _____ C:\Users\Richard\Downloads\Maria_Blahova_Caravan.mp4
2021-01-26 10:29 - 2021-01-26 10:29 - 052371949 _____ C:\Users\Richard\Downloads\Maria_Blahova_Caravan_bezpodkladu.mp4
2021-01-25 15:37 - 2021-01-25 15:38 - 000000000 ___HD C:\Users\Richard\Downloads\[Originals]
2021-01-25 15:09 - 2021-01-25 15:09 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2021-01-25 15:09 - 2021-01-25 15:09 - 000000000 ____D C:\Program Files (x86)\ASIO4ALL v2
2021-01-25 14:55 - 2021-01-25 14:55 - 000000000 ____D C:\Users\Richard\Downloads\Brouk Bohuslav - Sport - stoupa života _ Český Sigmund Freud (Hmyzí Silvestr 2002)
2021-01-25 14:55 - 2021-01-25 14:55 - 000000000 ____D C:\Users\Richard\Downloads\Bohuslav Brouk - Choditi s koulí na noze je sotva vtipný nápad
2021-01-25 14:15 - 2009-10-11 21:58 - 001177600 _____ (AD) C:\WINDOWS\SysWOW64\SYNSOEMU.DLL
2021-01-25 14:14 - 2021-01-25 14:14 - 000000000 ____D C:\ProgramData\VST3 Presets
2021-01-25 14:13 - 2021-01-25 14:13 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg HALionOne
2021-01-25 14:13 - 2021-01-25 14:13 - 000000000 ____D C:\ProgramData\Steinberg
2021-01-25 14:11 - 2021-01-25 14:16 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Steinberg
2021-01-25 14:11 - 2021-01-25 14:15 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase 5
2021-01-25 14:11 - 2021-01-25 14:11 - 000000000 ____D C:\Program Files (x86)\Steinberg
2021-01-24 21:54 - 2021-01-24 21:54 - 077493402 _____ C:\Users\Richard\Downloads\Brouk Bohuslav - Sport - stoupa života _ Český Sigmund Freud (Hmyzí Silvestr 2002).zip
2021-01-24 21:54 - 2021-01-24 21:54 - 059021281 _____ C:\Users\Richard\Downloads\Bohuslav Brouk - Choditi s koulí na noze je sotva vtipný nápad.rar
2021-01-24 21:54 - 2021-01-24 21:54 - 058119796 _____ C:\Users\Richard\Downloads\Víkendová příloha - Kamen Jiří - Český Sigmund Freud (Bohuslav Brouk).rar
2021-01-24 18:15 - 2021-01-24 18:15 - 000017653 _____ C:\Users\Richard\Downloads\[SkT]Sarlatan_(2020)(CZ)[WebRip][1080p]_=_CSFD_79%.torrent
2021-01-24 18:10 - 2021-01-24 18:10 - 000151195 _____ C:\Users\Richard\Downloads\[SkT]____Koruna___The_Crown_-_2._serie_(CZ)[WebRip][1080p]_=_CSFD_90%.torrent
2021-01-24 18:01 - 2021-01-24 18:01 - 000043676 _____ C:\Users\Richard\Downloads\[SkT]____Koruna___The_Crown_-_1._serie_(CZ)[WebRip][1080p]_=_CSFD_90%.torrent
2021-01-23 18:29 - 2021-02-11 12:05 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-01-23 18:29 - 2021-02-11 12:05 - 000003386 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6f120800843a7
2021-01-23 10:39 - 2021-01-23 10:40 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2021-01-23 10:38 - 2021-01-23 10:39 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-01-23 10:38 - 2021-01-23 10:38 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-01-23 10:37 - 2021-01-23 10:37 - 000000000 ____D C:\ProgramData\ssh
2021-01-23 10:34 - 2021-01-23 10:34 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-01-23 10:34 - 2021-01-23 10:34 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-01-23 10:34 - 2021-01-23 10:34 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-01-23 10:34 - 2021-01-23 10:34 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-23 10:34 - 2021-01-23 10:34 - 000707544 _____ C:\WINDOWS\system32\TextShaping.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-23 10:34 - 2021-01-23 10:34 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-23 10:34 - 2021-01-23 10:34 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-23 10:34 - 2021-01-23 10:34 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000467968 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-23 10:34 - 2021-01-23 10:34 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-23 10:34 - 2021-01-23 10:34 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2021-01-23 10:34 - 2021-01-23 10:34 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-23 10:34 - 2021-01-23 10:34 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2021-01-23 10:34 - 2021-01-23 10:34 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-23 10:34 - 2021-01-23 10:34 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-01-23 10:34 - 2021-01-23 10:34 - 000138056 _____ C:\WINDOWS\system32\HvsiManagementApi.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-23 10:34 - 2021-01-23 10:34 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb
2021-01-23 10:34 - 2021-01-23 10:34 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb
2021-01-23 10:34 - 2021-01-23 10:34 - 000111616 _____ C:\WINDOWS\system32\RDVGHelper.exe
2021-01-23 10:34 - 2021-01-23 10:34 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000101704 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-23 10:34 - 2021-01-23 10:34 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-23 10:34 - 2021-01-23 10:34 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-01-23 10:34 - 2021-01-23 10:34 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv
2021-01-23 10:34 - 2021-01-23 10:34 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2021-01-23 10:34 - 2021-01-23 10:34 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2021-01-23 10:33 - 2021-01-23 10:33 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2021-01-23 10:33 - 2021-01-23 10:33 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-23 10:33 - 2021-01-23 10:33 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-23 10:33 - 2021-01-23 10:33 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-01-23 10:33 - 2021-01-23 10:33 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-01-23 10:33 - 2021-01-23 10:33 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-23 10:33 - 2021-01-23 10:33 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2021-01-23 10:33 - 2021-01-23 10:33 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-23 10:33 - 2021-01-23 10:33 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2021-01-23 10:33 - 2021-01-23 10:33 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-23 10:33 - 2021-01-23 10:33 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2021-01-23 10:33 - 2021-01-23 10:33 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2021-01-23 10:33 - 2021-01-23 10:33 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv
2021-01-23 10:33 - 2021-01-23 10:33 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-01-23 10:30 - 2021-01-23 10:30 - 000000000 ____D C:\WINDOWS\system32\sk
2021-01-23 10:28 - 2021-01-23 10:28 - 000000000 ____D C:\Program Files\Reference Assemblies
2021-01-23 10:28 - 2021-01-23 10:28 - 000000000 ____D C:\Program Files\MSBuild
2021-01-23 10:28 - 2021-01-23 10:28 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2021-01-23 10:28 - 2021-01-23 10:28 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-01-23 01:47 - 2021-01-23 01:47 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-01-23 01:45 - 2021-02-16 16:19 - 000842414 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-23 01:45 - 2021-01-23 01:45 - 000000020 ___SH C:\Users\Richard\ntuser.ini
2021-01-23 01:44 - 2021-02-16 16:13 - 000003130 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2021-01-23 01:44 - 2021-02-16 16:13 - 000003114 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2021-01-23 01:44 - 2021-02-16 16:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-23 01:44 - 2021-02-15 10:16 - 000004226 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1610919243
2021-01-23 01:44 - 2021-02-05 17:44 - 000003418 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-01-23 01:44 - 2021-02-05 17:44 - 000003294 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-01-23 01:44 - 2021-01-23 01:44 - 000015243 _____ C:\WINDOWS\diagwrn.xml
2021-01-23 01:44 - 2021-01-23 01:44 - 000015243 _____ C:\WINDOWS\diagerr.xml
2021-01-23 01:44 - 2021-01-23 01:44 - 000003874 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1610919256
2021-01-23 01:44 - 2021-01-23 01:44 - 000003118 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2021-01-23 01:44 - 2021-01-23 01:44 - 000002672 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2021-01-23 01:44 - 2021-01-23 01:44 - 000002590 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2021-01-23 01:44 - 2021-01-23 01:44 - 000002202 _____ C:\WINDOWS\system32\Tasks\StartCN
2021-01-23 01:44 - 2021-01-23 01:44 - 000002122 _____ C:\WINDOWS\system32\Tasks\StartDVR
2021-01-23 01:44 - 2021-01-23 01:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-01-23 01:41 - 2021-02-13 01:55 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-23 01:41 - 2021-02-10 23:16 - 000000000 ____D C:\Users\Katinka
2021-01-23 01:41 - 2021-02-07 01:00 - 000000000 ____D C:\Users\Richard
2021-01-23 01:41 - 2021-02-03 12:06 - 000000000 ____D C:\Users\kioskUser0
2021-01-23 01:41 - 2016-11-01 23:05 - 000099848 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2021-01-23 01:40 - 2021-02-16 16:52 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-23 01:40 - 2021-02-16 16:13 - 000008192 ___SH C:\DumpStack.log.tmp
2021-01-23 01:40 - 2021-02-11 02:06 - 000530440 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-22 22:03 - 2021-01-22 22:03 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2021-01-22 14:36 - 2021-01-23 01:42 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2021-01-22 14:36 - 2021-01-22 14:36 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Zoom
2021-01-21 19:36 - 2021-02-10 10:30 - 000000000 ___DC C:\WINDOWS\Panther
2021-01-21 19:33 - 2021-01-21 19:33 - 000000000 ___HD C:\$WinREAgent
2021-01-21 17:33 - 2021-01-21 17:33 - 041750105 _____ C:\Users\Richard\Downloads\Birdland Blahova.mp4
2021-01-21 15:08 - 2021-01-23 10:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-01-20 23:08 - 2021-02-16 16:13 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-01-20 23:08 - 2021-01-24 17:28 - 000000000 ____D C:\Users\Richard\AppData\Roaming\TeamViewer
2021-01-20 23:08 - 2021-01-21 19:52 - 000000000 ____D C:\Users\Richard\AppData\Local\TeamViewer
2021-01-20 23:08 - 2021-01-20 23:08 - 000001116 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2021-01-20 22:46 - 2021-01-20 22:46 - 000373009 _____ C:\Users\Richard\Downloads\Svetova kultura (1).pdf
2021-01-20 22:24 - 2021-01-20 22:24 - 000373379 _____ C:\Users\Richard\Downloads\svetova kultura.pdf
2021-01-20 19:52 - 2021-01-20 19:52 - 000337013 _____ C:\Users\Richard\Downloads\3_1_I_polrok (1).pdf
2021-01-20 17:46 - 2021-02-01 22:31 - 000000000 ____D C:\ProgramData\TrackmaniaTurbo
2021-01-20 17:36 - 2021-01-20 17:36 - 000000234 _____ C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trackmania Turbo.url
2021-01-20 17:36 - 2021-01-20 17:36 - 000000234 _____ C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Config.url
2021-01-20 17:34 - 2021-02-01 22:32 - 000000000 ____D C:\Users\Richard\AppData\Local\Ubisoft Game Launcher
2021-01-20 17:34 - 2021-01-23 01:42 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2021-01-20 17:34 - 2021-01-20 17:34 - 000000000 ____D C:\ProgramData\Ubisoft
2021-01-20 17:34 - 2021-01-20 17:34 - 000000000 ____D C:\Program Files (x86)\Ubisoft
2021-01-20 16:53 - 2021-01-20 16:53 - 000055452 _____ C:\Users\Richard\Downloads\birdland.mid
2021-01-20 15:53 - 2021-01-23 10:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daum
2021-01-20 15:53 - 2021-01-20 15:53 - 000000000 ____D C:\Users\Richard\AppData\Roaming\PotPlayerMini64
2021-01-20 15:53 - 2021-01-20 15:53 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Daum
2021-01-20 15:53 - 2021-01-20 15:53 - 000000000 ____D C:\Program Files\DAUM
2021-01-19 20:15 - 2021-01-19 20:15 - 000000000 ____D C:\Users\Katinka\AppData\Roaming\Intel Corporation
2021-01-19 20:14 - 2021-01-19 20:14 - 000000000 ____D C:\Users\Katinka\AppData\Local\MicrosoftEdge
2021-01-19 20:14 - 2021-01-19 20:14 - 000000000 ____D C:\Users\Katinka\AppData\Local\Comms
2021-01-19 20:13 - 2021-02-12 15:54 - 000000000 ____D C:\Users\Katinka\AppData\Local\Packages
2021-01-19 20:13 - 2021-02-12 15:52 - 000000000 __SHD C:\Users\Katinka\IntelGraphicsProfiles
2021-01-19 20:13 - 2021-01-27 23:52 - 000000000 ____D C:\Users\Katinka\AppData\Local\Google
2021-01-19 20:13 - 2021-01-27 23:48 - 000000000 ___RD C:\Users\Katinka\3D Objects
2021-01-19 20:13 - 2021-01-19 20:14 - 000000000 ____D C:\Users\Katinka\AppData\Roaming\Adobe
2021-01-19 20:13 - 2021-01-19 20:13 - 000000000 ____D C:\Users\Katinka\AppData\Local\VirtualStore
2021-01-19 20:13 - 2021-01-19 20:13 - 000000000 ____D C:\Users\Katinka\AppData\Local\Publishers
2021-01-19 20:13 - 2021-01-19 20:13 - 000000000 ____D C:\Users\Katinka\AppData\Local\ConnectedDevicesPlatform
2021-01-19 20:12 - 2021-01-19 20:13 - 000000000 ____D C:\Users\Katinka\AppData\Local\AMD
2021-01-19 18:55 - 2012-09-26 16:48 - 000000584 _____ C:\WINDOWS\hpomdl28.dat.temp
2021-01-19 18:54 - 2021-01-19 18:54 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Macromedia
2021-01-19 18:53 - 2021-01-19 18:54 - 000000000 ____D C:\Users\Richard\AppData\Roaming\HP
2021-01-19 18:53 - 2021-01-19 18:53 - 000000000 ____D C:\ProgramData\WEBREG
2021-01-19 18:52 - 2021-01-26 19:41 - 000000000 ____D C:\Users\Richard\AppData\Roaming\HpUpdate
2021-01-19 18:52 - 2021-01-19 18:52 - 000001398 _____ C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk
2021-01-19 18:52 - 2021-01-19 18:52 - 000001078 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
2021-01-19 18:52 - 2021-01-19 18:52 - 000000000 ____D C:\ProgramData\HP Product Assistant
2021-01-19 18:52 - 2021-01-19 18:52 - 000000000 ____D C:\ProgramData\HP Photo Creations
2021-01-19 18:52 - 2021-01-19 18:52 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2021-01-19 18:52 - 2021-01-19 18:52 - 000000000 ____D C:\Program Files (x86)\HP Photo Creations
2021-01-19 18:51 - 2021-01-23 10:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2021-01-19 18:51 - 2021-01-19 18:52 - 000000000 ____D C:\Program Files (x86)\HP
2021-01-19 18:50 - 2021-01-19 18:55 - 000188219 _____ C:\WINDOWS\hpoins28.dat
2021-01-19 18:50 - 2012-09-26 16:48 - 000000584 _____ C:\WINDOWS\hpomdl28.dat
2021-01-19 18:48 - 2021-01-19 18:53 - 000000000 ____D C:\ProgramData\HP
2021-01-19 18:48 - 2012-09-25 08:52 - 003867040 _____ C:\WINDOWS\system32\PortChanger.exe
2021-01-19 18:48 - 2012-09-25 08:52 - 000151968 ____N (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\Dot4.sys
2021-01-19 18:48 - 2012-09-25 08:52 - 000049056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dot4usb.sys
2021-01-19 18:48 - 2012-09-25 08:52 - 000027040 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\Dot4Prt.sys
2021-01-19 18:48 - 2009-07-14 02:41 - 000046080 _____ (Hewlett-Packard Corporation) C:\WINDOWS\system32\hpz3lw71.dll
2021-01-19 18:48 - 2009-07-08 11:51 - 000938496 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpowiax7.dll
2021-01-19 18:48 - 2009-07-08 11:51 - 000740864 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\hpotscl6.dll
2021-01-19 18:48 - 2009-07-08 11:51 - 000551424 _____ (Hewlett-Packard) C:\WINDOWS\system32\hppldcoi.dll
2021-01-19 18:48 - 2009-07-08 11:51 - 000505344 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\hpovst15.dll
2021-01-19 18:30 - 2021-02-16 16:03 - 000000000 ____D C:\Users\Richard\AppData\Roaming\MuseScore
2021-01-19 18:30 - 2021-01-23 01:42 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MuseScore 3
2021-01-19 18:30 - 2021-01-19 18:30 - 000000000 ____D C:\Users\Richard\AppData\Local\MuseScore
2021-01-19 18:30 - 2021-01-19 18:30 - 000000000 ____D C:\Program Files\MuseScore 3
2021-01-19 17:19 - 2021-01-19 17:19 - 000000000 ___HD C:\Users\kioskUser0\MicrosoftEdgeBackups
2021-01-19 17:05 - 2021-01-19 17:05 - 000000000 ____D C:\Users\kioskUser0\AppData\Local\PlaceholderTileLogoFolder
2021-01-19 15:33 - 2021-01-19 15:33 - 000037361 _____ C:\Users\Richard\Downloads\Orange_doklad_FR_202012_CNnull_SN0902876219.pdf
2021-01-19 15:33 - 2021-01-19 15:33 - 000037056 _____ C:\Users\Richard\Downloads\Orange_doklad_FR_202012_CNnull_SN0949811763.pdf
2021-01-18 23:47 - 2021-01-18 23:47 - 000000000 ____D C:\Users\Richard\AppData\Local\OneDrive
2021-01-18 21:48 - 2021-01-21 15:08 - 000002411 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-01-18 21:48 - 2021-01-21 15:08 - 000002410 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-01-18 21:48 - 2021-01-21 15:08 - 000002373 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-01-18 21:47 - 2021-02-15 10:17 - 000000000 ____D C:\Program Files\Microsoft Office
2021-01-18 21:47 - 2021-01-18 21:47 - 000000000 ____D C:\Program Files\Microsoft Office 15
2021-01-18 21:47 - 2021-01-18 21:47 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2021-01-18 20:32 - 2021-01-20 15:52 - 000000000 ____D C:\Program Files\VideoLAN
2021-01-18 20:06 - 2021-01-18 20:06 - 000000000 ____D C:\Users\defaultuser100000
2021-01-18 15:59 - 2021-01-18 15:59 - 000337013 _____ C:\Users\Richard\Downloads\3_1_I_polrok.pdf
2021-01-18 15:36 - 2021-01-20 15:29 - 000000000 ____D C:\Users\Richard\AppData\Local\Adobe
2021-01-18 15:36 - 2021-01-20 15:29 - 000000000 ____D C:\ProgramData\Adobe
2021-01-18 15:36 - 2021-01-18 15:37 - 000000000 ____D C:\Users\Richard\AppData\LocalLow\Netopsystems
2021-01-18 00:47 - 2021-01-18 00:47 - 000014230 _____ C:\Users\Richard\Downloads\[SkT]Windows_10_Permanent_Activator_ultimate__ALL (1).torrent
2021-01-18 00:40 - 2021-01-18 00:40 - 000014230 _____ C:\Users\Richard\Downloads\[SkT]Windows_10_Permanent_Activator_ultimate__ALL.torrent
2021-01-18 00:37 - 2021-01-18 00:37 - 000000000 ____D C:\Users\kioskUser0\AppData\Local\cache
2021-01-18 00:33 - 2021-02-16 18:00 - 000000000 ____D C:\Users\Richard\AppData\Local\CrashDumps
2021-01-18 00:32 - 2021-01-18 00:32 - 000000000 ____D C:\Users\kioskUser0\AppData\Local\Google
2021-01-18 00:28 - 2021-02-05 14:27 - 000000000 ___RD C:\Users\Richard\OneDrive
2021-01-18 00:24 - 2021-01-18 21:27 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-01-17 23:10 - 2021-01-23 10:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-01-17 23:10 - 2021-01-23 01:42 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-01-17 23:10 - 2021-01-18 00:32 - 000000000 ____D C:\Program Files\WinRAR
2021-01-17 23:10 - 2021-01-17 23:10 - 000000000 ____D C:\Users\Richard\AppData\Roaming\WinRAR
2021-01-17 23:09 - 2021-01-17 23:09 - 000016964 _____ C:\Users\Richard\Downloads\[SkT]____WinRAR_v.5.90_Final_Official_(x86_x64)(CZ_SK).torrent
2021-01-17 23:06 - 2021-01-17 23:06 - 000002327 _____ C:\Users\Richard\Downloads\[SkT]WinRAR_v.6.00_Final_Official_(x86_x64).torrent
2021-01-17 23:06 - 2021-01-17 23:06 - 000002327 _____ C:\Users\Richard\Downloads\[SkT]WinRAR_v.6.00_Final_Official_(x86_x64) (1).torrent
2021-01-17 22:59 - 2021-01-17 22:59 - 000009613 _____ C:\Users\Richard\Downloads\[SkT]AAct_4.0_Release_1.torrent
2021-01-17 22:48 - 2021-01-17 22:48 - 000027319 _____ C:\Users\Richard\Downloads\[SkT]Microsoft_Office_Professional_Plus_2019_MSO_(16.0.11929.20370) (1).torrent
2021-01-17 22:45 - 2021-02-16 18:08 - 000000000 ____D C:\Users\Richard\AppData\Roaming\BitTorrent
2021-01-17 22:45 - 2021-01-18 00:32 - 000000000 ____D C:\ProgramData\Avast Software
2021-01-17 22:35 - 2021-01-17 22:35 - 000027319 _____ C:\Users\Richard\Downloads\[SkT]Microsoft_Office_Professional_Plus_2019_MSO_(16.0.11929.20370).torrent
2021-01-17 22:34 - 2021-02-16 17:32 - 000000000 ____D C:\Users\Richard\AppData\Local\BitTorrentHelper
2021-01-17 22:34 - 2021-02-15 10:16 - 000001415 _____ C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2021-01-17 22:34 - 2021-01-23 10:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2021-01-17 22:34 - 2021-01-17 22:34 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Lavasoft
2021-01-17 22:34 - 2021-01-17 22:34 - 000000000 ____D C:\Users\Richard\AppData\Local\Opera Software
2021-01-17 22:34 - 2021-01-17 22:34 - 000000000 ____D C:\Users\Richard\AppData\Local\Lavasoft
2021-01-17 22:34 - 2021-01-17 22:34 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2021-01-17 22:33 - 2021-01-25 12:40 - 000000000 ____D C:\Users\Richard\AppData\Roaming\BitTorrent Web
2021-01-17 22:33 - 2021-01-18 00:33 - 000001893 _____ C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitTorrent Web.lnk
2021-01-17 22:33 - 2021-01-17 22:33 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Opera Software
2021-01-17 22:33 - 2021-01-17 22:33 - 000000000 ____D C:\ProgramData\Lavasoft
2021-01-17 22:19 - 2021-01-23 10:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACD Systems
2021-01-17 22:19 - 2021-01-17 22:19 - 000000000 ____D C:\Users\Richard\AppData\Roaming\ACD Systems
2021-01-17 22:19 - 2021-01-17 22:19 - 000000000 ____D C:\Users\Richard\AppData\Local\ACD Systems
2021-01-17 22:19 - 2021-01-17 22:19 - 000000000 ____D C:\ProgramData\ACD Systems
2021-01-17 22:19 - 2021-01-17 22:19 - 000000000 ____D C:\Program Files\Common Files\ACD Systems
2021-01-17 22:19 - 2021-01-17 22:19 - 000000000 ____D C:\Program Files\ACD Systems
2021-01-17 21:57 - 2021-01-17 21:57 - 000000000 ____D C:\Users\Richard\AppData\Local\PeerDistRepub
2021-01-17 21:45 - 2021-01-17 21:45 - 000000000 ____D C:\Users\kioskUser0\AppData\Local\Comms
2021-01-17 21:38 - 2021-02-09 22:51 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-17 21:37 - 2021-01-17 21:40 - 000000000 ____D C:\Users\Richard\AppData\Local\Google
2021-01-17 21:37 - 2021-01-17 21:37 - 000000000 ____D C:\Program Files\Google
2021-01-17 21:37 - 2021-01-17 21:37 - 000000000 ____D C:\Program Files (x86)\Google
2021-01-17 21:30 - 2021-02-05 14:27 - 000000000 ___RD C:\Users\kioskUser0\OneDrive
2021-01-17 21:30 - 2021-01-17 21:30 - 000000000 ____D C:\Users\kioskUser0\AppData\Roaming\Intel Corporation
2021-01-17 21:30 - 2021-01-17 21:30 - 000000000 ____D C:\Users\kioskUser0\AppData\Local\MicrosoftEdge
2021-01-17 21:29 - 2021-01-23 01:42 - 000000000 ____D C:\Users\kioskUser0\AppData\Local\Packages
2021-01-17 21:29 - 2021-01-19 16:23 - 000000000 __SHD C:\Users\kioskUser0\IntelGraphicsProfiles
2021-01-17 21:29 - 2021-01-18 19:23 - 000000000 ____D C:\Users\kioskUser0\AppData\Roaming\Adobe
2021-01-17 21:29 - 2021-01-18 00:37 - 000000000 ____D C:\Users\kioskUser0\AppData\Local\AMD
2021-01-17 21:29 - 2021-01-17 21:29 - 000000000 ___RD C:\Users\kioskUser0\3D Objects
2021-01-17 21:29 - 2021-01-17 21:29 - 000000000 ____D C:\Users\kioskUser0\AppData\Local\VirtualStore
2021-01-17 21:29 - 2021-01-17 21:29 - 000000000 ____D C:\Users\kioskUser0\AppData\Local\Publishers
2021-01-17 21:29 - 2021-01-17 21:29 - 000000000 ____D C:\Users\kioskUser0\AppData\Local\ConnectedDevicesPlatform
2021-01-17 21:22 - 2021-01-25 19:21 - 000000000 ____D C:\Users\Richard\AppData\Local\D3DSCache
2021-01-17 19:02 - 2021-01-23 10:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESI
2021-01-17 19:02 - 2021-01-17 19:02 - 000000000 ____D C:\Users\Richard\Downloads\Juli@-x2v-v1_21
2021-01-17 19:02 - 2021-01-17 19:02 - 000000000 ____D C:\Program Files\ESI
2021-01-17 19:02 - 2021-01-17 19:02 - 000000000 ____D C:\Program Files\DIFX
2021-01-17 19:02 - 2015-09-16 10:25 - 000514792 _____ (ESI Audiotechnik GmbH) C:\WINDOWS\system32\JulaPAN.exe
2021-01-17 19:02 - 2015-09-16 10:25 - 000126696 _____ (ESI Audiotechnik GmbH) C:\WINDOWS\system32\JulaASIO.dll
2021-01-17 19:02 - 2015-09-16 10:25 - 000111336 _____ (ESI Audiotechnik GmbH) C:\WINDOWS\SysWOW64\JulaASIO32.dll
2021-01-17 19:02 - 2015-09-16 10:25 - 000062696 _____ (ESI Audiotechnik GmbH) C:\WINDOWS\system32\Drivers\Jula.sys
2021-01-17 19:02 - 2015-09-16 10:25 - 000045288 _____ (ESI Audiotechnik GmbH) C:\WINDOWS\system32\Drivers\JulaWDM.sys
2021-01-17 18:58 - 2021-01-17 18:58 - 000000000 ____D C:\Users\Richard\AppData\Local\ElevatedDiagnostics
2021-01-17 02:04 - 2021-01-17 02:07 - 000000000 ___HD C:\$SysReset

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-16 16:43 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-16 16:19 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-02-16 16:13 - 2021-01-16 17:27 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-02-16 16:13 - 2021-01-16 17:27 - 000000000 __SHD C:\Users\Richard\IntelGraphicsProfiles
2021-02-16 16:12 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2021-02-16 15:40 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-02-14 20:46 - 2021-01-16 09:18 - 000000000 ____D C:\Users\Richard\AppData\Local\Packages
2021-02-13 01:55 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-13 01:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-12 15:52 - 2021-01-16 09:16 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-02-11 02:05 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-11 02:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-11 02:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-11 02:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-11 02:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-11 02:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-11 02:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-11 02:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-11 02:05 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-11 02:05 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-02-11 00:34 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-11 00:29 - 2021-01-16 09:31 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-11 00:27 - 2021-01-16 09:31 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-01 14:08 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-29 18:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-01-29 15:06 - 2021-01-16 09:43 - 000000000 ____D C:\ProgramData\Package Cache
2021-01-23 10:40 - 2021-01-16 17:32 - 000000000 ____D C:\Program Files\UNP
2021-01-23 10:40 - 2021-01-16 10:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PerformanceTest
2021-01-23 10:40 - 2021-01-16 10:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Software
2021-01-23 10:40 - 2021-01-16 10:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2021-01-23 10:40 - 2021-01-16 09:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2021-01-23 10:40 - 2021-01-16 09:54 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2021-01-23 10:40 - 2021-01-16 09:43 - 000000000 ____D C:\Program Files\Intel
2021-01-23 10:40 - 2019-12-07 10:18 - 000000000 ____D C:\WINDOWS\Setup
2021-01-23 10:40 - 2019-12-07 10:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-01-23 10:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-01-23 10:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\spool
2021-01-23 10:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-01-23 10:40 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-01-23 10:40 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2021-01-23 10:40 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2021-01-23 10:39 - 2021-01-16 11:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UL
2021-01-23 10:39 - 2021-01-16 09:47 - 000000000 ____D C:\Program Files\Realtek
2021-01-23 10:39 - 2021-01-16 09:22 - 000000000 ____D C:\Program Files\ASUS
2021-01-23 10:39 - 2021-01-16 09:21 - 000000000 ____D C:\WINDOWS\system32\AMD
2021-01-23 10:37 - 2019-12-07 10:54 - 000000000 ___SD C:\WINDOWS\system32\AppV
2021-01-23 10:37 - 2019-12-07 10:54 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-23 10:37 - 2019-12-07 10:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-01-23 10:37 - 2019-12-07 10:54 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-01-23 10:36 - 2019-12-07 10:54 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-01-23 10:36 - 2019-12-07 10:54 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-01-23 10:30 - 2019-12-07 10:52 - 000000000 ____D C:\WINDOWS\OCR
2021-01-23 10:30 - 2019-12-07 10:50 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2021-01-23 10:30 - 2019-12-07 10:50 - 000000000 ____D C:\WINDOWS\system32\WCN
2021-01-23 03:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\appcompat
2021-01-23 02:01 - 2021-01-16 09:35 - 000000000 ____D C:\ProgramData\Packages
2021-01-23 01:46 - 2021-01-16 09:21 - 000000000 ____D C:\Users\Richard\AppData\Local\PlaceholderTileLogoFolder
2021-01-23 01:45 - 2021-01-16 09:58 - 000840598 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2021-01-23 01:45 - 2021-01-16 09:18 - 000000000 ___RD C:\Users\Richard\3D Objects
2021-01-23 01:45 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate
2021-01-23 01:45 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-01-23 01:44 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-23 01:41 - 2021-01-16 17:27 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2021-01-23 01:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-01-23 00:02 - 2021-01-16 09:21 - 000799104 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-01-19 18:53 - 2019-03-19 05:49 - 000000127 _____ C:\WINDOWS\win.ini
2021-01-18 15:36 - 2021-01-16 09:18 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Adobe
2021-01-17 21:21 - 2021-01-16 10:05 - 000000000 ____D C:\Users\Richard\AppData\LocalLow\Mozilla
2021-01-17 18:47 - 2021-01-16 17:27 - 000000000 ____D C:\Intel

==================== Files in the root of some directories ========

2021-02-15 12:45 - 2021-02-15 12:45 - 000000032 _____ () C:\Users\Richard\AppData\Roaming\++.bat
2021-02-15 12:45 - 2021-02-15 12:45 - 000005120 _____ (Microsoft) C:\Users\Richard\AppData\Roaming\0.exe
2021-02-15 12:45 - 2021-02-15 12:45 - 000188416 _____ (NirSoft) C:\Users\Richard\AppData\Roaming\1.exe
2021-02-15 12:49 - 2021-02-15 12:49 - 000000086 _____ () C:\Users\Richard\AppData\Roaming\remoteclient.ini
2021-02-15 12:45 - 2021-02-15 12:45 - 000505093 _____ () C:\Users\Richard\AppData\Roaming\sex.txt
2021-02-15 12:44 - 2021-02-15 12:44 - 000015872 _____ (Microsoft) C:\Users\Richard\AppData\Roaming\specific.exe
2021-02-15 12:48 - 2021-02-15 12:48 - 000458752 _____ () C:\Users\Richard\AppData\Local\sqlite_pass

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-02-2021
Ran by Richard (16-02-2021 18:08:28)
Running from C:\Users\Richard\OneDrive\Počítač
Windows 10 Pro Version 20H2 19042.804 (X64) (2021-01-23 00:45:03)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3697634085-1141814390-3545286870-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3697634085-1141814390-3545286870-503 - Limited - Disabled)
Guest (S-1-5-21-3697634085-1141814390-3545286870-501 - Limited - Disabled)
Katinka (S-1-5-21-3697634085-1141814390-3545286870-1008 - Limited - Enabled) => C:\Users\Katinka
Richard (S-1-5-21-3697634085-1141814390-3545286870-1001 - Administrator - Enabled) => C:\Users\Richard
WDAGUtilityAccount (S-1-5-21-3697634085-1141814390-3545286870-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DMark (HKLM\...\{C11C8EB4-326A-4224-9424-45DDC2623322}) (Version: 2.16.7117.0 - UL) Hidden
3DMark (HKLM-x32\...\{a0974e13-e65d-475e-99e6-2bbaf41bbdd7}) (Version: 2.16.7117.0 - UL)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
ACDSee Photo Studio Ultimate 2020 (HKLM\...\ACDSee Photo Studio Ultimate 2020) (Version: 13.0.1.2023 - ACD Systems International Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.11.2 - Advanced Micro Devices, Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
BitTorrent (HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\BitTorrent) (Version: 7.10.5.45857 - BitTorrent Inc.)
BitTorrent Web (HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\btweb) (Version: 1.1.3 - BitTorrent, Inc.)
Branding64 (HKLM\...\{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden
BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
Copy (HKLM-x32\...\{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
CrystalDiskInfo 8.10.0 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.10.0 - Crystal Dew World)
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F4200_Software_Min (HKLM-x32\...\{CFA33E6D-2D7D-4785-8025-974398E940D1}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 140.0.185.000 - Hewlett-Packard) Hidden
F4200 (HKLM-x32\...\{C86E1E36-6D30-4834-9C85-5501F31F7BB4}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
F4200_NCL_Help (HKLM-x32\...\{367E84FF-D436-4513-A237-FF638B048761}) (Version: 110.0.206.000 - Hewlett-Packard) Hidden
Futuremark SystemInfo (HKLM-x32\...\{F608ED5F-3818-4F87-A277-E52E8790C039}) (Version: 5.35.871.0 - Futuremark)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.150 - Google LLC)
GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F4200 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{8C925017-72A8-4C4A-AF21-84901E26638F}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
HWiNFO64 Version 6.40 (HKLM\...\HWiNFO64_is1) (Version: 6.40 - Martin Malik - REALiX)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.6.1194 - Intel Corporation)
Intel(R) Network Connections 20.1.2019.0 (HKLM\...\PROSetDX) (Version: 20.1.2019.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{B294CE94-FE0F-4427-910C-180AF9FCFED1}) (Version: 1.0.1.620 - Intel Corporation)
Juli@ PCI Driver version v1.2.1.0 (HKLM\...\{2C649BA4-D482-408F-9148-2EC10E1E3193}_is1) (Version: v1.2.1.0 - ESI-Audiotechnik)
Kodi (HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\Kodi) (Version: - XBMC Foundation)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
MarketResearch (HKLM-x32\...\{D360FA88-17C8-4F14-B67F-13AAF9607B12}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.68 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - )
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Volume - cs-cz) (Version: 16.0.13628.20380 - Microsoft Corporation)
Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 21.002.0104.0005 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Mozilla Firefox 84.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 84.0.2 (x64 en-US)) (Version: 84.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 84.0.2 - Mozilla)
MuseScore 3 (HKLM\...\{778D5D3D-5448-40F4-AACC-47D443C3E8A1}) (Version: 3.4.2.9788 - Werner Schweer and Others)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20380 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Opera Stable 74.0.3911.107 (HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\Opera 74.0.3911.107) (Version: 74.0.3911.107 - Opera Software)
PerformanceTest v10.0 (HKLM\...\PerformanceTest 10_is1) (Version: 10.0.1010.0 - Passmark Software)
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 210201 - Kakao Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7848 - Realtek Semiconductor Corp.)
Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
Scribus 1.4.8 (HKLM-x32\...\Scribus 1.4.8) (Version: 1.4.8 - The Scribus Team)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype verzia 8.68 (HKLM-x32\...\Skype_is1) (Version: 8.68 - Skype Technologies S.A.)
SolutionCenter (HKLM-x32\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden
Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.342.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steinberg Cubase 5 (HKLM-x32\...\{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}) (Version: 5.1.0 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 1.0.0.1 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg HALionOne (HKLM-x32\...\{E70E7159-93B1-470D-9FBD-D8E9EF34B538}) (Version: 1.1.0.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Additional Content Set 01 (HKLM-x32\...\{F3AFD063-8BAD-485E-B641-E7F5A2C5AE71}) (Version: 1.0.0.001 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Expression Set (HKLM-x32\...\{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}) (Version: 1.0.1.0 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Drum Set (HKLM-x32\...\{AC997F93-0757-4ED4-A701-F40C2D654D09}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Set (HKLM-x32\...\{F057965A-D974-4C64-ADB1-4381CD4B8956}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Pro Set (HKLM-x32\...\{D82CDA0D-C182-42C8-8FF2-5649C98D6003}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Drum Set (HKLM-x32\...\{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Set (HKLM-x32\...\{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content (HKLM-x32\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 1.0.0.005 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 1.0.0.006 - Steinberg Media Technologies GmbH)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.14.5 - TeamViewer)
Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.596.000 - Hewlett-Packard) Hidden
Trackmania Turbo (HKLM-x32\...\Uplay Install 2070) (Version: - Ubisoft)
Transmission 3.00 (bb6b5a062e) (x64) (HKLM\...\{B206C51C-27D2-4251-95E2-B4B28DE80633}) (Version: 3.00.0 - Transmission Project)
TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 117.0.10324 - Ubisoft)
VEGAS Pro 18.0 (HKLM\...\{75111FE1-CE55-11EA-8B12-00155D43CFCE}) (Version: 18.0.284 - VEGAS)
Video Comparer Win64 (HKLM-x32\...\{6a43795f-0427-4e7b-a1f0-fb351c9c6491}) (Version: 1.7.2 - Video Comparer)
Video Comparer Win64 1.07.002 (HKLM\...\{2ABEE3D8-00C2-4A44-AA66-C7F192D7E4EC}) (Version: 1.07.002 - Video Comparer) Hidden
Web Companion (HKLM-x32\...\{b4a59e41-cba2-46c7-a99b-8a80a0017024}) (Version: 7.0.2388.4219 - Lavasoft)
WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.297.017 - Hewlett-Packard) Hidden
Webshare klient (HKLM-x32\...\Webshare klient) (Version: - )
Windows Driver Package - ESI (Jula.sys) MEDIA (09/16/2015 1.2.1.0) (HKLM\...\9351121A70A5DD84065790FA90941B0BB03521DA) (Version: 09/16/2015 1.2.1.0 - ESI)
WinRAR 5.90 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\ZoomUMX) (Version: 5.4.9 (59931.0110) - Zoom Video Communications, Inc.)

Packages:
=========
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_1.1911.21713.0_x64__8wekyb3d8bbwe [2021-01-27] (Microsoft Corporation)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2021-01-27] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2021-01-23] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2021-02-01] (Microsoft Studios) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.25.20211.0_x64__8wekyb3d8bbwe [2021-01-23] (Microsoft Corporation) [MS Ad]
Rozšírenie pre video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2021-01-17] (Microsoft Corporation)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c [2021-02-01] (Skype)
Your Phone -> C:\Program Files\WindowsApps\Microsoft.YourPhone_0.19051.7.0_x64__8wekyb3d8bbwe [2021-02-01] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3697634085-1141814390-3545286870-1001_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\20.201.1005.0009_1\MicrosoftListSync.exe" => No File
CustomCLSID: HKU\S-1-5-21-3697634085-1141814390-3545286870-1001_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\20.201.1005.0009_1\MicrosoftListSync.exe" => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-02-16] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-02-16] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-07-19 23:31 - 2020-08-03 08:04 - 000003073 _____ () [File not signed] C:\Program Files\VEGAS\VEGAS Pro 18.0\Protein\Protein_x64.4.1.dll
2021-01-16 09:22 - 2021-02-16 16:13 - 000036648 _____ (ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2009-11-17 22:58 - 2009-11-17 22:58 - 000342656 _____ (Hewlett Packard -> Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqmif08.dll
2009-11-17 22:58 - 2009-11-17 22:58 - 000559232 _____ (Hewlett Packard -> Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusg.dll
2012-05-27 16:44 - 2012-05-27 16:44 - 000015360 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.rsc
2011-04-29 11:34 - 2011-04-29 11:34 - 000927232 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsem08.rsc
2011-04-29 11:34 - 2011-04-29 11:34 - 000012288 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqstp08.rsc
2011-04-29 19:08 - 2011-04-29 19:08 - 000048128 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc
2010-08-06 11:15 - 2010-08-06 11:15 - 000079872 _____ (Hewlett-Packard) [File not signed] C:\WINDOWS\System32\HPZidr12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000054784 _____ (Hewlett-Packard) [File not signed] C:\WINDOWS\SYSTEM32\hpzipr12.dll
2015-06-23 16:00 - 2015-06-23 16:00 - 000285696 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2015-06-23 16:00 - 2015-06-23 16:00 - 000562688 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2020-07-19 23:31 - 2020-07-19 23:31 - 000367104 _____ (MAGIX Software GmbH) [File not signed] C:\Program Files\VEGAS\VEGAS Pro 18.0\Online\MagixOFA-en.dll
2017-05-22 22:27 - 2017-05-22 22:27 - 000145408 _____ (Michael Tippach) [File not signed] C:\Program Files (x86)\ASIO4ALL v2\asio4all64.dll
2020-07-19 23:20 - 2020-07-19 23:20 - 001035264 _____ (Sony B&P Research Labs) [File not signed] C:\Program Files\VEGAS\VEGAS Pro 18.0\FileIO Plug-Ins\mxfhdcamsrplug\mp4decoder_dll.dll
2020-07-19 23:20 - 2020-07-19 23:20 - 001880576 _____ (Sony B&P Research Labs) [File not signed] C:\Program Files\VEGAS\VEGAS Pro 18.0\FileIO Plug-Ins\mxfhdcamsrplug\mp4encoder_dll.dll
2020-07-19 23:20 - 2020-07-19 23:20 - 002084352 _____ (Sony Corporation) [File not signed] C:\Program Files\VEGAS\VEGAS Pro 18.0\FileIO Plug-Ins\mxfhdcamsrplug\SMDK-VC110-x64-4_0_0.dll
2020-07-19 23:20 - 2020-07-19 23:20 - 001455616 _____ (Sony Corporation) [File not signed] C:\Program Files\VEGAS\VEGAS Pro 18.0\FileIO Plug-Ins\mxfplug\SMDK-VC110-x86-4_0_0.dll
2020-07-19 23:20 - 2020-07-19 23:20 - 000221184 _____ (Sony Corporation) [File not signed] C:\Program Files\VEGAS\VEGAS Pro 18.0\FileIO Plug-Ins\mxfplug\sonymvd4.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=BT171002&iDate=2021-01-17 09:34:10&iid=3b49db3c-48f5-4258-af00-dcbcede4dcff&bName=
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-31] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT
HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3697634085-1141814390-3545286870-1008\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.100.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\StartupApproved\Run: => "btweb"
HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\StartupApproved\Run: => "Opera Browser Assistant"
HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\StartupApproved\Run: => "Web Companion"
HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B64A91DA-D9C7-49DB-BE96-9A190FF95EEC}] => (Allow) C:\Users\Richard\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{D72D9B09-5198-4D7E-AE1A-5DEE4EDCFCA2}] => (Allow) C:\Users\Richard\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{9B0924C2-730A-4B7F-BD44-ACEC2E6A67FB}] => (Allow) C:\Users\Richard\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{1B566F4C-3F0F-417B-B643-03B9F23EA465}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{19340763-4C30-4AC0-9806-983EF7A8F227}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{A198A8F0-2924-4D58-BF0B-D9486BE51922}C:\users\richard\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\richard\appdata\roaming\bittorrent\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{F878BB44-DE8C-4254-8000-D1435EC57AF1}C:\users\richard\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\richard\appdata\roaming\bittorrent\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{D911B001-A672-4A1D-A041-377CE9DBF3C9}C:\users\richard\appdata\roaming\bittorrent web\btweb.exe] => (Allow) C:\users\richard\appdata\roaming\bittorrent web\btweb.exe (Jenkins Win Client Build CA -> BitTorrent Inc.) [File not signed]
FirewallRules: [TCP Query User{085597F5-B5C5-4453-8D9F-A3F8AE5434EB}C:\users\richard\appdata\roaming\bittorrent web\btweb.exe] => (Allow) C:\users\richard\appdata\roaming\bittorrent web\btweb.exe (Jenkins Win Client Build CA -> BitTorrent Inc.) [File not signed]
FirewallRules: [TCP Query User{2EDEA5AB-EFD8-4D1A-9D5A-AA5873489F13}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{3CCA6878-55E6-4A5E-A665-17C996641F4A}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{3141937D-2BC9-4784-929C-578D788A610F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{C3FEE606-E841-4E3B-8FE2-280B7E829FF3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{12C6A28E-305A-4451-A200-6067F74AAB75}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{D6D8BCB9-E791-41E6-B5B1-8845B4404933}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{6F1D6EE4-04BE-4B00-AC17-2FBE95D4EB1E}C:\program files\transmission\transmission-qt.exe] => (Allow) C:\program files\transmission\transmission-qt.exe (SignPath Foundation -> Transmission Project)
FirewallRules: [UDP Query User{C27F2C55-47B6-47C4-AFE9-3ADF5323C0AD}C:\program files\transmission\transmission-qt.exe] => (Allow) C:\program files\transmission\transmission-qt.exe (SignPath Foundation -> Transmission Project)
FirewallRules: [{870859CE-4E48-4FE2-88A0-68DE135D7475}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{788A5923-AB56-4E5D-A1DF-2DF0F19B771C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{CEC4BB71-49CA-4B82-8E29-9143A641E7E8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1D4FF73F-DB2B-45E9-B8DA-CBDCAEBD547E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1F2E61F7-F25C-45AA-94C8-AB196B0A5C99}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{21AB2924-6B77-4428-B45A-33ECAC23D207}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{D685C368-FC26-4B74-BCCD-9B99E5C565AB}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{09361179-AD4C-429A-81E6-00E3721F8FB4}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7720DACE-C3CE-4025-A885-8A9E242DAA4F}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{99CE45D0-E597-4BEF-8AB0-1FFCE4F18817}] => (Allow) C:\Users\Richard\AppData\Local\Programs\Opera\74.0.3911.107\opera.exe (Opera Software AS -> Opera Software)

==================== Restore Points =========================

11-02-2021 00:29:20 Windows Modules Installer

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/16/2021 06:00:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: mbamtray.exe, verzia: 4.0.0.897, časová značka: 0x6019d411
Názov chybujúceho modulu: Qt5Core.dll, verzia: 5.14.1.0, časová značka: 0x5f84e8d4
Kód výnimky: 0xc0000005
Odstup chyby: 0x0000000000219dc5
Identifikácia chybujúceho procesu: 0x2998
Čas spustenia chybujúcej aplikácie: 0x01d7047ca8f602b1
Cesta chybujúcej aplikácie: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Cesta chybujúceho modulu: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Identifikácia hlásenia: 50024c4b-6ef9-49da-a28c-37ff741dc759
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (02/16/2021 02:10:34 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-PUNF98O)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (02/15/2021 01:49:17 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-PUNF98O)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (02/14/2021 01:58:58 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť retrim v Giant (D:), pretože: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (02/14/2021 01:58:41 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť retrim v Supernova (E:), pretože: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (02/08/2021 09:08:51 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-PUNF98O)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (02/07/2021 02:31:08 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť retrim v Giant (D:), pretože: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (02/07/2021 02:30:51 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť retrim v Supernova (E:), pretože: The operation requested is not supported by the hardware backing the volume. (0x8900002A)


System errors:
=============
Error: (02/16/2021 10:08:39 AM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Filter Manager failed to attach to volume '\Device\HarddiskVolume7'. This volume will be unavailable for filtering until a reboot. The final status was 0xc03a001c.

Error: (02/16/2021 10:08:39 AM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Filter Manager failed to attach to volume '\Device\HarddiskVolume7'. This volume will be unavailable for filtering until a reboot. The final status was 0xc03a001c.

Error: (02/16/2021 10:08:39 AM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Filter Manager failed to attach to volume '\Device\HarddiskVolume7'. This volume will be unavailable for filtering until a reboot. The final status was 0xc03a001c.

Error: (02/16/2021 10:08:39 AM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Filter Manager failed to attach to volume '\Device\HarddiskVolume7'. This volume will be unavailable for filtering until a reboot. The final status was 0xc03a001c.

Error: (02/16/2021 10:08:39 AM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Filter Manager failed to attach to volume '\Device\HarddiskVolume7'. This volume will be unavailable for filtering until a reboot. The final status was 0xc03a001c.

Error: (02/16/2021 10:08:39 AM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Filter Manager failed to attach to volume '\Device\HarddiskVolume7'. This volume will be unavailable for filtering until a reboot. The final status was 0xc03a001c.

Error: (02/16/2021 10:08:39 AM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Filter Manager failed to attach to volume '\Device\HarddiskVolume7'. This volume will be unavailable for filtering until a reboot. The final status was 0xc03a001c.

Error: (02/16/2021 10:08:39 AM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Filter Manager failed to attach to volume '\Device\HarddiskVolume7'. This volume will be unavailable for filtering until a reboot. The final status was 0xc03a001c.

Windows Defender:
================
Date: 2021-02-16 10:15:32
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: PUA:Win32/ICBundler
ID: 286849
Severity: Low
Category: Potentially Unwanted Software
Path: file:_C:\Users\Richard\Downloads\BitTorrent.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Users\Richard\OneDrive\Poc�tac\FRST64.exe
Security intelligence Version: AV: 1.331.1118.0, AS: 1.331.1118.0, NIS: 1.331.1118.0
Engine Version: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-02-15 12:54:58
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Backdoor:MSIL/Bladabindi
ID: 2147678468
Severity: Severe
Category: Backdoor
Path: file:_C:\Users\Richard\AppData\Local\Temp\Rar$EXb11628.7908\SETUP.exe; process:_pid:12088,ProcessStart:132578628549820755
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: System
Process Name: C:\Users\Richard\AppData\Local\Temp\Rar$EXb11628.7908\SETUP.exe
Security intelligence Version: AV: 1.331.1036.0, AS: 1.331.1036.0, NIS: 1.331.1036.0
Engine Version: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-02-15 12:54:57
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Backdoor:MSIL/Bladabindi
ID: 2147678468
Severity: Severe
Category: Backdoor
Path: file:_C:\Users\Richard\AppData\Local\Temp\Rar$EXb11628.7908\SETUP.exe; process:_pid:12088,ProcessStart:132578628549820755
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Users\Richard\AppData\Local\Temp\Rar$EXb11628.7908\SETUP.exe
Security intelligence Version: AV: 1.331.1036.0, AS: 1.331.1036.0, NIS: 1.331.1036.0
Engine Version: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-02-15 12:54:37
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Backdoor:MSIL/Bladabindi
ID: 2147678468
Severity: Severe
Category: Backdoor
Path: file:_C:\Users\Richard\AppData\Local\Temp\Rar$EXb11628.7908\SETUP.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\System32\taskhostw.exe
Security intelligence Version: AV: 1.331.1036.0, AS: 1.331.1036.0, NIS: 1.331.1036.0
Engine Version: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-02-15 12:49:46
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Trojan:Win32/Dynamer!dtc
ID: 2147638124
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Richard\AppData\Roaming\remoteclient.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Users\Richard\AppData\Local\Temp\Rar$EXb11628.7908\SETUP.exe
Security intelligence Version: AV: 1.331.1036.0, AS: 1.331.1036.0, NIS: 1.331.1036.0
Engine Version: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-02-15 12:49:26
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Backdoor:MSIL/Quasar.GG!MTB
ID: 2147772079
Severity: Severe
Category: Backdoor
Path: file:_C:\Users\Richard\AppData\Local\Temp\tmpB31A.tmp.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Users\Richard\AppData\Local\Temp\Rar$EXb11628.7908\SETUP.exe
Security intelligence Version: AV: 1.331.1036.0, AS: 1.331.1036.0, NIS: 1.331.1036.0
Engine Version: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-02-15 12:48:32
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Program:Win32/Wacapew.C!ml
ID: 265744
Severity: Low
Category: Potentially Unwanted Software
Path: file:_C:\Users\Richard\AppData\Roaming\xxxx.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Users\Richard\AppData\Roaming\xxxx.exe
Security intelligence Version: AV: 1.331.1036.0, AS: 1.331.1036.0, NIS: 1.331.1036.0
Engine Version: AM: 1.1.17800.5, NIS: 1.1.17800.5

CodeIntegrity:
===============
Date: 2021-02-16 16:59:09
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Users\Richard\AppData\Local\Programs\Opera\74.0.3911.107\opera.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 2801 11/11/2015
Motherboard: ASUSTeK COMPUTER INC. Z97-AR
Processor: Intel(R) Core(TM) i5-4690K CPU @ 3.50GHz
Percentage of memory in use: 64%
Total physical RAM: 7867.52 MB
Available physical RAM: 2767.45 MB
Total Virtual: 10299.52 MB
Available Virtual: 4031.76 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:223 GB) (Free:146.89 GB) NTFS
Drive d: (Giant) (Fixed) (Total:3725.9 GB) (Free:815.77 GB) NTFS
Drive e: (Supernova) (Fixed) (Total:5588.9 GB) (Free:2664.04 GB) NTFS

\\?\Volume{0af65774-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.57 GB) (Free:0.12 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 0AF65774)
Partition 1: (Active) - (Size=579 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Protective MBR) (Size: 5589 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (Size: 3726 GB) (Disk ID: 44C00C96)

Partition: GPT.

==================== End of Addition.txt =======================



==================== End of FRST.txt ========================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119418
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Win Zabezpecenie Zavazna hrozba

#8 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {14CA1CEF-3318-47B7-86D2-2ECBC74E5372} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-17] (Google LLC -> Google LLC)
Task: {D793B4FB-3A77-493F-8A0D-EAFD24C68C7E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-17] (Google LLC -> Google LLC)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\DumpStack.log.tmp
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
CustomCLSID: HKU\S-1-5-21-3697634085-1141814390-3545286870-1001_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\20.201.1005.0009_1\MicrosoftListSync.exe" => No File
CustomCLSID: HKU\S-1-5-21-3697634085-1141814390-3545286870-1001_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\20.201.1005.0009_1\MicrosoftListSync.exe" => No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [{B64A91DA-D9C7-49DB-BE96-9A190FF95EEC}] => (Allow) C:\Users\Richard\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{D72D9B09-5198-4D7E-AE1A-5DEE4EDCFCA2}] => (Allow) C:\Users\Richard\AppData\Roaming\Zoom\bin\airhost.exe => No File
C:\Users\Richard\AppData\Local\Temp\Rar$EXb11628.7908\SETUP.exe
C:\Users\Richard\AppData\Roaming\remoteclient.exe
C:\Users\Richard\AppData\Local\Temp\tmpB31A.tmp.exe
C:\Users\Richard\AppData\Roaming\xxxx.exe

EmptyTemp:
End
Uložte do C:\Users\Richard\OneDrive\Počítač jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
valachmar
Návštěvník
Návštěvník
Příspěvky: 56
Registrován: 17 dub 2009 22:33

Re: Win Zabezpecenie Zavazna hrozba

#9 Příspěvek od valachmar »

Fix result of Farbar Recovery Scan Tool (x64) Version: 14-02-2021
Ran by Richard (16-02-2021 19:20:11) Run:1
Running from C:\Users\Richard\OneDrive\Počítač
Loaded Profiles: Richard & Katinka
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {14CA1CEF-3318-47B7-86D2-2ECBC74E5372} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-17] (Google LLC -> Google LLC)
Task: {D793B4FB-3A77-493F-8A0D-EAFD24C68C7E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-17] (Google LLC -> Google LLC)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\DumpStack.log.tmp
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
CustomCLSID: HKU\S-1-5-21-3697634085-1141814390-3545286870-1001_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\20.201.1005.0009_1\MicrosoftListSync.exe" => No File
CustomCLSID: HKU\S-1-5-21-3697634085-1141814390-3545286870-1001_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\20.201.1005.0009_1\MicrosoftListSync.exe" => No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [{B64A91DA-D9C7-49DB-BE96-9A190FF95EEC}] => (Allow) C:\Users\Richard\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{D72D9B09-5198-4D7E-AE1A-5DEE4EDCFCA2}] => (Allow) C:\Users\Richard\AppData\Roaming\Zoom\bin\airhost.exe => No File
C:\Users\Richard\AppData\Local\Temp\Rar$EXb11628.7908\SETUP.exe
C:\Users\Richard\AppData\Roaming\remoteclient.exe
C:\Users\Richard\AppData\Local\Temp\tmpB31A.tmp.exe
C:\Users\Richard\AppData\Roaming\xxxx.exe

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{14CA1CEF-3318-47B7-86D2-2ECBC74E5372}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14CA1CEF-3318-47B7-86D2-2ECBC74E5372}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D793B4FB-3A77-493F-8A0D-EAFD24C68C7E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D793B4FB-3A77-493F-8A0D-EAFD24C68C7E}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKU\S-1-5-21-3697634085-1141814390-3545286870-1001_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1} => removed successfully
HKU\S-1-5-21-3697634085-1141814390-3545286870-1001_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2} => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B64A91DA-D9C7-49DB-BE96-9A190FF95EEC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D72D9B09-5198-4D7E-AE1A-5DEE4EDCFCA2}" => removed successfully
"C:\Users\Richard\AppData\Local\Temp\Rar$EXb11628.7908\SETUP.exe" => not found
"C:\Users\Richard\AppData\Roaming\remoteclient.exe" => not found
"C:\Users\Richard\AppData\Local\Temp\tmpB31A.tmp.exe" => not found
"C:\Users\Richard\AppData\Roaming\xxxx.exe" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 7626752 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 100822007 B
Java, Flash, Steam htmlcache => 57620500 B
Windows/system/drivers => 74032482 B
Edge => 1544935 B
Chrome => 883838192 B
Firefox => 737444116 B
Opera => 119209009 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 312545 B
LocalService => 336741 B
NetworkService => 423723 B
Richard => 88743785 B
kioskUser0 => 88764432 B
Katinka => 144098446 B

RecycleBin => 123263 B
EmptyTemp: => 2.1 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 16-02-2021 19:21:43)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 19:21:43 ====
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119418
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Win Zabezpecenie Zavazna hrozba

#10 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
valachmar
Návštěvník
Návštěvník
Příspěvky: 56
Registrován: 17 dub 2009 22:33

Re: Win Zabezpecenie Zavazna hrozba

#11 Příspěvek od valachmar »

Dnes rano sa spustili Malware bytes a zasa nasli 13 hrozeb, tak som ich dal do karanteny.
A Office mi hlasi ze nie je aktivovany a pritom je.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119418
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Win Zabezpecenie Zavazna hrozba

#12 Příspěvek od Rudy »

Udělejte sken AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 . Utilitu stáhněte, spusťte, nechte pracovat a po skončení akce smažte vše, co najde. Nakonec restartujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
valachmar
Návštěvník
Návštěvník
Příspěvky: 56
Registrován: 17 dub 2009 22:33

Re: Win Zabezpecenie Zavazna hrozba

#13 Příspěvek od valachmar »

S AVPTool skontrolovane, 3 hrozby odstranene a po restarte vyzera byt vsetko OK
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119418
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Win Zabezpecenie Zavazna hrozba

#14 Příspěvek od Rudy »

OK, zřejmě tam bylo něco skryto, co jsem neviděl v logu FRST. Jsem rád, že je vše v pořádku.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
valachmar
Návštěvník
Návštěvník
Příspěvky: 56
Registrován: 17 dub 2009 22:33

Re: Win Zabezpecenie Zavazna hrozba

#15 Příspěvek od valachmar »

Este raz velka vdaka
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“