Kontrola logu

[Luky73]

Zdravím,prosím o kontrolu logu-napadení emailu
díky


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-03-2023
Ran by Václav Lukeš (administrator) on DESKTOP-QKQEO61 (Acer Aspire V7-582PG) (02-04-2023 10:03:44)
Running from C:\Users\Václav Lukeš\Desktop\Databáze viry
Loaded Profiles: Václav Lukeš
Platform: Microsoft Windows 10 Home Version 21H2 19044.2728 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(explorer.exe ->) (AutoComSoft s.r.o. -> AutoComSoft s.r.o.) C:\Auto-diagnostika\ADnews.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\72.0.3.0\crashpad_handler.exe <2>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\72.0.3.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Intel Corporation - pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(services.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(svchost.exe ->) (Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files\KeePass Password Safe 2\KeePass.exe [3246992 2023-02-08] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\72.0.3.0\GoogleDriveFS.exe [52902680 2023-04-01] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\72.0.3.0\GoogleDriveFS.exe [52902680 2023-04-01] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3101109723-1772701139-4008349178-1001\...\Run: [Opera Browser Assistant] => C:\Users\Václav Lukeš\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4140448 2023-03-08] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-3101109723-1772701139-4008349178-1001\...\Run: [MicrosoftEdgeAutoLaunch_44B9CBA50DA6E7EB25D8118BF912B8A6] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4056016 2023-03-30] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3101109723-1772701139-4008349178-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\72.0.3.0\GoogleDriveFS.exe [52902680 2023-04-01] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\72.0.3.0\GoogleDriveFS.exe [52902680 2023-04-01] (Google LLC -> Google, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\111.0.5563.147\Installer\chrmstp.exe [2023-03-29] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ADnews.lnk [2023-03-29]
ShortcutTarget: ADnews.lnk -> C:\Auto-diagnostika\ADnews.exe (AutoComSoft s.r.o. -> AutoComSoft s.r.o.)
Startup: C:\Users\Václav Lukeš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RT-Updater-SVO.lnk [2023-03-29]
ShortcutTarget: RT-Updater-SVO.lnk -> C:\Auto-diagnostika\VCDS.exe (Ross-Tech, LLC -> Ross-Tech, LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0CB60C92-F655-49A2-BE10-D9A2A12D2E87} - System32\Tasks\Opera scheduled Autoupdate 1680114599 => C:\Users\Václav Lukeš\AppData\Local\Programs\Opera\launcher.exe [2700696 2023-03-15] (Opera Norway AS -> Opera Software)
Task: {39950C48-A979-4236-9ABB-96F51D6CAC8D} - System32\Tasks\GoogleUpdateTaskMachineUA{E056F5ED-93C4-4676-85F5-1DB24F9BCBEC} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-03-29] (Google LLC -> Google LLC)
Task: {47B50BA3-743A-4190-99BD-FFA2855E8032} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2302.7-0\MpCmdRun.exe [1645904 2023-03-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {52459B73-DAE7-4AB1-B29E-3D607658C5EB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2302.7-0\MpCmdRun.exe [1645904 2023-03-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {614828E6-278C-46F7-869A-F542E9B705B8} - System32\Tasks\Opera scheduled assistant Autoupdate 1680114604 => C:\Users\Václav Lukeš\AppData\Local\Programs\Opera\launcher.exe [2700696 2023-03-15] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Václav Lukeš\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {7625F7A1-46B2-4EE6-8A6B-C2D30C4FD5A4} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [718752 2023-03-21] (Mozilla Corporation -> Mozilla Foundation)
Task: {A78BE7BA-53B9-4711-BFE3-BB068EF87FE6} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676768 2023-03-21] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {B329218A-FE44-44C4-A55D-C252406EDE6B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2302.7-0\MpCmdRun.exe [1645904 2023-03-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F0588957-D9DF-4715-839E-E6DC9DF235E5} - System32\Tasks\GoogleUpdateTaskMachineCore{6AECB1DC-FA7C-4928-969E-C69DEDB0FE0B} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-03-29] (Google LLC -> Google LLC)
Task: {F3B8B2E6-A756-4F82-90A7-FDE188AEDC82} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2302.7-0\MpCmdRun.exe [1645904 2023-03-30] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.1.10 10.0.1.138
Tcpip\..\Interfaces\{b3f5f653-686b-4e6e-8b9b-3f542b9d0d46}: [DhcpNameServer] 10.0.1.138
Tcpip\..\Interfaces\{f768102c-4e9a-4c19-a0dd-79b6adff0f97}: [DhcpNameServer] 10.0.1.10 10.0.1.138

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Václav Lukeš\AppData\Local\Microsoft\Edge\User Data\Default [2023-04-02]

FireFox:
========
FF DefaultProfile: xktwluda.default
FF ProfilePath: C:\Users\Václav Lukeš\AppData\Roaming\Mozilla\Firefox\Profiles\xktwluda.default [2023-03-31]
FF ProfilePath: C:\Users\Václav Lukeš\AppData\Roaming\Mozilla\Firefox\Profiles\vwk2icpn.default-release [2023-03-31]

Chrome:
=======
CHR Profile: C:\Users\Václav Lukeš\AppData\Local\Google\Chrome\User Data\Default [2023-04-02]
CHR Notifications: Default -> hxxps://club.autodoc.cz; hxxps://www.facebook.com
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3321459&octid ... XXW0VK1C38"
CHR Extension: (trigger-translation) - C:\Users\Václav Lukeš\AppData\Local\Google\Chrome\User Data\Default\Extensions\cofdbpoegempjloogbagkncekinflcnj [2023-03-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\Václav Lukeš\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-03-29]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Václav Lukeš\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-03-29]
CHR Extension: (Google Keep – poznámky a seznamy) - C:\Users\Václav Lukeš\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2023-03-29]
CHR Extension: (Notifier for WhatsApp Web) - C:\Users\Václav Lukeš\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaoholkoedbpjiangnchpfchhmageifp [2023-03-29]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\Václav Lukeš\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-04-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Václav Lukeš\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-29]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Václav Lukeš\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2023-03-30]
CHR Extension: (OneClick Cleaner for Chrome) - C:\Users\Václav Lukeš\AppData\Local\Google\Chrome\User Data\Default\Extensions\oncckmaelaecccmaniihojgeopkcajfh [2023-03-29]
CHR HKU\S-1-5-21-3101109723-1772701139-4008349178-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

Opera:
=======
OPR Profile: C:\Users\Václav Lukeš\AppData\Roaming\Opera Software\Opera Stable [2023-04-02]
OPR DefaultSearchURL: Opera Stable -> hxxps://www.google.com/search?client=opera&q={s ... utEncoding}
OPR DefaultSearchKeyword: Opera Stable -> g
OPR Extension: (Rich Hints Agent) - C:\Users\Václav Lukeš\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-03-29]
OPR Extension: (Opera Wallet) - C:\Users\Václav Lukeš\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-03-29]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Václav Lukeš\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2023-03-29]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2302.7-0\NisSrv.exe [3224328 2023-03-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2302.7-0\MsMpEng.exe [133544 2023-03-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 googledrivefs31092; C:\Windows\System32\DRIVERS\googledrivefs31092.sys [384600 2023-04-01] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49608 2023-03-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [495896 2023-03-30] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99624 2023-03-30] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl537e88af; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{76305902-75CA-4B8B-9C27-1F42D5696016}\MpKslDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-04-01 20:28 - 2023-04-01 20:29 - 000000000 ____D C:\Users\Václav Lukeš\Desktop\Google disk
2023-04-01 20:28 - 2023-04-01 20:28 - 000000000 ____D C:\Users\Václav Lukeš\Desktop\Databáze viry
2023-04-01 17:41 - 2023-04-01 17:41 - 000002057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2023-04-01 17:41 - 2023-04-01 17:41 - 000000000 ____D C:\Users\Václav Lukeš\AppData\Local\CEF
2023-04-01 17:33 - 2023-04-01 17:34 - 307498264 _____ (Google, Inc.) C:\Users\Václav Lukeš\Downloads\GoogleDriveSetup.exe
2023-04-01 11:13 - 2023-04-02 10:04 - 000000000 ____D C:\FRST
2023-03-31 22:37 - 2023-04-01 19:37 - 000000000 ____D C:\Users\Václav Lukeš\AppData\LocalLow\Mozilla
2023-03-31 22:37 - 2023-03-31 22:38 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-03-31 22:37 - 2023-03-31 22:37 - 000002048 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox — anonymní prohlížení.lnk
2023-03-31 22:37 - 2023-03-31 22:37 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-03-31 22:37 - 2023-03-31 22:37 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2023-03-31 22:37 - 2023-03-31 22:37 - 000000000 ____D C:\Users\Václav Lukeš\AppData\Roaming\Mozilla
2023-03-31 22:37 - 2023-03-31 22:37 - 000000000 ____D C:\Users\Václav Lukeš\AppData\Local\Mozilla
2023-03-31 22:37 - 2023-03-31 22:37 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-03-31 22:37 - 2023-03-31 22:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-03-31 18:07 - 2023-03-31 18:07 - 000000000 ____D C:\Windows\SystemTemp
2023-03-31 17:37 - 2023-03-31 17:37 - 000000000 ___HD C:\$WinREAgent
2023-03-31 17:30 - 2023-03-31 17:30 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-03-31 17:25 - 2023-03-31 17:29 - 000000000 ____D C:\Windows\system32\MRT
2023-03-31 17:24 - 2023-03-31 17:24 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2023-03-31 17:24 - 2023-03-31 17:24 - 000000000 ____D C:\Program Files\PCHealthCheck
2023-03-31 16:56 - 2023-03-31 16:56 - 000000000 ____D C:\Users\Václav Lukeš\AppData\Roaming\WinRAR
2023-03-31 16:56 - 2023-03-31 16:56 - 000000000 ____D C:\Users\Václav Lukeš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-03-31 16:56 - 2023-03-31 16:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-03-31 16:56 - 2023-03-31 16:56 - 000000000 ____D C:\Program Files\WinRAR
2023-03-30 21:52 - 2023-03-30 21:52 - 000000000 ____D C:\Users\Václav Lukeš\AppData\Local\OneDrive
2023-03-30 19:57 - 2023-04-02 10:03 - 000000000 ____D C:\Users\Václav Lukeš\AppData\Roaming\KeePass
2023-03-30 19:50 - 2023-03-30 19:50 - 000000963 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk
2023-03-30 19:50 - 2023-03-30 19:50 - 000000000 ____D C:\Program Files\KeePass Password Safe 2
2023-03-30 19:36 - 2023-03-30 19:37 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3101109723-1772701139-4008349178-1001
2023-03-29 21:30 - 2023-03-29 21:30 - 000000739 _____ C:\Users\Václav Lukeš\Desktop\Auto-diagnostika .lnk
2023-03-29 21:30 - 2023-03-29 21:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auto-diagnostika
2023-03-29 21:30 - 2023-03-29 21:30 - 000000000 ____D C:\Program Files\DIFX
2023-03-29 21:27 - 2023-03-30 16:37 - 000000000 ____D C:\Auto-diagnostika
2023-03-29 21:18 - 2023-03-29 21:18 - 000000000 ____D C:\Users\Václav Lukeš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome
2023-03-29 21:12 - 2023-04-01 17:41 - 000000000 ____D C:\Program Files\Google
2023-03-29 21:12 - 2023-03-29 21:12 - 000002323 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-03-29 21:11 - 2023-04-02 10:00 - 000000000 ____D C:\Program Files (x86)\Google
2023-03-29 21:11 - 2023-04-01 17:41 - 000000000 ____D C:\Users\Václav Lukeš\AppData\Local\Google
2023-03-29 21:11 - 2023-03-29 21:11 - 001427176 _____ (Google LLC) C:\Users\Václav Lukeš\Downloads\ChromeSetup.exe
2023-03-29 21:11 - 2023-03-29 21:11 - 000003550 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{E056F5ED-93C4-4676-85F5-1DB24F9BCBEC}
2023-03-29 21:11 - 2023-03-29 21:11 - 000003426 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{6AECB1DC-FA7C-4928-969E-C69DEDB0FE0B}
2023-03-29 20:30 - 2023-03-30 16:32 - 000004530 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1680114604
2023-03-29 20:30 - 2023-03-29 20:31 - 000004262 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1680114599
2023-03-29 20:30 - 2023-03-29 20:31 - 000001502 _____ C:\Users\Václav Lukeš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2023-03-29 20:30 - 2023-03-29 20:30 - 000000000 ____D C:\Users\Václav Lukeš\AppData\Local\Opera Software
2023-03-29 20:28 - 2023-03-29 20:30 - 000000000 ___HD C:\Users\Václav Lukeš\Downloads\.opera
2023-03-29 20:28 - 2023-03-29 20:28 - 000000000 ____D C:\Users\Václav Lukeš\AppData\Roaming\Opera Software
2023-03-29 20:27 - 2023-03-29 20:28 - 088732944 _____ (Opera Software) C:\Users\Václav Lukeš\Downloads\Opera_90.0.4480.48_Setup_x64.exe
2023-03-29 19:58 - 2023-03-29 19:58 - 000000000 ____D C:\Users\Václav Lukeš\AppData\Roaming\Synaptics
2023-03-29 19:58 - 2023-03-29 19:58 - 000000000 ____D C:\ProgramData\Synaptics
2023-03-29 18:36 - 2023-03-29 18:36 - 000000000 ____D C:\Users\Václav Lukeš\AppData\Local\Comms
2023-03-29 17:56 - 2023-03-29 17:56 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2023-03-29 17:56 - 2016-09-09 20:25 - 000269600 _____ C:\Windows\SysWOW64\vulkan-1.dll
2023-03-29 17:56 - 2016-09-09 20:25 - 000261920 _____ C:\Windows\system32\vulkan-1.dll
2023-03-29 17:56 - 2016-09-09 20:25 - 000110880 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2023-03-29 17:56 - 2016-09-09 20:24 - 000125216 _____ C:\Windows\system32\vulkaninfo.exe
2023-03-29 17:55 - 2023-04-02 09:58 - 000000000 ____D C:\ProgramData\NVIDIA
2023-03-29 17:55 - 2016-12-29 15:16 - 006384576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2023-03-29 17:55 - 2016-12-29 15:16 - 002475968 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2023-03-29 17:55 - 2016-12-29 15:16 - 001762752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2023-03-29 17:55 - 2016-12-29 15:16 - 000546752 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2023-03-29 17:55 - 2016-12-29 15:16 - 000392128 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2023-03-29 17:55 - 2016-12-29 15:16 - 000083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2023-03-29 17:55 - 2016-12-29 15:16 - 000069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2023-03-29 17:55 - 2016-12-29 15:10 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2023-03-29 17:55 - 2016-12-22 01:59 - 007651057 _____ C:\Windows\system32\nvcoproc.bin
2023-03-29 17:54 - 2023-03-29 17:55 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2023-03-29 17:54 - 2023-03-29 17:55 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2023-03-29 17:54 - 2023-03-29 17:54 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2023-03-29 17:53 - 2017-01-17 05:56 - 034717624 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2023-03-29 17:53 - 2017-01-17 05:56 - 028209080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2023-03-29 17:53 - 2017-01-17 05:56 - 000951224 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2023-03-29 17:53 - 2017-01-17 05:56 - 000904760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2023-03-29 17:53 - 2017-01-17 05:56 - 000048696 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2023-03-29 17:53 - 2017-01-17 05:55 - 002961336 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2023-03-29 17:53 - 2017-01-17 05:55 - 002594744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2023-03-29 17:53 - 2017-01-17 05:55 - 001964600 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437654.dll
2023-03-29 17:53 - 2017-01-17 05:55 - 001598392 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437654.dll
2023-03-29 17:53 - 2017-01-17 05:55 - 001047096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2023-03-29 17:53 - 2017-01-17 05:55 - 000985144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2023-03-29 17:53 - 2017-01-17 05:54 - 040134200 _____ C:\Windows\system32\nvcompiler.dll
2023-03-29 17:53 - 2017-01-17 05:54 - 035233336 _____ C:\Windows\SysWOW64\nvcompiler.dll
2023-03-29 17:53 - 2017-01-17 05:53 - 011017016 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2023-03-29 17:53 - 2017-01-17 05:52 - 010907368 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2023-03-29 17:53 - 2017-01-17 05:52 - 010453152 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2023-03-29 17:53 - 2017-01-17 05:52 - 009246832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2023-03-29 17:53 - 2017-01-17 05:52 - 009000336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2023-03-29 17:53 - 2017-01-17 05:52 - 008847016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2023-03-29 17:53 - 2017-01-17 05:52 - 003972960 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2023-03-29 17:53 - 2017-01-17 05:52 - 003509152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2023-03-29 17:53 - 2017-01-17 05:52 - 000698544 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2023-03-29 17:53 - 2017-01-17 05:52 - 000586784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2023-03-29 17:53 - 2017-01-17 00:59 - 000042296 _____ C:\Windows\system32\nvinfo.pb
2023-03-29 17:53 - 2017-01-17 00:59 - 000000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2023-03-29 17:53 - 2017-01-17 00:59 - 000000669 _____ C:\Windows\system32\nv-vk64.json
2023-03-29 17:52 - 2023-04-02 09:59 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2023-03-29 17:52 - 2023-04-02 09:59 - 000000000 __SHD C:\Users\Václav Lukeš\IntelGraphicsProfiles
2023-03-29 17:52 - 2023-03-29 17:52 - 000000200 _____ C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2023-03-29 17:52 - 2023-03-29 17:52 - 000000000 ____D C:\Program Files\Intel
2023-03-29 17:52 - 2023-03-29 17:52 - 000000000 ____D C:\Program Files (x86)\Intel
2023-03-29 17:52 - 2023-03-29 17:52 - 000000000 ____D C:\Intel
2023-03-29 17:49 - 2023-03-29 17:49 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2023-03-29 17:49 - 2023-03-29 17:49 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2023-03-29 17:49 - 2023-03-29 17:49 - 000000000 ____D C:\Program Files\Synaptics
2023-03-29 17:49 - 2017-07-11 18:41 - 000077912 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2023-03-29 17:48 - 2023-03-29 19:58 - 000000000 ____D C:\Users\Václav Lukeš\AppData\Local\PlaceholderTileLogoFolder
2023-03-29 17:26 - 2023-03-31 17:16 - 000000000 ____D C:\Windows\Panther
2023-03-29 17:17 - 2023-03-30 19:37 - 000003394 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3101109723-1772701139-4008349178-1001
2023-03-29 17:17 - 2023-03-29 17:17 - 000000000 ___RD C:\Users\Václav Lukeš\OneDrive
2023-03-29 16:35 - 2023-03-29 16:35 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2023-03-29 16:34 - 2023-04-02 10:02 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2023-03-29 16:34 - 2023-03-30 17:20 - 000000000 ____D C:\ProgramData\Packages
2023-03-29 16:34 - 2023-03-29 16:34 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-03-29 16:34 - 2023-03-29 16:34 - 000000000 ___RD C:\Users\Václav Lukeš\3D Objects
2023-03-29 16:34 - 2023-03-29 16:34 - 000000000 ____D C:\Users\Václav Lukeš\AppData\Roaming\Adobe
2023-03-29 16:34 - 2023-03-29 16:34 - 000000000 ____D C:\Users\Václav Lukeš\AppData\Local\Publishers
2023-03-29 16:33 - 2023-04-01 08:04 - 000000000 ____D C:\Users\Václav Lukeš
2023-03-29 16:33 - 2023-03-30 19:37 - 000002402 _____ C:\Users\Václav Lukeš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-03-29 16:33 - 2023-03-29 18:36 - 000000000 ____D C:\Users\Václav Lukeš\AppData\Local\Packages
2023-03-29 16:33 - 2023-03-29 16:34 - 000000000 ____D C:\Users\Václav Lukeš\AppData\Local\ConnectedDevicesPlatform
2023-03-29 16:33 - 2023-03-29 16:33 - 000000020 ___SH C:\Users\Václav Lukeš\ntuser.ini
2023-03-29 16:33 - 2023-03-29 16:33 - 000000000 _SHDL C:\Users\Václav Lukeš\Šablony
2023-03-29 16:33 - 2023-03-29 16:33 - 000000000 _SHDL C:\Users\Václav Lukeš\Soubory cookie
2023-03-29 16:33 - 2023-03-29 16:33 - 000000000 _SHDL C:\Users\Václav Lukeš\Poslední
2023-03-29 16:33 - 2023-03-29 16:33 - 000000000 _SHDL C:\Users\Václav Lukeš\Okolní tiskárny
2023-03-29 16:33 - 2023-03-29 16:33 - 000000000 _SHDL C:\Users\Václav Lukeš\Okolní síť
2023-03-29 16:33 - 2023-03-29 16:33 - 000000000 _SHDL C:\Users\Václav Lukeš\Nabídka Start
2023-03-29 16:33 - 2023-03-29 16:33 - 000000000 _SHDL C:\Users\Václav Lukeš\Dokumenty
2023-03-29 16:33 - 2023-03-29 16:33 - 000000000 _SHDL C:\Users\Václav Lukeš\Documents\Obrázky
2023-03-29 16:33 - 2023-03-29 16:33 - 000000000 _SHDL C:\Users\Václav Lukeš\Documents\Hudba
2023-03-29 16:33 - 2023-03-29 16:33 - 000000000 _SHDL C:\Users\Václav Lukeš\Documents\Filmy
2023-03-29 16:33 - 2023-03-29 16:33 - 000000000 _SHDL C:\Users\Václav Lukeš\Data aplikací
2023-03-29 16:33 - 2023-03-29 16:33 - 000000000 _SHDL C:\Users\Václav Lukeš\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2023-03-29 16:33 - 2023-03-29 16:33 - 000000000 _SHDL C:\Users\Václav Lukeš\AppData\Local\Data aplikací
2023-03-29 16:33 - 2023-03-29 16:33 - 000000000 ____D C:\Users\Václav Lukeš\AppData\Local\VirtualStore
2023-03-29 16:29 - 2023-03-29 16:29 - 000000000 _SHDL C:\Users\Public\Documents\Obrázky
2023-03-29 16:29 - 2023-03-29 16:29 - 000000000 _SHDL C:\Users\Public\Documents\Hudba
2023-03-29 16:29 - 2023-03-29 16:29 - 000000000 _SHDL C:\Users\Public\Documents\Filmy
2023-03-29 16:29 - 2023-03-29 16:29 - 000000000 _SHDL C:\Users\Default\Šablony
2023-03-29 16:29 - 2023-03-29 16:29 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2023-03-29 16:29 - 2023-03-29 16:29 - 000000000 _SHDL C:\Users\Default\Poslední
2023-03-29 16:29 - 2023-03-29 16:29 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2023-03-29 16:29 - 2023-03-29 16:29 - 000000000 _SHDL C:\Users\Default\Okolní síť
2023-03-29 16:29 - 2023-03-29 16:29 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2023-03-29 16:29 - 2023-03-29 16:29 - 000000000 _SHDL C:\Users\Default\Dokumenty
2023-03-29 16:29 - 2023-03-29 16:29 - 000000000 _SHDL C:\Users\Default\Documents\Obrázky
2023-03-29 16:29 - 2023-03-29 16:29 - 000000000 _SHDL C:\Users\Default\Documents\Hudba
2023-03-29 16:29 - 2023-03-29 16:29 - 000000000 _SHDL C:\Users\Default\Documents\Filmy
2023-03-29 16:29 - 2023-03-29 16:29 - 000000000 _SHDL C:\Users\Default\Data aplikací
2023-03-29 16:29 - 2023-03-29 16:29 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2023-03-29 16:29 - 2023-03-29 16:29 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2023-03-29 16:29 - 2023-03-29 16:29 - 000000000 _SHDL C:\ProgramData\Šablony
2023-03-29 16:29 - 2023-03-29 16:29 - 000000000 _SHDL C:\ProgramData\Plocha
2023-03-29 16:29 - 2023-03-29 16:29 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2023-03-29 16:29 - 2023-03-29 16:29 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2023-03-29 16:29 - 2023-03-29 16:29 - 000000000 _SHDL C:\ProgramData\Dokumenty
2023-03-29 16:29 - 2023-03-29 16:29 - 000000000 _SHDL C:\ProgramData\Data aplikací
2023-03-29 16:29 - 2023-03-29 16:29 - 000000000 _SHDL C:\Documents and Settings
2023-03-29 16:27 - 2023-04-02 09:58 - 000008192 ___SH C:\DumpStack.log.tmp
2023-03-29 16:27 - 2023-04-02 09:58 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-03-29 16:27 - 2023-04-02 09:58 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-03-29 16:27 - 2023-04-01 19:11 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-03-29 16:27 - 2023-03-31 18:09 - 000258096 _____ C:\Windows\system32\FNTCACHE.DAT
2023-03-29 16:27 - 2023-03-30 19:37 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-03-29 16:27 - 2023-03-30 17:04 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-03-29 16:27 - 2023-03-30 17:04 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-03-29 16:27 - 2023-03-29 16:27 - 000000000 ____D C:\Windows\ServiceProfiles

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-04-02 10:02 - 2019-12-07 16:41 - 000683426 _____ C:\Windows\system32\perfh005.dat
2023-04-02 10:02 - 2019-12-07 16:41 - 000137206 _____ C:\Windows\system32\perfc005.dat
2023-04-02 10:02 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2023-04-02 10:00 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-04-01 20:31 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-04-01 20:31 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2023-04-01 16:24 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2023-04-01 16:24 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2023-03-31 18:09 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2023-03-31 18:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-03-31 18:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2023-03-31 18:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2023-03-31 18:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2023-03-31 18:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2023-03-31 18:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2023-03-31 18:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2023-03-31 18:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2023-03-31 18:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2023-03-31 18:07 - 2019-12-07 16:44 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\UNP
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\PrintDialog
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemApps
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\ShellExperiences
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\migwiz
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\lv-LV
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\lt-LT
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\et-EE
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\es-MX
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\DDFs
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\appraiser
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellExperiences
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellComponents
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Provisioning
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-03-31 18:07 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\servicing
2023-03-31 17:55 - 2019-12-07 11:15 - 000208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2023-03-31 17:55 - 2019-12-07 11:14 - 000232448 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2023-03-30 19:37 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender
2023-03-29 18:25 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\LiveKernelReports
2023-03-29 17:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Help
2023-03-29 17:30 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2023-03-29 17:26 - 2019-12-07 11:14 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2023-03-29 16:34 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\USOPrivate
2023-03-29 16:33 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2023-03-29 16:31 - 2019-12-07 16:42 - 000000000 ____D C:\Windows\system32\FxsTmp
2023-03-29 16:31 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\spool
2023-03-29 16:29 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows NT
2023-03-29 16:27 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\appcompat
2023-03-29 16:27 - 2019-12-07 11:03 - 000032768 _____ C:\Windows\system32\config\ELAM

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[Luky73]

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-03-2023
# Duration: 00:00:03
# OS: Windows 10 (Build 19044.2728)
# Cleaned: 12
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

Deleted Seznam doplněk - Esko - olfeabkoenfaoljndfecamgilllcpiak
Deleted acklnhgjphbhhomkneonohbjnbmkclfb
Deleted akaelkiagnbfcccfnmbimdbplecgbikh
Deleted ccjleegmemocfpghkhpjmiccjcacackp
Deleted mallpejgeafdahhflmliiahjdpgbegpk

***** [ Chromium URLs ] *****

Deleted http://www.istartsurf.com/?type=hp&ts=1 ... XXW0VK1C38
Deleted http://www.istartsurf.com/?type=hppp&ts ... XXW0VK1C38
Deleted http://www.trovi.com/?gd=&ctid=CT332145 ... 3015&SSPV=
Deleted http://www.trovi.com/?gd=&ctid=CT332145 ... 3015&SSPV=
Deleted iZito.com
Deleted ???????
Deleted ???????

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2543 octets] - [03/04/2023 20:44:42]
AdwCleaner[S01].txt - [2604 octets] - [03/04/2023 20:46:28]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

[Rudy]

Dejte nové logy FRST+Addition.

[Luky73]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-04-2023
Ran by Václav Lukeš (administrator) on DESKTOP-QKQEO61 (Acer Aspire V7-582PG) (03-04-2023 21:00:37)
Running from C:\Users\Václav Lukeš\Desktop\Databáze viry
Loaded Profiles: Václav Lukeš
Platform: Microsoft Windows 10 Home Version 21H2 19044.2728 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MpCopyAccelerator.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <10>
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(svchost.exe ->) () [Access Denied] C:\ProgramData\sshDokumenty-type3.1.4.2\sshDokumenty-type3.1.4.2.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files\KeePass Password Safe 2\KeePass.exe [3246992 2023-02-08] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM-x32\...\Run: [Backup] => C:\Program Files (x86)\Wondershare\drfone\Addins\Backup\DrFoneBackup.exe /hide (No File)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\72.0.3.0\GoogleDriveFS.exe [52902680 2023-04-01] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\72.0.3.0\GoogleDriveFS.exe [52902680 2023-04-01] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3101109723-1772701139-4008349178-1001\...\Run: [Opera Browser Assistant] => C:\Users\Václav Lukeš\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4140448 2023-03-08] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-3101109723-1772701139-4008349178-1001\...\Run: [MicrosoftEdgeAutoLaunch_44B9CBA50DA6E7EB25D8118BF912B8A6] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4056016 2023-03-30] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3101109723-1772701139-4008349178-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\72.0.3.0\GoogleDriveFS.exe [52902680 2023-04-01] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\72.0.3.0\GoogleDriveFS.exe [52902680 2023-04-01] (Google LLC -> Google, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\111.0.5563.147\Installer\chrmstp.exe [2023-03-29] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ADnews.lnk [2023-03-29]
ShortcutTarget: ADnews.lnk -> C:\Auto-diagnostika\ADnews.exe (AutoComSoft s.r.o. -> AutoComSoft s.r.o.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WSAndroidAppHelper.lnk [2023-04-02]
ShortcutTarget: WSAndroidAppHelper.lnk -> C:\Program Files (x86)\Wondershare\drfone\Addins\SocialApps\WSAndroidAppHelper.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WSAppHelper.lnk [2023-04-02]
ShortcutTarget: WSAppHelper.lnk -> C:\Program Files (x86)\Wondershare\drfone\Addins\SocialApps\WSAppHelper.exe (No File)
Startup: C:\Users\Václav Lukeš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RT-Updater-SVO.lnk [2023-03-29]
ShortcutTarget: RT-Updater-SVO.lnk -> C:\Auto-diagnostika\VCDS.exe (Ross-Tech, LLC -> Ross-Tech, LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0A55419F-565C-444D-8814-3BF28060A610} - System32\Tasks\Opera scheduled Autoupdate 1680114599 => C:\Users\Václav Lukeš\AppData\Local\Programs\Opera\launcher.exe [2686872 2023-03-29] (Opera Norway AS -> Opera Software)
Task: {39950C48-A979-4236-9ABB-96F51D6CAC8D} - System32\Tasks\GoogleUpdateTaskMachineUA{E056F5ED-93C4-4676-85F5-1DB24F9BCBEC} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-03-29] (Google LLC -> Google LLC)
Task: {47B50BA3-743A-4190-99BD-FFA2855E8032} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2302.7-0\MpCmdRun.exe [1645904 2023-03-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {52459B73-DAE7-4AB1-B29E-3D607658C5EB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2302.7-0\MpCmdRun.exe [1645904 2023-03-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {614828E6-278C-46F7-869A-F542E9B705B8} - System32\Tasks\Opera scheduled assistant Autoupdate 1680114604 => C:\Users\Václav Lukeš\AppData\Local\Programs\Opera\launcher.exe [2686872 2023-03-29] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Václav Lukeš\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {7625F7A1-46B2-4EE6-8A6B-C2D30C4FD5A4} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [718752 2023-03-21] (Mozilla Corporation -> Mozilla Foundation)
Task: {91B68828-2300-4DDF-8A97-563E36C2E435} - System32\Tasks\sshDokumenty-type3.1.4.2 => C:\ProgramData\sshDokumenty-type3.1.4.2\sshDokumenty-type3.1.4.2.exe [0 0000-00-00] () [Access Denied] <==== ATTENTION
Task: {A78BE7BA-53B9-4711-BFE3-BB068EF87FE6} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676768 2023-03-21] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {B329218A-FE44-44C4-A55D-C252406EDE6B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2302.7-0\MpCmdRun.exe [1645904 2023-03-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F0588957-D9DF-4715-839E-E6DC9DF235E5} - System32\Tasks\GoogleUpdateTaskMachineCore{6AECB1DC-FA7C-4928-969E-C69DEDB0FE0B} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-03-29] (Google LLC -> Google LLC)
Task: {F3B8B2E6-A756-4F82-90A7-FDE188AEDC82} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2302.7-0\MpCmdRun.exe [1645904 2023-03-30] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.1.93 10.0.1.138
Tcpip\..\Interfaces\{b3f5f653-686b-4e6e-8b9b-3f542b9d0d46}: [DhcpNameServer] 10.0.1.138
Tcpip\..\Interfaces\{f768102c-4e9a-4c19-a0dd-79b6adff0f97}: [DhcpNameServer] 10.0.1.93 10.0.1.138

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Václav Lukeš\AppData\Local\Microsoft\Edge\User Data\Default [2023-04-03]

FireFox:
========
FF DefaultProfile: xktwluda.default
FF ProfilePath: C:\Users\Václav Lukeš\AppData\Roaming\Mozilla\Firefox\Profiles\xktwluda.default [2023-03-31]
FF ProfilePath: C:\Users\Václav Lukeš\AppData\Roaming\Mozilla\Firefox\Profiles\vwk2icpn.default-release [2023-04-02]

Chrome:
=======
CHR Profile: C:\Users\Václav Lukeš\AppData\Local\Google\Chrome\User Data\Default [2023-04-03]
CHR Notifications: Default -> hxxps://club.autodoc.cz; hxxps://www.facebook.com
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3321459&octid ... XXW0VK1C38"
CHR Extension: (trigger-translation) - C:\Users\Václav Lukeš\AppData\Local\Google\Chrome\User Data\Default\Extensions\cofdbpoegempjloogbagkncekinflcnj [2023-03-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\Václav Lukeš\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-03-29]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Václav Lukeš\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-03-29]
CHR Extension: (Google Keep – poznámky a seznamy) - C:\Users\Václav Lukeš\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2023-03-29]
CHR Extension: (Notifier for WhatsApp Web) - C:\Users\Václav Lukeš\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaoholkoedbpjiangnchpfchhmageifp [2023-03-29]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\Václav Lukeš\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-04-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Václav Lukeš\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-29]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Václav Lukeš\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2023-04-03]
CHR Extension: (OneClick Cleaner for Chrome) - C:\Users\Václav Lukeš\AppData\Local\Google\Chrome\User Data\Default\Extensions\oncckmaelaecccmaniihojgeopkcajfh [2023-03-29]
CHR HKU\S-1-5-21-3101109723-1772701139-4008349178-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

Opera:
=======
OPR Profile: C:\Users\Václav Lukeš\AppData\Roaming\Opera Software\Opera Stable [2023-04-03]
OPR DefaultSearchURL: Opera Stable -> hxxps://www.google.com/search?client=opera&q={s ... utEncoding}
OPR DefaultSearchKeyword: Opera Stable -> g
OPR Extension: (Rich Hints Agent) - C:\Users\Václav Lukeš\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-03-29]
OPR Extension: (Opera Wallet) - C:\Users\Václav Lukeš\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-03-29]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Václav Lukeš\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2023-03-29]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-09-24] (Apple Inc. -> Apple Inc.)
S2 ElevationService; C:\ProgramData\Wondershare\wsServices\ElevationService.exe [960512 2022-05-31] () [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2302.7-0\NisSrv.exe [3224328 2023-03-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2302.7-0\MsMpEng.exe [133544 2023-03-30] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 DFWSIDService; C:\ProgramData\Wondershare\wsServices\WsidService.exe [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
S2 WirelessBackupService; C:\Program Files (x86)\Wondershare\drfone\Addins\Backup\WirelessBackupService.exe [X]
S2 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [X]
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\drfone\Addins\Repair\DriverInstall.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 googledrivefs31092; C:\Windows\System32\DRIVERS\googledrivefs31092.sys [384600 2023-04-01] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 MpKsld418fbef; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{55F3B01D-2149-4131-AB57-503A6B0A7ED7}\MpKslDrv.sys [211208 2023-04-03] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49608 2023-03-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [495896 2023-03-30] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99624 2023-03-30] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-04-03 20:44 - 2023-04-03 20:47 - 000000000 ____D C:\AdwCleaner
2023-04-03 20:43 - 2023-04-03 20:43 - 008791352 _____ (Malwarebytes) C:\Users\Václav Lukeš\Desktop\adwcleaner.exe
2023-04-03 20:42 - 2023-04-03 20:42 - 006845928 _____ (EnigmaSoft Limited) C:\Users\Václav Lukeš\Desktop\SpyHunter-Installer.exe
2023-04-02 22:27 - 2023-04-02 22:27 - 000919200 _____ C:\Users\Václav Lukeš\AppData\Roaming\3VY8reCZ.exe
2023-04-02 22:14 - 2023-04-02 22:14 - 000919200 _____ C:\Users\Václav Lukeš\AppData\Roaming\2uYOtL7E.exe
2023-04-02 22:12 - 2023-04-02 22:12 - 000919200 _____ C:\Users\Václav Lukeš\AppData\Roaming\IX66Efdt.exe
2023-04-02 20:16 - 2023-04-02 20:16 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\1879Z4PR.exe
2023-04-02 20:08 - 2023-04-02 20:08 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\UhqdruBQ.exe
2023-04-02 20:08 - 2023-04-02 20:08 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\r3oh0Sk8.exe
2023-04-02 20:08 - 2023-04-02 20:08 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\ILQq5G9F.exe
2023-04-02 20:08 - 2023-04-02 20:08 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\HqVz3h28.exe
2023-04-02 20:08 - 2023-04-02 20:08 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\Gtt3Ib9J.exe
2023-04-02 20:08 - 2023-04-02 20:08 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\e7PBW856.exe
2023-04-02 20:08 - 2023-04-02 20:08 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\7B4vhMf1.exe
2023-04-02 20:08 - 2023-04-02 20:08 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\2X2JrWB0.exe
2023-04-02 20:04 - 2023-04-02 20:04 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\ylepMBJ5.exe
2023-04-02 20:04 - 2023-04-02 20:04 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\d85nSxRB.exe
2023-04-02 20:04 - 2023-04-02 20:04 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\4xL93HKo.exe
2023-04-02 20:03 - 2023-04-02 20:04 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\3KphLNcn.exe
2023-04-02 20:03 - 2023-04-02 20:03 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\YK1feK7z.exe
2023-04-02 20:03 - 2023-04-02 20:03 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\kjk0tVu0.exe
2023-04-02 20:03 - 2023-04-02 20:03 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\9aE31005.exe
2023-04-02 20:03 - 2023-04-02 20:03 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\8T2DNBYY.exe
2023-04-02 20:03 - 2023-04-02 20:03 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\7FqPPStV.exe
2023-04-02 20:03 - 2023-04-02 20:03 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\6QrAX6EY.exe
2023-04-02 20:03 - 2023-04-02 20:03 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\1o115Jjv.exe
2023-04-02 20:02 - 2023-04-02 20:02 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\uIb01qT4.exe
2023-04-02 20:02 - 2023-04-02 20:02 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\94CkBp2i.exe
2023-04-02 20:00 - 2023-04-02 20:00 - 000000505 _____ C:\Users\Václav Lukeš\Desktop\Programy a funkce – zástupce.lnk
2023-04-02 19:59 - 2023-04-02 19:59 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\85geb3P1.exe
2023-04-02 19:57 - 2023-04-02 19:57 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\l9WREAFu.exe
2023-04-02 19:54 - 2023-04-02 19:54 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\F4bagXVG.exe
2023-04-02 19:52 - 2023-04-02 19:52 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\DKu3EEN9.exe
2023-04-02 19:52 - 2023-04-02 19:52 - 000000000 ____D C:\Users\Václav Lukeš\Desktop\ver2.4_2023
2023-04-02 19:47 - 2023-04-02 19:47 - 000000000 ____D C:\Users\Václav Lukeš\AppData\Roaming\TSMonitor
2023-04-02 19:47 - 2023-04-02 19:47 - 000000000 ____D C:\Users\Václav Lukeš\AppData\Roaming\Apple Computer
2023-04-02 19:46 - 2023-04-02 19:46 - 000000000 ____D C:\Program Files (x86)\Tenorshare
2023-04-02 19:42 - 2023-04-02 19:42 - 014548480 _____ C:\Users\Václav Lukeš\AppData\Roaming\69006285.exe
2023-04-02 19:42 - 2023-04-02 19:42 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\BymV8q1k.exe
2023-04-02 19:34 - 2023-04-02 19:34 - 014548480 _____ C:\Users\Václav Lukeš\AppData\Roaming\x8ELe3F4.exe
2023-04-02 19:34 - 2023-04-02 19:34 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\M2VPe8BF.exe
2023-04-02 19:24 - 2023-04-02 19:24 - 014548480 _____ C:\Users\Václav Lukeš\AppData\Roaming\RL9tnCch.exe
2023-04-02 19:24 - 2023-04-02 19:24 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\vUSy9Xz6.exe
2023-04-02 19:22 - 2023-04-02 19:22 - 014548480 _____ C:\Users\Václav Lukeš\AppData\Roaming\Yd438bVE.exe
2023-04-02 19:22 - 2023-04-02 19:22 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\GthLxcFb.exe
2023-04-02 19:21 - 2023-04-02 19:21 - 000000000 ____D C:\Users\Václav Lukeš\.android
2023-04-02 19:21 - 2023-04-02 19:21 - 000000000 ____D C:\Program Files\Wondershare
2023-04-02 19:21 - 2023-04-02 19:21 - 000000000 ____D C:\Program Files\Common Files\Apple
2023-04-02 19:18 - 2023-04-02 19:18 - 000000016 _____ C:\ProgramData\mntemp
2023-04-02 19:18 - 2023-04-02 19:18 - 000000000 ____D C:\Users\Václav Lukeš\AppData\Roaming\MobileBackupForeverIni
2023-04-02 19:16 - 2023-04-02 19:16 - 014548480 _____ C:\Users\Václav Lukeš\AppData\Roaming\ei55Q8in.exe
2023-04-02 19:16 - 2023-04-02 19:16 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\r2kx9a12.exe
2023-04-02 19:13 - 2023-04-02 19:13 - 014548480 _____ C:\Users\Václav Lukeš\AppData\Roaming\O01D4aLu.exe
2023-04-02 19:13 - 2023-04-02 19:13 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\6B2WM4dd.exe
2023-04-02 18:01 - 2023-04-02 18:01 - 000003676 _____ C:\Windows\system32\Tasks\sshDokumenty-type3.1.4.2
2023-04-02 18:01 - 2023-04-02 18:01 - 000000000 ____D C:\ProgramData\sshDokumenty-type3.1.4.2
2023-04-02 17:59 - 2023-04-02 17:59 - 014548480 _____ C:\Users\Václav Lukeš\AppData\Roaming\5Vjnq9rZ.exe
2023-04-02 17:59 - 2023-04-02 17:59 - 007258440 _____ C:\Users\Václav Lukeš\AppData\Roaming\rN04gxP6.exe
2023-04-02 17:58 - 2023-04-02 17:58 - 014548480 _____ C:\Users\Václav Lukeš\AppData\Roaming\c2Bv1Plr.exe
2023-04-02 17:58 - 2023-04-02 17:58 - 007258440 _____ C:\Users\Václav Lukeš\AppData\Roaming\g6jZCr11.exe
2023-04-02 17:56 - 2023-04-02 17:56 - 014548480 _____ C:\Users\Václav Lukeš\AppData\Roaming\052Rh3JE.exe
2023-04-02 17:50 - 2023-04-02 17:50 - 014548480 _____ C:\Users\Václav Lukeš\AppData\Roaming\273q0H0v.exe
2023-04-02 17:47 - 2023-04-02 22:26 - 000684984 _____ (Mozilla Foundation) C:\Users\Václav Lukeš\AppData\LocalLow\freebl3.dll
2023-04-02 17:47 - 2023-04-02 22:26 - 000627128 _____ (Mozilla Foundation) C:\Users\Václav Lukeš\AppData\LocalLow\mozglue.dll
2023-04-02 17:47 - 2023-04-02 22:26 - 000254392 _____ (Mozilla Foundation) C:\Users\Václav Lukeš\AppData\LocalLow\softokn3.dll
2023-04-02 17:47 - 2023-04-02 17:50 - 000760939 _____ C:\Users\Václav Lukeš\AppData\Roaming\9WKba353.exe
2023-04-02 17:40 - 2023-04-02 20:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2023-04-02 17:38 - 2023-04-02 19:21 - 000000000 ____D C:\ProgramData\Apple
2023-04-02 17:38 - 2023-04-02 19:18 - 000000000 ____D C:\Users\Václav Lukeš\AppData\Roaming\Wondershare
2023-04-02 17:38 - 2023-04-02 17:38 - 000000000 ____D C:\Program Files\Bonjour
2023-04-02 17:38 - 2023-04-02 17:38 - 000000000 ____D C:\Program Files (x86)\Bonjour
2023-04-02 17:37 - 2023-04-02 20:01 - 000000000 ____D C:\ProgramData\Wondershare
2023-04-02 17:37 - 2023-04-02 20:01 - 000000000 ____D C:\Program Files (x86)\Wondershare
2023-04-02 17:36 - 2023-04-02 17:40 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2023-04-02 14:21 - 2023-04-02 22:14 - 000000000 ____D C:\Users\Václav Lukeš\AppData\Local\CrashDumps
2023-04-02 14:12 - 2023-04-02 14:12 - 000000000 ____D C:\Users\Václav Lukeš\AppData\Local\D3DSCache
2023-04-01 20:28 - 2023-04-03 21:00 - 000000000 ____D C:\Users\Václav Lukeš\Desktop\Databáze viry
2023-04-01 20:28 - 2023-04-01 20:29 - 000000000 ____D C:\Users\Václav Lukeš\Desktop\Google disk
2023-04-01 17:41 - 2023-04-01 17:41 - 000002057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2023-04-01 17:41 - 2023-04-01 17:41 - 000000000 ____D C:\Users\Václav Lukeš\AppData\Local\CEF
2023-04-01 17:33 - 2023-04-01 17:34 - 307498264 _____ (Google, Inc.) C:\Users\Václav Lukeš\Downloads\GoogleDriveSetup.exe
2023-04-01 11:13 - 2023-04-03 21:00 - 000000000 ____D C:\FRST
2023-03-31 22:37 - 2023-04-03 20:37 - 000000000 ____D C:\Users\Václav Lukeš\AppData\LocalLow\Mozilla
2023-03-31 22:37 - 2023-03-31 22:38 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-03-31 22:37 - 2023-03-31 22:37 - 000002048 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox — anonymní prohlížení.lnk
2023-03-31 22:37 - 2023-03-31 22:37 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-03-31 22:37 - 2023-03-31 22:37 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2023-03-31 22:37 - 2023-03-31 22:37 - 000000000 ____D C:\Users\Václav Lukeš\AppData\Roaming\Mozilla
2023-03-31 22:37 - 2023-03-31 22:37 - 000000000 ____D C:\Users\Václav Lukeš\AppData\Local\Mozilla
2023-03-31 22:37 - 2023-03-31 22:37 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-03-31 22:37 - 2023-03-31 22:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-03-31 18:07 - 2023-03-31 18:07 - 000000000 ____D C:\Windows\SystemTemp
2023-03-31 17:37 - 2023-03-31 17:37 - 000000000 ___HD C:\$WinREAgent
2023-03-31 17:30 - 2023-03-31 17:30 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-03-31 17:25 - 2023-03-31 17:29 - 000000000 ____D C:\Windows\system32\MRT
2023-03-31 17:24 - 2023-03-31 17:24 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2023-03-31 17:24 - 2023-03-31 17:24 - 000000000 ____D C:\Program Files\PCHealthCheck
2023-03-31 16:56 - 2023-03-31 16:56 - 000000000 ____D C:\Users\Václav Lukeš\AppData\Roaming\WinRAR
2023-03-31 16:56 - 2023-03-31 16:56 - 000000000 ____D C:\Users\Václav Lukeš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-03-31 16:56 - 2023-03-31 16:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-03-31 16:56 - 2023-03-31 16:56 - 000000000 ____D C:\Program Files\WinRAR
2023-03-30 21:52 - 2023-03-30 21:52 - 000000000 ____D C:\Users\Václav Lukeš\AppData\Local\OneDrive
2023-03-30 19:57 - 2023-04-03 19:53 - 000000000 ____D C:\Users\Václav Lukeš\AppData\Roaming\KeePass
2023-03-30 19:50 - 2023-03-30 19:50 - 000000963 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk
2023-03-30 19:50 - 2023-03-30 19:50 - 000000000 ____D C:\Program Files\KeePass Password Safe 2
2023-03-30 19:36 - 2023-03-30 19:37 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3101109723-1772701139-4008349178-1001
2023-03-29 21:30 - 2023-03-29 21:30 - 000000739 _____ C:\Users\Václav Lukeš\Desktop\Auto-diagnostika .lnk
2023-03-29 21:30 - 2023-03-29 21:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auto-diagnostika
2023-03-29 21:30 - 2023-03-29 21:30 - 000000000 ____D C:\Program Files\DIFX
2023-03-29 21:27 - 2023-03-30 16:37 - 000000000 ____D C:\Auto-diagnostika
2023-03-29 21:18 - 2023-03-29 21:18 - 000000000 ____D C:\Users\Václav Lukeš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome
2023-03-29 21:12 - 2023-04-01 17:41 - 000000000 ____D C:\Program Files\Google
2023-03-29 21:12 - 2023-03-29 21:12 - 000002323 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-03-29 21:11 - 2023-04-03 20:17 - 000000000 ____D C:\Program Files (x86)\Google
2023-03-29 21:11 - 2023-04-01 17:41 - 000000000 ____D C:\Users\Václav Lukeš\AppData\Local\Google
2023-03-29 21:11 - 2023-03-29 21:11 - 001427176 _____ (Google LLC) C:\Users\Václav Lukeš\Downloads\ChromeSetup.exe
2023-03-29 21:11 - 2023-03-29 21:11 - 000003550 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{E056F5ED-93C4-4676-85F5-1DB24F9BCBEC}
2023-03-29 21:11 - 2023-03-29 21:11 - 000003426 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{6AECB1DC-FA7C-4928-969E-C69DEDB0FE0B}
2023-03-29 20:30 - 2023-04-03 19:57 - 000004262 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1680114599
2023-03-29 20:30 - 2023-04-03 19:57 - 000001502 _____ C:\Users\Václav Lukeš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2023-03-29 20:30 - 2023-03-30 16:32 - 000004530 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1680114604
2023-03-29 20:30 - 2023-03-29 20:30 - 000000000 ____D C:\Users\Václav Lukeš\AppData\Local\Opera Software
2023-03-29 20:28 - 2023-03-29 20:30 - 000000000 ___HD C:\Users\Václav Lukeš\Downloads\.opera
2023-03-29 20:28 - 2023-03-29 20:28 - 000000000 ____D C:\Users\Václav Lukeš\AppData\Roaming\Opera Software
2023-03-29 20:27 - 2023-03-29 20:28 - 088732944 _____ (Opera Software) C:\Users\Václav Lukeš\Downloads\Opera_90.0.4480.48_Setup_x64.exe
2023-03-29 19:58 - 2023-03-29 19:58 - 000000000 ____D C:\Users\Václav Lukeš\AppData\Roaming\Synaptics
2023-03-29 19:58 - 2023-03-29 19:58 - 000000000 ____D C:\ProgramData\Synaptics
2023-03-29 18:36 - 2023-03-29 18:36 - 000000000 ____D C:\Users\Václav Lukeš\AppData\Local\Comms
2023-03-29 17:56 - 2023-03-29 17:56 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2023-03-29 17:56 - 2016-09-09 20:25 - 000269600 _____ C:\Windows\SysWOW64\vulkan-1.dll
2023-03-29 17:56 - 2016-09-09 20:25 - 000261920 _____ C:\Windows\system32\vulkan-1.dll
2023-03-29 17:56 - 2016-09-09 20:25 - 000110880 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2023-03-29 17:56 - 2016-09-09 20:24 - 000125216 _____ C:\Windows\system32\vulkaninfo.exe
2023-03-29 17:55 - 2023-04-03 20:47 - 000000000 ____D C:\ProgramData\NVIDIA
2023-03-29 17:55 - 2016-12-29 15:16 - 006384576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2023-03-29 17:55 - 2016-12-29 15:16 - 002475968 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2023-03-29 17:55 - 2016-12-29 15:16 - 001762752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2023-03-29 17:55 - 2016-12-29 15:16 - 000546752 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2023-03-29 17:55 - 2016-12-29 15:16 - 000392128 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2023-03-29 17:55 - 2016-12-29 15:16 - 000083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2023-03-29 17:55 - 2016-12-29 15:16 - 000069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2023-03-29 17:55 - 2016-12-29 15:10 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2023-03-29 17:55 - 2016-12-22 01:59 - 007651057 _____ C:\Windows\system32\nvcoproc.bin
2023-03-29 17:54 - 2023-03-29 17:55 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2023-03-29 17:54 - 2023-03-29 17:55 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2023-03-29 17:54 - 2023-03-29 17:54 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2023-03-29 17:53 - 2017-01-17 05:56 - 034717624 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2023-03-29 17:53 - 2017-01-17 05:56 - 028209080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2023-03-29 17:53 - 2017-01-17 05:56 - 000951224 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2023-03-29 17:53 - 2017-01-17 05:56 - 000904760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2023-03-29 17:53 - 2017-01-17 05:56 - 000048696 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2023-03-29 17:53 - 2017-01-17 05:55 - 002961336 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2023-03-29 17:53 - 2017-01-17 05:55 - 002594744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2023-03-29 17:53 - 2017-01-17 05:55 - 001964600 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437654.dll
2023-03-29 17:53 - 2017-01-17 05:55 - 001598392 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437654.dll
2023-03-29 17:53 - 2017-01-17 05:55 - 001047096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2023-03-29 17:53 - 2017-01-17 05:55 - 000985144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2023-03-29 17:53 - 2017-01-17 05:54 - 040134200 _____ C:\Windows\system32\nvcompiler.dll
2023-03-29 17:53 - 2017-01-17 05:54 - 035233336 _____ C:\Windows\SysWOW64\nvcompiler.dll
2023-03-29 17:53 - 2017-01-17 05:53 - 011017016 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2023-03-29 17:53 - 2017-01-17 05:52 - 010907368 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2023-03-29 17:53 - 2017-01-17 05:52 - 010453152 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2023-03-29 17:53 - 2017-01-17 05:52 - 009246832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2023-03-29 17:53 - 2017-01-17 05:52 - 009000336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2023-03-29 17:53 - 2017-01-17 05:52 - 008847016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2023-03-29 17:53 - 2017-01-17 05:52 - 003972960 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2023-03-29 17:53 - 2017-01-17 05:52 - 003509152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2023-03-29 17:53 - 2017-01-17 05:52 - 000698544 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2023-03-29 17:53 - 2017-01-17 05:52 - 000586784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2023-03-29 17:53 - 2017-01-17 00:59 - 000042296 _____ C:\Windows\system32\nvinfo.pb
2023-03-29 17:53 - 2017-01-17 00:59 - 000000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2023-03-29 17:53 - 2017-01-17 00:59 - 000000669 _____ C:\Windows\system32\nv-vk64.json
2023-03-29 17:52 - 2023-04-03 19:46 - 000000000 __SHD C:\Users\Václav Lukeš\IntelGraphicsProfiles
2023-03-29 17:52 - 2023-04-03 19:45 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2023-03-29 17:52 - 2023-03-29 17:52 - 000000200 _____ C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2023-03-29 17:52 - 2023-03-29 17:52 - 000000000 ____D C:\Program Files\Intel
2023-03-29 17:52 - 2023-03-29 17:52 - 000000000 ____D C:\Program Files (x86)\Intel
2023-03-29 17:52 - 2023-03-29 17:52 - 000000000 ____D C:\Intel
2023-03-29 17:49 - 2023-03-29 17:49 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2023-03-29 17:49 - 2023-03-29 17:49 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2023-03-29 17:49 - 2023-03-29 17:49 - 000000000 ____D C:\Program Files\Synaptics
2023-03-29 17:49 - 2017-07-11 18:41 - 000077912 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2023-03-29 17:48 - 2023-04-03 19:46 - 000000000 ____D C:\Users\Václav Lukeš\AppData\Local\PlaceholderTileLogoFolder
2023-03-29 17:26 - 2023-03-31 17:16 - 000000000 ____D C:\Windows\Panther
2023-03-29 17:17 - 2023-03-30 19:37 - 000003394 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3101109723-1772701139-4008349178-1001
2023-03-29 17:17 - 2023-03-29 17:17 - 000000000 ___RD C:\Users\Václav Lukeš\OneDrive
2023-03-29 16:35 - 2023-03-29 16:35 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2023-03-29 16:34 - 2023-04-03 20:06 - 000000000 ____D C:\ProgramData\Packages
2023-03-29 16:34 - 2023-04-03 19:42 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2023-03-29 16:34 - 2023-03-29 16:34 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-03-29 16:34 - 2023-03-29 16:34 - 000000000 ___RD C:\Users\Václav Lukeš\3D Objects
2023-03-29 16:34 - 2023-03-29 16:34 - 000000000 ____D C:\Users\Václav Lukeš\AppData\Roaming\Adobe
2023-03-29 16:34 - 2023-03-29 16:34 - 000000000 ____D C:\Users\Václav Lukeš\AppData\Local\Publishers
2023-03-29 16:33 - 2023-04-02 19:21 - 000000000 ____D C:\Users\Václav Lukeš
2023-03-29 16:33 - 2023-04-02 19:17 - 000000000 ____D C:\Users\Václav Lukeš\AppData\Local\Packages
2023-03-29 16:33 - 2023-03-30 19:37 - 000002402 _____ C:\Users\Václav Lukeš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-03-29 16:33 - 2023-03-29 16:34 - 000000000 ____D C:\Users\Václav Lukeš\AppData\Local\ConnectedDevicesPlatform
2023-03-29 16:33 - 2023-03-29 16:33 - 000000020 ___SH C:\Users\Václav Lukeš\ntuser.ini
2023-03-29 16:33 - 2023-03-29 16:33 - 000000000 _SHDL C:\Users\Václav Lukeš\Šablony
2023-03-29 16:33 - 2023-03-29 16:33 - 000000000 _SHDL C:\Users\Václav Lukeš\Soubory cookie
2023-03-29 16:33 - 2023-03-29 16:33 - 000000000 _SHDL C:\Users\Václav Lukeš\Poslední
2023-03-29 16:33 - 2023-03-29 16:33 - 000000000 _SHDL C:\Users\Václav Lukeš\Okolní tiskárny
2023-03-29 16:33 - 2023-03-29 16:33 - 000000000 _SHDL C:\Users\Václav Lukeš\Okolní síť
2023-03-29 16:33 - 2023-03-29 16:33 - 000000000 _SHDL C:\Users\Václav Lukeš\Nabídka Start
2023-03-29 16:33 - 2023-03-29 16:33 - 000000000 _SHDL C:\Users\Václav Lukeš\Dokumenty
2023-03-29 16:33 - 2023-03-29 16:33 - 000000000 _SHDL C:\Users\Václav Lukeš\Documents\Obrázky
2023-03-29 16:33 - 2023-03-29 16:33 - 000000000 _SHDL C:\Users\Václav Lukeš\Documents\Hudba
2023-03-29 16:33 - 2023-03-29 16:33 - 000000000 _SHDL C:\Users\Václav Lukeš\Documents\Filmy
2023-03-29 16:33 - 2023-03-29 16:33 - 000000000 _SHDL C:\Users\Václav Lukeš\Data aplikací
2023-03-29 16:33 - 2023-03-29 16:33 - 000000000 _SHDL C:\Users\Václav Lukeš\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2023-03-29 16:33 - 2023-03-29 16:33 - 000000000 _SHDL C:\Users\Václav Lukeš\AppData\Local\Data aplikací
2023-03-29 16:33 - 2023-03-29 16:33 - 000000000 ____D C:\Users\Václav Lukeš\AppData\Local\VirtualStore
2023-03-29 16:29 - 2023-03-29 16:29 - 000000000 _SHDL C:\Users\Public\Documents\Obrázky
2023-03-29 16:29 - 2023-03-29 16:29 - 000000000 _SHDL C:\Users\Public\Documents\Hudba
2023-03-29 16:29 - 2023-03-29 16:29 - 000000000 _SHDL C:\Users\Public\Documents\Filmy
2023-03-29 16:29 - 2023-03-29 16:29 - 000000000 _SHDL C:\Users\Default\Šablony
2023-03-29 16:29 - 2023-03-29 16:29 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2023-03-29 16:29 - 2023-03-29 16:29 - 000000000 _SHDL C:\Users\Default\Poslední
2023-03-29 16:29 - 2023-03-29 16:29 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2023-03-29 16:29 - 2023-03-29 16:29 - 000000000 _SHDL C:\Users\Default\Okolní síť
2023-03-29 16:29 - 2023-03-29 16:29 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2023-03-29 16:29 - 2023-03-29 16:29 - 000000000 _SHDL C:\Users\Default\Dokumenty
2023-03-29 16:29 - 2023-03-29 16:29 - 000000000 _SHDL C:\Users\Default\Documents\Obrázky
2023-03-29 16:29 - 2023-03-29 16:29 - 000000000 _SHDL C:\Users\Default\Documents\Hudba
2023-03-29 16:29 - 2023-03-29 16:29 - 000000000 _SHDL C:\Users\Default\Documents\Filmy
2023-03-29 16:29 - 2023-03-29 16:29 - 000000000 _SHDL C:\Users\Default\Data aplikací
2023-03-29 16:29 - 2023-03-29 16:29 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2023-03-29 16:29 - 2023-03-29 16:29 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2023-03-29 16:29 - 2023-03-29 16:29 - 000000000 _SHDL C:\ProgramData\Šablony
2023-03-29 16:29 - 2023-03-29 16:29 - 000000000 _SHDL C:\ProgramData\Plocha
2023-03-29 16:29 - 2023-03-29 16:29 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2023-03-29 16:29 - 2023-03-29 16:29 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2023-03-29 16:29 - 2023-03-29 16:29 - 000000000 _SHDL C:\ProgramData\Dokumenty
2023-03-29 16:29 - 2023-03-29 16:29 - 000000000 _SHDL C:\ProgramData\Data aplikací
2023-03-29 16:29 - 2023-03-29 16:29 - 000000000 _SHDL C:\Documents and Settings
2023-03-29 16:27 - 2023-04-03 20:20 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-03-29 16:27 - 2023-04-03 19:38 - 000266496 _____ C:\Windows\system32\FNTCACHE.DAT
2023-03-29 16:27 - 2023-04-03 19:38 - 000008192 ___SH C:\DumpStack.log.tmp
2023-03-29 16:27 - 2023-04-03 19:38 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-03-29 16:27 - 2023-04-01 19:11 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-03-29 16:27 - 2023-03-30 19:37 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-03-29 16:27 - 2023-03-30 17:04 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-03-29 16:27 - 2023-03-30 17:04 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-03-29 16:27 - 2023-03-29 16:27 - 000000000 ____D C:\Windows\ServiceProfiles

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-04-03 20:06 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-04-03 20:06 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2023-04-03 20:05 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-04-03 19:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\appcompat
2023-04-03 19:42 - 2019-12-07 16:41 - 000683426 _____ C:\Windows\system32\perfh005.dat
2023-04-03 19:42 - 2019-12-07 16:41 - 000137206 _____ C:\Windows\system32\perfc005.dat
2023-04-03 19:42 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2023-04-01 16:24 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2023-04-01 16:24 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2023-03-31 18:09 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2023-03-31 18:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-03-31 18:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2023-03-31 18:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2023-03-31 18:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2023-03-31 18:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2023-03-31 18:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2023-03-31 18:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2023-03-31 18:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2023-03-31 18:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2023-03-31 18:07 - 2019-12-07 16:44 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\UNP
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\PrintDialog
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemApps
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\ShellExperiences
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\migwiz
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\lv-LV
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\lt-LT
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\et-EE
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\es-MX
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\DDFs
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\appraiser
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellExperiences
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellComponents
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Provisioning
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2023-03-31 18:07 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-03-31 18:07 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\servicing
2023-03-31 17:55 - 2019-12-07 11:15 - 000208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2023-03-31 17:55 - 2019-12-07 11:14 - 000232448 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2023-03-30 19:37 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender
2023-03-29 18:25 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\LiveKernelReports
2023-03-29 17:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Help
2023-03-29 17:30 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2023-03-29 17:26 - 2019-12-07 11:14 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2023-03-29 16:34 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\USOPrivate
2023-03-29 16:33 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2023-03-29 16:31 - 2019-12-07 16:42 - 000000000 ____D C:\Windows\system32\FxsTmp
2023-03-29 16:31 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\spool
2023-03-29 16:29 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows NT
2023-03-29 16:27 - 2019-12-07 11:03 - 000032768 _____ C:\Windows\system32\config\ELAM

==================== Files in the root of some directories ========

2023-04-02 17:56 - 2023-04-02 17:56 - 014548480 _____ () C:\Users\Václav Lukeš\AppData\Roaming\052Rh3JE.exe
2023-04-02 20:16 - 2023-04-02 20:16 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\1879Z4PR.exe
2023-04-02 20:03 - 2023-04-02 20:03 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\1o115Jjv.exe
2023-04-02 17:50 - 2023-04-02 17:50 - 014548480 _____ () C:\Users\Václav Lukeš\AppData\Roaming\273q0H0v.exe
2023-04-02 22:14 - 2023-04-02 22:14 - 000919200 _____ () C:\Users\Václav Lukeš\AppData\Roaming\2uYOtL7E.exe
2023-04-02 20:08 - 2023-04-02 20:08 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\2X2JrWB0.exe
2023-04-02 20:03 - 2023-04-02 20:04 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\3KphLNcn.exe
2023-04-02 22:27 - 2023-04-02 22:27 - 000919200 _____ () C:\Users\Václav Lukeš\AppData\Roaming\3VY8reCZ.exe
2023-04-02 20:04 - 2023-04-02 20:04 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\4xL93HKo.exe
2023-04-02 17:59 - 2023-04-02 17:59 - 014548480 _____ () C:\Users\Václav Lukeš\AppData\Roaming\5Vjnq9rZ.exe
2023-04-02 19:42 - 2023-04-02 19:42 - 014548480 _____ () C:\Users\Václav Lukeš\AppData\Roaming\69006285.exe
2023-04-02 19:13 - 2023-04-02 19:13 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\6B2WM4dd.exe
2023-04-02 20:03 - 2023-04-02 20:03 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\6QrAX6EY.exe
2023-04-02 20:08 - 2023-04-02 20:08 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\7B4vhMf1.exe
2023-04-02 20:03 - 2023-04-02 20:03 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\7FqPPStV.exe
2023-04-02 19:59 - 2023-04-02 19:59 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\85geb3P1.exe
2023-04-02 20:03 - 2023-04-02 20:03 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\8T2DNBYY.exe
2023-04-02 20:02 - 2023-04-02 20:02 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\94CkBp2i.exe
2023-04-02 20:03 - 2023-04-02 20:03 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\9aE31005.exe
2023-04-02 17:47 - 2023-04-02 17:50 - 000760939 _____ () C:\Users\Václav Lukeš\AppData\Roaming\9WKba353.exe
2023-04-02 19:42 - 2023-04-02 19:42 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\BymV8q1k.exe
2023-04-02 17:58 - 2023-04-02 17:58 - 014548480 _____ () C:\Users\Václav Lukeš\AppData\Roaming\c2Bv1Plr.exe
2023-04-02 20:04 - 2023-04-02 20:04 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\d85nSxRB.exe
2023-04-02 19:52 - 2023-04-02 19:52 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\DKu3EEN9.exe
2023-04-02 20:08 - 2023-04-02 20:08 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\e7PBW856.exe
2023-04-02 19:16 - 2023-04-02 19:16 - 014548480 _____ () C:\Users\Václav Lukeš\AppData\Roaming\ei55Q8in.exe
2023-04-02 19:54 - 2023-04-02 19:54 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\F4bagXVG.exe
2023-04-02 17:58 - 2023-04-02 17:58 - 007258440 _____ () C:\Users\Václav Lukeš\AppData\Roaming\g6jZCr11.exe
2023-04-02 19:22 - 2023-04-02 19:22 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\GthLxcFb.exe
2023-04-02 20:08 - 2023-04-02 20:08 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\Gtt3Ib9J.exe
2023-04-02 20:08 - 2023-04-02 20:08 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\HqVz3h28.exe
2023-04-02 20:08 - 2023-04-02 20:08 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\ILQq5G9F.exe
2023-04-02 22:12 - 2023-04-02 22:12 - 000919200 _____ () C:\Users\Václav Lukeš\AppData\Roaming\IX66Efdt.exe
2023-04-02 20:03 - 2023-04-02 20:03 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\kjk0tVu0.exe
2023-04-02 19:57 - 2023-04-02 19:57 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\l9WREAFu.exe
2023-04-02 19:34 - 2023-04-02 19:34 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\M2VPe8BF.exe
2023-04-02 19:13 - 2023-04-02 19:13 - 014548480 _____ () C:\Users\Václav Lukeš\AppData\Roaming\O01D4aLu.exe
2023-04-02 19:16 - 2023-04-02 19:16 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\r2kx9a12.exe
2023-04-02 20:08 - 2023-04-02 20:08 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\r3oh0Sk8.exe
2023-04-02 19:24 - 2023-04-02 19:24 - 014548480 _____ () C:\Users\Václav Lukeš\AppData\Roaming\RL9tnCch.exe
2023-04-02 17:59 - 2023-04-02 17:59 - 007258440 _____ () C:\Users\Václav Lukeš\AppData\Roaming\rN04gxP6.exe
2023-04-02 20:08 - 2023-04-02 20:08 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\UhqdruBQ.exe
2023-04-02 20:02 - 2023-04-02 20:02 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\uIb01qT4.exe
2023-04-02 19:24 - 2023-04-02 19:24 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\vUSy9Xz6.exe
2023-04-02 19:34 - 2023-04-02 19:34 - 014548480 _____ () C:\Users\Václav Lukeš\AppData\Roaming\x8ELe3F4.exe
2023-04-02 19:22 - 2023-04-02 19:22 - 014548480 _____ () C:\Users\Václav Lukeš\AppData\Roaming\Yd438bVE.exe
2023-04-02 20:03 - 2023-04-02 20:03 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\YK1feK7z.exe
2023-04-02 20:04 - 2023-04-02 20:04 - 007565824 _____ (Samsung Electronics Co., Ltd.) C:\Users\Václav Lukeš\AppData\Roaming\ylepMBJ5.exe

==================== FLock ==============================

2023-04-02 18:01 C:\ProgramData\sshDokumenty-type3.1.4.2

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[Rudy]

Dejte nové logy FRST+Addition.

Kde je log Addition? Kromě toho, že se vám automaticky otevře po restartu, najdete ho v souboru addition.txt v C:\Users\Václav Lukeš\Desktop\Databáze viry.

[Luky73]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-04-2023
Ran by Václav Lukeš (03-04-2023 21:03:38)
Running from C:\Users\Václav Lukeš\Desktop\Databáze viry
Microsoft Windows 10 Home Version 21H2 19044.2728 (X64) (2023-03-29 14:30:03)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3101109723-1772701139-4008349178-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3101109723-1772701139-4008349178-503 - Limited - Disabled)
Guest (S-1-5-21-3101109723-1772701139-4008349178-501 - Limited - Disabled)
Václav Lukeš (S-1-5-21-3101109723-1772701139-4008349178-1001 - Administrator - Enabled) => C:\Users\Václav Lukeš
WDAGUtilityAccount (S-1-5-21-3101109723-1772701139-4008349178-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Apple Mobile Device Support (HKLM\...\{F9CEF01A-3907-4614-824F-CF5D3E4675EF}) (Version: 14.1.0.35 - Apple Inc.)
Auto-diagnostika VCDS . (HKLM-x32\...\Auto-diagnostika VCDS) (Version: . - AutoComSoft)
Balíček ovladače systému Windows - Ross-Tech USB Driver Package (06/16/2010 2.06.02) (HKLM\...\F2D626F9A8E5C6126BED6EBD3E3504D0B2AB8443) (Version: 06/16/2010 2.06.02 - Ross-Tech)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 72.0.3.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 111.0.5563.147 - Google LLC)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4248 - Intel Corporation)
KeePass Password Safe 2.53.1 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.53.1 - Dominik Reichl)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 111.0.1661.62 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 111.0.1661.62 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3101109723-1772701139-4008349178-1001\...\OneDriveSetup.exe) (Version: 23.054.0313.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 111.0.1 (x64 cs)) (Version: 111.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 111.0.1 - Mozilla)
NVIDIA Ovladače grafiky 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)
Opera Stable 97.0.4719.43 (HKU\S-1-5-21-3101109723-1772701139-4008349178-1001\...\Opera 97.0.4719.43) (Version: 97.0.4719.43 - Opera Software)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.1.3.6 - Synaptics Incorporated)
VIS (HKLM-x32\...\{9934B5F7-D8C5-449A-ACC4-78D63647841E}) (Version: 1.0.17 - AutoComSoft)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)

Packages:
=========
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_1.49.3.0_x64__6rarf9sa4v8jt [2023-04-02] (Disney)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-04-02] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0 [2023-04-02] (Spotify AB) [Startup Task]
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.802.31.0_x64__8wekyb3d8bbwe [2023-03-29] (Microsoft Corporation)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.802.31.0_x86__8wekyb3d8bbwe [2023-03-29] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3101109723-1772701139-4008349178-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> "C:\Users\Václav Lukeš\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-3101109723-1772701139-4008349178-1001_Classes\CLSID\{D9AC5E73-BB10-467b-B884-AA1E475C51F5}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\72.0.3.0\drivefsext.dll [2023-04-01] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\72.0.3.0\drivefsext.dll [2023-04-01] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\72.0.3.0\drivefsext.dll [2023-04-01] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\72.0.3.0\drivefsext.dll [2023-04-01] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\72.0.3.0\drivefsext.dll [2023-04-01] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\72.0.3.0\drivefsext.dll [2023-04-01] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\72.0.3.0\drivefsext.dll [2023-04-01] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2015-09-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Václav Lukeš\Desktop\Google disk\Google Drive.lnk -> C:\Program Files\Google\Drive File Stream\launch.bat ()
ShortcutWithArgument: C:\Users\Václav Lukeš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Google Keep – poznámky a seznamy.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 ____N C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3101109723-1772701139-4008349178-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 10.0.1.93 - 10.0.1.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{1FC831F3-1389-440E-83F5-D4ACD0C4F327}C:\program files (x86)\microsoft\edge\application\msedge.exe] => (Block) C:\program files (x86)\microsoft\edge\application\msedge.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{D1045B5A-848A-45DD-9C4E-427DEC6721E5}C:\program files (x86)\microsoft\edge\application\msedge.exe] => (Block) C:\program files (x86)\microsoft\edge\application\msedge.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{2591D664-20C0-4269-8A49-49C8F28BA488}C:\users\václav lukeš\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\václav lukeš\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{76984BCF-7B2B-4759-B47D-0F76138B1278}C:\users\václav lukeš\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\václav lukeš\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{B85F3389-4971-4897-8628-4762E37D4493}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{1CF76200-DD54-4619-9B45-C3D1EE9F613E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D3BDC554-1A58-41C4-B7D9-A7EA1813FEC9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{85F0229B-B3BC-46D5-A710-182582F88862}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\111.0.1661.62\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F3FE27FE-56C3-4F79-B342-3E2E580314A0}] => (Allow) C:\Users\Václav Lukeš\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe => No File
FirewallRules: [{F633DBBA-749A-4563-AA26-9CABB9E751B4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C9CD538D-0555-4A74-AB79-130A435DA6A3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9D185CA8-66E0-45FA-9E82-77C4EC47BCC9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7F246453-CB18-406A-9329-06B1E25351F4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A294EDB8-AAB8-4E5D-94B2-953A14625670}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E62A59BB-BFA9-45A0-B734-E920B704DE84}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9BDDFCBA-66A8-4E3C-9F64-B8497E821443}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{38EF59F9-B5CD-4D82-9A23-5D23586802EE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{035C5A70-F894-47A2-9743-4BA3BA6E4DAA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E064D51F-8A1E-4140-8CC5-D5C2240A4F2E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E2664FFA-67C6-410F-AAC8-F066F27D115B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BC0BAA09-1119-4F11-8300-25E1B82E3497}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{10B29C82-BCF8-401D-B6F0-05CE527DD30F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4FA1D2F6-7A48-4A1C-9CF5-123B1860743D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B40830F3-30D8-4262-BAB8-6F9ACCD45FFE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0995D0E4-8E53-49F8-91FA-39D2F1D188B0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AB66612B-BA64-4F67-988B-7DC028380DAD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{03E1543D-1CF2-4876-82D1-1B497E456B17}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{37074951-5906-42B3-9510-33D3F88ECF78}] => (Allow) C:\Users\Václav Lukeš\Desktop\reiboot.exe => No File
FirewallRules: [{82177B24-ACCC-4AEA-8648-1C03031482E4}] => (Allow) C:\Users\Václav Lukeš\Desktop\reiboot.exe => No File

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:115.5 GB) (Free:80.89 GB) (70%)

==================== Faulty Device Manager Devices ============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Zařízení PCI
Description: Zařízení PCI
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (04/02/2023 10:27:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: 3VY8reCZ.exe, verze: 3.190.147.3, časové razítko: 0x6429e500
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x80040003
ID chybujícího procesu: 0x2df0
Čas spuštění chybující aplikace: 0x01d965a182b7e559
Cesta k chybující aplikaci: C:\Users\Václav Lukeš\AppData\Roaming\3VY8reCZ.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 10e25ed6-6c1a-4f29-92fd-87634bb1a9a2
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/02/2023 10:14:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: 2uYOtL7E.exe, verze: 3.190.147.3, časové razítko: 0x6429e1a4
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x541008a1
ID chybujícího procesu: 0x808
Čas spuštění chybující aplikace: 0x01d9659fbcfd973c
Cesta k chybující aplikaci: C:\Users\Václav Lukeš\AppData\Roaming\2uYOtL7E.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: bfb579f7-c73b-4e34-8384-95e4b84b0226
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/02/2023 10:12:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: IX66Efdt.exe, verze: 3.190.147.3, časové razítko: 0x6429e1a4
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x541008a1
ID chybujícího procesu: 0x2f58
Čas spuštění chybující aplikace: 0x01d9659f77a7ff99
Cesta k chybující aplikaci: C:\Users\Václav Lukeš\AppData\Roaming\IX66Efdt.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: c4f14d79-c984-409f-bce7-dae7044fde45
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/02/2023 10:10:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname DESKTOP-QKQEO61.local already in use; will try DESKTOP-QKQEO61-2.local instead

Error: (04/02/2023 10:10:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 DESKTOP-QKQEO61.local. Addr 10.0.1.61

Error: (04/02/2023 10:10:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 10.0.1.61:5353 16 DESKTOP-QKQEO61.local. AAAA 2A009192:AB2E4E86:B1EB:6438

Error: (04/02/2023 10:10:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 DESKTOP-QKQEO61.local. AAAA FE80:0000:0000:0000:7ABC:696C:14D5:3994

Error: (04/02/2023 10:10:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 10.0.1.61:5353 16 DESKTOP-QKQEO61.local. AAAA 2A009192:AB2E4E86:B1EB:6438


System errors:
=============
Error: (04/03/2023 08:47:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Wondershare Driver Install Service help byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/03/2023 08:47:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Bonjour Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/03/2023 08:47:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (04/03/2023 08:47:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Apple Mobile Device Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (04/03/2023 08:47:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SynTPEnh Caller Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/03/2023 08:47:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) HD Graphics Control Panel Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/03/2023 07:38:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Wondershare InstallAssist neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (04/03/2023 07:38:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba WirelessBackupService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.


Windows Defender:
================
Date: 2023-04-02 22:12:45
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Wacatac.H!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Václav Lukeš\AppData\Roaming\IX66Efdt.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.385.1850.0, AS: 1.385.1850.0, NIS: 1.385.1850.0
Verze modulu: AM: 1.1.20100.6, NIS: 1.1.20100.6

Date: 2023-04-02 19:19:13
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files (x86)\Wondershare\drfone\Addins\Recovery\DrFoneRecovery.exe provádění změn v paměti.
Čas detekce: 2023-04-02T17:19:13.052Z
Uživatel: DESKTOP-QKQEO61\Václav Lukeš
Cesta: \Device\Harddisk0\DR0
Název procesu: C:\Program Files (x86)\Wondershare\drfone\Addins\Recovery\DrFoneRecovery.exe
Verze bezpečnostních informací: 1.385.1850.0
Verze modulu: 1.1.20100.6
Verze produktu: 4.18.2302.7

Date: 2023-04-02 17:58:27
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.H!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Václav Lukeš\AppData\Roaming\g6jZCr11.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-QKQEO61\Václav Lukeš
Název procesu: C:\Users\Václav Lukeš\Desktop\CompleteSetup_Full_Version\Newest_Setup_2023_As_PassKey\SetupFile.exe
Verze bezpečnostních informací: AV: 1.385.1850.0, AS: 1.385.1850.0, NIS: 1.385.1850.0
Verze modulu: AM: 1.1.20100.6, NIS: 1.1.20100.6

Date: 2023-04-02 17:56:47
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.H!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Václav Lukeš\AppData\Roaming\0HJbR6Kv.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-QKQEO61\Václav Lukeš
Název procesu: C:\Users\Václav Lukeš\Desktop\CompleteSetup_Full_Version\Newest_Setup_2023_As_PassKey\SetupFile.exe
Verze bezpečnostních informací: AV: 1.385.1850.0, AS: 1.385.1850.0, NIS: 1.385.1850.0
Verze modulu: AM: 1.1.20100.6, NIS: 1.1.20100.6

Date: 2023-04-02 17:54:53
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Sabsik.FL.A!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Václav Lukeš\Desktop\CompleteSetup_Full_Version.rar
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-QKQEO61\Václav Lukeš
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.385.1850.0, AS: 1.385.1850.0, NIS: 1.385.1850.0
Verze modulu: AM: 1.1.20100.6, NIS: 1.1.20100.6
Event[0]:

Date: 2023-03-30 02:08:16
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.385.1495.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20100.6
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===============
Date: 2023-04-03 20:53:49
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2023-04-03 20:47:08
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: Insyde Corp. V2.29 06/05/2014
Motherboard: Acer Dazzle_HW
Processor: Intel(R) Core(TM) i3-4010U CPU @ 1.70GHz
Percentage of memory in use: 39%
Total physical RAM: 8072.27 MB
Available physical RAM: 4875.23 MB
Total Virtual: 9992.27 MB
Available Virtual: 6929.34 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:115.5 GB) (Free:80.89 GB) (Model: Apacer AS350 512GB) NTFS
Drive d: (Media) (Fixed) (Total:214.84 GB) (Free:116.31 GB) (Model: Apacer AS350 512GB) NTFS
Drive e: (Dokumenty) (Fixed) (Total:146.48 GB) (Free:24.75 GB) (Model: Apacer AS350 512GB) NTFS

\\?\Volume{2a0142fe-99b5-43dc-983d-6efbf3c53a22}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: C4F57CA6)

Partition: GPT.

==========================================================
Disk: 1 (Size: 22.4 GB) (Disk ID: B2AD70E3)

Partition: GPT.

==================== End of Addition.txt =======================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [{37074951-5906-42B3-9510-33D3F88ECF78}] => (Allow) C:\Users\Václav Lukeš\Desktop\reiboot.exe => No File
FirewallRules: [{82177B24-ACCC-4AEA-8648-1C03031482E4}] => (Allow) C:\Users\Václav Lukeš\Desktop\reiboot.exe => No File
C:\Users\Václav Lukeš\AppData\Roaming\IX66Efdt.exe
C:\Users\Václav Lukeš\AppData\Roaming\g6jZCr11.exe
C:\Users\Václav Lukeš\AppData\Roaming\0HJbR6Kv.exe
C:\Users\Václav Lukeš\Desktop\CompleteSetup_Full_Version.rar
HKLM-x32\...\Run: [Backup] => C:\Program Files (x86)\Wondershare\drfone\Addins\Backup\DrFoneBackup.exe /hide (No File)
ShortcutTarget: WSAndroidAppHelper.lnk -> C:\Program Files (x86)\Wondershare\drfone\Addins\SocialApps\WSAndroidAppHelper.exe (No File)
ShortcutTarget: WSAppHelper.lnk -> C:\Program Files (x86)\Wondershare\drfone\Addins\SocialApps\WSAppHelper.exe (No File)
Task: {91B68828-2300-4DDF-8A97-563E36C2E435} - System32\Tasks\sshDokumenty-type3.1.4.2 => C:\ProgramData\sshDokumenty-type3.1.4.2\sshDokumenty-type3.1.4.2.exe [0 0000-00-00] () [Access Denied] <==== ATTENTION
C:\DumpStack.log.tmp

EmptyTemp:
End

Uložte do C:\Users\Václav Lukeš\Desktop\Databáze viry jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[Luky73]

Fix result of Farbar Recovery Scan Tool (x64) Version: 04-04-2023
Ran by Václav Lukeš (04-04-2023 16:45:31) Run:1
Running from C:\Users\Václav Lukeš\Desktop\Databáze viry
Loaded Profiles: Václav Lukeš
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [{37074951-5906-42B3-9510-33D3F88ECF78}] => (Allow) C:\Users\V�clav Luke�\Desktop\reiboot.exe => No File
FirewallRules: [{82177B24-ACCC-4AEA-8648-1C03031482E4}] => (Allow) C:\Users\V�clav Luke�\Desktop\reiboot.exe => No File
C:\Users\V�clav Luke�\AppData\Roaming\IX66Efdt.exe
C:\Users\V�clav Luke�\AppData\Roaming\g6jZCr11.exe
C:\Users\V�clav Luke�\AppData\Roaming\0HJbR6Kv.exe
C:\Users\V�clav Luke�\Desktop\CompleteSetup_Full_Version.rar
HKLM-x32\...\Run: [Backup] => C:\Program Files (x86)\Wondershare\drfone\Addins\Backup\DrFoneBackup.exe /hide (No File)
ShortcutTarget: WSAndroidAppHelper.lnk -> C:\Program Files (x86)\Wondershare\drfone\Addins\SocialApps\WSAndroidAppHelper.exe (No File)
ShortcutTarget: WSAppHelper.lnk -> C:\Program Files (x86)\Wondershare\drfone\Addins\SocialApps\WSAppHelper.exe (No File)
Task: {91B68828-2300-4DDF-8A97-563E36C2E435} - System32\Tasks\sshDokumenty-type3.1.4.2 => C:\ProgramData\sshDokumenty-type3.1.4.2\sshDokumenty-type3.1.4.2.exe [0 0000-00-00] () [Access Denied] <==== ATTENTION
C:\DumpStack.log.tmp

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{37074951-5906-42B3-9510-33D3F88ECF78}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{82177B24-ACCC-4AEA-8648-1C03031482E4}" => removed successfully
"C:\Users\V�clav Luke�\AppData\Roaming\IX66Efdt.exe" => not found
"C:\Users\V�clav Luke�\AppData\Roaming\g6jZCr11.exe" => not found
"C:\Users\V�clav Luke�\AppData\Roaming\0HJbR6Kv.exe" => not found
"C:\Users\V�clav Luke�\Desktop\CompleteSetup_Full_Version.rar" => not found
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Backup" => removed successfully
"C:\Program Files (x86)\Wondershare\drfone\Addins\SocialApps\WSAndroidAppHelper.exe" => not found
"C:\Program Files (x86)\Wondershare\drfone\Addins\SocialApps\WSAppHelper.exe" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{91B68828-2300-4DDF-8A97-563E36C2E435}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{91B68828-2300-4DDF-8A97-563E36C2E435}" => removed successfully
C:\Windows\System32\Tasks\sshDokumenty-type3.1.4.2 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\sshDokumenty-type3.1.4.2" => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1048576 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10544553 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 2050949 B
Edge => 0 B
Chrome => 531774081 B
Firefox => 114617237 B
Opera => 41177987 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 38270 B
Václav Lukeš => 849030917 B

RecycleBin => 7223862 B
EmptyTemp: => 1.5 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 04-04-2023 16:46:54)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 16:46:54 ====

[Rudy]

Smazáno, log by kož měl být OK.

[Luky73]

díky moc

[Rudy]

Rádo se stalo!