VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Počítač zamrzne po zapnutí, proces bez jména v task manageru

https://forum.viry.cz:443/viewtopic.php?t=156834

Stránka 1 z 1

Počítač zamrzne po zapnutí, proces bez jména v task manageru

Napsal: 07 úno 2020 12:37
od Twitty23
Dobrý den, prosím o pomoc, počítač je nepoužitelný (v safe modu jede). Po zapnutí má PC 100% využití disku a v task manageru vidím proces beze jména. Vrácení pomocí restore pointu nepomohlo.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-02-2020 02
Ran by Ondra (administrator) on DESKTOP-3LP6DMO (07-02-2020 12:31:30)
Running from C:\Users\Ondra\Desktop
Loaded Profiles: Ondra (Available Profiles: Ondra)
Platform: Windows 10 Pro Version 1903 18362.592 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.7-0\MsMpEng.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-2253020294-161528288-3608264937-1001\...\Run: [Steam] => D:\Steam\steam.exe [3311568 2020-01-18] (Valve -> Valve Corporation)
HKU\S-1-5-21-2253020294-161528288-3608264937-1001\...\Run: [Spotify] => C:\Users\Ondra\AppData\Roaming\Spotify\Spotify.exe [22202272 2020-01-17] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2253020294-161528288-3608264937-1001\...\Run: [f.lux] => C:\Users\Ondra\AppData\Local\FluxSoftware\Flux\flux.exe [1385480 2019-08-30] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-2253020294-161528288-3608264937-1001\...\Run: [Discord] => C:\Users\Ondra\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-2253020294-161528288-3608264937-1001\...\Run: [GoogleChromeAutoLaunch_73351DC06A4629EA47799CC7BF4E395F] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-2253020294-161528288-3608264937-1001\...\MountPoints2: {34177d5a-0aff-11ea-93be-acfdcee245ea} - "F:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-21] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {036CC0BD-CF8A-4A02-A342-84CAAB85DF4F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {0D6FC624-B5FB-47E4-B002-09D7B6540530} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {10C54C58-31FB-49F3-BCC5-D97BB0AD7CCB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {24A7BCD3-2423-4397-8E85-884CA9F03112} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-19] (Google Inc -> Google LLC)
Task: {3422CF56-BD0C-4C68-8A9C-E00110A8B91E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {520909DE-8E9B-45A0-8019-A5EF5ED83F7A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {590247AF-6470-4C27-940F-77480E9B4807} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-19] (Google Inc -> Google LLC)
Task: {8D7F3812-D4EC-46C6-8D6B-A84E932450D1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A19ABF06-2559-4080-AF25-71AEEC41A0E3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{038cd8d7-1d40-41ad-9f93-656797ac2e18}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================

FireFox:
========
FF DefaultProfile: mplk0u1q.default
FF ProfilePath: C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\mplk0u1q.default [2019-12-26]
FF ProfilePath: C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\v8w01xth.default-release [2020-02-07]
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-17] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default [2020-02-07]
CHR DefaultSearchURL: Default -> hxxps://searchingrent.com?a=gsp_linkvertise_00_00&q={searchTerms}
CHR DefaultSearchKeyword: Default -> lookbox
CHR Extension: (Slides) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-11-19]
CHR Extension: (Docs) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-11-19]
CHR Extension: (Google Drive) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-11-19]
CHR Extension: (YouTube) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-11-19]
CHR Extension: (Honey) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2020-02-07]
CHR Extension: (Lookbox.net) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhcchobplehlilmhcmhemphkddhfanea [2020-01-22]
CHR Extension: (Sheets) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-11-19]
CHR Extension: (NordVPN - #1 VPN Proxy Extension for Chrome) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2020-02-06]
CHR Extension: (Google Docs Offline) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-15]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-02-07]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2020-02-07]
CHR Extension: (21VPN - Unlimited & Free VPN) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijgfmeppdgkinedhofnkjpmlkdkpialj [2020-02-06]
CHR Extension: (Aliexpress Search by image) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkcacbjiofjgbnaknoojjboeiinempoa [2019-11-25]
CHR Extension: (Popup Blocker Pro) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiodaajmphnkcajieajajinghpejdjai [2019-11-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-19]
CHR Extension: (Gmail) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-11-19]
CHR Extension: (Chrome Media Router) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-02-07]
CHR Extension: (Krunker Skid) - C:\Users\Ondra\Downloads\Krunker Skid [2020-02-07]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [529696 2019-04-24] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-09-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [27768 2012-10-22] (VIA Technologies Inc. -> VIA Technologies, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\NisSrv.exe [3284840 2020-02-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MsMpEng.exe [103168 2020-02-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2019-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 HWHandSet; C:\WINDOWS\System32\drivers\hw_quusbmdm.sys [226560 2019-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_cdcacm; C:\WINDOWS\System32\drivers\hw_cdcacm.sys [127360 2019-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hw_usbdev; C:\WINDOWS\System32\drivers\hw_usbdev.sys [116864 2019-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [239392 2019-04-24] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 MTsensor; C:\WINDOWS\System32\drivers\ASACPI.sys [17280 2013-05-17] (ASUSTeK Computer Inc. -> )
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3521016 2019-08-01] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_db678424d2641c3d\nvlddmkm.sys [22094728 2019-10-04] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1158944 2019-08-01] (Realtek Semiconductor Corp. -> Realtek )
S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
S3 VIAHdAudAddService; C:\WINDOWS\system32\drivers\viahduaa.sys [2206864 2012-10-22] (VIA Technologies Inc. -> VIA Technologies, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-02-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [376032 2020-02-02] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2020-02-02] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-07 12:31 - 2020-02-07 12:32 - 000014069 _____ C:\Users\Ondra\Desktop\FRST.txt
2020-02-07 12:31 - 2020-02-07 12:32 - 000000000 ____D C:\FRST
2020-02-07 12:30 - 2020-02-07 12:30 - 002279424 _____ (Farbar) C:\Users\Ondra\Desktop\FRST64.exe
2020-02-07 12:26 - 2020-02-07 12:26 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2020-02-07 12:25 - 2020-02-07 12:31 - 000109930 _____ C:\WINDOWS\ntbtlog.txt
2020-02-07 00:26 - 2020-02-07 00:28 - 4289134592 _____ C:\Users\Ondra\Desktop\Windows.iso
2020-02-07 00:10 - 2020-02-07 00:10 - 000000000 ____D C:\ESD
2020-02-07 00:08 - 2020-02-07 00:08 - 000000000 ____D C:\$WINDOWS.~BT
2020-02-07 00:07 - 2020-02-07 00:07 - 000000000 ___HD C:\$Windows.~WS
2020-02-06 23:59 - 2020-02-07 00:06 - 000000000 ____D C:\Users\Ondra\VirtualBox VMs
2020-02-06 23:58 - 2020-02-07 05:18 - 000000000 ____D C:\Users\Ondra\.VirtualBox
2020-02-06 23:58 - 2020-02-06 23:58 - 000000000 ____D C:\ProgramData\VirtualBox
2020-02-06 23:57 - 2020-02-06 23:57 - 000000000 ____D C:\Program Files\Oracle
2020-02-06 22:39 - 2020-02-06 22:39 - 002615579 _____ C:\Users\Ondra\Desktop\verified
2020-02-06 21:35 - 2020-02-07 21:06 - 000000000 ____D C:\Program Files\WinRAR
2020-02-06 21:35 - 2020-02-06 21:35 - 000000000 ____D C:\Users\Ondra\AppData\Roaming\WinRAR
2020-02-06 21:35 - 2020-01-18 10:20 - 000000143 _____ C:\Users\Ondra\Desktop\Visit My Shop.url
2020-02-06 19:22 - 2020-02-07 21:06 - 000000000 ____D C:\Program Files (x86)\NordVPN
2020-02-06 19:22 - 2020-02-06 19:31 - 000000000 ____D C:\Users\Ondra\AppData\Local\NordVPN
2020-02-06 19:22 - 2020-02-06 19:22 - 000000000 ____D C:\ProgramData\NordVPN
2020-02-06 19:22 - 2020-02-06 19:22 - 000000000 ____D C:\Program Files (x86)\NordVPN network TAP
2020-02-01 21:41 - 2020-02-07 21:06 - 000000000 ____D C:\Users\Ondra\Downloads\Krunker Skid
2020-02-01 21:40 - 2020-02-01 21:40 - 000070236 _____ C:\Users\Ondra\Downloads\Krunker Skid (2).zip
2020-02-01 21:40 - 2020-02-01 21:40 - 000070236 _____ C:\Users\Ondra\Downloads\Krunker Skid (1).zip
2020-02-01 21:39 - 2020-02-01 21:39 - 000070236 _____ C:\Users\Ondra\Downloads\Krunker Skid.zip
2020-01-27 01:11 - 2020-01-27 01:11 - 000368982 _____ C:\Users\Ondra\Downloads\Piková-dáma.pdf
2020-01-27 01:06 - 2020-01-27 01:06 - 000549945 _____ C:\Users\Ondra\Downloads\kral_lavra.pdf
2020-01-26 23:54 - 2020-01-26 23:54 - 000083400 _____ C:\Users\Ondra\Downloads\Ki3SKU5rwkKVpdUoJG7gWg.webp
2020-01-25 21:24 - 2020-01-26 01:43 - 000000000 ____D C:\Users\Ondra\AppData\Local\GeometryDash
2020-01-25 21:22 - 2020-01-25 21:22 - 000000202 _____ C:\Users\Ondra\Desktop\Geometry Dash.url
2020-01-22 22:44 - 2020-01-22 22:44 - 000353388 _____ C:\Users\Ondra\Downloads\krunkerSkid.zip
2020-01-22 22:37 - 2020-01-22 22:38 - 000020103 _____ C:\Users\Ondra\Downloads\krunkerio.user.js
2020-01-22 22:36 - 2020-01-22 22:37 - 000015034 _____ C:\Users\Ondra\Downloads\[WORKING]Krunkerio Aimbot+ESP 196.user.js
2020-01-22 22:32 - 2020-01-22 22:32 - 000001233 _____ C:\Users\Public\Desktop\Auto Keyboard by MurGee.com.lnk
2020-01-22 22:32 - 2020-01-22 22:32 - 000001233 _____ C:\ProgramData\Desktop\Auto Keyboard by MurGee.com.lnk
2020-01-22 22:32 - 2020-01-22 22:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auto Keyboard by MurGee.com
2020-01-22 22:32 - 2020-01-22 22:32 - 000000000 ____D C:\Program Files (x86)\Auto Keyboard by MurGee.com
2020-01-22 22:31 - 2020-01-22 22:31 - 000849544 _____ (MurGee.com ) C:\Users\Ondra\Downloads\setup.exe
2020-01-22 22:30 - 2020-01-22 22:30 - 003245600 _____ C:\Users\Ondra\Downloads\AutoHotkey_1.1.32.00_setup.exe
2020-01-22 22:30 - 2020-01-22 22:30 - 000000000 ____D C:\WINDOWS\ShellNew
2020-01-22 22:30 - 2020-01-22 22:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2020-01-22 22:30 - 2020-01-22 22:30 - 000000000 ____D C:\Program Files\AutoHotkey
2020-01-22 16:34 - 2020-01-22 16:34 - 000015928 _____ C:\Users\Ondra\Downloads\Subject.PDF
2020-01-22 00:42 - 2020-01-22 00:42 - 000000000 ____D C:\Users\Ondra\AppData\Local\freedocrreadermediafreeware
2020-01-22 00:41 - 2020-01-22 00:41 - 016897152 _____ (Media Freeware) C:\Users\Ondra\Downloads\docreader_setup.exe
2020-01-22 00:41 - 2020-01-22 00:41 - 000001299 _____ C:\Users\Public\Desktop\Free DOC Reader.lnk
2020-01-22 00:41 - 2020-01-22 00:41 - 000001299 _____ C:\ProgramData\Desktop\Free DOC Reader.lnk
2020-01-22 00:41 - 2020-01-22 00:41 - 000000000 ____D C:\Users\Ondra\AppData\Roaming\Media Freeware
2020-01-22 00:41 - 2020-01-22 00:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free DOC Reader
2020-01-22 00:41 - 2020-01-22 00:41 - 000000000 ____D C:\Program Files (x86)\Media Freeware
2020-01-22 00:38 - 2020-01-25 00:58 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-01-22 00:38 - 2020-01-25 00:57 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-01-22 00:38 - 2020-01-22 00:39 - 000000000 ____D C:\Users\Ondra\AppData\LocalLow\Adobe
2020-01-22 00:38 - 2020-01-22 00:38 - 000002124 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2020-01-22 00:38 - 2020-01-22 00:38 - 000002124 _____ C:\ProgramData\Desktop\Acrobat Reader DC.lnk
2020-01-22 00:37 - 2020-01-22 00:39 - 000000000 ____D C:\ProgramData\Adobe
2020-01-22 00:37 - 2020-01-22 00:37 - 000000000 ____D C:\Program Files (x86)\Adobe
2020-01-22 00:36 - 2020-01-22 16:44 - 000000000 ____D C:\Users\Ondra\AppData\Local\Adobe
2020-01-17 21:32 - 2020-01-17 21:36 - 000000000 ____D C:\Users\Ondra\Downloads\[Telegram - Movieaio] Sex Education Season 2 NF 720p WEB-DL H264 Esubs
2020-01-17 20:12 - 2020-01-25 20:21 - 000000000 ____D C:\Users\Ondra\AppData\Local\ElevatedDiagnostics
2020-01-16 00:02 - 2020-01-16 00:02 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-01-16 00:02 - 2020-01-16 00:02 - 008012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 007016448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 006520480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 005913600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-16 00:02 - 2020-01-16 00:02 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 002801152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-01-16 00:02 - 2020-01-16 00:02 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-16 00:02 - 2020-01-16 00:02 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 002494464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 002473976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 001985928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-01-16 00:02 - 2020-01-16 00:02 - 001330952 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 001106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-01-16 00:02 - 2020-01-16 00:02 - 001051664 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-16 00:02 - 2020-01-16 00:02 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000678712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-01-16 00:02 - 2020-01-16 00:02 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-01-16 00:02 - 2020-01-16 00:02 - 000542496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000432256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-16 00:02 - 2020-01-16 00:02 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-01-16 00:02 - 2020-01-16 00:02 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-01-16 00:02 - 2020-01-16 00:02 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-01-16 00:02 - 2020-01-16 00:02 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-01-16 00:02 - 2020-01-16 00:02 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-01-16 00:02 - 2020-01-16 00:02 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000162696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-01-16 00:02 - 2020-01-16 00:02 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tsusbhub.sys
2020-01-16 00:02 - 2020-01-16 00:02 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000127520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-01-16 00:02 - 2020-01-16 00:02 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\LSCSHostPolicy.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\lstelemetry.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-01-15 23:49 - 2019-12-10 06:15 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-01-15 23:49 - 2019-12-10 05:59 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-01-14 21:39 - 2020-01-14 21:39 - 000016179 _____ C:\Users\Ondra\Downloads\autoexec.cfg
2020-01-13 21:10 - 2020-01-13 21:10 - 000023703 _____ C:\Users\Ondra\Downloads\Faktura_k_dorucene_dodavce (1).PDF
2020-01-13 21:09 - 2020-01-13 21:09 - 000023598 _____ C:\Users\Ondra\Downloads\Faktura_k_dorucene_dodavce.PDF
2020-01-11 18:23 - 2020-01-11 18:23 - 005309436 _____ C:\Users\Ondra\Downloads\DASH_1080.mp4

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-07 21:06 - 2019-11-19 19:34 - 000000000 ____D C:\WINDOWS\INF
2020-02-07 21:05 - 2019-11-19 19:36 - 000000000 ___HD C:\Program Files\WindowsApps
2020-02-07 21:03 - 2019-11-19 19:36 - 000000000 ____D C:\WINDOWS\registration
2020-02-07 21:02 - 2019-12-07 22:21 - 000000000 ____D C:\Users\Ondra\AppData\Local\Spotify
2020-02-07 12:32 - 2019-12-26 02:30 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-02-07 12:28 - 2019-12-26 02:30 - 000000000 ____D C:\Users\Ondra\AppData\LocalLow\Mozilla
2020-02-07 12:26 - 2019-11-19 11:07 - 000000000 ____D C:\Users\Ondra
2020-02-07 12:24 - 2019-11-19 19:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-02-07 12:24 - 2019-11-19 19:25 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-02-07 12:23 - 2019-11-19 19:57 - 000000000 ____D C:\ProgramData\NVIDIA
2020-02-07 12:23 - 2019-11-19 19:55 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-02-07 12:19 - 2019-12-07 22:21 - 000000000 ____D C:\Users\Ondra\AppData\Roaming\Spotify
2020-02-07 12:19 - 2019-11-19 19:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-02-07 12:11 - 2020-01-02 21:03 - 000000000 ____D C:\Users\Ondra\AppData\Roaming\Discord
2020-02-07 00:08 - 2019-11-19 19:46 - 000000000 ____D C:\WINDOWS\Panther
2020-02-06 17:53 - 2019-11-19 19:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-02-02 07:10 - 2019-11-19 19:55 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-02-01 20:37 - 2019-11-19 11:10 - 000000000 ____D C:\Users\Ondra\AppData\Local\D3DSCache
2020-02-01 13:19 - 2019-11-19 11:08 - 000000000 ____D C:\Users\Ondra\AppData\Local\Packages
2020-01-26 14:54 - 2019-11-19 20:50 - 000000000 ____D C:\Users\Ondra\AppData\Roaming\vlc
2020-01-25 21:24 - 2019-11-19 17:17 - 000000000 ____D C:\ProgramData\Package Cache
2020-01-25 21:23 - 2019-11-19 19:36 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-01-25 21:22 - 2019-11-19 11:25 - 000000000 ____D C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2020-01-22 00:38 - 2019-11-19 11:08 - 000000000 ____D C:\Users\Ondra\AppData\Roaming\Adobe
2020-01-21 20:37 - 2019-11-19 11:14 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-21 20:37 - 2019-11-19 11:14 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-01-21 20:37 - 2019-11-19 11:14 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-01-19 00:56 - 2019-12-07 22:13 - 000000000 ____D C:\Users\Ondra\AppData\Roaming\.minecraft
2020-01-18 22:22 - 2019-11-19 11:08 - 000840848 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-01-18 22:14 - 2019-11-19 11:31 - 000000000 ____D C:\Users\Ondra\AppData\Roaming\qBittorrent
2020-01-17 18:01 - 2019-12-26 02:30 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-17 18:01 - 2019-11-19 19:55 - 000258688 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-16 01:15 - 2019-11-19 19:36 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-01-16 01:15 - 2019-11-19 19:36 - 000000000 ____D C:\WINDOWS\SystemResources
2020-01-16 01:15 - 2019-11-19 19:36 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-01-16 01:15 - 2019-11-19 19:36 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-01-16 00:09 - 2019-11-20 00:16 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-01-16 00:06 - 2019-11-20 00:15 - 120202352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-01-16 00:06 - 2019-11-19 19:28 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-01-15 16:03 - 2019-12-26 02:30 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-02-2020 02
Ran by Ondra (07-02-2020 12:33:25)
Running from C:\Users\Ondra\Desktop
Windows 10 Pro Version 1903 18362.592 (X64) (2019-11-19 10:04:43)
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2253020294-161528288-3608264937-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2253020294-161528288-3608264937-503 - Limited - Disabled)
Guest (S-1-5-21-2253020294-161528288-3608264937-501 - Limited - Disabled)
Ondra (S-1-5-21-2253020294-161528288-3608264937-1001 - Administrator - Enabled) => C:\Users\Ondra
WDAGUtilityAccount (S-1-5-21-2253020294-161528288-3608264937-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Auto Keyboard v6.3 (HKLM-x32\...\{71E16EE4-BBED-44A8-8724-9E68D05EE945}_is1) (Version: 6.3 - MurGee.com)
AutoHotkey 1.1.32.00 (HKLM\...\AutoHotkey) (Version: 1.1.32.00 - Lexikos)
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
Discord (HKU\S-1-5-21-2253020294-161528288-3608264937-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
f.lux (HKU\S-1-5-21-2253020294-161528288-3608264937-1001\...\Flux) (Version: - f.lux Software LLC)
Free DOC Reader (HKLM-x32\...\{810B21F5-6D1A-4E52-B5B1-ECBF75A30FF0}) (Version: 1.0.0 - Media Freeware)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{810F1419-7760-402E-8772-B4054FAA2B72}) (Version: 1.0.0.0 - Mojang)
Mozilla Firefox 72.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 72.0.1 (x64 cs)) (Version: 72.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 71.0 - Mozilla)
NVIDIA Graphics Driver 432.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 432.00 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.16 - NVIDIA Corporation)
qBittorrent 4.2.0 (HKLM-x32\...\qBittorrent) (Version: 4.2.0 - The qBittorrent project)
Spotify (HKU\S-1-5-21-2253020294-161528288-3608264937-1001\...\Spotify) (Version: 1.1.24.91.g4ca6d5eb - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.3.2 - TeamSpeak Systems GmbH)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-02-07] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-02-07] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2020-02-07] (Microsoft Studios) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2020-02-07] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-10-02] (NVIDIA Corporation -> NVIDIA Corporation)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-11-19 19:36 - 2019-11-19 19:33 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2020-01-05 03:32 - 2020-01-05 03:43 - 000000523 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2253020294-161528288-3608264937-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-2253020294-161528288-3608264937-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A34B4FF4-A69A-4E36-B727-3C00B98E8628}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{4DF24816-7C32-4C27-8D2C-BDA76FA6B04C}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{E36CD82F-44C7-4C27-8E51-7AE66417E26E}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{BC941194-B493-4977-8585-C33DCBC1F457}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{95340BE1-893D-4FEC-ACE8-6D3CDBDE7DC3}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{4AB13041-0076-4BA9-AAD5-D22EBE757C3D}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{58623D43-7B0C-4D3B-B0C3-E764E5266070}] => (Allow) D:\Steam\steamapps\common\The Binding of Isaac Rebirth\isaac-ng.exe () [File not signed]
FirewallRules: [{ED9859E4-E7EF-42AB-B1D9-8942E8B7FDCC}] => (Allow) D:\Steam\steamapps\common\The Binding of Isaac Rebirth\isaac-ng.exe () [File not signed]
FirewallRules: [{F470F002-399D-40FC-9BFB-8D404AF6DE19}] => (Allow) D:\Steam\steamapps\common\DayZ\DayZLauncher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{6DAAE0EA-5515-4DAA-B85D-CFF1BAEBDE2D}] => (Allow) D:\Steam\steamapps\common\DayZ\DayZLauncher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{258BB59F-44AE-4D92-8D84-ECA25CD28D08}] => (Allow) D:\Steam\steamapps\common\DayZ\DayZ_BE.exe (BOHEMIA INTERACTIVE a.s. -> BattlEye Innovations)
FirewallRules: [{C759B024-B66B-4205-AEA1-E2993B09937E}] => (Allow) D:\Steam\steamapps\common\DayZ\DayZ_BE.exe (BOHEMIA INTERACTIVE a.s. -> BattlEye Innovations)
FirewallRules: [{47CC606D-8767-4AAA-A2E6-9A71E06576C1}] => (Allow) D:\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{637778C9-57ED-4D11-979E-E51B2714F71B}] => (Allow) D:\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{2BE13918-68DE-4846-8077-A1205F8A8004}] => (Allow) D:\Steam\steamapps\common\FEAR Ultimate Shooter Edition\FEAR.exe (Monolith Productions, Inc.) [File not signed]
FirewallRules: [{779F7093-B388-4DA8-8390-1E7FC8C0C4AC}] => (Allow) D:\Steam\steamapps\common\FEAR Ultimate Shooter Edition\FEAR.exe (Monolith Productions, Inc.) [File not signed]
FirewallRules: [{51AC6F1E-79DC-4067-BC35-8780BA3249CF}] => (Allow) D:\Steam\steamapps\common\Far Cry 4\bin\FarCry4.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [{699D31D3-2DB0-4580-848C-9C41112F3320}] => (Allow) D:\Steam\steamapps\common\Far Cry 4\bin\FarCry4.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [{E3C98529-F393-4AD8-9BA4-48CF46BAE821}] => (Allow) D:\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{D465507F-BBDC-475D-9836-C28CD9D8347C}] => (Allow) D:\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{C5E32CD4-3DC3-4C39-852C-A852101EC71F}] => (Allow) D:\Steam\steamapps\common\Half-Life 2\hl2.exe (Valve -> )
FirewallRules: [{730966AF-58D4-4C5D-A447-FEC8820431B0}] => (Allow) D:\Steam\steamapps\common\Half-Life 2\hl2.exe (Valve -> )
FirewallRules: [{4C9C5090-5055-41A4-BECA-6C5EAFA85A94}] => (Allow) D:\Steam\steamapps\common\Team Fortress 2\hl2.exe (Valve -> )
FirewallRules: [{0ABFEBE1-DDF1-401F-93F5-29E012123696}] => (Allow) D:\Steam\steamapps\common\Team Fortress 2\hl2.exe (Valve -> )
FirewallRules: [{9B97C6B9-1FA3-4866-89DD-A38D1AD25637}] => (Allow) D:\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{8E5A26F8-156D-4D8B-9C2E-522C6F7CF171}] => (Allow) D:\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{685E822B-5A57-4111-9919-C2E7ABF8AFE7}] => (Allow) D:\Steam\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{C1927F9B-4AA1-46B5-A728-3FFC6E2E6D8C}] => (Allow) D:\Steam\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{351062C2-3A04-4B39-B42B-EB281E09541D}] => (Allow) D:\Steam\steamapps\common\STALKER Shadow of Chernobyl\bin\XR_3DA.exe (GSC Game World -> )
FirewallRules: [{B29A1E2D-169C-4977-8EAD-FA9BBF94525D}] => (Allow) D:\Steam\steamapps\common\STALKER Shadow of Chernobyl\bin\XR_3DA.exe (GSC Game World -> )
FirewallRules: [{140CD14E-B2BF-406A-A126-6E779ABDF448}] => (Allow) D:\Steam\steamapps\common\STALKER Clear Sky\bin\xrEngine.exe (GSC Game World -> )
FirewallRules: [{86709A3E-9B08-4C0F-A7D1-27FDC85BE34F}] => (Allow) D:\Steam\steamapps\common\STALKER Clear Sky\bin\xrEngine.exe (GSC Game World -> )
FirewallRules: [{E30EAF3E-BE36-4634-B647-1C33C9FFD420}] => (Allow) D:\Steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe (CD Projekt Red) [File not signed]
FirewallRules: [{37E6D56B-1420-451F-8F04-CF66ED8A0731}] => (Allow) D:\Steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe (CD Projekt Red) [File not signed]
FirewallRules: [{173B0491-9E0A-4720-8D3A-468DC91E7F23}] => (Allow) D:\Steam\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe (CD Projekt RED Sp. z o.o. -> CD Projekt Red)
FirewallRules: [{B4F2F599-0710-4417-B6D1-3D8908E94111}] => (Allow) D:\Steam\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe (CD Projekt RED Sp. z o.o. -> CD Projekt Red)
FirewallRules: [{D3D9F187-20EE-4FF0-BAB9-0F2156A91FD8}] => (Allow) D:\Steam\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe () [File not signed]
FirewallRules: [{7A000261-A730-4D44-B9BD-CBAA08B7F96F}] => (Allow) D:\Steam\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe () [File not signed]
FirewallRules: [{A5B3CD11-00B5-4829-98F9-422CBE898EA3}] => (Allow) D:\Steam\steamapps\common\the witcher 2\Launcher.exe (CD Projekt RED) [File not signed]
FirewallRules: [{D6C9CAB4-1283-4A3C-A689-E17D81CBEF62}] => (Allow) D:\Steam\steamapps\common\the witcher 2\Launcher.exe (CD Projekt RED) [File not signed]
FirewallRules: [{87A3B12A-0B63-463E-83FE-251ED8BA219F}] => (Allow) D:\Steam\steamapps\common\Stalker Call of Pripyat\bin\xrEngine.exe (GSC Game World -> GSC Game World)
FirewallRules: [{CE05D20D-22E1-4406-9F87-EC3FAE1A2132}] => (Allow) D:\Steam\steamapps\common\Stalker Call of Pripyat\bin\xrEngine.exe (GSC Game World -> GSC Game World)
FirewallRules: [{AECD4E2E-F1DF-4C42-95CF-CD8A873E8286}] => (Allow) D:\Steam\steamapps\common\Mafia II\pc\mafia2.exe (Valve Corp. -> 2K Czech) [File not signed]
FirewallRules: [{ADF0D471-6425-439D-B376-D0B023AF9CDC}] => (Allow) D:\Steam\steamapps\common\Mafia II\pc\mafia2.exe (Valve Corp. -> 2K Czech) [File not signed]
FirewallRules: [{EC1A5389-5B0C-4805-8803-19F9EC92196D}] => (Allow) D:\Steam\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> EasyAntiCheat Ltd)
FirewallRules: [{5B44D686-D1B8-4C77-9028-70109F868D44}] => (Allow) D:\Steam\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> EasyAntiCheat Ltd)
FirewallRules: [{723C98E5-1635-48FB-85D2-814178DB7EFE}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{82522D35-31EE-4BAD-8784-91B4E1D5FAA0}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{41B695B1-9772-447B-9E2C-F61ED04B8082}] => (Allow) D:\Steam\steamapps\common\Metro 2033 Redux\metro.exe (Koch Media GmbH -> 4A Games)
FirewallRules: [{9BF8D4B5-D117-470B-9E70-9A232FD7BF1F}] => (Allow) D:\Steam\steamapps\common\Metro 2033 Redux\metro.exe (Koch Media GmbH -> 4A Games)
FirewallRules: [{0433EE43-BB7A-4AC7-99C5-FD3E08B07895}] => (Allow) D:\Steam\steamapps\common\Metro Last Light Redux\metro.exe (Koch Media GmbH -> 4A Games)
FirewallRules: [{40FA9029-F540-40E1-A934-9B6F6FD5E948}] => (Allow) D:\Steam\steamapps\common\Metro Last Light Redux\metro.exe (Koch Media GmbH -> 4A Games)
FirewallRules: [{FC09CCAA-8A4E-4C53-84E0-DB036CF1BCE6}] => (Allow) D:\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{4EF4DD3B-E6B3-4FF2-8434-5839E5D576A6}] => (Allow) D:\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{BA17277B-0840-4C03-B19E-2C249BB02D57}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{F4FF3268-056A-4A0F-BDB7-97D08CFF2BCD}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{B58C4750-FE06-4979-9D47-48350953E066}C:\users\ondra\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ondra\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{FF6E4C71-E5CE-4010-8B37-9D2B4929260D}C:\users\ondra\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ondra\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1D1E39E3-9E60-43EF-BB2C-00C08AA625B2}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{5572E06A-C307-41CD-9DD2-3484F185D15C}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{93C19F65-8989-4DAF-AE90-6D4679657814}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{859A90D7-2731-4641-9B0D-F656CFC7B641}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5D227BFE-6674-430F-91C2-08F0CCD32292}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{69AF6624-979A-481D-95B6-35BE947C8A74}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{387A8F84-3757-4266-AD66-390A1A12398A}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [TCP Query User{FA8F7DFE-A783-4842-8D4E-599737A2D5BC}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{00B5E61C-7EE7-4A04-8499-AE15C23A54E8}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{7F2519CB-4F92-444A-B40A-B1BFC13B72AE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{51EB56A8-2B17-4130-B563-70EA699F28AB}] => (Allow) D:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{0B4CCBAA-B723-4526-B6EC-9E874445F820}] => (Allow) D:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{12A65FCE-B78C-44D2-ACFD-8490A5BECC73}] => (Allow) D:\Steam\steamapps\common\Geometry Dash\GeometryDash.exe () [File not signed]
FirewallRules: [{ECB3757D-CC8D-4E86-A0C7-175AC8582202}] => (Allow) D:\Steam\steamapps\common\Geometry Dash\GeometryDash.exe () [File not signed]

==================== Restore Points =========================

22-01-2020 00:41:27 Installed Free DOC Reader
01-02-2020 14:34:34 Scheduled Checkpoint
06-02-2020 23:56:28 Installed Oracle VM VirtualBox 6.1.2

==================== Faulty Device Manager Devices ============

Name: Microsoft Hyper-V Virtualization Infrastructure Driver
Description: Microsoft Hyper-V Virtualization Infrastructure Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: Vid
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: VIA High Definition Audio
Description: VIA High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: VIA Technologies, Inc.
Service: VIAHdAudAddService
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: NVIDIA High Definition Audio
Description: NVIDIA High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: NVHDA
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: ========================

Application errors:
==================
Error: (02/07/2020 12:26:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SearchUI.exe, version: 10.0.18362.418, time stamp: 0x5d995690
Faulting module name: ConstraintIndex.Search.dll, version: 10.0.18362.207, time stamp: 0x5d0b11a3
Exception code: 0xc0000005
Fault offset: 0x000000000003d775
Faulting process id: 0x760
Faulting application start time: 0x01d5dda966b9c551
Faulting application path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Faulting module path: C:\Windows\System32\ConstraintIndex.Search.dll
Report Id: 52e5b173-fdeb-410e-8be3-67a6ac9bb138
Faulting package full name: Microsoft.Windows.Cortana_1.13.0.18362_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: CortanaUI

Error: (02/07/2020 12:24:24 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.

Error: (02/07/2020 12:24:24 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (02/07/2020 04:45:47 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: The required buffer size is greater than the buffer size passed to the Collect function of the "C:\Windows\System32\perfts.dll" Extensible Counter DLL for the "LSM" service. The given buffer size was 27352 and the required size was 31384.

Error: (02/06/2020 11:23:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MailRanger.exe, version: 0.0.0.0, time stamp: 0x5b8e9a15
Faulting module name: ucrtbase.dll, version: 10.0.18362.387, time stamp: 0x6dbf7eae
Exception code: 0xc0000409
Fault offset: 0x0009e6eb
Faulting process id: 0x3198
Faulting application start time: 0x01d5dd2c394d9306
Faulting application path: C:\Users\Ondra\Desktop\MailRanger 2 [Crack.sx]\MailRanger.exe
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report Id: 42c76485-ae30-4123-a3fd-3a77c76f98b5
Faulting package full name:
Faulting package-relative application ID:

Error: (02/04/2020 01:31:45 AM) (Source: Wlclntfy) (EventID: 4005) (User: )
Description: The Windows logon process has unexpectedly terminated.

Error: (02/03/2020 11:50:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AUDIODG.EXE, version: 10.0.18362.449, time stamp: 0xd42474b6
Faulting module name: VIASysFx.dll, version: 1.0.0.0, time stamp: 0x507fa6d2
Exception code: 0xc0000005
Fault offset: 0x00000000000619f9
Faulting process id: 0x14b4
Faulting application start time: 0x01d5da7cca79170d
Faulting application path: C:\WINDOWS\system32\AUDIODG.EXE
Faulting module path: C:\WINDOWS\system32\VIASysFx.dll
Report Id: 1924987b-7c76-4710-99ae-940c5d6c89a9
Faulting package full name:
Faulting package-relative application ID:

Error: (01/26/2020 02:04:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AUDIODG.EXE, version: 10.0.18362.449, time stamp: 0xd42474b6
Faulting module name: VIASysFx.dll, version: 1.0.0.0, time stamp: 0x507fa6d2
Exception code: 0xc0000005
Fault offset: 0x00000000000619fc
Faulting process id: 0x2d94
Faulting application start time: 0x01d5d3c7752b3888
Faulting application path: C:\WINDOWS\system32\AUDIODG.EXE
Faulting module path: C:\WINDOWS\system32\VIASysFx.dll
Report Id: bec4fd8c-59d2-459c-a1b9-5bba216a22ee
Faulting package full name:
Faulting package-relative application ID:


System errors:
=============
Error: (02/07/2020 12:34:43 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1084" attempting to start the service EventSystem with arguments "Unavailable" in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (02/07/2020 12:33:59 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-3LP6DMO)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (02/07/2020 12:33:25 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-3LP6DMO)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (02/07/2020 12:32:41 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-3LP6DMO)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (02/07/2020 12:32:39 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-3LP6DMO)
Description: DCOM got error "1084" attempting to start the service BITS with arguments "Unavailable" in order to run the server:
{4991D34B-80A1-4291-83B6-3328366B9097}

Error: (02/07/2020 12:32:07 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-3LP6DMO)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (02/07/2020 12:32:07 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-3LP6DMO)
Description: DCOM got error "1084" attempting to start the service VSS with arguments "Unavailable" in order to run the server:
{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}

Error: (02/07/2020 12:32:07 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-3LP6DMO)
Description: DCOM got error "1084" attempting to start the service VSS with arguments "Unavailable" in order to run the server:
{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}


Windows Defender:
===================================
Date: 2020-02-06 23:47:35.802
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Trojan:Win32/Detplock
ID: 2147680291
Severity: Severe
Category: Trojan
Path: containerfile:_C:\Users\Ondra\Downloads\ExpressVPN_Checker_v1.0.0.rar; file:_C:\Users\Ondra\Downloads\ExpressVPN_Checker_v1.0.0.rar->ExpressVPN Checker v1.0.0.exe; webfile:_C:\Users\Ondra\Downloads\ExpressVPN_Checker_v1.0.0.rar|https://www.upload.ee/download/9521428/ ... 5056828861
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: Unknown
Security intelligence Version: AV: 1.309.458.0, AS: 1.309.458.0, NIS: 1.309.458.0
Engine Version: AM: 1.1.16700.3, NIS: 1.1.16700.3

Date: 2020-01-20 02:44:07.416
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {A77D5615-A7AD-4828-A179-863A4441A8BB}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-01-19 22:43:44.434
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {8DA00FE9-4C23-4C53-B76D-F833A317510D}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-01-19 21:59:09.726
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {429D4EC6-1410-4C61-A1FB-32BE1965D0A8}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-01-19 21:13:37.313
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {1B0CC116-53E5-412C-B69F-3C1B30E5F336}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-02-07 12:25:50.730
Description:
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

CodeIntegrity:
===================================

Date: 2019-11-19 20:02:15.678
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system.

Date: 2019-11-19 20:02:15.678
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 2003 12/14/2010
Motherboard: ASUSTeK Computer INC. P7P55D
Processor: Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz
Percentage of memory in use: 29%
Total physical RAM: 8190.05 MB
Available physical RAM: 5781.79 MB
Total Virtual: 9470.05 MB
Available Virtual: 7381.93 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:180.3 GB) (Free:108 GB) NTFS
Drive d: (SteamLibrary) (Fixed) (Total:750.3 GB) (Free:324.97 GB) NTFS

\\?\Volume{597b02f7-0000-0000-0000-50132d000000}\ (Rezervováno systémem) (Fixed) (Total:0.91 GB) (Free:0.52 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 597B02F7)
Partition 1: (Not Active) - (Size=180.3 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=932 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=750.3 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Re: Počítač zamrzne po zapnutí, proces bez jména v task mana

Napsal: 07 úno 2020 16:10
od Rudy
Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: Počítač zamrzne po zapnutí, proces bez jména v task mana

Napsal: 07 úno 2020 16:27
od Twitty23
# -------------------------------
# Malwarebytes AdwCleaner 8.0.2.0
# -------------------------------
# Build: 01-27-2020
# Database: 2020-01-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-07-2020
# Duration: 00:00:01
# OS: Windows 10 Pro
# Cleaned: 2
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted Vapecrawler
Deleted Vapecrawler

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1460 octets] - [07/02/2020 16:17:35]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

# -------------------------------
# Malwarebytes AdwCleaner 8.0.2.0
# -------------------------------
# Build: 01-27-2020
# Database: 2020-01-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 02-07-2020
# Duration: 00:00:16
# OS: Windows 10 Pro
# Scanned: 34824
# Detected: 2


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

PUP.Optional.Legacy Vapecrawler
PUP.Optional.Legacy Vapecrawler

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Re: Počítač zamrzne po zapnutí, proces bez jména v task mana

Napsal: 07 úno 2020 16:55
od Rudy
OK Teď dejte logy FRST+Addition, ale z plného režimu (z nouzového je to k ničemu). Pokud to nebude možné, spusťte v nouzovém AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 . Utilitu stáhněte, spusťte, nechte pracovat a po skončení akce smažte vše, co najde.

Re: Počítač zamrzne po zapnutí, proces bez jména v task mana

Napsal: 07 úno 2020 18:39
od Twitty23
Děkuji za rychlou odpověď. Plný režim zamrzne hned po zapnutí a AVPTool bohužel nic nenašel :(

Re: Počítač zamrzne po zapnutí, proces bez jména v task mana

Napsal: 07 úno 2020 18:50
od Rudy
OK. Zkuste obnovu systému k datu, kdy korektně fungoval.

Re: Počítač zamrzne po zapnutí, proces bez jména v task mana

Napsal: 07 úno 2020 19:04
od Twitty23
To jsem už zkoušel, ale nepomohlo to. Mohlo by to být špatným diskem (už půl roku tam mám nějaký error), ale pořád to nevysvětluje proces beze jména. Když proces vypnu, tak to vypadá že se PC n chvilku zrychlí, ale zachvíli se proces zase zapne.

Re: Počítač zamrzne po zapnutí, proces bez jména v task mana

Napsal: 07 úno 2020 19:58
od Rudy
Z logu FRST, pořízeném v nouz. režimu, nic nevyčtu, většina procesů, vč. těch virových, neběží. Stáhněte, nainstalujte a spusťte CrystalDiskInfo: https://www.instaluj.cz/crystaldiskinfo a přes Úpravy>Kopírovat sem dejte log.

Re: Počítač zamrzne po zapnutí, proces bez jména v task mana

Napsal: 08 úno 2020 20:32
od Twitty23
Počítač jsem resetoval (ne reinstaloval) a jede v pohodě. Jenom bych poprosil o kontrolu logu, jestli v něm něco nezůstalo.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-02-2020 02
Ran by Ondra (administrator) on DESKTOP-3LP6DMO (08-02-2020 20:20:25)
Running from C:\Users\Ondra\Desktop
Loaded Profiles: Ondra (Available Profiles: Ondra)
Platform: Windows 10 Pro Version 1903 18362.592 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler64.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windows.photos_2019.19081.22010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.590_none_5efc551459114cb9\TiWorker.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Steam\Steam.exe
(VIA Technologies Inc. -> VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.87\Installer\chrmstp.exe [2020-02-08] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {4613F97F-B4D3-4AB8-BA97-1F7AE2C5E9B0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-02-08] (Google LLC -> Google LLC)
Task: {F24B8B60-A816-46EC-8F38-4C7AC22FD341} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-02-08] (Google LLC -> Google LLC)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0af0b119-1c1d-4f09-993b-cdc5a5518942}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================

Chrome:
=======
CHR Profile: C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default [2020-02-08]
CHR DefaultSearchURL: Default -> hxxps://searchingrent.com?a=gsp_linkvertise_00_00&q={searchTerms}
CHR DefaultSearchKeyword: Default -> lookbox
CHR Extension: (Slides) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-02-08]
CHR Extension: (Docs) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-02-08]
CHR Extension: (Google Drive) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-02-08]
CHR Extension: (YouTube) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-02-08]
CHR Extension: (Honey) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2020-02-08]
CHR Extension: (Lookbox.net) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhcchobplehlilmhcmhemphkddhfanea [2020-02-08]
CHR Extension: (Sheets) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-02-08]
CHR Extension: (NordVPN - #1 VPN Proxy Extension for Chrome) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2020-02-08]
CHR Extension: (Google Docs Offline) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-02-08]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-02-08]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2020-02-08]
CHR Extension: (Aliexpress Search by image) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkcacbjiofjgbnaknoojjboeiinempoa [2020-02-08]
CHR Extension: (Popup Blocker Pro) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiodaajmphnkcajieajajinghpejdjai [2020-02-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-02-08]
CHR Extension: (Gmail) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-02-08]
CHR Extension: (Chrome Media Router) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-02-08]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [529696 2019-04-24] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-09-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [27768 2012-10-22] (VIA Technologies Inc. -> VIA Technologies, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2019-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 HWHandSet; C:\WINDOWS\System32\drivers\hw_quusbmdm.sys [226560 2019-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_cdcacm; C:\WINDOWS\System32\drivers\hw_cdcacm.sys [127360 2019-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hw_usbdev; C:\WINDOWS\System32\drivers\hw_usbdev.sys [116864 2019-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [239392 2019-04-24] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 MTsensor; C:\WINDOWS\System32\drivers\ASACPI.sys [17280 2013-05-17] (ASUSTeK Computer Inc. -> )
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3521016 2019-08-01] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_db678424d2641c3d\nvlddmkm.sys [22094728 2019-10-04] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1158944 2019-08-01] (Realtek Semiconductor Corp. -> Realtek )
S3 UcmCxUcsiNvppc; C:\WINDOWS\System32\drivers\UcmCxUcsiNvppc.sys [461592 2019-10-04] (NVIDIA Corporation -> NVIDIA Corporation)
R3 VIAHdAudAddService; C:\WINDOWS\system32\drivers\viahduaa.sys [2206864 2012-10-22] (VIA Technologies Inc. -> VIA Technologies, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-09 04:33 - 2020-02-08 19:58 - 000000000 ____D C:\WINDOWS\Panther
2020-02-09 04:31 - 2020-02-09 04:31 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2020-02-09 04:31 - 2020-02-08 19:58 - 000000000 ____D C:\Windows.old
2020-02-09 04:28 - 2020-02-09 04:28 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2020-02-09 04:28 - 2020-02-09 04:28 - 000000000 ____D C:\WINDOWS\Setup
2020-02-09 04:27 - 2020-02-09 04:27 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2020-02-09 04:27 - 2020-02-09 04:27 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2020-02-09 04:27 - 2020-02-09 04:27 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2020-02-09 04:27 - 2020-02-09 04:27 - 000000000 ____D C:\WINDOWS\OCR
2020-02-09 04:27 - 2020-02-09 04:27 - 000000000 ____D C:\Program Files\Reference Assemblies
2020-02-09 04:27 - 2020-02-09 04:27 - 000000000 ____D C:\Program Files\MSBuild
2020-02-09 04:27 - 2020-02-09 04:27 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2020-02-09 04:27 - 2020-02-09 04:27 - 000000000 ____D C:\Program Files (x86)\MSBuild
2020-02-09 04:26 - 2020-02-09 04:26 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2020-02-09 04:26 - 2020-02-09 04:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2020-02-09 04:26 - 2020-02-09 04:26 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2020-02-09 04:26 - 2020-02-09 04:26 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2020-02-09 04:26 - 2020-02-09 04:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2020-02-09 04:26 - 2020-02-09 04:26 - 000000000 ____D C:\WINDOWS\SysWOW64\0409
2020-02-09 04:26 - 2020-02-09 04:26 - 000000000 ____D C:\WINDOWS\system32\winrm
2020-02-09 04:26 - 2020-02-09 04:26 - 000000000 ____D C:\WINDOWS\system32\WCN
2020-02-09 04:26 - 2020-02-09 04:26 - 000000000 ____D C:\WINDOWS\system32\slmgr
2020-02-09 04:26 - 2020-02-09 04:26 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2020-02-09 04:26 - 2020-02-09 04:26 - 000000000 ____D C:\WINDOWS\system32\0409
2020-02-09 04:26 - 2020-02-09 04:26 - 000000000 ____D C:\WINDOWS\DigitalLocker
2020-02-09 04:24 - 2019-09-04 02:56 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-02-09 04:24 - 2019-09-04 02:56 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-02-09 04:22 - 2020-02-09 04:33 - 000000000 ____D C:\WINDOWS\Containers
2020-02-09 04:22 - 2020-02-09 04:32 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2020-02-09 04:22 - 2020-02-09 04:32 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2020-02-09 04:22 - 2020-02-09 04:32 - 000000000 ____D C:\WINDOWS\CSC
2020-02-09 04:22 - 2020-02-09 04:27 - 000000000 ____D C:\WINDOWS\SystemResources
2020-02-09 04:22 - 2020-02-09 04:27 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-02-09 04:22 - 2020-02-09 04:27 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-02-09 04:22 - 2020-02-09 04:26 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2020-02-09 04:22 - 2020-02-09 04:26 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2020-02-09 04:22 - 2020-02-09 04:26 - 000000000 ___SD C:\WINDOWS\system32\F12
2020-02-09 04:22 - 2020-02-09 04:26 - 000000000 ___SD C:\WINDOWS\system32\dsc
2020-02-09 04:22 - 2020-02-09 04:26 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-02-09 04:22 - 2020-02-09 04:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-02-09 04:22 - 2020-02-09 04:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-02-09 04:22 - 2020-02-09 04:26 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2020-02-09 04:22 - 2020-02-09 04:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-02-09 04:22 - 2020-02-09 04:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2020-02-09 04:22 - 2020-02-09 04:26 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-02-09 04:22 - 2020-02-09 04:26 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2020-02-09 04:22 - 2020-02-09 04:26 - 000000000 ____D C:\WINDOWS\system32\setup
2020-02-09 04:22 - 2020-02-09 04:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-02-09 04:22 - 2020-02-09 04:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-02-09 04:22 - 2020-02-09 04:26 - 000000000 ____D C:\WINDOWS\system32\MUI
2020-02-09 04:22 - 2020-02-09 04:26 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-02-09 04:22 - 2020-02-09 04:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-02-09 04:22 - 2020-02-09 04:26 - 000000000 ____D C:\WINDOWS\system32\Com
2020-02-09 04:22 - 2020-02-09 04:26 - 000000000 ____D C:\WINDOWS\IME
2020-02-09 04:22 - 2020-02-09 04:26 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-02-09 04:22 - 2020-02-09 04:26 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-02-09 04:22 - 2020-02-09 04:26 - 000000000 ____D C:\Program Files\Windows Defender
2020-02-09 04:22 - 2020-02-09 04:26 - 000000000 ____D C:\Program Files\Common Files\System
2020-02-09 04:22 - 2020-02-09 04:26 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-02-09 04:22 - 2020-02-09 04:26 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-02-09 04:22 - 2020-02-09 04:26 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 __SHD C:\Program Files\Windows Sidebar
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 __RSD C:\WINDOWS\Media
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ___SD C:\WINDOWS\system32\Nui
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ___SD C:\WINDOWS\system32\Configuration
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ___SD C:\WINDOWS\system32\AppV
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ___HD C:\WINDOWS\LanguageOverlayCache
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\Web
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\WaaS
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\Vss
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\tracing
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\TextInput
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\TAPI
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\SysWOW64\ras
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\SysWOW64\Msdtc
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\SystemApps
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\system32\winevt
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\system32\ti-et
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\system32\ta-lk
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\system32\ta-in
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\system32\si-lk
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\system32\ras
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\system32\ProximityToast
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\system32\PointOfService
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\system32\osa-Osge-001
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\system32\my-mm
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\system32\Keywords
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\system32\Ipmi
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\system32\IME
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\system32\icsxml
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\system32\ias
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\system32\Hydrogen
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\system32\GroupPolicyUsers
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\system32\ff-Adlm-SN
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\system32\DriverState
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\system32\downlevel
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\system32\DDFs
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\system32\config\TxR
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\system32\config\RegBack
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\system32\config\Journal
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\system32\Bthprops
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\system32\appraiser
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\system32\am-et
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\System
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\SKB
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\ShellComponents
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\security
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\schemas
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\SchCache
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\Resources
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\rescache
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\RemotePackages
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\Registration
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\Provisioning
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\PLA
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\Performance
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\ModemLogs
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\L2Schemas
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\InputMethod
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\IdentityCRL
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\Globalization
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\DiagTrack
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\Cursors
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\Branding
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\appcompat
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\addins
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\ProgramData\USOShared
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\ProgramData\USOPrivate
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\Program Files\Windows Security
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\Program Files\Windows Portable Devices
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\Program Files\Windows NT
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\Program Files\ModifiableWindowsApps
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\Program Files\Common Files\Services
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\Program Files (x86)\Windows NT
2020-02-09 04:22 - 2020-02-09 04:22 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2020-02-09 04:22 - 2020-02-09 04:19 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2020-02-09 04:22 - 2020-02-09 04:19 - 000215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2020-02-09 04:22 - 2020-02-09 04:19 - 000215943 _____ C:\WINDOWS\system32\dssec.dat
2020-02-09 04:22 - 2020-02-09 04:19 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2020-02-09 04:22 - 2020-02-09 04:19 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2020-02-09 04:22 - 2020-02-09 04:19 - 000018903 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2020-02-09 04:22 - 2020-02-09 04:19 - 000017635 _____ C:\WINDOWS\system32\Drivers\etc\services
2020-02-09 04:22 - 2020-02-09 04:19 - 000003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2020-02-09 04:22 - 2020-02-09 04:19 - 000003103 _____ C:\WINDOWS\SysWOW64\mmc.exe.config
2020-02-09 04:22 - 2020-02-09 04:19 - 000003103 _____ C:\WINDOWS\system32\mmc.exe.config
2020-02-09 04:22 - 2020-02-09 04:19 - 000001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol
2020-02-09 04:22 - 2020-02-09 04:19 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2020-02-09 04:22 - 2020-02-09 04:19 - 000000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2020-02-09 04:22 - 2020-02-09 04:19 - 000000741 _____ C:\WINDOWS\system32\NOISE.DAT
2020-02-09 04:22 - 2020-02-09 04:19 - 000000407 _____ C:\WINDOWS\system32\Drivers\etc\networks
2020-02-09 04:22 - 2020-02-09 04:19 - 000000219 _____ C:\WINDOWS\system.ini
2020-02-09 04:22 - 2020-02-09 04:19 - 000000092 _____ C:\WINDOWS\win.ini
2020-02-09 04:22 - 2020-02-08 20:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-02-09 04:22 - 2020-02-08 20:20 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-02-09 04:22 - 2020-02-08 20:10 - 000000000 ___RD C:\Program Files (x86)
2020-02-09 04:22 - 2020-02-08 19:58 - 000000000 ____D C:\WINDOWS\system32\spool
2020-02-09 04:22 - 2020-02-08 19:58 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2020-02-09 04:22 - 2020-02-08 19:55 - 000000000 ___HD C:\Program Files\WindowsApps
2020-02-09 04:22 - 2020-02-08 19:48 - 000000000 __RHD C:\Users\Public\Libraries
2020-02-09 04:22 - 2020-02-08 19:40 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-02-09 04:22 - 2020-02-08 19:40 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-02-09 04:22 - 2020-02-08 19:39 - 000000000 ____D C:\WINDOWS\Help
2020-02-09 04:22 - 2020-02-08 19:37 - 000000000 ____D C:\WINDOWS\ServiceState
2020-02-09 04:20 - 2020-02-08 20:25 - 000000000 ____D C:\WINDOWS\INF
2020-02-09 04:14 - 2020-02-08 20:19 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-02-09 04:12 - 2020-02-09 04:22 - 000000000 ____D C:\WINDOWS\system32\SMI
2020-02-09 04:12 - 2020-02-08 20:19 - 000000000 ____D C:\WINDOWS\servicing
2020-02-09 04:12 - 2020-02-08 19:49 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-02-09 04:12 - 2020-02-08 19:44 - 069206016 _____ C:\WINDOWS\system32\config\SOFTWARE
2020-02-09 04:12 - 2020-02-08 19:44 - 012058624 _____ C:\WINDOWS\system32\config\SYSTEM
2020-02-09 04:12 - 2020-02-08 19:44 - 000524288 _____ C:\WINDOWS\system32\config\DEFAULT
2020-02-09 04:12 - 2020-02-08 19:44 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2020-02-09 04:12 - 2020-02-08 19:44 - 000065536 _____ C:\WINDOWS\system32\config\SAM
2020-02-09 04:12 - 2020-02-08 19:44 - 000032768 _____ C:\WINDOWS\system32\config\SECURITY
2020-02-09 04:11 - 2020-02-09 04:33 - 000000000 ___HD C:\$SysReset
2020-02-08 20:23 - 2020-02-08 20:23 - 000000000 ____D C:\Users\Ondra\AppData\Local\Comms
2020-02-08 20:20 - 2020-02-08 20:23 - 000012211 _____ C:\Users\Ondra\Desktop\FRST.txt
2020-02-08 20:10 - 2020-02-08 20:10 - 000001765 _____ C:\Users\Public\Desktop\Defraggler.lnk
2020-02-08 20:10 - 2020-02-08 20:10 - 000001765 _____ C:\ProgramData\Desktop\Defraggler.lnk
2020-02-08 20:10 - 2020-02-08 20:10 - 000000000 ____D C:\Program Files\Defraggler
2020-02-08 20:09 - 2020-02-08 20:14 - 000000000 ____D C:\Users\Ondra\AppData\Local\Google
2020-02-08 20:09 - 2020-02-08 20:10 - 000002373 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-02-08 20:09 - 2020-02-08 20:10 - 000002332 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-02-08 20:09 - 2020-02-08 20:10 - 000002332 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-02-08 20:09 - 2020-02-08 20:10 - 000000000 ____D C:\Program Files (x86)\Google
2020-02-08 20:09 - 2020-02-08 20:09 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-02-08 20:09 - 2020-02-08 20:09 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-02-08 20:08 - 2020-02-08 20:09 - 000000000 ____D C:\Users\Ondra\AppData\Local\Steam
2020-02-08 20:08 - 2020-02-08 20:08 - 000000000 ____D C:\Users\Ondra\AppData\Local\PlaceholderTileLogoFolder
2020-02-08 20:08 - 2020-02-08 20:08 - 000000000 ____D C:\Users\Ondra\AppData\Local\CEF
2020-02-08 20:07 - 2020-02-08 20:07 - 000000000 ____D C:\Users\Ondra\AppData\Local\D3DSCache
2020-02-08 20:06 - 2020-02-08 20:07 - 000000000 ____D C:\Users\Ondra\AppData\Local\MicrosoftEdge
2020-02-08 20:06 - 2020-02-08 20:06 - 000001450 _____ C:\Users\Ondra\Desktop\Microsoft Edge.lnk
2020-02-08 20:06 - 2020-02-08 20:06 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2020-02-08 20:05 - 2020-02-08 20:27 - 000000000 ____D C:\ProgramData\Packages
2020-02-08 20:05 - 2020-02-08 20:05 - 000000000 ____D C:\Users\Ondra\AppData\Local\Publishers
2020-02-08 20:04 - 2020-02-08 20:28 - 000000000 ____D C:\Users\Ondra\AppData\Local\Packages
2020-02-08 20:04 - 2020-02-08 20:04 - 000000020 ___SH C:\Users\Ondra\ntuser.ini
2020-02-08 20:04 - 2020-02-08 20:04 - 000000000 ____D C:\Users\Ondra\AppData\Roaming\Adobe
2020-02-08 20:04 - 2020-02-08 20:04 - 000000000 ____D C:\Users\Ondra\AppData\Local\VirtualStore
2020-02-08 20:04 - 2020-02-08 20:04 - 000000000 ____D C:\Users\Ondra\AppData\Local\ConnectedDevicesPlatform
2020-02-08 19:58 - 2020-02-08 19:58 - 000000000 ____D C:\WINDOWS\minidump
2020-02-08 19:52 - 2020-02-08 19:52 - 000840848 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-02-08 19:50 - 2020-02-08 19:50 - 000000000 _SHDL C:\Users\Default User
2020-02-08 19:50 - 2020-02-08 19:50 - 000000000 _SHDL C:\Users\All Users
2020-02-08 19:49 - 2020-02-08 19:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-02-08 19:49 - 2020-02-08 19:49 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-02-08 19:43 - 2020-02-08 20:04 - 000000000 ____D C:\Users\Ondra
2020-02-08 19:43 - 2019-03-19 05:46 - 000001105 _____ C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-02-08 19:39 - 2020-02-08 20:04 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-02-08 19:39 - 2020-02-08 19:58 - 000000000 ____D C:\ProgramData\NVIDIA
2020-02-08 19:39 - 2020-02-08 19:39 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2020-02-08 19:39 - 2020-02-08 19:39 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-02-08 19:39 - 2020-02-08 19:39 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-02-08 19:39 - 2019-10-02 23:17 - 005434736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2020-02-08 19:39 - 2019-10-02 23:17 - 002637624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2020-02-08 19:39 - 2019-10-02 23:17 - 001767464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2020-02-08 19:39 - 2019-10-02 23:17 - 000650608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2020-02-08 19:39 - 2019-10-02 23:17 - 000451056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2020-02-08 19:39 - 2019-10-02 23:17 - 000124784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2020-02-08 19:39 - 2019-10-02 23:17 - 000083440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2020-02-08 19:39 - 2019-10-02 23:12 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2020-02-08 19:39 - 2019-09-28 03:03 - 008716712 _____ C:\WINDOWS\system32\nvcoproc.bin
2020-02-08 19:39 - 2019-07-01 13:58 - 002874368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-02-08 19:38 - 2020-02-08 19:38 - 000000000 ____D C:\WINDOWS\system32\SRSLabs
2020-02-08 19:38 - 2020-02-08 19:38 - 000000000 ____D C:\Program Files\VIA
2020-02-08 19:34 - 2020-02-08 20:04 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-02-08 19:34 - 2020-02-08 19:45 - 000258688 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-02-07 18:51 - 2020-02-08 20:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2020-02-07 17:58 - 2020-02-07 17:58 - 000000000 ____D C:\KVRT_Data
2020-02-07 16:17 - 2020-02-07 16:18 - 000000000 ____D C:\AdwCleaner
2020-02-07 12:31 - 2020-02-08 20:21 - 000000000 ____D C:\FRST
2020-02-07 12:30 - 2020-02-07 12:30 - 002279424 _____ (Farbar) C:\Users\Ondra\Desktop\FRST64.exe
2020-02-07 00:10 - 2020-02-07 00:10 - 000000000 ____D C:\ESD
2020-02-07 00:07 - 2020-02-07 00:07 - 000000000 ___HD C:\$Windows.~WS
2020-02-06 23:59 - 2020-02-07 00:06 - 000000000 ____D C:\Users\Ondra\VirtualBox VMs
2020-02-06 23:58 - 2020-02-07 05:18 - 000000000 ____D C:\Users\Ondra\.VirtualBox
2020-02-01 21:41 - 2020-02-07 21:06 - 000000000 ____D C:\Users\Ondra\Downloads\Krunker Skid
2020-02-01 21:40 - 2020-02-01 21:40 - 000070236 _____ C:\Users\Ondra\Downloads\Krunker Skid (2).zip
2020-02-01 21:40 - 2020-02-01 21:40 - 000070236 _____ C:\Users\Ondra\Downloads\Krunker Skid (1).zip
2020-02-01 21:39 - 2020-02-01 21:39 - 000070236 _____ C:\Users\Ondra\Downloads\Krunker Skid.zip
2020-01-27 01:11 - 2020-01-27 01:11 - 000368982 _____ C:\Users\Ondra\Downloads\Piková-dáma.pdf
2020-01-27 01:06 - 2020-01-27 01:06 - 000549945 _____ C:\Users\Ondra\Downloads\kral_lavra.pdf
2020-01-26 23:54 - 2020-01-26 23:54 - 000083400 _____ C:\Users\Ondra\Downloads\Ki3SKU5rwkKVpdUoJG7gWg.webp
2020-01-25 21:22 - 2020-01-25 21:22 - 000000202 _____ C:\Users\Ondra\Desktop\Geometry Dash.url
2020-01-22 22:44 - 2020-01-22 22:44 - 000353388 _____ C:\Users\Ondra\Downloads\krunkerSkid.zip
2020-01-22 22:37 - 2020-01-22 22:38 - 000020103 _____ C:\Users\Ondra\Downloads\krunkerio.user.js
2020-01-22 22:36 - 2020-01-22 22:37 - 000015034 _____ C:\Users\Ondra\Downloads\[WORKING]Krunkerio Aimbot+ESP 196.user.js
2020-01-22 22:32 - 2020-02-09 04:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auto Keyboard by MurGee.com
2020-01-22 22:31 - 2020-01-22 22:31 - 000849544 _____ (MurGee.com ) C:\Users\Ondra\Downloads\setup.exe
2020-01-22 22:30 - 2020-01-22 22:30 - 003245600 _____ C:\Users\Ondra\Downloads\AutoHotkey_1.1.32.00_setup.exe
2020-01-22 22:30 - 2020-01-22 22:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2020-01-22 16:34 - 2020-01-22 16:34 - 000015928 _____ C:\Users\Ondra\Downloads\Subject.PDF
2020-01-22 00:41 - 2020-01-22 00:41 - 016897152 _____ (Media Freeware) C:\Users\Ondra\Downloads\docreader_setup.exe
2020-01-22 00:41 - 2020-01-22 00:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free DOC Reader
2020-01-22 00:38 - 2020-01-25 00:57 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-01-22 00:38 - 2020-01-22 00:39 - 000000000 ____D C:\Users\Ondra\AppData\LocalLow\Adobe
2020-01-17 21:32 - 2020-01-17 21:36 - 000000000 ____D C:\Users\Ondra\Downloads\[Telegram - Movieaio] Sex Education Season 2 NF 720p WEB-DL H264 Esubs
2020-01-16 00:02 - 2020-01-16 00:02 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-01-16 00:02 - 2020-01-16 00:02 - 008012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 007016448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 006520480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 005913600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-16 00:02 - 2020-01-16 00:02 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 002801152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-01-16 00:02 - 2020-01-16 00:02 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-16 00:02 - 2020-01-16 00:02 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 002494464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 002473976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 001985928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-01-16 00:02 - 2020-01-16 00:02 - 001330952 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 001106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-01-16 00:02 - 2020-01-16 00:02 - 001051664 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-16 00:02 - 2020-01-16 00:02 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000678712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-01-16 00:02 - 2020-01-16 00:02 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-01-16 00:02 - 2020-01-16 00:02 - 000542496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000432256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-16 00:02 - 2020-01-16 00:02 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-01-16 00:02 - 2020-01-16 00:02 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-01-16 00:02 - 2020-01-16 00:02 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-01-16 00:02 - 2020-01-16 00:02 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-01-16 00:02 - 2020-01-16 00:02 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-01-16 00:02 - 2020-01-16 00:02 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000162696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-01-16 00:02 - 2020-01-16 00:02 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tsusbhub.sys
2020-01-16 00:02 - 2020-01-16 00:02 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000127520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-01-16 00:02 - 2020-01-16 00:02 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\LSCSHostPolicy.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\lstelemetry.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-01-16 00:02 - 2020-01-16 00:02 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-01-15 23:49 - 2019-12-10 06:15 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-01-15 23:49 - 2019-12-10 05:59 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-01-14 21:39 - 2020-01-14 21:39 - 000016179 _____ C:\Users\Ondra\Downloads\autoexec.cfg
2020-01-13 21:10 - 2020-01-13 21:10 - 000023703 _____ C:\Users\Ondra\Downloads\Faktura_k_dorucene_dodavce (1).PDF
2020-01-13 21:09 - 2020-01-13 21:09 - 000023598 _____ C:\Users\Ondra\Downloads\Faktura_k_dorucene_dodavce.PDF
2020-01-11 18:23 - 2020-01-11 18:23 - 005309436 _____ C:\Users\Ondra\Downloads\DASH_1080.mp4

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-09 04:32 - 2019-11-19 11:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2020-02-09 04:32 - 2019-11-19 11:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-02-08 20:04 - 2019-11-19 11:08 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-02-08 20:04 - 2019-11-19 11:08 - 000000000 ___RD C:\Users\Ondra\3D Objects
2020-02-08 19:48 - 2019-11-19 11:25 - 000000000 ____D C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2020-02-07 22:51 - 2019-12-26 02:30 - 000000000 ____D C:\Users\Ondra\AppData\LocalLow\Mozilla

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-02-2020 02
Ran by Ondra (08-02-2020 20:28:53)
Running from C:\Users\Ondra\Desktop
Windows 10 Pro Version 1903 18362.592 (X64) (2020-02-08 18:58:12)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2253020294-161528288-3608264937-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2253020294-161528288-3608264937-503 - Limited - Disabled)
Guest (S-1-5-21-2253020294-161528288-3608264937-501 - Limited - Disabled)
Ondra (S-1-5-21-2253020294-161528288-3608264937-1001 - Administrator - Enabled) => C:\Users\Ondra
WDAGUtilityAccount (S-1-5-21-2253020294-161528288-3608264937-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.87 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-10-02] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2020-02-09 04:22 - 2020-02-09 04:19 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2253020294-161528288-3608264937-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{2FFE70B2-E19B-4976-8121-E4DFDD5EC52C}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{C323E314-E60F-4645-AD5E-30E2274F1F41}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{89794A33-40FD-4761-958B-2421CE10EC16}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{5360AA2D-55EF-4BBA-A05F-DD6926EAC37F}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{17E2862B-65F4-4E27-9D59-FAAF9406A7C5}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{F5452472-718D-4CBC-8FC6-EF475B2F0875}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{A296AD6C-FF57-423C-B59F-83423E2E3054}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:180.3 GB) (Free:119.45 GB) (66%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/08/2020 08:23:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AUDIODG.EXE, version: 10.0.18362.449, time stamp: 0xd42474b6
Faulting module name: VIASysFx.dll, version: 1.0.0.0, time stamp: 0x507fa6d2
Exception code: 0xc0000005
Fault offset: 0x00000000000619f9
Faulting process id: 0x1c94
Faulting application start time: 0x01d5deb4ce5f4c21
Faulting application path: C:\WINDOWS\system32\AUDIODG.EXE
Faulting module path: C:\WINDOWS\system32\VIASysFx.dll
Report Id: 822a0978-c462-45aa-8c6b-ae17a6db57cc
Faulting package full name:
Faulting package-relative application ID:

Error: (02/08/2020 08:05:30 PM) (Source: ESENT) (EventID: 455) (User: )
Description: StartMenuExperienceHost (5248,R,98) TILEREPOSITORYS-1-5-21-2253020294-161528288-3608264937-1001: Error -1023 (0xfffffc01) occurred while opening logfile C:\Users\Ondra\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (02/08/2020 08:05:30 PM) (Source: ESENT) (EventID: 522) (User: )
Description: StartMenuExperienceHost (5248,P,98) TILEREPOSITORYS-1-5-21-2253020294-161528288-3608264937-1001: An attempt to open the device with name "\\.\C:" containing "C:\" failed with system error 5 (0x00000005): "Access is denied. ". The operation will fail with error -1032 (0xfffffbf8).

Error: (02/08/2020 08:03:53 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4752,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (02/08/2020 07:55:36 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4032,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (02/08/2020 07:50:06 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating Windows Defender status to SECURITY_PRODUCT_STATE_ON.


System errors:
=============
Error: (02/08/2020 07:45:11 PM) (Source: iaStorA) (EventID: 4102) (User: )
Description: Error log: Smart event occured on disk :9VP48FYQ

Error: (02/08/2020 07:43:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Network List Service service terminated with the following error:
The device is not ready.

Error: (02/08/2020 07:43:56 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {A47979D2-C419-11D9-A5B4-001185AD2B89} did not register with DCOM within the required timeout.

Error: (02/08/2020 07:41:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Network List Service service terminated with the following error:
The device is not ready.

Error: (02/08/2020 07:41:56 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {A47979D2-C419-11D9-A5B4-001185AD2B89} did not register with DCOM within the required timeout.

Error: (02/08/2020 07:39:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Network List Service service terminated with the following error:
The device is not ready.

Error: (02/08/2020 07:39:56 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {A47979D2-C419-11D9-A5B4-001185AD2B89} did not register with DCOM within the required timeout.

Error: (02/08/2020 07:39:38 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The Printer Extensions and Notifications service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 2003 12/14/2010
Motherboard: ASUSTeK Computer INC. P7P55D
Processor: Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz
Percentage of memory in use: 49%
Total physical RAM: 8190.05 MB
Available physical RAM: 4103.32 MB
Total Virtual: 10110.05 MB
Available Virtual: 5370.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:180.3 GB) (Free:119.44 GB) NTFS
Drive d: (SteamLibrary) (Fixed) (Total:750.3 GB) (Free:317.38 GB) NTFS

\\?\Volume{597b02f7-0000-0000-0000-50132d000000}\ (Rezervováno systémem) (Fixed) (Total:0.91 GB) (Free:0.52 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 597B02F7)
Partition 1: (Not Active) - (Size=180.3 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=932 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=750.3 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Re: Počítač zamrzne po zapnutí, proces bez jména v task mana

Napsal: 08 úno 2020 21:04
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Počítač zamrzne po zapnutí, proces bez jména v task mana

Napsal: 08 úno 2020 23:53
od Twitty23
Fix result of Farbar Recovery Scan Tool (x64) Version: 02-02-2020 02
Ran by Ondra (08-02-2020 22:59:38) Run:1
Running from C:\Users\Ondra\Desktop
Loaded Profiles: Ondra (Available Profiles: Ondra)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 6578176 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 20069128 B
Java, Flash, Steam htmlcache => 29569419 B
Windows/system/drivers => 848026 B
Edge => 7466757 B
Chrome => 386315888 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 3286 B
Ondra => 33166726 B

RecycleBin => 4486508885 B
EmptyTemp: => 4.6 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 23:00:11 ====

Re: Počítač zamrzne po zapnutí, proces bez jména v task mana

Napsal: 09 úno 2020 11:18
od Rudy
Smazáno, log je již OK.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz