VIRY.CZ

ahoj,

prosím o kontrolu. Notebook je velmi pomalý.

děkuji

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2020
Ran by Monča (administrator) on DESKTOP-B2GHIAM (Sony Corporation VGN-FW41E_H) (25-12-2020 11:00:26)
Running from C:\Users\Monča\Desktop
Loaded Profiles: Monča
Platform: Windows 10 Pro Version 2004 19041.685 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Alps Electric Co., LTD. -> ALPS) C:\Program Files\Apoint\Apvfb.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <13>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.329.1030.0.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MpCmdRun.exe <2>
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCUpdate.exe
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-08-10] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [226672 2011-03-01] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641704 2012-11-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1384272110-3093881991-1331863420-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2008-01-22] (Nero AG -> Nero AG)
HKU\S-1-5-21-1384272110-3093881991-1331863420-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-28] (Piriform Ltd -> Piriform Ltd)
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2015-11-24] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\WINDOWS\system32\hpzllw71.dll [53248 2015-11-24] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-10] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03003AF1-905F-4EE4-B30B-6D1DB5EBF37D} - System32\Tasks\Microsoft\Windows\CUAssistant\CULauncher => C:\Program Files\CUAssistant\culauncher.exe
Task: {231186E6-6E8B-4631-A9A6-2AC0471A1397} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4DDBCBF0-E758-49A3-9AE8-BB674B56D36C} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_414_pepper.exe [1471032 2020-09-07] (Adobe Inc. -> Adobe)
Task: {51D09DF1-132B-4799-991A-B6A32E994536} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-23] (Google Inc -> Google Inc.)
Task: {6ABDAED7-463B-46FE-A77B-F0CC719C703B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-28] (Piriform Ltd -> Piriform Ltd)
Task: {7169ECAA-7016-49B5-90AA-FE733F149C2D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {80FA58C3-0579-4E1A-BD2B-1E253C1570D6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-23] (Google Inc -> Google Inc.)
Task: {8CF64FCE-1646-40CA-9FE2-6744C8F099A8} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {9230CD87-D365-466A-BE21-DE9A29A3A436} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2020-12-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {96288ECC-AEEA-46AB-B864-C5E56F46918D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4010416 2020-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {9DD76278-2C5D-49EA-8E0A-839300AAD503} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {AC91BFD2-D600-479B-9522-9742BE699743} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-07] (Adobe Inc. -> Adobe)
Task: {AE5D427A-9CD7-457F-BA34-EBBC7C0C4CFC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B1567D2C-7BD0-4D95-8688-01EF58D34C18} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B3C6A053-3F47-4D3F-AB8C-81F00473F5AD} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {D073A8F8-9AF4-4665-8503-40866D1EE688} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {F5499E83-E46A-47B9-926F-64AB69716E4F} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2020-12-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {FCA1DC1F-4A76-42E4-B61C-0857E95FD635} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4010416 2020-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {FECC22D4-0928-4E1D-8DAC-C9C2F8270CF6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3d1a5856-8692-4f54-89b8-660b5acfc815}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8d874849-6515-47e8-9ac7-9340d8f2c0b5}: [DhcpNameServer] 192.168.0.1

Edge:
======
Edge Profile: C:\Users\Monča\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-21]
Edge DefaultSearchURL: Default -> hxxps://www.google.cz/search?q={searchTerms}&ie ... utEncoding?}

FireFox:
========
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-10-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-10-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default [2020-12-25]
CHR DownloadDir: C:\Users\Monča\Desktop
CHR Extension: (Dokumenty) - C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-15]
CHR Extension: (Disk Google) - C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-26]
CHR Extension: (YouTube) - C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-29]
CHR Extension: (Vyhledávání Google) - C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-25]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-12-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-26]
CHR Extension: (Chrome Media Router) - C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-19]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-07] (Adobe Inc. -> Adobe)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9105800 2020-12-01] (Microsoft Corporation -> Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1369464 2016-01-15] (Disc Soft Ltd -> Disc Soft Ltd)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [275752 2008-01-22] (Nero AG -> Nero AG)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5197552 2020-12-20] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-01-19] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-01-19] (Disc Soft Ltd -> Disc Soft Ltd)
S2 Hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [314368 2006-12-04] (Microsoft Windows Hardware Compatibility Publisher -> Aladdin Knowledge Systems Ltd.)
R2 rimsptsk; C:\WINDOWS\System32\drivers\rimspx64.sys [55296 2009-06-25] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R3 SFEP; C:\WINDOWS\System32\drivers\SFEP.sys [12032 2010-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Sony Corporation)
R3 SrvHsfHDA; C:\WINDOWS\system32\DRIVERS\VSTAZL6.SYS [292864 2019-12-07] (Microsoft Windows -> Conexant Systems, Inc.)
R3 SrvHsfV92; C:\WINDOWS\system32\DRIVERS\VSTDPV6.SYS [1485312 2019-12-07] (Microsoft Windows -> Conexant Systems, Inc.)
R3 SrvHsfWinac; C:\WINDOWS\system32\DRIVERS\VSTCNXT6.SYS [740864 2019-12-07] (Microsoft Windows -> Conexant Systems, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-10] (Microsoft Windows -> Microsoft Corporation)
R3 yukonw8; C:\WINDOWS\System32\drivers\yk63x64.sys [288768 2019-12-07] (Microsoft Windows -> Marvell)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-25 11:00 - 2020-12-25 11:07 - 000015712 _____ C:\Users\Monča\Desktop\FRST.txt
2020-12-25 10:58 - 2020-12-25 11:04 - 000000000 ____D C:\FRST
2020-12-25 10:56 - 2020-12-25 10:57 - 002286592 _____ (Farbar) C:\Users\Monča\Desktop\FRST64.exe
2020-12-21 00:08 - 2020-12-21 00:08 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2020-12-21 00:02 - 2020-12-21 00:02 - 000000020 ___SH C:\Users\Monča\ntuser.ini
2020-12-21 00:00 - 2020-12-25 11:19 - 000004212 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{48851244-834D-43D2-81FF-79992A2EA6EF}
2020-12-21 00:00 - 2020-12-25 10:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-21 00:00 - 2020-12-25 10:40 - 000003572 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-12-21 00:00 - 2020-12-25 10:40 - 000003460 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-12-21 00:00 - 2020-12-25 10:40 - 000003348 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-12-21 00:00 - 2020-12-25 10:40 - 000002922 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1384272110-3093881991-1331863420-1001
2020-12-21 00:00 - 2020-12-25 10:39 - 000003890 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-12-21 00:00 - 2020-12-25 10:39 - 000003590 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2020-12-21 00:00 - 2020-12-25 10:39 - 000003236 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-12-21 00:00 - 2020-12-25 10:39 - 000002280 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-12-21 00:00 - 2020-12-21 00:00 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-12-21 00:00 - 2020-12-21 00:00 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-12-20 23:58 - 2020-12-21 00:00 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2020-12-20 23:58 - 2020-12-21 00:00 - 000011433 _____ C:\WINDOWS\diagerr.xml
2020-12-20 23:40 - 2020-12-25 09:31 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-20 23:26 - 2020-12-21 00:02 - 000000000 ____D C:\Users\Monča
2020-12-20 23:26 - 2020-12-20 23:37 - 000000000 ____D C:\Users\Martin
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Monča\Šablony
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Monča\Soubory cookie
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Monča\Poslední
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Monča\Okolní tiskárny
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Monča\Okolní síť
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Monča\Nabídka Start
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Monča\Dokumenty
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Monča\Documents\Obrázky
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Monča\Documents\Hudba
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Monča\Documents\Filmy
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Monča\Data aplikací
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Monča\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Monča\AppData\Local\Data aplikací
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Martin\Šablony
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Martin\Soubory cookie
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Martin\Poslední
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Martin\Okolní tiskárny
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Martin\Okolní síť
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Martin\Nabídka Start
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Martin\Dokumenty
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Martin\Documents\Obrázky
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Martin\Documents\Hudba
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Martin\Documents\Filmy
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Martin\Data aplikací
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Martin\AppData\Local\Data aplikací
2020-12-20 23:26 - 2019-12-07 10:10 - 000001105 _____ C:\Users\Monča\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-12-20 23:26 - 2019-12-07 10:10 - 000001105 _____ C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-12-20 23:18 - 2020-12-25 10:28 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-20 23:18 - 2020-12-20 23:18 - 000433296 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-20 23:17 - 2020-12-25 10:44 - 000008192 ___SH C:\DumpStack.log.tmp
2020-12-20 23:16 - 2020-12-21 00:01 - 000000000 ____D C:\Windows.old
2020-12-20 23:08 - 2020-12-20 23:17 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2020-12-20 23:02 - 2020-12-20 23:08 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2020-12-20 23:02 - 2020-12-20 23:02 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2020-12-20 22:56 - 2020-12-20 22:56 - 000000000 ____D C:\ProgramData\ssh
2020-12-20 22:43 - 2020-12-20 22:43 - 000580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2020-12-20 22:43 - 2020-12-20 22:43 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2020-12-20 22:43 - 2020-12-20 22:43 - 000467968 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2020-12-20 22:43 - 2020-12-20 22:43 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2020-12-20 22:43 - 2020-12-20 22:43 - 000137016 _____ C:\WINDOWS\system32\HvsiManagementApi.dll
2020-12-20 22:43 - 2020-12-20 22:43 - 000111616 _____ C:\WINDOWS\system32\RDVGHelper.exe
2020-12-20 22:43 - 2020-12-20 22:43 - 000101688 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll
2020-12-20 22:42 - 2020-12-20 22:42 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-12-20 22:42 - 2020-12-20 22:42 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2020-12-20 22:42 - 2020-12-20 22:42 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2020-12-20 22:42 - 2020-12-20 22:42 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2020-12-20 22:42 - 2020-12-20 22:42 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2020-12-20 22:41 - 2020-12-20 22:41 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2020-12-20 22:41 - 2020-12-20 22:41 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-12-20 22:41 - 2020-12-20 22:41 - 001309504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-12-20 22:41 - 2020-12-20 22:41 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2020-12-20 22:41 - 2020-12-20 22:41 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2020-12-20 22:41 - 2020-12-20 22:41 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2020-12-20 22:41 - 2020-12-20 22:41 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2020-12-20 22:41 - 2020-12-20 22:41 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2020-12-20 22:41 - 2020-12-20 22:41 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-20 22:41 - 2020-12-20 22:41 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2020-12-20 22:41 - 2020-12-20 22:41 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2020-12-20 22:41 - 2020-12-20 22:41 - 000010912 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-12-20 22:40 - 2020-12-20 22:40 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-12-20 22:40 - 2020-12-20 22:40 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2020-12-20 22:40 - 2020-12-20 22:40 - 000455168 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2020-12-20 22:40 - 2020-12-20 22:40 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2020-12-20 22:40 - 2020-12-20 22:40 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb
2020-12-20 22:40 - 2020-12-20 22:40 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2020-12-20 22:40 - 2020-12-20 22:40 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-12-20 22:39 - 2020-12-20 22:39 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2020-12-20 22:39 - 2020-12-20 22:39 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2020-12-20 22:39 - 2020-12-20 22:39 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2020-12-20 22:39 - 2020-12-20 22:39 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2020-12-20 22:39 - 2020-12-20 22:39 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2020-12-20 22:39 - 2020-12-20 22:39 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2020-12-20 22:39 - 2020-12-20 22:39 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-20 22:39 - 2020-12-20 22:39 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2020-12-20 22:39 - 2020-12-20 22:39 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-20 22:39 - 2020-12-20 22:39 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2020-12-20 22:39 - 2020-12-20 22:39 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv
2020-12-20 22:39 - 2020-12-20 22:39 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2020-12-20 22:38 - 2020-12-20 22:38 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2020-12-20 22:38 - 2020-12-20 22:38 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-20 22:38 - 2020-12-20 22:38 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-12-20 22:37 - 2020-12-20 22:37 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-20 22:37 - 2020-12-20 22:37 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-20 22:37 - 2020-12-20 22:37 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2020-12-20 22:37 - 2020-12-20 22:37 - 000152576 _____ C:\WINDOWS\system32\EoAExperiences.exe
2020-12-20 22:37 - 2020-12-20 22:37 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb
2020-12-20 22:37 - 2020-12-20 22:37 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-20 22:36 - 2020-12-20 22:36 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-12-20 22:36 - 2020-12-20 22:36 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2020-12-20 22:36 - 2020-12-20 22:36 - 000707544 _____ C:\WINDOWS\system32\TextShaping.dll
2020-12-20 22:36 - 2020-12-20 22:36 - 000645120 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2020-12-20 22:36 - 2020-12-20 22:36 - 000306176 _____ C:\WINDOWS\system32\HeatCore.dll
2020-12-20 22:36 - 2020-12-20 22:36 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2020-12-20 22:36 - 2020-12-20 22:36 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2020-12-20 22:35 - 2020-12-20 22:35 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2020-12-20 22:35 - 2020-12-20 22:35 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2020-12-20 22:35 - 2020-12-20 22:35 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-20 22:35 - 2020-12-20 22:35 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2020-12-20 22:35 - 2020-12-20 22:35 - 000165376 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-12-20 22:35 - 2020-12-20 22:35 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2020-12-20 22:34 - 2020-12-20 22:34 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2020-12-20 22:34 - 2020-12-20 22:34 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2020-12-20 22:34 - 2020-12-20 22:34 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2020-12-20 22:34 - 2020-12-20 22:34 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2020-12-20 22:34 - 2020-12-20 22:34 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv
2020-12-20 22:34 - 2020-12-20 22:34 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-12-20 22:14 - 2020-12-20 22:14 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2020-12-20 22:14 - 2020-12-20 22:14 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2020-12-20 22:09 - 2020-12-20 22:09 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2020-12-20 22:09 - 2020-12-20 22:09 - 000000000 ____D C:\Program Files\Reference Assemblies
2020-12-20 22:09 - 2020-12-20 22:09 - 000000000 ____D C:\Program Files\MSBuild
2020-12-20 22:09 - 2020-12-20 22:09 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2020-12-20 22:09 - 2020-12-20 22:09 - 000000000 ____D C:\Program Files (x86)\MSBuild
2020-12-10 18:37 - 2020-12-25 10:36 - 000000000 ___DC C:\WINDOWS\Panther
2020-12-10 18:14 - 2020-12-10 18:14 - 000000000 ___HD C:\$WinREAgent
2020-12-10 15:11 - 2020-12-20 23:37 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-10 15:11 - 2020-12-20 23:37 - 000002257 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-11-25 22:00 - 2020-11-25 22:00 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2020-11-25 20:44 - 2020-12-10 15:39 - 000000000 ____D C:\Users\Monča\Desktop\kalendář empik
2020-11-25 20:22 - 2020-11-25 20:28 - 000000000 ____D C:\Users\Monča\Desktop\kalendář

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-25 11:14 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-25 10:43 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-12-25 10:36 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2020-12-25 10:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-12-25 09:47 - 2015-11-23 10:38 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-12-25 09:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\appcompat
2020-12-25 09:31 - 2019-12-07 15:43 - 000717960 _____ C:\WINDOWS\system32\perfh005.dat
2020-12-25 09:31 - 2019-12-07 15:43 - 000145102 _____ C:\WINDOWS\system32\perfc005.dat
2020-12-21 00:25 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-21 00:23 - 2018-02-25 07:50 - 000000000 ____D C:\Users\Monča\AppData\Local\Packages
2020-12-21 00:22 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-12-21 00:05 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate
2020-12-21 00:05 - 2019-05-26 11:49 - 000000000 ____D C:\ProgramData\Packages
2020-12-21 00:04 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-12-21 00:04 - 2018-02-25 08:15 - 000000000 ___RD C:\Users\Monča\3D Objects
2020-12-21 00:04 - 2015-08-10 12:44 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-12-21 00:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-12-21 00:01 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-12-21 00:00 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows NT
2020-12-21 00:00 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-20 23:57 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-20 23:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Registration
2020-12-20 23:42 - 2015-12-13 14:23 - 000023020 _____ C:\WINDOWS\system32\emptyregdb.dat
2020-12-20 23:37 - 2015-11-23 07:10 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-12-20 23:37 - 2015-11-23 07:10 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-12-20 23:31 - 2019-07-14 14:12 - 000000000 ____D C:\Users\Monča\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2020-12-20 23:31 - 2017-11-03 13:24 - 000000000 ____D C:\Users\Monča\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2020-12-20 23:31 - 2016-02-20 10:25 - 000000000 ____D C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ETKA 7.3 Germany 2011
2020-12-20 23:31 - 2016-01-19 09:58 - 000000000 ____D C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mafia
2020-12-20 23:31 - 2015-12-07 09:24 - 000000000 ____D C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SDÍLEJ.CZ
2020-12-20 23:31 - 2015-11-29 20:54 - 000000000 ____D C:\Users\Monča\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SDÍLEJ.CZ
2020-12-20 23:31 - 2015-11-23 10:19 - 000000000 ____D C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-12-20 23:27 - 2015-11-23 07:13 - 000000000 ____D C:\Users\Martin\AppData\Local\Packages
2020-12-20 23:24 - 2017-08-08 16:05 - 000000000 ____D C:\WINDOWS\system32\DAX2
2020-12-20 23:23 - 2017-10-20 00:11 - 000000000 ____D C:\Program Files\Apoint
2020-12-20 23:23 - 2017-08-08 16:05 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2020-12-20 23:17 - 2020-10-26 08:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2020-12-20 23:17 - 2019-12-14 21:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FotoMagica
2020-12-20 23:17 - 2019-12-07 10:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2020-12-20 23:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-12-20 23:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2020-12-20 23:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\spool
2020-12-20 23:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-12-20 23:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-12-20 23:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\System
2020-12-20 23:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2020-12-20 23:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-12-20 23:17 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-12-20 23:17 - 2019-07-30 07:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueVoda Website Builder
2020-12-20 23:17 - 2019-07-14 16:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autocom Car 2016.0
2020-12-20 23:17 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2020-12-20 23:17 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2020-12-20 23:17 - 2018-02-25 08:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-12-20 23:17 - 2017-11-03 11:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Premium
2020-12-20 23:17 - 2017-08-08 09:32 - 000000000 ____D C:\Program Files\UNP
2020-12-20 23:17 - 2017-07-25 04:49 - 000000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2020-12-20 23:17 - 2016-02-13 15:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-12-20 23:17 - 2016-01-19 09:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2020-12-20 23:17 - 2016-01-03 17:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Expresseur
2020-12-20 23:17 - 2015-11-29 20:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64
2020-12-20 23:17 - 2015-11-23 10:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-12-20 23:17 - 2015-11-23 07:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Pro Control Center
2020-12-20 23:17 - 2015-09-25 19:05 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-12-20 23:16 - 2019-12-07 10:18 - 000000000 ____D C:\WINDOWS\Setup
2020-12-20 23:15 - 2019-12-07 10:14 - 000000000 __RHD C:\Users\Public\Libraries
2020-12-20 23:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-12-20 23:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Resources
2020-12-20 23:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Help
2020-12-20 23:09 - 2017-12-29 05:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ObviousIdea
2020-12-20 23:09 - 2017-07-25 04:49 - 000000000 ____D C:\WINDOWS\system32\BestPractices
2020-12-20 23:08 - 2017-08-08 16:05 - 000000000 ____D C:\Program Files\Realtek
2020-12-20 22:56 - 2019-12-07 15:47 - 000000000 ___SD C:\WINDOWS\system32\AppV
2020-12-20 22:56 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-12-20 22:56 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-12-20 22:56 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-20 22:56 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2020-12-20 22:53 - 2019-12-07 15:47 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2020-12-20 22:53 - 2019-12-07 15:47 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2020-12-20 22:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2020-12-20 22:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2020-12-20 22:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2020-12-20 22:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2020-12-20 22:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2020-12-20 22:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2020-12-20 22:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2020-12-20 22:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2020-12-20 22:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\MUI
2020-12-19 20:28 - 2019-05-31 07:52 - 000000000 ____D C:\Users\Monča\AppData\Local\PlaceholderTileLogoFolder
2020-12-19 20:21 - 2015-08-10 12:46 - 000000000 ___RD C:\Users\Monča\OneDrive
2020-12-10 15:38 - 2017-04-01 15:31 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-12-10 15:23 - 2018-02-27 06:48 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-11-25 22:15 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\TextInput
2020-11-25 21:46 - 2015-09-25 19:05 - 133736600 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2020
Ran by Monča (25-12-2020 11:25:24)
Running from C:\Users\Monča\Desktop
Windows 10 Pro Version 2004 19041.685 (X64) (2020-12-20 23:01:58)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1384272110-3093881991-1331863420-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1384272110-3093881991-1331863420-503 - Limited - Disabled)
Guest (S-1-5-21-1384272110-3093881991-1331863420-501 - Limited - Disabled)
Martin (S-1-5-21-1384272110-3093881991-1331863420-1002 - Administrator - Enabled) => C:\Users\Martin
Monča (S-1-5-21-1384272110-3093881991-1331863420-1001 - Administrator - Enabled) => C:\Users\Monča
WDAGUtilityAccount (S-1-5-21-1384272110-3093881991-1331863420-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.414 - Adobe)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - ALPS ELECTRIC CO., LTD.)
AMD Catalyst Install Manager (HKLM\...\{A70B905D-2E57-66A0-3BFE-66B8E71E0C70}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
Autocom Car 2016.0 (HKLM-x32\...\{8F772C99-F038-46E6-AD9C-AE79BA4CC51E}) (Version: 3.1.1 - Autocom)
BlueVoda Website Builder 10.12 (HKLM-x32\...\BlueVoda_Website_Builder_1.0) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0115 - Disc Soft Ltd)
ETKA 7.3 Germany 2011 (HKLM-x32\...\ETKA7.3_Germany_2011) (Version: - )
Expresseur 2.0.beta français (HKLM-x32\...\{EC49EC60-4F92-4A59-B505-1975EF6F8D64}_is1) (Version: - expresseur)
FotoMagica (HKLM-x32\...\FotoMagica_FotoMagica) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Light Image Resizer 4.7.7.0 (HKLM-x32\...\{EBE030DD-D404-4D92-85E9-8C3624820808}_is1) (Version: 4.7.7.0 - ObviousIdea)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.66 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.13426.20404 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1384272110-3093881991-1331863420-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
MPC-HC 1.7.8 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.8 - MPC-HC Team)
Nero 7 Premium (HKLM-x32\...\{C6115A28-F277-4E82-B067-84D28BF21029}) (Version: 7.03.1357 - Nero AG)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22899 - Microsoft Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
SDÍLEJ.CZ Manager (HKU\S-1-5-21-1384272110-3093881991-1331863420-1001\...\69f070f18ade444c) (Version: 0.0.1.42 - SDÍLEJ.CZ)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{0BAA0A93-3AD3-4B19-9105-4C8C3FA92A83}) (Version: 2.67.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{0746492E-47B6-4251-940C-44462DFD74BB}) (Version: 2.55.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
VAIO Content Metadata XML Interface Library (HKLM-x32\...\{291FB4BF-EEC7-4CF9-8469-F39ED1DBC4D8}) (Version: 3.6.0.09080 - Sony Corporation)
VAIO Content Metadata XML Interface Library (HKLM-x32\...\{A3563827-B0DB-44DC-B037-15CC4E5E692F}) (Version: 3.6.0.09080 - Sony Corporation) Hidden
VAIO Content Metadata XML Interface Library (HKLM-x32\...\{AC050677-EAFC-4B57-8F83-8205F65134D2}) (Version: 3.6.0.09080 - Sony Corporation) Hidden
VAIO Event Service (HKLM-x32\...\{C7477742-DDB4-43E5-AC8D-0259E1E661B1}) (Version: 5.2.0.15020 - Sony Corporation)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

Packages:
=========
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_1.1911.21713.0_x64__8wekyb3d8bbwe [2020-12-21] (Microsoft Corporation)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-04-19] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-05] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-05] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-12-20] (Microsoft Studios) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-04-18] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2012-11-16] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-04-18 12:33 - 2020-04-18 12:33 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\AppVIsvSubsystems32.dll
2020-04-18 12:33 - 2020-04-18 12:33 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-10-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2020-10-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-10] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 12:04 - 2015-07-10 12:02 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Skype\Phone\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1384272110-3093881991-1331863420-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "Skytel"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKU\S-1-5-21-1384272110-3093881991-1331863420-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1384272110-3093881991-1331863420-1001\...\StartupApproved\Run: => "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
HKU\S-1-5-21-1384272110-3093881991-1331863420-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1384272110-3093881991-1331863420-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F76B2571-03F6-4769-9B29-1C6AA390BDB7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C1E765D8-9002-4086-9AB2-CE4554D719CA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8F2E7022-7229-43A3-B7C0-8BE0AA275C4D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1B5CC245-7D94-42BD-A4D7-9B6091C6B913}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9E56E7B7-BE9C-418E-962B-728645116D17}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{2A20A479-81CB-4C9C-BF7A-2CB04D83CE17}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{A03F3D25-0F25-452F-996A-1400BFE55BAC}C:\users\monča\desktop\fichiers xiaomi\fichiers xiaomi\win-mirobo\environment\php\php.exe] => (Allow) C:\users\monča\desktop\fichiers xiaomi\fichiers xiaomi\win-mirobo\environment\php\php.exe (The PHP Group) [File not signed]
FirewallRules: [TCP Query User{91D7550B-4772-4CEA-A76B-E887C0C57519}C:\users\monča\desktop\fichiers xiaomi\fichiers xiaomi\win-mirobo\environment\php\php.exe] => (Allow) C:\users\monča\desktop\fichiers xiaomi\fichiers xiaomi\win-mirobo\environment\php\php.exe (The PHP Group) [File not signed]
FirewallRules: [{B0136941-44CD-4B1E-AE06-E18453D52E79}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{87348A04-ED85-413C-9464-1FADAF5DA62C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D296A32D-A791-47A2-A0B4-F9FB0B4ABBC4}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{90B57956-E833-4B6F-92CF-7E6F44335F04}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{5B2B63D7-B9FC-456A-AEC7-592445040056}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A4C5044D-4EFB-4BCB-AEF6-729F5C0BD209}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9DB114BC-2CFF-4F6E-B23B-0891539F8A08}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{17EE9579-C654-4A46-AE6E-BF3FC296CB35}C:\users\monča\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\monča\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{E2575CC8-4D2A-4E64-B24C-AD5CBC809D4D}C:\users\monča\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\monča\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]

==================== Restore Points =========================

21-12-2020 00:19:16 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/25/2020 10:20:56 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Rezervováno systémem, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (12/21/2020 12:27:21 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (12/21/2020 12:27:21 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (12/21/2020 12:11:33 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL na řádku 1.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované komponenty.
Odkaz je UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definice je UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (12/20/2020 11:43:39 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Zprostředkovatel událostí wsp_sr se pokusil zaregistrovat dotaz select * from WSP_ReplicationGroupModificationEvent, jehož cílová třída WSP_ReplicationGroupModificationEvent v oboru názvů //./ROOT/Microsoft/Windows/Storage/Providers_v2 neexistuje. Dotaz bude ignorován.

Error: (12/20/2020 11:43:39 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Zprostředkovatel událostí wsp_sr se pokusil zaregistrovat dotaz select * from WSP_ReplicationGroupDepartureEvent, jehož cílová třída WSP_ReplicationGroupDepartureEvent v oboru názvů //./ROOT/Microsoft/Windows/Storage/Providers_v2 neexistuje. Dotaz bude ignorován.

Error: (12/20/2020 11:43:39 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Zprostředkovatel událostí wsp_sr se pokusil zaregistrovat dotaz select * from WSP_ReplicationGroupArrivalEvent, jehož cílová třída WSP_ReplicationGroupArrivalEvent v oboru názvů //./ROOT/Microsoft/Windows/Storage/Providers_v2 neexistuje. Dotaz bude ignorován.

Error: (12/20/2020 11:43:39 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Zprostředkovatel událostí se pokusil zaregistrovat dotaz select * from WSP_ReplicationGroupModificationEvent, jehož cílová třída WSP_ReplicationGroupModificationEvent v oboru názvů //./ROOT/Microsoft/Windows/Storage/Providers_v2 neexistuje. Dotaz bude ignorován.


System errors:
=============
Error: (12/25/2020 11:15:53 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-B2GHIAM)
Description: Server Microsoft.SkypeApp_15.67.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/25/2020 10:50:58 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-B2GHIAM)
Description: Server Microsoft.SkypeApp_15.67.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/25/2020 10:49:18 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Správce stažených map přestala během spouštění reagovat.

Error: (12/25/2020 10:48:03 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-B2GHIAM)
Description: Server Microsoft.SkypeApp_15.67.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/25/2020 10:44:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Hardlock neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (12/25/2020 10:44:19 AM) (Source: Application Popup) (EventID: 875) (User: )
Description: hardlock.sys

Error: (12/25/2020 09:55:51 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-B2GHIAM)
Description: Server Microsoft.SkypeApp_15.67.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/25/2020 09:36:07 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-B2GHIAM)
Description: Server Microsoft.SkypeApp_15.67.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
===================================
Date: 2020-12-25 11:23:34.3280000Z
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Conteban.A!ml
ID: 2147735508
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Martin\Downloads\FileActivation (1).rar
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.329.1030.0, AS: 1.329.1030.0, NIS: 1.329.1030.0
Verze modulu: AM: 1.1.17700.4, NIS: 1.1.17700.4

Date: 2020-12-25 10:28:01.4950000Z
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {0DF5768E-B33D-4709-ADE3-E9A1703D5CBC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

==================== Memory info ===========================

BIOS: American Megatrends Inc. R3110Y0 08/27/2009
Motherboard: Sony Corporation VAIO
Processor: Intel(R) Core(TM)2 Duo CPU T6400 @ 2.00GHz
Percentage of memory in use: 77%
Total physical RAM: 4063.02 MB
Available physical RAM: 905.69 MB
Total Virtual: 5471.02 MB
Available Virtual: 2488.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:464.4 GB) (Free:105.49 GB) NTFS

\\?\Volume{40fbf108-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{40fbf108-0000-0000-0000-b01f74000000}\ () (Fixed) (Total:0.83 GB) (Free:0.39 GB) NTFS
\\?\Volume{40fbf108-0000-0000-0000-905474000000}\ () (Fixed) (Total:0.44 GB) (Free:0.13 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 40FBF108)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=464.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=846 MB) - (Type=27)
Partition 4: (Not Active) - (Size=450 MB) - (Type=27)

==================== End of Addition.txt =======================

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

posílám log:

# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2020-12-21.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-25-2020
# Duration: 00:00:05
# OS: Windows 10 Pro
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\VIS

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1696 octets] - [25/12/2020 12:31:36]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2020-12-21.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 12-25-2020
# Duration: 00:01:40
# OS: Windows 10 Pro
# Scanned: 31930
# Detected: 4


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

Adware.InstallMonster HKCU\Software\VIS

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.VAIOCare Folder C:\Program Files\SONY\VAIO CARE
Preinstalled.VAIOEventService Folder C:\Program Files (x86)\SONY\VAIO EVENT SERVICE
Preinstalled.VAIOEventService Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{C7477742-DDB4-43E5-AC8D-0259E1E661B1}



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Smažte Adware.InstallMonster HKCU\Software\VIS. Ostatní můžete ponechat. Potom dejte nové logy FRST+Addition.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2020
Ran by Monča (administrator) on DESKTOP-B2GHIAM (Sony Corporation VGN-FW41E_H) (25-12-2020 16:12:24)
Running from C:\Users\Monča\Desktop
Loaded Profiles: Monča
Platform: Windows 10 Pro Version 2004 19041.685 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Alps Electric Co., LTD. -> ALPS) C:\Program Files\Apoint\Apvfb.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-08-10] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [226672 2011-03-01] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641704 2012-11-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1384272110-3093881991-1331863420-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2008-01-22] (Nero AG -> Nero AG)
HKU\S-1-5-21-1384272110-3093881991-1331863420-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-28] (Piriform Ltd -> Piriform Ltd)
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2015-11-24] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\WINDOWS\system32\hpzllw71.dll [53248 2015-11-24] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-10] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03003AF1-905F-4EE4-B30B-6D1DB5EBF37D} - System32\Tasks\Microsoft\Windows\CUAssistant\CULauncher => C:\Program Files\CUAssistant\culauncher.exe
Task: {231186E6-6E8B-4631-A9A6-2AC0471A1397} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4DDBCBF0-E758-49A3-9AE8-BB674B56D36C} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_414_pepper.exe [1471032 2020-09-07] (Adobe Inc. -> Adobe)
Task: {51D09DF1-132B-4799-991A-B6A32E994536} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-23] (Google Inc -> Google Inc.)
Task: {6ABDAED7-463B-46FE-A77B-F0CC719C703B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-28] (Piriform Ltd -> Piriform Ltd)
Task: {7169ECAA-7016-49B5-90AA-FE733F149C2D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {80FA58C3-0579-4E1A-BD2B-1E253C1570D6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-23] (Google Inc -> Google Inc.)
Task: {8CF64FCE-1646-40CA-9FE2-6744C8F099A8} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {9230CD87-D365-466A-BE21-DE9A29A3A436} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2020-12-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {96288ECC-AEEA-46AB-B864-C5E56F46918D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4010416 2020-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {9DD76278-2C5D-49EA-8E0A-839300AAD503} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {AC91BFD2-D600-479B-9522-9742BE699743} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-07] (Adobe Inc. -> Adobe)
Task: {AE5D427A-9CD7-457F-BA34-EBBC7C0C4CFC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B1567D2C-7BD0-4D95-8688-01EF58D34C18} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B3C6A053-3F47-4D3F-AB8C-81F00473F5AD} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {D073A8F8-9AF4-4665-8503-40866D1EE688} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {F5499E83-E46A-47B9-926F-64AB69716E4F} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2020-12-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {FCA1DC1F-4A76-42E4-B61C-0857E95FD635} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4010416 2020-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {FECC22D4-0928-4E1D-8DAC-C9C2F8270CF6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3d1a5856-8692-4f54-89b8-660b5acfc815}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8d874849-6515-47e8-9ac7-9340d8f2c0b5}: [DhcpNameServer] 192.168.0.1

Edge:
======
Edge Profile: C:\Users\Monča\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-25]
Edge DefaultSearchURL: Default -> hxxps://www.google.cz/search?q={searchTerms}&ie ... utEncoding?}

FireFox:
========
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-10-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-10-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default [2020-12-25]
CHR DownloadDir: C:\Users\Monča\Desktop
CHR Extension: (Dokumenty) - C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-15]
CHR Extension: (Disk Google) - C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-26]
CHR Extension: (YouTube) - C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-29]
CHR Extension: (Vyhledávání Google) - C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-25]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-12-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-26]
CHR Extension: (Chrome Media Router) - C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-19]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-07] (Adobe Inc. -> Adobe)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9105800 2020-12-01] (Microsoft Corporation -> Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1369464 2016-01-15] (Disc Soft Ltd -> Disc Soft Ltd)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [275752 2008-01-22] (Nero AG -> Nero AG)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5197552 2020-12-20] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-01-19] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-01-19] (Disc Soft Ltd -> Disc Soft Ltd)
S2 Hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [314368 2006-12-04] (Microsoft Windows Hardware Compatibility Publisher -> Aladdin Knowledge Systems Ltd.)
R3 MpKsl02ff55d1; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{06A905E6-A7BF-47CE-AB5A-7D0C2680BCC9}\MpKslDrv.sys [47344 2020-12-25] (Microsoft Windows -> Microsoft Corporation)
R2 rimsptsk; C:\WINDOWS\System32\drivers\rimspx64.sys [55296 2009-06-25] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R3 SFEP; C:\WINDOWS\System32\drivers\SFEP.sys [12032 2010-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Sony Corporation)
R3 SrvHsfHDA; C:\WINDOWS\system32\DRIVERS\VSTAZL6.SYS [292864 2019-12-07] (Microsoft Windows -> Conexant Systems, Inc.)
R3 SrvHsfV92; C:\WINDOWS\system32\DRIVERS\VSTDPV6.SYS [1485312 2019-12-07] (Microsoft Windows -> Conexant Systems, Inc.)
R3 SrvHsfWinac; C:\WINDOWS\system32\DRIVERS\VSTCNXT6.SYS [740864 2019-12-07] (Microsoft Windows -> Conexant Systems, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-10] (Microsoft Windows -> Microsoft Corporation)
R3 yukonw8; C:\WINDOWS\System32\drivers\yk63x64.sys [288768 2019-12-07] (Microsoft Windows -> Marvell)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-25 12:29 - 2020-12-25 12:38 - 000000000 ____D C:\AdwCleaner
2020-12-25 12:28 - 2020-12-25 12:28 - 008447152 _____ (Malwarebytes) C:\Users\Monča\Desktop\adwcleaner_8.0.8.exe
2020-12-25 11:40 - 2020-12-25 11:49 - 000001868 _____ C:\WINDOWS\ Setup Log.txt
2020-12-25 11:25 - 2020-12-25 11:30 - 000023496 _____ C:\Users\Monča\Desktop\Addition.txt
2020-12-25 11:00 - 2020-12-25 16:14 - 000015402 _____ C:\Users\Monča\Desktop\FRST.txt
2020-12-25 10:58 - 2020-12-25 16:13 - 000000000 ____D C:\FRST
2020-12-25 10:56 - 2020-12-25 10:57 - 002286592 _____ (Farbar) C:\Users\Monča\Desktop\FRST64.exe
2020-12-21 00:08 - 2020-12-21 00:08 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2020-12-21 00:02 - 2020-12-21 00:02 - 000000020 ___SH C:\Users\Monča\ntuser.ini
2020-12-21 00:00 - 2020-12-25 12:40 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-21 00:00 - 2020-12-25 11:34 - 000004212 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{48851244-834D-43D2-81FF-79992A2EA6EF}
2020-12-21 00:00 - 2020-12-25 10:40 - 000003572 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-12-21 00:00 - 2020-12-25 10:40 - 000003460 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-12-21 00:00 - 2020-12-25 10:40 - 000003348 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-12-21 00:00 - 2020-12-25 10:40 - 000002922 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1384272110-3093881991-1331863420-1001
2020-12-21 00:00 - 2020-12-25 10:39 - 000003890 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-12-21 00:00 - 2020-12-25 10:39 - 000003590 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2020-12-21 00:00 - 2020-12-25 10:39 - 000003236 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-12-21 00:00 - 2020-12-25 10:39 - 000002280 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-12-21 00:00 - 2020-12-21 00:00 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-12-21 00:00 - 2020-12-21 00:00 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-12-20 23:58 - 2020-12-21 00:00 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2020-12-20 23:58 - 2020-12-21 00:00 - 000011433 _____ C:\WINDOWS\diagerr.xml
2020-12-20 23:40 - 2020-12-25 09:31 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-20 23:26 - 2020-12-25 12:39 - 000000000 ____D C:\Users\Monča
2020-12-20 23:26 - 2020-12-20 23:37 - 000000000 ____D C:\Users\Martin
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Monča\Šablony
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Monča\Soubory cookie
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Monča\Poslední
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Monča\Okolní tiskárny
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Monča\Okolní síť
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Monča\Nabídka Start
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Monča\Dokumenty
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Monča\Documents\Obrázky
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Monča\Documents\Hudba
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Monča\Documents\Filmy
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Monča\Data aplikací
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Monča\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Monča\AppData\Local\Data aplikací
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Martin\Šablony
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Martin\Soubory cookie
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Martin\Poslední
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Martin\Okolní tiskárny
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Martin\Okolní síť
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Martin\Nabídka Start
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Martin\Dokumenty
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Martin\Documents\Obrázky
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Martin\Documents\Hudba
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Martin\Documents\Filmy
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Martin\Data aplikací
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2020-12-20 23:26 - 2020-12-20 23:26 - 000000000 _SHDL C:\Users\Martin\AppData\Local\Data aplikací
2020-12-20 23:26 - 2019-12-07 10:10 - 000001105 _____ C:\Users\Monča\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-12-20 23:26 - 2019-12-07 10:10 - 000001105 _____ C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-12-20 23:18 - 2020-12-25 16:08 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-20 23:18 - 2020-12-20 23:18 - 000433296 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-20 23:17 - 2020-12-25 12:40 - 000008192 ___SH C:\DumpStack.log.tmp
2020-12-20 23:16 - 2020-12-21 00:01 - 000000000 ____D C:\Windows.old
2020-12-20 23:08 - 2020-12-20 23:17 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2020-12-20 23:02 - 2020-12-20 23:08 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2020-12-20 23:02 - 2020-12-20 23:02 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2020-12-20 22:56 - 2020-12-20 22:56 - 000000000 ____D C:\ProgramData\ssh
2020-12-20 22:43 - 2020-12-20 22:43 - 000580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2020-12-20 22:43 - 2020-12-20 22:43 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2020-12-20 22:43 - 2020-12-20 22:43 - 000467968 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2020-12-20 22:43 - 2020-12-20 22:43 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2020-12-20 22:43 - 2020-12-20 22:43 - 000137016 _____ C:\WINDOWS\system32\HvsiManagementApi.dll
2020-12-20 22:43 - 2020-12-20 22:43 - 000111616 _____ C:\WINDOWS\system32\RDVGHelper.exe
2020-12-20 22:43 - 2020-12-20 22:43 - 000101688 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll
2020-12-20 22:42 - 2020-12-20 22:42 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-12-20 22:42 - 2020-12-20 22:42 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2020-12-20 22:42 - 2020-12-20 22:42 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2020-12-20 22:42 - 2020-12-20 22:42 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2020-12-20 22:42 - 2020-12-20 22:42 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2020-12-20 22:41 - 2020-12-20 22:41 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2020-12-20 22:41 - 2020-12-20 22:41 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-12-20 22:41 - 2020-12-20 22:41 - 001309504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-12-20 22:41 - 2020-12-20 22:41 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2020-12-20 22:41 - 2020-12-20 22:41 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2020-12-20 22:41 - 2020-12-20 22:41 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2020-12-20 22:41 - 2020-12-20 22:41 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2020-12-20 22:41 - 2020-12-20 22:41 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2020-12-20 22:41 - 2020-12-20 22:41 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-20 22:41 - 2020-12-20 22:41 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2020-12-20 22:41 - 2020-12-20 22:41 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2020-12-20 22:41 - 2020-12-20 22:41 - 000010912 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-12-20 22:40 - 2020-12-20 22:40 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-12-20 22:40 - 2020-12-20 22:40 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2020-12-20 22:40 - 2020-12-20 22:40 - 000455168 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2020-12-20 22:40 - 2020-12-20 22:40 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2020-12-20 22:40 - 2020-12-20 22:40 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb
2020-12-20 22:40 - 2020-12-20 22:40 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2020-12-20 22:40 - 2020-12-20 22:40 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-12-20 22:39 - 2020-12-20 22:39 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2020-12-20 22:39 - 2020-12-20 22:39 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2020-12-20 22:39 - 2020-12-20 22:39 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2020-12-20 22:39 - 2020-12-20 22:39 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2020-12-20 22:39 - 2020-12-20 22:39 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2020-12-20 22:39 - 2020-12-20 22:39 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2020-12-20 22:39 - 2020-12-20 22:39 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-20 22:39 - 2020-12-20 22:39 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2020-12-20 22:39 - 2020-12-20 22:39 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-20 22:39 - 2020-12-20 22:39 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2020-12-20 22:39 - 2020-12-20 22:39 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv
2020-12-20 22:39 - 2020-12-20 22:39 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2020-12-20 22:38 - 2020-12-20 22:38 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2020-12-20 22:38 - 2020-12-20 22:38 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-20 22:38 - 2020-12-20 22:38 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-12-20 22:37 - 2020-12-20 22:37 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-20 22:37 - 2020-12-20 22:37 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-20 22:37 - 2020-12-20 22:37 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2020-12-20 22:37 - 2020-12-20 22:37 - 000152576 _____ C:\WINDOWS\system32\EoAExperiences.exe
2020-12-20 22:37 - 2020-12-20 22:37 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb
2020-12-20 22:37 - 2020-12-20 22:37 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-20 22:36 - 2020-12-20 22:36 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-12-20 22:36 - 2020-12-20 22:36 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2020-12-20 22:36 - 2020-12-20 22:36 - 000707544 _____ C:\WINDOWS\system32\TextShaping.dll
2020-12-20 22:36 - 2020-12-20 22:36 - 000645120 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2020-12-20 22:36 - 2020-12-20 22:36 - 000306176 _____ C:\WINDOWS\system32\HeatCore.dll
2020-12-20 22:36 - 2020-12-20 22:36 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2020-12-20 22:36 - 2020-12-20 22:36 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2020-12-20 22:35 - 2020-12-20 22:35 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2020-12-20 22:35 - 2020-12-20 22:35 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2020-12-20 22:35 - 2020-12-20 22:35 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-20 22:35 - 2020-12-20 22:35 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2020-12-20 22:35 - 2020-12-20 22:35 - 000165376 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-12-20 22:35 - 2020-12-20 22:35 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2020-12-20 22:34 - 2020-12-20 22:34 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2020-12-20 22:34 - 2020-12-20 22:34 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2020-12-20 22:34 - 2020-12-20 22:34 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2020-12-20 22:34 - 2020-12-20 22:34 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2020-12-20 22:34 - 2020-12-20 22:34 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv
2020-12-20 22:34 - 2020-12-20 22:34 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-12-20 22:14 - 2020-12-20 22:14 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2020-12-20 22:14 - 2020-12-20 22:14 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2020-12-20 22:09 - 2020-12-20 22:09 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2020-12-20 22:09 - 2020-12-20 22:09 - 000000000 ____D C:\Program Files\Reference Assemblies
2020-12-20 22:09 - 2020-12-20 22:09 - 000000000 ____D C:\Program Files\MSBuild
2020-12-20 22:09 - 2020-12-20 22:09 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2020-12-20 22:09 - 2020-12-20 22:09 - 000000000 ____D C:\Program Files (x86)\MSBuild
2020-12-10 18:37 - 2020-12-25 10:36 - 000000000 ___DC C:\WINDOWS\Panther
2020-12-10 18:14 - 2020-12-10 18:14 - 000000000 ___HD C:\$WinREAgent
2020-12-10 15:11 - 2020-12-20 23:37 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-10 15:11 - 2020-12-20 23:37 - 000002257 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-11-25 22:00 - 2020-11-25 22:00 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2020-11-25 20:44 - 2020-12-10 15:39 - 000000000 ____D C:\Users\Monča\Desktop\kalendář empik
2020-11-25 20:22 - 2020-11-25 20:28 - 000000000 ____D C:\Users\Monča\Desktop\kalendář

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-25 16:08 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-25 12:39 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-12-25 10:36 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2020-12-25 10:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-12-25 09:47 - 2015-11-23 10:38 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-12-25 09:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\appcompat
2020-12-25 09:31 - 2019-12-07 15:43 - 000717960 _____ C:\WINDOWS\system32\perfh005.dat
2020-12-25 09:31 - 2019-12-07 15:43 - 000145102 _____ C:\WINDOWS\system32\perfc005.dat
2020-12-21 00:25 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-21 00:23 - 2018-02-25 07:50 - 000000000 ____D C:\Users\Monča\AppData\Local\Packages
2020-12-21 00:22 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-12-21 00:05 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate
2020-12-21 00:05 - 2019-05-26 11:49 - 000000000 ____D C:\ProgramData\Packages
2020-12-21 00:04 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-12-21 00:04 - 2018-02-25 08:15 - 000000000 ___RD C:\Users\Monča\3D Objects
2020-12-21 00:04 - 2015-08-10 12:44 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-12-21 00:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-12-21 00:01 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-12-21 00:00 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows NT
2020-12-21 00:00 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-20 23:57 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-20 23:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Registration
2020-12-20 23:42 - 2015-12-13 14:23 - 000023020 _____ C:\WINDOWS\system32\emptyregdb.dat
2020-12-20 23:37 - 2015-11-23 07:10 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-12-20 23:37 - 2015-11-23 07:10 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-12-20 23:31 - 2019-07-14 14:12 - 000000000 ____D C:\Users\Monča\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2020-12-20 23:31 - 2017-11-03 13:24 - 000000000 ____D C:\Users\Monča\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2020-12-20 23:31 - 2016-02-20 10:25 - 000000000 ____D C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ETKA 7.3 Germany 2011
2020-12-20 23:31 - 2016-01-19 09:58 - 000000000 ____D C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mafia
2020-12-20 23:31 - 2015-12-07 09:24 - 000000000 ____D C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SDÍLEJ.CZ
2020-12-20 23:31 - 2015-11-29 20:54 - 000000000 ____D C:\Users\Monča\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SDÍLEJ.CZ
2020-12-20 23:31 - 2015-11-23 10:19 - 000000000 ____D C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-12-20 23:27 - 2015-11-23 07:13 - 000000000 ____D C:\Users\Martin\AppData\Local\Packages
2020-12-20 23:24 - 2017-08-08 16:05 - 000000000 ____D C:\WINDOWS\system32\DAX2
2020-12-20 23:23 - 2017-10-20 00:11 - 000000000 ____D C:\Program Files\Apoint
2020-12-20 23:23 - 2017-08-08 16:05 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2020-12-20 23:17 - 2020-10-26 08:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2020-12-20 23:17 - 2019-12-14 21:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FotoMagica
2020-12-20 23:17 - 2019-12-07 10:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2020-12-20 23:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-12-20 23:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2020-12-20 23:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\spool
2020-12-20 23:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-12-20 23:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-12-20 23:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\System
2020-12-20 23:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2020-12-20 23:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-12-20 23:17 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-12-20 23:17 - 2019-07-30 07:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueVoda Website Builder
2020-12-20 23:17 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2020-12-20 23:17 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2020-12-20 23:17 - 2018-02-25 08:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-12-20 23:17 - 2017-11-03 11:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Premium
2020-12-20 23:17 - 2017-08-08 09:32 - 000000000 ____D C:\Program Files\UNP
2020-12-20 23:17 - 2017-07-25 04:49 - 000000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2020-12-20 23:17 - 2016-02-13 15:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-12-20 23:17 - 2016-01-19 09:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2020-12-20 23:17 - 2016-01-03 17:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Expresseur
2020-12-20 23:17 - 2015-11-29 20:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64
2020-12-20 23:17 - 2015-11-23 10:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-12-20 23:17 - 2015-11-23 07:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Pro Control Center
2020-12-20 23:17 - 2015-09-25 19:05 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-12-20 23:16 - 2019-12-07 10:18 - 000000000 ____D C:\WINDOWS\Setup
2020-12-20 23:15 - 2019-12-07 10:14 - 000000000 __RHD C:\Users\Public\Libraries
2020-12-20 23:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-12-20 23:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Resources
2020-12-20 23:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Help
2020-12-20 23:09 - 2017-12-29 05:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ObviousIdea
2020-12-20 23:09 - 2017-07-25 04:49 - 000000000 ____D C:\WINDOWS\system32\BestPractices
2020-12-20 23:08 - 2017-08-08 16:05 - 000000000 ____D C:\Program Files\Realtek
2020-12-20 22:56 - 2019-12-07 15:47 - 000000000 ___SD C:\WINDOWS\system32\AppV
2020-12-20 22:56 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-12-20 22:56 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-12-20 22:56 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2020-12-20 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-20 22:56 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2020-12-20 22:53 - 2019-12-07 15:47 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2020-12-20 22:53 - 2019-12-07 15:47 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2020-12-20 22:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2020-12-20 22:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2020-12-20 22:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2020-12-20 22:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2020-12-20 22:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2020-12-20 22:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2020-12-20 22:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2020-12-20 22:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2020-12-20 22:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\MUI
2020-12-19 20:28 - 2019-05-31 07:52 - 000000000 ____D C:\Users\Monča\AppData\Local\PlaceholderTileLogoFolder
2020-12-19 20:21 - 2015-08-10 12:46 - 000000000 ___RD C:\Users\Monča\OneDrive
2020-12-10 15:38 - 2017-04-01 15:31 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-12-10 15:23 - 2018-02-27 06:48 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-11-25 22:15 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\TextInput
2020-11-25 21:46 - 2015-09-25 19:05 - 133736600 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2020
Ran by Monča (25-12-2020 16:22:58)
Running from C:\Users\Monča\Desktop
Windows 10 Pro Version 2004 19041.685 (X64) (2020-12-20 23:01:58)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1384272110-3093881991-1331863420-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1384272110-3093881991-1331863420-503 - Limited - Disabled)
Guest (S-1-5-21-1384272110-3093881991-1331863420-501 - Limited - Disabled)
Martin (S-1-5-21-1384272110-3093881991-1331863420-1002 - Administrator - Enabled) => C:\Users\Martin
Monča (S-1-5-21-1384272110-3093881991-1331863420-1001 - Administrator - Enabled) => C:\Users\Monča
WDAGUtilityAccount (S-1-5-21-1384272110-3093881991-1331863420-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.414 - Adobe)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - ALPS ELECTRIC CO., LTD.)
AMD Catalyst Install Manager (HKLM\...\{A70B905D-2E57-66A0-3BFE-66B8E71E0C70}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
BlueVoda Website Builder 10.12 (HKLM-x32\...\BlueVoda_Website_Builder_1.0) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0115 - Disc Soft Ltd)
Expresseur 2.0.beta français (HKLM-x32\...\{EC49EC60-4F92-4A59-B505-1975EF6F8D64}_is1) (Version: - expresseur)
FotoMagica (HKLM-x32\...\FotoMagica_FotoMagica) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Light Image Resizer 4.7.7.0 (HKLM-x32\...\{EBE030DD-D404-4D92-85E9-8C3624820808}_is1) (Version: 4.7.7.0 - ObviousIdea)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.66 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.13426.20404 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1384272110-3093881991-1331863420-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
MPC-HC 1.7.8 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.8 - MPC-HC Team)
Nero 7 Premium (HKLM-x32\...\{C6115A28-F277-4E82-B067-84D28BF21029}) (Version: 7.03.1357 - Nero AG)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22899 - Microsoft Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
SDÍLEJ.CZ Manager (HKU\S-1-5-21-1384272110-3093881991-1331863420-1001\...\69f070f18ade444c) (Version: 0.0.1.42 - SDÍLEJ.CZ)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{0BAA0A93-3AD3-4B19-9105-4C8C3FA92A83}) (Version: 2.67.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{0746492E-47B6-4251-940C-44462DFD74BB}) (Version: 2.55.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
VAIO Content Metadata XML Interface Library (HKLM-x32\...\{291FB4BF-EEC7-4CF9-8469-F39ED1DBC4D8}) (Version: 3.6.0.09080 - Sony Corporation)
VAIO Content Metadata XML Interface Library (HKLM-x32\...\{A3563827-B0DB-44DC-B037-15CC4E5E692F}) (Version: 3.6.0.09080 - Sony Corporation) Hidden
VAIO Content Metadata XML Interface Library (HKLM-x32\...\{AC050677-EAFC-4B57-8F83-8205F65134D2}) (Version: 3.6.0.09080 - Sony Corporation) Hidden
VAIO Event Service (HKLM-x32\...\{C7477742-DDB4-43E5-AC8D-0259E1E661B1}) (Version: 5.2.0.15020 - Sony Corporation)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

Packages:
=========
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_1.1911.21713.0_x64__8wekyb3d8bbwe [2020-12-21] (Microsoft Corporation)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-04-19] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-05] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-05] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-12-20] (Microsoft Studios) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-04-18] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2012-11-16] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2017-10-20 00:27 - 2010-03-02 15:22 - 000013824 _____ () [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2017-10-20 00:27 - 2010-03-02 15:22 - 000013312 _____ () [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSubPS.dll
2012-11-16 16:04 - 2012-11-16 16:04 - 000005120 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamcsy.dll
2017-10-20 00:27 - 2010-03-02 15:22 - 000110592 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESAppMon.dll
2017-10-20 00:27 - 2010-03-02 15:22 - 000110592 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESAutoDimmer.dll
2017-10-20 00:27 - 2010-03-02 15:22 - 000577536 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESColorMgr.dll
2017-10-20 00:27 - 2010-03-02 15:22 - 000184320 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESCommonUI.dll
2017-10-20 00:27 - 2010-03-02 15:22 - 000708608 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESHybridGfx2.dll
2017-10-20 00:27 - 2010-03-02 15:22 - 000114688 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESKBStatus.dll
2017-10-20 00:27 - 2010-03-02 15:22 - 000172032 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESPerform.dll
2017-10-20 00:27 - 2010-03-02 15:22 - 000110592 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESRemoteKey.dll
2017-10-20 00:27 - 2010-03-02 15:22 - 000122880 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESStorageProtect.dll
2017-10-20 00:27 - 2010-03-02 15:22 - 000075264 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESSuEvent.dll
2017-10-20 00:27 - 2010-03-02 15:22 - 000118784 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESTransform.dll
2017-10-20 00:27 - 2010-03-02 15:22 - 000077824 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESUSBKeyboard.dll
2017-10-20 00:27 - 2010-03-02 15:22 - 000085504 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESWndMsg.dll
2017-10-20 00:27 - 2010-03-02 15:22 - 000006144 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESWndMsgHook.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-10-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2020-10-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-10] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 12:04 - 2015-07-10 12:02 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Skype\Phone\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1384272110-3093881991-1331863420-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "Skytel"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKU\S-1-5-21-1384272110-3093881991-1331863420-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1384272110-3093881991-1331863420-1001\...\StartupApproved\Run: => "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
HKU\S-1-5-21-1384272110-3093881991-1331863420-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1384272110-3093881991-1331863420-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F76B2571-03F6-4769-9B29-1C6AA390BDB7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C1E765D8-9002-4086-9AB2-CE4554D719CA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8F2E7022-7229-43A3-B7C0-8BE0AA275C4D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1B5CC245-7D94-42BD-A4D7-9B6091C6B913}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9E56E7B7-BE9C-418E-962B-728645116D17}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{2A20A479-81CB-4C9C-BF7A-2CB04D83CE17}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{A03F3D25-0F25-452F-996A-1400BFE55BAC}C:\users\monča\desktop\fichiers xiaomi\fichiers xiaomi\win-mirobo\environment\php\php.exe] => (Allow) C:\users\monča\desktop\fichiers xiaomi\fichiers xiaomi\win-mirobo\environment\php\php.exe (The PHP Group) [File not signed]
FirewallRules: [TCP Query User{91D7550B-4772-4CEA-A76B-E887C0C57519}C:\users\monča\desktop\fichiers xiaomi\fichiers xiaomi\win-mirobo\environment\php\php.exe] => (Allow) C:\users\monča\desktop\fichiers xiaomi\fichiers xiaomi\win-mirobo\environment\php\php.exe (The PHP Group) [File not signed]
FirewallRules: [{B0136941-44CD-4B1E-AE06-E18453D52E79}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{87348A04-ED85-413C-9464-1FADAF5DA62C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D296A32D-A791-47A2-A0B4-F9FB0B4ABBC4}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{90B57956-E833-4B6F-92CF-7E6F44335F04}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{5B2B63D7-B9FC-456A-AEC7-592445040056}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A4C5044D-4EFB-4BCB-AEF6-729F5C0BD209}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9DB114BC-2CFF-4F6E-B23B-0891539F8A08}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{17EE9579-C654-4A46-AE6E-BF3FC296CB35}C:\users\monča\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\monča\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{E2575CC8-4D2A-4E64-B24C-AD5CBC809D4D}C:\users\monča\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\monča\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]

==================== Restore Points =========================

21-12-2020 00:19:16 Instalační služba modulů systému Windows
25-12-2020 11:42:12 Removed Autocom Car 2016.0

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/25/2020 10:20:56 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Rezervováno systémem, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (12/21/2020 12:27:21 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (12/21/2020 12:27:21 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (12/21/2020 12:11:33 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL na řádku 1.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované komponenty.
Odkaz je UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definice je UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (12/20/2020 11:43:39 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Zprostředkovatel událostí wsp_sr se pokusil zaregistrovat dotaz select * from WSP_ReplicationGroupModificationEvent, jehož cílová třída WSP_ReplicationGroupModificationEvent v oboru názvů //./ROOT/Microsoft/Windows/Storage/Providers_v2 neexistuje. Dotaz bude ignorován.

Error: (12/20/2020 11:43:39 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Zprostředkovatel událostí wsp_sr se pokusil zaregistrovat dotaz select * from WSP_ReplicationGroupDepartureEvent, jehož cílová třída WSP_ReplicationGroupDepartureEvent v oboru názvů //./ROOT/Microsoft/Windows/Storage/Providers_v2 neexistuje. Dotaz bude ignorován.

Error: (12/20/2020 11:43:39 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Zprostředkovatel událostí wsp_sr se pokusil zaregistrovat dotaz select * from WSP_ReplicationGroupArrivalEvent, jehož cílová třída WSP_ReplicationGroupArrivalEvent v oboru názvů //./ROOT/Microsoft/Windows/Storage/Providers_v2 neexistuje. Dotaz bude ignorován.

Error: (12/20/2020 11:43:39 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Zprostředkovatel událostí se pokusil zaregistrovat dotaz select * from WSP_ReplicationGroupModificationEvent, jehož cílová třída WSP_ReplicationGroupModificationEvent v oboru názvů //./ROOT/Microsoft/Windows/Storage/Providers_v2 neexistuje. Dotaz bude ignorován.


System errors:
=============
Error: (12/25/2020 01:11:28 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-B2GHIAM)
Description: Server Microsoft.SkypeApp_15.67.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/25/2020 12:46:31 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-B2GHIAM)
Description: Server Microsoft.SkypeApp_15.67.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/25/2020 12:43:46 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-B2GHIAM)
Description: Server Microsoft.SkypeApp_15.67.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/25/2020 12:42:21 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server Windows.Internal.StateRepository.ApplicationExtension se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/25/2020 12:40:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Hardlock neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (12/25/2020 12:40:26 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: hardlock.sys

Error: (12/25/2020 12:38:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (12/25/2020 12:38:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Bluetooth Driver Management Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
===================================
Date: 2020-12-25 16:21:57.5920000Z
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\Users\Martin\Downloads\mso16a.rar
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.329.1035.0, AS: 1.329.1035.0, NIS: 1.329.1035.0
Verze modulu: AM: 1.1.17700.4, NIS: 1.1.17700.4

Date: 2020-12-25 16:21:04.9010000Z
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Conteban.A!ml
ID: 2147735508
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Martin\Downloads\FileActivation.rar
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.329.1035.0, AS: 1.329.1035.0, NIS: 1.329.1035.0
Verze modulu: AM: 1.1.17700.4, NIS: 1.1.17700.4

Date: 2020-12-25 13:35:32.1470000Z
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {FBCBB3F6-E0A2-445F-9627-1C51AD8AEC3F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-12-25 13:25:20.4470000Z
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {4EF10BBD-C79C-4CCE-BF2B-16EA4C352086}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-12-25 13:19:53.5850000Z
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5136EAA1-6E74-4CC8-89D2-2C7D1FE5844F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

==================== Memory info ===========================

BIOS: American Megatrends Inc. R3110Y0 08/27/2009
Motherboard: Sony Corporation VAIO
Processor: Intel(R) Core(TM)2 Duo CPU T6400 @ 2.00GHz
Percentage of memory in use: 76%
Total physical RAM: 4063.02 MB
Available physical RAM: 964.12 MB
Total Virtual: 5471.02 MB
Available Virtual: 2211.71 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:464.4 GB) (Free:131.66 GB) NTFS

\\?\Volume{40fbf108-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{40fbf108-0000-0000-0000-b01f74000000}\ () (Fixed) (Total:0.83 GB) (Free:0.39 GB) NTFS
\\?\Volume{40fbf108-0000-0000-0000-905474000000}\ () (Fixed) (Total:0.44 GB) (Free:0.13 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 40FBF108)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=464.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=846 MB) - (Type=27)
Partition 4: (Not Active) - (Size=450 MB) - (Type=27)

==================== End of Addition.txt =======================

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
Task: {51D09DF1-132B-4799-991A-B6A32E994536} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-23] (Google Inc -> Google Inc.)
Task: {80FA58C3-0579-4E1A-BD2B-1E253C1570D6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-23] (Google Inc -> Google Inc.)
Task: {D073A8F8-9AF4-4665-8503-40866D1EE688} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
C:\Users\Martin\Downloads\mso16a.rar
C:\Users\Martin\Downloads\FileActivation.rar

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 14-12-2020
Ran by Monča (25-12-2020 17:09:24) Run:1
Running from C:\Users\Monča\Desktop
Loaded Profiles: Monča
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
Task: {51D09DF1-132B-4799-991A-B6A32E994536} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-23] (Google Inc -> Google Inc.)
Task: {80FA58C3-0579-4E1A-BD2B-1E253C1570D6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-23] (Google Inc -> Google Inc.)
Task: {D073A8F8-9AF4-4665-8503-40866D1EE688} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
C:\Users\Martin\Downloads\mso16a.rar
C:\Users\Martin\Downloads\FileActivation.rar

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{51D09DF1-132B-4799-991A-B6A32E994536}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{51D09DF1-132B-4799-991A-B6A32E994536}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{80FA58C3-0579-4E1A-BD2B-1E253C1570D6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{80FA58C3-0579-4E1A-BD2B-1E253C1570D6}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D073A8F8-9AF4-4665-8503-40866D1EE688}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D073A8F8-9AF4-4665-8503-40866D1EE688}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32 => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32 => removed successfully
"C:\Users\Martin\Downloads\mso16a.rar" => not found
"C:\Users\Martin\Downloads\FileActivation.rar" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 9461760 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 32704835 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 2773916 B
Edge => 2146298 B
Chrome => 183258042 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 5012 B
Monča => 2941003 B
Martin => 3529953 B

RecycleBin => 0 B
EmptyTemp: => 225.9 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 17:12:15 ====

Smazáno. Nastala nějaká změna?

Je to o krapek lepší, ale pořád to není ono.

Otevření fotky v programu windows trvá přibližně 30s a přikládám screen ze spárvce úloh kde je využití disku 100%.

https://ibb.co/CbStQ9G

Tak využití disku již spadlo a není to taková hrůza. Hold PC už asi chce vyměnit.

Ještě můžete zkusit tento návod: https://www.instaluj.cz/magazin/jak-zak ... indows-10- .