VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Win Zabezpecenie Zavazna hrozba

https://forum.viry.cz:443/viewtopic.php?t=157878

Stránka 1 z 2

Win Zabezpecenie Zavazna hrozba

Napsal: 16 úno 2021 13:07
od valachmar
Dobry den
Na Win 10, mam vo Windows Zapezpecenie, závažnú hrozbu, ktoru nejde vymazat, ani dat do karanteny.
Prosim o pomoc s tymto problemom.
Prikladam logy:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-02-2021
Ran by Richard (administrator) on DESKTOP-PUNF98O (ASUS All Series) (16-02-2021 10:13:40)
Running from C:\Users\Richard\OneDrive\Počítač
Loaded Profiles: Richard
Platform: Windows 10 Pro Version 20H2 19042.804 (X64) Language: Angličtina (USA)
Default browser: Opera
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Richard\AppData\Roaming\BitTorrent\BitTorrent.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Richard\AppData\Roaming\BitTorrent\helper\helper.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Richard\AppData\Roaming\BitTorrent\updates\7.10.5_45857\bittorrentie.exe <2>
(ESI Audiotechnik GmbH -> ESI Audiotechnik GmbH) C:\Windows\System32\JulaPAN.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <17>
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett Packard -> Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Intel(R) Intel Network Drivers -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(LAVASOFT SOFTWARE CANADA INC -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1002.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_2.34.28001.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\NisSrv.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <2>
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
HKLM\...\Run: [RtHDVBg_DTS] => "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /DTSU2P
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [julapan.exe] => C:\Windows\system32\julapan.exe [514792 2015-09-16] (ESI Audiotechnik GmbH -> ESI Audiotechnik GmbH)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\Run: [btweb] => C:\Users\Richard\AppData\Roaming\BitTorrent Web\btweb.exe [5691520 2020-12-18] (Jenkins Win Client Build CA -> BitTorrent Inc.) [File not signed]
HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [8442464 2021-01-17] (LAVASOFT SOFTWARE CANADA INC -> Lavasoft)
HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\Run: [Opera Browser Assistant] => C:\Users\Richard\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3366040 2021-01-14] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3412696 2021-02-13] (Valve -> Valve Corporation)
HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\Run: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1941352 2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\Run: [BitTorrent] => C:\Users\Richard\AppData\Roaming\BitTorrent\BitTorrent.exe [1960416 2021-01-17] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-3697634085-1141814390-3545286870-1008\...\Run: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1941352 2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\PCL hpz3lw71: C:\WINDOWS\system32\hpz3lw71.dll [46080 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\88.0.4324.150\Installer\chrmstp.exe [2021-02-09] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2021-01-19]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {14CA1CEF-3318-47B7-86D2-2ECBC74E5372} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-17] (Google LLC -> Google LLC)
Task: {1797563B-38D4-4545-AEE4-BEE4F8CBB71C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993800 2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {17D42D8E-77AA-4914-A8C2-C57E6B303742} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [2856304 2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {1D9274BB-A3C2-42C6-9B7F-59052CEEFEBD} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-11-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {54DC7C6D-40E2-46A1-8AFE-336572E8DE68} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1710464 2020-11-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {5AA1B47D-35FB-4999-81FD-14DBA06B7044} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1710464 2020-11-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {5FE15614-C0AE-4613-9677-6493B9439427} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {608B8562-311F-4FD1-9F0B-CDD0C6399B85} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [693216 2021-01-05] (Mozilla Corporation -> Mozilla Foundation)
Task: {63DB492F-514A-4B02-84AB-6550C5183A3A} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-11-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {65EF3569-7125-45A0-8EEF-9566FB5D938F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {670C8D12-809A-4015-9BB9-97B1C14B033A} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {6BFB181D-1739-47E9-B521-1A776DE7F437} - System32\Tasks\Opera scheduled Autoupdate 1610919243 => C:\Users\Richard\AppData\Local\Programs\Opera\launcher.exe [1793688 2021-02-09] (Opera Software AS -> Opera Software)
Task: {C072A348-D7D7-48AA-A64D-E380E1B016DE} - System32\Tasks\Opera scheduled assistant Autoupdate 1610919256 => C:\Users\Richard\AppData\Local\Programs\Opera\launcher.exe [1793688 2021-02-09] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Richard\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {CE3400A4-2453-474E-A977-376B9A83CA13} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142216 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {D316DF82-ACCE-48A1-836A-13E2FCB6FCB8} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [855352 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {D537E333-ACE3-471B-99B1-6D5F29E1884A} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1710464 2020-11-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {D5A8195B-A0A8-4CE3-A6EB-E8D490BCB440} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142216 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {D793B4FB-3A77-493F-8A0D-EAFD24C68C7E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-17] (Google LLC -> Google LLC)
Task: {D87EE80B-5F26-48DE-9AA6-B1339967EBEC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DC8600F3-B462-4969-BD02-AADC0047FEE2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DE8A4910-911A-40D7-B150-86C7AA89784E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5199792 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {E19C5F7F-122D-468D-AB87-245CE4EACE71} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5199792 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {F40592F5-BE40-48DD-AC47-CEA9D36DEF61} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993800 2021-02-03] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{79a0aa48-88c9-4278-80d1-7970b601bf4a}: [DhcpNameServer] 192.168.100.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Richard\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-16]

FireFox:
========
FF DefaultProfile: 1yn368nw.default
FF ProfilePath: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\1yn368nw.default [2021-01-17]
FF Homepage: Mozilla\Firefox\Profiles\1yn368nw.default -> hxxps://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=BT171002&iDate=2021-01-17 09:34:10&bName=
FF NewTab: Mozilla\Firefox\Profiles\1yn368nw.default -> hxxps://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=BT171002&iDate=2021-01-17 09:34:10&bName=
FF ProfilePath: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\o1iww0dk.default-release [2021-01-17]
FF Homepage: Mozilla\Firefox\Profiles\o1iww0dk.default-release -> hxxps://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=BT171002&iDate=2021-01-17 09:34:10&bName=
FF NewTab: Mozilla\Firefox\Profiles\o1iww0dk.default-release -> hxxps://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=BT171002&iDate=2021-01-17 09:34:10&bName=
FF SearchPlugin: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\o1iww0dk.default-release\searchplugins\My Bing Search.xml [2021-01-17]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-01-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-01-31] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default [2021-02-16]
CHR Notifications: Default -> hxxps://drive.google.com
CHR HomePage: Default -> hxxps://www.google.sk/
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Slides) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-01-17]
CHR Extension: (Docs) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-01-17]
CHR Extension: (Google Drive) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-17]
CHR Extension: (YouTube) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-01-17]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-01-29]
CHR Extension: (CzTorrent - 1. CZ Free Torrent Tracker -) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\chalkflaflbkojghgfddnifalamblkkd [2021-01-17]
CHR Extension: (Sheets) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-01-17]
CHR Extension: (Google Docs Offline) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-01-17]
CHR Extension: (Save to Facebook) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfikkaogpplgnfjmbjdpalkhclendgd [2021-01-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-17]
CHR Extension: (Chrome Media Router) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-29]

Opera:
=======
OPR Profile: C:\Users\Richard\AppData\Roaming\Opera Software\Opera Stable [2021-02-16]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Richard\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-02-09]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936456 2015-05-13] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2021-01-16] (ASUSTeK Computer Inc. -> ) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8905608 2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
S3 FileSyncHelper; C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\FileSyncHelper.exe [2194288 2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2020-12-08] (FUTUREMARK INC -> Futuremark)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335360 2016-03-18] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-18] (Intel Corporation) [File not signed]
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S3 OneDrive Updater Service; C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\OneDriveUpdaterService.exe [2567552 2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5198064 2021-01-23] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12835096 2021-01-28] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [29280 2021-01-17] (LAVASOFT SOFTWARE CANADA INC -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\NisSrv.exe [2462960 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MsMpEng.exe [128376 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15368 2015-05-13] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 DIRECTIO; C:\Program Files\PerformanceTest\DirectIo64.sys [42352 2020-08-24] (PassMark Software Pty Ltd -> )
R1 Jula.sys; C:\WINDOWS\system32\DRIVERS\Jula.sys [62696 2015-09-16] (ESI Audiotechnik GmbH -> ESI Audiotechnik GmbH)
R3 JulaWDM.sys; C:\WINDOWS\system32\DRIVERS\JulaWDM.sys [45288 2015-09-16] (ESI Audiotechnik GmbH -> ESI Audiotechnik GmbH)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49552 2021-02-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [419040 2021-02-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-16 10:13 - 2021-02-16 10:13 - 000000000 ____D C:\FRST
2021-02-15 23:56 - 2021-02-15 23:56 - 005290371 _____ C:\Users\Richard\Downloads\Office Tool Plus 7.6.0.1 Multilingual (1).rar
2021-02-15 13:47 - 2021-02-15 13:47 - 000143008 _____ C:\Users\Richard\Downloads\Etuda30new1.mp4.sfk
2021-02-15 13:38 - 2021-02-15 13:38 - 210725668 _____ C:\Users\Richard\Downloads\Etuda30new1.mp4
2021-02-15 12:58 - 2021-02-15 12:58 - 000989584 _____ (GridinSoft LLC) C:\Users\Richard\Downloads\install-antimalware-fix.exe
2021-02-15 12:49 - 2021-02-15 12:49 - 000000086 _____ C:\Users\Richard\AppData\Roaming\remoteclient.ini
2021-02-15 12:48 - 2021-02-15 12:48 - 000458752 _____ C:\Users\Richard\AppData\Local\sqlite_pass
2021-02-15 12:45 - 2021-02-15 12:45 - 000505093 _____ C:\Users\Richard\AppData\Roaming\sex.txt
2021-02-15 12:45 - 2021-02-15 12:45 - 000188416 _____ (NirSoft) C:\Users\Richard\AppData\Roaming\1.exe
2021-02-15 12:45 - 2021-02-15 12:45 - 000005120 _____ (Microsoft) C:\Users\Richard\AppData\Roaming\0.exe
2021-02-15 12:45 - 2021-02-15 12:45 - 000000032 _____ C:\Users\Richard\AppData\Roaming\++.bat
2021-02-15 12:44 - 2021-02-15 12:44 - 000015872 _____ (Microsoft) C:\Users\Richard\AppData\Roaming\specific.exe
2021-02-15 10:57 - 2021-02-15 10:57 - 000147822 _____ C:\Users\Richard\Downloads\potvrdenie.pdf
2021-02-13 23:50 - 2021-02-13 23:50 - 000000000 ____D C:\Users\Richard\Downloads\Office Tool Plus 7.6.0.1 Multilingual
2021-02-13 17:03 - 2021-02-13 17:04 - 005290371 _____ C:\Users\Richard\Downloads\Office Tool Plus 7.6.0.1 Multilingual.rar
2021-02-12 15:53 - 2021-02-12 15:53 - 006385465 _____ C:\Users\Katinka\Downloads\Vianocna ozdoba diplom 1.pptx
2021-02-11 18:20 - 2021-02-11 18:20 - 048708248 _____ C:\Users\Richard\Downloads\y2mate.com - Guy Lacour 50 Etude 34 Tenor Saxophone_1080pFHR.mp4
2021-02-11 14:24 - 2021-02-11 14:24 - 000031675 _____ C:\Users\Richard\Downloads\let_it_be_gr_kar (1).mid
2021-02-11 14:20 - 2021-02-11 14:20 - 000031675 _____ C:\Users\Richard\Downloads\let_it_be_gr_kar.mid
2021-02-11 14:19 - 2021-02-11 14:19 - 000023513 _____ C:\Users\Richard\Downloads\Let_It_Be.mid
2021-02-11 00:33 - 2021-02-11 00:33 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-11 00:33 - 2021-02-11 00:33 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-11 00:33 - 2021-02-11 00:33 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-02-11 00:33 - 2021-02-11 00:33 - 000010892 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-11 00:32 - 2021-02-11 00:32 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-02-10 23:17 - 2021-02-10 23:17 - 000166467 _____ C:\Users\Richard\Downloads\jazz-883.mus
2021-02-10 23:12 - 2021-02-10 23:12 - 006385255 _____ C:\Users\Katinka\Downloads\Vianocna ozdoba diplom.pptx
2021-02-10 21:00 - 2021-02-10 21:00 - 000000000 ____D C:\Users\Katinka\AppData\Roaming\ACD Systems
2021-02-10 21:00 - 2021-02-10 21:00 - 000000000 ____D C:\Users\Katinka\AppData\Local\ACD Systems
2021-02-10 20:53 - 2021-02-10 20:57 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Scribus
2021-02-10 20:53 - 2021-02-10 20:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scribus 1.4.8
2021-02-10 20:53 - 2021-02-10 20:53 - 000000000 ____D C:\Program Files (x86)\Scribus 1.4.8
2021-02-10 20:51 - 2021-02-10 20:51 - 085773505 _____ (The Scribus Team) C:\Users\Richard\Downloads\scribus-1.4.8-windows.exe
2021-02-10 18:53 - 2021-02-10 18:53 - 000132715 _____ C:\Users\Richard\Downloads\jazz-982.mus
2021-02-10 18:53 - 2021-02-10 18:53 - 000132715 _____ C:\Users\Richard\Downloads\jazz-982 (1).mus
2021-02-10 18:48 - 2021-02-10 18:48 - 000000000 ____D C:\Users\Richard\Downloads\prednesoveskladby
2021-02-10 10:20 - 2021-02-16 09:55 - 000000000 ____D C:\Users\Richard\AppData\LocalLow\BitTorrent
2021-02-09 19:27 - 2021-02-09 19:27 - 000054590 _____ C:\Users\Richard\Downloads\birdland (1).mid
2021-02-09 19:27 - 2021-02-09 19:27 - 000050846 _____ C:\Users\Richard\Downloads\birdland (2).mid
2021-02-09 13:32 - 2021-02-09 13:32 - 000000000 ____D C:\Users\Richard\Downloads\Gazovic koncert
2021-02-08 20:06 - 2021-02-08 20:43 - 000000000 ____D C:\Users\Richard\Downloads\Diera zvana John subory
2021-02-08 17:09 - 2021-02-08 17:09 - 074527128 _____ (Skype Technologies S.A.) C:\Users\Richard\Downloads\Skype-8.68.0.96.exe
2021-02-08 17:09 - 2021-02-08 17:09 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Skype
2021-02-08 17:09 - 2021-02-08 17:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2021-02-08 14:55 - 2021-02-08 14:55 - 000187307 _____ C:\Users\Richard\Downloads\Hatikva tempo 70.m4a
2021-02-08 13:15 - 2021-02-08 13:15 - 000167843 _____ C:\Users\Richard\Downloads\[SkT]Mr._Robot_-_2.serie_(CZ)[HEVC][1080p]_=_CSFD_84% (1).torrent
2021-02-05 15:17 - 2021-02-05 15:17 - 004704192 _____ (Crystal Dew World ) C:\Users\Richard\Downloads\CrystalDiskInfo8_10_0.exe
2021-02-05 15:17 - 2021-02-05 15:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2021-02-05 15:17 - 2021-02-05 15:17 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2021-02-05 00:10 - 2021-02-05 00:10 - 000027347 _____ C:\Users\Richard\Downloads\[SkT]The_Expanse_-_1.serie_[TvRip][720p]_=_CSFD_77%.torrent
2021-02-05 00:08 - 2021-02-05 00:08 - 000167843 _____ C:\Users\Richard\Downloads\[SkT]Mr._Robot_-_2.serie_(CZ)[HEVC][1080p]_=_CSFD_84%.torrent
2021-02-03 14:46 - 2021-02-03 14:46 - 000450496 _____ C:\Users\Richard\Downloads\Blues_Shuffle.mp4.sfk
2021-02-02 19:54 - 2021-02-02 19:54 - 000000000 ____D C:\Users\Katinka\AppData\Roaming\HpUpdate
2021-02-02 19:50 - 2021-02-02 19:50 - 000000000 ____D C:\Users\Katinka\AppData\Roaming\WinRAR
2021-02-01 22:20 - 2021-02-01 22:20 - 000024537 _____ C:\Users\Richard\Downloads\[SkT]Sveraci_kazajka___The_Jacket_(2005)(CZ_EN)[720pHD]_=_CSFD_78%.torrent
2021-02-01 22:20 - 2021-02-01 22:20 - 000013673 _____ C:\Users\Richard\Downloads\[SkT]Sveraci_kazajka___Jacket,_The_(2005)(CZ)_=_CSFD_78%.torrent
2021-02-01 22:19 - 2021-02-01 22:19 - 000012249 _____ C:\Users\Richard\Downloads\[SkT]Hranice_zivota___Stay_(2005)(CZ_EN)[1080p]_=_CSFD_73%.torrent
2021-02-01 22:15 - 2021-02-01 22:15 - 000011406 _____ C:\Users\Richard\Downloads\[SkT]Osviceni___The_Shining_(1980)[1080p]_=_CSFD_88%.torrent
2021-02-01 21:57 - 2021-02-01 21:58 - 663258021 _____ C:\Users\Richard\Downloads\Blues_Shuffle.mp4
2021-02-01 21:57 - 2021-02-01 21:58 - 358977604 _____ C:\Users\Richard\Downloads\Etuda30.mp4
2021-02-01 21:17 - 2021-02-01 21:17 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Webshare klient
2021-02-01 21:17 - 2021-02-01 21:17 - 000000000 ____D C:\Program Files (x86)\Webshare klient
2021-02-01 21:16 - 2021-02-01 21:17 - 005741167 _____ C:\Users\Richard\Downloads\webshare-klient-beta-2020-10-17.exe
2021-02-01 21:06 - 2021-02-01 21:06 - 000011730 _____ C:\Users\Richard\Downloads\[SkT]Osudovy_dotek___Butterfly_Effect,_The_(2004)(CZ)_=_CSFD_87%.torrent
2021-02-01 15:57 - 2021-02-01 15:57 - 000006485 _____ C:\Users\Richard\Downloads\hatikva6.mid
2021-02-01 15:57 - 2021-02-01 15:57 - 000003094 _____ C:\Users\Richard\Downloads\hatikvah (1).mid
2021-02-01 15:57 - 2021-02-01 15:57 - 000003068 _____ C:\Users\Richard\Downloads\hatikva3.mid
2021-02-01 15:56 - 2021-02-01 15:56 - 000021500 _____ C:\Users\Richard\Downloads\Hatikvah.mid
2021-02-01 15:20 - 2021-02-01 15:20 - 000017261 _____ C:\Users\Richard\Downloads\Yesterday (1).mid
2021-02-01 15:20 - 2021-02-01 15:20 - 000014948 _____ C:\Users\Richard\Downloads\yesterday.mid
2021-02-01 15:20 - 2021-02-01 15:20 - 000014948 _____ C:\Users\Richard\Downloads\yesterday (2).mid
2021-01-29 21:55 - 2021-01-29 21:55 - 000672126 _____ C:\Users\Richard\Downloads\zmluva_20-131-08565.pdf
2021-01-29 21:42 - 2021-01-29 21:42 - 002534603 _____ C:\Users\Richard\Downloads\[SkT]Ebook_2020_(CZ) (1).torrent
2021-01-29 21:24 - 2021-01-29 23:06 - 000000000 ____D C:\Users\Richard\AppData\Local\transmission
2021-01-29 21:24 - 2021-01-29 23:06 - 000000000 ____D C:\ProgramData\Transmission
2021-01-29 21:24 - 2021-01-29 21:24 - 016310272 _____ C:\Users\Richard\Downloads\transmission-3.00-x64.msi
2021-01-29 21:24 - 2021-01-29 21:24 - 000002471 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transmission Qt Client.lnk
2021-01-29 21:24 - 2021-01-29 21:24 - 000000000 ____D C:\Program Files\Transmission
2021-01-29 21:15 - 2021-01-29 21:15 - 001012654 _____ C:\Users\Richard\Downloads\[SkT]Ebook_Tematicke.torrent
2021-01-29 21:14 - 2021-01-29 21:14 - 000626467 _____ C:\Users\Richard\Downloads\tematicke_2020.pdf
2021-01-29 16:59 - 2021-01-29 16:59 - 063102319 _____ (XBMC Foundation) C:\Users\Richard\Downloads\kodi-18.9-Leia-x64.exe
2021-01-29 16:58 - 2021-01-29 16:58 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Kodi
2021-01-29 16:58 - 2021-01-29 16:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodi
2021-01-29 16:58 - 2021-01-29 16:58 - 000000000 ____D C:\Program Files\Kodi
2021-01-29 16:27 - 2021-01-29 16:27 - 017633114 _____ C:\Users\Richard\Downloads\E.Rocherolle Two¨Companz.pdf
2021-01-29 16:27 - 2021-01-29 16:27 - 004814641 _____ C:\Users\Richard\Downloads\bela bartok for children.pdf
2021-01-29 15:06 - 2021-01-29 15:52 - 000000000 ____D C:\Users\Richard\AppData\Local\VideoComparer
2021-01-29 15:06 - 2021-01-29 15:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Comparer
2021-01-29 15:06 - 2021-01-29 15:06 - 000000000 ____D C:\Program Files\VideoComparer
2021-01-29 15:05 - 2021-01-29 15:05 - 014373040 _____ (Video Comparer) C:\Users\Richard\Downloads\VideoComparer_Win64_1.07.002.exe
2021-01-29 01:02 - 2021-01-29 01:02 - 002100755 _____ C:\Users\Richard\Downloads\beletrie_2020.pdf
2021-01-29 00:59 - 2021-01-29 00:59 - 002534603 _____ C:\Users\Richard\Downloads\[SkT]Ebook_2020_(CZ).torrent
2021-01-29 00:58 - 2021-01-29 00:58 - 000010371 _____ C:\Users\Richard\Downloads\[SkT]dTest_09-12_2020_(CZ).torrent
2021-01-29 00:58 - 2021-01-29 00:58 - 000002591 _____ C:\Users\Richard\Downloads\[SkT]dTest_01_2021_(CZ).torrent
2021-01-28 19:20 - 2021-01-28 19:20 - 000012041 _____ C:\Users\Richard\Downloads\[SkT]Havel_(2020)(CZ)[WebRip][720p]_=_CSFD_62%.torrent
2021-01-28 19:19 - 2021-01-28 19:19 - 000018025 _____ C:\Users\Richard\Downloads\[SkT]Pokoj___The_Room_(2019)(CZ)[1080p]_=_CSFD_66%.torrent
2021-01-28 16:39 - 2021-01-28 16:39 - 000119737 _____ C:\Users\Richard\Downloads\[SkT]Star_Wars_KOMPLET_FILMY_(1977-2020_1080p_CZ)_=_CSFD_88%.torrent
2021-01-28 14:09 - 2021-01-28 14:09 - 000017527 _____ C:\Users\Richard\Downloads\[SkT]Laska_v_male_Italii___Little_Italy_(2018)(SK)[WebRip][1080p]_=_CSFD_56%.torrent
2021-01-28 14:07 - 2021-01-28 14:07 - 000012697 _____ C:\Users\Richard\Downloads\[SkT]Vrazedna_stena___Nordwand_(2008)(CZ)_=_CSFD_82%.torrent
2021-01-27 23:48 - 2021-01-27 23:48 - 000000020 ___SH C:\Users\Katinka\ntuser.ini
2021-01-27 23:48 - 2021-01-27 23:48 - 000000000 ____D C:\Users\Katinka\AppData\Roaming\TeamViewer
2021-01-27 23:48 - 2021-01-27 23:48 - 000000000 ____D C:\Users\Katinka\AppData\Local\TeamViewer
2021-01-27 23:48 - 2021-01-27 23:48 - 000000000 ____D C:\Users\Katinka\AppData\Local\PlaceholderTileLogoFolder
2021-01-27 22:52 - 2021-01-27 22:52 - 000043979 _____ C:\Users\Richard\Downloads\Program - Online koncert - 28012021.pdf
2021-01-27 18:46 - 2021-01-27 18:46 - 000512765 _____ C:\Users\Richard\Downloads\5114617373.pdf
2021-01-27 15:32 - 2021-01-27 15:32 - 000000000 ____D C:\Users\Richard\Downloads\Ziadost dane 2020
2021-01-26 23:25 - 2021-02-05 14:27 - 000003206 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2021-01-26 23:25 - 2021-02-05 14:27 - 000002174 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-01-26 23:25 - 2021-02-05 14:27 - 000000000 ___RD C:\Users\Katinka\OneDrive
2021-01-26 23:25 - 2021-01-26 23:25 - 000000000 ___RD C:\Users\Default\OneDrive
2021-01-26 23:25 - 2021-01-26 23:25 - 000000000 ___RD C:\Users\Default User\OneDrive
2021-01-26 23:24 - 2021-02-06 16:37 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2021-01-26 23:21 - 2021-02-01 22:31 - 000000000 ____D C:\Users\Richard\OneDrive\Dokumenty\TrackmaniaTurbo
2021-01-26 23:21 - 2021-01-26 23:21 - 000000000 ___HD C:\OneDriveTemp
2021-01-26 23:21 - 2021-01-26 23:21 - 000000000 ____D C:\Users\Richard\OneDrive\Dokumenty\WD TV®_files
2021-01-26 23:21 - 2021-01-26 23:21 - 000000000 ____D C:\Users\Richard\OneDrive\Dokumenty\Vlastní šablony Office
2021-01-26 23:21 - 2021-01-26 23:21 - 000000000 ____D C:\Users\Richard\OneDrive\Dokumenty\Updater5
2021-01-26 23:21 - 2021-01-26 23:21 - 000000000 ____D C:\Users\Richard\OneDrive\Dokumenty\PassMark
2021-01-26 23:21 - 2021-01-26 23:21 - 000000000 ____D C:\Users\Richard\OneDrive\Dokumenty\NFS Most Wanted
2021-01-26 23:21 - 2021-01-26 23:21 - 000000000 ____D C:\Users\Richard\OneDrive\Dokumenty\MyScans
2021-01-26 23:21 - 2021-01-26 23:21 - 000000000 ____D C:\Users\Richard\OneDrive\Dokumenty\MuseScore3
2021-01-26 23:21 - 2021-01-26 23:21 - 000000000 ____D C:\Users\Richard\OneDrive\Dokumenty\MAXON
2021-01-26 23:21 - 2021-01-26 23:21 - 000000000 ____D C:\Users\Richard\OneDrive\Dokumenty\3DMark
2021-01-26 23:21 - 2017-08-08 18:09 - 000062266 _____ C:\Users\Richard\OneDrive\Dokumenty\WD TV®.html
2021-01-26 23:21 - 2017-05-11 13:05 - 000000868 _____ C:\Users\Richard\OneDrive\Dokumenty\Internet Explorer.lnk
2021-01-26 23:21 - 2017-03-27 16:41 - 003289702 _____ C:\Users\Richard\OneDrive\Dokumenty\Pirates-of-the-Caribbean-1-book-=) (1).pdf
2021-01-26 23:21 - 2017-03-20 17:37 - 000865801 _____ C:\Users\Richard\OneDrive\Dokumenty\Pirates-of-the-Caribbean---Piano-Arrangement.pdf
2021-01-26 23:21 - 2017-03-13 15:41 - 000139692 _____ C:\Users\Richard\OneDrive\Dokumenty\[Free-scores.com]_telemann-georg-philipp-sonata-1-in-f-major-for-harp-48212.pdf
2021-01-26 23:21 - 2017-03-13 15:39 - 000104108 _____ C:\Users\Richard\OneDrive\Dokumenty\telemann-sonata-no1-in-f-major-vivace.pdf
2021-01-26 23:21 - 2017-01-20 14:17 - 000000290 _____ C:\Users\Richard\OneDrive\Dokumenty\Kafe zahranicne.txt
2021-01-26 23:21 - 2016-09-18 10:39 - 001342213 _____ C:\Users\Richard\OneDrive\Dokumenty\História a vývoj tlačových médií.pptx
2021-01-26 21:03 - 2021-02-16 09:55 - 000000000 ____D C:\Program Files (x86)\Steam
2021-01-26 21:03 - 2021-01-26 21:03 - 000000000 ____D C:\Users\Richard\AppData\Local\Steam
2021-01-26 21:03 - 2021-01-26 21:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2021-01-26 21:02 - 2021-01-26 21:02 - 001573568 _____ C:\Users\Richard\Downloads\SteamSetup.exe
2021-01-26 20:52 - 2021-01-26 20:52 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2021-01-26 20:43 - 2021-01-26 20:43 - 024690748 _____ C:\Users\Richard\OneDrive\Dokumenty\Robmitozas.mxf
2021-01-26 20:43 - 2021-01-26 20:43 - 000014032 _____ C:\Users\Richard\OneDrive\Dokumenty\Robmitozas.mxf.sfk
2021-01-26 20:43 - 2021-01-26 20:43 - 000000076 _____ C:\Users\Richard\OneDrive\Dokumenty\Robmitozas.mxf.sfl
2021-01-26 19:58 - 2021-01-26 20:50 - 000000000 ____D C:\Users\Richard\AppData\Roaming\VEGAS
2021-01-26 19:58 - 2021-01-26 19:58 - 000000000 ____D C:\Users\Richard\AppData\Roaming\VEGAS Pro
2021-01-26 19:58 - 2021-01-26 19:58 - 000000000 ____D C:\Users\Richard\AppData\Roaming\MAGIX
2021-01-26 19:58 - 2021-01-26 19:58 - 000000000 ____D C:\Users\Richard\AppData\Local\VEGAS Pro
2021-01-26 19:58 - 2021-01-26 19:58 - 000000000 ____D C:\Users\Richard\AppData\Local\Sony
2021-01-26 19:58 - 2021-01-26 19:58 - 000000000 ____D C:\Users\Richard\AppData\Local\Plugin.OfxStitch
2021-01-26 19:58 - 2021-01-26 19:58 - 000000000 ____D C:\Users\Richard\AppData\Local\Plugin.ofx360Stabilizer
2021-01-26 19:58 - 2021-01-26 19:58 - 000000000 ____D C:\Users\Richard\AppData\Local\Plugin.MxOfxRotation
2021-01-26 19:58 - 2021-01-26 19:58 - 000000000 ____D C:\Users\Richard\AppData\Local\MAGIX
2021-01-26 19:57 - 2021-01-26 19:57 - 000000000 ____D C:\ProgramData\Magix
2021-01-26 19:56 - 2021-01-26 19:56 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Sony
2021-01-26 19:56 - 2021-01-26 19:56 - 000000000 ____D C:\Users\Richard\AppData\Local\VEGAS
2021-01-26 19:56 - 2021-01-26 19:56 - 000000000 ____D C:\ProgramData\VEGAS Pro
2021-01-26 19:56 - 2021-01-26 19:56 - 000000000 ____D C:\ProgramData\VEGAS
2021-01-26 19:56 - 2021-01-26 19:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS
2021-01-26 19:56 - 2021-01-26 19:56 - 000000000 ____D C:\Program Files\VEGAS
2021-01-26 19:56 - 2021-01-26 19:56 - 000000000 ____D C:\Program Files (x86)\VEGAS
2021-01-26 10:29 - 2021-01-26 11:19 - 215884026 _____ C:\Users\Richard\Downloads\Maria_Blahova_Caravan.mp4
2021-01-26 10:29 - 2021-01-26 10:29 - 052371949 _____ C:\Users\Richard\Downloads\Maria_Blahova_Caravan_bezpodkladu.mp4
2021-01-25 15:37 - 2021-01-25 15:38 - 000000000 ___HD C:\Users\Richard\Downloads\[Originals]
2021-01-25 15:09 - 2021-01-25 15:09 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2021-01-25 15:09 - 2021-01-25 15:09 - 000000000 ____D C:\Program Files (x86)\ASIO4ALL v2
2021-01-25 14:55 - 2021-01-25 14:55 - 000000000 ____D C:\Users\Richard\Downloads\Brouk Bohuslav - Sport - stoupa života _ Český Sigmund Freud (Hmyzí Silvestr 2002)
2021-01-25 14:55 - 2021-01-25 14:55 - 000000000 ____D C:\Users\Richard\Downloads\Bohuslav Brouk - Choditi s koulí na noze je sotva vtipný nápad
2021-01-25 14:15 - 2009-10-11 21:58 - 001177600 _____ (AD) C:\WINDOWS\SysWOW64\SYNSOEMU.DLL
2021-01-25 14:14 - 2021-01-25 14:14 - 000000000 ____D C:\ProgramData\VST3 Presets
2021-01-25 14:13 - 2021-01-25 14:13 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg HALionOne
2021-01-25 14:13 - 2021-01-25 14:13 - 000000000 ____D C:\ProgramData\Steinberg
2021-01-25 14:11 - 2021-01-25 14:16 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Steinberg
2021-01-25 14:11 - 2021-01-25 14:15 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase 5
2021-01-25 14:11 - 2021-01-25 14:11 - 000000000 ____D C:\Program Files (x86)\Steinberg
2021-01-24 21:54 - 2021-01-24 21:54 - 077493402 _____ C:\Users\Richard\Downloads\Brouk Bohuslav - Sport - stoupa života _ Český Sigmund Freud (Hmyzí Silvestr 2002).zip
2021-01-24 21:54 - 2021-01-24 21:54 - 059021281 _____ C:\Users\Richard\Downloads\Bohuslav Brouk - Choditi s koulí na noze je sotva vtipný nápad.rar
2021-01-24 21:54 - 2021-01-24 21:54 - 058119796 _____ C:\Users\Richard\Downloads\Víkendová příloha - Kamen Jiří - Český Sigmund Freud (Bohuslav Brouk).rar
2021-01-24 18:15 - 2021-01-24 18:15 - 000017653 _____ C:\Users\Richard\Downloads\[SkT]Sarlatan_(2020)(CZ)[WebRip][1080p]_=_CSFD_79%.torrent
2021-01-24 18:10 - 2021-01-24 18:10 - 000151195 _____ C:\Users\Richard\Downloads\[SkT]____Koruna___The_Crown_-_2._serie_(CZ)[WebRip][1080p]_=_CSFD_90%.torrent
2021-01-24 18:01 - 2021-01-24 18:01 - 000043676 _____ C:\Users\Richard\Downloads\[SkT]____Koruna___The_Crown_-_1._serie_(CZ)[WebRip][1080p]_=_CSFD_90%.torrent
2021-01-23 18:29 - 2021-02-11 12:05 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-01-23 18:29 - 2021-02-11 12:05 - 000003386 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6f120800843a7
2021-01-23 10:39 - 2021-01-23 10:40 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2021-01-23 10:38 - 2021-01-23 10:39 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-01-23 10:38 - 2021-01-23 10:38 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-01-23 10:37 - 2021-01-23 10:37 - 000000000 ____D C:\ProgramData\ssh
2021-01-23 10:34 - 2021-01-23 10:34 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-01-23 10:34 - 2021-01-23 10:34 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-01-23 10:34 - 2021-01-23 10:34 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-01-23 10:34 - 2021-01-23 10:34 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-23 10:34 - 2021-01-23 10:34 - 000707544 _____ C:\WINDOWS\system32\TextShaping.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-23 10:34 - 2021-01-23 10:34 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-23 10:34 - 2021-01-23 10:34 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-23 10:34 - 2021-01-23 10:34 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000467968 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-23 10:34 - 2021-01-23 10:34 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-23 10:34 - 2021-01-23 10:34 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2021-01-23 10:34 - 2021-01-23 10:34 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-23 10:34 - 2021-01-23 10:34 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2021-01-23 10:34 - 2021-01-23 10:34 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-23 10:34 - 2021-01-23 10:34 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-01-23 10:34 - 2021-01-23 10:34 - 000138056 _____ C:\WINDOWS\system32\HvsiManagementApi.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-23 10:34 - 2021-01-23 10:34 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb
2021-01-23 10:34 - 2021-01-23 10:34 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb
2021-01-23 10:34 - 2021-01-23 10:34 - 000111616 _____ C:\WINDOWS\system32\RDVGHelper.exe
2021-01-23 10:34 - 2021-01-23 10:34 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000101704 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-23 10:34 - 2021-01-23 10:34 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-23 10:34 - 2021-01-23 10:34 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-01-23 10:34 - 2021-01-23 10:34 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv
2021-01-23 10:34 - 2021-01-23 10:34 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2021-01-23 10:34 - 2021-01-23 10:34 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2021-01-23 10:33 - 2021-01-23 10:33 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2021-01-23 10:33 - 2021-01-23 10:33 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-23 10:33 - 2021-01-23 10:33 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-23 10:33 - 2021-01-23 10:33 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-01-23 10:33 - 2021-01-23 10:33 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-01-23 10:33 - 2021-01-23 10:33 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-23 10:33 - 2021-01-23 10:33 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2021-01-23 10:33 - 2021-01-23 10:33 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-23 10:33 - 2021-01-23 10:33 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2021-01-23 10:33 - 2021-01-23 10:33 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-23 10:33 - 2021-01-23 10:33 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2021-01-23 10:33 - 2021-01-23 10:33 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2021-01-23 10:33 - 2021-01-23 10:33 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv
2021-01-23 10:33 - 2021-01-23 10:33 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-01-23 10:30 - 2021-01-23 10:30 - 000000000 ____D C:\WINDOWS\system32\sk
2021-01-23 10:28 - 2021-01-23 10:28 - 000000000 ____D C:\Program Files\Reference Assemblies
2021-01-23 10:28 - 2021-01-23 10:28 - 000000000 ____D C:\Program Files\MSBuild
2021-01-23 10:28 - 2021-01-23 10:28 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2021-01-23 10:28 - 2021-01-23 10:28 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-01-23 01:47 - 2021-01-23 01:47 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-01-23 01:45 - 2021-02-15 13:43 - 000842414 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-23 01:45 - 2021-01-23 01:45 - 000000020 ___SH C:\Users\Richard\ntuser.ini
2021-01-23 01:44 - 2021-02-16 09:55 - 000003130 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2021-01-23 01:44 - 2021-02-16 09:55 - 000003114 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2021-01-23 01:44 - 2021-02-15 12:56 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-23 01:44 - 2021-02-15 10:16 - 000004226 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1610919243
2021-01-23 01:44 - 2021-02-05 17:44 - 000003418 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-01-23 01:44 - 2021-02-05 17:44 - 000003294 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-01-23 01:44 - 2021-01-23 01:44 - 000015243 _____ C:\WINDOWS\diagwrn.xml
2021-01-23 01:44 - 2021-01-23 01:44 - 000015243 _____ C:\WINDOWS\diagerr.xml
2021-01-23 01:44 - 2021-01-23 01:44 - 000003874 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1610919256
2021-01-23 01:44 - 2021-01-23 01:44 - 000003118 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2021-01-23 01:44 - 2021-01-23 01:44 - 000002672 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2021-01-23 01:44 - 2021-01-23 01:44 - 000002590 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2021-01-23 01:44 - 2021-01-23 01:44 - 000002202 _____ C:\WINDOWS\system32\Tasks\StartCN
2021-01-23 01:44 - 2021-01-23 01:44 - 000002122 _____ C:\WINDOWS\system32\Tasks\StartDVR
2021-01-23 01:44 - 2021-01-23 01:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-01-23 01:41 - 2021-02-13 01:55 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-23 01:41 - 2021-02-10 23:16 - 000000000 ____D C:\Users\Katinka
2021-01-23 01:41 - 2021-02-07 01:00 - 000000000 ____D C:\Users\Richard
2021-01-23 01:41 - 2021-02-03 12:06 - 000000000 ____D C:\Users\kioskUser0
2021-01-23 01:41 - 2016-11-01 23:05 - 000099848 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2021-01-23 01:40 - 2021-02-15 23:56 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-23 01:40 - 2021-02-15 12:56 - 000008192 ___SH C:\DumpStack.log.tmp
2021-01-23 01:40 - 2021-02-11 02:06 - 000530440 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-22 22:03 - 2021-01-22 22:03 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2021-01-22 14:36 - 2021-01-23 01:42 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2021-01-22 14:36 - 2021-01-22 14:36 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Zoom
2021-01-21 19:36 - 2021-02-10 10:30 - 000000000 ___DC C:\WINDOWS\Panther
2021-01-21 19:33 - 2021-01-21 19:33 - 000000000 ___HD C:\$WinREAgent
2021-01-21 17:33 - 2021-01-21 17:33 - 041750105 _____ C:\Users\Richard\Downloads\Birdland Blahova.mp4
2021-01-21 15:08 - 2021-01-23 10:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-01-20 23:08 - 2021-02-15 12:56 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-01-20 23:08 - 2021-01-24 17:28 - 000000000 ____D C:\Users\Richard\AppData\Roaming\TeamViewer
2021-01-20 23:08 - 2021-01-21 19:52 - 000000000 ____D C:\Users\Richard\AppData\Local\TeamViewer
2021-01-20 23:08 - 2021-01-20 23:08 - 000001116 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2021-01-20 22:46 - 2021-01-20 22:46 - 000373009 _____ C:\Users\Richard\Downloads\Svetova kultura (1).pdf
2021-01-20 22:24 - 2021-01-20 22:24 - 000373379 _____ C:\Users\Richard\Downloads\svetova kultura.pdf
2021-01-20 19:52 - 2021-01-20 19:52 - 000337013 _____ C:\Users\Richard\Downloads\3_1_I_polrok (1).pdf
2021-01-20 17:46 - 2021-02-01 22:31 - 000000000 ____D C:\ProgramData\TrackmaniaTurbo
2021-01-20 17:36 - 2021-01-20 17:36 - 000000234 _____ C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trackmania Turbo.url
2021-01-20 17:36 - 2021-01-20 17:36 - 000000234 _____ C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Config.url
2021-01-20 17:34 - 2021-02-01 22:32 - 000000000 ____D C:\Users\Richard\AppData\Local\Ubisoft Game Launcher
2021-01-20 17:34 - 2021-01-23 01:42 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2021-01-20 17:34 - 2021-01-20 17:34 - 000000000 ____D C:\ProgramData\Ubisoft
2021-01-20 17:34 - 2021-01-20 17:34 - 000000000 ____D C:\Program Files (x86)\Ubisoft
2021-01-20 16:53 - 2021-01-20 16:53 - 000055452 _____ C:\Users\Richard\Downloads\birdland.mid
2021-01-20 15:53 - 2021-01-23 10:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daum
2021-01-20 15:53 - 2021-01-20 15:53 - 000000000 ____D C:\Users\Richard\AppData\Roaming\PotPlayerMini64
2021-01-20 15:53 - 2021-01-20 15:53 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Daum
2021-01-20 15:53 - 2021-01-20 15:53 - 000000000 ____D C:\Program Files\DAUM
2021-01-19 20:15 - 2021-01-19 20:15 - 000000000 ____D C:\Users\Katinka\AppData\Roaming\Intel Corporation
2021-01-19 20:14 - 2021-01-19 20:14 - 000000000 ____D C:\Users\Katinka\AppData\Local\MicrosoftEdge
2021-01-19 20:14 - 2021-01-19 20:14 - 000000000 ____D C:\Users\Katinka\AppData\Local\Comms
2021-01-19 20:13 - 2021-02-12 15:54 - 000000000 ____D C:\Users\Katinka\AppData\Local\Packages
2021-01-19 20:13 - 2021-02-12 15:52 - 000000000 __SHD C:\Users\Katinka\IntelGraphicsProfiles
2021-01-19 20:13 - 2021-01-27 23:52 - 000000000 ____D C:\Users\Katinka\AppData\Local\Google
2021-01-19 20:13 - 2021-01-27 23:48 - 000000000 ___RD C:\Users\Katinka\3D Objects
2021-01-19 20:13 - 2021-01-19 20:14 - 000000000 ____D C:\Users\Katinka\AppData\Roaming\Adobe
2021-01-19 20:13 - 2021-01-19 20:13 - 000000000 ____D C:\Users\Katinka\AppData\Local\VirtualStore
2021-01-19 20:13 - 2021-01-19 20:13 - 000000000 ____D C:\Users\Katinka\AppData\Local\Publishers
2021-01-19 20:13 - 2021-01-19 20:13 - 000000000 ____D C:\Users\Katinka\AppData\Local\ConnectedDevicesPlatform
2021-01-19 20:12 - 2021-01-19 20:13 - 000000000 ____D C:\Users\Katinka\AppData\Local\AMD
2021-01-19 18:55 - 2012-09-26 16:48 - 000000584 _____ C:\WINDOWS\hpomdl28.dat.temp
2021-01-19 18:54 - 2021-01-19 18:54 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Macromedia
2021-01-19 18:53 - 2021-01-19 18:54 - 000000000 ____D C:\Users\Richard\AppData\Roaming\HP
2021-01-19 18:53 - 2021-01-19 18:53 - 000000000 ____D C:\ProgramData\WEBREG
2021-01-19 18:52 - 2021-01-26 19:41 - 000000000 ____D C:\Users\Richard\AppData\Roaming\HpUpdate
2021-01-19 18:52 - 2021-01-19 18:52 - 000001398 _____ C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk
2021-01-19 18:52 - 2021-01-19 18:52 - 000001078 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
2021-01-19 18:52 - 2021-01-19 18:52 - 000000000 ____D C:\ProgramData\HP Product Assistant
2021-01-19 18:52 - 2021-01-19 18:52 - 000000000 ____D C:\ProgramData\HP Photo Creations
2021-01-19 18:52 - 2021-01-19 18:52 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2021-01-19 18:52 - 2021-01-19 18:52 - 000000000 ____D C:\Program Files (x86)\HP Photo Creations
2021-01-19 18:51 - 2021-01-23 10:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2021-01-19 18:51 - 2021-01-19 18:52 - 000000000 ____D C:\Program Files (x86)\HP
2021-01-19 18:50 - 2021-01-19 18:55 - 000188219 _____ C:\WINDOWS\hpoins28.dat
2021-01-19 18:50 - 2012-09-26 16:48 - 000000584 _____ C:\WINDOWS\hpomdl28.dat
2021-01-19 18:48 - 2021-01-19 18:53 - 000000000 ____D C:\ProgramData\HP
2021-01-19 18:48 - 2012-09-25 08:52 - 003867040 _____ C:\WINDOWS\system32\PortChanger.exe
2021-01-19 18:48 - 2012-09-25 08:52 - 000151968 ____N (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\Dot4.sys
2021-01-19 18:48 - 2012-09-25 08:52 - 000049056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dot4usb.sys
2021-01-19 18:48 - 2012-09-25 08:52 - 000027040 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\Dot4Prt.sys
2021-01-19 18:48 - 2009-07-14 02:41 - 000046080 _____ (Hewlett-Packard Corporation) C:\WINDOWS\system32\hpz3lw71.dll
2021-01-19 18:48 - 2009-07-08 11:51 - 000938496 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpowiax7.dll
2021-01-19 18:48 - 2009-07-08 11:51 - 000740864 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\hpotscl6.dll
2021-01-19 18:48 - 2009-07-08 11:51 - 000551424 _____ (Hewlett-Packard) C:\WINDOWS\system32\hppldcoi.dll
2021-01-19 18:48 - 2009-07-08 11:51 - 000505344 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\hpovst15.dll
2021-01-19 18:30 - 2021-02-10 20:46 - 000000000 ____D C:\Users\Richard\AppData\Roaming\MuseScore
2021-01-19 18:30 - 2021-01-23 01:42 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MuseScore 3
2021-01-19 18:30 - 2021-01-19 18:30 - 000000000 ____D C:\Users\Richard\AppData\Local\MuseScore
2021-01-19 18:30 - 2021-01-19 18:30 - 000000000 ____D C:\Program Files\MuseScore 3
2021-01-19 17:19 - 2021-01-19 17:19 - 000000000 ___HD C:\Users\kioskUser0\MicrosoftEdgeBackups
2021-01-19 17:05 - 2021-01-19 17:05 - 000000000 ____D C:\Users\kioskUser0\AppData\Local\PlaceholderTileLogoFolder
2021-01-19 15:33 - 2021-01-19 15:33 - 000037361 _____ C:\Users\Richard\Downloads\Orange_doklad_FR_202012_CNnull_SN0902876219.pdf
2021-01-19 15:33 - 2021-01-19 15:33 - 000037056 _____ C:\Users\Richard\Downloads\Orange_doklad_FR_202012_CNnull_SN0949811763.pdf
2021-01-18 23:47 - 2021-01-18 23:47 - 000000000 ____D C:\Users\Richard\AppData\Local\OneDrive
2021-01-18 21:48 - 2021-01-21 15:08 - 000002411 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-01-18 21:48 - 2021-01-21 15:08 - 000002410 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-01-18 21:48 - 2021-01-21 15:08 - 000002373 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-01-18 21:47 - 2021-02-15 10:17 - 000000000 ____D C:\Program Files\Microsoft Office
2021-01-18 21:47 - 2021-01-18 21:47 - 000000000 ____D C:\Program Files\Microsoft Office 15
2021-01-18 21:47 - 2021-01-18 21:47 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2021-01-18 20:32 - 2021-01-20 15:52 - 000000000 ____D C:\Program Files\VideoLAN
2021-01-18 20:06 - 2021-01-18 20:06 - 000000000 ____D C:\Users\defaultuser100000
2021-01-18 15:59 - 2021-01-18 15:59 - 000337013 _____ C:\Users\Richard\Downloads\3_1_I_polrok.pdf
2021-01-18 15:36 - 2021-01-20 15:29 - 000000000 ____D C:\Users\Richard\AppData\Local\Adobe
2021-01-18 15:36 - 2021-01-20 15:29 - 000000000 ____D C:\ProgramData\Adobe
2021-01-18 15:36 - 2021-01-18 15:37 - 000000000 ____D C:\Users\Richard\AppData\LocalLow\Netopsystems
2021-01-18 00:47 - 2021-01-18 00:47 - 000014230 _____ C:\Users\Richard\Downloads\[SkT]Windows_10_Permanent_Activator_ultimate__ALL (1).torrent
2021-01-18 00:40 - 2021-01-18 00:40 - 000014230 _____ C:\Users\Richard\Downloads\[SkT]Windows_10_Permanent_Activator_ultimate__ALL.torrent
2021-01-18 00:37 - 2021-01-18 00:37 - 000000000 ____D C:\Users\kioskUser0\AppData\Local\cache
2021-01-18 00:33 - 2021-01-22 15:07 - 000000000 ____D C:\Users\Richard\AppData\Local\CrashDumps
2021-01-18 00:32 - 2021-01-18 00:32 - 000000000 ____D C:\Users\kioskUser0\AppData\Local\Google
2021-01-18 00:28 - 2021-02-05 14:27 - 000000000 ___RD C:\Users\Richard\OneDrive
2021-01-18 00:24 - 2021-01-18 21:27 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-01-17 23:10 - 2021-01-23 10:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-01-17 23:10 - 2021-01-23 01:42 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-01-17 23:10 - 2021-01-18 00:32 - 000000000 ____D C:\Program Files\WinRAR
2021-01-17 23:10 - 2021-01-17 23:10 - 000000000 ____D C:\Users\Richard\AppData\Roaming\WinRAR
2021-01-17 23:09 - 2021-01-17 23:09 - 000016964 _____ C:\Users\Richard\Downloads\[SkT]____WinRAR_v.5.90_Final_Official_(x86_x64)(CZ_SK).torrent
2021-01-17 23:06 - 2021-01-17 23:06 - 000002327 _____ C:\Users\Richard\Downloads\[SkT]WinRAR_v.6.00_Final_Official_(x86_x64).torrent
2021-01-17 23:06 - 2021-01-17 23:06 - 000002327 _____ C:\Users\Richard\Downloads\[SkT]WinRAR_v.6.00_Final_Official_(x86_x64) (1).torrent
2021-01-17 22:59 - 2021-01-17 22:59 - 000009613 _____ C:\Users\Richard\Downloads\[SkT]AAct_4.0_Release_1.torrent
2021-01-17 22:48 - 2021-01-17 22:48 - 000027319 _____ C:\Users\Richard\Downloads\[SkT]Microsoft_Office_Professional_Plus_2019_MSO_(16.0.11929.20370) (1).torrent
2021-01-17 22:45 - 2021-02-16 10:14 - 000000000 ____D C:\Users\Richard\AppData\Roaming\BitTorrent
2021-01-17 22:45 - 2021-01-18 00:32 - 000000000 ____D C:\ProgramData\Avast Software
2021-01-17 22:38 - 2021-01-17 22:40 - 004898768 _____ (BitTorrent Inc.) C:\Users\Richard\Downloads\BitTorrent.exe
2021-01-17 22:35 - 2021-01-17 22:35 - 000027319 _____ C:\Users\Richard\Downloads\[SkT]Microsoft_Office_Professional_Plus_2019_MSO_(16.0.11929.20370).torrent
2021-01-17 22:34 - 2021-02-16 09:56 - 000000000 ____D C:\Users\Richard\AppData\Local\BitTorrentHelper
2021-01-17 22:34 - 2021-02-15 10:16 - 000001415 _____ C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2021-01-17 22:34 - 2021-01-23 10:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2021-01-17 22:34 - 2021-01-17 22:34 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Lavasoft
2021-01-17 22:34 - 2021-01-17 22:34 - 000000000 ____D C:\Users\Richard\AppData\Local\Opera Software
2021-01-17 22:34 - 2021-01-17 22:34 - 000000000 ____D C:\Users\Richard\AppData\Local\Lavasoft
2021-01-17 22:34 - 2021-01-17 22:34 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2021-01-17 22:33 - 2021-01-25 12:40 - 000000000 ____D C:\Users\Richard\AppData\Roaming\BitTorrent Web
2021-01-17 22:33 - 2021-01-18 00:33 - 000001893 _____ C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitTorrent Web.lnk
2021-01-17 22:33 - 2021-01-17 22:33 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Opera Software
2021-01-17 22:33 - 2021-01-17 22:33 - 000000000 ____D C:\ProgramData\Lavasoft
2021-01-17 22:19 - 2021-01-23 10:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACD Systems
2021-01-17 22:19 - 2021-01-17 22:19 - 000000000 ____D C:\Users\Richard\AppData\Roaming\ACD Systems
2021-01-17 22:19 - 2021-01-17 22:19 - 000000000 ____D C:\Users\Richard\AppData\Local\ACD Systems
2021-01-17 22:19 - 2021-01-17 22:19 - 000000000 ____D C:\ProgramData\ACD Systems
2021-01-17 22:19 - 2021-01-17 22:19 - 000000000 ____D C:\Program Files\Common Files\ACD Systems
2021-01-17 22:19 - 2021-01-17 22:19 - 000000000 ____D C:\Program Files\ACD Systems
2021-01-17 21:57 - 2021-01-17 21:57 - 000000000 ____D C:\Users\Richard\AppData\Local\PeerDistRepub
2021-01-17 21:45 - 2021-01-17 21:45 - 000000000 ____D C:\Users\kioskUser0\AppData\Local\Comms
2021-01-17 21:38 - 2021-02-09 22:51 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-17 21:37 - 2021-01-17 21:40 - 000000000 ____D C:\Users\Richard\AppData\Local\Google
2021-01-17 21:37 - 2021-01-17 21:37 - 000000000 ____D C:\Program Files\Google
2021-01-17 21:37 - 2021-01-17 21:37 - 000000000 ____D C:\Program Files (x86)\Google
2021-01-17 21:30 - 2021-02-05 14:27 - 000000000 ___RD C:\Users\kioskUser0\OneDrive
2021-01-17 21:30 - 2021-01-17 21:30 - 000000000 ____D C:\Users\kioskUser0\AppData\Roaming\Intel Corporation
2021-01-17 21:30 - 2021-01-17 21:30 - 000000000 ____D C:\Users\kioskUser0\AppData\Local\MicrosoftEdge
2021-01-17 21:29 - 2021-01-23 01:42 - 000000000 ____D C:\Users\kioskUser0\AppData\Local\Packages
2021-01-17 21:29 - 2021-01-19 16:23 - 000000000 __SHD C:\Users\kioskUser0\IntelGraphicsProfiles
2021-01-17 21:29 - 2021-01-18 19:23 - 000000000 ____D C:\Users\kioskUser0\AppData\Roaming\Adobe
2021-01-17 21:29 - 2021-01-18 00:37 - 000000000 ____D C:\Users\kioskUser0\AppData\Local\AMD
2021-01-17 21:29 - 2021-01-17 21:29 - 000000000 ___RD C:\Users\kioskUser0\3D Objects
2021-01-17 21:29 - 2021-01-17 21:29 - 000000000 ____D C:\Users\kioskUser0\AppData\Local\VirtualStore
2021-01-17 21:29 - 2021-01-17 21:29 - 000000000 ____D C:\Users\kioskUser0\AppData\Local\Publishers
2021-01-17 21:29 - 2021-01-17 21:29 - 000000000 ____D C:\Users\kioskUser0\AppData\Local\ConnectedDevicesPlatform
2021-01-17 21:22 - 2021-01-25 19:21 - 000000000 ____D C:\Users\Richard\AppData\Local\D3DSCache
2021-01-17 19:02 - 2021-01-23 10:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESI
2021-01-17 19:02 - 2021-01-17 19:02 - 000000000 ____D C:\Users\Richard\Downloads\Juli@-x2v-v1_21
2021-01-17 19:02 - 2021-01-17 19:02 - 000000000 ____D C:\Program Files\ESI
2021-01-17 19:02 - 2021-01-17 19:02 - 000000000 ____D C:\Program Files\DIFX
2021-01-17 19:02 - 2015-09-16 10:25 - 000514792 _____ (ESI Audiotechnik GmbH) C:\WINDOWS\system32\JulaPAN.exe
2021-01-17 19:02 - 2015-09-16 10:25 - 000126696 _____ (ESI Audiotechnik GmbH) C:\WINDOWS\system32\JulaASIO.dll
2021-01-17 19:02 - 2015-09-16 10:25 - 000111336 _____ (ESI Audiotechnik GmbH) C:\WINDOWS\SysWOW64\JulaASIO32.dll
2021-01-17 19:02 - 2015-09-16 10:25 - 000062696 _____ (ESI Audiotechnik GmbH) C:\WINDOWS\system32\Drivers\Jula.sys
2021-01-17 19:02 - 2015-09-16 10:25 - 000045288 _____ (ESI Audiotechnik GmbH) C:\WINDOWS\system32\Drivers\JulaWDM.sys
2021-01-17 18:58 - 2021-01-17 18:58 - 000000000 ____D C:\Users\Richard\AppData\Local\ElevatedDiagnostics
2021-01-17 02:04 - 2021-01-17 02:07 - 000000000 ___HD C:\$SysReset

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-16 09:56 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-16 09:55 - 2021-01-16 17:27 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-02-16 09:55 - 2021-01-16 17:27 - 000000000 __SHD C:\Users\Richard\IntelGraphicsProfiles
2021-02-15 13:43 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-02-15 12:55 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2021-02-14 20:46 - 2021-01-16 09:18 - 000000000 ____D C:\Users\Richard\AppData\Local\Packages
2021-02-13 01:55 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-13 01:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-12 15:52 - 2021-01-16 09:16 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-02-11 02:05 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-11 02:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-11 02:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-11 02:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-11 02:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-11 02:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-11 02:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-11 02:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-11 02:05 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-11 02:05 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-02-11 00:34 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-11 00:29 - 2021-01-16 09:31 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-11 00:27 - 2021-01-16 09:31 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-01 14:08 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-29 18:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-01-29 15:06 - 2021-01-16 09:43 - 000000000 ____D C:\ProgramData\Package Cache
2021-01-23 10:40 - 2021-01-16 17:32 - 000000000 ____D C:\Program Files\UNP
2021-01-23 10:40 - 2021-01-16 10:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PerformanceTest
2021-01-23 10:40 - 2021-01-16 10:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Software
2021-01-23 10:40 - 2021-01-16 10:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2021-01-23 10:40 - 2021-01-16 09:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2021-01-23 10:40 - 2021-01-16 09:54 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2021-01-23 10:40 - 2021-01-16 09:43 - 000000000 ____D C:\Program Files\Intel
2021-01-23 10:40 - 2019-12-07 10:18 - 000000000 ____D C:\WINDOWS\Setup
2021-01-23 10:40 - 2019-12-07 10:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-01-23 10:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-01-23 10:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\spool
2021-01-23 10:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-01-23 10:40 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-01-23 10:40 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2021-01-23 10:40 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2021-01-23 10:39 - 2021-01-16 11:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UL
2021-01-23 10:39 - 2021-01-16 09:47 - 000000000 ____D C:\Program Files\Realtek
2021-01-23 10:39 - 2021-01-16 09:22 - 000000000 ____D C:\Program Files\ASUS
2021-01-23 10:39 - 2021-01-16 09:21 - 000000000 ____D C:\WINDOWS\system32\AMD
2021-01-23 10:37 - 2019-12-07 10:54 - 000000000 ___SD C:\WINDOWS\system32\AppV
2021-01-23 10:37 - 2019-12-07 10:54 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-23 10:37 - 2019-12-07 10:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-01-23 10:37 - 2019-12-07 10:54 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-01-23 10:36 - 2019-12-07 10:54 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-01-23 10:36 - 2019-12-07 10:54 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-01-23 10:30 - 2019-12-07 10:52 - 000000000 ____D C:\WINDOWS\OCR
2021-01-23 10:30 - 2019-12-07 10:50 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2021-01-23 10:30 - 2019-12-07 10:50 - 000000000 ____D C:\WINDOWS\system32\WCN
2021-01-23 03:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\appcompat
2021-01-23 02:01 - 2021-01-16 09:35 - 000000000 ____D C:\ProgramData\Packages
2021-01-23 01:46 - 2021-01-16 09:21 - 000000000 ____D C:\Users\Richard\AppData\Local\PlaceholderTileLogoFolder
2021-01-23 01:45 - 2021-01-16 09:58 - 000840598 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2021-01-23 01:45 - 2021-01-16 09:18 - 000000000 ___RD C:\Users\Richard\3D Objects
2021-01-23 01:45 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate
2021-01-23 01:45 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-01-23 01:44 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-23 01:41 - 2021-01-16 17:27 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2021-01-23 01:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-01-23 00:02 - 2021-01-16 09:21 - 000799104 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-01-19 18:53 - 2019-03-19 05:49 - 000000127 _____ C:\WINDOWS\win.ini
2021-01-18 15:36 - 2021-01-16 09:18 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Adobe
2021-01-17 21:21 - 2021-01-16 10:05 - 000000000 ____D C:\Users\Richard\AppData\LocalLow\Mozilla
2021-01-17 18:47 - 2021-01-16 17:27 - 000000000 ____D C:\Intel

==================== Files in the root of some directories ========

2021-02-15 12:45 - 2021-02-15 12:45 - 000000032 _____ () C:\Users\Richard\AppData\Roaming\++.bat
2021-02-15 12:45 - 2021-02-15 12:45 - 000005120 _____ (Microsoft) C:\Users\Richard\AppData\Roaming\0.exe
2021-02-15 12:45 - 2021-02-15 12:45 - 000188416 _____ (NirSoft) C:\Users\Richard\AppData\Roaming\1.exe
2021-02-15 12:49 - 2021-02-15 12:49 - 000000086 _____ () C:\Users\Richard\AppData\Roaming\remoteclient.ini
2021-02-15 12:45 - 2021-02-15 12:45 - 000505093 _____ () C:\Users\Richard\AppData\Roaming\sex.txt
2021-02-15 12:44 - 2021-02-15 12:44 - 000015872 _____ (Microsoft) C:\Users\Richard\AppData\Roaming\specific.exe
2021-02-15 12:48 - 2021-02-15 12:48 - 000458752 _____ () C:\Users\Richard\AppData\Local\sqlite_pass

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================



Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-02-2021
Ran by Richard (16-02-2021 10:15:40)
Running from C:\Users\Richard\OneDrive\Počítač
Windows 10 Pro Version 20H2 19042.804 (X64) (2021-01-23 00:45:03)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3697634085-1141814390-3545286870-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3697634085-1141814390-3545286870-503 - Limited - Disabled)
Guest (S-1-5-21-3697634085-1141814390-3545286870-501 - Limited - Disabled)
Katinka (S-1-5-21-3697634085-1141814390-3545286870-1008 - Limited - Enabled) => C:\Users\Katinka
Richard (S-1-5-21-3697634085-1141814390-3545286870-1001 - Administrator - Enabled) => C:\Users\Richard
WDAGUtilityAccount (S-1-5-21-3697634085-1141814390-3545286870-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DMark (HKLM\...\{C11C8EB4-326A-4224-9424-45DDC2623322}) (Version: 2.16.7117.0 - UL) Hidden
3DMark (HKLM-x32\...\{a0974e13-e65d-475e-99e6-2bbaf41bbdd7}) (Version: 2.16.7117.0 - UL)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
ACDSee Photo Studio Ultimate 2020 (HKLM\...\ACDSee Photo Studio Ultimate 2020) (Version: 13.0.1.2023 - ACD Systems International Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.11.2 - Advanced Micro Devices, Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
BitTorrent (HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\BitTorrent) (Version: 7.10.5.45857 - BitTorrent Inc.)
BitTorrent Web (HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\btweb) (Version: 1.1.3 - BitTorrent, Inc.)
Branding64 (HKLM\...\{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden
BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
Copy (HKLM-x32\...\{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
CrystalDiskInfo 8.10.0 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.10.0 - Crystal Dew World)
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F4200_Software_Min (HKLM-x32\...\{CFA33E6D-2D7D-4785-8025-974398E940D1}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 140.0.185.000 - Hewlett-Packard) Hidden
F4200 (HKLM-x32\...\{C86E1E36-6D30-4834-9C85-5501F31F7BB4}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
F4200_NCL_Help (HKLM-x32\...\{367E84FF-D436-4513-A237-FF638B048761}) (Version: 110.0.206.000 - Hewlett-Packard) Hidden
Futuremark SystemInfo (HKLM-x32\...\{F608ED5F-3818-4F87-A277-E52E8790C039}) (Version: 5.35.871.0 - Futuremark)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.150 - Google LLC)
GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F4200 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{8C925017-72A8-4C4A-AF21-84901E26638F}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
HWiNFO64 Version 6.40 (HKLM\...\HWiNFO64_is1) (Version: 6.40 - Martin Malik - REALiX)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.6.1194 - Intel Corporation)
Intel(R) Network Connections 20.1.2019.0 (HKLM\...\PROSetDX) (Version: 20.1.2019.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{B294CE94-FE0F-4427-910C-180AF9FCFED1}) (Version: 1.0.1.620 - Intel Corporation)
Juli@ PCI Driver version v1.2.1.0 (HKLM\...\{2C649BA4-D482-408F-9148-2EC10E1E3193}_is1) (Version: v1.2.1.0 - ESI-Audiotechnik)
Kodi (HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\Kodi) (Version: - XBMC Foundation)
MarketResearch (HKLM-x32\...\{D360FA88-17C8-4F14-B67F-13AAF9607B12}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.68 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - )
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Volume - cs-cz) (Version: 16.0.13628.20380 - Microsoft Corporation)
Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 21.002.0104.0005 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Mozilla Firefox 84.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 84.0.2 (x64 en-US)) (Version: 84.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 84.0.2 - Mozilla)
MuseScore 3 (HKLM\...\{778D5D3D-5448-40F4-AACC-47D443C3E8A1}) (Version: 3.4.2.9788 - Werner Schweer and Others)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20380 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Opera Stable 74.0.3911.107 (HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\Opera 74.0.3911.107) (Version: 74.0.3911.107 - Opera Software)
PerformanceTest v10.0 (HKLM\...\PerformanceTest 10_is1) (Version: 10.0.1010.0 - Passmark Software)
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 210201 - Kakao Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7848 - Realtek Semiconductor Corp.)
Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
Scribus 1.4.8 (HKLM-x32\...\Scribus 1.4.8) (Version: 1.4.8 - The Scribus Team)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype verzia 8.68 (HKLM-x32\...\Skype_is1) (Version: 8.68 - Skype Technologies S.A.)
SolutionCenter (HKLM-x32\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden
Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.342.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steinberg Cubase 5 (HKLM-x32\...\{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}) (Version: 5.1.0 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 1.0.0.1 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg HALionOne (HKLM-x32\...\{E70E7159-93B1-470D-9FBD-D8E9EF34B538}) (Version: 1.1.0.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Additional Content Set 01 (HKLM-x32\...\{F3AFD063-8BAD-485E-B641-E7F5A2C5AE71}) (Version: 1.0.0.001 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Expression Set (HKLM-x32\...\{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}) (Version: 1.0.1.0 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Drum Set (HKLM-x32\...\{AC997F93-0757-4ED4-A701-F40C2D654D09}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Set (HKLM-x32\...\{F057965A-D974-4C64-ADB1-4381CD4B8956}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Pro Set (HKLM-x32\...\{D82CDA0D-C182-42C8-8FF2-5649C98D6003}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Drum Set (HKLM-x32\...\{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Set (HKLM-x32\...\{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content (HKLM-x32\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 1.0.0.005 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 1.0.0.006 - Steinberg Media Technologies GmbH)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.14.5 - TeamViewer)
Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.596.000 - Hewlett-Packard) Hidden
Trackmania Turbo (HKLM-x32\...\Uplay Install 2070) (Version: - Ubisoft)
Transmission 3.00 (bb6b5a062e) (x64) (HKLM\...\{B206C51C-27D2-4251-95E2-B4B28DE80633}) (Version: 3.00.0 - Transmission Project)
TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 117.0.10324 - Ubisoft)
VEGAS Pro 18.0 (HKLM\...\{75111FE1-CE55-11EA-8B12-00155D43CFCE}) (Version: 18.0.284 - VEGAS)
Video Comparer Win64 (HKLM-x32\...\{6a43795f-0427-4e7b-a1f0-fb351c9c6491}) (Version: 1.7.2 - Video Comparer)
Video Comparer Win64 1.07.002 (HKLM\...\{2ABEE3D8-00C2-4A44-AA66-C7F192D7E4EC}) (Version: 1.07.002 - Video Comparer) Hidden
Web Companion (HKLM-x32\...\{b4a59e41-cba2-46c7-a99b-8a80a0017024}) (Version: 7.0.2388.4219 - Lavasoft)
WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.297.017 - Hewlett-Packard) Hidden
Webshare klient (HKLM-x32\...\Webshare klient) (Version: - )
Windows Driver Package - ESI (Jula.sys) MEDIA (09/16/2015 1.2.1.0) (HKLM\...\9351121A70A5DD84065790FA90941B0BB03521DA) (Version: 09/16/2015 1.2.1.0 - ESI)
WinRAR 5.90 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\ZoomUMX) (Version: 5.4.9 (59931.0110) - Zoom Video Communications, Inc.)

Packages:
=========
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_1.1911.21713.0_x64__8wekyb3d8bbwe [2021-01-27] (Microsoft Corporation)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2021-01-27] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2021-01-23] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2021-02-01] (Microsoft Studios) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.25.20211.0_x64__8wekyb3d8bbwe [2021-01-23] (Microsoft Corporation) [MS Ad]
Rozšírenie pre video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2021-01-17] (Microsoft Corporation)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c [2021-02-01] (Skype)
Your Phone -> C:\Program Files\WindowsApps\Microsoft.YourPhone_0.19051.7.0_x64__8wekyb3d8bbwe [2021-02-01] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3697634085-1141814390-3545286870-1001_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\20.201.1005.0009_1\MicrosoftListSync.exe" => No File
CustomCLSID: HKU\S-1-5-21-3697634085-1141814390-3545286870-1001_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\20.201.1005.0009_1\MicrosoftListSync.exe" => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-01-16 09:22 - 2021-02-15 12:56 - 000036648 _____ (ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2009-11-17 22:58 - 2009-11-17 22:58 - 000342656 _____ (Hewlett Packard -> Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqmif08.dll
2009-11-17 22:58 - 2009-11-17 22:58 - 000559232 _____ (Hewlett Packard -> Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusg.dll
2012-05-27 16:44 - 2012-05-27 16:44 - 000015360 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.rsc
2011-04-29 11:34 - 2011-04-29 11:34 - 000927232 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsem08.rsc
2011-04-29 11:34 - 2011-04-29 11:34 - 000012288 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqstp08.rsc
2011-04-29 19:08 - 2011-04-29 19:08 - 000048128 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc
2010-08-06 11:15 - 2010-08-06 11:15 - 000079872 _____ (Hewlett-Packard) [File not signed] C:\WINDOWS\SYSTEM32\hpzidr12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000054784 _____ (Hewlett-Packard) [File not signed] C:\WINDOWS\SYSTEM32\hpzipr12.dll
2015-06-23 16:00 - 2015-06-23 16:00 - 000285696 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2015-06-23 16:00 - 2015-06-23 16:00 - 000562688 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=BT171002&iDate=2021-01-17 09:34:10&iid=3b49db3c-48f5-4258-af00-dcbcede4dcff&bName=
SearchScopes: HKU\S-1-5-21-3697634085-1141814390-3545286870-1001 -> {993F5746-4C15-42BC-99C1-064A1764271B} URL = hxxps://securesearch.org?q={searchTerms}
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-31] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT
HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3697634085-1141814390-3545286870-1008\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.100.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\StartupApproved\Run: => "btweb"
HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\StartupApproved\Run: => "Opera Browser Assistant"
HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\StartupApproved\Run: => "Web Companion"
HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B64A91DA-D9C7-49DB-BE96-9A190FF95EEC}] => (Allow) C:\Users\Richard\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{D72D9B09-5198-4D7E-AE1A-5DEE4EDCFCA2}] => (Allow) C:\Users\Richard\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{9B0924C2-730A-4B7F-BD44-ACEC2E6A67FB}] => (Allow) C:\Users\Richard\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{1B566F4C-3F0F-417B-B643-03B9F23EA465}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{19340763-4C30-4AC0-9806-983EF7A8F227}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{A198A8F0-2924-4D58-BF0B-D9486BE51922}C:\users\richard\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\richard\appdata\roaming\bittorrent\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{F878BB44-DE8C-4254-8000-D1435EC57AF1}C:\users\richard\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\richard\appdata\roaming\bittorrent\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{D911B001-A672-4A1D-A041-377CE9DBF3C9}C:\users\richard\appdata\roaming\bittorrent web\btweb.exe] => (Allow) C:\users\richard\appdata\roaming\bittorrent web\btweb.exe (Jenkins Win Client Build CA -> BitTorrent Inc.) [File not signed]
FirewallRules: [TCP Query User{085597F5-B5C5-4453-8D9F-A3F8AE5434EB}C:\users\richard\appdata\roaming\bittorrent web\btweb.exe] => (Allow) C:\users\richard\appdata\roaming\bittorrent web\btweb.exe (Jenkins Win Client Build CA -> BitTorrent Inc.) [File not signed]
FirewallRules: [TCP Query User{2EDEA5AB-EFD8-4D1A-9D5A-AA5873489F13}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{3CCA6878-55E6-4A5E-A665-17C996641F4A}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{3141937D-2BC9-4784-929C-578D788A610F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{C3FEE606-E841-4E3B-8FE2-280B7E829FF3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{12C6A28E-305A-4451-A200-6067F74AAB75}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{D6D8BCB9-E791-41E6-B5B1-8845B4404933}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{6F1D6EE4-04BE-4B00-AC17-2FBE95D4EB1E}C:\program files\transmission\transmission-qt.exe] => (Allow) C:\program files\transmission\transmission-qt.exe (SignPath Foundation -> Transmission Project)
FirewallRules: [UDP Query User{C27F2C55-47B6-47C4-AFE9-3ADF5323C0AD}C:\program files\transmission\transmission-qt.exe] => (Allow) C:\program files\transmission\transmission-qt.exe (SignPath Foundation -> Transmission Project)
FirewallRules: [{870859CE-4E48-4FE2-88A0-68DE135D7475}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{788A5923-AB56-4E5D-A1DF-2DF0F19B771C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{CEC4BB71-49CA-4B82-8E29-9143A641E7E8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1D4FF73F-DB2B-45E9-B8DA-CBDCAEBD547E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1F2E61F7-F25C-45AA-94C8-AB196B0A5C99}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{21AB2924-6B77-4428-B45A-33ECAC23D207}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{D685C368-FC26-4B74-BCCD-9B99E5C565AB}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{09361179-AD4C-429A-81E6-00E3721F8FB4}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7720DACE-C3CE-4025-A885-8A9E242DAA4F}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{99CE45D0-E597-4BEF-8AB0-1FFCE4F18817}] => (Allow) C:\Users\Richard\AppData\Local\Programs\Opera\74.0.3911.107\opera.exe (Opera Software AS -> Opera Software)

==================== Restore Points =========================

11-02-2021 00:29:20 Windows Modules Installer

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/15/2021 01:49:17 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-PUNF98O)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (02/14/2021 01:58:58 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť retrim v Giant (D:), pretože: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (02/14/2021 01:58:41 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť retrim v Supernova (E:), pretože: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (02/08/2021 09:08:51 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-PUNF98O)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (02/07/2021 02:31:08 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť retrim v Giant (D:), pretože: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (02/07/2021 02:30:51 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť retrim v Supernova (E:), pretože: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (02/03/2021 05:59:52 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-PUNF98O)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (01/31/2021 04:41:04 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť retrim v Giant (D:), pretože: The operation requested is not supported by the hardware backing the volume. (0x8900002A)


System errors:
=============
Error: (02/16/2021 10:08:39 AM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Filter Manager failed to attach to volume '\Device\HarddiskVolume7'. This volume will be unavailable for filtering until a reboot. The final status was 0xc03a001c.

Error: (02/16/2021 10:08:39 AM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Filter Manager failed to attach to volume '\Device\HarddiskVolume7'. This volume will be unavailable for filtering until a reboot. The final status was 0xc03a001c.

Error: (02/16/2021 10:08:39 AM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Filter Manager failed to attach to volume '\Device\HarddiskVolume7'. This volume will be unavailable for filtering until a reboot. The final status was 0xc03a001c.

Error: (02/16/2021 10:08:39 AM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Filter Manager failed to attach to volume '\Device\HarddiskVolume7'. This volume will be unavailable for filtering until a reboot. The final status was 0xc03a001c.

Error: (02/16/2021 10:08:39 AM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Filter Manager failed to attach to volume '\Device\HarddiskVolume7'. This volume will be unavailable for filtering until a reboot. The final status was 0xc03a001c.

Error: (02/16/2021 10:08:39 AM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Filter Manager failed to attach to volume '\Device\HarddiskVolume7'. This volume will be unavailable for filtering until a reboot. The final status was 0xc03a001c.

Error: (02/16/2021 10:08:39 AM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Filter Manager failed to attach to volume '\Device\HarddiskVolume7'. This volume will be unavailable for filtering until a reboot. The final status was 0xc03a001c.

Error: (02/16/2021 10:08:39 AM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Filter Manager failed to attach to volume '\Device\HarddiskVolume7'. This volume will be unavailable for filtering until a reboot. The final status was 0xc03a001c.

Windows Defender:
================
Date: 2021-02-16 10:15:32
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: PUA:Win32/ICBundler
ID: 286849
Severity: Low
Category: Potentially Unwanted Software
Path: file:_C:\Users\Richard\Downloads\BitTorrent.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Users\Richard\OneDrive\Poc�tac\FRST64.exe
Security intelligence Version: AV: 1.331.1118.0, AS: 1.331.1118.0, NIS: 1.331.1118.0
Engine Version: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-02-15 12:54:58
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Backdoor:MSIL/Bladabindi
ID: 2147678468
Severity: Severe
Category: Backdoor
Path: file:_C:\Users\Richard\AppData\Local\Temp\Rar$EXb11628.7908\SETUP.exe; process:_pid:12088,ProcessStart:132578628549820755
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: System
Process Name: C:\Users\Richard\AppData\Local\Temp\Rar$EXb11628.7908\SETUP.exe
Security intelligence Version: AV: 1.331.1036.0, AS: 1.331.1036.0, NIS: 1.331.1036.0
Engine Version: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-02-15 12:54:57
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Backdoor:MSIL/Bladabindi
ID: 2147678468
Severity: Severe
Category: Backdoor
Path: file:_C:\Users\Richard\AppData\Local\Temp\Rar$EXb11628.7908\SETUP.exe; process:_pid:12088,ProcessStart:132578628549820755
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Users\Richard\AppData\Local\Temp\Rar$EXb11628.7908\SETUP.exe
Security intelligence Version: AV: 1.331.1036.0, AS: 1.331.1036.0, NIS: 1.331.1036.0
Engine Version: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-02-15 12:54:37
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Backdoor:MSIL/Bladabindi
ID: 2147678468
Severity: Severe
Category: Backdoor
Path: file:_C:\Users\Richard\AppData\Local\Temp\Rar$EXb11628.7908\SETUP.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\System32\taskhostw.exe
Security intelligence Version: AV: 1.331.1036.0, AS: 1.331.1036.0, NIS: 1.331.1036.0
Engine Version: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-02-15 12:49:46
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Trojan:Win32/Dynamer!dtc
ID: 2147638124
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Richard\AppData\Roaming\remoteclient.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Users\Richard\AppData\Local\Temp\Rar$EXb11628.7908\SETUP.exe
Security intelligence Version: AV: 1.331.1036.0, AS: 1.331.1036.0, NIS: 1.331.1036.0
Engine Version: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-02-15 12:49:26
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Backdoor:MSIL/Quasar.GG!MTB
ID: 2147772079
Severity: Severe
Category: Backdoor
Path: file:_C:\Users\Richard\AppData\Local\Temp\tmpB31A.tmp.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Users\Richard\AppData\Local\Temp\Rar$EXb11628.7908\SETUP.exe
Security intelligence Version: AV: 1.331.1036.0, AS: 1.331.1036.0, NIS: 1.331.1036.0
Engine Version: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-02-15 12:48:32
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Program:Win32/Wacapew.C!ml
ID: 265744
Severity: Low
Category: Potentially Unwanted Software
Path: file:_C:\Users\Richard\AppData\Roaming\xxxx.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Users\Richard\AppData\Roaming\xxxx.exe
Security intelligence Version: AV: 1.331.1036.0, AS: 1.331.1036.0, NIS: 1.331.1036.0
Engine Version: AM: 1.1.17800.5, NIS: 1.1.17800.5

==================== Memory info ===========================

BIOS: American Megatrends Inc. 2801 11/11/2015
Motherboard: ASUSTeK COMPUTER INC. Z97-AR
Processor: Intel(R) Core(TM) i5-4690K CPU @ 3.50GHz
Percentage of memory in use: 67%
Total physical RAM: 7867.52 MB
Available physical RAM: 2564.05 MB
Total Virtual: 10043.52 MB
Available Virtual: 4354.43 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:223 GB) (Free:149.22 GB) NTFS
Drive d: (Giant) (Fixed) (Total:3725.9 GB) (Free:815.77 GB) NTFS
Drive e: (Supernova) (Fixed) (Total:5588.9 GB) (Free:2664.58 GB) NTFS

\\?\Volume{0af65774-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.57 GB) (Free:0.12 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 0AF65774)
Partition 1: (Active) - (Size=579 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Protective MBR) (Size: 5589 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (Size: 3726 GB) (Disk ID: 44C00C96)

Partition: GPT.

==================== End of Addition.txt =======================

Re: Win Zabezpecenie Zavazna hrozba

Napsal: 16 úno 2021 13:10
od valachmar
Este rar z RSIT
rsit.rar
(47.03 KiB) Staženo 62 x

Re: Win Zabezpecenie Zavazna hrozba

Napsal: 16 úno 2021 13:58
od Rudy
Zdravím!
Zkusíme PC vyčistit. Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: Win Zabezpecenie Zavazna hrozba

Napsal: 16 úno 2021 16:12
od valachmar
Dakujem.
Malwarebytes, ma troska ine prostredie ako pisete,
nainstalovala sa mi 14 dnova free verzia,
dal so scannovat a potom ulozit do karanteny.Tu je log:

Malwarebytes
www.malwarebytes.com

-Podrobnosti denníka-
Dátum skenovania: 16. 2. 2021
Čas skenovania: 15:41
Súbor denníka: ffa85dba-7064-11eb-b44c-10c37b6d33d0.json

-Údaje o softvéri-
Verzia: 4.3.0.98
Verzia súčastí: 1.0.1173
Aktualizovať verziu balíka: 1.0.37201
Licencia: Skúšobná verzia

-Systémové informácie-
OS: Windows 10 (Build 19042.804)
Procesor: x64
Systém súborov: NTFS
Používateľ: DESKTOP-PUNF98O\Richard

-Zhrnutie skenovania-
Typ skenovania: Vyhľadávanie hrozieb
Skenovanie bolo spustené: Manuálne
Výsledok: Dokončené
Preskenované objekty: 335290
Zistené hrozby: 13
Hrozby umiestnené do karantény: 0
Uplynulý čas: 1 min, 13 s

-Možnosti skenovania-
Pamäť: Povolené
Spúšťanie: Povolené
Systém súborov: Povolené
Archívy: Povolené
Rootkity: Zakázané
Heuristika: Povolené
PUP: Zistiť
PUM: Zistiť

-Podrobnosti skenovania-
Proces: 0
(Nezistili sa nijaké škodlivé položky)

Modul: 0
(Nezistili sa nijaké škodlivé položky)

Kľúč databázy Registry: 1
PUP.Optional.SearchYa, HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{993F5746-4C15-42BC-99C1-064A1764271B}, Bez zásahu používateľa, 2160, 242794, 1.0.37201, , ame, , ,

Hodnota databázy Registry: 1
PUP.Optional.SearchYa, HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{993F5746-4C15-42BC-99C1-064A1764271B}|DISPLAYNAME, Bez zásahu používateľa, 2160, 242794, 1.0.37201, , ame, , ,

Údaje databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)

Prúd údajov: 0
(Nezistili sa nijaké škodlivé položky)

Priečinok: 1
PUP.Optional.Delta, C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, Bez zásahu používateľa, 615, 455070, , , , , ,

Súbor: 10
PUP.Optional.Delta, C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000005.ldb, Bez zásahu používateľa, 615, 455070, , , , , C2DD6EF20CD59AB6B613580BD820FC69, EDFE1226D8D9369EFDB4B67EE6D74792F3BDBEE940D77F94B78B24DDD22CA63A
PUP.Optional.Delta, C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\001661.ldb, Bez zásahu používateľa, 615, 455070, , , , , 6624EFCA2F4E924F3CE8269AA57039E6, 25EE63E29C6E66BC680E6AFB345B1D3A437561F4B3CBFB70415D82D5971144E7
PUP.Optional.Delta, C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\001662.log, Bez zásahu používateľa, 615, 455070, , , , , 3CE0394D9F9D4A042A9F250DF93AFBC4, DD33AD4E73914E7DBB41043FA9D9BDA57E3703EFA841F587741F3110C3C18664
PUP.Optional.Delta, C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\001663.ldb, Bez zásahu používateľa, 615, 455070, , , , , 8631137CE9C9B1DC938F8B986E7B48F3, 5758CC73583B0E0B991BE1BC94A951EE5B78D350569DEBAA3C43EFA23F6E7DB7
PUP.Optional.Delta, C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\CURRENT, Bez zásahu používateľa, 615, 455070, , , , , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
PUP.Optional.Delta, C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOCK, Bez zásahu používateľa, 615, 455070, , , , , ,
PUP.Optional.Delta, C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG, Bez zásahu používateľa, 615, 455070, , , , , 9EFAC303C54FDBCF9E03FBD5135F958D, B6BA63C071B6B4F57574CE6FAA4BB2E233F215AA4DA8DB51AF5D6EDD3D9F9C7E
PUP.Optional.Delta, C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old, Bez zásahu používateľa, 615, 455070, , , , , C62C2A934A48AD1F7BBBF540615A2FA0, 5CB7A6B078C9360094A0AC6B1C3B3F30B828B398351EAD7373F847D9F0684FD6
PUP.Optional.Delta, C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000001, Bez zásahu používateľa, 615, 455070, , , , , 2119812F870F030905C9C376A9B06FC3, 5EC4D9DC559FB7404FCF99591F805693B53722C36C9342BC063DB00F9D56F6C3
PUP.Optional.Delta, C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Bez zásahu používateľa, 615, 455070, 1.0.37201, , ame, , 91CC89983081329CF35699E5213DF9EB, D8FDB8CF6B7C79C6EC1A68C3352BADEFF7AC8D6878FF1E309B941A996EE857FF

Fyzický sektor: 0
(Nezistili sa nijaké škodlivé položky)

WMI: 0
(Nezistili sa nijaké škodlivé položky)


(end)

Re: Win Zabezpecenie Zavazna hrozba

Napsal: 16 úno 2021 16:58
od valachmar
Uz to vyzera dobre, len Windows Defender vypisuje
Riesenie sa nedokoncilo,
Zistene: Backdoor:MSIL/Bladabindi
Stav: Zrušené
Tato aplikacia nemusi byt upne napravena.
Tento program poskytuje vzdialený prístup k počítaču, v ktorom je nainštalovaný
Ovplyvnene polozky : file: C:\Users\Richard\AppData\Local\Temp\Rar$EXb11628.7908\SETUP.exe
process: pid:12088,ProcessStart:132578628549820755

Re: Win Zabezpecenie Zavazna hrozba

Napsal: 16 úno 2021 17:11
od Rudy
Nalezené položky smažte (dejte do karantény) a pak dejte nové logy FRST+Addition.

Re: Win Zabezpecenie Zavazna hrozba

Napsal: 16 úno 2021 18:11
od valachmar
Dakujem,
Prikladam FRST a Addiction:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-02-2021
Ran by Richard (administrator) on DESKTOP-PUNF98O (ASUS All Series) (16-02-2021 18:06:49)
Running from C:\Users\Richard\OneDrive\Počítač
Loaded Profiles: Richard
Platform: Windows 10 Pro Version 20H2 19042.804 (X64) Language: Angličtina (USA)
Default browser: Opera
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Richard\AppData\Roaming\BitTorrent\BitTorrent.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Richard\AppData\Roaming\BitTorrent\helper\helper.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Richard\AppData\Roaming\BitTorrent\updates\7.10.5_45857\bittorrentie.exe <2>
(ESI Audiotechnik GmbH -> ESI Audiotechnik GmbH) C:\Windows\System32\JulaPAN.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett Packard -> Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Intel(R) Intel Network Drivers -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(LAVASOFT SOFTWARE CANADA INC -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(MAGIX Software GmbH -> MAGIX Computer Products Intl. Co.) [File not signed] C:\Program Files\VEGAS\VEGAS Pro 18.0\vegas180.exe
(MAGIX Software GmbH -> MAGIX Computer Products Intl. Co.) C:\Program Files\VEGAS\VEGAS Pro 18.0\ErrorReportLauncher.exe
(MAGIX Software GmbH -> MAGIX Computer Products Intl. Co.) C:\Program Files\VEGAS\VEGAS Pro 18.0\x86\FileIOSurrogate.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1002.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_2.34.28001.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <2>
(Opera Software AS -> Opera Software) C:\Users\Richard\AppData\Local\Programs\Opera\74.0.3911.107\opera.exe <12>
(Opera Software AS -> Opera Software) C:\Users\Richard\AppData\Local\Programs\Opera\74.0.3911.107\opera_crashreporter.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
HKLM\...\Run: [RtHDVBg_DTS] => "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /DTSU2P
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [julapan.exe] => C:\Windows\system32\julapan.exe [514792 2015-09-16] (ESI Audiotechnik GmbH -> ESI Audiotechnik GmbH)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\Run: [btweb] => C:\Users\Richard\AppData\Roaming\BitTorrent Web\btweb.exe [5691520 2020-12-18] (Jenkins Win Client Build CA -> BitTorrent Inc.) [File not signed]
HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [8442464 2021-01-17] (LAVASOFT SOFTWARE CANADA INC -> Lavasoft)
HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\Run: [Opera Browser Assistant] => C:\Users\Richard\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3366040 2021-01-14] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3412696 2021-02-13] (Valve -> Valve Corporation)
HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\Run: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1941352 2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\Run: [BitTorrent] => C:\Users\Richard\AppData\Roaming\BitTorrent\BitTorrent.exe [1960416 2021-01-17] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-3697634085-1141814390-3545286870-1008\...\Run: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1941352 2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\PCL hpz3lw71: C:\WINDOWS\system32\hpz3lw71.dll [46080 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\88.0.4324.150\Installer\chrmstp.exe [2021-02-09] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2021-01-19]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {14CA1CEF-3318-47B7-86D2-2ECBC74E5372} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-17] (Google LLC -> Google LLC)
Task: {1797563B-38D4-4545-AEE4-BEE4F8CBB71C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993800 2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {17D42D8E-77AA-4914-A8C2-C57E6B303742} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [2856304 2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {1D9274BB-A3C2-42C6-9B7F-59052CEEFEBD} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-11-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {5AA1B47D-35FB-4999-81FD-14DBA06B7044} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1710464 2020-11-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {608B8562-311F-4FD1-9F0B-CDD0C6399B85} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [693216 2021-01-05] (Mozilla Corporation -> Mozilla Foundation)
Task: {63DB492F-514A-4B02-84AB-6550C5183A3A} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-11-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {670C8D12-809A-4015-9BB9-97B1C14B033A} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {6BFB181D-1739-47E9-B521-1A776DE7F437} - System32\Tasks\Opera scheduled Autoupdate 1610919243 => C:\Users\Richard\AppData\Local\Programs\Opera\launcher.exe [1793688 2021-02-09] (Opera Software AS -> Opera Software)
Task: {8F2417A7-2E9F-4267-BF63-B5A048A0D830} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1710464 2020-11-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {C072A348-D7D7-48AA-A64D-E380E1B016DE} - System32\Tasks\Opera scheduled assistant Autoupdate 1610919256 => C:\Users\Richard\AppData\Local\Programs\Opera\launcher.exe [1793688 2021-02-09] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Richard\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {C835E0DB-DC3F-4B9C-9095-D1BDDE18B049} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1710464 2020-11-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {CE3400A4-2453-474E-A977-376B9A83CA13} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142216 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {D316DF82-ACCE-48A1-836A-13E2FCB6FCB8} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [855352 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {D5A8195B-A0A8-4CE3-A6EB-E8D490BCB440} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142216 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {D793B4FB-3A77-493F-8A0D-EAFD24C68C7E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-17] (Google LLC -> Google LLC)
Task: {DE8A4910-911A-40D7-B150-86C7AA89784E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5199792 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {E19C5F7F-122D-468D-AB87-245CE4EACE71} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5199792 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {F40592F5-BE40-48DD-AC47-CEA9D36DEF61} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993800 2021-02-03] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{79a0aa48-88c9-4278-80d1-7970b601bf4a}: [DhcpNameServer] 192.168.100.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Richard\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-16]

FireFox:
========
FF DefaultProfile: 1yn368nw.default
FF ProfilePath: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\1yn368nw.default [2021-01-17]
FF Homepage: Mozilla\Firefox\Profiles\1yn368nw.default -> hxxps://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=BT171002&iDate=2021-01-17 09:34:10&bName=
FF NewTab: Mozilla\Firefox\Profiles\1yn368nw.default -> hxxps://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=BT171002&iDate=2021-01-17 09:34:10&bName=
FF ProfilePath: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\o1iww0dk.default-release [2021-01-17]
FF Homepage: Mozilla\Firefox\Profiles\o1iww0dk.default-release -> hxxps://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=BT171002&iDate=2021-01-17 09:34:10&bName=
FF NewTab: Mozilla\Firefox\Profiles\o1iww0dk.default-release -> hxxps://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=BT171002&iDate=2021-01-17 09:34:10&bName=
FF SearchPlugin: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\o1iww0dk.default-release\searchplugins\My Bing Search.xml [2021-01-17]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-01-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-01-31] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default [2021-02-16]
CHR Notifications: Default -> hxxps://drive.google.com
CHR HomePage: Default -> hxxps://www.google.sk/
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Slides) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-01-17]
CHR Extension: (Docs) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-01-17]
CHR Extension: (Google Drive) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-17]
CHR Extension: (YouTube) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-01-17]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-01-29]
CHR Extension: (CzTorrent - 1. CZ Free Torrent Tracker -) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\chalkflaflbkojghgfddnifalamblkkd [2021-01-17]
CHR Extension: (Sheets) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-01-17]
CHR Extension: (Google Docs Offline) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-01-17]
CHR Extension: (Save to Facebook) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfikkaogpplgnfjmbjdpalkhclendgd [2021-01-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-17]
CHR Extension: (Chrome Media Router) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-29]

Opera:
=======
OPR Profile: C:\Users\Richard\AppData\Roaming\Opera Software\Opera Stable [2021-02-16]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Richard\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-02-16]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936456 2015-05-13] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2021-01-16] (ASUSTeK Computer Inc. -> ) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8905608 2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
S3 FileSyncHelper; C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\FileSyncHelper.exe [2194288 2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2020-12-08] (FUTUREMARK INC -> Futuremark)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335360 2016-03-18] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-18] (Intel Corporation) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-02-16] (Malwarebytes Inc -> Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S3 OneDrive Updater Service; C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\OneDriveUpdaterService.exe [2567552 2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5198064 2021-01-23] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12835096 2021-01-28] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [29280 2021-01-17] (LAVASOFT SOFTWARE CANADA INC -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\NisSrv.exe [2462960 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MsMpEng.exe [128376 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15368 2015-05-13] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 DIRECTIO; C:\Program Files\PerformanceTest\DirectIo64.sys [42352 2020-08-24] (PassMark Software Pty Ltd -> )
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2021-02-16] (Malwarebytes Corporation -> Malwarebytes)
R1 Jula.sys; C:\WINDOWS\system32\DRIVERS\Jula.sys [62696 2015-09-16] (ESI Audiotechnik GmbH -> ESI Audiotechnik GmbH)
R3 JulaWDM.sys; C:\WINDOWS\system32\DRIVERS\JulaWDM.sys [45288 2015-09-16] (ESI Audiotechnik GmbH -> ESI Audiotechnik GmbH)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220616 2021-02-16] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-02-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198248 2021-02-16] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-02-16] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-02-16] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [142416 2021-02-16] (Malwarebytes Inc -> Malwarebytes)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49552 2021-02-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [419040 2021-02-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-16 16:59 - 2021-02-16 16:59 - 266081772 _____ C:\Users\Richard\Downloads\Etuda30new2 (1).mp4
2021-02-16 16:59 - 2021-02-16 16:59 - 000220616 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-02-16 16:59 - 2021-02-16 16:59 - 000198248 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-02-16 16:59 - 2021-02-16 16:59 - 000142416 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-02-16 16:59 - 2021-02-16 16:59 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-02-16 15:40 - 2021-02-16 15:40 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-02-16 15:40 - 2021-02-16 15:40 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-02-16 15:40 - 2021-02-16 15:40 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-02-16 15:40 - 2021-02-16 15:40 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-02-16 15:40 - 2021-02-16 15:40 - 000000000 ____D C:\Users\Richard\AppData\Local\mbam
2021-02-16 15:40 - 2021-02-16 15:40 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-02-16 15:39 - 2021-02-16 15:39 - 000000000 ____D C:\Program Files\Malwarebytes
2021-02-16 15:37 - 2021-02-16 15:38 - 002086424 _____ (Malwarebytes) C:\Users\Richard\Downloads\MBSetup.exe
2021-02-16 14:06 - 2021-02-16 14:07 - 266081772 _____ C:\Users\Richard\Downloads\Etuda30new2.mp4
2021-02-16 10:25 - 2021-02-16 10:29 - 000000000 ____D C:\rsit
2021-02-16 10:25 - 2021-02-16 10:27 - 000000000 ____D C:\Program Files\trend micro
2021-02-16 10:13 - 2021-02-16 18:07 - 000000000 ____D C:\FRST
2021-02-15 23:56 - 2021-02-15 23:56 - 005290371 _____ C:\Users\Richard\Downloads\Office Tool Plus 7.6.0.1 Multilingual (1).rar
2021-02-15 13:47 - 2021-02-15 13:47 - 000143008 _____ C:\Users\Richard\Downloads\Etuda30new1.mp4.sfk
2021-02-15 13:38 - 2021-02-15 13:38 - 210725668 _____ C:\Users\Richard\Downloads\Etuda30new1.mp4
2021-02-15 12:58 - 2021-02-15 12:58 - 000989584 _____ (GridinSoft LLC) C:\Users\Richard\Downloads\install-antimalware-fix.exe
2021-02-15 12:49 - 2021-02-15 12:49 - 000000086 _____ C:\Users\Richard\AppData\Roaming\remoteclient.ini
2021-02-15 12:48 - 2021-02-15 12:48 - 000458752 _____ C:\Users\Richard\AppData\Local\sqlite_pass
2021-02-15 12:45 - 2021-02-15 12:45 - 000505093 _____ C:\Users\Richard\AppData\Roaming\sex.txt
2021-02-15 12:45 - 2021-02-15 12:45 - 000188416 _____ (NirSoft) C:\Users\Richard\AppData\Roaming\1.exe
2021-02-15 12:45 - 2021-02-15 12:45 - 000005120 _____ (Microsoft) C:\Users\Richard\AppData\Roaming\0.exe
2021-02-15 12:45 - 2021-02-15 12:45 - 000000032 _____ C:\Users\Richard\AppData\Roaming\++.bat
2021-02-15 12:44 - 2021-02-15 12:44 - 000015872 _____ (Microsoft) C:\Users\Richard\AppData\Roaming\specific.exe
2021-02-15 10:57 - 2021-02-15 10:57 - 000147822 _____ C:\Users\Richard\Downloads\potvrdenie.pdf
2021-02-13 23:50 - 2021-02-13 23:50 - 000000000 ____D C:\Users\Richard\Downloads\Office Tool Plus 7.6.0.1 Multilingual
2021-02-13 17:03 - 2021-02-13 17:04 - 005290371 _____ C:\Users\Richard\Downloads\Office Tool Plus 7.6.0.1 Multilingual.rar
2021-02-12 15:53 - 2021-02-12 15:53 - 006385465 _____ C:\Users\Katinka\Downloads\Vianocna ozdoba diplom 1.pptx
2021-02-11 18:20 - 2021-02-11 18:20 - 048708248 _____ C:\Users\Richard\Downloads\y2mate.com - Guy Lacour 50 Etude 34 Tenor Saxophone_1080pFHR.mp4
2021-02-11 14:24 - 2021-02-11 14:24 - 000031675 _____ C:\Users\Richard\Downloads\let_it_be_gr_kar (1).mid
2021-02-11 14:20 - 2021-02-11 14:20 - 000031675 _____ C:\Users\Richard\Downloads\let_it_be_gr_kar.mid
2021-02-11 14:19 - 2021-02-11 14:19 - 000023513 _____ C:\Users\Richard\Downloads\Let_It_Be.mid
2021-02-11 00:33 - 2021-02-11 00:33 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-11 00:33 - 2021-02-11 00:33 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-11 00:33 - 2021-02-11 00:33 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-02-11 00:33 - 2021-02-11 00:33 - 000010892 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-11 00:32 - 2021-02-11 00:32 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-02-10 23:17 - 2021-02-10 23:17 - 000166467 _____ C:\Users\Richard\Downloads\jazz-883.mus
2021-02-10 23:12 - 2021-02-10 23:12 - 006385255 _____ C:\Users\Katinka\Downloads\Vianocna ozdoba diplom.pptx
2021-02-10 21:00 - 2021-02-10 21:00 - 000000000 ____D C:\Users\Katinka\AppData\Roaming\ACD Systems
2021-02-10 21:00 - 2021-02-10 21:00 - 000000000 ____D C:\Users\Katinka\AppData\Local\ACD Systems
2021-02-10 20:53 - 2021-02-10 20:57 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Scribus
2021-02-10 20:53 - 2021-02-10 20:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scribus 1.4.8
2021-02-10 20:53 - 2021-02-10 20:53 - 000000000 ____D C:\Program Files (x86)\Scribus 1.4.8
2021-02-10 20:51 - 2021-02-10 20:51 - 085773505 _____ (The Scribus Team) C:\Users\Richard\Downloads\scribus-1.4.8-windows.exe
2021-02-10 18:53 - 2021-02-10 18:53 - 000132715 _____ C:\Users\Richard\Downloads\jazz-982.mus
2021-02-10 18:53 - 2021-02-10 18:53 - 000132715 _____ C:\Users\Richard\Downloads\jazz-982 (1).mus
2021-02-10 18:48 - 2021-02-10 18:48 - 000000000 ____D C:\Users\Richard\Downloads\prednesoveskladby
2021-02-10 10:20 - 2021-02-16 16:13 - 000000000 ____D C:\Users\Richard\AppData\LocalLow\BitTorrent
2021-02-09 19:27 - 2021-02-09 19:27 - 000054590 _____ C:\Users\Richard\Downloads\birdland (1).mid
2021-02-09 19:27 - 2021-02-09 19:27 - 000050846 _____ C:\Users\Richard\Downloads\birdland (2).mid
2021-02-09 13:32 - 2021-02-09 13:32 - 000000000 ____D C:\Users\Richard\Downloads\Gazovic koncert
2021-02-08 20:06 - 2021-02-08 20:43 - 000000000 ____D C:\Users\Richard\Downloads\Diera zvana John subory
2021-02-08 17:09 - 2021-02-08 17:09 - 074527128 _____ (Skype Technologies S.A.) C:\Users\Richard\Downloads\Skype-8.68.0.96.exe
2021-02-08 17:09 - 2021-02-08 17:09 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Skype
2021-02-08 17:09 - 2021-02-08 17:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2021-02-08 14:55 - 2021-02-08 14:55 - 000187307 _____ C:\Users\Richard\Downloads\Hatikva tempo 70.m4a
2021-02-08 13:15 - 2021-02-08 13:15 - 000167843 _____ C:\Users\Richard\Downloads\[SkT]Mr._Robot_-_2.serie_(CZ)[HEVC][1080p]_=_CSFD_84% (1).torrent
2021-02-05 15:17 - 2021-02-05 15:17 - 004704192 _____ (Crystal Dew World ) C:\Users\Richard\Downloads\CrystalDiskInfo8_10_0.exe
2021-02-05 15:17 - 2021-02-05 15:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2021-02-05 15:17 - 2021-02-05 15:17 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2021-02-05 00:10 - 2021-02-05 00:10 - 000027347 _____ C:\Users\Richard\Downloads\[SkT]The_Expanse_-_1.serie_[TvRip][720p]_=_CSFD_77%.torrent
2021-02-05 00:08 - 2021-02-05 00:08 - 000167843 _____ C:\Users\Richard\Downloads\[SkT]Mr._Robot_-_2.serie_(CZ)[HEVC][1080p]_=_CSFD_84%.torrent
2021-02-03 14:46 - 2021-02-03 14:46 - 000450496 _____ C:\Users\Richard\Downloads\Blues_Shuffle.mp4.sfk
2021-02-02 19:54 - 2021-02-02 19:54 - 000000000 ____D C:\Users\Katinka\AppData\Roaming\HpUpdate
2021-02-02 19:50 - 2021-02-02 19:50 - 000000000 ____D C:\Users\Katinka\AppData\Roaming\WinRAR
2021-02-01 22:20 - 2021-02-01 22:20 - 000024537 _____ C:\Users\Richard\Downloads\[SkT]Sveraci_kazajka___The_Jacket_(2005)(CZ_EN)[720pHD]_=_CSFD_78%.torrent
2021-02-01 22:20 - 2021-02-01 22:20 - 000013673 _____ C:\Users\Richard\Downloads\[SkT]Sveraci_kazajka___Jacket,_The_(2005)(CZ)_=_CSFD_78%.torrent
2021-02-01 22:19 - 2021-02-01 22:19 - 000012249 _____ C:\Users\Richard\Downloads\[SkT]Hranice_zivota___Stay_(2005)(CZ_EN)[1080p]_=_CSFD_73%.torrent
2021-02-01 22:15 - 2021-02-01 22:15 - 000011406 _____ C:\Users\Richard\Downloads\[SkT]Osviceni___The_Shining_(1980)[1080p]_=_CSFD_88%.torrent
2021-02-01 21:57 - 2021-02-01 21:58 - 663258021 _____ C:\Users\Richard\Downloads\Blues_Shuffle.mp4
2021-02-01 21:57 - 2021-02-01 21:58 - 358977604 _____ C:\Users\Richard\Downloads\Etuda30.mp4
2021-02-01 21:17 - 2021-02-01 21:17 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Webshare klient
2021-02-01 21:17 - 2021-02-01 21:17 - 000000000 ____D C:\Program Files (x86)\Webshare klient
2021-02-01 21:16 - 2021-02-01 21:17 - 005741167 _____ C:\Users\Richard\Downloads\webshare-klient-beta-2020-10-17.exe
2021-02-01 21:06 - 2021-02-01 21:06 - 000011730 _____ C:\Users\Richard\Downloads\[SkT]Osudovy_dotek___Butterfly_Effect,_The_(2004)(CZ)_=_CSFD_87%.torrent
2021-02-01 15:57 - 2021-02-01 15:57 - 000006485 _____ C:\Users\Richard\Downloads\hatikva6.mid
2021-02-01 15:57 - 2021-02-01 15:57 - 000003094 _____ C:\Users\Richard\Downloads\hatikvah (1).mid
2021-02-01 15:57 - 2021-02-01 15:57 - 000003068 _____ C:\Users\Richard\Downloads\hatikva3.mid
2021-02-01 15:56 - 2021-02-01 15:56 - 000021500 _____ C:\Users\Richard\Downloads\Hatikvah.mid
2021-02-01 15:20 - 2021-02-01 15:20 - 000017261 _____ C:\Users\Richard\Downloads\Yesterday (1).mid
2021-02-01 15:20 - 2021-02-01 15:20 - 000014948 _____ C:\Users\Richard\Downloads\yesterday.mid
2021-02-01 15:20 - 2021-02-01 15:20 - 000014948 _____ C:\Users\Richard\Downloads\yesterday (2).mid
2021-01-29 21:55 - 2021-01-29 21:55 - 000672126 _____ C:\Users\Richard\Downloads\zmluva_20-131-08565.pdf
2021-01-29 21:42 - 2021-01-29 21:42 - 002534603 _____ C:\Users\Richard\Downloads\[SkT]Ebook_2020_(CZ) (1).torrent
2021-01-29 21:24 - 2021-01-29 23:06 - 000000000 ____D C:\Users\Richard\AppData\Local\transmission
2021-01-29 21:24 - 2021-01-29 23:06 - 000000000 ____D C:\ProgramData\Transmission
2021-01-29 21:24 - 2021-01-29 21:24 - 016310272 _____ C:\Users\Richard\Downloads\transmission-3.00-x64.msi
2021-01-29 21:24 - 2021-01-29 21:24 - 000002471 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transmission Qt Client.lnk
2021-01-29 21:24 - 2021-01-29 21:24 - 000000000 ____D C:\Program Files\Transmission
2021-01-29 21:15 - 2021-01-29 21:15 - 001012654 _____ C:\Users\Richard\Downloads\[SkT]Ebook_Tematicke.torrent
2021-01-29 21:14 - 2021-01-29 21:14 - 000626467 _____ C:\Users\Richard\Downloads\tematicke_2020.pdf
2021-01-29 16:59 - 2021-01-29 16:59 - 063102319 _____ (XBMC Foundation) C:\Users\Richard\Downloads\kodi-18.9-Leia-x64.exe
2021-01-29 16:58 - 2021-01-29 16:58 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Kodi
2021-01-29 16:58 - 2021-01-29 16:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodi
2021-01-29 16:58 - 2021-01-29 16:58 - 000000000 ____D C:\Program Files\Kodi
2021-01-29 16:27 - 2021-01-29 16:27 - 017633114 _____ C:\Users\Richard\Downloads\E.Rocherolle Two¨Companz.pdf
2021-01-29 16:27 - 2021-01-29 16:27 - 004814641 _____ C:\Users\Richard\Downloads\bela bartok for children.pdf
2021-01-29 15:06 - 2021-01-29 15:52 - 000000000 ____D C:\Users\Richard\AppData\Local\VideoComparer
2021-01-29 15:06 - 2021-01-29 15:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Comparer
2021-01-29 15:06 - 2021-01-29 15:06 - 000000000 ____D C:\Program Files\VideoComparer
2021-01-29 15:05 - 2021-01-29 15:05 - 014373040 _____ (Video Comparer) C:\Users\Richard\Downloads\VideoComparer_Win64_1.07.002.exe
2021-01-29 01:02 - 2021-01-29 01:02 - 002100755 _____ C:\Users\Richard\Downloads\beletrie_2020.pdf
2021-01-29 00:59 - 2021-01-29 00:59 - 002534603 _____ C:\Users\Richard\Downloads\[SkT]Ebook_2020_(CZ).torrent
2021-01-29 00:58 - 2021-01-29 00:58 - 000010371 _____ C:\Users\Richard\Downloads\[SkT]dTest_09-12_2020_(CZ).torrent
2021-01-29 00:58 - 2021-01-29 00:58 - 000002591 _____ C:\Users\Richard\Downloads\[SkT]dTest_01_2021_(CZ).torrent
2021-01-28 19:20 - 2021-01-28 19:20 - 000012041 _____ C:\Users\Richard\Downloads\[SkT]Havel_(2020)(CZ)[WebRip][720p]_=_CSFD_62%.torrent
2021-01-28 19:19 - 2021-01-28 19:19 - 000018025 _____ C:\Users\Richard\Downloads\[SkT]Pokoj___The_Room_(2019)(CZ)[1080p]_=_CSFD_66%.torrent
2021-01-28 16:39 - 2021-01-28 16:39 - 000119737 _____ C:\Users\Richard\Downloads\[SkT]Star_Wars_KOMPLET_FILMY_(1977-2020_1080p_CZ)_=_CSFD_88%.torrent
2021-01-28 14:09 - 2021-01-28 14:09 - 000017527 _____ C:\Users\Richard\Downloads\[SkT]Laska_v_male_Italii___Little_Italy_(2018)(SK)[WebRip][1080p]_=_CSFD_56%.torrent
2021-01-28 14:07 - 2021-01-28 14:07 - 000012697 _____ C:\Users\Richard\Downloads\[SkT]Vrazedna_stena___Nordwand_(2008)(CZ)_=_CSFD_82%.torrent
2021-01-27 23:48 - 2021-01-27 23:48 - 000000020 ___SH C:\Users\Katinka\ntuser.ini
2021-01-27 23:48 - 2021-01-27 23:48 - 000000000 ____D C:\Users\Katinka\AppData\Roaming\TeamViewer
2021-01-27 23:48 - 2021-01-27 23:48 - 000000000 ____D C:\Users\Katinka\AppData\Local\TeamViewer
2021-01-27 23:48 - 2021-01-27 23:48 - 000000000 ____D C:\Users\Katinka\AppData\Local\PlaceholderTileLogoFolder
2021-01-27 22:52 - 2021-01-27 22:52 - 000043979 _____ C:\Users\Richard\Downloads\Program - Online koncert - 28012021.pdf
2021-01-27 18:46 - 2021-01-27 18:46 - 000512765 _____ C:\Users\Richard\Downloads\5114617373.pdf
2021-01-27 15:32 - 2021-01-27 15:32 - 000000000 ____D C:\Users\Richard\Downloads\Ziadost dane 2020
2021-01-26 23:25 - 2021-02-05 14:27 - 000003206 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2021-01-26 23:25 - 2021-02-05 14:27 - 000002174 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-01-26 23:25 - 2021-02-05 14:27 - 000000000 ___RD C:\Users\Katinka\OneDrive
2021-01-26 23:25 - 2021-01-26 23:25 - 000000000 ___RD C:\Users\Default\OneDrive
2021-01-26 23:25 - 2021-01-26 23:25 - 000000000 ___RD C:\Users\Default User\OneDrive
2021-01-26 23:24 - 2021-02-06 16:37 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2021-01-26 23:21 - 2021-02-01 22:31 - 000000000 ____D C:\Users\Richard\OneDrive\Dokumenty\TrackmaniaTurbo
2021-01-26 23:21 - 2021-01-26 23:21 - 000000000 ___HD C:\OneDriveTemp
2021-01-26 23:21 - 2021-01-26 23:21 - 000000000 ____D C:\Users\Richard\OneDrive\Dokumenty\WD TV®_files
2021-01-26 23:21 - 2021-01-26 23:21 - 000000000 ____D C:\Users\Richard\OneDrive\Dokumenty\Vlastní šablony Office
2021-01-26 23:21 - 2021-01-26 23:21 - 000000000 ____D C:\Users\Richard\OneDrive\Dokumenty\Updater5
2021-01-26 23:21 - 2021-01-26 23:21 - 000000000 ____D C:\Users\Richard\OneDrive\Dokumenty\PassMark
2021-01-26 23:21 - 2021-01-26 23:21 - 000000000 ____D C:\Users\Richard\OneDrive\Dokumenty\NFS Most Wanted
2021-01-26 23:21 - 2021-01-26 23:21 - 000000000 ____D C:\Users\Richard\OneDrive\Dokumenty\MyScans
2021-01-26 23:21 - 2021-01-26 23:21 - 000000000 ____D C:\Users\Richard\OneDrive\Dokumenty\MuseScore3
2021-01-26 23:21 - 2021-01-26 23:21 - 000000000 ____D C:\Users\Richard\OneDrive\Dokumenty\MAXON
2021-01-26 23:21 - 2021-01-26 23:21 - 000000000 ____D C:\Users\Richard\OneDrive\Dokumenty\3DMark
2021-01-26 23:21 - 2017-08-08 18:09 - 000062266 _____ C:\Users\Richard\OneDrive\Dokumenty\WD TV®.html
2021-01-26 23:21 - 2017-05-11 13:05 - 000000868 _____ C:\Users\Richard\OneDrive\Dokumenty\Internet Explorer.lnk
2021-01-26 23:21 - 2017-03-27 16:41 - 003289702 _____ C:\Users\Richard\OneDrive\Dokumenty\Pirates-of-the-Caribbean-1-book-=) (1).pdf
2021-01-26 23:21 - 2017-03-20 17:37 - 000865801 _____ C:\Users\Richard\OneDrive\Dokumenty\Pirates-of-the-Caribbean---Piano-Arrangement.pdf
2021-01-26 23:21 - 2017-03-13 15:41 - 000139692 _____ C:\Users\Richard\OneDrive\Dokumenty\[Free-scores.com]_telemann-georg-philipp-sonata-1-in-f-major-for-harp-48212.pdf
2021-01-26 23:21 - 2017-03-13 15:39 - 000104108 _____ C:\Users\Richard\OneDrive\Dokumenty\telemann-sonata-no1-in-f-major-vivace.pdf
2021-01-26 23:21 - 2017-01-20 14:17 - 000000290 _____ C:\Users\Richard\OneDrive\Dokumenty\Kafe zahranicne.txt
2021-01-26 23:21 - 2016-09-18 10:39 - 001342213 _____ C:\Users\Richard\OneDrive\Dokumenty\História a vývoj tlačových médií.pptx
2021-01-26 21:03 - 2021-02-16 16:13 - 000000000 ____D C:\Program Files (x86)\Steam
2021-01-26 21:03 - 2021-01-26 21:03 - 000000000 ____D C:\Users\Richard\AppData\Local\Steam
2021-01-26 21:03 - 2021-01-26 21:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2021-01-26 21:02 - 2021-01-26 21:02 - 001573568 _____ C:\Users\Richard\Downloads\SteamSetup.exe
2021-01-26 20:52 - 2021-01-26 20:52 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2021-01-26 20:43 - 2021-01-26 20:43 - 024690748 _____ C:\Users\Richard\OneDrive\Dokumenty\Robmitozas.mxf
2021-01-26 20:43 - 2021-01-26 20:43 - 000014032 _____ C:\Users\Richard\OneDrive\Dokumenty\Robmitozas.mxf.sfk
2021-01-26 20:43 - 2021-01-26 20:43 - 000000076 _____ C:\Users\Richard\OneDrive\Dokumenty\Robmitozas.mxf.sfl
2021-01-26 19:58 - 2021-01-26 20:50 - 000000000 ____D C:\Users\Richard\AppData\Roaming\VEGAS
2021-01-26 19:58 - 2021-01-26 19:58 - 000000000 ____D C:\Users\Richard\AppData\Roaming\VEGAS Pro
2021-01-26 19:58 - 2021-01-26 19:58 - 000000000 ____D C:\Users\Richard\AppData\Roaming\MAGIX
2021-01-26 19:58 - 2021-01-26 19:58 - 000000000 ____D C:\Users\Richard\AppData\Local\VEGAS Pro
2021-01-26 19:58 - 2021-01-26 19:58 - 000000000 ____D C:\Users\Richard\AppData\Local\Sony
2021-01-26 19:58 - 2021-01-26 19:58 - 000000000 ____D C:\Users\Richard\AppData\Local\Plugin.OfxStitch
2021-01-26 19:58 - 2021-01-26 19:58 - 000000000 ____D C:\Users\Richard\AppData\Local\Plugin.ofx360Stabilizer
2021-01-26 19:58 - 2021-01-26 19:58 - 000000000 ____D C:\Users\Richard\AppData\Local\Plugin.MxOfxRotation
2021-01-26 19:58 - 2021-01-26 19:58 - 000000000 ____D C:\Users\Richard\AppData\Local\MAGIX
2021-01-26 19:57 - 2021-01-26 19:57 - 000000000 ____D C:\ProgramData\Magix
2021-01-26 19:56 - 2021-01-26 19:56 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Sony
2021-01-26 19:56 - 2021-01-26 19:56 - 000000000 ____D C:\Users\Richard\AppData\Local\VEGAS
2021-01-26 19:56 - 2021-01-26 19:56 - 000000000 ____D C:\ProgramData\VEGAS Pro
2021-01-26 19:56 - 2021-01-26 19:56 - 000000000 ____D C:\ProgramData\VEGAS
2021-01-26 19:56 - 2021-01-26 19:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS
2021-01-26 19:56 - 2021-01-26 19:56 - 000000000 ____D C:\Program Files\VEGAS
2021-01-26 19:56 - 2021-01-26 19:56 - 000000000 ____D C:\Program Files (x86)\VEGAS
2021-01-26 10:29 - 2021-01-26 11:19 - 215884026 _____ C:\Users\Richard\Downloads\Maria_Blahova_Caravan.mp4
2021-01-26 10:29 - 2021-01-26 10:29 - 052371949 _____ C:\Users\Richard\Downloads\Maria_Blahova_Caravan_bezpodkladu.mp4
2021-01-25 15:37 - 2021-01-25 15:38 - 000000000 ___HD C:\Users\Richard\Downloads\[Originals]
2021-01-25 15:09 - 2021-01-25 15:09 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2021-01-25 15:09 - 2021-01-25 15:09 - 000000000 ____D C:\Program Files (x86)\ASIO4ALL v2
2021-01-25 14:55 - 2021-01-25 14:55 - 000000000 ____D C:\Users\Richard\Downloads\Brouk Bohuslav - Sport - stoupa života _ Český Sigmund Freud (Hmyzí Silvestr 2002)
2021-01-25 14:55 - 2021-01-25 14:55 - 000000000 ____D C:\Users\Richard\Downloads\Bohuslav Brouk - Choditi s koulí na noze je sotva vtipný nápad
2021-01-25 14:15 - 2009-10-11 21:58 - 001177600 _____ (AD) C:\WINDOWS\SysWOW64\SYNSOEMU.DLL
2021-01-25 14:14 - 2021-01-25 14:14 - 000000000 ____D C:\ProgramData\VST3 Presets
2021-01-25 14:13 - 2021-01-25 14:13 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg HALionOne
2021-01-25 14:13 - 2021-01-25 14:13 - 000000000 ____D C:\ProgramData\Steinberg
2021-01-25 14:11 - 2021-01-25 14:16 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Steinberg
2021-01-25 14:11 - 2021-01-25 14:15 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase 5
2021-01-25 14:11 - 2021-01-25 14:11 - 000000000 ____D C:\Program Files (x86)\Steinberg
2021-01-24 21:54 - 2021-01-24 21:54 - 077493402 _____ C:\Users\Richard\Downloads\Brouk Bohuslav - Sport - stoupa života _ Český Sigmund Freud (Hmyzí Silvestr 2002).zip
2021-01-24 21:54 - 2021-01-24 21:54 - 059021281 _____ C:\Users\Richard\Downloads\Bohuslav Brouk - Choditi s koulí na noze je sotva vtipný nápad.rar
2021-01-24 21:54 - 2021-01-24 21:54 - 058119796 _____ C:\Users\Richard\Downloads\Víkendová příloha - Kamen Jiří - Český Sigmund Freud (Bohuslav Brouk).rar
2021-01-24 18:15 - 2021-01-24 18:15 - 000017653 _____ C:\Users\Richard\Downloads\[SkT]Sarlatan_(2020)(CZ)[WebRip][1080p]_=_CSFD_79%.torrent
2021-01-24 18:10 - 2021-01-24 18:10 - 000151195 _____ C:\Users\Richard\Downloads\[SkT]____Koruna___The_Crown_-_2._serie_(CZ)[WebRip][1080p]_=_CSFD_90%.torrent
2021-01-24 18:01 - 2021-01-24 18:01 - 000043676 _____ C:\Users\Richard\Downloads\[SkT]____Koruna___The_Crown_-_1._serie_(CZ)[WebRip][1080p]_=_CSFD_90%.torrent
2021-01-23 18:29 - 2021-02-11 12:05 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-01-23 18:29 - 2021-02-11 12:05 - 000003386 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6f120800843a7
2021-01-23 10:39 - 2021-01-23 10:40 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2021-01-23 10:38 - 2021-01-23 10:39 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-01-23 10:38 - 2021-01-23 10:38 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-01-23 10:37 - 2021-01-23 10:37 - 000000000 ____D C:\ProgramData\ssh
2021-01-23 10:34 - 2021-01-23 10:34 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-01-23 10:34 - 2021-01-23 10:34 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-01-23 10:34 - 2021-01-23 10:34 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-01-23 10:34 - 2021-01-23 10:34 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-23 10:34 - 2021-01-23 10:34 - 000707544 _____ C:\WINDOWS\system32\TextShaping.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-23 10:34 - 2021-01-23 10:34 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-23 10:34 - 2021-01-23 10:34 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-23 10:34 - 2021-01-23 10:34 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000467968 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-23 10:34 - 2021-01-23 10:34 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-23 10:34 - 2021-01-23 10:34 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2021-01-23 10:34 - 2021-01-23 10:34 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-23 10:34 - 2021-01-23 10:34 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2021-01-23 10:34 - 2021-01-23 10:34 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-23 10:34 - 2021-01-23 10:34 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-01-23 10:34 - 2021-01-23 10:34 - 000138056 _____ C:\WINDOWS\system32\HvsiManagementApi.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-23 10:34 - 2021-01-23 10:34 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb
2021-01-23 10:34 - 2021-01-23 10:34 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb
2021-01-23 10:34 - 2021-01-23 10:34 - 000111616 _____ C:\WINDOWS\system32\RDVGHelper.exe
2021-01-23 10:34 - 2021-01-23 10:34 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000101704 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-23 10:34 - 2021-01-23 10:34 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-23 10:34 - 2021-01-23 10:34 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-23 10:34 - 2021-01-23 10:34 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-01-23 10:34 - 2021-01-23 10:34 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2021-01-23 10:34 - 2021-01-23 10:34 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv
2021-01-23 10:34 - 2021-01-23 10:34 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2021-01-23 10:34 - 2021-01-23 10:34 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2021-01-23 10:33 - 2021-01-23 10:33 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2021-01-23 10:33 - 2021-01-23 10:33 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-23 10:33 - 2021-01-23 10:33 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-23 10:33 - 2021-01-23 10:33 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-01-23 10:33 - 2021-01-23 10:33 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-01-23 10:33 - 2021-01-23 10:33 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-23 10:33 - 2021-01-23 10:33 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2021-01-23 10:33 - 2021-01-23 10:33 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-23 10:33 - 2021-01-23 10:33 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2021-01-23 10:33 - 2021-01-23 10:33 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-23 10:33 - 2021-01-23 10:33 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2021-01-23 10:33 - 2021-01-23 10:33 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2021-01-23 10:33 - 2021-01-23 10:33 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv
2021-01-23 10:33 - 2021-01-23 10:33 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-01-23 10:30 - 2021-01-23 10:30 - 000000000 ____D C:\WINDOWS\system32\sk
2021-01-23 10:28 - 2021-01-23 10:28 - 000000000 ____D C:\Program Files\Reference Assemblies
2021-01-23 10:28 - 2021-01-23 10:28 - 000000000 ____D C:\Program Files\MSBuild
2021-01-23 10:28 - 2021-01-23 10:28 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2021-01-23 10:28 - 2021-01-23 10:28 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-01-23 01:47 - 2021-01-23 01:47 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-01-23 01:45 - 2021-02-16 16:19 - 000842414 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-23 01:45 - 2021-01-23 01:45 - 000000020 ___SH C:\Users\Richard\ntuser.ini
2021-01-23 01:44 - 2021-02-16 16:13 - 000003130 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2021-01-23 01:44 - 2021-02-16 16:13 - 000003114 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2021-01-23 01:44 - 2021-02-16 16:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-23 01:44 - 2021-02-15 10:16 - 000004226 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1610919243
2021-01-23 01:44 - 2021-02-05 17:44 - 000003418 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-01-23 01:44 - 2021-02-05 17:44 - 000003294 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-01-23 01:44 - 2021-01-23 01:44 - 000015243 _____ C:\WINDOWS\diagwrn.xml
2021-01-23 01:44 - 2021-01-23 01:44 - 000015243 _____ C:\WINDOWS\diagerr.xml
2021-01-23 01:44 - 2021-01-23 01:44 - 000003874 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1610919256
2021-01-23 01:44 - 2021-01-23 01:44 - 000003118 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2021-01-23 01:44 - 2021-01-23 01:44 - 000002672 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2021-01-23 01:44 - 2021-01-23 01:44 - 000002590 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2021-01-23 01:44 - 2021-01-23 01:44 - 000002202 _____ C:\WINDOWS\system32\Tasks\StartCN
2021-01-23 01:44 - 2021-01-23 01:44 - 000002122 _____ C:\WINDOWS\system32\Tasks\StartDVR
2021-01-23 01:44 - 2021-01-23 01:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-01-23 01:41 - 2021-02-13 01:55 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-23 01:41 - 2021-02-10 23:16 - 000000000 ____D C:\Users\Katinka
2021-01-23 01:41 - 2021-02-07 01:00 - 000000000 ____D C:\Users\Richard
2021-01-23 01:41 - 2021-02-03 12:06 - 000000000 ____D C:\Users\kioskUser0
2021-01-23 01:41 - 2016-11-01 23:05 - 000099848 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2021-01-23 01:40 - 2021-02-16 16:52 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-23 01:40 - 2021-02-16 16:13 - 000008192 ___SH C:\DumpStack.log.tmp
2021-01-23 01:40 - 2021-02-11 02:06 - 000530440 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-22 22:03 - 2021-01-22 22:03 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2021-01-22 14:36 - 2021-01-23 01:42 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2021-01-22 14:36 - 2021-01-22 14:36 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Zoom
2021-01-21 19:36 - 2021-02-10 10:30 - 000000000 ___DC C:\WINDOWS\Panther
2021-01-21 19:33 - 2021-01-21 19:33 - 000000000 ___HD C:\$WinREAgent
2021-01-21 17:33 - 2021-01-21 17:33 - 041750105 _____ C:\Users\Richard\Downloads\Birdland Blahova.mp4
2021-01-21 15:08 - 2021-01-23 10:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-01-20 23:08 - 2021-02-16 16:13 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-01-20 23:08 - 2021-01-24 17:28 - 000000000 ____D C:\Users\Richard\AppData\Roaming\TeamViewer
2021-01-20 23:08 - 2021-01-21 19:52 - 000000000 ____D C:\Users\Richard\AppData\Local\TeamViewer
2021-01-20 23:08 - 2021-01-20 23:08 - 000001116 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2021-01-20 22:46 - 2021-01-20 22:46 - 000373009 _____ C:\Users\Richard\Downloads\Svetova kultura (1).pdf
2021-01-20 22:24 - 2021-01-20 22:24 - 000373379 _____ C:\Users\Richard\Downloads\svetova kultura.pdf
2021-01-20 19:52 - 2021-01-20 19:52 - 000337013 _____ C:\Users\Richard\Downloads\3_1_I_polrok (1).pdf
2021-01-20 17:46 - 2021-02-01 22:31 - 000000000 ____D C:\ProgramData\TrackmaniaTurbo
2021-01-20 17:36 - 2021-01-20 17:36 - 000000234 _____ C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trackmania Turbo.url
2021-01-20 17:36 - 2021-01-20 17:36 - 000000234 _____ C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Config.url
2021-01-20 17:34 - 2021-02-01 22:32 - 000000000 ____D C:\Users\Richard\AppData\Local\Ubisoft Game Launcher
2021-01-20 17:34 - 2021-01-23 01:42 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2021-01-20 17:34 - 2021-01-20 17:34 - 000000000 ____D C:\ProgramData\Ubisoft
2021-01-20 17:34 - 2021-01-20 17:34 - 000000000 ____D C:\Program Files (x86)\Ubisoft
2021-01-20 16:53 - 2021-01-20 16:53 - 000055452 _____ C:\Users\Richard\Downloads\birdland.mid
2021-01-20 15:53 - 2021-01-23 10:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daum
2021-01-20 15:53 - 2021-01-20 15:53 - 000000000 ____D C:\Users\Richard\AppData\Roaming\PotPlayerMini64
2021-01-20 15:53 - 2021-01-20 15:53 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Daum
2021-01-20 15:53 - 2021-01-20 15:53 - 000000000 ____D C:\Program Files\DAUM
2021-01-19 20:15 - 2021-01-19 20:15 - 000000000 ____D C:\Users\Katinka\AppData\Roaming\Intel Corporation
2021-01-19 20:14 - 2021-01-19 20:14 - 000000000 ____D C:\Users\Katinka\AppData\Local\MicrosoftEdge
2021-01-19 20:14 - 2021-01-19 20:14 - 000000000 ____D C:\Users\Katinka\AppData\Local\Comms
2021-01-19 20:13 - 2021-02-12 15:54 - 000000000 ____D C:\Users\Katinka\AppData\Local\Packages
2021-01-19 20:13 - 2021-02-12 15:52 - 000000000 __SHD C:\Users\Katinka\IntelGraphicsProfiles
2021-01-19 20:13 - 2021-01-27 23:52 - 000000000 ____D C:\Users\Katinka\AppData\Local\Google
2021-01-19 20:13 - 2021-01-27 23:48 - 000000000 ___RD C:\Users\Katinka\3D Objects
2021-01-19 20:13 - 2021-01-19 20:14 - 000000000 ____D C:\Users\Katinka\AppData\Roaming\Adobe
2021-01-19 20:13 - 2021-01-19 20:13 - 000000000 ____D C:\Users\Katinka\AppData\Local\VirtualStore
2021-01-19 20:13 - 2021-01-19 20:13 - 000000000 ____D C:\Users\Katinka\AppData\Local\Publishers
2021-01-19 20:13 - 2021-01-19 20:13 - 000000000 ____D C:\Users\Katinka\AppData\Local\ConnectedDevicesPlatform
2021-01-19 20:12 - 2021-01-19 20:13 - 000000000 ____D C:\Users\Katinka\AppData\Local\AMD
2021-01-19 18:55 - 2012-09-26 16:48 - 000000584 _____ C:\WINDOWS\hpomdl28.dat.temp
2021-01-19 18:54 - 2021-01-19 18:54 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Macromedia
2021-01-19 18:53 - 2021-01-19 18:54 - 000000000 ____D C:\Users\Richard\AppData\Roaming\HP
2021-01-19 18:53 - 2021-01-19 18:53 - 000000000 ____D C:\ProgramData\WEBREG
2021-01-19 18:52 - 2021-01-26 19:41 - 000000000 ____D C:\Users\Richard\AppData\Roaming\HpUpdate
2021-01-19 18:52 - 2021-01-19 18:52 - 000001398 _____ C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk
2021-01-19 18:52 - 2021-01-19 18:52 - 000001078 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
2021-01-19 18:52 - 2021-01-19 18:52 - 000000000 ____D C:\ProgramData\HP Product Assistant
2021-01-19 18:52 - 2021-01-19 18:52 - 000000000 ____D C:\ProgramData\HP Photo Creations
2021-01-19 18:52 - 2021-01-19 18:52 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2021-01-19 18:52 - 2021-01-19 18:52 - 000000000 ____D C:\Program Files (x86)\HP Photo Creations
2021-01-19 18:51 - 2021-01-23 10:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2021-01-19 18:51 - 2021-01-19 18:52 - 000000000 ____D C:\Program Files (x86)\HP
2021-01-19 18:50 - 2021-01-19 18:55 - 000188219 _____ C:\WINDOWS\hpoins28.dat
2021-01-19 18:50 - 2012-09-26 16:48 - 000000584 _____ C:\WINDOWS\hpomdl28.dat
2021-01-19 18:48 - 2021-01-19 18:53 - 000000000 ____D C:\ProgramData\HP
2021-01-19 18:48 - 2012-09-25 08:52 - 003867040 _____ C:\WINDOWS\system32\PortChanger.exe
2021-01-19 18:48 - 2012-09-25 08:52 - 000151968 ____N (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\Dot4.sys
2021-01-19 18:48 - 2012-09-25 08:52 - 000049056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dot4usb.sys
2021-01-19 18:48 - 2012-09-25 08:52 - 000027040 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\Dot4Prt.sys
2021-01-19 18:48 - 2009-07-14 02:41 - 000046080 _____ (Hewlett-Packard Corporation) C:\WINDOWS\system32\hpz3lw71.dll
2021-01-19 18:48 - 2009-07-08 11:51 - 000938496 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpowiax7.dll
2021-01-19 18:48 - 2009-07-08 11:51 - 000740864 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\hpotscl6.dll
2021-01-19 18:48 - 2009-07-08 11:51 - 000551424 _____ (Hewlett-Packard) C:\WINDOWS\system32\hppldcoi.dll
2021-01-19 18:48 - 2009-07-08 11:51 - 000505344 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\hpovst15.dll
2021-01-19 18:30 - 2021-02-16 16:03 - 000000000 ____D C:\Users\Richard\AppData\Roaming\MuseScore
2021-01-19 18:30 - 2021-01-23 01:42 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MuseScore 3
2021-01-19 18:30 - 2021-01-19 18:30 - 000000000 ____D C:\Users\Richard\AppData\Local\MuseScore
2021-01-19 18:30 - 2021-01-19 18:30 - 000000000 ____D C:\Program Files\MuseScore 3
2021-01-19 17:19 - 2021-01-19 17:19 - 000000000 ___HD C:\Users\kioskUser0\MicrosoftEdgeBackups
2021-01-19 17:05 - 2021-01-19 17:05 - 000000000 ____D C:\Users\kioskUser0\AppData\Local\PlaceholderTileLogoFolder
2021-01-19 15:33 - 2021-01-19 15:33 - 000037361 _____ C:\Users\Richard\Downloads\Orange_doklad_FR_202012_CNnull_SN0902876219.pdf
2021-01-19 15:33 - 2021-01-19 15:33 - 000037056 _____ C:\Users\Richard\Downloads\Orange_doklad_FR_202012_CNnull_SN0949811763.pdf
2021-01-18 23:47 - 2021-01-18 23:47 - 000000000 ____D C:\Users\Richard\AppData\Local\OneDrive
2021-01-18 21:48 - 2021-01-21 15:08 - 000002411 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-01-18 21:48 - 2021-01-21 15:08 - 000002410 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-01-18 21:48 - 2021-01-21 15:08 - 000002373 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-01-18 21:47 - 2021-02-15 10:17 - 000000000 ____D C:\Program Files\Microsoft Office
2021-01-18 21:47 - 2021-01-18 21:47 - 000000000 ____D C:\Program Files\Microsoft Office 15
2021-01-18 21:47 - 2021-01-18 21:47 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2021-01-18 20:32 - 2021-01-20 15:52 - 000000000 ____D C:\Program Files\VideoLAN
2021-01-18 20:06 - 2021-01-18 20:06 - 000000000 ____D C:\Users\defaultuser100000
2021-01-18 15:59 - 2021-01-18 15:59 - 000337013 _____ C:\Users\Richard\Downloads\3_1_I_polrok.pdf
2021-01-18 15:36 - 2021-01-20 15:29 - 000000000 ____D C:\Users\Richard\AppData\Local\Adobe
2021-01-18 15:36 - 2021-01-20 15:29 - 000000000 ____D C:\ProgramData\Adobe
2021-01-18 15:36 - 2021-01-18 15:37 - 000000000 ____D C:\Users\Richard\AppData\LocalLow\Netopsystems
2021-01-18 00:47 - 2021-01-18 00:47 - 000014230 _____ C:\Users\Richard\Downloads\[SkT]Windows_10_Permanent_Activator_ultimate__ALL (1).torrent
2021-01-18 00:40 - 2021-01-18 00:40 - 000014230 _____ C:\Users\Richard\Downloads\[SkT]Windows_10_Permanent_Activator_ultimate__ALL.torrent
2021-01-18 00:37 - 2021-01-18 00:37 - 000000000 ____D C:\Users\kioskUser0\AppData\Local\cache
2021-01-18 00:33 - 2021-02-16 18:00 - 000000000 ____D C:\Users\Richard\AppData\Local\CrashDumps
2021-01-18 00:32 - 2021-01-18 00:32 - 000000000 ____D C:\Users\kioskUser0\AppData\Local\Google
2021-01-18 00:28 - 2021-02-05 14:27 - 000000000 ___RD C:\Users\Richard\OneDrive
2021-01-18 00:24 - 2021-01-18 21:27 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-01-17 23:10 - 2021-01-23 10:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-01-17 23:10 - 2021-01-23 01:42 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-01-17 23:10 - 2021-01-18 00:32 - 000000000 ____D C:\Program Files\WinRAR
2021-01-17 23:10 - 2021-01-17 23:10 - 000000000 ____D C:\Users\Richard\AppData\Roaming\WinRAR
2021-01-17 23:09 - 2021-01-17 23:09 - 000016964 _____ C:\Users\Richard\Downloads\[SkT]____WinRAR_v.5.90_Final_Official_(x86_x64)(CZ_SK).torrent
2021-01-17 23:06 - 2021-01-17 23:06 - 000002327 _____ C:\Users\Richard\Downloads\[SkT]WinRAR_v.6.00_Final_Official_(x86_x64).torrent
2021-01-17 23:06 - 2021-01-17 23:06 - 000002327 _____ C:\Users\Richard\Downloads\[SkT]WinRAR_v.6.00_Final_Official_(x86_x64) (1).torrent
2021-01-17 22:59 - 2021-01-17 22:59 - 000009613 _____ C:\Users\Richard\Downloads\[SkT]AAct_4.0_Release_1.torrent
2021-01-17 22:48 - 2021-01-17 22:48 - 000027319 _____ C:\Users\Richard\Downloads\[SkT]Microsoft_Office_Professional_Plus_2019_MSO_(16.0.11929.20370) (1).torrent
2021-01-17 22:45 - 2021-02-16 18:08 - 000000000 ____D C:\Users\Richard\AppData\Roaming\BitTorrent
2021-01-17 22:45 - 2021-01-18 00:32 - 000000000 ____D C:\ProgramData\Avast Software
2021-01-17 22:35 - 2021-01-17 22:35 - 000027319 _____ C:\Users\Richard\Downloads\[SkT]Microsoft_Office_Professional_Plus_2019_MSO_(16.0.11929.20370).torrent
2021-01-17 22:34 - 2021-02-16 17:32 - 000000000 ____D C:\Users\Richard\AppData\Local\BitTorrentHelper
2021-01-17 22:34 - 2021-02-15 10:16 - 000001415 _____ C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2021-01-17 22:34 - 2021-01-23 10:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2021-01-17 22:34 - 2021-01-17 22:34 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Lavasoft
2021-01-17 22:34 - 2021-01-17 22:34 - 000000000 ____D C:\Users\Richard\AppData\Local\Opera Software
2021-01-17 22:34 - 2021-01-17 22:34 - 000000000 ____D C:\Users\Richard\AppData\Local\Lavasoft
2021-01-17 22:34 - 2021-01-17 22:34 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2021-01-17 22:33 - 2021-01-25 12:40 - 000000000 ____D C:\Users\Richard\AppData\Roaming\BitTorrent Web
2021-01-17 22:33 - 2021-01-18 00:33 - 000001893 _____ C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitTorrent Web.lnk
2021-01-17 22:33 - 2021-01-17 22:33 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Opera Software
2021-01-17 22:33 - 2021-01-17 22:33 - 000000000 ____D C:\ProgramData\Lavasoft
2021-01-17 22:19 - 2021-01-23 10:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACD Systems
2021-01-17 22:19 - 2021-01-17 22:19 - 000000000 ____D C:\Users\Richard\AppData\Roaming\ACD Systems
2021-01-17 22:19 - 2021-01-17 22:19 - 000000000 ____D C:\Users\Richard\AppData\Local\ACD Systems
2021-01-17 22:19 - 2021-01-17 22:19 - 000000000 ____D C:\ProgramData\ACD Systems
2021-01-17 22:19 - 2021-01-17 22:19 - 000000000 ____D C:\Program Files\Common Files\ACD Systems
2021-01-17 22:19 - 2021-01-17 22:19 - 000000000 ____D C:\Program Files\ACD Systems
2021-01-17 21:57 - 2021-01-17 21:57 - 000000000 ____D C:\Users\Richard\AppData\Local\PeerDistRepub
2021-01-17 21:45 - 2021-01-17 21:45 - 000000000 ____D C:\Users\kioskUser0\AppData\Local\Comms
2021-01-17 21:38 - 2021-02-09 22:51 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-17 21:37 - 2021-01-17 21:40 - 000000000 ____D C:\Users\Richard\AppData\Local\Google
2021-01-17 21:37 - 2021-01-17 21:37 - 000000000 ____D C:\Program Files\Google
2021-01-17 21:37 - 2021-01-17 21:37 - 000000000 ____D C:\Program Files (x86)\Google
2021-01-17 21:30 - 2021-02-05 14:27 - 000000000 ___RD C:\Users\kioskUser0\OneDrive
2021-01-17 21:30 - 2021-01-17 21:30 - 000000000 ____D C:\Users\kioskUser0\AppData\Roaming\Intel Corporation
2021-01-17 21:30 - 2021-01-17 21:30 - 000000000 ____D C:\Users\kioskUser0\AppData\Local\MicrosoftEdge
2021-01-17 21:29 - 2021-01-23 01:42 - 000000000 ____D C:\Users\kioskUser0\AppData\Local\Packages
2021-01-17 21:29 - 2021-01-19 16:23 - 000000000 __SHD C:\Users\kioskUser0\IntelGraphicsProfiles
2021-01-17 21:29 - 2021-01-18 19:23 - 000000000 ____D C:\Users\kioskUser0\AppData\Roaming\Adobe
2021-01-17 21:29 - 2021-01-18 00:37 - 000000000 ____D C:\Users\kioskUser0\AppData\Local\AMD
2021-01-17 21:29 - 2021-01-17 21:29 - 000000000 ___RD C:\Users\kioskUser0\3D Objects
2021-01-17 21:29 - 2021-01-17 21:29 - 000000000 ____D C:\Users\kioskUser0\AppData\Local\VirtualStore
2021-01-17 21:29 - 2021-01-17 21:29 - 000000000 ____D C:\Users\kioskUser0\AppData\Local\Publishers
2021-01-17 21:29 - 2021-01-17 21:29 - 000000000 ____D C:\Users\kioskUser0\AppData\Local\ConnectedDevicesPlatform
2021-01-17 21:22 - 2021-01-25 19:21 - 000000000 ____D C:\Users\Richard\AppData\Local\D3DSCache
2021-01-17 19:02 - 2021-01-23 10:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESI
2021-01-17 19:02 - 2021-01-17 19:02 - 000000000 ____D C:\Users\Richard\Downloads\Juli@-x2v-v1_21
2021-01-17 19:02 - 2021-01-17 19:02 - 000000000 ____D C:\Program Files\ESI
2021-01-17 19:02 - 2021-01-17 19:02 - 000000000 ____D C:\Program Files\DIFX
2021-01-17 19:02 - 2015-09-16 10:25 - 000514792 _____ (ESI Audiotechnik GmbH) C:\WINDOWS\system32\JulaPAN.exe
2021-01-17 19:02 - 2015-09-16 10:25 - 000126696 _____ (ESI Audiotechnik GmbH) C:\WINDOWS\system32\JulaASIO.dll
2021-01-17 19:02 - 2015-09-16 10:25 - 000111336 _____ (ESI Audiotechnik GmbH) C:\WINDOWS\SysWOW64\JulaASIO32.dll
2021-01-17 19:02 - 2015-09-16 10:25 - 000062696 _____ (ESI Audiotechnik GmbH) C:\WINDOWS\system32\Drivers\Jula.sys
2021-01-17 19:02 - 2015-09-16 10:25 - 000045288 _____ (ESI Audiotechnik GmbH) C:\WINDOWS\system32\Drivers\JulaWDM.sys
2021-01-17 18:58 - 2021-01-17 18:58 - 000000000 ____D C:\Users\Richard\AppData\Local\ElevatedDiagnostics
2021-01-17 02:04 - 2021-01-17 02:07 - 000000000 ___HD C:\$SysReset

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-16 16:43 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-16 16:19 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-02-16 16:13 - 2021-01-16 17:27 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-02-16 16:13 - 2021-01-16 17:27 - 000000000 __SHD C:\Users\Richard\IntelGraphicsProfiles
2021-02-16 16:12 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2021-02-16 15:40 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-02-14 20:46 - 2021-01-16 09:18 - 000000000 ____D C:\Users\Richard\AppData\Local\Packages
2021-02-13 01:55 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-13 01:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-12 15:52 - 2021-01-16 09:16 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-02-11 02:05 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-11 02:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-11 02:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-11 02:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-11 02:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-11 02:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-11 02:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-11 02:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-11 02:05 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-11 02:05 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-02-11 00:34 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-11 00:29 - 2021-01-16 09:31 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-11 00:27 - 2021-01-16 09:31 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-01 14:08 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-29 18:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-01-29 15:06 - 2021-01-16 09:43 - 000000000 ____D C:\ProgramData\Package Cache
2021-01-23 10:40 - 2021-01-16 17:32 - 000000000 ____D C:\Program Files\UNP
2021-01-23 10:40 - 2021-01-16 10:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PerformanceTest
2021-01-23 10:40 - 2021-01-16 10:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Software
2021-01-23 10:40 - 2021-01-16 10:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2021-01-23 10:40 - 2021-01-16 09:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2021-01-23 10:40 - 2021-01-16 09:54 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2021-01-23 10:40 - 2021-01-16 09:43 - 000000000 ____D C:\Program Files\Intel
2021-01-23 10:40 - 2019-12-07 10:18 - 000000000 ____D C:\WINDOWS\Setup
2021-01-23 10:40 - 2019-12-07 10:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-01-23 10:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-01-23 10:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\spool
2021-01-23 10:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-01-23 10:40 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-01-23 10:40 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2021-01-23 10:40 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2021-01-23 10:39 - 2021-01-16 11:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UL
2021-01-23 10:39 - 2021-01-16 09:47 - 000000000 ____D C:\Program Files\Realtek
2021-01-23 10:39 - 2021-01-16 09:22 - 000000000 ____D C:\Program Files\ASUS
2021-01-23 10:39 - 2021-01-16 09:21 - 000000000 ____D C:\WINDOWS\system32\AMD
2021-01-23 10:37 - 2019-12-07 10:54 - 000000000 ___SD C:\WINDOWS\system32\AppV
2021-01-23 10:37 - 2019-12-07 10:54 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-23 10:37 - 2019-12-07 10:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-01-23 10:37 - 2019-12-07 10:54 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-01-23 10:37 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-01-23 10:36 - 2019-12-07 10:54 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-01-23 10:36 - 2019-12-07 10:54 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-01-23 10:30 - 2019-12-07 10:52 - 000000000 ____D C:\WINDOWS\OCR
2021-01-23 10:30 - 2019-12-07 10:50 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2021-01-23 10:30 - 2019-12-07 10:50 - 000000000 ____D C:\WINDOWS\system32\WCN
2021-01-23 03:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\appcompat
2021-01-23 02:01 - 2021-01-16 09:35 - 000000000 ____D C:\ProgramData\Packages
2021-01-23 01:46 - 2021-01-16 09:21 - 000000000 ____D C:\Users\Richard\AppData\Local\PlaceholderTileLogoFolder
2021-01-23 01:45 - 2021-01-16 09:58 - 000840598 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2021-01-23 01:45 - 2021-01-16 09:18 - 000000000 ___RD C:\Users\Richard\3D Objects
2021-01-23 01:45 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate
2021-01-23 01:45 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-01-23 01:44 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-23 01:41 - 2021-01-16 17:27 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2021-01-23 01:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-01-23 00:02 - 2021-01-16 09:21 - 000799104 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-01-19 18:53 - 2019-03-19 05:49 - 000000127 _____ C:\WINDOWS\win.ini
2021-01-18 15:36 - 2021-01-16 09:18 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Adobe
2021-01-17 21:21 - 2021-01-16 10:05 - 000000000 ____D C:\Users\Richard\AppData\LocalLow\Mozilla
2021-01-17 18:47 - 2021-01-16 17:27 - 000000000 ____D C:\Intel

==================== Files in the root of some directories ========

2021-02-15 12:45 - 2021-02-15 12:45 - 000000032 _____ () C:\Users\Richard\AppData\Roaming\++.bat
2021-02-15 12:45 - 2021-02-15 12:45 - 000005120 _____ (Microsoft) C:\Users\Richard\AppData\Roaming\0.exe
2021-02-15 12:45 - 2021-02-15 12:45 - 000188416 _____ (NirSoft) C:\Users\Richard\AppData\Roaming\1.exe
2021-02-15 12:49 - 2021-02-15 12:49 - 000000086 _____ () C:\Users\Richard\AppData\Roaming\remoteclient.ini
2021-02-15 12:45 - 2021-02-15 12:45 - 000505093 _____ () C:\Users\Richard\AppData\Roaming\sex.txt
2021-02-15 12:44 - 2021-02-15 12:44 - 000015872 _____ (Microsoft) C:\Users\Richard\AppData\Roaming\specific.exe
2021-02-15 12:48 - 2021-02-15 12:48 - 000458752 _____ () C:\Users\Richard\AppData\Local\sqlite_pass

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-02-2021
Ran by Richard (16-02-2021 18:08:28)
Running from C:\Users\Richard\OneDrive\Počítač
Windows 10 Pro Version 20H2 19042.804 (X64) (2021-01-23 00:45:03)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3697634085-1141814390-3545286870-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3697634085-1141814390-3545286870-503 - Limited - Disabled)
Guest (S-1-5-21-3697634085-1141814390-3545286870-501 - Limited - Disabled)
Katinka (S-1-5-21-3697634085-1141814390-3545286870-1008 - Limited - Enabled) => C:\Users\Katinka
Richard (S-1-5-21-3697634085-1141814390-3545286870-1001 - Administrator - Enabled) => C:\Users\Richard
WDAGUtilityAccount (S-1-5-21-3697634085-1141814390-3545286870-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DMark (HKLM\...\{C11C8EB4-326A-4224-9424-45DDC2623322}) (Version: 2.16.7117.0 - UL) Hidden
3DMark (HKLM-x32\...\{a0974e13-e65d-475e-99e6-2bbaf41bbdd7}) (Version: 2.16.7117.0 - UL)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
ACDSee Photo Studio Ultimate 2020 (HKLM\...\ACDSee Photo Studio Ultimate 2020) (Version: 13.0.1.2023 - ACD Systems International Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.11.2 - Advanced Micro Devices, Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
BitTorrent (HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\BitTorrent) (Version: 7.10.5.45857 - BitTorrent Inc.)
BitTorrent Web (HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\btweb) (Version: 1.1.3 - BitTorrent, Inc.)
Branding64 (HKLM\...\{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden
BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
Copy (HKLM-x32\...\{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
CrystalDiskInfo 8.10.0 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.10.0 - Crystal Dew World)
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F4200_Software_Min (HKLM-x32\...\{CFA33E6D-2D7D-4785-8025-974398E940D1}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 140.0.185.000 - Hewlett-Packard) Hidden
F4200 (HKLM-x32\...\{C86E1E36-6D30-4834-9C85-5501F31F7BB4}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
F4200_NCL_Help (HKLM-x32\...\{367E84FF-D436-4513-A237-FF638B048761}) (Version: 110.0.206.000 - Hewlett-Packard) Hidden
Futuremark SystemInfo (HKLM-x32\...\{F608ED5F-3818-4F87-A277-E52E8790C039}) (Version: 5.35.871.0 - Futuremark)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.150 - Google LLC)
GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F4200 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{8C925017-72A8-4C4A-AF21-84901E26638F}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
HWiNFO64 Version 6.40 (HKLM\...\HWiNFO64_is1) (Version: 6.40 - Martin Malik - REALiX)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.6.1194 - Intel Corporation)
Intel(R) Network Connections 20.1.2019.0 (HKLM\...\PROSetDX) (Version: 20.1.2019.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{B294CE94-FE0F-4427-910C-180AF9FCFED1}) (Version: 1.0.1.620 - Intel Corporation)
Juli@ PCI Driver version v1.2.1.0 (HKLM\...\{2C649BA4-D482-408F-9148-2EC10E1E3193}_is1) (Version: v1.2.1.0 - ESI-Audiotechnik)
Kodi (HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\Kodi) (Version: - XBMC Foundation)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
MarketResearch (HKLM-x32\...\{D360FA88-17C8-4F14-B67F-13AAF9607B12}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.68 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - )
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Volume - cs-cz) (Version: 16.0.13628.20380 - Microsoft Corporation)
Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 21.002.0104.0005 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Mozilla Firefox 84.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 84.0.2 (x64 en-US)) (Version: 84.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 84.0.2 - Mozilla)
MuseScore 3 (HKLM\...\{778D5D3D-5448-40F4-AACC-47D443C3E8A1}) (Version: 3.4.2.9788 - Werner Schweer and Others)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20380 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Opera Stable 74.0.3911.107 (HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\Opera 74.0.3911.107) (Version: 74.0.3911.107 - Opera Software)
PerformanceTest v10.0 (HKLM\...\PerformanceTest 10_is1) (Version: 10.0.1010.0 - Passmark Software)
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 210201 - Kakao Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7848 - Realtek Semiconductor Corp.)
Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
Scribus 1.4.8 (HKLM-x32\...\Scribus 1.4.8) (Version: 1.4.8 - The Scribus Team)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype verzia 8.68 (HKLM-x32\...\Skype_is1) (Version: 8.68 - Skype Technologies S.A.)
SolutionCenter (HKLM-x32\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden
Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.342.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steinberg Cubase 5 (HKLM-x32\...\{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}) (Version: 5.1.0 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 1.0.0.1 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg HALionOne (HKLM-x32\...\{E70E7159-93B1-470D-9FBD-D8E9EF34B538}) (Version: 1.1.0.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Additional Content Set 01 (HKLM-x32\...\{F3AFD063-8BAD-485E-B641-E7F5A2C5AE71}) (Version: 1.0.0.001 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Expression Set (HKLM-x32\...\{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}) (Version: 1.0.1.0 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Drum Set (HKLM-x32\...\{AC997F93-0757-4ED4-A701-F40C2D654D09}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Set (HKLM-x32\...\{F057965A-D974-4C64-ADB1-4381CD4B8956}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Pro Set (HKLM-x32\...\{D82CDA0D-C182-42C8-8FF2-5649C98D6003}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Drum Set (HKLM-x32\...\{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Set (HKLM-x32\...\{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content (HKLM-x32\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 1.0.0.005 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 1.0.0.006 - Steinberg Media Technologies GmbH)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.14.5 - TeamViewer)
Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.596.000 - Hewlett-Packard) Hidden
Trackmania Turbo (HKLM-x32\...\Uplay Install 2070) (Version: - Ubisoft)
Transmission 3.00 (bb6b5a062e) (x64) (HKLM\...\{B206C51C-27D2-4251-95E2-B4B28DE80633}) (Version: 3.00.0 - Transmission Project)
TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 117.0.10324 - Ubisoft)
VEGAS Pro 18.0 (HKLM\...\{75111FE1-CE55-11EA-8B12-00155D43CFCE}) (Version: 18.0.284 - VEGAS)
Video Comparer Win64 (HKLM-x32\...\{6a43795f-0427-4e7b-a1f0-fb351c9c6491}) (Version: 1.7.2 - Video Comparer)
Video Comparer Win64 1.07.002 (HKLM\...\{2ABEE3D8-00C2-4A44-AA66-C7F192D7E4EC}) (Version: 1.07.002 - Video Comparer) Hidden
Web Companion (HKLM-x32\...\{b4a59e41-cba2-46c7-a99b-8a80a0017024}) (Version: 7.0.2388.4219 - Lavasoft)
WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.297.017 - Hewlett-Packard) Hidden
Webshare klient (HKLM-x32\...\Webshare klient) (Version: - )
Windows Driver Package - ESI (Jula.sys) MEDIA (09/16/2015 1.2.1.0) (HKLM\...\9351121A70A5DD84065790FA90941B0BB03521DA) (Version: 09/16/2015 1.2.1.0 - ESI)
WinRAR 5.90 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\ZoomUMX) (Version: 5.4.9 (59931.0110) - Zoom Video Communications, Inc.)

Packages:
=========
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_1.1911.21713.0_x64__8wekyb3d8bbwe [2021-01-27] (Microsoft Corporation)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2021-01-27] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2021-01-23] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2021-02-01] (Microsoft Studios) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.25.20211.0_x64__8wekyb3d8bbwe [2021-01-23] (Microsoft Corporation) [MS Ad]
Rozšírenie pre video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2021-01-17] (Microsoft Corporation)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c [2021-02-01] (Skype)
Your Phone -> C:\Program Files\WindowsApps\Microsoft.YourPhone_0.19051.7.0_x64__8wekyb3d8bbwe [2021-02-01] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3697634085-1141814390-3545286870-1001_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\20.201.1005.0009_1\MicrosoftListSync.exe" => No File
CustomCLSID: HKU\S-1-5-21-3697634085-1141814390-3545286870-1001_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\20.201.1005.0009_1\MicrosoftListSync.exe" => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-02-16] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.002.0104.0005\amd64\FileSyncShell64.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-02-16] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-07-19 23:31 - 2020-08-03 08:04 - 000003073 _____ () [File not signed] C:\Program Files\VEGAS\VEGAS Pro 18.0\Protein\Protein_x64.4.1.dll
2021-01-16 09:22 - 2021-02-16 16:13 - 000036648 _____ (ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2009-11-17 22:58 - 2009-11-17 22:58 - 000342656 _____ (Hewlett Packard -> Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqmif08.dll
2009-11-17 22:58 - 2009-11-17 22:58 - 000559232 _____ (Hewlett Packard -> Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusg.dll
2012-05-27 16:44 - 2012-05-27 16:44 - 000015360 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.rsc
2011-04-29 11:34 - 2011-04-29 11:34 - 000927232 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsem08.rsc
2011-04-29 11:34 - 2011-04-29 11:34 - 000012288 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqstp08.rsc
2011-04-29 19:08 - 2011-04-29 19:08 - 000048128 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc
2010-08-06 11:15 - 2010-08-06 11:15 - 000079872 _____ (Hewlett-Packard) [File not signed] C:\WINDOWS\System32\HPZidr12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000054784 _____ (Hewlett-Packard) [File not signed] C:\WINDOWS\SYSTEM32\hpzipr12.dll
2015-06-23 16:00 - 2015-06-23 16:00 - 000285696 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2015-06-23 16:00 - 2015-06-23 16:00 - 000562688 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2020-07-19 23:31 - 2020-07-19 23:31 - 000367104 _____ (MAGIX Software GmbH) [File not signed] C:\Program Files\VEGAS\VEGAS Pro 18.0\Online\MagixOFA-en.dll
2017-05-22 22:27 - 2017-05-22 22:27 - 000145408 _____ (Michael Tippach) [File not signed] C:\Program Files (x86)\ASIO4ALL v2\asio4all64.dll
2020-07-19 23:20 - 2020-07-19 23:20 - 001035264 _____ (Sony B&P Research Labs) [File not signed] C:\Program Files\VEGAS\VEGAS Pro 18.0\FileIO Plug-Ins\mxfhdcamsrplug\mp4decoder_dll.dll
2020-07-19 23:20 - 2020-07-19 23:20 - 001880576 _____ (Sony B&P Research Labs) [File not signed] C:\Program Files\VEGAS\VEGAS Pro 18.0\FileIO Plug-Ins\mxfhdcamsrplug\mp4encoder_dll.dll
2020-07-19 23:20 - 2020-07-19 23:20 - 002084352 _____ (Sony Corporation) [File not signed] C:\Program Files\VEGAS\VEGAS Pro 18.0\FileIO Plug-Ins\mxfhdcamsrplug\SMDK-VC110-x64-4_0_0.dll
2020-07-19 23:20 - 2020-07-19 23:20 - 001455616 _____ (Sony Corporation) [File not signed] C:\Program Files\VEGAS\VEGAS Pro 18.0\FileIO Plug-Ins\mxfplug\SMDK-VC110-x86-4_0_0.dll
2020-07-19 23:20 - 2020-07-19 23:20 - 000221184 _____ (Sony Corporation) [File not signed] C:\Program Files\VEGAS\VEGAS Pro 18.0\FileIO Plug-Ins\mxfplug\sonymvd4.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=BT171002&iDate=2021-01-17 09:34:10&iid=3b49db3c-48f5-4258-af00-dcbcede4dcff&bName=
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-31] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT
HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3697634085-1141814390-3545286870-1008\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.100.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\StartupApproved\Run: => "btweb"
HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\StartupApproved\Run: => "Opera Browser Assistant"
HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\StartupApproved\Run: => "Web Companion"
HKU\S-1-5-21-3697634085-1141814390-3545286870-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B64A91DA-D9C7-49DB-BE96-9A190FF95EEC}] => (Allow) C:\Users\Richard\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{D72D9B09-5198-4D7E-AE1A-5DEE4EDCFCA2}] => (Allow) C:\Users\Richard\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{9B0924C2-730A-4B7F-BD44-ACEC2E6A67FB}] => (Allow) C:\Users\Richard\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{1B566F4C-3F0F-417B-B643-03B9F23EA465}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{19340763-4C30-4AC0-9806-983EF7A8F227}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{A198A8F0-2924-4D58-BF0B-D9486BE51922}C:\users\richard\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\richard\appdata\roaming\bittorrent\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{F878BB44-DE8C-4254-8000-D1435EC57AF1}C:\users\richard\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\richard\appdata\roaming\bittorrent\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{D911B001-A672-4A1D-A041-377CE9DBF3C9}C:\users\richard\appdata\roaming\bittorrent web\btweb.exe] => (Allow) C:\users\richard\appdata\roaming\bittorrent web\btweb.exe (Jenkins Win Client Build CA -> BitTorrent Inc.) [File not signed]
FirewallRules: [TCP Query User{085597F5-B5C5-4453-8D9F-A3F8AE5434EB}C:\users\richard\appdata\roaming\bittorrent web\btweb.exe] => (Allow) C:\users\richard\appdata\roaming\bittorrent web\btweb.exe (Jenkins Win Client Build CA -> BitTorrent Inc.) [File not signed]
FirewallRules: [TCP Query User{2EDEA5AB-EFD8-4D1A-9D5A-AA5873489F13}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{3CCA6878-55E6-4A5E-A665-17C996641F4A}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{3141937D-2BC9-4784-929C-578D788A610F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{C3FEE606-E841-4E3B-8FE2-280B7E829FF3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{12C6A28E-305A-4451-A200-6067F74AAB75}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{D6D8BCB9-E791-41E6-B5B1-8845B4404933}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{6F1D6EE4-04BE-4B00-AC17-2FBE95D4EB1E}C:\program files\transmission\transmission-qt.exe] => (Allow) C:\program files\transmission\transmission-qt.exe (SignPath Foundation -> Transmission Project)
FirewallRules: [UDP Query User{C27F2C55-47B6-47C4-AFE9-3ADF5323C0AD}C:\program files\transmission\transmission-qt.exe] => (Allow) C:\program files\transmission\transmission-qt.exe (SignPath Foundation -> Transmission Project)
FirewallRules: [{870859CE-4E48-4FE2-88A0-68DE135D7475}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{788A5923-AB56-4E5D-A1DF-2DF0F19B771C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{CEC4BB71-49CA-4B82-8E29-9143A641E7E8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1D4FF73F-DB2B-45E9-B8DA-CBDCAEBD547E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1F2E61F7-F25C-45AA-94C8-AB196B0A5C99}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{21AB2924-6B77-4428-B45A-33ECAC23D207}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{D685C368-FC26-4B74-BCCD-9B99E5C565AB}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{09361179-AD4C-429A-81E6-00E3721F8FB4}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7720DACE-C3CE-4025-A885-8A9E242DAA4F}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{99CE45D0-E597-4BEF-8AB0-1FFCE4F18817}] => (Allow) C:\Users\Richard\AppData\Local\Programs\Opera\74.0.3911.107\opera.exe (Opera Software AS -> Opera Software)

==================== Restore Points =========================

11-02-2021 00:29:20 Windows Modules Installer

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/16/2021 06:00:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: mbamtray.exe, verzia: 4.0.0.897, časová značka: 0x6019d411
Názov chybujúceho modulu: Qt5Core.dll, verzia: 5.14.1.0, časová značka: 0x5f84e8d4
Kód výnimky: 0xc0000005
Odstup chyby: 0x0000000000219dc5
Identifikácia chybujúceho procesu: 0x2998
Čas spustenia chybujúcej aplikácie: 0x01d7047ca8f602b1
Cesta chybujúcej aplikácie: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Cesta chybujúceho modulu: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Identifikácia hlásenia: 50024c4b-6ef9-49da-a28c-37ff741dc759
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (02/16/2021 02:10:34 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-PUNF98O)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (02/15/2021 01:49:17 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-PUNF98O)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (02/14/2021 01:58:58 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť retrim v Giant (D:), pretože: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (02/14/2021 01:58:41 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť retrim v Supernova (E:), pretože: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (02/08/2021 09:08:51 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-PUNF98O)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (02/07/2021 02:31:08 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť retrim v Giant (D:), pretože: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (02/07/2021 02:30:51 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť retrim v Supernova (E:), pretože: The operation requested is not supported by the hardware backing the volume. (0x8900002A)


System errors:
=============
Error: (02/16/2021 10:08:39 AM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Filter Manager failed to attach to volume '\Device\HarddiskVolume7'. This volume will be unavailable for filtering until a reboot. The final status was 0xc03a001c.

Error: (02/16/2021 10:08:39 AM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Filter Manager failed to attach to volume '\Device\HarddiskVolume7'. This volume will be unavailable for filtering until a reboot. The final status was 0xc03a001c.

Error: (02/16/2021 10:08:39 AM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Filter Manager failed to attach to volume '\Device\HarddiskVolume7'. This volume will be unavailable for filtering until a reboot. The final status was 0xc03a001c.

Error: (02/16/2021 10:08:39 AM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Filter Manager failed to attach to volume '\Device\HarddiskVolume7'. This volume will be unavailable for filtering until a reboot. The final status was 0xc03a001c.

Error: (02/16/2021 10:08:39 AM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Filter Manager failed to attach to volume '\Device\HarddiskVolume7'. This volume will be unavailable for filtering until a reboot. The final status was 0xc03a001c.

Error: (02/16/2021 10:08:39 AM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Filter Manager failed to attach to volume '\Device\HarddiskVolume7'. This volume will be unavailable for filtering until a reboot. The final status was 0xc03a001c.

Error: (02/16/2021 10:08:39 AM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Filter Manager failed to attach to volume '\Device\HarddiskVolume7'. This volume will be unavailable for filtering until a reboot. The final status was 0xc03a001c.

Error: (02/16/2021 10:08:39 AM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Filter Manager failed to attach to volume '\Device\HarddiskVolume7'. This volume will be unavailable for filtering until a reboot. The final status was 0xc03a001c.

Windows Defender:
================
Date: 2021-02-16 10:15:32
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: PUA:Win32/ICBundler
ID: 286849
Severity: Low
Category: Potentially Unwanted Software
Path: file:_C:\Users\Richard\Downloads\BitTorrent.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Users\Richard\OneDrive\Poc�tac\FRST64.exe
Security intelligence Version: AV: 1.331.1118.0, AS: 1.331.1118.0, NIS: 1.331.1118.0
Engine Version: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-02-15 12:54:58
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Backdoor:MSIL/Bladabindi
ID: 2147678468
Severity: Severe
Category: Backdoor
Path: file:_C:\Users\Richard\AppData\Local\Temp\Rar$EXb11628.7908\SETUP.exe; process:_pid:12088,ProcessStart:132578628549820755
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: System
Process Name: C:\Users\Richard\AppData\Local\Temp\Rar$EXb11628.7908\SETUP.exe
Security intelligence Version: AV: 1.331.1036.0, AS: 1.331.1036.0, NIS: 1.331.1036.0
Engine Version: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-02-15 12:54:57
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Backdoor:MSIL/Bladabindi
ID: 2147678468
Severity: Severe
Category: Backdoor
Path: file:_C:\Users\Richard\AppData\Local\Temp\Rar$EXb11628.7908\SETUP.exe; process:_pid:12088,ProcessStart:132578628549820755
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Users\Richard\AppData\Local\Temp\Rar$EXb11628.7908\SETUP.exe
Security intelligence Version: AV: 1.331.1036.0, AS: 1.331.1036.0, NIS: 1.331.1036.0
Engine Version: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-02-15 12:54:37
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Backdoor:MSIL/Bladabindi
ID: 2147678468
Severity: Severe
Category: Backdoor
Path: file:_C:\Users\Richard\AppData\Local\Temp\Rar$EXb11628.7908\SETUP.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\System32\taskhostw.exe
Security intelligence Version: AV: 1.331.1036.0, AS: 1.331.1036.0, NIS: 1.331.1036.0
Engine Version: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-02-15 12:49:46
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Trojan:Win32/Dynamer!dtc
ID: 2147638124
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Richard\AppData\Roaming\remoteclient.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Users\Richard\AppData\Local\Temp\Rar$EXb11628.7908\SETUP.exe
Security intelligence Version: AV: 1.331.1036.0, AS: 1.331.1036.0, NIS: 1.331.1036.0
Engine Version: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-02-15 12:49:26
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Backdoor:MSIL/Quasar.GG!MTB
ID: 2147772079
Severity: Severe
Category: Backdoor
Path: file:_C:\Users\Richard\AppData\Local\Temp\tmpB31A.tmp.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Users\Richard\AppData\Local\Temp\Rar$EXb11628.7908\SETUP.exe
Security intelligence Version: AV: 1.331.1036.0, AS: 1.331.1036.0, NIS: 1.331.1036.0
Engine Version: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-02-15 12:48:32
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: Program:Win32/Wacapew.C!ml
ID: 265744
Severity: Low
Category: Potentially Unwanted Software
Path: file:_C:\Users\Richard\AppData\Roaming\xxxx.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Users\Richard\AppData\Roaming\xxxx.exe
Security intelligence Version: AV: 1.331.1036.0, AS: 1.331.1036.0, NIS: 1.331.1036.0
Engine Version: AM: 1.1.17800.5, NIS: 1.1.17800.5

CodeIntegrity:
===============
Date: 2021-02-16 16:59:09
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Users\Richard\AppData\Local\Programs\Opera\74.0.3911.107\opera.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 2801 11/11/2015
Motherboard: ASUSTeK COMPUTER INC. Z97-AR
Processor: Intel(R) Core(TM) i5-4690K CPU @ 3.50GHz
Percentage of memory in use: 64%
Total physical RAM: 7867.52 MB
Available physical RAM: 2767.45 MB
Total Virtual: 10299.52 MB
Available Virtual: 4031.76 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:223 GB) (Free:146.89 GB) NTFS
Drive d: (Giant) (Fixed) (Total:3725.9 GB) (Free:815.77 GB) NTFS
Drive e: (Supernova) (Fixed) (Total:5588.9 GB) (Free:2664.04 GB) NTFS

\\?\Volume{0af65774-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.57 GB) (Free:0.12 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 0AF65774)
Partition 1: (Active) - (Size=579 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Protective MBR) (Size: 5589 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (Size: 3726 GB) (Disk ID: 44C00C96)

Partition: GPT.

==================== End of Addition.txt =======================



==================== End of FRST.txt ========================

Re: Win Zabezpecenie Zavazna hrozba

Napsal: 16 úno 2021 19:03
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {14CA1CEF-3318-47B7-86D2-2ECBC74E5372} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-17] (Google LLC -> Google LLC)
Task: {D793B4FB-3A77-493F-8A0D-EAFD24C68C7E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-17] (Google LLC -> Google LLC)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\DumpStack.log.tmp
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
CustomCLSID: HKU\S-1-5-21-3697634085-1141814390-3545286870-1001_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\20.201.1005.0009_1\MicrosoftListSync.exe" => No File
CustomCLSID: HKU\S-1-5-21-3697634085-1141814390-3545286870-1001_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\20.201.1005.0009_1\MicrosoftListSync.exe" => No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [{B64A91DA-D9C7-49DB-BE96-9A190FF95EEC}] => (Allow) C:\Users\Richard\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{D72D9B09-5198-4D7E-AE1A-5DEE4EDCFCA2}] => (Allow) C:\Users\Richard\AppData\Roaming\Zoom\bin\airhost.exe => No File
C:\Users\Richard\AppData\Local\Temp\Rar$EXb11628.7908\SETUP.exe
C:\Users\Richard\AppData\Roaming\remoteclient.exe
C:\Users\Richard\AppData\Local\Temp\tmpB31A.tmp.exe
C:\Users\Richard\AppData\Roaming\xxxx.exe

EmptyTemp:
End
Uložte do C:\Users\Richard\OneDrive\Počítač jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Win Zabezpecenie Zavazna hrozba

Napsal: 16 úno 2021 19:23
od valachmar
Fix result of Farbar Recovery Scan Tool (x64) Version: 14-02-2021
Ran by Richard (16-02-2021 19:20:11) Run:1
Running from C:\Users\Richard\OneDrive\Počítač
Loaded Profiles: Richard & Katinka
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {14CA1CEF-3318-47B7-86D2-2ECBC74E5372} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-17] (Google LLC -> Google LLC)
Task: {D793B4FB-3A77-493F-8A0D-EAFD24C68C7E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-17] (Google LLC -> Google LLC)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\DumpStack.log.tmp
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
CustomCLSID: HKU\S-1-5-21-3697634085-1141814390-3545286870-1001_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\20.201.1005.0009_1\MicrosoftListSync.exe" => No File
CustomCLSID: HKU\S-1-5-21-3697634085-1141814390-3545286870-1001_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\20.201.1005.0009_1\MicrosoftListSync.exe" => No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [{B64A91DA-D9C7-49DB-BE96-9A190FF95EEC}] => (Allow) C:\Users\Richard\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{D72D9B09-5198-4D7E-AE1A-5DEE4EDCFCA2}] => (Allow) C:\Users\Richard\AppData\Roaming\Zoom\bin\airhost.exe => No File
C:\Users\Richard\AppData\Local\Temp\Rar$EXb11628.7908\SETUP.exe
C:\Users\Richard\AppData\Roaming\remoteclient.exe
C:\Users\Richard\AppData\Local\Temp\tmpB31A.tmp.exe
C:\Users\Richard\AppData\Roaming\xxxx.exe

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{14CA1CEF-3318-47B7-86D2-2ECBC74E5372}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14CA1CEF-3318-47B7-86D2-2ECBC74E5372}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D793B4FB-3A77-493F-8A0D-EAFD24C68C7E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D793B4FB-3A77-493F-8A0D-EAFD24C68C7E}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKU\S-1-5-21-3697634085-1141814390-3545286870-1001_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1} => removed successfully
HKU\S-1-5-21-3697634085-1141814390-3545286870-1001_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2} => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B64A91DA-D9C7-49DB-BE96-9A190FF95EEC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D72D9B09-5198-4D7E-AE1A-5DEE4EDCFCA2}" => removed successfully
"C:\Users\Richard\AppData\Local\Temp\Rar$EXb11628.7908\SETUP.exe" => not found
"C:\Users\Richard\AppData\Roaming\remoteclient.exe" => not found
"C:\Users\Richard\AppData\Local\Temp\tmpB31A.tmp.exe" => not found
"C:\Users\Richard\AppData\Roaming\xxxx.exe" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 7626752 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 100822007 B
Java, Flash, Steam htmlcache => 57620500 B
Windows/system/drivers => 74032482 B
Edge => 1544935 B
Chrome => 883838192 B
Firefox => 737444116 B
Opera => 119209009 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 312545 B
LocalService => 336741 B
NetworkService => 423723 B
Richard => 88743785 B
kioskUser0 => 88764432 B
Katinka => 144098446 B

RecycleBin => 123263 B
EmptyTemp: => 2.1 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 16-02-2021 19:21:43)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 19:21:43 ====

Re: Win Zabezpecenie Zavazna hrozba

Napsal: 16 úno 2021 20:10
od Rudy
Smazáno. Nastala nějaká změna?

Re: Win Zabezpecenie Zavazna hrozba

Napsal: 17 úno 2021 09:09
od valachmar
Dnes rano sa spustili Malware bytes a zasa nasli 13 hrozeb, tak som ich dal do karanteny.
A Office mi hlasi ze nie je aktivovany a pritom je.

Re: Win Zabezpecenie Zavazna hrozba

Napsal: 17 úno 2021 10:24
od Rudy
Udělejte sken AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 . Utilitu stáhněte, spusťte, nechte pracovat a po skončení akce smažte vše, co najde. Nakonec restartujte.

Re: Win Zabezpecenie Zavazna hrozba

Napsal: 17 úno 2021 13:17
od valachmar
S AVPTool skontrolovane, 3 hrozby odstranene a po restarte vyzera byt vsetko OK

Re: Win Zabezpecenie Zavazna hrozba

Napsal: 17 úno 2021 14:29
od Rudy
OK, zřejmě tam bylo něco skryto, co jsem neviděl v logu FRST. Jsem rád, že je vše v pořádku.

Re: Win Zabezpecenie Zavazna hrozba

Napsal: 17 úno 2021 14:32
od valachmar
Este raz velka vdaka
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz