VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

PROSÍM O KONTROLU

https://forum.viry.cz:443/viewtopic.php?t=158167

Stránka 1 z 2

PROSÍM O KONTROLU

Napsal: 03 črc 2021 18:09
od bigmuff
...poprosil bych o kontrolu logu, zdá se pomalejší načítání wwww

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-07-2021
Ran by rossu (administrator) on DESKTOP-D47UQCR (Acer Aspire ES1-731G) (03-07-2021 18:55:29)
Running from C:\Users\rossu\Desktop
Loaded Profiles: rossu
Platform: Windows 10 Home Version 21H1 19043.1081 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Crystal Rich Ltd -> Crystal Rich Ltd) C:\Users\rossu\Desktop\USB.Safely.Remove.6.3.3.1287.Portable\USB.Safely.Remove.6.3.3.1287.Portable.KaranPC\App\USBSafelyRemove\USBSRService.exe
(FOXIT SOFTWARE INC. -> Foxit Software Inc.) D:\program\Foxit Reader\FoxitPDFReaderUpdateService.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <14>
(GuinpinSoft inc) [File not signed] C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.0.0_x64.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.BingWeather_4.46.31121.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1139899892-52648791-3838483249-1001\...\Run: [qBittorrent] => D:\program\qBittorrent\qbittorrent.exe [26243584 2021-03-24] () [File not signed]
HKU\S-1-5-21-1139899892-52648791-3838483249-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [50041472 2021-03-12] (Google LLC -> )
HKLM\...\Windows x64\Print Processors\hpzpplhn: C:\Windows\System32\spool\prtprocs\x64\hpzpplhn.dll [109288 2018-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\LIDIL hpzlllhn: C:\Windows\system32\hpzlllhn.dll [58112 2018-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\91.0.4472.124\Installer\chrmstp.exe [2021-07-01] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0CB44164-65ED-4C0A-90E0-87ED4B27EF92} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-07] (Google LLC -> Google LLC)
Task: {2388C49E-5511-434E-A41C-84DA05C917FD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8F3F6A8D-9659-4C22-975F-1B374FD489ED} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AEFA9185-36E6-4815-AA34-683A744106B8} - System32\Tasks\2BrightSparks\SyncBackFree\DESKTOP-D47UQCR-rossu\SyncBackFree dok => D:\program\SyncBackFree\SyncBackFree.exe
Task: {BFB844D9-07E8-4231-8C37-22F04DCAFE9F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CD15A292-6438-4597-BB3D-87DBE6C49C68} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {d189c7f6-7931-40b2-a757-1176d46d84cb} - no filepath
Task: {DB99098A-0A0C-44BB-9604-FDF58BE8E2FF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-07] (Google LLC -> Google LLC)
Task: {F0EBF400-513C-48DB-9864-34CC9DD45189} - System32\Tasks\JumpingBytes\PureSyncElvrossu => D:\program\puresync\PureSyncHelper.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{dfb078ce-395a-4416-87a0-d2f936c96fe4}: [DhcpNameServer] 192.168.0.1 0.0.0.0

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\rossu\AppData\Local\Microsoft\Edge\User Data\Default [2021-07-03]
Edge Notifications: Default -> hxxps://meet.google.com
Edge DefaultSearchURL: Default -> hxxps://fonts.gstatic.com/s/i/productlogos/meet_2020q4/v1/web-24dp/logo_meet_2020q4_color_1x_web_24dp.png
Edge Extension: (Outlook) - C:\Users\rossu\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2021-02-07]
Edge Extension: (Meet – dnz-rrzn-fez) - C:\Users\rossu\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fmddlnfcbciialbgokphhkjppiaakbld [2021-04-07]
Edge Extension: (Word) - C:\Users\rossu\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2021-02-07]
Edge Extension: (Excel) - C:\Users\rossu\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2021-02-07]
Edge Extension: (PowerPoint) - C:\Users\rossu\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf [2021-02-07]

FireFox:
========
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> D:\PROGRAM\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2021-05-19] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> D:\PROGRAM\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2021-05-19] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> D:\PROGRAM\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2021-05-19] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> D:\PROGRAM\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2021-05-19] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> D:\PROGRAM\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2021-05-19] (FOXIT SOFTWARE INC. -> Foxit Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\rossu\AppData\Local\Google\Chrome\User Data\Default [2021-07-03]
CHR Notifications: Default -> hxxps://aukro.cz; hxxps://calendar.google.com; hxxps://click-to-continue.shop; hxxps://cz.pinterest.com; hxxps://mobiltown.cz; hxxps://mosgensovet.ru; hxxps://playfmrussia.ru; hxxps://www.b2bpartner.cz; hxxps://www.facebook.com; hxxps://www.tajnepusinky.com; hxxps://zipdi.spleasedon.fun; hxxps://zvzws.spleasedon.fun
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Extension: (Překladač Google) - C:\Users\rossu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2021-02-07]
CHR Extension: (Prezentace) - C:\Users\rossu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-02-07]
CHR Extension: (Dokumenty) - C:\Users\rossu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-02-07]
CHR Extension: (Disk Google) - C:\Users\rossu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-02-07]
CHR Extension: (YouTube) - C:\Users\rossu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-02-07]
CHR Extension: (Tabulky) - C:\Users\rossu\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-02-07]
CHR Extension: (AddToAny: Share Anywhere) - C:\Users\rossu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffpgijchhhkhnokafdeklpllijgnbche [2021-04-26]
CHR Extension: (Dokumenty Google offline) - C:\Users\rossu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-24]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\rossu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-06-23]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\rossu\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-04-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\rossu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-07]
CHR Extension: (Gmail) - C:\Users\rossu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-02-07]
CHR Extension: (Chrome Media Router) - C:\Users\rossu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-05-30]
CHR Profile: C:\Users\rossu\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-02-07]
CHR Profile: C:\Users\rossu\AppData\Local\Google\Chrome\User Data\System Profile [2021-02-22]
CHR HKU\S-1-5-21-1139899892-52648791-3838483249-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\rossu\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2021-04-27]
CHR HKU\S-1-5-21-1139899892-52648791-3838483249-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 CdRomArbiterService; C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.0.0_x64.exe [8704 2021-04-11] (GuinpinSoft inc) [File not signed]
R2 FoxitReaderUpdateService; D:\PROGRAM\FOXIT READER\FoxitPDFReaderUpdateService.exe [2357880 2021-05-18] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 USBSafelyRemoveService; C:\Users\rossu\Desktop\USB.Safely.Remove.6.3.3.1287.Portable\USB.Safely.Remove.6.3.3.1287.Portable.KaranPC\App\USBSafelyRemove\USBSRService.exe [1752552 2020-06-26] (Crystal Rich Ltd -> Crystal Rich Ltd)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe [2644776 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe [136656 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 IObitUnlocker; D:\program\IObit Unlocker\IObitUnlocker.sys [39000 2020-10-10] (IObit CO., LTD -> IObit Information Technology)
R3 MpKsl334d8b39; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B74E20FF-A6AF-41E0-A999-959CD22A533A}\MpKslDrv.sys [107752 2021-07-03] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49568 2021-06-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [425184 2021-06-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [76000 2021-06-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-07-03 18:55 - 2021-07-03 18:57 - 000015135 _____ C:\Users\rossu\Desktop\FRST.txt
2021-07-03 18:54 - 2021-07-03 18:54 - 002300928 _____ (Farbar) C:\Users\rossu\Desktop\FRST64.exe
2021-07-03 16:37 - 2021-07-03 16:37 - 000000000 ____D C:\Users\rossu\AppData\Local\WhyNotWin11
2021-07-03 16:36 - 2021-07-03 16:54 - 000000000 ____D C:\Users\rossu\Downloads\bluescreenview
2021-07-03 16:01 - 2021-07-03 16:03 - 002375420 _____ C:\Windows\Minidump\070321-17187-01.dmp
2021-07-02 17:23 - 2021-07-03 16:01 - 687176714 _____ C:\Windows\MEMORY.DMP
2021-07-02 17:23 - 2021-07-02 17:23 - 002226772 _____ C:\Windows\Minidump\070221-22421-01.dmp
2021-06-30 20:52 - 2021-06-30 20:52 - 000002581 _____ C:\Users\rossu\Desktop\SyncToy 2.1.lnk
2021-06-30 20:52 - 2021-06-30 20:52 - 000002581 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SyncToy 2.1.lnk
2021-06-30 20:51 - 2021-06-30 20:51 - 000000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2021-06-29 20:30 - 2021-06-29 20:43 - 000000000 ____D C:\Users\rossu\Desktop\Nová složka
2021-06-28 21:31 - 2021-06-28 21:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.1
2021-06-28 21:23 - 2021-06-28 21:23 - 000000000 ____D C:\Users\rossu\AppData\Roaming\VS Revo Group
2021-06-28 15:26 - 2021-06-28 15:26 - 000000000 ____D C:\Users\rossu\AppData\Roaming\HP
2021-06-28 15:26 - 2021-06-28 15:26 - 000000000 ____D C:\ProgramData\WEBREG
2021-06-28 15:25 - 2021-06-28 15:25 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2021-06-28 15:24 - 2021-06-28 15:24 - 000001056 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registrace I.R.I.S. OCR.lnk
2021-06-28 15:24 - 2021-06-28 15:24 - 000000000 ____D C:\Windows\SysWOW64\spool
2021-06-28 15:24 - 2021-06-28 15:24 - 000000000 ____D C:\Users\rossu\AppData\Roaming\HpUpdate
2021-06-28 15:23 - 2021-06-28 15:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2021-06-28 15:23 - 2021-06-28 15:23 - 000001434 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Centrum řešení HP.lnk
2021-06-28 15:23 - 2021-06-28 15:23 - 000000000 ____D C:\ProgramData\HP Product Assistant
2021-06-28 15:19 - 2021-06-28 15:26 - 000218000 _____ C:\Windows\hpoins19.dat
2021-06-28 15:19 - 2012-10-14 14:03 - 000015561 ____N C:\Windows\hpomdl19.dat
2021-06-28 15:13 - 2021-06-28 15:26 - 000000000 ____D C:\ProgramData\HP
2021-06-28 15:13 - 2021-06-28 15:24 - 000000000 ____D C:\Program Files (x86)\HP
2021-06-28 15:13 - 2021-06-28 15:13 - 000000000 ____D C:\Users\rossu\AppData\Roaming\HPPSDr
2021-06-28 15:13 - 2021-06-28 15:13 - 000000000 ____D C:\HP
2021-06-25 20:12 - 2021-06-25 20:12 - 000000000 ____D C:\Users\rossu\AppData\LocalLow\Adobe
2021-06-24 22:15 - 2021-06-24 22:15 - 000000000 ____D C:\Users\rossu\AppData\Local\NVIDIA
2021-06-24 19:06 - 2021-06-24 19:06 - 000001064 _____ C:\Users\rossu\Desktop\Adobe Photoshop 2021.lnk
2021-06-24 18:54 - 2021-06-24 19:06 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-06-24 18:53 - 2021-06-24 18:58 - 000000000 ____D C:\Program Files\Adobe
2021-06-24 18:53 - 2021-06-24 18:53 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-06-24 18:50 - 2021-06-24 22:14 - 000000000 ____D C:\Users\rossu\AppData\Local\Adobe
2021-06-24 18:50 - 2021-06-24 18:57 - 000000000 ____D C:\ProgramData\Adobe
2021-06-23 15:51 - 2021-06-23 15:51 - 002371072 _____ C:\Windows\system32\rdpnano.dll
2021-06-23 15:51 - 2021-06-23 15:51 - 001823304 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2021-06-23 15:51 - 2021-06-23 15:51 - 001393504 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2021-06-23 15:51 - 2021-06-23 15:51 - 001314128 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2021-06-23 15:51 - 2021-06-23 15:51 - 000570880 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2021-06-23 15:51 - 2021-06-23 15:51 - 000452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2021-06-23 15:51 - 2021-06-23 15:51 - 000097792 _____ C:\Windows\system32\Drivers\cimfs.sys
2021-06-23 15:51 - 2021-06-23 15:51 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl
2021-06-23 15:51 - 2021-06-23 15:51 - 000067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscui.cpl
2021-06-23 15:51 - 2021-06-23 15:51 - 000060928 _____ C:\Windows\system32\runexehelper.exe
2021-06-23 15:51 - 2021-06-23 15:51 - 000011333 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-06-23 15:50 - 2021-06-23 15:50 - 002260992 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2021-06-19 20:17 - 2021-06-19 20:17 - 000086939 _____ C:\Users\rossu\Downloads\[SkT]Minamata_(EN)(2020)[WEBRip][1080p]_=_CSFD_70%.torrent
2021-06-15 20:29 - 2021-06-15 20:29 - 000000000 ____D C:\Users\rossu\AppData\Local\GHISLER
2021-06-15 20:28 - 2021-06-15 20:28 - 000000724 _____ C:\Users\rossu\Desktop\Total Commander.lnk
2021-06-15 20:28 - 2021-06-15 20:28 - 000000000 ____D C:\Users\rossu\AppData\Roaming\GHISLER
2021-06-15 20:08 - 2021-07-03 17:16 - 000000000 ____D C:\AdwCleaner
2021-06-15 17:46 - 2021-06-15 17:46 - 000000000 ____D C:\ProgramData\Apple
2021-06-13 14:54 - 2021-06-13 14:54 - 001149432 _____ (Realtek ) C:\Windows\system32\Drivers\rt640x64.sys
2021-06-13 14:49 - 2021-06-13 14:49 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2021-06-13 14:47 - 2021-06-13 14:47 - 001734288 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6442531.dll
2021-06-13 14:47 - 2021-06-13 14:47 - 001467864 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6442531.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 040421064 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 035268296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 020107920 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 017432992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 010320528 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 008785944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 005276064 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 004625552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 004304672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 002033112 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 001536144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 001465432 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 001169120 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 001130584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 001006800 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 001006800 _____ C:\Windows\system32\vulkan-1.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 000915088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 000870096 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 000870096 _____ C:\Windows\SysWOW64\vulkan-1.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 000668664 _____ C:\Windows\system32\nvofapi64.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 000631896 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 000552328 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 000534936 _____ C:\Windows\SysWOW64\nvofapi.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 000522144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 000457096 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 000415992 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\AdminService.exe
2021-06-13 14:46 - 2021-06-13 14:46 - 000286416 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2021-06-13 14:46 - 2021-06-13 14:46 - 000286416 _____ C:\Windows\system32\vulkaninfo.exe
2021-06-13 14:46 - 2021-06-13 14:46 - 000260304 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-06-13 14:46 - 2021-06-13 14:46 - 000260304 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2021-06-13 14:46 - 2021-06-13 14:46 - 000069368 _____ (Qualcomm) C:\Windows\system32\Drivers\btfilter.sys
2021-06-13 14:46 - 2021-06-13 14:46 - 000046268 _____ C:\Windows\system32\Drivers\AthrBT_0x31010000.dfu
2021-06-13 14:46 - 2021-06-13 14:46 - 000045380 _____ C:\Windows\system32\Drivers\AthrBT_0x31010100.dfu
2021-06-13 14:46 - 2021-06-13 14:46 - 000040684 _____ C:\Windows\system32\Drivers\AthrBT_0x31010000_ss01.dfu
2021-06-13 14:46 - 2021-06-13 14:46 - 000001926 _____ C:\Windows\system32\Drivers\ramps_0x31010000_40_0xf0.dfu
2021-06-13 14:46 - 2021-06-13 14:46 - 000001926 _____ C:\Windows\system32\Drivers\ramps_0x31010000_40_0x21.dfu
2021-06-13 14:46 - 2021-06-13 14:46 - 000001926 _____ C:\Windows\system32\Drivers\ramps_0x31010000_40_0x11.dfu
2021-06-13 14:46 - 2021-06-13 14:46 - 000001926 _____ C:\Windows\system32\Drivers\ramps_0x31010000_40.dfu
2021-06-13 14:46 - 2021-06-13 14:46 - 000001922 _____ C:\Windows\system32\Drivers\ramps_0x31010100_40.dfu
2021-06-13 14:46 - 2021-06-13 14:46 - 000001516 _____ C:\Windows\system32\Drivers\ramps_0x31010000_40_SS01.dfu
2021-06-13 14:46 - 2021-06-13 14:46 - 000001516 _____ C:\Windows\system32\Drivers\ramps_0x31010000_40_LV01.dfu
2021-06-13 14:46 - 2021-06-13 14:46 - 000001516 _____ C:\Windows\system32\Drivers\ramps_0x31010000_40_0xf1.dfu
2021-06-13 14:46 - 2021-06-13 14:46 - 000001516 _____ C:\Windows\system32\Drivers\ramps_0x31010000_40_0x22.dfu
2021-06-13 14:46 - 2021-06-13 14:46 - 000001516 _____ C:\Windows\system32\Drivers\ramps_0x31010000_40_0x12.dfu
2021-06-13 14:46 - 2021-06-13 14:46 - 000001516 _____ C:\Windows\system32\Drivers\ramps_0x31010000_40_0x01.dfu
2021-06-13 14:46 - 2021-06-13 14:46 - 000001512 _____ C:\Windows\system32\Drivers\ramps_0x31010100_40_0xf1.dfu
2021-06-13 14:46 - 2021-06-13 14:46 - 000001512 _____ C:\Windows\system32\Drivers\ramps_0x31010100_40_0x01.dfu
2021-06-13 14:45 - 2021-06-13 14:45 - 004322672 _____ (Qualcomm Atheros Communications, Inc.) C:\Windows\system32\Drivers\athw10x.sys
2021-06-13 14:45 - 2021-06-13 14:45 - 000056840 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2021-06-13 14:41 - 2021-06-13 14:41 - 032130848 _____ (Intel Corporation) C:\Windows\system32\igdumdim64.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 031213112 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdim32.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 029084160 _____ (Intel Corporation) C:\Windows\system32\common_clang64.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 027097256 _____ (Intel Corporation) C:\Windows\SysWOW64\igd11dxva32.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 019844096 _____ (Intel Corporation) C:\Windows\SysWOW64\common_clang32.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 015187896 _____ (Intel Corporation) C:\Windows\system32\igc64.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 013454848 _____ (Intel Corporation) C:\Windows\system32\ig8icd64.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 013195352 _____ (Intel Corporation) C:\Windows\SysWOW64\igc32.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 011235256 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10iumd32.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 010195968 _____ (Intel Corporation) C:\Windows\SysWOW64\ig8icd32.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 005797102 _____ C:\Windows\system32\igdclbif.bin
2021-06-13 14:41 - 2021-06-13 14:41 - 005668352 _____ (Intel Corporation) C:\Windows\system32\igdmcl64.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 005245440 _____ (Intel Corporation) C:\Windows\system32\GfxResources.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 004941952 _____ (Intel Corporation) C:\Windows\SysWOW64\igdusc32.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 004632576 _____ (Intel Corporation) C:\Windows\system32\igdrcl64.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 004387824 _____ (Intel Corporation) C:\Windows\system32\igd12umd64.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 004232800 _____ (Intel Corporation) C:\Windows\SysWOW64\igd12umd32.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 004161024 _____ (Intel Corporation) C:\Windows\SysWOW64\igdrcl32.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 003952640 _____ (Intel Corporation) C:\Windows\SysWOW64\igdmcl32.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 002105832 _____ (Intel Corporation) C:\Windows\system32\igdmd64.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 001767992 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 001765408 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 001631520 _____ (Intel Corporation) C:\Windows\SysWOW64\igdmd32.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 001559552 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 001150464 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 001008232 _____ C:\Windows\system32\igfxSDK.exe
2021-06-13 14:41 - 2021-06-13 14:41 - 000944232 _____ (Intel Corporation) C:\Windows\system32\Gfxv4_0.exe
2021-06-13 14:41 - 2021-06-13 14:41 - 000940648 _____ (Intel Corporation) C:\Windows\system32\Gfxv2_0.exe
2021-06-13 14:41 - 2021-06-13 14:41 - 000826341 _____ C:\Windows\system32\DisplayAudiox64.cab
2021-06-13 14:41 - 2021-06-13 14:41 - 000609280 _____ (Intel Corporation) C:\Windows\system32\MetroIntelGenericUIFramework.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000604264 _____ (Intel Corporation) C:\Windows\system32\IntelCpHDCPSvc.exe
2021-06-13 14:41 - 2021-06-13 14:41 - 000517736 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiUMS64.exe
2021-06-13 14:41 - 2021-06-13 14:41 - 000448104 _____ (Intel Corporation) C:\Windows\system32\GfxUIEx.exe
2021-06-13 14:41 - 2021-06-13 14:41 - 000421888 _____ (Intel Corporation) C:\Windows\system32\igdbcl64.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000409976 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000408928 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000398848 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000384104 _____ C:\Windows\system32\igfxTray.exe
2021-06-13 14:41 - 2021-06-13 14:41 - 000372736 _____ (Intel Corporation) C:\Windows\system32\igfxOSP.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000371200 _____ (Intel Corporation) C:\Windows\SysWOW64\igdbcl32.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000357904 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000355832 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000332800 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiMCComp64.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000301056 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000289936 _____ (Intel Corporation) C:\Windows\system32\igd10idpp64.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000282728 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2021-06-13 14:41 - 2021-06-13 14:41 - 000274504 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10idpp32.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000256000 _____ C:\Windows\system32\igfxCPL.cpl
2021-06-13 14:41 - 2021-06-13 14:41 - 000248832 _____ (Intel Corporation) C:\Windows\system32\igdfcl64.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000238080 _____ (Intel Corporation) C:\Windows\system32\igfxDTCM.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000220432 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000218216 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2021-06-13 14:41 - 2021-06-13 14:41 - 000213608 _____ (Intel Corporation) C:\Windows\system32\DPTopologyApp.exe
2021-06-13 14:41 - 2021-06-13 14:41 - 000213096 _____ (Intel Corporation) C:\Windows\system32\DPTopologyAppv2_0.exe
2021-06-13 14:41 - 2021-06-13 14:41 - 000207872 _____ (Intel Corporation) C:\Windows\SysWOW64\igdfcl32.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000201368 _____ (Intel Corporation) C:\Windows\system32\igdde64.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000188928 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v4352.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000184352 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000175616 _____ (Intel Corporation) C:\Windows\system32\igdail64.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000160680 _____ (Intel Corporation) C:\Windows\SysWOW64\igdde32.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000157632 _____ (Intel Corporation) C:\Windows\system32\Drivers\TXEIx64.sys
2021-06-13 14:41 - 2021-06-13 14:41 - 000156264 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2021-06-13 14:41 - 2021-06-13 14:41 - 000155648 _____ (Intel Corporation) C:\Windows\SysWOW64\igdail32.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000094208 _____ ( ) C:\Windows\system32\igfxSDKLibv2_0.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000086528 _____ (Khronos Group) C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000086016 _____ C:\Windows\system32\igfxCUIServicePS.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000083456 _____ ( ) C:\Windows\system32\igfxSDKLib.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000082432 _____ (Khronos Group) C:\Windows\system32\Intel_OpenCL_ICD64.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000077824 _____ ( ) C:\Windows\system32\igfxDHLibv2_0.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000066048 _____ ( ) C:\Windows\system32\igfxDHLib.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000041296 _____ C:\Windows\system32\iglhxc64_dev.vp
2021-06-13 14:41 - 2021-06-13 14:41 - 000040931 _____ C:\Windows\system32\iglhxo64_dev.vp
2021-06-13 14:41 - 2021-06-13 14:41 - 000040343 _____ C:\Windows\system32\iglhxo64.vp
2021-06-13 14:41 - 2021-06-13 14:41 - 000040316 _____ C:\Windows\system32\iglhxc64.vp
2021-06-13 14:41 - 2021-06-13 14:41 - 000039798 _____ C:\Windows\system32\iglhxg64_dev.vp
2021-06-13 14:41 - 2021-06-13 14:41 - 000039658 _____ C:\Windows\system32\iglhxg64.vp
2021-06-13 14:41 - 2021-06-13 14:41 - 000036616 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000035328 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000011776 _____ ( ) C:\Windows\system32\igfxDILibv2_0.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000011776 _____ ( ) C:\Windows\system32\igfxDILib.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000010240 _____ ( ) C:\Windows\system32\igfxEMLibv2_0.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000010240 _____ ( ) C:\Windows\system32\igfxEMLib.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000005360 _____ C:\Windows\system32\iglhxs64lp.vp
2021-06-13 14:41 - 2021-06-13 14:41 - 000005120 _____ ( ) C:\Windows\system32\igfxLHMLibv2_0.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000005120 _____ ( ) C:\Windows\system32\igfxLHMLib.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000001125 _____ C:\Windows\system32\iglhxa64.vp
2021-06-13 14:40 - 2021-06-13 14:40 - 000861184 _____ (Hewlett-Packard) C:\Windows\system32\hpowiav1.dll
2021-06-13 14:40 - 2021-06-13 14:40 - 000730624 _____ (Hewlett-Packard Co.) C:\Windows\system32\hpotscl1.dll
2021-06-13 14:40 - 2021-06-13 14:40 - 000498176 _____ (Hewlett-Packard Co.) C:\Windows\system32\hpovst01.dll
2021-06-13 14:21 - 2021-06-13 14:22 - 000000000 ____D C:\Users\rossu\AppData\LocalLow\IObit
2021-06-13 14:04 - 2021-06-13 14:04 - 000000000 ____D C:\Windows\TempInst
2021-06-13 14:04 - 2021-06-13 14:04 - 000000000 ____D C:\ProgramData\HUAWEI Mobile Broadband
2021-06-13 14:00 - 2021-06-13 14:00 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-06-13 14:00 - 2021-06-13 14:00 - 000000000 ____D C:\Program Files (x86)\Realtek
2021-06-13 14:00 - 2021-01-28 14:25 - 009907704 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RsCRIcon.dll
2021-06-13 13:59 - 2021-06-13 13:59 - 000000000 ____D C:\ProgramData\Dell
2021-06-13 13:50 - 2021-06-13 13:50 - 000000000 ____D C:\Windows\SysWOW64\sda
2021-06-13 13:50 - 2021-01-28 14:25 - 000444920 _____ (Realsil Semiconductor Corporation) C:\Windows\system32\Drivers\RtsUer.sys
2021-06-13 13:50 - 2014-10-20 11:50 - 000083160 _____ (Realtek Semiconductor.) C:\Windows\system32\RtCRX64.dll
2021-06-13 10:54 - 2021-06-15 18:03 - 000000000 ____D C:\ProgramData\IObit
2021-06-13 10:54 - 2021-06-13 10:54 - 000000753 _____ C:\Users\Public\Desktop\IObit Unlocker.lnk
2021-06-13 10:54 - 2021-06-13 10:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Unlocker
2021-06-13 10:54 - 2021-06-13 10:54 - 000000000 ____D C:\ProgramData\IObit Information Technology
2021-06-12 23:52 - 2021-06-12 23:52 - 000000000 ____D C:\Windows\system32\Tasks\2BrightSparks
2021-06-12 21:43 - 2021-06-12 21:43 - 000000000 ____D C:\Users\Public\Jumping Bytes
2021-06-12 21:41 - 2021-06-12 21:41 - 000000000 ____D C:\Windows\system32\Tasks\JumpingBytes
2021-06-10 19:45 - 2021-06-10 19:46 - 000011278 _____ C:\Users\rossu\Downloads\Ceník prací D+M.xlsx
2021-06-10 19:16 - 2021-06-10 19:16 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2021-06-10 19:16 - 2021-06-10 19:16 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2021-06-10 19:16 - 2021-06-10 19:16 - 001864192 _____ (The ICU Project) C:\Windows\SysWOW64\icu.dll
2021-06-10 19:16 - 2021-06-10 19:16 - 000468440 _____ C:\Windows\SysWOW64\WindowManagementAPI.dll
2021-06-10 19:16 - 2021-06-10 19:16 - 000423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2021-06-10 19:16 - 2021-06-10 19:16 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe
2021-06-10 19:15 - 2021-06-10 19:15 - 002260480 _____ (The ICU Project) C:\Windows\system32\icu.dll
2021-06-10 19:15 - 2021-06-10 19:15 - 000657464 _____ C:\Windows\system32\WindowManagementAPI.dll
2021-06-10 19:15 - 2021-06-10 19:15 - 000563712 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2021-06-10 19:15 - 2021-06-10 19:15 - 000287232 _____ C:\Windows\system32\CoreMas.dll
2021-06-10 19:15 - 2021-06-10 19:15 - 000272384 _____ C:\Windows\system32\TpmTool.exe
2021-06-03 18:36 - 2021-06-03 18:36 - 000000000 ____D C:\Program Files (x86)\MSECache
2021-06-03 18:36 - 2021-06-03 18:36 - 000000000 ____D C:\Program Files (x86)\Microsoft Office

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-07-03 18:56 - 2021-02-21 12:07 - 000000000 ____D C:\FRST
2021-07-03 18:53 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-07-03 18:52 - 2021-02-07 07:04 - 000000000 ____D C:\Users\rossu\AppData\Roaming\qBittorrent
2021-07-03 18:48 - 2020-11-19 00:29 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-07-03 17:42 - 2021-04-30 20:10 - 000000000 ___HD C:\Users\rossu\OneDrive\Documents\.tmp.drivedownload
2021-07-03 17:35 - 2021-02-07 03:15 - 001693920 _____ C:\Windows\system32\PerfStringBackup.INI
2021-07-03 17:35 - 2019-12-07 16:41 - 000718210 _____ C:\Windows\system32\perfh005.dat
2021-07-03 17:35 - 2019-12-07 16:41 - 000145352 _____ C:\Windows\system32\perfc005.dat
2021-07-03 17:35 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2021-07-03 17:31 - 2021-04-27 15:21 - 000000000 ___RD C:\Users\rossu\Disk Google
2021-07-03 17:29 - 2021-02-07 03:21 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-07-03 17:29 - 2021-02-07 03:21 - 000000000 __SHD C:\Users\rossu\IntelGraphicsProfiles
2021-07-03 17:28 - 2021-02-07 03:16 - 000000000 ____D C:\ProgramData\NVIDIA
2021-07-03 17:28 - 2021-02-07 03:02 - 000008192 ___SH C:\DumpStack.log.tmp
2021-07-03 17:28 - 2020-11-19 01:30 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-07-03 17:27 - 2019-12-07 11:03 - 000786432 _____ C:\Windows\system32\config\BBI
2021-07-03 17:26 - 2021-02-07 03:11 - 000000000 ____D C:\Users\rossu
2021-07-03 17:14 - 2021-04-11 17:15 - 000000000 ____D C:\Users\rossu\Desktop\čistka
2021-07-03 16:52 - 2021-04-07 17:14 - 000002914 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1139899892-52648791-3838483249-1002
2021-07-03 16:52 - 2021-02-07 03:21 - 000003460 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-07-03 16:52 - 2021-02-07 03:21 - 000003236 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-07-03 16:52 - 2021-02-07 03:16 - 000002914 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1139899892-52648791-3838483249-1001
2021-07-03 16:52 - 2021-02-07 03:03 - 000002910 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1139899892-52648791-3838483249-500
2021-07-03 16:52 - 2020-11-19 01:32 - 000003572 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-07-03 16:52 - 2020-11-19 01:32 - 000003348 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-07-03 16:38 - 2021-03-09 18:01 - 000000000 ____D C:\Users\rossu\AppData\Local\D3DSCache
2021-07-03 16:20 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2021-07-03 16:04 - 2021-02-24 19:19 - 000000000 ____D C:\Windows\Minidump
2021-07-03 11:32 - 2020-11-19 01:32 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-07-03 11:32 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-07-01 16:48 - 2021-02-07 03:22 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-06-29 23:46 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-06-29 20:48 - 2021-02-09 21:55 - 000000000 ____D C:\Users\rossu\AppData\Roaming\MyPhoneExplorer
2021-06-28 22:25 - 2020-11-19 00:29 - 000459400 _____ C:\Windows\system32\FNTCACHE.DAT
2021-06-28 22:13 - 2021-05-13 19:05 - 000000000 ____D C:\Users\rossu\AppData\Roaming\USBSafelyRemove
2021-06-28 22:01 - 2021-02-07 09:29 - 000000000 ____D C:\Users\rossu\AppData\Local\CrashDumps
2021-06-28 15:52 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2021-06-28 15:25 - 2019-12-07 11:14 - 000000127 _____ C:\Windows\win.ini
2021-06-28 12:27 - 2021-02-17 18:52 - 000000000 ____D C:\Users\rossu\AppData\Local\ElevatedDiagnostics
2021-06-28 11:16 - 2021-02-07 03:16 - 000000000 ___RD C:\Users\rossu\OneDrive
2021-06-28 11:16 - 2021-02-07 03:11 - 000002377 _____ C:\Users\rossu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-06-24 22:15 - 2021-02-07 03:14 - 000000000 ____D C:\Users\rossu\AppData\Roaming\Adobe
2021-06-24 21:42 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\NDF
2021-06-24 18:52 - 2021-03-01 17:28 - 000000000 ____D C:\ProgramData\Package Cache
2021-06-24 18:51 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-06-23 17:21 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-06-23 17:21 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2021-06-23 17:21 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2021-06-23 17:21 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-06-23 17:21 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2021-06-23 17:21 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup
2021-06-23 17:21 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2021-06-23 17:21 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2021-06-23 17:21 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Provisioning
2021-06-23 17:21 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2021-06-15 20:43 - 2021-02-07 03:14 - 000000000 ____D C:\Users\rossu\AppData\Local\VirtualStore
2021-06-15 19:11 - 2021-02-07 09:29 - 000000000 ____D C:\Users\rossu\AppData\Roaming\Foxit Software
2021-06-15 19:10 - 2021-02-07 09:30 - 000000000 ____D C:\ProgramData\Foxit Software
2021-06-15 17:51 - 2021-04-07 17:08 - 000000000 ____D C:\Users\sucha
2021-06-13 15:10 - 2021-02-07 03:14 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-06-13 14:49 - 2021-02-07 03:14 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-06-13 14:46 - 2021-02-07 03:13 - 005045704 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2021-06-13 14:46 - 2021-02-07 03:13 - 000049910 _____ C:\Windows\system32\nvinfo.pb
2021-06-13 14:44 - 2021-02-07 03:21 - 000000200 _____ C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2021-06-13 14:41 - 2021-02-07 03:20 - 025836024 _____ (Intel Corporation) C:\Windows\system32\igd11dxva64.dll
2021-06-13 14:41 - 2021-02-07 03:20 - 013680976 _____ (Intel Corporation) C:\Windows\system32\igd10iumd64.dll
2021-06-13 14:41 - 2021-02-07 03:20 - 007322064 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64lp.sys
2021-06-13 14:41 - 2021-02-07 03:20 - 006457088 _____ (Intel Corporation) C:\Windows\system32\igdusc64.dll
2021-06-13 14:41 - 2021-02-07 03:20 - 002041344 _____ (Intel Corporation) C:\Windows\system32\igfxLHM.dll
2021-06-13 14:41 - 2021-02-07 03:20 - 000733184 _____ (Intel Corporation) C:\Windows\system32\igfxDH.dll
2021-06-13 14:41 - 2021-02-07 03:20 - 000369664 _____ (Intel Corporation) C:\Windows\system32\igfxDI.dll
2021-06-13 14:41 - 2021-02-07 03:20 - 000354920 _____ (Intel Corporation) C:\Windows\system32\igfxCUIService.exe
2021-06-13 14:41 - 2021-02-07 03:20 - 000335976 _____ (Intel Corporation) C:\Windows\system32\igfxEM.exe
2021-06-13 14:41 - 2021-02-07 03:20 - 000250472 _____ (Intel Corporation) C:\Windows\system32\igfxHK.exe
2021-06-12 13:49 - 2021-02-20 16:43 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-06-12 11:26 - 2020-11-19 01:30 - 000000000 ____D C:\Windows\system32\Drivers\wd
2021-06-10 20:09 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\PrintDialog
2021-06-10 20:09 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2021-06-10 20:09 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2021-06-10 20:09 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\migwiz
2021-06-10 20:09 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\lv-LV
2021-06-10 20:09 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\et-EE
2021-06-10 18:52 - 2021-02-07 07:47 - 000000000 ____D C:\Windows\system32\MRT
2021-06-10 18:46 - 2021-02-07 07:47 - 132447432 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories ========

2021-05-07 17:20 - 2021-05-07 17:20 - 000000001 _____ () C:\Users\rossu\AppData\Local\llftool.4.40.agreement
2021-05-04 21:00 - 2021-05-04 21:00 - 000000017 _____ () C:\Users\rossu\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Re: PROSÍM O KONTROLU

Napsal: 03 črc 2021 18:09
od bigmuff
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-07-2021
Ran by rossu (03-07-2021 19:02:39)
Running from C:\Users\rossu\Desktop
Windows 10 Home Version 21H1 19043.1081 (X64) (2021-02-07 01:08:10)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1139899892-52648791-3838483249-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1139899892-52648791-3838483249-503 - Limited - Disabled)
Guest (S-1-5-21-1139899892-52648791-3838483249-501 - Limited - Disabled)
rossu (S-1-5-21-1139899892-52648791-3838483249-1001 - Administrator - Enabled) => C:\Users\rossu
WDAGUtilityAccount (S-1-5-21-1139899892-52648791-3838483249-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4K Video Downloader (HKLM\...\{324530FC-5511-4D31-95D2-92BFB823F16F}) (Version: 4.15.0.4160 - Open Media LLC) Hidden
4K Video Downloader (HKLM-x32\...\{6f4880c8-b3c8-48f7-9f1d-ccbd16680059}) (Version: 4.15.0.4160 - Open Media LLC)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{B7B3E9B3-FB14-4927-894B-E9124509AF5A}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
Adobe Photoshop 2021 (HKLM-x32\...\PHSP_22_4_2) (Version: 22.4.2.242 - Adobe Inc.)
Backup and Sync from Google (HKLM\...\{3CBE1074-3A4F-4BA6-95E3-7A660B54FE33}) (Version: 3.55.3625.9414 - Google, Inc.)
Balíček ovladače systému Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
Balíček ovladače systému Windows - Intel Corporation (iagpioe) System (05/21/2015 604.10120.2652.361) (HKLM\...\AF9226384B030787C4D0F761A23F48F7649D6D17) (Version: 05/21/2015 604.10120.2652.361 - Intel Corporation)
Balíček ovladače systému Windows - Intel Corporation (iai2ce) System (05/21/2015 604.10120.2654.367) (HKLM\...\B37036F6A0766DAC3E418F6CAE67005C5F3A8C40) (Version: 05/21/2015 604.10120.2654.367 - Intel Corporation)
Balíček ovladače systému Windows - Intel Corporation (iauarte) System (05/21/2015 604.10120.2653.391) (HKLM\...\1D4FF76A05A14FF5BA3636A41E0AB237F3A55E14) (Version: 05/21/2015 604.10120.2653.391 - Intel Corporation)
Excel (HKU\S-1-5-21-1139899892-52648791-3838483249-1001\...\1fc5b090eab9aa41f8a2f5987367e6da) (Version: 1.0 - Excel)
Foxit PDF Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 11.0.0.49893 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.124 - Google LLC)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software (HKLM\...\{6F5B70F0-EA6C-4A5B-BB16-8390BD66B251}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4352 - Intel Corporation)
IObit Unlocker (HKLM-x32\...\IObit Unlocker_is1) (Version: 1.2 - IObit Information Technology)
jwDuplFiles 2.0 (HKLM-x32\...\jwDuplFiles_is1) (Version: - jw)
LibreOffice 7.1.4.2 (HKLM\...\{7BE60D5A-5444-4E4D-9BAE-6A5BEA22C2AA}) (Version: 7.1.4.2 - The Document Foundation)
MediaInfo 21.03 (HKLM\...\MediaInfo) (Version: 21.03 - MediaArea.net)
Medieval CUE Splitter (HKLM-x32\...\{B96D2269-568B-4CBF-9332-12FAE8B158F7}) (Version: 1.2.0 - Medieval Software)
Microsoft Access database engine 2010 (English) (HKLM-x32\...\{90140000-00D1-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.64 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1139899892-52648791-3838483249-1001\...\OneDriveSetup.exe) (Version: 21.109.0530.0001 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x86) ENU (HKLM-x32\...\{FF63121D-91C6-42CC-B341-F1AA729728E7}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x86) ENU (HKLM-x32\...\{D3A80508-CD83-4CA3-8671-914A1BC78B61}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
Minimal ADB and Fastboot version 1.4.2 (HKLM-x32\...\{1901BAF7-7E78-4041-BC88-D0EE5DD1DFD9}_is1) (Version: 1.4.2 - Sam Rodberg)
Minimal ADB and Fastboot version 1.4.3 (HKLM-x32\...\{B561660D-8B3C-491D-9E3E-293F14FCAADA}_is1) (Version: 1.4.3 - Samuel Rodberg)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.15 - F.J. Wechselberger)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
PowerPoint (HKU\S-1-5-21-1139899892-52648791-3838483249-1001\...\319814cb56b667dff88f54e08be8f51f) (Version: 1.0 - PowerPoint)
qBittorrent 4.3.4.1 (HKLM-x32\...\qBittorrent) (Version: 4.3.4.1 - The qBittorrent project)
Qualcomm USB Drivers For Windows (HKLM-x32\...\{D9FB7F91-9687-4B09-894D-072903CADEA4}) (Version: 1.00.25 - QUALCOMM Incorporated)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.19042.31267 - Realtek Semiconductor Corp.)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SyncToy 2.1 (x86) (HKLM-x32\...\{A066194B-DC8F-449A-8E0F-B57BDD3A2072}) (Version: 2.1.0 - Microsoft)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 10.00 - Ghisler Software GmbH)
USB Bridge Installer (HKLM\...\USB Bridge Installer_is1) (Version: - )
VS Revo Group (HKU\S-1-5-21-1139899892-52648791-3838483249-1001\...\{1F44C2C3-CECF-B184-84E9-449538C5D6E9}) (Version: v.4.3.3 - libbi)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
WinZip (HKLM\...\WinZip) (Version: 25.0 (14273s) - 64bitový - WinZip Computing)
Word (HKU\S-1-5-21-1139899892-52648791-3838483249-1001\...\1b837d0bf93d01407352736c91b7bf50) (Version: 1.0 - Word)
XiaoMiFlash (HKLM-x32\...\{17027A8C-4379-424D-9236-075003273CE3}) (Version: 1.1.4 - XiaoMi)
ZPS 19 CZ (HKU\S-1-5-21-1139899892-52648791-3838483249-1001\...\{E83AA227-7862-F115-2E87-46DCA9E3D879}) (Version: v.19.2004.2.262 - 18.08.2020 - libbi)

Packages:
=========
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.6151.0_x64__8wekyb3d8bbwe [2021-06-21] (Microsoft Studios) [MS Ad]
Outlook -> C:\Program Files\WindowsApps\outlook.com-78C9D47_1.0.0.2_neutral__3t89ybq5n4y7r [2021-06-06] (outlook.com)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2021-04-11] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-06-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-06-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-06-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-03-12] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-03-12] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-03-12] (Google LLC -> Google)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-06-24] (Adobe Inc. -> )
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-03-12] (Google LLC -> Google)
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => D:\program\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) [File not signed]
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => D:\program\IObit Unlocker\IObitUnlockerExtension.dll [2020-10-10] (IObit Information Technology -> IObit Information Technology)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\program\winrar\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\program\winrar\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-03-12] (Google LLC -> Google)
ContextMenuHandlers4: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => D:\program\IObit Unlocker\IObitUnlockerExtension.dll [2020-10-10] (IObit Information Technology -> IObit Information Technology)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2021-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-06-24] (Adobe Inc. -> )
ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => D:\program\IObit Unlocker\IObitUnlockerExtension.dll [2020-10-10] (IObit Information Technology -> IObit Information Technology)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\program\winrar\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\program\winrar\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\rossu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=leffmjdabcgaflkikcefahmlgpodjkdm
ShortcutWithArgument: C:\Users\rossu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=opfacbhaojodjaojgocnibmklknchehf
ShortcutWithArgument: C:\Users\rossu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=hikhggiobiflkdfdgdajcfklmcibbopi

==================== Loaded Modules (Whitelisted) =============

2021-07-03 17:30 - 2021-07-03 17:30 - 000114176 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\_ctypes.pyd
2021-07-03 17:30 - 2021-07-03 17:30 - 000172544 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\_elementtree.pyd
2021-07-03 17:30 - 2021-07-03 17:30 - 002255872 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\_hashlib.pyd
2021-07-03 17:30 - 2021-07-03 17:30 - 000032256 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\_multiprocessing.pyd
2021-07-03 17:30 - 2021-07-03 17:30 - 000046080 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\_psutil_windows.pyd
2021-07-03 17:30 - 2021-07-03 17:30 - 000047616 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\_socket.pyd
2021-07-03 17:30 - 2021-07-03 17:30 - 002824704 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\_ssl.pyd
2021-07-03 17:30 - 2021-07-03 17:30 - 000026112 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\_yappi.pyd
2021-07-03 17:30 - 2021-07-03 17:30 - 000080896 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\bz2.pyd
2021-07-03 17:30 - 2021-07-03 17:30 - 000015872 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\common.time34.pyd
2021-07-03 17:30 - 2021-07-03 17:30 - 000007680 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\hashobjs_ext.pyd
2021-07-03 17:30 - 2021-07-03 17:30 - 000301568 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\PIL._imaging.pyd
2021-07-03 17:30 - 2021-07-03 17:30 - 000168448 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\pyexpat.pyd
2021-07-03 17:30 - 2021-07-03 17:30 - 001084416 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\pysqlite2._sqlite.pyd
2021-07-03 17:30 - 2021-07-03 17:30 - 000548864 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\pythoncom27.dll
2021-07-03 17:30 - 2021-07-03 17:30 - 000137728 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\pywintypes27.dll
2021-07-03 17:30 - 2021-07-03 17:30 - 000010752 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\select.pyd
2021-07-03 17:30 - 2021-07-03 17:30 - 000020992 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\thumbnails_ext.pyd
2021-07-03 17:30 - 2021-07-03 17:30 - 000689664 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\unicodedata.pyd
2021-07-03 17:30 - 2021-07-03 17:30 - 000119808 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\usb_ext.pyd
2021-07-03 17:30 - 2021-07-03 17:30 - 000128512 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\win32api.pyd
2021-07-03 17:30 - 2021-07-03 17:30 - 000438784 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\win32com.shell.shell.pyd
2021-07-03 17:30 - 2021-07-03 17:30 - 000011776 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\win32crypt.pyd
2021-07-03 17:30 - 2021-07-03 17:30 - 000023040 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\win32event.pyd
2021-07-03 17:30 - 2021-07-03 17:30 - 000149504 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\win32file.pyd
2021-07-03 17:30 - 2021-07-03 17:30 - 000223232 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\win32gui.pyd
2021-07-03 17:30 - 2021-07-03 17:30 - 000048128 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\win32inet.pyd
2021-07-03 17:30 - 2021-07-03 17:30 - 000029696 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\win32pdh.pyd
2021-07-03 17:30 - 2021-07-03 17:30 - 000027648 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\win32pipe.pyd
2021-07-03 17:30 - 2021-07-03 17:30 - 000044032 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\win32process.pyd
2021-07-03 17:30 - 2021-07-03 17:30 - 000020480 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\win32profile.pyd
2021-07-03 17:30 - 2021-07-03 17:30 - 000136192 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\win32security.pyd
2021-07-03 17:30 - 2021-07-03 17:30 - 000026624 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\win32ts.pyd
2021-07-03 17:30 - 2021-07-03 17:30 - 000034304 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\windows.conditional.pyd
2021-07-03 17:30 - 2021-07-03 17:30 - 000037888 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\windows.connectivity.pyd
2021-07-03 17:30 - 2021-07-03 17:30 - 000071680 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\windows.device_monitor.pyd
2021-07-03 17:30 - 2021-07-03 17:30 - 000103936 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\windows.volumes.pyd
2021-07-03 17:30 - 2021-07-03 17:30 - 000019968 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\windows.winwrap.pyd
2021-07-03 17:30 - 2021-07-03 17:30 - 001325056 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\wx._controls_.pyd
2021-07-03 17:30 - 2021-07-03 17:30 - 001489408 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\wx._core_.pyd
2021-07-03 17:30 - 2021-07-03 17:30 - 001007104 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\wx._gdi_.pyd
2021-07-03 17:30 - 2021-07-03 17:30 - 000103424 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\wx._html2.pyd
2021-07-03 17:30 - 2021-07-03 17:30 - 000916992 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\wx._misc_.pyd
2021-07-03 17:30 - 2021-07-03 17:30 - 001039872 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\wx._windows_.pyd
2011-08-18 01:29 - 2011-08-18 01:29 - 001039360 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpslpsvc64.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2021-07-03 17:30 - 2021-07-03 17:30 - 003043328 _____ (Python Software Foundation) [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\python27.dll
2021-07-03 17:30 - 2021-07-03 17:30 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\wxbase30u_net_vc90_x64.dll
2021-07-03 17:30 - 2021-07-03 17:30 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\wxbase30u_vc90_x64.dll
2021-07-03 17:30 - 2021-07-03 17:30 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\wxmsw30u_adv_vc90_x64.dll
2021-07-03 17:30 - 2021-07-03 17:30 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\wxmsw30u_core_vc90_x64.dll
2021-07-03 17:30 - 2021-07-03 17:30 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\wxmsw30u_html_vc90_x64.dll
2021-07-03 17:30 - 2021-07-03 17:30 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI53202\wxmsw30u_webview_vc90_x64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 11:14 - 2021-06-29 23:24 - 000001142 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 liveupdate.acronis.com
127.0.0.1 activation.acronis.com
127.0.0.1 web-api-tih.acronis.com
127.0.0.1 download.acronis.com
127.0.0.1 orders.acronis.com
127.0.0.1 ns1.acronis.com
127.0.0.1 ns2.acronis.com
127.0.0.1 ns3.acronis.com
127.0.0.1 account.acronis.com
127.0.0.1 gateway.acronis.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1139899892-52648791-3838483249-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\rossu\Desktop\02128c9a05600f00791544754d5c37c5.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1139899892-52648791-3838483249-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{7C1CCB0B-9C2F-458E-8FE6-02C61C3F74F5}D:\program\myphoneexplorer\myphoneexplorer.exe] => (Allow) D:\program\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [UDP Query User{A752ADBB-50BB-44F4-91E2-504EE3185E1F}D:\program\myphoneexplorer\myphoneexplorer.exe] => (Allow) D:\program\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [TCP Query User{2BB7A460-AD13-4E8C-8F41-AF4306DF5EFF}D:\program\qbittorrent\qbittorrent.exe] => (Allow) D:\program\qbittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [UDP Query User{E6F97944-A316-4EDC-9848-8D991B7E3697}D:\program\qbittorrent\qbittorrent.exe] => (Allow) D:\program\qbittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{1BD8510D-F177-4ABC-A147-E0A23A2C759A}] => (Allow) D:\program\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{17A5897A-D507-47D2-AD90-1EBEAE6BD8C0}] => (Allow) D:\program\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{6A192E68-3B4E-4032-8D0D-9116BB60D549}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F1E0ED4A-49EC-43D6-B22B-525863252DAE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A3077EB3-B3E1-44B1-8FB8-F3C1D85BB788}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C0834ACD-D2B9-4D09-8B0F-084CB238B0B3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EAADEC16-2991-4C4C-8CBA-166F3107FC90}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{26E5CC78-E474-46DC-9811-44BB41FA3BFF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B7D1F786-69F2-4EA0-BA90-44845E254B36}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9FC57CDF-8B46-4F30-A3D2-7C9377375581}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6E2B3900-6795-464D-BC42-6063C6B4A178}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{E87680BD-555E-4B73-A145-593F456FF3C8}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{F3065028-A9B4-4729-85F9-E19F46FB8E4C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

15-06-2021 17:22:58 Instalační služba modulů systému Windows
19-06-2021 18:59:48 JRT Pre-Junkware Removal
23-06-2021 15:33:37 Instalační služba modulů systému Windows
24-06-2021 18:45:57 adobe
28-06-2021 15:11:53 tiskárna
28-06-2021 16:26:40 JRT Pre-Junkware Removal
29-06-2021 23:51:19 Removed Bonjour
03-07-2021 17:16:25 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices ============

Name: Android ADB Interface
Description: Android ADB Interface
Class Guid: {3f966bd9-fa04-4ec5-991c-d326973b5128}
Manufacturer: Xiaomi Technology, Inc.
Service: WinUSB
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Android ADB Interface
Description: Android ADB Interface
Class Guid: {3f966bd9-fa04-4ec5-991c-d326973b5128}
Manufacturer: Xiaomi Technology, Inc.
Service: WinUSB
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Android ADB Interface
Description: Android ADB Interface
Class Guid: {3f966bd9-fa04-4ec5-991c-d326973b5128}
Manufacturer: Xiaomi Technology, Inc.
Service: WinUSB
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Ovladač svazku souborového systému WPD
Description: Ovladač svazku souborového systému WPD
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Microsoft
Service: WUDFWpdFs
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (07/03/2021 02:32:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program svchost.exe verze 10.0.19041.546 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: ac0

Čas spuštění: 01d770051681da02

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\System32\svchost.exe

ID hlášení: 9a72ec86-bd86-40d7-a189-d59e4e753ee1

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (06/30/2021 08:30:25 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na dokument (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (06/30/2021 08:28:53 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na program (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (06/29/2021 11:35:38 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_ON došlo k chybě.

Error: (06/28/2021 03:57:25 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny Failure to use DsRoleGetPrimaryDomainInformation for DC došlo k neočekávané chybě. hr= 0x800706ba, Server RPC není k dispozici.
.

Error: (06/28/2021 03:57:25 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny Failure to use DsRoleGetPrimaryDomainInformation for DC došlo k neočekávané chybě. hr= 0x800706ba, Server RPC není k dispozici.
.

Error: (06/28/2021 03:57:25 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny Failure to use DsRoleGetPrimaryDomainInformation for DC došlo k neočekávané chybě. hr= 0x800706ba, Server RPC není k dispozici.
.

Error: (06/28/2021 03:57:25 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny Failure to use DsRoleGetPrimaryDomainInformation for DC došlo k neočekávané chybě. hr= 0x800706ba, Server RPC není k dispozici.
.


System errors:
=============
Error: (07/03/2021 05:28:49 PM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT AUTHORITY)
Description: J:\Device\HarddiskVolume83

Error: (07/03/2021 05:28:20 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 124) (User: NT AUTHORITY)
Description: 73223849378

Error: (07/03/2021 05:16:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AtherosSvc byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/03/2021 05:16:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (07/03/2021 05:16:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (07/03/2021 05:16:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba CdRom Device Arbiter service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/03/2021 05:16:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Foxit PDF Reader Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/03/2021 05:16:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) HD Graphics Control Panel Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
================
Date: 2021-07-03 18:53:26
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5511E711-5AA2-4FF3-87E3-1174ADFE7421}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Úplné prohledávání
Uživatel: DESKTOP-D47UQCR\rossu

Date: 2021-07-03 15:39:00
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {223C70CE-B0B5-4E42-9E91-225B711E0F09}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-07-03 14:27:28
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Phonzy.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: containerfile:_C:\Users\rossu\Downloads\Runtastic-PRO-Runnin_798164184.zip; file:_C:\Users\rossu\Downloads\Runtastic-PRO-Runnin_798164184.zip->Runtastic-PRO-Runnin_798164184.exe; webfile:_C:\Users\rossu\Downloads\Runtastic-PRO-Runnin_798164184.zip|https://filesgalaxy.com/f07aa4ff1dcf7b2 ... 8135913174
Původ detekce: Internet
Typ detekce: FastPath
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: DESKTOP-D47UQCR\rossu
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.343.310.0, AS: 1.343.310.0, NIS: 1.343.310.0
Verze modulu: AM: 1.1.18300.4, NIS: 1.1.18300.4

Date: 2021-07-01 16:52:32
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_E:\torrent\4K.Video.Downloader.4.16.5.4310.x86\4kvideodownloader_4.16.5_x86.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-D47UQCR\rossu
Název procesu: D:\program\qBittorrent\qbittorrent.exe
Verze bezpečnostních informací: AV: 1.343.155.0, AS: 1.343.155.0, NIS: 1.343.155.0
Verze modulu: AM: 1.1.18300.4, NIS: 1.1.18300.4

Date: 2021-07-01 16:51:54
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Hynamer.C!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_E:\torrent\4K.Video.Downloader.4.16.5.4310.x86\Patch [x32].exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-D47UQCR\rossu
Název procesu: D:\program\qBittorrent\qbittorrent.exe
Verze bezpečnostních informací: AV: 1.343.155.0, AS: 1.343.155.0, NIS: 1.343.155.0
Verze modulu: AM: 1.1.18300.4, NIS: 1.1.18300.4

Date: 2021-06-29 18:58:44
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.343.25.0
Předchozí verze bezpečnostních informací: 1.341.1630.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-06-29 18:58:44
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.343.25.0
Předchozí verze bezpečnostních informací: 1.341.1630.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-06-29 18:58:44
Description:
Program Antivirová ochrana v programu Microsoft Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-06-24 21:39:19
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.341.1356.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18200.4
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2021-06-13 14:16:42
Description:
Antivirová ochrana v programu Microsoft Defender narazil na kritickou chybu při provádění akce s malwarem nebo jiným potenciálně nežádoucím softwarem.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Keygen
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_E:\torrent\IObit Driver Booster Pro v8.4.0.420\IObit Driver Booster Pro v8.4.0.420\patch\Patch.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-D47UQCR\rossu
Název procesu: C:\Windows\explorer.exe
Akce: Neznámý
Stav akce: No additional actions required
Kód chyby: 0x80508032
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Verze bezpečnostních informací: AV: 1.341.652.0, AS: 1.341.652.0, NIS: 1.341.652.0
Verze modulu: AM: 1.1.18200.4, NIS: 1.1.18200.4

CodeIntegrity:
===============
Date: 2021-06-29 23:43:37
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: Insyde Corp. V1.03 04/20/2015
Motherboard: Acer Tashigi_BA
Processor: Intel(R) Pentium(R) CPU N3700 @ 1.60GHz
Percentage of memory in use: 84%
Total physical RAM: 4009.76 MB
Available physical RAM: 608.78 MB
Total Virtual: 8105.76 MB
Available Virtual: 3795.74 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:446.53 GB) (Free:378.18 GB) NTFS
Drive d: (program) (Fixed) (Total:400.39 GB) (Free:390.12 GB) NTFS
Drive e: (dokument) (Fixed) (Total:531.11 GB) (Free:326.01 GB) NTFS
Drive h: (ZALOHA) (Removable) (Total:1952.65 GB) (Free:1920.73 GB) FAT32
Drive i: () (Removable) (Total:1952.64 GB) (Free:1952.64 GB) FAT32
Drive j: (Verbatim HDD) (Fixed) (Total:465.76 GB) (Free:371.56 GB) NTFS

\\?\Volume{eba8f856-50ef-4bc8-a1b4-8efcd302be5a}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS
\\?\Volume{8bc4c0ff-343f-46a5-aad8-220d13b1d08d}\ () (Fixed) (Total:0 GB) (Free:0 GB)
\\?\Volume{b3c1e243-3ac3-46b9-ab5a-ddb9284e602a}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 447.1 GB) (Disk ID: 03829704)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 0382F705)

Partition: GPT.

==========================================================
Disk: 2 (Size: 465.8 GB) (Disk ID: CCEAC4BE)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==========================================================
Disk: 3 (MBR Code: Windows 7/8/10) (Size: 1953.1 GB) (Disk ID: 07A774D6)
Partition 1: (Not Active) - (Size=1953.1 GB) - (Type=07 NTFS)

==========================================================
Disk: 4 (Size: 1953.1 GB) (Disk ID: F4F4F4F4)
No partition Table on disk 4.

==================== End of Addition.txt =======================

Re: PROSÍM O KONTROLU

Napsal: 06 črc 2021 09:15
od Rudy
Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: PROSÍM O KONTROLU

Napsal: 06 črc 2021 12:06
od bigmuff
Dobrý den, tak tady

# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-06-29.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 07-06-2021
# Duration: 00:00:47
# OS: Windows 10 Home
# Scanned: 31987
# Detected: 1


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

PUP.Optional.Seznam.cz Seznam doplněk - Email - bgjpfhpjcgdppjbgnpnjllokbmcdllig

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [1459 octets] - [15/06/2021 20:08:59]
AdwCleaner[S01].txt - [1520 octets] - [19/06/2021 18:32:01]
AdwCleaner[S02].txt - [1581 octets] - [23/06/2021 19:06:09]
AdwCleaner[S03].txt - [1642 octets] - [28/06/2021 20:50:41]
AdwCleaner[S04].txt - [2083 octets] - [03/07/2021 17:15:32]
AdwCleaner[C04].txt - [2126 octets] - [03/07/2021 17:16:02]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S05].txt ##########

Re: PROSÍM O KONTROLU

Napsal: 06 črc 2021 12:30
od bigmuff
..jo a mel jsem minuly týden modrou obrazovku

Obrázek

Obrázek

Re: PROSÍM O KONTROLU

Napsal: 06 črc 2021 12:39
od Rudy
Nalezenou položku smažte (dejte do karantény) a pak dejte nové logy FRST+Addition.

Re: PROSÍM O KONTROLU

Napsal: 06 črc 2021 13:19
od bigmuff
OK tady

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-07-2021
Ran by rossu (administrator) on DESKTOP-D47UQCR (Acer Aspire ES1-731G) (06-07-2021 14:08:07)
Running from C:\Users\rossu\Desktop
Loaded Profiles: rossu
Platform: Windows 10 Home Version 21H1 19043.1081 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Crystal Rich Ltd -> Crystal Rich Ltd) C:\Users\rossu\Desktop\USB.Safely.Remove.6.3.3.1287.Portable\USB.Safely.Remove.6.3.3.1287.Portable.KaranPC\App\USBSafelyRemove\USBSRService.exe
(FOXIT SOFTWARE INC. -> Foxit Software Inc.) D:\program\Foxit Reader\FoxitPDFReaderUpdateService.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(GuinpinSoft inc) [File not signed] C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.0.0_x64.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.BingWeather_4.46.31121.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1139899892-52648791-3838483249-1001\...\Run: [qBittorrent] => D:\program\qBittorrent\qbittorrent.exe [26243584 2021-03-24] () [File not signed]
HKU\S-1-5-21-1139899892-52648791-3838483249-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [50041472 2021-03-12] (Google LLC -> )
HKLM\...\Windows x64\Print Processors\hpzpplhn: C:\Windows\System32\spool\prtprocs\x64\hpzpplhn.dll [109288 2018-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\LIDIL hpzlllhn: C:\Windows\system32\hpzlllhn.dll [58112 2018-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\91.0.4472.124\Installer\chrmstp.exe [2021-07-01] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0CB44164-65ED-4C0A-90E0-87ED4B27EF92} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-07] (Google LLC -> Google LLC)
Task: {2388C49E-5511-434E-A41C-84DA05C917FD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8F3F6A8D-9659-4C22-975F-1B374FD489ED} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AEFA9185-36E6-4815-AA34-683A744106B8} - System32\Tasks\2BrightSparks\SyncBackFree\DESKTOP-D47UQCR-rossu\SyncBackFree dok => D:\program\SyncBackFree\SyncBackFree.exe
Task: {BFB844D9-07E8-4231-8C37-22F04DCAFE9F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CD15A292-6438-4597-BB3D-87DBE6C49C68} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {d189c7f6-7931-40b2-a757-1176d46d84cb} - no filepath
Task: {DB99098A-0A0C-44BB-9604-FDF58BE8E2FF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-07] (Google LLC -> Google LLC)
Task: {F0EBF400-513C-48DB-9864-34CC9DD45189} - System32\Tasks\JumpingBytes\PureSyncElvrossu => D:\program\puresync\PureSyncHelper.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{dfb078ce-395a-4416-87a0-d2f936c96fe4}: [DhcpNameServer] 192.168.0.1 0.0.0.0

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\rossu\AppData\Local\Microsoft\Edge\User Data\Default [2021-07-06]
Edge Notifications: Default -> hxxps://meet.google.com
Edge DefaultSearchURL: Default -> hxxps://fonts.gstatic.com/s/i/productlogos/meet_2020q4/v1/web-24dp/logo_meet_2020q4_color_1x_web_24dp.png
Edge Extension: (Outlook) - C:\Users\rossu\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2021-02-07]
Edge Extension: (Meet – dnz-rrzn-fez) - C:\Users\rossu\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fmddlnfcbciialbgokphhkjppiaakbld [2021-04-07]
Edge Extension: (Word) - C:\Users\rossu\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2021-02-07]
Edge Extension: (Excel) - C:\Users\rossu\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2021-02-07]
Edge Extension: (PowerPoint) - C:\Users\rossu\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf [2021-02-07]

FireFox:
========
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> D:\PROGRAM\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2021-05-19] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> D:\PROGRAM\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2021-05-19] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> D:\PROGRAM\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2021-05-19] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> D:\PROGRAM\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2021-05-19] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> D:\PROGRAM\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2021-05-19] (FOXIT SOFTWARE INC. -> Foxit Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\rossu\AppData\Local\Google\Chrome\User Data\Default [2021-07-06]
CHR Notifications: Default -> hxxps://aukro.cz; hxxps://calendar.google.com; hxxps://click-to-continue.shop; hxxps://cz.pinterest.com; hxxps://mobiltown.cz; hxxps://mosgensovet.ru; hxxps://playfmrussia.ru; hxxps://www.b2bpartner.cz; hxxps://www.facebook.com; hxxps://www.tajnepusinky.com; hxxps://zipdi.spleasedon.fun; hxxps://zvzws.spleasedon.fun
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Extension: (Překladač Google) - C:\Users\rossu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2021-02-07]
CHR Extension: (Prezentace) - C:\Users\rossu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-02-07]
CHR Extension: (Dokumenty) - C:\Users\rossu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-02-07]
CHR Extension: (Disk Google) - C:\Users\rossu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-02-07]
CHR Extension: (YouTube) - C:\Users\rossu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-02-07]
CHR Extension: (Tabulky) - C:\Users\rossu\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-02-07]
CHR Extension: (AddToAny: Share Anywhere) - C:\Users\rossu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffpgijchhhkhnokafdeklpllijgnbche [2021-04-26]
CHR Extension: (Dokumenty Google offline) - C:\Users\rossu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-24]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\rossu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-06-23]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\rossu\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-04-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\rossu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-07]
CHR Extension: (Gmail) - C:\Users\rossu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-02-07]
CHR Extension: (Chrome Media Router) - C:\Users\rossu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-05-30]
CHR Profile: C:\Users\rossu\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-02-07]
CHR Profile: C:\Users\rossu\AppData\Local\Google\Chrome\User Data\System Profile [2021-02-22]
CHR HKU\S-1-5-21-1139899892-52648791-3838483249-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\rossu\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2021-04-27]
CHR HKU\S-1-5-21-1139899892-52648791-3838483249-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 CdRomArbiterService; C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.0.0_x64.exe [8704 2021-04-11] (GuinpinSoft inc) [File not signed]
R2 FoxitReaderUpdateService; D:\PROGRAM\FOXIT READER\FoxitPDFReaderUpdateService.exe [2357880 2021-05-18] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 USBSafelyRemoveService; C:\Users\rossu\Desktop\USB.Safely.Remove.6.3.3.1287.Portable\USB.Safely.Remove.6.3.3.1287.Portable.KaranPC\App\USBSafelyRemove\USBSRService.exe [1752552 2020-06-26] (Crystal Rich Ltd -> Crystal Rich Ltd)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe [2644776 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe [136656 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 IObitUnlocker; D:\program\IObit Unlocker\IObitUnlocker.sys [39000 2020-10-10] (IObit CO., LTD -> IObit Information Technology)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49568 2021-06-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [425184 2021-06-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [76000 2021-06-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-07-06 14:08 - 2021-07-06 14:10 - 000014851 _____ C:\Users\rossu\Desktop\FRST.txt
2021-07-06 14:07 - 2021-07-06 14:07 - 000000000 ____D C:\Users\rossu\Desktop\FRST-OlderVersion
2021-07-06 12:53 - 2021-07-06 12:53 - 008553680 _____ (Malwarebytes) C:\Users\rossu\Desktop\adwcleaner_8.3.0.exe
2021-07-03 18:54 - 2021-07-06 14:07 - 002301440 _____ (Farbar) C:\Users\rossu\Desktop\FRST64.exe
2021-07-03 16:37 - 2021-07-03 16:37 - 000000000 ____D C:\Users\rossu\AppData\Local\WhyNotWin11
2021-07-03 16:36 - 2021-07-06 13:24 - 000000000 ____D C:\Users\rossu\Downloads\bluescreenview
2021-07-03 16:01 - 2021-07-03 16:03 - 002375420 _____ C:\Windows\Minidump\070321-17187-01.dmp
2021-07-02 17:23 - 2021-07-03 16:01 - 687176714 _____ C:\Windows\MEMORY.DMP
2021-07-02 17:23 - 2021-07-02 17:23 - 002226772 _____ C:\Windows\Minidump\070221-22421-01.dmp
2021-06-30 20:52 - 2021-06-30 20:52 - 000002581 _____ C:\Users\rossu\Desktop\SyncToy 2.1.lnk
2021-06-30 20:52 - 2021-06-30 20:52 - 000002581 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SyncToy 2.1.lnk
2021-06-30 20:51 - 2021-06-30 20:51 - 000000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2021-06-29 20:30 - 2021-07-06 13:29 - 000000000 ____D C:\Users\rossu\Desktop\Nová složka
2021-06-28 21:31 - 2021-06-28 21:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.1
2021-06-28 21:23 - 2021-06-28 21:23 - 000000000 ____D C:\Users\rossu\AppData\Roaming\VS Revo Group
2021-06-28 15:26 - 2021-06-28 15:26 - 000000000 ____D C:\Users\rossu\AppData\Roaming\HP
2021-06-28 15:26 - 2021-06-28 15:26 - 000000000 ____D C:\ProgramData\WEBREG
2021-06-28 15:25 - 2021-06-28 15:25 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2021-06-28 15:24 - 2021-06-28 15:24 - 000001056 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registrace I.R.I.S. OCR.lnk
2021-06-28 15:24 - 2021-06-28 15:24 - 000000000 ____D C:\Windows\SysWOW64\spool
2021-06-28 15:24 - 2021-06-28 15:24 - 000000000 ____D C:\Users\rossu\AppData\Roaming\HpUpdate
2021-06-28 15:23 - 2021-06-28 15:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2021-06-28 15:23 - 2021-06-28 15:23 - 000001434 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Centrum řešení HP.lnk
2021-06-28 15:23 - 2021-06-28 15:23 - 000000000 ____D C:\ProgramData\HP Product Assistant
2021-06-28 15:19 - 2021-06-28 15:26 - 000218000 _____ C:\Windows\hpoins19.dat
2021-06-28 15:19 - 2012-10-14 14:03 - 000015561 ____N C:\Windows\hpomdl19.dat
2021-06-28 15:13 - 2021-06-28 15:26 - 000000000 ____D C:\ProgramData\HP
2021-06-28 15:13 - 2021-06-28 15:24 - 000000000 ____D C:\Program Files (x86)\HP
2021-06-28 15:13 - 2021-06-28 15:13 - 000000000 ____D C:\Users\rossu\AppData\Roaming\HPPSDr
2021-06-28 15:13 - 2021-06-28 15:13 - 000000000 ____D C:\HP
2021-06-25 20:12 - 2021-06-25 20:12 - 000000000 ____D C:\Users\rossu\AppData\LocalLow\Adobe
2021-06-24 22:15 - 2021-06-24 22:15 - 000000000 ____D C:\Users\rossu\AppData\Local\NVIDIA
2021-06-24 19:06 - 2021-06-24 19:06 - 000001064 _____ C:\Users\rossu\Desktop\Adobe Photoshop 2021.lnk
2021-06-24 18:54 - 2021-06-24 19:06 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-06-24 18:53 - 2021-06-24 18:58 - 000000000 ____D C:\Program Files\Adobe
2021-06-24 18:53 - 2021-06-24 18:53 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-06-24 18:50 - 2021-06-24 22:14 - 000000000 ____D C:\Users\rossu\AppData\Local\Adobe
2021-06-24 18:50 - 2021-06-24 18:57 - 000000000 ____D C:\ProgramData\Adobe
2021-06-23 15:51 - 2021-06-23 15:51 - 002371072 _____ C:\Windows\system32\rdpnano.dll
2021-06-23 15:51 - 2021-06-23 15:51 - 001823304 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2021-06-23 15:51 - 2021-06-23 15:51 - 001393504 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2021-06-23 15:51 - 2021-06-23 15:51 - 001314128 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2021-06-23 15:51 - 2021-06-23 15:51 - 000570880 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2021-06-23 15:51 - 2021-06-23 15:51 - 000452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2021-06-23 15:51 - 2021-06-23 15:51 - 000097792 _____ C:\Windows\system32\Drivers\cimfs.sys
2021-06-23 15:51 - 2021-06-23 15:51 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl
2021-06-23 15:51 - 2021-06-23 15:51 - 000067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscui.cpl
2021-06-23 15:51 - 2021-06-23 15:51 - 000060928 _____ C:\Windows\system32\runexehelper.exe
2021-06-23 15:51 - 2021-06-23 15:51 - 000011333 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-06-23 15:50 - 2021-06-23 15:50 - 002260992 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2021-06-19 20:17 - 2021-06-19 20:17 - 000086939 _____ C:\Users\rossu\Downloads\[SkT]Minamata_(EN)(2020)[WEBRip][1080p]_=_CSFD_70%.torrent
2021-06-15 20:29 - 2021-06-15 20:29 - 000000000 ____D C:\Users\rossu\AppData\Local\GHISLER
2021-06-15 20:28 - 2021-06-15 20:28 - 000000724 _____ C:\Users\rossu\Desktop\Total Commander.lnk
2021-06-15 20:28 - 2021-06-15 20:28 - 000000000 ____D C:\Users\rossu\AppData\Roaming\GHISLER
2021-06-15 20:08 - 2021-07-03 17:16 - 000000000 ____D C:\AdwCleaner
2021-06-15 17:46 - 2021-06-15 17:46 - 000000000 ____D C:\ProgramData\Apple
2021-06-13 14:54 - 2021-06-13 14:54 - 001149432 _____ (Realtek ) C:\Windows\system32\Drivers\rt640x64.sys
2021-06-13 14:49 - 2021-06-13 14:49 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2021-06-13 14:47 - 2021-06-13 14:47 - 001734288 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6442531.dll
2021-06-13 14:47 - 2021-06-13 14:47 - 001467864 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6442531.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 040421064 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 035268296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 020107920 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 017432992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 010320528 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 008785944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 005276064 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 004625552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 004304672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 002033112 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 001536144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 001465432 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 001169120 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 001130584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 001006800 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 001006800 _____ C:\Windows\system32\vulkan-1.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 000915088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 000870096 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 000870096 _____ C:\Windows\SysWOW64\vulkan-1.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 000668664 _____ C:\Windows\system32\nvofapi64.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 000631896 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 000552328 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 000534936 _____ C:\Windows\SysWOW64\nvofapi.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 000522144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 000457096 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2021-06-13 14:46 - 2021-06-13 14:46 - 000415992 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\AdminService.exe
2021-06-13 14:46 - 2021-06-13 14:46 - 000286416 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2021-06-13 14:46 - 2021-06-13 14:46 - 000286416 _____ C:\Windows\system32\vulkaninfo.exe
2021-06-13 14:46 - 2021-06-13 14:46 - 000260304 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-06-13 14:46 - 2021-06-13 14:46 - 000260304 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2021-06-13 14:46 - 2021-06-13 14:46 - 000069368 _____ (Qualcomm) C:\Windows\system32\Drivers\btfilter.sys
2021-06-13 14:46 - 2021-06-13 14:46 - 000046268 _____ C:\Windows\system32\Drivers\AthrBT_0x31010000.dfu
2021-06-13 14:46 - 2021-06-13 14:46 - 000045380 _____ C:\Windows\system32\Drivers\AthrBT_0x31010100.dfu
2021-06-13 14:46 - 2021-06-13 14:46 - 000040684 _____ C:\Windows\system32\Drivers\AthrBT_0x31010000_ss01.dfu
2021-06-13 14:46 - 2021-06-13 14:46 - 000001926 _____ C:\Windows\system32\Drivers\ramps_0x31010000_40_0xf0.dfu
2021-06-13 14:46 - 2021-06-13 14:46 - 000001926 _____ C:\Windows\system32\Drivers\ramps_0x31010000_40_0x21.dfu
2021-06-13 14:46 - 2021-06-13 14:46 - 000001926 _____ C:\Windows\system32\Drivers\ramps_0x31010000_40_0x11.dfu
2021-06-13 14:46 - 2021-06-13 14:46 - 000001926 _____ C:\Windows\system32\Drivers\ramps_0x31010000_40.dfu
2021-06-13 14:46 - 2021-06-13 14:46 - 000001922 _____ C:\Windows\system32\Drivers\ramps_0x31010100_40.dfu
2021-06-13 14:46 - 2021-06-13 14:46 - 000001516 _____ C:\Windows\system32\Drivers\ramps_0x31010000_40_SS01.dfu
2021-06-13 14:46 - 2021-06-13 14:46 - 000001516 _____ C:\Windows\system32\Drivers\ramps_0x31010000_40_LV01.dfu
2021-06-13 14:46 - 2021-06-13 14:46 - 000001516 _____ C:\Windows\system32\Drivers\ramps_0x31010000_40_0xf1.dfu
2021-06-13 14:46 - 2021-06-13 14:46 - 000001516 _____ C:\Windows\system32\Drivers\ramps_0x31010000_40_0x22.dfu
2021-06-13 14:46 - 2021-06-13 14:46 - 000001516 _____ C:\Windows\system32\Drivers\ramps_0x31010000_40_0x12.dfu
2021-06-13 14:46 - 2021-06-13 14:46 - 000001516 _____ C:\Windows\system32\Drivers\ramps_0x31010000_40_0x01.dfu
2021-06-13 14:46 - 2021-06-13 14:46 - 000001512 _____ C:\Windows\system32\Drivers\ramps_0x31010100_40_0xf1.dfu
2021-06-13 14:46 - 2021-06-13 14:46 - 000001512 _____ C:\Windows\system32\Drivers\ramps_0x31010100_40_0x01.dfu
2021-06-13 14:45 - 2021-06-13 14:45 - 004322672 _____ (Qualcomm Atheros Communications, Inc.) C:\Windows\system32\Drivers\athw10x.sys
2021-06-13 14:45 - 2021-06-13 14:45 - 000056840 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2021-06-13 14:41 - 2021-06-13 14:41 - 032130848 _____ (Intel Corporation) C:\Windows\system32\igdumdim64.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 031213112 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdim32.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 029084160 _____ (Intel Corporation) C:\Windows\system32\common_clang64.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 027097256 _____ (Intel Corporation) C:\Windows\SysWOW64\igd11dxva32.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 019844096 _____ (Intel Corporation) C:\Windows\SysWOW64\common_clang32.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 015187896 _____ (Intel Corporation) C:\Windows\system32\igc64.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 013454848 _____ (Intel Corporation) C:\Windows\system32\ig8icd64.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 013195352 _____ (Intel Corporation) C:\Windows\SysWOW64\igc32.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 011235256 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10iumd32.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 010195968 _____ (Intel Corporation) C:\Windows\SysWOW64\ig8icd32.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 005797102 _____ C:\Windows\system32\igdclbif.bin
2021-06-13 14:41 - 2021-06-13 14:41 - 005668352 _____ (Intel Corporation) C:\Windows\system32\igdmcl64.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 005245440 _____ (Intel Corporation) C:\Windows\system32\GfxResources.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 004941952 _____ (Intel Corporation) C:\Windows\SysWOW64\igdusc32.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 004632576 _____ (Intel Corporation) C:\Windows\system32\igdrcl64.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 004387824 _____ (Intel Corporation) C:\Windows\system32\igd12umd64.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 004232800 _____ (Intel Corporation) C:\Windows\SysWOW64\igd12umd32.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 004161024 _____ (Intel Corporation) C:\Windows\SysWOW64\igdrcl32.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 003952640 _____ (Intel Corporation) C:\Windows\SysWOW64\igdmcl32.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 002105832 _____ (Intel Corporation) C:\Windows\system32\igdmd64.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 001767992 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 001765408 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 001631520 _____ (Intel Corporation) C:\Windows\SysWOW64\igdmd32.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 001559552 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 001150464 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 001008232 _____ C:\Windows\system32\igfxSDK.exe
2021-06-13 14:41 - 2021-06-13 14:41 - 000944232 _____ (Intel Corporation) C:\Windows\system32\Gfxv4_0.exe
2021-06-13 14:41 - 2021-06-13 14:41 - 000940648 _____ (Intel Corporation) C:\Windows\system32\Gfxv2_0.exe
2021-06-13 14:41 - 2021-06-13 14:41 - 000826341 _____ C:\Windows\system32\DisplayAudiox64.cab
2021-06-13 14:41 - 2021-06-13 14:41 - 000609280 _____ (Intel Corporation) C:\Windows\system32\MetroIntelGenericUIFramework.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000604264 _____ (Intel Corporation) C:\Windows\system32\IntelCpHDCPSvc.exe
2021-06-13 14:41 - 2021-06-13 14:41 - 000517736 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiUMS64.exe
2021-06-13 14:41 - 2021-06-13 14:41 - 000448104 _____ (Intel Corporation) C:\Windows\system32\GfxUIEx.exe
2021-06-13 14:41 - 2021-06-13 14:41 - 000421888 _____ (Intel Corporation) C:\Windows\system32\igdbcl64.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000409976 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000408928 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000398848 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000384104 _____ C:\Windows\system32\igfxTray.exe
2021-06-13 14:41 - 2021-06-13 14:41 - 000372736 _____ (Intel Corporation) C:\Windows\system32\igfxOSP.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000371200 _____ (Intel Corporation) C:\Windows\SysWOW64\igdbcl32.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000357904 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000355832 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000332800 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiMCComp64.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000301056 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000289936 _____ (Intel Corporation) C:\Windows\system32\igd10idpp64.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000282728 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2021-06-13 14:41 - 2021-06-13 14:41 - 000274504 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10idpp32.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000256000 _____ C:\Windows\system32\igfxCPL.cpl
2021-06-13 14:41 - 2021-06-13 14:41 - 000248832 _____ (Intel Corporation) C:\Windows\system32\igdfcl64.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000238080 _____ (Intel Corporation) C:\Windows\system32\igfxDTCM.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000220432 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000218216 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2021-06-13 14:41 - 2021-06-13 14:41 - 000213608 _____ (Intel Corporation) C:\Windows\system32\DPTopologyApp.exe
2021-06-13 14:41 - 2021-06-13 14:41 - 000213096 _____ (Intel Corporation) C:\Windows\system32\DPTopologyAppv2_0.exe
2021-06-13 14:41 - 2021-06-13 14:41 - 000207872 _____ (Intel Corporation) C:\Windows\SysWOW64\igdfcl32.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000201368 _____ (Intel Corporation) C:\Windows\system32\igdde64.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000188928 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v4352.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000184352 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000175616 _____ (Intel Corporation) C:\Windows\system32\igdail64.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000160680 _____ (Intel Corporation) C:\Windows\SysWOW64\igdde32.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000157632 _____ (Intel Corporation) C:\Windows\system32\Drivers\TXEIx64.sys
2021-06-13 14:41 - 2021-06-13 14:41 - 000156264 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2021-06-13 14:41 - 2021-06-13 14:41 - 000155648 _____ (Intel Corporation) C:\Windows\SysWOW64\igdail32.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000094208 _____ ( ) C:\Windows\system32\igfxSDKLibv2_0.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000086528 _____ (Khronos Group) C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000086016 _____ C:\Windows\system32\igfxCUIServicePS.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000083456 _____ ( ) C:\Windows\system32\igfxSDKLib.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000082432 _____ (Khronos Group) C:\Windows\system32\Intel_OpenCL_ICD64.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000077824 _____ ( ) C:\Windows\system32\igfxDHLibv2_0.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000066048 _____ ( ) C:\Windows\system32\igfxDHLib.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000041296 _____ C:\Windows\system32\iglhxc64_dev.vp
2021-06-13 14:41 - 2021-06-13 14:41 - 000040931 _____ C:\Windows\system32\iglhxo64_dev.vp
2021-06-13 14:41 - 2021-06-13 14:41 - 000040343 _____ C:\Windows\system32\iglhxo64.vp
2021-06-13 14:41 - 2021-06-13 14:41 - 000040316 _____ C:\Windows\system32\iglhxc64.vp
2021-06-13 14:41 - 2021-06-13 14:41 - 000039798 _____ C:\Windows\system32\iglhxg64_dev.vp
2021-06-13 14:41 - 2021-06-13 14:41 - 000039658 _____ C:\Windows\system32\iglhxg64.vp
2021-06-13 14:41 - 2021-06-13 14:41 - 000036616 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000035328 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000011776 _____ ( ) C:\Windows\system32\igfxDILibv2_0.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000011776 _____ ( ) C:\Windows\system32\igfxDILib.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000010240 _____ ( ) C:\Windows\system32\igfxEMLibv2_0.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000010240 _____ ( ) C:\Windows\system32\igfxEMLib.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000005360 _____ C:\Windows\system32\iglhxs64lp.vp
2021-06-13 14:41 - 2021-06-13 14:41 - 000005120 _____ ( ) C:\Windows\system32\igfxLHMLibv2_0.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000005120 _____ ( ) C:\Windows\system32\igfxLHMLib.dll
2021-06-13 14:41 - 2021-06-13 14:41 - 000001125 _____ C:\Windows\system32\iglhxa64.vp
2021-06-13 14:40 - 2021-06-13 14:40 - 000861184 _____ (Hewlett-Packard) C:\Windows\system32\hpowiav1.dll
2021-06-13 14:40 - 2021-06-13 14:40 - 000730624 _____ (Hewlett-Packard Co.) C:\Windows\system32\hpotscl1.dll
2021-06-13 14:40 - 2021-06-13 14:40 - 000498176 _____ (Hewlett-Packard Co.) C:\Windows\system32\hpovst01.dll
2021-06-13 14:21 - 2021-06-13 14:22 - 000000000 ____D C:\Users\rossu\AppData\LocalLow\IObit
2021-06-13 14:04 - 2021-06-13 14:04 - 000000000 ____D C:\Windows\TempInst
2021-06-13 14:04 - 2021-06-13 14:04 - 000000000 ____D C:\ProgramData\HUAWEI Mobile Broadband
2021-06-13 14:00 - 2021-06-13 14:00 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-06-13 14:00 - 2021-06-13 14:00 - 000000000 ____D C:\Program Files (x86)\Realtek
2021-06-13 14:00 - 2021-01-28 14:25 - 009907704 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RsCRIcon.dll
2021-06-13 13:59 - 2021-06-13 13:59 - 000000000 ____D C:\ProgramData\Dell
2021-06-13 13:50 - 2021-06-13 13:50 - 000000000 ____D C:\Windows\SysWOW64\sda
2021-06-13 13:50 - 2021-01-28 14:25 - 000444920 _____ (Realsil Semiconductor Corporation) C:\Windows\system32\Drivers\RtsUer.sys
2021-06-13 13:50 - 2014-10-20 11:50 - 000083160 _____ (Realtek Semiconductor.) C:\Windows\system32\RtCRX64.dll
2021-06-13 10:54 - 2021-06-15 18:03 - 000000000 ____D C:\ProgramData\IObit
2021-06-13 10:54 - 2021-06-13 10:54 - 000000753 _____ C:\Users\Public\Desktop\IObit Unlocker.lnk
2021-06-13 10:54 - 2021-06-13 10:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Unlocker
2021-06-13 10:54 - 2021-06-13 10:54 - 000000000 ____D C:\ProgramData\IObit Information Technology
2021-06-12 23:52 - 2021-06-12 23:52 - 000000000 ____D C:\Windows\system32\Tasks\2BrightSparks
2021-06-12 21:43 - 2021-06-12 21:43 - 000000000 ____D C:\Users\Public\Jumping Bytes
2021-06-12 21:41 - 2021-06-12 21:41 - 000000000 ____D C:\Windows\system32\Tasks\JumpingBytes
2021-06-10 19:45 - 2021-06-10 19:46 - 000011278 _____ C:\Users\rossu\Downloads\Ceník prací D+M.xlsx
2021-06-10 19:16 - 2021-06-10 19:16 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2021-06-10 19:16 - 2021-06-10 19:16 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2021-06-10 19:16 - 2021-06-10 19:16 - 001864192 _____ (The ICU Project) C:\Windows\SysWOW64\icu.dll
2021-06-10 19:16 - 2021-06-10 19:16 - 000468440 _____ C:\Windows\SysWOW64\WindowManagementAPI.dll
2021-06-10 19:16 - 2021-06-10 19:16 - 000423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2021-06-10 19:16 - 2021-06-10 19:16 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe
2021-06-10 19:15 - 2021-06-10 19:15 - 002260480 _____ (The ICU Project) C:\Windows\system32\icu.dll
2021-06-10 19:15 - 2021-06-10 19:15 - 000657464 _____ C:\Windows\system32\WindowManagementAPI.dll
2021-06-10 19:15 - 2021-06-10 19:15 - 000563712 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2021-06-10 19:15 - 2021-06-10 19:15 - 000287232 _____ C:\Windows\system32\CoreMas.dll
2021-06-10 19:15 - 2021-06-10 19:15 - 000272384 _____ C:\Windows\system32\TpmTool.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-07-06 14:14 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-07-06 14:09 - 2021-02-21 12:07 - 000000000 ____D C:\FRST
2021-07-06 14:07 - 2021-02-07 07:04 - 000000000 ____D C:\Users\rossu\AppData\Roaming\qBittorrent
2021-07-06 14:05 - 2020-11-19 00:29 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-07-06 13:15 - 2021-04-30 20:10 - 000000000 ___HD C:\Users\rossu\OneDrive\Documents\.tmp.drivedownload
2021-07-06 13:08 - 2021-02-07 03:15 - 001693920 _____ C:\Windows\system32\PerfStringBackup.INI
2021-07-06 13:08 - 2019-12-07 16:41 - 000718210 _____ C:\Windows\system32\perfh005.dat
2021-07-06 13:08 - 2019-12-07 16:41 - 000145352 _____ C:\Windows\system32\perfc005.dat
2021-07-06 13:08 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2021-07-06 13:04 - 2021-04-27 15:21 - 000000000 ___RD C:\Users\rossu\Disk Google
2021-07-06 13:02 - 2021-02-07 03:21 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-07-06 13:02 - 2021-02-07 03:21 - 000000000 __SHD C:\Users\rossu\IntelGraphicsProfiles
2021-07-06 13:00 - 2021-02-07 03:16 - 000000000 ____D C:\ProgramData\NVIDIA
2021-07-06 13:00 - 2021-02-07 03:02 - 000008192 ___SH C:\DumpStack.log.tmp
2021-07-06 13:00 - 2020-11-19 01:30 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-07-06 12:59 - 2019-12-07 11:03 - 000786432 _____ C:\Windows\system32\config\BBI
2021-07-06 11:32 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2021-07-06 11:31 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-07-03 17:26 - 2021-02-07 03:11 - 000000000 ____D C:\Users\rossu
2021-07-03 17:14 - 2021-04-11 17:15 - 000000000 ____D C:\Users\rossu\Desktop\čistka
2021-07-03 16:52 - 2021-04-07 17:14 - 000002914 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1139899892-52648791-3838483249-1002
2021-07-03 16:52 - 2021-02-07 03:21 - 000003460 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-07-03 16:52 - 2021-02-07 03:21 - 000003236 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-07-03 16:52 - 2021-02-07 03:16 - 000002914 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1139899892-52648791-3838483249-1001
2021-07-03 16:52 - 2021-02-07 03:03 - 000002910 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1139899892-52648791-3838483249-500
2021-07-03 16:52 - 2020-11-19 01:32 - 000003572 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-07-03 16:52 - 2020-11-19 01:32 - 000003348 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-07-03 16:38 - 2021-03-09 18:01 - 000000000 ____D C:\Users\rossu\AppData\Local\D3DSCache
2021-07-03 16:04 - 2021-02-24 19:19 - 000000000 ____D C:\Windows\Minidump
2021-07-03 11:32 - 2020-11-19 01:32 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-07-01 16:48 - 2021-02-07 03:22 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-06-29 23:46 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-06-29 20:48 - 2021-02-09 21:55 - 000000000 ____D C:\Users\rossu\AppData\Roaming\MyPhoneExplorer
2021-06-28 22:25 - 2020-11-19 00:29 - 000459400 _____ C:\Windows\system32\FNTCACHE.DAT
2021-06-28 22:13 - 2021-05-13 19:05 - 000000000 ____D C:\Users\rossu\AppData\Roaming\USBSafelyRemove
2021-06-28 22:01 - 2021-02-07 09:29 - 000000000 ____D C:\Users\rossu\AppData\Local\CrashDumps
2021-06-28 15:52 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2021-06-28 15:25 - 2019-12-07 11:14 - 000000127 _____ C:\Windows\win.ini
2021-06-28 12:27 - 2021-02-17 18:52 - 000000000 ____D C:\Users\rossu\AppData\Local\ElevatedDiagnostics
2021-06-28 11:16 - 2021-02-07 03:16 - 000000000 ___RD C:\Users\rossu\OneDrive
2021-06-28 11:16 - 2021-02-07 03:11 - 000002377 _____ C:\Users\rossu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-06-24 22:15 - 2021-02-07 03:14 - 000000000 ____D C:\Users\rossu\AppData\Roaming\Adobe
2021-06-24 21:42 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\NDF
2021-06-24 18:52 - 2021-03-01 17:28 - 000000000 ____D C:\ProgramData\Package Cache
2021-06-24 18:51 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-06-23 17:21 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-06-23 17:21 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2021-06-23 17:21 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2021-06-23 17:21 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-06-23 17:21 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2021-06-23 17:21 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup
2021-06-23 17:21 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2021-06-23 17:21 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2021-06-23 17:21 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Provisioning
2021-06-23 17:21 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2021-06-15 20:43 - 2021-02-07 03:14 - 000000000 ____D C:\Users\rossu\AppData\Local\VirtualStore
2021-06-15 19:11 - 2021-02-07 09:29 - 000000000 ____D C:\Users\rossu\AppData\Roaming\Foxit Software
2021-06-15 19:10 - 2021-02-07 09:30 - 000000000 ____D C:\ProgramData\Foxit Software
2021-06-15 17:51 - 2021-04-07 17:08 - 000000000 ____D C:\Users\sucha
2021-06-13 15:10 - 2021-02-07 03:14 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-06-13 14:49 - 2021-02-07 03:14 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-06-13 14:46 - 2021-02-07 03:13 - 005045704 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2021-06-13 14:46 - 2021-02-07 03:13 - 000049910 _____ C:\Windows\system32\nvinfo.pb
2021-06-13 14:44 - 2021-02-07 03:21 - 000000200 _____ C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2021-06-13 14:41 - 2021-02-07 03:20 - 025836024 _____ (Intel Corporation) C:\Windows\system32\igd11dxva64.dll
2021-06-13 14:41 - 2021-02-07 03:20 - 013680976 _____ (Intel Corporation) C:\Windows\system32\igd10iumd64.dll
2021-06-13 14:41 - 2021-02-07 03:20 - 007322064 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64lp.sys
2021-06-13 14:41 - 2021-02-07 03:20 - 006457088 _____ (Intel Corporation) C:\Windows\system32\igdusc64.dll
2021-06-13 14:41 - 2021-02-07 03:20 - 002041344 _____ (Intel Corporation) C:\Windows\system32\igfxLHM.dll
2021-06-13 14:41 - 2021-02-07 03:20 - 000733184 _____ (Intel Corporation) C:\Windows\system32\igfxDH.dll
2021-06-13 14:41 - 2021-02-07 03:20 - 000369664 _____ (Intel Corporation) C:\Windows\system32\igfxDI.dll
2021-06-13 14:41 - 2021-02-07 03:20 - 000354920 _____ (Intel Corporation) C:\Windows\system32\igfxCUIService.exe
2021-06-13 14:41 - 2021-02-07 03:20 - 000335976 _____ (Intel Corporation) C:\Windows\system32\igfxEM.exe
2021-06-13 14:41 - 2021-02-07 03:20 - 000250472 _____ (Intel Corporation) C:\Windows\system32\igfxHK.exe
2021-06-12 13:49 - 2021-02-20 16:43 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-06-12 11:26 - 2020-11-19 01:30 - 000000000 ____D C:\Windows\system32\Drivers\wd
2021-06-10 20:09 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\PrintDialog
2021-06-10 20:09 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2021-06-10 20:09 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2021-06-10 20:09 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\migwiz
2021-06-10 20:09 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\lv-LV
2021-06-10 20:09 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\et-EE
2021-06-10 18:52 - 2021-02-07 07:47 - 000000000 ____D C:\Windows\system32\MRT
2021-06-10 18:46 - 2021-02-07 07:47 - 132447432 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories ========

2021-05-07 17:20 - 2021-05-07 17:20 - 000000001 _____ () C:\Users\rossu\AppData\Local\llftool.4.40.agreement
2021-05-04 21:00 - 2021-05-04 21:00 - 000000017 _____ () C:\Users\rossu\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Re: PROSÍM O KONTROLU

Napsal: 06 črc 2021 13:20
od bigmuff
a tady

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-07-2021
Ran by rossu (06-07-2021 14:14:26)
Running from C:\Users\rossu\Desktop
Windows 10 Home Version 21H1 19043.1081 (X64) (2021-02-07 01:08:10)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1139899892-52648791-3838483249-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1139899892-52648791-3838483249-503 - Limited - Disabled)
Guest (S-1-5-21-1139899892-52648791-3838483249-501 - Limited - Disabled)
rossu (S-1-5-21-1139899892-52648791-3838483249-1001 - Administrator - Enabled) => C:\Users\rossu
WDAGUtilityAccount (S-1-5-21-1139899892-52648791-3838483249-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4K Video Downloader (HKLM\...\{324530FC-5511-4D31-95D2-92BFB823F16F}) (Version: 4.15.0.4160 - Open Media LLC) Hidden
4K Video Downloader (HKLM-x32\...\{6f4880c8-b3c8-48f7-9f1d-ccbd16680059}) (Version: 4.15.0.4160 - Open Media LLC)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{B7B3E9B3-FB14-4927-894B-E9124509AF5A}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
Adobe Photoshop 2021 (HKLM-x32\...\PHSP_22_4_2) (Version: 22.4.2.242 - Adobe Inc.)
Backup and Sync from Google (HKLM\...\{3CBE1074-3A4F-4BA6-95E3-7A660B54FE33}) (Version: 3.55.3625.9414 - Google, Inc.)
Balíček ovladače systému Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
Balíček ovladače systému Windows - Intel Corporation (iagpioe) System (05/21/2015 604.10120.2652.361) (HKLM\...\AF9226384B030787C4D0F761A23F48F7649D6D17) (Version: 05/21/2015 604.10120.2652.361 - Intel Corporation)
Balíček ovladače systému Windows - Intel Corporation (iai2ce) System (05/21/2015 604.10120.2654.367) (HKLM\...\B37036F6A0766DAC3E418F6CAE67005C5F3A8C40) (Version: 05/21/2015 604.10120.2654.367 - Intel Corporation)
Balíček ovladače systému Windows - Intel Corporation (iauarte) System (05/21/2015 604.10120.2653.391) (HKLM\...\1D4FF76A05A14FF5BA3636A41E0AB237F3A55E14) (Version: 05/21/2015 604.10120.2653.391 - Intel Corporation)
Excel (HKU\S-1-5-21-1139899892-52648791-3838483249-1001\...\1fc5b090eab9aa41f8a2f5987367e6da) (Version: 1.0 - Excel)
Foxit PDF Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 11.0.0.49893 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.124 - Google LLC)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software (HKLM\...\{6F5B70F0-EA6C-4A5B-BB16-8390BD66B251}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4352 - Intel Corporation)
IObit Unlocker (HKLM-x32\...\IObit Unlocker_is1) (Version: 1.2 - IObit Information Technology)
jwDuplFiles 2.0 (HKLM-x32\...\jwDuplFiles_is1) (Version: - jw)
LibreOffice 7.1.4.2 (HKLM\...\{7BE60D5A-5444-4E4D-9BAE-6A5BEA22C2AA}) (Version: 7.1.4.2 - The Document Foundation)
MediaInfo 21.03 (HKLM\...\MediaInfo) (Version: 21.03 - MediaArea.net)
Medieval CUE Splitter (HKLM-x32\...\{B96D2269-568B-4CBF-9332-12FAE8B158F7}) (Version: 1.2.0 - Medieval Software)
Microsoft Access database engine 2010 (English) (HKLM-x32\...\{90140000-00D1-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.64 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1139899892-52648791-3838483249-1001\...\OneDriveSetup.exe) (Version: 21.109.0530.0001 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x86) ENU (HKLM-x32\...\{FF63121D-91C6-42CC-B341-F1AA729728E7}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x86) ENU (HKLM-x32\...\{D3A80508-CD83-4CA3-8671-914A1BC78B61}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
Minimal ADB and Fastboot version 1.4.2 (HKLM-x32\...\{1901BAF7-7E78-4041-BC88-D0EE5DD1DFD9}_is1) (Version: 1.4.2 - Sam Rodberg)
Minimal ADB and Fastboot version 1.4.3 (HKLM-x32\...\{B561660D-8B3C-491D-9E3E-293F14FCAADA}_is1) (Version: 1.4.3 - Samuel Rodberg)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.15 - F.J. Wechselberger)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
PowerPoint (HKU\S-1-5-21-1139899892-52648791-3838483249-1001\...\319814cb56b667dff88f54e08be8f51f) (Version: 1.0 - PowerPoint)
qBittorrent 4.3.4.1 (HKLM-x32\...\qBittorrent) (Version: 4.3.4.1 - The qBittorrent project)
Qualcomm USB Drivers For Windows (HKLM-x32\...\{D9FB7F91-9687-4B09-894D-072903CADEA4}) (Version: 1.00.25 - QUALCOMM Incorporated)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.19042.31267 - Realtek Semiconductor Corp.)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SyncToy 2.1 (x86) (HKLM-x32\...\{A066194B-DC8F-449A-8E0F-B57BDD3A2072}) (Version: 2.1.0 - Microsoft)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 10.00 - Ghisler Software GmbH)
USB Bridge Installer (HKLM\...\USB Bridge Installer_is1) (Version: - )
VS Revo Group (HKU\S-1-5-21-1139899892-52648791-3838483249-1001\...\{1F44C2C3-CECF-B184-84E9-449538C5D6E9}) (Version: v.4.3.3 - libbi)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
WinZip (HKLM\...\WinZip) (Version: 25.0 (14273s) - 64bitový - WinZip Computing)
Word (HKU\S-1-5-21-1139899892-52648791-3838483249-1001\...\1b837d0bf93d01407352736c91b7bf50) (Version: 1.0 - Word)
XiaoMiFlash (HKLM-x32\...\{17027A8C-4379-424D-9236-075003273CE3}) (Version: 1.1.4 - XiaoMi)
ZPS 19 CZ (HKU\S-1-5-21-1139899892-52648791-3838483249-1001\...\{E83AA227-7862-F115-2E87-46DCA9E3D879}) (Version: v.19.2004.2.262 - 18.08.2020 - libbi)

Packages:
=========
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.6151.0_x64__8wekyb3d8bbwe [2021-06-21] (Microsoft Studios) [MS Ad]
Outlook -> C:\Program Files\WindowsApps\outlook.com-78C9D47_1.0.0.2_neutral__3t89ybq5n4y7r [2021-06-06] (outlook.com)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2021-04-11] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-06-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-06-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-06-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-03-12] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-03-12] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-03-12] (Google LLC -> Google)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-06-24] (Adobe Inc. -> )
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-03-12] (Google LLC -> Google)
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => D:\program\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) [File not signed]
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => D:\program\IObit Unlocker\IObitUnlockerExtension.dll [2020-10-10] (IObit Information Technology -> IObit Information Technology)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\program\winrar\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\program\winrar\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-03-12] (Google LLC -> Google)
ContextMenuHandlers4: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => D:\program\IObit Unlocker\IObitUnlockerExtension.dll [2020-10-10] (IObit Information Technology -> IObit Information Technology)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2021-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-06-24] (Adobe Inc. -> )
ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => D:\program\IObit Unlocker\IObitUnlockerExtension.dll [2020-10-10] (IObit Information Technology -> IObit Information Technology)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\program\winrar\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\program\winrar\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\rossu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=leffmjdabcgaflkikcefahmlgpodjkdm
ShortcutWithArgument: C:\Users\rossu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=opfacbhaojodjaojgocnibmklknchehf
ShortcutWithArgument: C:\Users\rossu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=hikhggiobiflkdfdgdajcfklmcibbopi

==================== Loaded Modules (Whitelisted) =============

2021-07-06 13:02 - 2021-07-06 13:02 - 000114176 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\_ctypes.pyd
2021-07-06 13:02 - 2021-07-06 13:02 - 000172544 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\_elementtree.pyd
2021-07-06 13:02 - 2021-07-06 13:02 - 002255872 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\_hashlib.pyd
2021-07-06 13:02 - 2021-07-06 13:02 - 000032256 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\_multiprocessing.pyd
2021-07-06 13:02 - 2021-07-06 13:02 - 000046080 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\_psutil_windows.pyd
2021-07-06 13:02 - 2021-07-06 13:02 - 000047616 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\_socket.pyd
2021-07-06 13:02 - 2021-07-06 13:02 - 002824704 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\_ssl.pyd
2021-07-06 13:02 - 2021-07-06 13:02 - 000026112 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\_yappi.pyd
2021-07-06 13:02 - 2021-07-06 13:02 - 000080896 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\bz2.pyd
2021-07-06 13:02 - 2021-07-06 13:02 - 000015872 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\common.time34.pyd
2021-07-06 13:02 - 2021-07-06 13:02 - 000007680 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\hashobjs_ext.pyd
2021-07-06 13:02 - 2021-07-06 13:02 - 000301568 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\PIL._imaging.pyd
2021-07-06 13:02 - 2021-07-06 13:02 - 000168448 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\pyexpat.pyd
2021-07-06 13:02 - 2021-07-06 13:02 - 001084416 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\pysqlite2._sqlite.pyd
2021-07-06 13:02 - 2021-07-06 13:02 - 000548864 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\pythoncom27.dll
2021-07-06 13:02 - 2021-07-06 13:02 - 000137728 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\pywintypes27.dll
2021-07-06 13:02 - 2021-07-06 13:02 - 000010752 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\select.pyd
2021-07-06 13:02 - 2021-07-06 13:02 - 000020992 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\thumbnails_ext.pyd
2021-07-06 13:02 - 2021-07-06 13:02 - 000689664 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\unicodedata.pyd
2021-07-06 13:02 - 2021-07-06 13:02 - 000119808 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\usb_ext.pyd
2021-07-06 13:02 - 2021-07-06 13:02 - 000128512 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\win32api.pyd
2021-07-06 13:02 - 2021-07-06 13:02 - 000438784 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\win32com.shell.shell.pyd
2021-07-06 13:02 - 2021-07-06 13:02 - 000011776 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\win32crypt.pyd
2021-07-06 13:02 - 2021-07-06 13:02 - 000023040 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\win32event.pyd
2021-07-06 13:02 - 2021-07-06 13:02 - 000149504 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\win32file.pyd
2021-07-06 13:02 - 2021-07-06 13:02 - 000223232 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\win32gui.pyd
2021-07-06 13:02 - 2021-07-06 13:02 - 000048128 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\win32inet.pyd
2021-07-06 13:02 - 2021-07-06 13:02 - 000029696 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\win32pdh.pyd
2021-07-06 13:02 - 2021-07-06 13:02 - 000027648 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\win32pipe.pyd
2021-07-06 13:02 - 2021-07-06 13:02 - 000044032 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\win32process.pyd
2021-07-06 13:02 - 2021-07-06 13:02 - 000020480 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\win32profile.pyd
2021-07-06 13:02 - 2021-07-06 13:02 - 000136192 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\win32security.pyd
2021-07-06 13:02 - 2021-07-06 13:02 - 000026624 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\win32ts.pyd
2021-07-06 13:02 - 2021-07-06 13:02 - 000034304 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\windows.conditional.pyd
2021-07-06 13:02 - 2021-07-06 13:02 - 000037888 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\windows.connectivity.pyd
2021-07-06 13:02 - 2021-07-06 13:02 - 000071680 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\windows.device_monitor.pyd
2021-07-06 13:02 - 2021-07-06 13:02 - 000103936 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\windows.volumes.pyd
2021-07-06 13:02 - 2021-07-06 13:02 - 000019968 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\windows.winwrap.pyd
2021-07-06 13:02 - 2021-07-06 13:02 - 001325056 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\wx._controls_.pyd
2021-07-06 13:02 - 2021-07-06 13:02 - 001489408 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\wx._core_.pyd
2021-07-06 13:02 - 2021-07-06 13:02 - 001007104 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\wx._gdi_.pyd
2021-07-06 13:02 - 2021-07-06 13:02 - 000103424 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\wx._html2.pyd
2021-07-06 13:02 - 2021-07-06 13:02 - 000916992 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\wx._misc_.pyd
2021-07-06 13:02 - 2021-07-06 13:02 - 001039872 _____ () [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\wx._windows_.pyd
2011-08-18 01:29 - 2011-08-18 01:29 - 001039360 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpslpsvc64.dll
2021-07-06 13:02 - 2021-07-06 13:02 - 003043328 _____ (Python Software Foundation) [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\python27.dll
2021-07-06 13:02 - 2021-07-06 13:02 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\wxbase30u_net_vc90_x64.dll
2021-07-06 13:02 - 2021-07-06 13:02 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\wxbase30u_vc90_x64.dll
2021-07-06 13:02 - 2021-07-06 13:02 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\wxmsw30u_adv_vc90_x64.dll
2021-07-06 13:02 - 2021-07-06 13:02 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\wxmsw30u_core_vc90_x64.dll
2021-07-06 13:02 - 2021-07-06 13:02 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\wxmsw30u_html_vc90_x64.dll
2021-07-06 13:02 - 2021-07-06 13:02 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\rossu\AppData\Local\Temp\_MEI58802\wxmsw30u_webview_vc90_x64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 11:14 - 2021-06-29 23:24 - 000001142 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 liveupdate.acronis.com
127.0.0.1 activation.acronis.com
127.0.0.1 web-api-tih.acronis.com
127.0.0.1 download.acronis.com
127.0.0.1 orders.acronis.com
127.0.0.1 ns1.acronis.com
127.0.0.1 ns2.acronis.com
127.0.0.1 ns3.acronis.com
127.0.0.1 account.acronis.com
127.0.0.1 gateway.acronis.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1139899892-52648791-3838483249-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\rossu\Desktop\02128c9a05600f00791544754d5c37c5.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1139899892-52648791-3838483249-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{7C1CCB0B-9C2F-458E-8FE6-02C61C3F74F5}D:\program\myphoneexplorer\myphoneexplorer.exe] => (Allow) D:\program\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [UDP Query User{A752ADBB-50BB-44F4-91E2-504EE3185E1F}D:\program\myphoneexplorer\myphoneexplorer.exe] => (Allow) D:\program\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [TCP Query User{2BB7A460-AD13-4E8C-8F41-AF4306DF5EFF}D:\program\qbittorrent\qbittorrent.exe] => (Allow) D:\program\qbittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [UDP Query User{E6F97944-A316-4EDC-9848-8D991B7E3697}D:\program\qbittorrent\qbittorrent.exe] => (Allow) D:\program\qbittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{1BD8510D-F177-4ABC-A147-E0A23A2C759A}] => (Allow) D:\program\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{17A5897A-D507-47D2-AD90-1EBEAE6BD8C0}] => (Allow) D:\program\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{6A192E68-3B4E-4032-8D0D-9116BB60D549}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F1E0ED4A-49EC-43D6-B22B-525863252DAE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A3077EB3-B3E1-44B1-8FB8-F3C1D85BB788}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C0834ACD-D2B9-4D09-8B0F-084CB238B0B3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EAADEC16-2991-4C4C-8CBA-166F3107FC90}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{26E5CC78-E474-46DC-9811-44BB41FA3BFF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B7D1F786-69F2-4EA0-BA90-44845E254B36}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9FC57CDF-8B46-4F30-A3D2-7C9377375581}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6E2B3900-6795-464D-BC42-6063C6B4A178}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{E87680BD-555E-4B73-A145-593F456FF3C8}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{F3065028-A9B4-4729-85F9-E19F46FB8E4C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

19-06-2021 18:59:48 JRT Pre-Junkware Removal
23-06-2021 15:33:37 Instalační služba modulů systému Windows
24-06-2021 18:45:57 adobe
28-06-2021 15:11:53 tiskárna
28-06-2021 16:26:40 JRT Pre-Junkware Removal
29-06-2021 23:51:19 Removed Bonjour
03-07-2021 17:16:25 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices ============

Name: Android ADB Interface
Description: Android ADB Interface
Class Guid: {3f966bd9-fa04-4ec5-991c-d326973b5128}
Manufacturer: Xiaomi Technology, Inc.
Service: WinUSB
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Android ADB Interface
Description: Android ADB Interface
Class Guid: {3f966bd9-fa04-4ec5-991c-d326973b5128}
Manufacturer: Xiaomi Technology, Inc.
Service: WinUSB
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Android ADB Interface
Description: Android ADB Interface
Class Guid: {3f966bd9-fa04-4ec5-991c-d326973b5128}
Manufacturer: Xiaomi Technology, Inc.
Service: WinUSB
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Ovladač svazku souborového systému WPD
Description: Ovladač svazku souborového systému WPD
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Microsoft
Service: WUDFWpdFs
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (07/03/2021 02:32:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program svchost.exe verze 10.0.19041.546 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: ac0

Čas spuštění: 01d770051681da02

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\System32\svchost.exe

ID hlášení: 9a72ec86-bd86-40d7-a189-d59e4e753ee1

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (06/30/2021 08:30:25 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na dokument (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (06/30/2021 08:28:53 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na program (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (06/29/2021 11:35:38 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_ON došlo k chybě.

Error: (06/28/2021 03:57:25 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny Failure to use DsRoleGetPrimaryDomainInformation for DC došlo k neočekávané chybě. hr= 0x800706ba, Server RPC není k dispozici.
.

Error: (06/28/2021 03:57:25 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny Failure to use DsRoleGetPrimaryDomainInformation for DC došlo k neočekávané chybě. hr= 0x800706ba, Server RPC není k dispozici.
.

Error: (06/28/2021 03:57:25 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny Failure to use DsRoleGetPrimaryDomainInformation for DC došlo k neočekávané chybě. hr= 0x800706ba, Server RPC není k dispozici.
.

Error: (06/28/2021 03:57:25 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny Failure to use DsRoleGetPrimaryDomainInformation for DC došlo k neočekávané chybě. hr= 0x800706ba, Server RPC není k dispozici.
.


System errors:
=============
Error: (07/06/2021 01:34:30 PM) (Source: ACPI) (EventID: 13) (User: )
Description: : Integrovaný řadič neodpověděl během zadaného časového limitu. Může to znamenat chybu hardwaru nebo firmwaru integrovaného řadiče nebo že systém BIOS přistupuje k integrovanému řadiči nesprávně. Měli byste zjistit, zda výrobce počítače nemá k dispozici upgrade systému BIOS. V některých situacích může tato chyba způsobit, že počítač nebude pracovat správně.

Error: (07/06/2021 01:05:49 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 1) (User: NT AUTHORITY)
Description: Došlo k závažné chybě hardwaru. Záznam chyby s popisem stavu je obsažen v datové části této události.

Error: (07/06/2021 01:00:23 PM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT AUTHORITY)
Description: J:\Device\HarddiskVolume83

Error: (07/06/2021 01:00:02 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 124) (User: NT AUTHORITY)
Description: 73223849378

Error: (07/06/2021 12:57:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (07/06/2021 12:57:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (07/06/2021 12:57:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Foxit PDF Reader Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/06/2021 12:57:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AtherosSvc byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
================
Date: 2021-07-03 18:53:26
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5511E711-5AA2-4FF3-87E3-1174ADFE7421}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Úplné prohledávání
Uživatel: DESKTOP-D47UQCR\rossu

Date: 2021-07-03 15:39:00
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {223C70CE-B0B5-4E42-9E91-225B711E0F09}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-07-03 14:27:28
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Phonzy.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: containerfile:_C:\Users\rossu\Downloads\Runtastic-PRO-Runnin_798164184.zip; file:_C:\Users\rossu\Downloads\Runtastic-PRO-Runnin_798164184.zip->Runtastic-PRO-Runnin_798164184.exe; webfile:_C:\Users\rossu\Downloads\Runtastic-PRO-Runnin_798164184.zip|https://filesgalaxy.com/f07aa4ff1dcf7b2 ... 8135913174
Původ detekce: Internet
Typ detekce: FastPath
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: DESKTOP-D47UQCR\rossu
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.343.310.0, AS: 1.343.310.0, NIS: 1.343.310.0
Verze modulu: AM: 1.1.18300.4, NIS: 1.1.18300.4

Date: 2021-07-01 16:52:32
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_E:\torrent\4K.Video.Downloader.4.16.5.4310.x86\4kvideodownloader_4.16.5_x86.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-D47UQCR\rossu
Název procesu: D:\program\qBittorrent\qbittorrent.exe
Verze bezpečnostních informací: AV: 1.343.155.0, AS: 1.343.155.0, NIS: 1.343.155.0
Verze modulu: AM: 1.1.18300.4, NIS: 1.1.18300.4

Date: 2021-07-01 16:51:54
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Hynamer.C!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_E:\torrent\4K.Video.Downloader.4.16.5.4310.x86\Patch [x32].exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-D47UQCR\rossu
Název procesu: D:\program\qBittorrent\qbittorrent.exe
Verze bezpečnostních informací: AV: 1.343.155.0, AS: 1.343.155.0, NIS: 1.343.155.0
Verze modulu: AM: 1.1.18300.4, NIS: 1.1.18300.4

Date: 2021-06-29 18:58:44
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.343.25.0
Předchozí verze bezpečnostních informací: 1.341.1630.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-06-29 18:58:44
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.343.25.0
Předchozí verze bezpečnostních informací: 1.341.1630.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-06-29 18:58:44
Description:
Program Antivirová ochrana v programu Microsoft Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-06-24 21:39:19
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.341.1356.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18200.4
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2021-06-13 14:16:42
Description:
Antivirová ochrana v programu Microsoft Defender narazil na kritickou chybu při provádění akce s malwarem nebo jiným potenciálně nežádoucím softwarem.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Keygen
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_E:\torrent\IObit Driver Booster Pro v8.4.0.420\IObit Driver Booster Pro v8.4.0.420\patch\Patch.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-D47UQCR\rossu
Název procesu: C:\Windows\explorer.exe
Akce: Neznámý
Stav akce: No additional actions required
Kód chyby: 0x80508032
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Verze bezpečnostních informací: AV: 1.341.652.0, AS: 1.341.652.0, NIS: 1.341.652.0
Verze modulu: AM: 1.1.18200.4, NIS: 1.1.18200.4

CodeIntegrity:
===============
Date: 2021-06-29 23:43:37
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: Insyde Corp. V1.03 04/20/2015
Motherboard: Acer Tashigi_BA
Processor: Intel(R) Pentium(R) CPU N3700 @ 1.60GHz
Percentage of memory in use: 75%
Total physical RAM: 4009.76 MB
Available physical RAM: 994.09 MB
Total Virtual: 8105.76 MB
Available Virtual: 4164.65 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:446.53 GB) (Free:380.67 GB) NTFS
Drive d: (program) (Fixed) (Total:400.39 GB) (Free:390.12 GB) NTFS
Drive e: (dokument) (Fixed) (Total:531.11 GB) (Free:326.33 GB) NTFS
Drive h: (ZALOHA) (Removable) (Total:1952.65 GB) (Free:1920.73 GB) FAT32
Drive i: () (Removable) (Total:1952.64 GB) (Free:1952.64 GB) FAT32
Drive j: (Verbatim HDD) (Fixed) (Total:465.76 GB) (Free:371.88 GB) NTFS

\\?\Volume{eba8f856-50ef-4bc8-a1b4-8efcd302be5a}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS
\\?\Volume{8bc4c0ff-343f-46a5-aad8-220d13b1d08d}\ () (Fixed) (Total:0 GB) (Free:0 GB)
\\?\Volume{b3c1e243-3ac3-46b9-ab5a-ddb9284e602a}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 447.1 GB) (Disk ID: 03829704)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 0382F705)

Partition: GPT.

==========================================================
Disk: 2 (Size: 465.8 GB) (Disk ID: CCEAC4BE)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==========================================================
Disk: 3 (MBR Code: Windows 7/8/10) (Size: 1953.1 GB) (Disk ID: 07A774D6)
Partition 1: (Not Active) - (Size=1953.1 GB) - (Type=07 NTFS)

==========================================================
Disk: 4 (Size: 1953.1 GB) (Disk ID: F4F4F4F4)
No partition Table on disk 4.

==================== End of Addition.txt =======================

Re: PROSÍM O KONTROLU

Napsal: 06 črc 2021 14:03
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
C:\Users\rossu\AppData\Local\Temp
C:\Users\rossu\Downloads\Runtastic-PRO-Runnin_798164184.zip
E:\torrent\4K.Video.Downloader.4.16.5.4310.x86\4kvideodownloader_4.16.5_x86.exe
E:\torrent\4K.Video.Downloader.4.16.5.4310.x86\Patch [x32].exe
E:\torrent\IObit Driver Booster Pro v8.4.0.420\IObit Driver Booster Pro v8.4.0.420\patch\Patch.exe
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {d189c7f6-7931-40b2-a757-1176d46d84cb} - no filepath
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\DumpStack.log.tmp
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
Task: {0CB44164-65ED-4C0A-90E0-87ED4B27EF92} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-07] (Google LLC -> Google LLC)
Task: {DB99098A-0A0C-44BB-9604-FDF58BE8E2FF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-07] (Google LLC -> Google LLC)
C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat

EmptyTemp:
Hosts:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: PROSÍM O KONTROLU

Napsal: 06 črc 2021 14:36
od bigmuff
OK

Fix result of Farbar Recovery Scan Tool (x64) Version: 05-07-2021
Ran by rossu (06-07-2021 15:24:32) Run:1
Running from C:\Users\rossu\Desktop
Loaded Profiles: rossu
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
C:\Users\rossu\AppData\Local\Temp
C:\Users\rossu\Downloads\Runtastic-PRO-Runnin_798164184.zip
E:\torrent\4K.Video.Downloader.4.16.5.4310.x86\4kvideodownloader_4.16.5_x86.exe
E:\torrent\4K.Video.Downloader.4.16.5.4310.x86\Patch [x32].exe
E:\torrent\IObit Driver Booster Pro v8.4.0.420\IObit Driver Booster Pro v8.4.0.420\patch\Patch.exe
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {d189c7f6-7931-40b2-a757-1176d46d84cb} - no filepath
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\DumpStack.log.tmp
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
Task: {0CB44164-65ED-4C0A-90E0-87ED4B27EF92} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-07] (Google LLC -> Google LLC)
Task: {DB99098A-0A0C-44BB-9604-FDF58BE8E2FF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-07] (Google LLC -> Google LLC)
C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
C:\Users\rossu\AppData\Local\Temp => moved successfully
"C:\Users\rossu\Downloads\Runtastic-PRO-Runnin_798164184.zip" => not found
"E:\torrent\4K.Video.Downloader.4.16.5.4310.x86\4kvideodownloader_4.16.5_x86.exe" => not found
"E:\torrent\4K.Video.Downloader.4.16.5.4310.x86\Patch [x32].exe" => not found
"E:\torrent\IObit Driver Booster Pro v8.4.0.420\IObit Driver Booster Pro v8.4.0.420\patch\Patch.exe" => not found
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{d189c7f6-7931-40b2-a757-1176d46d84cb}" => removed successfully
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0CB44164-65ED-4C0A-90E0-87ED4B27EF92}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0CB44164-65ED-4C0A-90E0-87ED4B27EF92}" => removed successfully
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DB99098A-0A0C-44BB-9604-FDF58BE8E2FF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DB99098A-0A0C-44BB-9604-FDF58BE8E2FF}" => removed successfully
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 362563055 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 3264542 B
Edge => 0 B
Chrome => 720491858 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 18850 B
NetworkService => 457686 B
rossu => 3754928 B
sucha => 4391535 B

RecycleBin => 16850017 B
EmptyTemp: => 1 GB temporary data Removed.

================================

Re: PROSÍM O KONTROLU

Napsal: 06 črc 2021 14:37
od bigmuff
.. atoto na mě vyskočilo, nevšímati

Obrázek

Re: PROSÍM O KONTROLU

Napsal: 06 črc 2021 15:01
od Rudy
Nějterému antiviru se FRST nelíbí. Vir to ale není, běžně ho tu používáme. V takovém případě je třeba AV vypnout. Bylo smazáno. Nastala nějaká změna?

Re: PROSÍM O KONTROLU

Napsal: 06 črc 2021 15:02
od bigmuff
budu sledovat,dika,,ale videl jsem tam že to mazalo i nake zbytky po tom driver boost, to jsem vubec nemel tahat
a tu modrou obrazovku zkusit asi jinde, ????

Re: PROSÍM O KONTROLU

Napsal: 06 črc 2021 16:03
od Rudy
Aut. softy na tahání ovladačů jsou dost nespolehlivé a někdy stáhnout nevhodný ovladač. Chyba 0x00000133 může znamenat hardwarový problém. Stáhněte, nainstalujte a spusťte CrystalDiskInfo: https://www.instaluj.cz/crystaldiskinfo a přes Úpravy>Kopírovat sem dejte log.

Re: PROSÍM O KONTROLU

Napsal: 06 črc 2021 18:55
od bigmuff
OK

----------------------------------------------------------------------------
CrystalDiskInfo 8.9.0 (C) 2008-2020 hiyohiyo
Crystal Dew World: https://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 10 [10.0 Build 19043] (x64)
Date : 2021/07/06 19:55:16

-- Controller Map ----------------------------------------------------------
+ Standardní řadič SATA AHCI [ATA]
- KINGSTON SA400S37480G
- ST1000LM024 HN-M101MBB
- Řadič prostorů úložišť [SCSI]

-- Disk List ---------------------------------------------------------------
(01) KINGSTON SA400S37480G : 480,1 GB [0/0/0, pd1] - ki
(02) ST1000LM024 HN-M101MBB : 1000,2 GB [1/0/0, pd1]
(03) TOSHIBA MQ01ABD050 : 500,1 GB [2/0/0, sa1]

----------------------------------------------------------------------------
(01) KINGSTON SA400S37480G
----------------------------------------------------------------------------
Model : KINGSTON SA400S37480G
Firmware : SBFKK1B3
Serial Number : 50026B7380693692
Disk Size : 480,1 GB (8,4/137,4/480,1/480,1)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 937703088
Rotation Rate : ---- (SSD)
Interface : Serial ATA
Major Version : ACS-3
Minor Version : ACS-3 Revision 4
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 2214 hod.
Power On Count : 1618 krát
Host Reads : 12524 GB
Host Writes : 8310 GB
NAND Writes : 9124 GB
Temperature : 33 C (91 F)
Health Status : Dobrý (93 %)
Features : S.M.A.R.T., APM, NCQ, TRIM
APM Level : 0000h [OFF]
AAM Level : ----
Drive Letter : C:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 __0 000000000000 Uncorrectable Errors
09 100 100 __0 0000000008A6 Power On Hours
0C 100 100 __0 000000000652 Power Cycles
94 100 100 __0 000000000000 Vendor Unique
95 100 100 __0 000000000000 Vendor Unique
A7 100 100 __0 000000000000 Vendor Unique
A8 100 100 __0 000000000000 SATA PHY Error Count
A9 100 100 __0 000000000007 Vendor Unique
AA 100 100 _10 000000000007 Bad Block Count
AC 100 100 __0 000000000000 Vendor Unique
AD 100 100 __0 000000410049 Erase Count
B5 100 100 __0 000000000000 Vendor Unique
B6 100 100 __0 000000000000 Vendor Unique
BB 100 100 __0 000000000000 Uncorrectable ECC Errors
C0 100 100 __0 000000000083 Specifický pro výrobce
C2 _33 _40 __0 001400280021 Temperature
C4 100 100 __0 000000000000 Reallocation Events
C7 100 100 __0 000000000000 SATA CRC Error
DA 100 100 __0 0000000000F3 CRC Error Count
E7 _93 _93 __0 00000000005D SSD Wear Indicator
E9 100 100 __0 0000000023A4 Lifetime Nand Writes
F1 100 100 __0 000000002076 Lifetime Writes from Host
F2 100 100 __0 0000000030EC Lifetime Read from Host
F4 100 100 __0 000000000041 Average Erase Count
F5 100 100 __0 000000000049 Max Erase Count
F6 100 100 __0 0000000AEF40 Total Erase Count

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 3530 3032 3642 3733 3830 3639 3336 3932 2020 2020
020: 0000 0000 0000 5342 464B 4B31 4233 4B49 4E47 5354
030: 4F4E 2053 4134 3030 5333 3734 3830 4720 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8001 4000 2F00
050: 4000 0000 0000 0007 3FFF 0010 003F FC10 00FB 0101
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0C00
070: 0000 0000 0000 0000 0000 001F 850E 0006 004C 0040
080: 07F8 011B 746B 7409 4160 7469 B401 4160 407F 000A
090: 001E 0000 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 36B0 37E4 0000 0000 0000 0008 4000 0000 5002 6B73
110: 8069 3692 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0001
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0000 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 0001 0000 0000
220: 0000 0000 10FF 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0400 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 4CA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 32 00 64 64 00 00 00 00 00 00 00 09 32
010: 00 64 64 A6 08 00 00 00 00 00 0C 32 00 64 64 52
020: 06 00 00 00 00 00 94 00 00 64 64 00 00 00 00 00
030: 00 00 95 00 00 64 64 00 00 00 00 00 00 00 A7 00
040: 00 64 64 00 00 00 00 00 00 00 A8 12 00 64 64 00
050: 00 00 00 00 00 00 A9 00 00 64 64 07 00 00 00 00
060: 00 00 AA 00 00 64 64 07 00 00 00 00 00 00 AC 32
070: 00 64 64 00 00 00 00 00 00 00 AD 00 00 64 64 49
080: 00 41 00 00 00 00 B5 32 00 64 64 00 00 00 00 00
090: 00 00 B6 00 00 64 64 00 00 00 00 00 00 00 BB 32
0A0: 00 64 64 00 00 00 00 00 00 00 C0 12 00 64 64 83
0B0: 00 00 00 00 00 00 C2 22 00 21 28 21 00 28 00 14
0C0: 00 00 C4 32 00 64 64 00 00 00 00 00 00 00 C7 32
0D0: 00 64 64 00 00 00 00 00 00 00 DA 32 00 64 64 F3
0E0: 00 00 00 00 00 00 E7 00 00 5D 5D 5D 00 00 00 00
0F0: 00 00 E9 32 00 64 64 A4 23 00 00 00 00 00 F1 32
100: 00 64 64 76 20 00 00 00 00 00 F2 32 00 64 64 EC
110: 30 00 00 00 00 00 F4 00 00 64 64 41 00 00 00 00
120: 00 00 F5 00 00 64 64 49 00 00 00 00 00 00 F6 00
130: 00 64 64 40 EF 0A 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 FF FF 00 00
170: 03 00 01 00 02 1E 06 1E 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 66

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 00 00 00 00 00 00 00 00 00 00 00 09 00
010: 00 00 00 00 00 00 00 00 00 00 0C 00 00 00 00 00
020: 00 00 00 00 00 00 94 00 00 00 00 00 00 00 00 00
030: 00 00 95 00 00 00 00 00 00 00 00 00 00 00 A7 00
040: 00 00 00 00 00 00 00 00 00 00 A8 00 00 00 00 00
050: 00 00 00 00 00 00 A9 00 00 00 00 00 00 00 00 00
060: 00 00 AA 0A 00 00 00 00 00 00 00 00 00 00 AC 00
070: 00 00 00 00 00 00 00 00 00 00 AD 00 00 00 00 00
080: 00 00 00 00 00 00 B5 00 00 00 00 00 00 00 00 00
090: 00 00 B6 00 00 00 00 00 00 00 00 00 00 00 BB 00
0A0: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
0B0: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
0C0: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C7 00
0D0: 00 00 00 00 00 00 00 00 00 00 DA 00 00 00 00 00
0E0: 00 00 00 00 00 00 E7 00 00 00 00 00 00 00 00 00
0F0: 00 00 E9 00 00 00 00 00 00 00 00 00 00 00 F1 00
100: 00 00 00 00 00 00 00 00 00 00 F2 00 00 00 00 00
110: 00 00 00 00 00 00 F4 00 00 00 00 00 00 00 00 00
120: 00 00 F5 00 00 00 00 00 00 00 00 00 00 00 F6 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0D

----------------------------------------------------------------------------
(02) ST1000LM024 HN-M101MBB
----------------------------------------------------------------------------
Model : ST1000LM024 HN-M101MBB
Firmware : 2BA30001
Serial Number : S31QJ9BG403581
Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,2)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 6
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 5607 hod.
Power On Count : 4394 krát
Temperature : 30 C (86 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, NCQ
APM Level : 0080h [OFF]
AAM Level : FE00h [OFF]
Drive Letter : D: E:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _51 000000000005 Počet chyb čtení
02 252 252 __0 000000000000 Průchodnost disku
03 _92 _81 _25 000000000A0D Čas na roztočení ploten
04 _65 _65 __0 000000008D7D Počet spuštění/zastavení
05 252 252 _10 000000000000 Počet přemapovaných sektorů
07 252 252 _51 000000000000 Počet chybných hledání
08 252 252 _15 000000000000 Čas potřebný na vyhledání
09 100 100 __0 0000000015E7 Hodin v činnosti
0A 252 252 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _96 _96 __0 00000000112A Počet cyklů zapnutí zařízení
BF 100 100 __0 0000000005D5 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 0000000000AA Počet vypnutí disku
C2 _64 _51 __0 00310012001E Teplota
C3 100 100 __0 000000000000 Počet oprav chybného čtení
C4 252 252 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 252 252 __0 000000000000 Počet podezřelých sektorů
C6 252 252 __0 000000000000 Počet neopravitelných sektorů
C7 _96 _96 __0 000000000944 Počet chyb v kontrolním součtu UltraDMA
C8 100 100 __0 000000000E13 Počet chyb při zápisu sektorů
DF 100 100 __0 000000000149 Zatížení budiče magnetických hlav způsobené opakovanými úkony
E1 _84 _84 __0 000000029ABD Počet cyklů načítání/vymazání

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 5333 3151 4A39 4247 3430 3335 3831 2020 2020 2020
020: 0000 8000 0004 3242 4133 3030 3031 5354 3130 3030
030: 4C4D 3032 3420 484E 2D4D 3130 314D 4242 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0000
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1F0E 0006 004C 0040
080: 01FF 0028 746B 7F29 6123 7469 BC01 6123 407F 0064
090: 0064 0080 FFFE 0000 FE00 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 6003 0000 5000 4CF2
110: 0F94 9582 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003F 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 103F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0400 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 5AA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 64 64 05 00 00 00 00 00 00 02 26
010: 00 FC FC 00 00 00 00 00 00 00 03 23 00 5C 51 0D
020: 0A 00 00 00 00 00 04 32 00 41 41 7D 8D 00 00 00
030: 00 00 05 33 00 FC FC 00 00 00 00 00 00 00 07 2E
040: 00 FC FC 00 00 00 00 00 00 00 08 24 00 FC FC 00
050: 00 00 00 00 00 00 09 32 00 64 64 E7 15 00 00 00
060: 00 00 0A 32 00 FC FC 00 00 00 00 00 00 00 0C 32
070: 00 60 60 2A 11 00 00 00 00 00 BF 22 00 64 64 D5
080: 05 00 00 00 00 00 C0 22 00 64 64 AA 00 00 00 00
090: 00 00 C2 02 00 40 33 1E 00 12 00 31 00 00 C3 3A
0A0: 00 64 64 00 00 00 00 00 00 00 C4 32 00 FC FC 00
0B0: 00 00 00 00 00 00 C5 32 00 FC FC 00 00 00 00 00
0C0: 00 00 C6 30 00 FC FC 00 00 00 00 00 00 00 C7 36
0D0: 00 60 60 44 09 00 00 00 00 00 C8 2A 00 64 64 13
0E0: 0E 00 00 00 00 00 DF 32 00 64 64 49 01 00 00 00
0F0: 00 00 E1 32 00 54 54 BD 9A 02 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 FC 30 00 5B
170: 03 00 01 00 02 D1 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 C1

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 00 00 00 00 00 00 00 00 00 00 02 00
010: 00 00 00 00 00 00 00 00 00 00 03 19 00 00 00 00
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00
030: 00 00 05 0A 00 00 00 00 00 00 00 00 00 00 07 33
040: 00 00 00 00 00 00 00 00 00 00 08 0F 00 00 00 00
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
060: 00 00 0A 33 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 BF 00 00 00 00 00
080: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
090: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C3 00
0A0: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
0B0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
0C0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
0D0: 00 00 00 00 00 00 00 00 00 00 C8 00 00 00 00 00
0E0: 00 00 00 00 00 00 DF 00 00 00 00 00 00 00 00 00
0F0: 00 00 E1 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 46

----------------------------------------------------------------------------
(03) TOSHIBA MQ01ABD050
----------------------------------------------------------------------------
Enclosure : TOSHIBA MQ01ABD050 USB Device (V=18A5, P=0237, sa1)
Model : TOSHIBA MQ01ABD050
Firmware : AX001U
Serial Number : 54DISJ5HS
Disk Size : 500,1 GB (8,4/137,4/500,1/500,1)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 5400 RPM
Interface : USB (Serial ATA)
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300 | SATA/300
Power On Hours : 6459 hod.
Power On Count : 5772 krát
Temperature : 34 C (93 F)
Health Status : Špatný
Features : S.M.A.R.T., APM, NCQ
APM Level : 0080h [ON]
AAM Level : ----
Drive Letter : J:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _50 000000000000 Počet chyb čtení
02 100 100 _50 000000000000 Průchodnost disku
03 100 100 __1 0000000002D4 Čas na roztočení ploten
04 100 100 __0 000000006101 Počet spuštění/zastavení
05 __1 __1 _50 000000003FF8 Počet přemapovaných sektorů
07 100 100 _50 000000000000 Počet chybných hledání
08 100 100 _50 000000000000 Čas potřebný na vyhledání
09 _84 _84 __0 00000000193B Hodin v činnosti
0A 253 100 _30 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 __0 00000000168C Počet cyklů zapnutí zařízení
BF 100 100 __0 000000000002 Počet udalostí zaznamenaných otřesovým senzorem
C0 _96 _96 __0 00000000087D Počet vypnutí disku
C1 _98 _98 __0 00000000657B Počet cyklů načítání/vymazání
C2 100 100 __0 003400110022 Teplota
C4 100 100 __0 0000000007C5 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 253 __0 000000000001 Počet chyb v kontrolním součtu UltraDMA
DC 100 100 __0 000000000000 Posunutí disku vůči ose
DE _96 _96 __0 0000000007B2 Počet hodin zalažení budoucího mechanismu magnetických hlav
DF 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony
E0 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené napětím mechanických částí
E2 100 100 __0 0000000000AE Celkový čas zatížení budiče magnetických hlav
F0 100 100 __1 000000000000 Čas nastavování hlaviček - v hodinách

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2035 3444 4953 4A35 4853
020: 0000 4000 0000 4158 3030 3155 2020 544F 5348 4942
030: 4120 4D51 3031 4142 4430 3530 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0007 0407 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0F06 0004 004C 0040
080: 01F8 0000 746B 7D09 6163 7469 BC09 6163 003F 0037
090: 0037 0080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 6003 0000 5000 0395
110: 85E8 3AEC 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0021 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003D 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0080 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 4EA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0B 00 64 64 00 00 00 00 00 00 00 02 05
010: 00 64 64 00 00 00 00 00 00 00 03 27 00 64 64 D4
020: 02 00 00 00 00 00 04 32 00 64 64 01 61 00 00 00
030: 00 00 05 33 00 01 01 F8 3F 00 00 00 00 00 07 0B
040: 00 64 64 00 00 00 00 00 00 00 08 05 00 64 64 00
050: 00 00 00 00 00 00 09 32 00 54 54 3B 19 00 00 00
060: 00 00 0A 33 00 FD 64 00 00 00 00 00 00 00 0C 32
070: 00 64 64 8C 16 00 00 00 00 00 BF 32 00 64 64 02
080: 00 00 00 00 00 00 C0 32 00 60 60 7D 08 00 00 00
090: 00 00 C1 32 00 62 62 7B 65 00 00 00 00 00 C2 22
0A0: 00 64 64 22 00 11 00 34 00 00 C4 32 00 64 64 C5
0B0: 07 00 00 00 00 00 C5 32 00 64 64 00 00 00 00 00
0C0: 00 00 C6 30 00 64 64 00 00 00 00 00 00 00 C7 32
0D0: 00 C8 FD 01 00 00 00 00 00 00 DC 02 00 64 64 00
0E0: 00 00 00 00 00 00 DE 32 00 60 60 B2 07 00 00 00
0F0: 00 00 DF 32 00 64 64 00 00 00 00 00 00 00 E0 22
100: 00 64 64 00 00 00 00 00 00 00 E2 26 00 64 64 AE
110: 00 00 00 00 00 00 F0 01 00 64 64 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 5B
170: 03 00 01 00 02 76 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 CE

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 32 00 00 00 00 00 00 00 00 00 00 02 32
010: 00 00 00 00 00 00 00 00 00 00 03 01 00 00 00 00
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00
030: 00 00 05 32 00 00 00 00 00 00 00 00 00 00 07 32
040: 00 00 00 00 00 00 00 00 00 00 08 32 00 00 00 00
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
060: 00 00 0A 1E 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 BF 00 00 00 00 00
080: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
090: 00 00 C1 00 00 00 00 00 00 00 00 00 00 00 C2 00
0A0: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
0B0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
0C0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
0D0: 00 00 00 00 00 00 00 00 00 00 DC 00 00 00 00 00
0E0: 00 00 00 00 00 00 DE 00 00 00 00 00 00 00 00 00
0F0: 00 00 DF 00 00 00 00 00 00 00 00 00 00 00 E0 00
100: 00 00 00 00 00 00 00 00 00 00 E2 00 00 00 00 00
110: 00 00 00 00 00 00 F0 01 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 36
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz