Nějaký virus mi mění a krade hesla na email microsoft google

Zpráva

jirkabj · #1 Příspěvek od **jirkabj** » 12 led 2024 03:14

Dobrý den Myslím že mám v pc něco co mi ruší a mění hesla a email adresy na seznamu ,microsoftu, googlu.
Několikrát jsem měnil hesla přihlášení na emailu ale pořád musím znovu měnit heslo,
dokonce mi na jednom email přihlášení při obnovení nejde změnit heslo naskočí mi tam email adresa pro obnovu a je to adresa nějakýho Bulhara nebo Rusa takže to nemohu změnit.
Nevím si rady poprosil bych o pomoc.Jirkabj

#2 Příspěvek od **Rudy** » 12 led 2024 09:20

Zdravím!
Spusťte nejprve tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

jirkabj · #3 Příspěvek od **jirkabj** » 13 led 2024 00:58

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 01-13-2024
# Duration: 00:00:05
# OS: Windows 10 (Build 19045.3930)
# Scanned: 32089
# Detected: 0

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.

AdwCleaner[S00].txt - [4235 octets] - [23/12/2023 21:44:10]
AdwCleaner[C00].txt - [3933 octets] - [23/12/2023 21:45:07]
AdwCleaner[S01].txt - [1542 octets] - [23/12/2023 22:27:45]
AdwCleaner[C01].txt - [1732 octets] - [23/12/2023 22:29:03]
AdwCleaner[S02].txt - [3748 octets] - [12/01/2024 02:49:42]
AdwCleaner[C02].txt - [3556 octets] - [12/01/2024 02:50:16]
AdwCleaner[S03].txt - [1786 octets] - [12/01/2024 02:51:00]
AdwCleaner[C03].txt - [1976 octets] - [12/01/2024 02:51:22]
AdwCleaner[S04].txt - [1908 octets] - [12/01/2024 02:51:44]
AdwCleaner[C04].txt - [2098 octets] - [12/01/2024 02:51:54]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S05].txt ##########

#4 Příspěvek od **Rudy** » 13 led 2024 11:24

Toto je OK. Teď dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 .

jirkabj · #5 Příspěvek od **jirkabj** » 14 led 2024 15:55

Děkuji za odpověď zde je scan
------------------------------------------------------------------------------------------------

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11.01.2024
Ran by sprzetowo (14-01-2024 15:20:01)
Running from C:\Users\sprzetowo\Downloads
Microsoft Windows 10 Home Version 22H2 19045.3930 (X64) (2023-12-17 15:40:49)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1276438215-3619228080-4072379647-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1276438215-3619228080-4072379647-503 - Limited - Disabled)
Guest (S-1-5-21-1276438215-3619228080-4072379647-501 - Limited - Disabled)
sprzetowo (S-1-5-21-1276438215-3619228080-4072379647-1001 - Administrator - Enabled) => C:\Users\sprzetowo
WDAGUtilityAccount (S-1-5-21-1276438215-3619228080-4072379647-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {26E0861C-6FB9-CEF9-E4F0-531986211ACE}
FW: ESET Firewall (Enabled) {1EDB0739-25D6-CFA1-CFAF-FA2C78F25DB5}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acoustica Mixcraft 9 Pro Studio (64-bit) (HKLM-x32\...\Mixcraft 9-64) (Version: 9.0.0.470 - Acoustica)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Assassin's Creed Valhalla (HKLM-x32\...\Uplay Install 13504) (Version: - Ubisoft)
ESET Security (HKLM\...\{B5798854-224A-40DB-A3B7-BECF8F838238}) (Version: 17.0.15.0 - ESET, spol. s r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 120.0.6099.217 - Google LLC)
Google Password Manager (HKU\S-1-5-21-1276438215-3619228080-4072379647-1001\...\9972a62044e12a983df9557faf51e49c) (Version: 1.0 - Google\Chrome)
Melodyne 4 (HKLM-x32\...\{16DF894D-FC3F-4B87-908D-671E201CD7A8}) (Version: 4.02.0401 - Celemony Software GmbH)
Melodyne Runtime 4.1 (x64) (HKLM\...\{721E4E34-AF7C-4345-93F9-282CCC8CCCB5}) (Version: 1.0.2 - Celemony Software GmbH)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 120.0.2210.133 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 120.0.2210.133 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
Microsoft Office Access MUI (Czech) 2007 (HKLM-x32\...\{90120000-0015-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Excel MUI (Czech) 2007 (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (Czech) 2007 (HKLM-x32\...\{90120000-00BA-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2007 (HKLM-x32\...\{90120000-0044-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (HKLM\...\{90120000-002A-0000-1000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2007 (HKLM-x32\...\{90120000-00A1-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2007 (HKLM-x32\...\{90120000-001A-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2007 (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Czech) 2007 (HKLM-x32\...\{90120000-001F-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2007 (HKLM-x32\...\{90120000-001F-041B-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2007 (HKLM-x32\...\{90120000-002C-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}) (Version: - Microsoft) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}) (Version: - Microsoft) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version: - Microsoft) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}) (Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (Czech) 2007 (HKLM-x32\...\{90120000-0019-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2007 (HKLM\...\{90120000-002A-0405-1000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2007 (HKLM-x32\...\{90120000-006E-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2007 (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-1276438215-3619228080-4072379647-1001\...\OneDriveSetup.exe) (Version: 23.246.1127.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
NVIDIA Ovladače grafiky 546.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 546.33 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 148.2.10984 - Ubisoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
WinRAR 6.24 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.24.0 - win.rar GmbH)

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2023-12-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2023-12-18] (Microsoft Corporation) [MS Ad]
-My Notes- -> C:\Program Files\WindowsApps\22944SamJarawan.-MyNotes-_2.1.47.0_x64__3gv8nk7frgb5p [2023-12-18] (Sam Jarawan) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\nvidiacorp.nvidiacontrolpanel_8.1.964.0_x64__56jybvy8sckqj [2023-12-23] (NVIDIA Corp.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.18.11020.0_x64__8wekyb3d8bbwe [2023-12-17] (Microsoft Studios) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-11-14] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-11-14] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_866484083fc526af\nvshext.dll [2023-12-23] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-11-14] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\sprzetowo\Desktop\Google Password Manager.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\sprzetowo\Desktop\Jirka - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\sprzetowo\AppData\Local\Microsoft\Edge\User Data\Default\Pinned Sites\MSEdge._pin_celnaknmndgffhbhciignkeokb\Facebook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --pin-url=hxxps://www.facebook.com/ --profile-directory=Default
ShortcutWithArgument: C:\Users\sprzetowo\AppData\Local\Microsoft\Edge\User Data\Default\Pinned Sites\MSEdge._pin_adnlfjpnmiaohpidplnoimahfh\YouTube.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --pin-url=hxxps://www.youtube.com/ --profile-directory=Default
ShortcutWithArgument: C:\Users\sprzetowo\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_kajebgjangihfbkjfejcanhanjmmbcfd\Google Password Manager.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\sprzetowo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Google Password Manager.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\sprzetowo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Facebook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --pin-url=hxxps://www.facebook.com/ --profile-directory=Default
ShortcutWithArgument: C:\Users\sprzetowo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Password Manager.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\sprzetowo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\YouTube.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --pin-url=hxxps://www.youtube.com/ --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2023-12-18 00:52 - 2023-12-18 00:52 - 005855744 _____ (ESET, spol. s r.o. -> ESET) [File not signed] C:\Program Files\ESET\ESET Security\Modules\em045_64\1087\em045_64.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\sprzetowo\Downloads\FRST64 (1).exe:MBAM.Zone.Identifier [240]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2023-12-17 16:17 - 2023-12-17 16:15 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1276438215-3619228080-4072379647-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\sprzetowo\AppData\Local\FastStone\FSIV\FSViewerWallPaper.bmp
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1276438215-3619228080-4072379647-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_F65DF9D52833C185E3A8339600663ABC"
HKU\S-1-5-21-1276438215-3619228080-4072379647-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F3A4CB42-3EC3-4DA6-A575-8E9D90B8C43C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AC69E074-E4BC-491B-B92F-D782C19BF475}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{66E5F382-3D3C-446C-B70B-C296E8C81E56}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7E1731BA-5626-4513-8D7E-FED20D452013}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FB5C4399-1C60-46F7-9B1E-BC5A14332EC6}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Valhalla\ACValhalla_Plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{A256ABF3-0944-4332-848F-ECBF7CA557B1}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{339208FC-1402-4240-801C-1F247997D03F}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.133\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

27-12-2023 18:14:42 Naplánovaný kontrolní bod
04-01-2024 18:01:10 Naplánovaný kontrolní bod
07-01-2024 21:43:14 Installed Microsoft Office Enterprise 2007
11-01-2024 00:34:29 Instalační služba modulů systému Windows
11-01-2024 00:36:45 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (01/12/2024 03:55:02 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]

Error: (01/12/2024 03:44:35 AM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002

Error: (01/12/2024 03:44:35 AM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002

Error: (01/12/2024 03:44:35 AM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003

Error: (01/11/2024 03:14:28 AM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002

Error: (01/11/2024 03:14:28 AM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002

Error: (01/11/2024 03:14:28 AM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003

Error: (01/11/2024 12:30:42 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na S-disc (H:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

System errors:
=============
Error: (01/13/2024 12:57:00 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (01/12/2024 03:54:27 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Aktualizovat službu Orchestrator se po přijetí pokynu pro vypnutí neukončila správně.

Error: (01/12/2024 02:51:54 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (01/12/2024 02:51:22 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (01/12/2024 02:50:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (01/12/2024 02:46:25 AM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk1\DR1 má chybný blok.

Error: (01/11/2024 08:28:13 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-M8LDTVG)
Description: Služba DCOM zjistila chybu 1053 při pokusu o spuštění služby WSearch s argumenty Není k dispozici za účelem spuštění serveru:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (01/11/2024 08:28:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Search neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Windows Defender:
================
Date: 2023-12-18 00:52:27
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files\ESET\ESET Security\ekrn.exe provádění změn v paměti.
Čas detekce: 2023-12-17T23:52:27.053Z
Uživatel: NT AUTHORITY\SYSTEM
Cesta: \Device\Harddisk0\DR0
Název procesu: C:\Program Files\ESET\ESET Security\ekrn.exe
Verze bezpečnostních informací: 1.403.674.0
Verze modulu: 1.1.23110.2
Verze produktu: 4.18.23110.3

Date: 2023-12-17 23:13:26
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Keygen
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: containerfile:_C:\Windows.old\Users\Jirka\Downloads\IK Multimedia - MODO DRUM 1.1.3 STANDALONE, VSTi, VSTi3, AAX x64\R2R\IK_Multimedia_Keygen.exe; containerfile:_C:\Windows.old\Users\sprzetowo\AppData\Local\Packages\49775MorningInSeattle.AZTorrentDownloader_3qjtgnwv8t714\LocalState\Downloads\IK.Multimedia.MODO.DRUM.v1.1.3.Incl.Keygen-R2R\R2R\IK_Multimedia_Keygen.exe; file:_C:\Windows.old\Users\Jirka\Downloads\IK Multimedia - MODO DRUM 1.1.3 STANDALONE, VSTi, VSTi3, AAX x64\R2R\IK_Multimedia_Keygen.exe->(nsis-6-keygen.exe); file:_C:\Windows.old\Users\sprzetowo\AppData\Local\Packages\49775MorningInSeattle.AZTorrentDownloader_3qjtgnwv8t714\LocalState\Downloads\IK.Multimedia.MODO.DRUM.v1.1.3.Incl.Keygen-R2R\R2R\IK_Multimedia_Keygen.exe->(nsis-6-keygen.exe)
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Uživatel
Uživatel: DESKTOP-M8LDTVG\sprzetowo
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.403.667.0, AS: 1.403.667.0, NIS: 1.403.667.0
Verze modulu: AM: 1.1.23110.2, NIS: 1.1.23110.2

CodeIntegrity:
===============
Date: 2024-01-14 14:38:19
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2024-01-14 14:38:06
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

BIOS: LENOVO 9HKT46AUS 12/15/2011
Motherboard: LENOVO
Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 27%
Total physical RAM: 16342.33 MB
Available physical RAM: 11861.24 MB
Total Virtual: 18774.33 MB
Available Virtual: 13229.28 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:446.06 GB) (Free:187.36 GB) (Model: SSDPR-CL100-960-G3) NTFS
Drive d: (Rezervováno systémem) (Fixed) (Total:0.57 GB) (Free:0.11 GB) (Model: SSDPR-CL100-960-G3) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (F-Liga Mistru) (Fixed) (Total:305.68 GB) (Free:114.81 GB) (Model: Seagate FA GoFlex Desk USB Device) NTFS
Drive g: (Set Ups) (Fixed) (Total:323.79 GB) (Free:99.22 GB) (Model: Seagate FA GoFlex Desk USB Device) NTFS
Drive h: (S-disc) (Fixed) (Total:302.04 GB) (Free:114.69 GB) (Model: Seagate FA GoFlex Desk USB Device) NTFS
Drive i: (Georgies Music) (Fixed) (Total:238.47 GB) (Free:152.37 GB) (Model: Vaseky V 800/256G USB Device) NTFS

\\?\Volume{82286e84-55c8-46eb-9b65-266485d8f06f}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\\?\Volume{6a5f88f4-d9ef-42c6-8527-e34a172fa528}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 894.3 GB) (Disk ID: 698A0A59)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: 600451AA)
Partition 1: (Active) - (Size=238.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: A4B57300)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=0F Extended)

==================== End of Addition.txt =======================

#6 Příspěvek od **Rudy** » 14 led 2024 16:53

Kde je log RSIT? Tohle je pouze Addition.

jirkabj · #7 Příspěvek od **jirkabj** » 15 led 2024 01:17

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11.01.2024
Ran by sprzetowo (administrator) on DESKTOP-M8LDTVG (LENOVO 4480B4U) (14-01-2024 15:18:45)
Running from C:\Users\sprzetowo\Downloads\FRST64 (2).exe
Loaded Profiles: sprzetowo
Platform: Microsoft Windows 10 Home Version 22H2 19045.3930 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\egui.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(C:\Program Files\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(cmd.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\BrowserPrivacyAndSecurity.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <35>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\efwd.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_866484083fc526af\Display.NvContainer\NVDisplay.Container.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19572536 2023-03-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [195576 2023-11-14] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1276438215-3619228080-4072379647-1001\...\Run: [MicrosoftEdgeAutoLaunch_F65DF9D52833C185E3A8339600663ABC] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3854272 2024-01-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\120.0.6099.217\Installer\chrmstp.exe [2024-01-11] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {9C3AB1BF-F68A-4C56-AE5F-BFA71FB7B0C3} - System32\Tasks\ASC_SkipUac_sprzetowo => "C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe" /SkipUac (No File)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{4d4307b4-39ac-4ef8-90b1-3b5a0001bfd3}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{4d4307b4-39ac-4ef8-90b1-3b5a0001bfd3}: [DhcpDomain] home
Tcpip\..\Interfaces\{a3e0e863-8a72-4613-8845-580c0d9dcad3}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{a3e0e863-8a72-4613-8845-580c0d9dcad3}: [DhcpDomain] home

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\sprzetowo\AppData\Local\Microsoft\Edge\User Data\Default [2024-01-12]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\sprzetowo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2023-12-24]
Edge Extension: (Dokumenty Google offline) - C:\Users\sprzetowo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-12-24]
Edge Extension: (Edge relevant text changes) - C:\Users\sprzetowo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-12-17]
Edge Extension: (ESET Browser Privacy & Security) - C:\Users\sprzetowo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nkapkmklnmidbbgjaipbgpcnbomnaakc [2023-12-27]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [nkapkmklnmidbbgjaipbgpcnbomnaakc]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\sprzetowo\AppData\Local\Google\Chrome\User Data\Default [2024-01-14]
CHR Notifications: Default -> hxxps://www.facebook.com; hxxps://www.youtube.com
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://seznam.cz/"
CHR Extension: (Just Black) - C:\Users\sprzetowo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2023-12-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\sprzetowo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\sprzetowo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-12-17]
CHR Extension: (ESET Browser Privacy & Security) - C:\Users\sprzetowo\AppData\Local\Google\Chrome\User Data\Default\Extensions\oombnmpbbhbakfpfgdflaajkhicgfaam [2023-12-23]
CHR Profile: C:\Users\sprzetowo\AppData\Local\Google\Chrome\User Data\Profile 2 [2024-01-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\sprzetowo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-08]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\sprzetowo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-01-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\sprzetowo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-01-08]
CHR Extension: (ESET Browser Privacy & Security) - C:\Users\sprzetowo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\oombnmpbbhbakfpfgdflaajkhicgfaam [2024-01-08]
CHR Profile: C:\Users\sprzetowo\AppData\Local\Google\Chrome\User Data\System Profile [2024-01-08]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [oombnmpbbhbakfpfgdflaajkhicgfaam]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 efwd; C:\Program Files\ESET\ESET Security\efwd.exe [2537928 2023-11-14] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3850920 2023-11-14] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3850920 2023-11-14] (ESET, spol. s r.o. -> ESET)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_866484083fc526af\Display.NvContainer\NVDisplay.Container.exe [1274992 2023-12-23] (NVIDIA Corporation -> NVIDIA Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-17] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [215616 2023-11-14] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [120032 2023-11-14] (ESET, spol. s r.o. -> ESET)
R1 edevmonm; C:\WINDOWS\System32\DRIVERS\edevmonm.sys [122664 2023-11-14] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [16336 2023-11-14] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [254344 2023-11-14] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\System32\drivers\ekbdflt.sys [55528 2023-11-27] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [81824 2023-11-14] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [124168 2023-11-14] (ESET, spol. s r.o. -> ESET)
R3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [12183512 2023-11-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [55856 2023-12-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [594304 2023-12-17] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-17] (Microsoft Windows -> Microsoft Corporation)
S3 AscFileControl; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscFileControl.sys [X]
S3 AscFileFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscFileFilter.sys [X]
S3 AscRegistryFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscRegistryFilter.sys [X]
S3 cpuz154; \??\C:\WINDOWS\temp\cpuz154\cpuz154_x64.sys [X]
S3 iobit_monitor_server2021; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win10_x64.sys [X]
S4 IUFileFilter; \??\C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [X]
S3 IUProcessFilter; \??\C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [X]
S3 IURegistryFilter; \??\C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-01-14 15:17 - 2024-01-14 15:17 - 002389504 _____ (Farbar) C:\Users\sprzetowo\Downloads\FRST64 (2).exe
2024-01-13 00:54 - 2024-01-13 00:55 - 008791352 _____ (Malwarebytes) C:\Users\sprzetowo\Downloads\adwcleaner (2).exe
2024-01-12 02:47 - 2024-01-12 02:47 - 008791352 _____ (Malwarebytes) C:\Users\sprzetowo\Downloads\adwcleaner.exe
2024-01-12 02:47 - 2024-01-12 02:47 - 008791352 _____ (Malwarebytes) C:\Users\sprzetowo\Downloads\adwcleaner (1).exe
2024-01-12 02:29 - 2024-01-12 02:30 - 108317552 _____ (AO Kaspersky Lab) C:\Users\sprzetowo\Downloads\KVRT.exe
2024-01-11 20:16 - 2024-01-11 20:16 - 000000000 ___HD C:\$WinREAgent
2024-01-11 00:30 - 2024-01-11 00:30 - 000000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2024-01-08 01:55 - 2024-01-08 01:55 - 000002402 _____ C:\Users\sprzetowo\Desktop\Jirka - Chrome.lnk
2024-01-07 22:04 - 2024-01-07 22:23 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Microsoft\UProof
2024-01-07 22:04 - 2024-01-07 22:04 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Microsoft\Proof
2024-01-07 22:00 - 2024-01-14 15:16 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Microsoft\Šablony
2024-01-07 22:00 - 2024-01-14 15:15 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Microsoft\Word
2024-01-07 22:00 - 2024-01-11 03:02 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Microsoft\Office
2024-01-07 22:00 - 2024-01-07 22:00 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Microsoft\Doplňky
2024-01-07 22:00 - 2024-01-07 22:00 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Microsoft\Document Building Blocks
2024-01-07 21:59 - 2024-01-07 21:59 - 000001759 _____ C:\Users\sprzetowo\Desktop\WINWORD.lnk
2024-01-07 21:59 - 2024-01-07 21:59 - 000001739 _____ C:\Users\sprzetowo\Desktop\EXCEL.lnk
2024-01-07 21:45 - 2024-01-11 00:31 - 000000000 ____D C:\Program Files (x86)\Microsoft Works
2024-01-07 21:45 - 2024-01-07 21:45 - 000000000 ____D C:\Program Files (x86)\MSBuild
2024-01-07 21:45 - 2024-01-07 21:45 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2024-01-07 21:44 - 2024-01-07 21:44 - 000000000 ____D C:\WINDOWS\PCHEALTH
2024-01-07 21:43 - 2024-01-14 14:40 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2024-01-07 21:43 - 2024-01-07 21:44 - 000000000 ____D C:\WINDOWS\SHELLNEW
2024-01-07 21:43 - 2024-01-07 21:43 - 000000000 ____D C:\Users\sprzetowo\AppData\Local\Microsoft Help
2024-01-07 21:43 - 2024-01-07 21:43 - 000000000 ____D C:\Program Files\Microsoft Office
2023-12-28 03:00 - 2023-12-28 03:02 - 234916808 _____ (Ubisoft) C:\Users\sprzetowo\Downloads\UbisoftConnectInstaller (6).exe
2023-12-28 03:00 - 2023-12-28 03:02 - 234916808 _____ (Ubisoft) C:\Users\sprzetowo\Downloads\UbisoftConnectInstaller (5).exe
2023-12-28 03:00 - 2023-12-28 03:02 - 234916808 _____ (Ubisoft) C:\Users\sprzetowo\Downloads\UbisoftConnectInstaller (4).exe
2023-12-28 02:49 - 2023-12-28 02:50 - 234916808 _____ (Ubisoft) C:\Users\sprzetowo\Downloads\UbisoftConnectInstaller (3).exe
2023-12-24 13:50 - 2023-12-24 13:55 - 000004683 _____ C:\Users\sprzetowo\Downloads\Fixlog.txt
2023-12-24 13:46 - 2023-12-24 13:46 - 002387456 _____ (Farbar) C:\Users\sprzetowo\Downloads\FRST64 (1).exe
2023-12-24 12:04 - 2023-12-24 12:04 - 000000000 ____D C:\Users\sprzetowo\AppData\Local\mbam
2023-12-24 12:03 - 2023-12-27 18:04 - 000000000 ____D C:\Users\sprzetowo\AppData\Local\Malwarebytes
2023-12-24 12:02 - 2023-12-24 12:02 - 002606880 _____ (Malwarebytes) C:\Users\sprzetowo\Downloads\MBSetup.exe
2023-12-24 12:02 - 2023-12-24 12:02 - 000000000 ____D C:\Program Files\Malwarebytes
2023-12-24 00:48 - 2023-12-24 00:48 - 074559488 _____ C:\WINDOWS\system32\config\SOFTWARE.iobit
2023-12-24 00:48 - 2023-12-24 00:48 - 004243456 _____ C:\WINDOWS\system32\config\DRIVERS.iobit
2023-12-24 00:48 - 2023-12-24 00:48 - 000368640 _____ C:\WINDOWS\system32\config\DEFAULT.iobit
2023-12-24 00:48 - 2023-12-24 00:48 - 000061440 _____ C:\WINDOWS\system32\config\SAM.iobit
2023-12-24 00:48 - 2023-12-24 00:48 - 000028672 _____ C:\WINDOWS\system32\config\SECURITY.iobit
2023-12-23 23:52 - 2023-12-23 23:52 - 000003116 _____ C:\WINDOWS\system32\Tasks\ASC_SkipUac_sprzetowo
2023-12-23 23:50 - 2023-12-23 23:50 - 054963608 _____ (IObit ) C:\Users\sprzetowo\Downloads\advanced-systemcare-setup (2).exe
2023-12-23 21:53 - 2024-01-12 02:31 - 000000000 ____D C:\KVRT2020_Data
2023-12-23 21:43 - 2023-12-23 21:45 - 000000000 ____D C:\AdwCleaner
2023-12-23 21:43 - 2023-12-23 21:44 - 008791352 _____ (Malwarebytes) C:\Users\sprzetowo\Downloads\adwcleaner_8.4.0 (1).exe
2023-12-23 21:42 - 2023-12-23 21:42 - 008791352 _____ (Malwarebytes) C:\Users\sprzetowo\Downloads\adwcleaner_8.4.0.exe
2023-12-23 20:37 - 2023-12-24 13:49 - 000024468 _____ C:\Users\sprzetowo\Downloads\Addition.txt
2023-12-23 20:36 - 2024-01-14 15:19 - 000011221 _____ C:\Users\sprzetowo\Downloads\FRST.txt
2023-12-23 20:35 - 2024-01-14 15:18 - 000000000 ____D C:\FRST
2023-12-23 20:34 - 2023-12-23 20:34 - 002387456 _____ (Farbar) C:\Users\sprzetowo\Downloads\FRST64.exe
2023-12-23 19:16 - 2023-12-23 19:16 - 000466456 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2023-12-23 19:16 - 2023-12-23 19:16 - 000444952 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2023-12-23 19:16 - 2023-12-23 19:16 - 000122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2023-12-23 19:16 - 2023-12-23 19:16 - 000109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2023-12-23 19:16 - 2023-12-23 19:16 - 000000000 ____D C:\Program Files (x86)\OpenAL
2023-12-23 19:15 - 2023-12-23 19:17 - 000000000 ____D C:\ProgramData\Package Cache
2023-12-23 19:15 - 2023-12-23 19:15 - 000000000 ____D C:\Program Files (x86)\Microsoft XNA
2023-12-23 18:37 - 2023-12-23 18:37 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2023-12-23 18:36 - 2023-12-23 18:36 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2023-12-23 18:34 - 2023-12-23 18:34 - 001541256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2023-12-23 18:34 - 2023-12-23 18:34 - 001487368 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2023-12-23 18:34 - 2023-12-23 18:34 - 001424064 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2023-12-23 18:34 - 2023-12-23 18:34 - 001424064 _____ C:\WINDOWS\system32\vulkan-1.dll
2023-12-23 18:34 - 2023-12-23 18:34 - 001246400 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2023-12-23 18:34 - 2023-12-23 18:34 - 001246400 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2023-12-23 18:34 - 2023-12-23 18:34 - 001227288 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2023-12-23 18:34 - 2023-12-23 18:34 - 001198728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2023-12-23 18:34 - 2023-12-23 18:34 - 000957960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2023-12-23 18:34 - 2023-12-23 18:34 - 000850616 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2023-12-23 18:34 - 2023-12-23 18:34 - 000850616 _____ C:\WINDOWS\system32\vulkaninfo.exe
2023-12-23 18:34 - 2023-12-23 18:34 - 000810096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2023-12-23 18:34 - 2023-12-23 18:34 - 000731320 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-12-23 18:34 - 2023-12-23 18:34 - 000731320 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2023-12-23 18:34 - 2023-12-23 18:34 - 000670232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll
2023-12-23 18:34 - 2023-12-23 18:34 - 000505480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll
2023-12-23 18:33 - 2023-12-23 18:33 - 015095408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2023-12-23 18:33 - 2023-12-23 18:33 - 012375688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2023-12-23 18:33 - 2023-12-23 18:33 - 007869576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2023-12-23 18:33 - 2023-12-23 18:33 - 006745768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2023-12-23 18:33 - 2023-12-23 18:33 - 006462600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2023-12-23 18:33 - 2023-12-23 18:33 - 005862512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2023-12-23 18:33 - 2023-12-23 18:33 - 005861000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2023-12-23 18:33 - 2023-12-23 18:33 - 003620488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2023-12-23 18:33 - 2023-12-23 18:33 - 002170992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2023-12-23 18:33 - 2023-12-23 18:33 - 001624712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2023-12-23 18:33 - 2023-12-23 18:33 - 000997512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2023-12-23 18:33 - 2023-12-23 18:33 - 000853640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2023-12-23 18:33 - 2023-12-23 18:33 - 000773744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2023-12-23 18:33 - 2023-12-23 18:33 - 000459912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2023-12-23 18:33 - 2023-12-23 18:33 - 000113947 _____ C:\WINDOWS\system32\nvinfo.pb
2023-12-23 17:21 - 2024-01-12 02:50 - 000000000 ____D C:\Program Files (x86)\IObit
2023-12-23 17:21 - 2023-12-24 13:41 - 000000000 ____D C:\ProgramData\ProductData
2023-12-23 17:21 - 2023-12-23 23:58 - 000000000 ____D C:\ProgramData\ProductData3
2023-12-23 17:20 - 2024-01-12 02:50 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\IObit
2023-12-23 17:20 - 2024-01-12 02:50 - 000000000 ____D C:\ProgramData\IObit
2023-12-23 17:19 - 2023-12-23 17:20 - 054963608 _____ (IObit ) C:\Users\sprzetowo\Downloads\advanced-systemcare-setup (1).exe
2023-12-23 17:17 - 2023-12-23 17:18 - 054963608 _____ (IObit ) C:\Users\sprzetowo\Downloads\advanced-systemcare-setup.exe
2023-12-23 17:08 - 2023-12-23 17:08 - 000000000 ____D C:\Users\sprzetowo\AppData\Local\Backup
2023-12-18 03:49 - 2023-12-18 03:49 - 000000000 ____D C:\Users\sprzetowo\AppData\Local\CEF
2023-12-18 03:49 - 2023-12-18 03:49 - 000000000 ____D C:\ProgramData\Ubisoft
2023-12-18 03:48 - 2024-01-10 21:35 - 000000000 ____D C:\Users\sprzetowo\AppData\Local\Ubisoft Game Launcher
2023-12-18 03:48 - 2023-12-18 03:48 - 234916808 _____ (Ubisoft) C:\Users\sprzetowo\Downloads\UbisoftConnectInstaller (2).exe
2023-12-18 03:48 - 2023-12-18 03:48 - 000001327 _____ C:\Users\sprzetowo\Desktop\Ubisoft Connect.lnk
2023-12-18 03:48 - 2023-12-18 03:48 - 000000000 ____D C:\Program Files (x86)\Ubisoft
2023-12-18 03:46 - 2023-12-18 03:47 - 234916808 _____ (Ubisoft) C:\Users\sprzetowo\Downloads\UbisoftConnectInstaller (1).exe
2023-12-18 03:44 - 2023-12-18 03:45 - 234916808 _____ (Ubisoft) C:\Users\sprzetowo\Downloads\UbisoftConnectInstaller.exe
2023-12-18 03:31 - 2023-12-18 03:31 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Applied Acoustics Systems
2023-12-18 03:30 - 2024-01-12 17:25 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Celemony Software GmbH
2023-12-18 03:30 - 2023-12-18 03:30 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\SynthMaker
2023-12-18 02:39 - 2023-12-18 02:39 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2023-12-18 02:39 - 2023-12-18 02:39 - 000000000 ____D C:\ProgramData\Celemony Software GmbH
2023-12-18 02:39 - 2023-12-18 02:39 - 000000000 ____D C:\Program Files\Common Files\VST3
2023-12-18 02:39 - 2023-12-18 02:39 - 000000000 ____D C:\Program Files\Common Files\VST2
2023-12-18 02:39 - 2023-12-18 02:39 - 000000000 ____D C:\Program Files\Common Files\Celemony
2023-12-18 02:39 - 2023-12-18 02:39 - 000000000 ____D C:\Program Files\Common Files\Avid
2023-12-18 02:39 - 2023-12-18 02:39 - 000000000 ____D C:\Program Files\Celemony
2023-12-18 02:39 - 2023-12-18 02:39 - 000000000 ____D C:\Program Files (x86)\Celemony
2023-12-18 02:36 - 2023-12-18 02:36 - 000001858 _____ C:\Users\sprzetowo\AppData\Roaming\Microsoft\Windows\Start Menu\Mixcraft 9 Pro Studio (64-bit).lnk
2023-12-18 02:36 - 2023-12-18 02:36 - 000001834 _____ C:\Users\sprzetowo\Desktop\Mixcraft 9 Pro Studio (64-bit).lnk
2023-12-18 02:35 - 2023-12-18 02:35 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Acoustica
2023-12-18 02:34 - 2023-12-18 02:34 - 000000000 ____D C:\Program Files\Common Files\Propellerhead Software
2023-12-18 02:32 - 2023-12-18 02:32 - 000000000 ____D C:\Program Files (x86)\VST
2023-12-18 02:29 - 2023-12-18 03:34 - 000000000 ____D C:\Program Files\Acoustica Mixcraft 9
2023-12-18 02:29 - 2023-12-18 02:32 - 000000000 ____D C:\ProgramData\Acoustica
2023-12-18 02:29 - 2020-02-26 22:00 - 000001012 _____ C:\Users\sprzetowo\Desktop\Acoustica_Hosts_Patch.cmd
2023-12-18 01:54 - 2023-12-18 01:54 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Microsoft\HTML Help
2023-12-18 01:53 - 2023-12-18 01:58 - 000001040 _____ C:\Users\Public\Desktop\WinRAR.lnk
2023-12-18 01:53 - 2023-12-18 01:53 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\WinRAR
2023-12-18 01:50 - 2023-12-18 02:27 - 000000000 ____D C:\Program Files\WinRAR
2023-12-18 01:49 - 2023-12-18 01:49 - 003824480 _____ C:\Users\sprzetowo\Downloads\winrar-x64-624cz.exe
2023-12-18 01:30 - 2023-12-18 01:30 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Microsoft\WordPad
2023-12-18 01:12 - 2023-12-18 01:12 - 000002685 _____ C:\Users\sprzetowo\Desktop\Google Password Manager.lnk
2023-12-18 01:12 - 2023-12-18 01:12 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome
2023-12-18 00:50 - 2023-12-18 00:50 - 000002016 _____ C:\Users\Public\Desktop\ESET Zabezpečené bankovnictví a prohlížení webu.lnk
2023-12-18 00:50 - 2023-12-18 00:50 - 000000000 ____D C:\Users\sprzetowo\AppData\Local\ESET
2023-12-18 00:50 - 2023-12-18 00:50 - 000000000 ____D C:\ProgramData\ESET
2023-12-18 00:50 - 2023-12-18 00:50 - 000000000 ____D C:\Program Files\ESET
2023-12-18 00:44 - 2023-12-18 00:44 - 009798776 _____ (ESET) C:\Users\sprzetowo\Downloads\eset_smart_security_premium_live_installer.exe
2023-12-17 23:20 - 2023-12-17 23:20 - 000000000 ____D C:\ProgramData\PLUG
2023-12-17 23:19 - 2024-01-12 16:43 - 087556096 _____ C:\WINDOWS\system32\config\SOFTWARE
2023-12-17 23:16 - 2023-12-17 23:19 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2023-12-17 23:15 - 2023-12-17 23:15 - 000000000 ____D C:\WINDOWS\InboxApps
2023-12-17 21:27 - 2023-12-17 21:27 - 000016707 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2023-12-17 21:12 - 2023-12-17 21:12 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-12-17 21:05 - 2024-01-11 00:34 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-12-17 21:04 - 2023-12-17 21:04 - 000000000 ____D C:\Program Files\RUXIM
2023-12-17 20:28 - 2024-01-11 20:18 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-12-17 20:28 - 2024-01-11 20:18 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-12-17 20:28 - 2023-12-17 20:28 - 000000000 ____D C:\Users\sprzetowo\AppData\Local\Google
2023-12-17 20:28 - 2023-12-17 20:28 - 000000000 ____D C:\Program Files\Google
2023-12-17 20:27 - 2024-01-12 16:57 - 000000000 ____D C:\Program Files (x86)\Google
2023-12-17 20:27 - 2023-12-17 20:27 - 001376304 _____ (Google LLC) C:\Users\sprzetowo\Downloads\ChromeSetup.exe
2023-12-17 20:06 - 2023-12-17 20:06 - 000000375 _____ C:\Users\sprzetowo\Desktop\Ovládací panely – zástupce.lnk
2023-12-17 20:04 - 2023-12-17 20:04 - 000000000 ____D C:\Users\sprzetowo\Documents\FeedbackHub
2023-12-17 19:43 - 2023-12-17 19:43 - 000000000 ____D C:\Users\sprzetowo\AppData\Local\OneDrive
2023-12-17 17:11 - 2023-12-17 19:57 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Microsoft\Spelling
2023-12-17 16:52 - 2023-12-17 16:52 - 000000000 ____D C:\Users\sprzetowo\AppData\Local\Comms
2023-12-17 16:43 - 2023-12-23 17:06 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1276438215-3619228080-4072379647-1001
2023-12-17 16:42 - 2023-12-27 21:40 - 000000000 ____D C:\Users\sprzetowo\AppData\Local\D3DSCache
2023-12-17 16:42 - 2023-12-23 17:06 - 000003388 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1276438215-3619228080-4072379647-1001
2023-12-17 16:42 - 2023-12-18 02:07 - 000000000 ____D C:\Users\sprzetowo\AppData\Local\PlaceholderTileLogoFolder
2023-12-17 16:42 - 2023-12-17 16:42 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2023-12-17 16:41 - 2023-12-17 16:41 - 000000000 ____D C:\Users\sprzetowo\AppData\Local\Publishers
2023-12-17 16:40 - 2024-01-14 15:17 - 000000000 ____D C:\Users\sprzetowo\AppData\Local\Packages
2023-12-17 16:40 - 2024-01-12 16:48 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-12-17 16:40 - 2023-12-18 03:31 - 000000000 ____D C:\Users\sprzetowo\AppData\Local\VirtualStore
2023-12-17 16:40 - 2023-12-17 23:20 - 000000000 ____D C:\Users\sprzetowo\AppData\Local\ConnectedDevicesPlatform
2023-12-17 16:40 - 2023-12-17 17:31 - 000000000 ____D C:\ProgramData\Packages
2023-12-17 16:40 - 2023-12-17 16:40 - 000000020 ___SH C:\Users\sprzetowo\ntuser.ini
2023-12-17 16:40 - 2023-12-17 16:40 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Microsoft\Network
2023-12-17 16:40 - 2023-12-17 16:40 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Adobe
2023-12-17 16:35 - 2024-01-12 16:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-12-17 16:35 - 2023-12-17 20:05 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-12-17 16:35 - 2023-12-17 16:35 - 000003638 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-12-17 16:35 - 2023-12-17 16:35 - 000003544 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1da30fd81d88c79
2023-12-17 16:35 - 2023-12-17 16:35 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2023-12-17 16:35 - 2023-12-17 16:35 - 000000000 _SHDL C:\Users\Default User
2023-12-17 16:35 - 2023-12-17 16:35 - 000000000 _SHDL C:\Users\All Users
2023-12-17 16:35 - 2023-12-17 16:35 - 000000000 _SHDL C:\ProgramData\Šablony
2023-12-17 16:35 - 2023-12-17 16:35 - 000000000 _SHDL C:\ProgramData\Plocha
2023-12-17 16:35 - 2023-12-17 16:35 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2023-12-17 16:35 - 2023-12-17 16:35 - 000000000 _SHDL C:\ProgramData\Dokumenty
2023-12-17 16:35 - 2023-12-17 16:35 - 000000000 _SHDL C:\ProgramData\Data aplikací
2023-12-17 16:33 - 2023-12-17 16:33 - 000023758 _____ C:\Users\sprzetowo\Desktop\Odebrané aplikace.html
2023-12-17 16:33 - 2023-12-17 16:33 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Microsoft\SystemCertificates
2023-12-17 16:33 - 2023-12-17 16:33 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Microsoft\Crypto
2023-12-17 16:30 - 2023-12-23 17:06 - 000002393 _____ C:\Users\sprzetowo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-12-17 16:30 - 2023-12-17 16:40 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Microsoft\Windows
2023-12-17 16:30 - 2023-12-17 16:40 - 000000000 ____D C:\Users\sprzetowo
2023-12-17 16:30 - 2023-12-17 16:30 - 000000000 _SHDL C:\Users\sprzetowo\Šablony
2023-12-17 16:30 - 2023-12-17 16:30 - 000000000 _SHDL C:\Users\sprzetowo\Soubory cookie
2023-12-17 16:30 - 2023-12-17 16:30 - 000000000 _SHDL C:\Users\sprzetowo\Poslední
2023-12-17 16:30 - 2023-12-17 16:30 - 000000000 _SHDL C:\Users\sprzetowo\Okolní tiskárny
2023-12-17 16:30 - 2023-12-17 16:30 - 000000000 _SHDL C:\Users\sprzetowo\Okolní síť
2023-12-17 16:30 - 2023-12-17 16:30 - 000000000 _SHDL C:\Users\sprzetowo\Nabídka Start
2023-12-17 16:30 - 2023-12-17 16:30 - 000000000 _SHDL C:\Users\sprzetowo\Dokumenty
2023-12-17 16:30 - 2023-12-17 16:30 - 000000000 _SHDL C:\Users\sprzetowo\Documents\Obrázky
2023-12-17 16:30 - 2023-12-17 16:30 - 000000000 _SHDL C:\Users\sprzetowo\Documents\Hudba
2023-12-17 16:30 - 2023-12-17 16:30 - 000000000 _SHDL C:\Users\sprzetowo\Documents\Filmy
2023-12-17 16:30 - 2023-12-17 16:30 - 000000000 _SHDL C:\Users\sprzetowo\Data aplikací
2023-12-17 16:30 - 2023-12-17 16:30 - 000000000 _SHDL C:\Users\sprzetowo\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2023-12-17 16:30 - 2023-12-17 16:30 - 000000000 _SHDL C:\Users\sprzetowo\AppData\Local\Data aplikací
2023-12-17 16:27 - 2024-01-14 14:38 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-12-17 16:27 - 2024-01-13 01:27 - 000000000 ____D C:\ProgramData\NVIDIA
2023-12-17 16:27 - 2023-12-17 20:33 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2023-12-17 16:27 - 2023-12-17 16:27 - 000979199 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2023-12-17 16:27 - 2023-12-17 16:27 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2023-12-17 16:27 - 2023-12-17 16:27 - 000000000 ____H C:\ProgramData\DP45977C.lfl
2023-12-17 16:27 - 2023-12-17 16:27 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2023-12-17 16:27 - 2023-12-17 16:27 - 000000000 ____D C:\WINDOWS\system32\lxss
2023-12-17 16:27 - 2023-12-17 16:27 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2023-12-17 16:27 - 2023-12-17 16:27 - 000000000 ____D C:\WINDOWS\system32\DAX3
2023-12-17 16:27 - 2023-12-17 16:27 - 000000000 ____D C:\WINDOWS\system32\DAX2
2023-12-17 16:27 - 2023-12-17 16:27 - 000000000 ____D C:\ProgramData\Audyssey Labs
2023-12-17 16:27 - 2023-12-17 16:27 - 000000000 ____D C:\Program Files\Realtek
2023-12-17 16:26 - 2024-01-12 16:44 - 000443840 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-12-17 16:26 - 2024-01-12 16:43 - 000008192 ___SH C:\DumpStack.log.tmp
2023-12-17 16:26 - 2024-01-12 00:49 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-12-17 16:25 - 2023-12-23 18:16 - 000000000 ____D C:\WINDOWS\Panther
2023-12-17 16:22 - 2023-12-23 17:30 - 000000000 ____D C:\Windows.old
2023-12-17 16:21 - 2023-12-17 16:21 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2023-12-17 16:20 - 2023-12-17 16:20 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2023-12-17 16:20 - 2023-12-17 16:20 - 000000000 ____D C:\WINDOWS\Setup
2023-12-17 16:19 - 2024-01-12 16:48 - 000682184 _____ C:\WINDOWS\system32\perfh005.dat
2023-12-17 16:19 - 2024-01-12 16:48 - 000137000 _____ C:\WINDOWS\system32\perfc005.dat
2023-12-17 16:19 - 2023-12-17 16:41 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\SysWOW64\0409
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\system32\winrm
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\system32\WCN
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\system32\slmgr
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\system32\cs
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\system32\0409
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\OCR
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\DigitalLocker
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\addins
2023-12-17 16:19 - 2023-12-17 16:19 - 000000000 ____D C:\ProgramData\ssh
2023-12-17 16:17 - 2024-01-14 14:57 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-12-17 16:17 - 2024-01-14 14:38 - 000000000 ___HD C:\Program Files\WindowsApps
2023-12-17 16:17 - 2024-01-14 14:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-12-17 16:17 - 2024-01-12 16:57 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-12-17 16:17 - 2024-01-12 03:54 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2023-12-17 16:17 - 2024-01-12 03:54 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-12-17 16:17 - 2024-01-12 03:54 - 000000000 ____D C:\WINDOWS\SystemResources
2023-12-17 16:17 - 2024-01-12 03:54 - 000000000 ____D C:\WINDOWS\system32\setup
2023-12-17 16:17 - 2024-01-12 03:54 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-12-17 16:17 - 2024-01-12 03:54 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-12-17 16:17 - 2024-01-11 20:28 - 000000167 _____ C:\WINDOWS\win.ini
2023-12-17 16:17 - 2024-01-07 21:45 - 000000000 ___RD C:\Program Files (x86)
2023-12-17 16:17 - 2024-01-07 21:44 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-12-17 16:17 - 2023-12-27 18:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-12-17 16:17 - 2023-12-23 17:04 - 000000000 ____D C:\WINDOWS\appcompat
2023-12-17 16:17 - 2023-12-17 23:15 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-12-17 16:17 - 2023-12-17 23:15 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-12-17 16:17 - 2023-12-17 23:15 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-12-17 16:17 - 2023-12-17 23:15 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-12-17 16:17 - 2023-12-17 23:15 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-12-17 16:17 - 2023-12-17 23:15 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-12-17 16:17 - 2023-12-17 23:15 - 000000000 ____D C:\WINDOWS\Provisioning
2023-12-17 16:17 - 2023-12-17 23:15 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-12-17 16:17 - 2023-12-17 20:04 - 000000000 ____D C:\Program Files\Windows Defender
2023-12-17 16:17 - 2023-12-17 16:57 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-12-17 16:17 - 2023-12-17 16:57 - 000000000 ____D C:\WINDOWS\ServiceState
2023-12-17 16:17 - 2023-12-17 16:41 - 000000000 ____D C:\WINDOWS\system32\spool
2023-12-17 16:17 - 2023-12-17 16:41 - 000000000 ____D C:\ProgramData\USOPrivate
2023-12-17 16:17 - 2023-12-17 16:35 - 000000000 ____D C:\Program Files\Windows NT
2023-12-17 16:17 - 2023-12-17 16:33 - 000000000 __RHD C:\Users\Public\Libraries
2023-12-17 16:17 - 2023-12-17 16:33 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows
2023-12-17 16:17 - 2023-12-17 16:26 - 000000000 ____D C:\WINDOWS\system32\config\TxR
2023-12-17 16:17 - 2023-12-17 16:23 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2023-12-17 16:17 - 2023-12-17 16:22 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ___SD C:\WINDOWS\system32\F12
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ___SD C:\WINDOWS\system32\dsc
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\system32\MUI
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\system32\Com
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\IME
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\WINDOWS\Help
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\Program Files\Common Files\System
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\Program Files (x86)\Windows NT
2023-12-17 16:17 - 2023-12-17 16:19 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 __SHD C:\Program Files\Windows Sidebar
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 __RSD C:\WINDOWS\Media
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ___SD C:\WINDOWS\system32\Nui
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ___SD C:\WINDOWS\system32\Configuration
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ___HD C:\WINDOWS\LanguageOverlayCache
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\Web
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\WaaS
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\Vss
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\tracing
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\TAPI
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ras
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\Msdtc
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SystemApps
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\winevt
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\ti-et
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\ta-lk
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\ta-in
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\si-lk
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\ras
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\ProximityToast
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\PointOfService
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\osa-Osge-001
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\NDF
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\my-mm
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\Macromed
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\Keywords
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\Ipmi
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\IME
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\icsxml
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\ias
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\Hydrogen
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\GroupPolicyUsers
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\ff-Adlm-SN
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\DriverState
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\downlevel
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\ContainerSettingsProviders
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\config\RegBack
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\config\Journal
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\Bthprops
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\am-et
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\System
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SKB
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\schemas
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\SchCache
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\security
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\Resources
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\rescache
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\Registration
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\PLA
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\Performance
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\ModemLogs
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\L2Schemas
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\InputMethod
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\IdentityCRL
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\Globalization
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\DiagTrack
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\Cursors
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\Containers
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\Branding
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\ProgramData\USOShared
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\Program Files\Windows Security
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\Program Files\Windows Portable Devices
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\Program Files\ModifiableWindowsApps
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\Program Files\Common Files\Services
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2023-12-17 16:17 - 2023-12-17 16:17 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2023-12-17 16:17 - 2023-12-17 16:15 - 000017635 _____ C:\WINDOWS\system32\Drivers\etc\services
2023-12-17 16:17 - 2023-12-17 16:15 - 000003103 _____ C:\WINDOWS\SysWOW64\mmc.exe.config
2023-12-17 16:17 - 2023-12-17 16:15 - 000003103 _____ C:\WINDOWS\system32\mmc.exe.config
2023-12-17 16:17 - 2023-12-17 16:15 - 000001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol
2023-12-17 16:17 - 2023-12-17 16:15 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2023-12-17 16:17 - 2023-12-17 16:15 - 000000407 _____ C:\WINDOWS\system32\Drivers\etc\networks
2023-12-17 16:15 - 2024-01-12 16:48 - 000000000 ____D C:\WINDOWS\INF
2023-12-17 16:12 - 2024-01-12 03:55 - 013893632 _____ C:\WINDOWS\system32\config\SYSTEM
2023-12-17 16:12 - 2024-01-12 03:55 - 000524288 _____ C:\WINDOWS\system32\config\DEFAULT
2023-12-17 16:12 - 2024-01-12 03:55 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-12-17 16:12 - 2024-01-12 03:55 - 000065536 _____ C:\WINDOWS\system32\config\SAM
2023-12-17 16:12 - 2024-01-12 03:55 - 000032768 _____ C:\WINDOWS\system32\config\SECURITY
2023-12-17 16:12 - 2024-01-11 00:42 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-12-17 16:12 - 2023-12-17 23:15 - 000000000 ____D C:\WINDOWS\servicing
2023-12-17 16:12 - 2023-12-17 16:51 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-12-17 16:12 - 2023-12-17 16:17 - 000000000 ____D C:\WINDOWS\system32\SMI
2023-12-17 16:10 - 2023-12-17 16:25 - 000000000 ___HD C:\$SysReset

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-01-14 15:03 - 2023-10-01 21:51 - 000000000 ____D C:\Users\sprzetowo\Desktop\za pár key
2024-01-14 14:38 - 2022-11-28 22:01 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-01-12 17:25 - 2023-11-26 23:46 - 000000000 ____D C:\Users\sprzetowo\Desktop\backup
2024-01-12 17:25 - 2023-11-15 01:20 - 001498300 _____ C:\Users\sprzetowo\Desktop\Open song.mx9
2024-01-12 02:50 - 2022-11-04 13:23 - 000000000 ____D C:\Users\sprzetowo\AppData\LocalLow\IObit
2024-01-07 21:45 - 2023-05-31 23:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2023-12-24 15:18 - 2023-05-14 19:38 - 000000000 ____D C:\Users\sprzetowo\AppData\LocalLow\Temp
2023-12-24 15:02 - 2020-03-10 10:30 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-12-24 13:41 - 2023-09-30 17:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 11
2023-12-23 18:16 - 2022-11-28 23:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TLauncher
2023-12-18 03:52 - 2022-12-01 03:11 - 000000235 _____ C:\Users\sprzetowo\Desktop\Assassin's Creed Valhalla.url
2023-12-18 02:36 - 2023-02-04 03:48 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Acoustica Mixcraft 9 (64-bit)
2023-12-18 01:58 - 2023-02-04 03:32 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-12-18 01:58 - 2023-02-04 03:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-12-17 16:42 - 2020-03-10 11:34 - 000000000 ___RD C:\Users\sprzetowo\OneDrive
2023-12-17 16:40 - 2020-03-10 10:30 - 000000000 ___RD C:\Users\sprzetowo\3D Objects
2023-12-17 16:33 - 2022-11-29 02:37 - 000000000 ____D C:\Users\sprzetowo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2023-12-17 16:22 - 2023-11-27 00:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Celemony
2023-12-17 16:22 - 2023-11-20 23:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
2023-12-17 16:22 - 2023-10-25 03:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2023-12-17 16:22 - 2023-04-26 19:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2023-12-17 16:22 - 2023-03-06 00:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\M-Audio
2023-12-17 16:22 - 2023-02-04 03:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IK Multimedia
2023-12-17 16:22 - 2022-12-13 02:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrueCrypt
2023-12-17 16:22 - 2022-11-29 01:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

#8 Příspěvek od **Rudy** » 15 led 2024 09:35

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
C:\ProgramData\DP45977C.lfl
ContextMenuHandlers3: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => -> No File
AlternateDataStreams: C:\Users\sprzetowo\Downloads\FRST64 (1).exe:MBAM.Zone.Identifier [240]
C:\Windows.old\Users\Jirka\Downloads\IK Multimedia - MODO DRUM 1.1.3 STANDALONE, VSTi, VSTi3, AAX x64\R2R\IK_Multimedia_Keygen.exe

EmptyTemp:
End

Uložte do C:\Users\sprzetowo\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Doporučuji odinstalovat IOBit. Tento čínský šmejd umožňuje laikovi, aby si mohlo celkem bez problémů poškodit systém. Na čištění je lépe používat CCleaner: https://www.ccleaner.com/cs-cz/ccleaner ... gIhZvD_BwE . Změňte všechna hesla.

jirkabj · #9 Příspěvek od **jirkabj** » 19 led 2024 01:01

Fix result of Farbar Recovery Scan Tool (x64) Version: 16.01.2024
Ran by sprzetowo (19-01-2024 00:57:23) Run:2
Running from C:\Users\sprzetowo\Downloads
Loaded Profiles: sprzetowo
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
C:\ProgramData\DP45977C.lfl
ContextMenuHandlers3: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => -> No File
AlternateDataStreams: C:\Users\sprzetowo\Downloads\FRST64 (1).exe:MBAM.Zone.Identifier [240]
C:\Windows.old\Users\Jirka\Downloads\IK Multimedia - MODO DRUM 1.1.3 STANDALONE, VSTi, VSTi3, AAX x64\R2R\IK_Multimedia_Keygen.exe

*****************

Processes closed successfully.
C:\ProgramData\DP45977C.lfl => moved successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\Advanced SystemCare => removed successfully
"C:\Users\sprzetowo\Downloads\FRST64 (1).exe" => ":MBAM.Zone.Identifier" ADS not found.
"C:\Windows.old\Users\Jirka\Downloads\IK Multimedia - MODO DRUM 1.1.3 STANDALONE, VSTi, VSTi3, AAX x64\R2R\IK_Multimedia_Keygen.exe" => not found

The system needed a reboot.

==== End of Fixlog 00:57:23 ====

#10 Příspěvek od **Rudy** » 19 led 2024 09:15

OK, smazáno. Nastala nějaká změna?

jirkabj · #11 Příspěvek od **jirkabj** » 21 led 2024 18:44

tohle mi někdo poslal - předtím už přišel jeden ale v angličtině.mezitím mi zablokovali seznam email učet s tím že z něj někdo rozesílá spam emaily ve velkém množství

POPLACH - Napadl jsem te a ukradl jsem ti informace a fotku

Vazeny/a dieselljeansjirka@seznam.cz,
s litosti vam oznamuji, ze doslo k bezpecnostnimu poruseni tykajicimu se zarizeni, ktera pouzivate pro internetove prohlizeni.
Pred nekolika mesici jsem ziskal neopravneny pristup k temto zarizenim a sledoval vase internetove aktivity.
Nedavno se mi podarilo hacknout vase e-mailove ucty, vcetne vaseho hesla: %zbozi%vule%kral%jirkaBJ16354.

Navic jsem na vsechna zarizeni, ktera pouzivate k pristupu k e-mailu, nainstaloval trojsky virus.
To bylo mozne diky tomu, ze jste klikli na odkazy ve svych e-mailovych dorucenych slozkach, coz mi usnadnilo proniknout do vaseho systemu.
Pomoci tohoto softwaru jsem ziskal pristup k ruznym funkcim vasich zarizeni, jako je mikrofon, videokamera a klavesnice.
Take jsem ziskal a ulozil vase osobni informace, data, fotografie a historii prohlizeni webu na svych serverech.
Krome toho jsem ziskal pristup k vasim poselum, socialnim sitim, e-mailove korespondenci, historii chatu a seznamu kontaktu.
Abych zustal nezjisten, muj virus neustale obnovuje sve podpisy, coz znamena, ze je neviditelny pro antivirovy software.

Behem meho vysetrovani jsem zjistil, ze casto navstevujete webove stranky pro dospele a zabyvate se explicitnim obsahem.
Podarilo se mi nahrat explicitni videa vas a vytvorit montaz, ktera ukazuje vase intimni okamziky a sebeuspokojovani.
Pokud pochybujete o autenticnosti mych tvrzeni, mohu snadno tyto videa sdilet s vasimi prateli, kolegy a pribuznymi, nebo je dokonce zverejnit verejne.

Verim, ze je ve vasem nejlepsim zajmu tomu zabranit, s ohledem na potencialni nasledky zverejneni takoveho explicitniho obsahu.
Proto navrhuji reseni: prevest 500 USD na muj bitcoinovy ucet (podrobnosti jsou uvedeny nize), na zaklade smenneho kurzu v dobe transakce.
Jakmile bude prevod dokoncen, okamzite smazu veskery kompromitujici material.
Pote se nase cesty rozejdou a zarucuji vam, ze deaktivuji a odstranim veskery skodlivy software z vasich zarizeni.
Muzete se spolehnout, ze splnim svou cast dohody.

S ohledem na rozsahle informace, ktere o vas mam, a cas, ktery jsem venoval sledovani vasich aktivit, povazuji tuto nabidku za spravedlivou a rozumnou.
Pokud si nejste jisti, jak nakupovat a prevadet bitcoiny, doporucuji pouzit vyhledavac pro pomoc.

Bitcoinovy ucet: bc1q5r6aprgv0rmngd4yzk7auxxgklq5t0ju5f3uks

Prosim, nedelejte nasledujici kroky:

Neodpovidejte na tento e-mail, protoze jsem ho vytvoril ve vasi dorucene slozce a vygeneroval jsem navratovou adresu.
Nepokousejte se kontaktovat policii nebo jine bezpecnostni sluzby. Navic neinformujte sve pratele, protoze mi bude snadne zjistit takove kroky diky memu ovladani vaseho systemu. V takovem pripade okamzite zverejnim videa verejne.
Je zbytecne se pokouset me najit, protoze vsechny transakce s kryptomenami jsou anonymni.
Preinstalovani operacniho systemu nebo se zbavit vasich zarizeni nebude ucinne, protoze videa jiz byla ulozena na vzdalenych serverech.

Nekolik veci, o kterych se nemusite obavat:

Okamzite obdrzim vas prevod financnich prostredku, protoze neustale sleduji vase aktivity prostrednictvim meho trojskeho viru, ktery ma schopnost vzdaleneho ovladani podobnou sluzbe TeamViewer.
Jakmile bude prevod financnich prostredku dokoncen, nemam zajem sdilet vase videa. Nemam zajem komplikovat vas zivot dale, protoze bych tak ucinil jiz drive, kdyby to byl muj zamer. Budte si jisti, ze vsechno bude reseno ferove.

Nakonec vam durazne doporucuji vyhnout se podobnym situacim v budoucnosti. Je moudre pravidelne menit vsechna sva hesla, abyste zvysili svou online bezpecnost.

#12 Příspěvek od **Rudy** » 21 led 2024 19:56

Změňte všechna přístupová hesla a udělejte kompletní sken AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179. Utilitu stáhněte, spusťte, nechte pracovat a po skončwení akce smažte vše, co najde. Tohle mi připomíná můj vl. problém asi před 3roky. Vše, co jsem udělal, že jsem změnil heslo k mailu, proskenoval PC běžnými utilitami (to jsem provedl u vás také) a byl klid. Myslím, že ten týpek neuměl nic víc, než hacknout heslo od mailu.

jirkabj · #13 Příspěvek od **jirkabj** » 21 led 2024 23:28

avp tool Nic nenašel - přistupová hesla jsem měnil třikráta pokažé mi je zase někdo změnil.ted naposled mi seznam zablokoval email takže se na něj nedostanu

#14 Příspěvek od **Rudy** » 22 led 2024 09:31

OK. Zjistili jsme, že v PC žádný virový problém není. Mail na Seznamu musíte reklamovat na Seznamu, s tím já nic nesvedu a neznám důvod, proč vám Seznam mail zablokoval. Mohu jen odstranit malware z vašeho PC.

VIRY.CZ

Nějaký virus mi mění a krade hesla na email microsoft google

Nějaký virus mi mění a krade hesla na email microsoft google

Re: Nějaký virus mi mění a krade hesla na email microsoft google

Re: Nějaký virus mi mění a krade hesla na email microsoft google

Re: Nějaký virus mi mění a krade hesla na email microsoft google

Re: Nějaký virus mi mění a krade hesla na email microsoft google

Re: Nějaký virus mi mění a krade hesla na email microsoft google

Re: Nějaký virus mi mění a krade hesla na email microsoft google

Re: Nějaký virus mi mění a krade hesla na email microsoft google

Re: Nějaký virus mi mění a krade hesla na email microsoft google

Re: Nějaký virus mi mění a krade hesla na email microsoft google

Re: Nějaký virus mi mění a krade hesla na email microsoft google

Re: Nějaký virus mi mění a krade hesla na email microsoft google

Re: Nějaký virus mi mění a krade hesla na email microsoft google

Re: Nějaký virus mi mění a krade hesla na email microsoft google