Prosím o kontrolu logu - Ransomware Vyřešeno

[jaro3]

Log z RogueKiller ?

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O1 - Hosts: ::1 localhost
O18 - Protocol: WSKVAllmytubechrome - {91AB862D-07B8-4A85 - (no file)

Vypni antivir i firewall.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
další odkaz:
http://www.bleepingcomputer.com/downloa ... scan-tool/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

[Reklama]

[nandigo]

RogueKiller Anti-Malware V14.3.0.0 (x64) [Mar 23 2020] (Free) by Adlice Software
mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.18362) 64 bits
Started in : Normal mode
User : kapit [Administrator]
Started from : C:\Users\kapit\Desktop\RogueKiller_portable64.exe
Signatures : 20200325_092623, Driver : Loaded
Mode : Standard Scan, Scan -- Date : 2020/03/25 22:19:29 (Duration : 01:09:02)

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[PUP.Gen1 (Potentially Malicious)] \ACC -- C:\Program Files\DriverSetupUtility\FUB\FUB_Send.bat -> Found
[PUP.HackTool (Potentially Malicious)] \AutoPico Daily Restart -- "C:\Program Files\KMSpico\AutoPico.exe" [/silent] -> Found

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
>>>>>> XX - Software
[PUP.Gen1 (Potentially Malicious)] (X86) HKEY_LOCAL_MACHINE\Software\SereneScreen -- N/A -> Found
[PUP.Gen1 (Potentially Malicious)] (X64) HKEY_USERS\S-1-5-21-1638003504-3678973619-763609851-1001\Software\eSupport.com -- N/A -> Found
[PUP.Gen1 (Potentially Malicious)] (X64) HKEY_USERS\S-1-5-21-1638003504-3678973619-763609851-1001\Software\SereneScreen -- N/A -> Found
>>>>>> XX - Screensaver
[Suspicious.Path (Potentially Malicious)] (X64) HKEY_USERS\S-1-5-21-1638003504-3678973619-763609851-1001\Control Panel\Desktop|SCRNSAVE.EXE -- C:\WINDOWS\MARINE~1.SCR -> Found

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[PUP.HackTool (Potentially Malicious)] (file) SECOH-QAD.exe -- C:\Windows\SECOH-QAD.exe -> Found
[Tr.Razy (Malicious)] (folder) TimerUtc -- C:\Users\kapit\AppData\Roaming\TimerUtc -> Found
[PUP.HackTool (Potentially Malicious)] (folder) KMSpico -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico -> Found
[PUP.HackTool (Potentially Malicious)] (folder) KMSpico -- C:\Program Files\KMSpico -> Found

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

[nandigo]

díl 1.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-03-2020
Ran by kapit (administrator) on BERUNA (ASUSTeK COMPUTER INC. X550CL) (26-03-2020 19:07:52)
Running from C:\Users\kapit\Desktop
Loaded Profiles: kapit (Available Profiles: kapit)
Platform: Windows 10 Pro Version 1903 18362.720 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(CyberLink Corp. -> CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(DEVGURU CO LTD -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\80.0.3987.18\remoting_host.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\80.0.3987.18\remoting_host.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\NisSrv.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(PACE Anti-Piracy, Inc. -> PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1638003504-3678973619-763609851-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-20] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-1638003504-3678973619-763609851-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [48214720 2020-02-27] (Google LLC -> )
HKU\S-1-5-21-1638003504-3678973619-763609851-1001\...\Policies\Explorer: [NoSecurityTab] 1
HKU\S-1-5-21-1638003504-3678973619-763609851-1001\...\MountPoints2: {203bf637-c388-11e9-9176-d850e6e087de} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1638003504-3678973619-763609851-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\logon.scr
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.149\Installer\chrmstp.exe [2020-03-18] (Google LLC -> Google LLC)
Startup: C:\Users\kapit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\viva.ini.lnk [2020-03-20]
ShortcutTarget: viva.ini.lnk -> C:\Users\kapit\AppData\viva.js (No File)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0341BC6F-B678-4AE6-9FB4-A77FFD4B0517} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
Task: {17E042A1-8E15-42D3-AA45-BF3990B88AA2} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
Task: {19CA0B9A-EA90-49A2-8B23-10BB162207C7} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [659520 2019-11-04] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {1DA660A7-EC56-4D31-95EF-85E99D2CDC6E} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18400 2017-03-09] (ASUSTeK Computer Inc. -> AsusTek)
Task: {251B6C7B-203F-409F-89E4-D3B4549FD21F} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe
Task: {269980F4-370B-4720-9C75-68726EF93434} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
Task: {36BBD51C-3255-4287-B8A7-E3B30F369569} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {3842511F-E48C-4BE3-ABF5-4684EF1FD6DC} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-20] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {40E22114-17D8-4AED-83C3-554343CD2FD1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {4CB3CDA2-7DEA-447A-AE43-320F746EEB04} - System32\Tasks\AdobeAAMUpdater-1.0-BERUNA-kapit => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {5FFCCB7F-3D99-48EE-9DEC-DA2CDDFEE938} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-03] (Google Inc -> Google Inc.)
Task: {60C2EC0B-1069-4825-8998-A9DED4BBB252} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1484288 2000-01-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {62A9D875-8C32-4AF0-A7EA-BCEDB268402C} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
Task: {757234C4-EEDC-4B94-9061-64BB939D6E0A} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-03-12] (Adobe Inc. -> Adobe)
Task: {794A9FC7-F823-45AC-8EC2-D404F57B051F} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_344_Plugin.exe [1458232 2020-03-12] (Adobe Inc. -> Adobe)
Task: {7BB5B7BC-7347-4059-9EA5-371AA3217B3A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7F1F5124-EA0D-44AC-98CE-E98EC52CEF00} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-20] (Piriform Software Ltd -> Piriform Ltd)
Task: {8A7FC109-16AF-4D7A-8743-986348F1D12A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-03] (Google Inc -> Google Inc.)
Task: {A0D454EB-5B46-41C8-A782-A1F102CB6C42} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1484288 2000-01-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {A196CA18-C407-4F11-9C4F-A7F3E55FC8C1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BD70A63B-536F-48FB-8250-B82C756D09B7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C7086754-681E-4534-B0BA-1CDE3E5DBEEB} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe
Task: {CB4951E5-EF36-4423-B33F-BC6C0F3CB644} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1484288 2000-01-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {D0CC0D03-9DC9-4914-9596-3DBD2EC6CCD7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E4A67BAF-B447-496D-968B-A6FDCA48B391} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {EDC4C912-3027-457F-8813-7926D6859080} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {F82C01C5-4033-44BE-9CCA-E639C6BF8468} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{13e7fafd-bf58-422a-a5f4-3dd0c8b5be60}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5a216058-1903-4503-81dd-da5794074c69}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{6feb85f3-1a95-4ebf-aa1c-b2c1434e4f42}: [DhcpNameServer] 192.168.0.1

[nandigo]

díl 2.

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-1638003504-3678973619-763609851-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2020-02-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2019-12-17] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: WSKVAllmytubechrome - {91AB862D-07B8-4A85 - No File

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_344.dll [2020-03-12] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_344.dll [2020-03-12] (Adobe Inc. -> )
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2019-07-02] (CANON INC.) [File not signed]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google Inc -> Google, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-09-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-08-10] (Nero AG -> Nero AG)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\kapit\AppData\Local\Google\Chrome\User Data\Default [2020-03-26]
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Extension: (Prezentace) - C:\Users\kapit\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-26]
CHR Extension: (Dokumenty) - C:\Users\kapit\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-26]
CHR Extension: (Disk Google) - C:\Users\kapit\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-03-26]
CHR Extension: (YouTube) - C:\Users\kapit\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-26]
CHR Extension: (Island of Love) - C:\Users\kapit\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddflbhlhphojgjenkeoigncnolnmmbcn [2020-03-26]
CHR Extension: (Tampermonkey) - C:\Users\kapit\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2020-03-26]
CHR Extension: (Tabulky) - C:\Users\kapit\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-26]
CHR Extension: (Vzdálená plocha Chrome) - C:\Users\kapit\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2020-03-26]
CHR Extension: (Dokumenty Google offline) - C:\Users\kapit\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-26]
CHR Extension: (FormApps Extension) - C:\Users\kapit\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2020-03-26]
CHR Extension: (Chrome Remote Desktop) - C:\Users\kapit\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2020-03-26]
CHR Extension: (Save to Facebook) - C:\Users\kapit\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfikkaogpplgnfjmbjdpalkhclendgd [2020-03-26]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\kapit\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2020-03-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\kapit\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-26]
CHR Extension: (Gmail) - C:\Users\kapit\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-03-26]
CHR Extension: (Chrome Media Router) - C:\Users\kapit\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-26]
CHR HKU\S-1-5-21-1638003504-3678973619-763609851-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
CHR HKU\S-1-5-21-1638003504-3678973619-763609851-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S3 cfbackd; C:\Program Files\CleverFiles\Disk Drill\cfbackd.w32.exe [274432 2019-10-15] (CleverFiles) [File not signed]
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\80.0.3987.18\remoting_host.exe [73200 2019-12-17] (Google LLC -> Google Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [320472 2018-01-02] (Intel(R) pGFX -> Intel Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-24] (Malwarebytes Inc -> Malwarebytes)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2013-09-13] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2015-09-23] (CyberLink Corp. -> CyberLink)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5929920 2020-03-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11446104 2019-04-24] (TeamViewer GmbH -> TeamViewer GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\NisSrv.exe [3294680 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MsMpEng.exe [103168 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 AdobeARMservice; "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" [X]
S2 AGMService; "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe" [X]
S2 AGSService; "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe" [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
R2 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u https://activation.paceap.com/InitiateActivation [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [232792 2020-03-26] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [128024 2017-03-09] (ASUSTeK Computer Inc. -> ASUS Corporation)
R1 dokan1; C:\WINDOWS\System32\DRIVERS\dokan1.sys [104312 2018-08-09] (D3L -> Dokan Project)
S3 GridinSoftInetSecurityDriver; C:\WINDOWS\system32\DRIVERS\gsInetSecurity.sys [107784 2019-11-28] (GridinSoft, LLC -> GridinSoft LLC)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32680 2019-08-07] (ASUSTek Computer Inc. -> ASUS)
R3 m76usb; C:\WINDOWS\System32\drivers\m76usb.sys [563360 2015-06-03] (MEDIATEK INC. -> Ralink Technology Corp.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-03-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 netr28x; C:\WINDOWS\System32\drivers\netr28x.sys [2537984 2019-03-19] (Microsoft Windows -> MediaTek Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_1474122a0ce2f241\nvlddmkm.sys [17544792 2018-03-25] (NVIDIA Corporation -> NVIDIA Corporation)
R0 nvpciflt; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_1474122a0ce2f241\nvpciflt.sys [48480 2018-03-25] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1010648 2000-01-01] (Realtek Semiconductor Corp. -> Realtek )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [33960 2000-01-01] (Synaptics Incorporated -> Synaptics Incorporated)
S3 TrojanKillerDriver; C:\WINDOWS\System32\DRIVERS\gtkdrv.sys [38216 2019-11-28] (GridinSoft, LLC -> GridinSoft LLC)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-03-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [391392 2020-03-25] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59104 2020-03-25] (Microsoft Windows -> Microsoft Corporation)
S3 ALSysIO; \??\C:\Users\kapit\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-26 19:07 - 2020-03-26 19:10 - 000026112 _____ C:\Users\kapit\Desktop\FRST.txt
2020-03-26 19:07 - 2020-03-26 19:09 - 000000000 ____D C:\FRST
2020-03-26 19:06 - 2020-03-26 19:06 - 002279936 _____ (Farbar) C:\Users\kapit\Desktop\FRST64.exe
2020-03-26 19:01 - 2020-03-26 19:01 - 000000000 ____D C:\Users\kapit\Downloads\backups
2020-03-26 00:55 - 2020-03-26 00:55 - 000012213 _____ C:\Users\kapit\Downloads\hijackthis-2
2020-03-26 00:43 - 2020-03-26 00:43 - 000003540 _____ C:\WINDOWS\system32\Tasks\AMHelper
2020-03-26 00:43 - 2020-03-26 00:43 - 000001329 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2020-03-26 00:43 - 2020-03-26 00:43 - 000000000 ____D C:\Users\kapit\AppData\Local\Zemana
2020-03-26 00:43 - 2020-03-26 00:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2020-03-26 00:42 - 2020-03-26 19:08 - 001195558 _____ C:\WINDOWS\ZAM.krnl.trace
2020-03-26 00:42 - 2020-03-26 00:49 - 000000000 ____D C:\Users\kapit\AppData\Local\AMSDK
2020-03-26 00:42 - 2020-03-26 00:42 - 000232792 _____ (Copyright 2018.) C:\WINDOWS\system32\Drivers\amsdk.sys
2020-03-26 00:42 - 2020-03-26 00:42 - 000000000 ____D C:\Program Files (x86)\Zemana
2020-03-26 00:41 - 2020-03-26 00:41 - 012741568 _____ (Zemana Ltd. ) C:\Users\kapit\Desktop\AntiMalware_Setup.exe
2020-03-26 00:38 - 2020-03-26 00:38 - 000022023 _____ C:\Users\kapit\Desktop\zoek-results.txt
2020-03-26 00:33 - 2014-02-13 23:59 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2020-03-25 23:45 - 2020-03-26 00:23 - 000000000 ____D C:\zoek_backup
2020-03-25 23:45 - 2020-03-25 23:45 - 002038755 _____ C:\Users\kapit\Downloads\zoek.exe
2020-03-25 23:39 - 2020-03-25 23:39 - 000004568 _____ C:\Users\kapit\Desktop\RogueKiller-2.txt
2020-03-25 19:24 - 2020-03-25 21:59 - 000214662 _____ C:\WINDOWS\ntbtlog.txt
2020-03-25 19:24 - 2020-03-25 19:24 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2020-03-25 02:04 - 2020-03-25 02:04 - 000004568 _____ C:\Users\kapit\Desktop\RogueKiller - report.txt
2020-03-25 00:15 - 2020-03-25 07:16 - 000000000 ____D C:\ProgramData\RogueKiller
2020-03-25 00:15 - 2020-03-25 00:15 - 037256760 _____ C:\Users\kapit\Desktop\RogueKiller_portable64.exe
2020-03-25 00:13 - 2020-03-25 00:13 - 030240824 _____ C:\Users\kapit\Desktop\RogueKiller_portable32.exe
2020-03-24 23:47 - 2020-03-24 23:47 - 000002775 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2020-03-24 23:47 - 2020-03-24 23:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2020-03-24 23:44 - 2020-03-24 23:46 - 206758184 _____ (Sophos Limited) C:\Users\kapit\Desktop\Sophos Virus Removal Tool.exe
2020-03-24 23:12 - 2020-03-24 23:12 - 000000000 ____D C:\ProgramData\Sophos
2020-03-24 23:11 - 2020-03-24 23:11 - 000002510 _____ C:\Users\kapit\Desktop\new 1
2020-03-24 23:08 - 2020-03-24 23:08 - 000000000 ____D C:\Program Files (x86)\Sophos
2020-03-24 21:54 - 2020-03-24 21:54 - 000000877 _____ C:\Users\kapit\Desktop\JRT.txt
2020-03-24 21:47 - 2020-03-24 21:48 - 001790024 _____ (Malwarebytes) C:\Users\kapit\Desktop\JRT.exe
2020-03-24 20:07 - 2020-03-24 20:07 - 000000000 ____D C:\Users\kapit\AppData\Local\mbam
2020-03-24 20:06 - 2020-03-24 20:06 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-03-24 20:06 - 2020-03-24 20:06 - 000000000 ____D C:\Users\kapit\AppData\Local\mbamtray
2020-03-24 20:06 - 2020-03-24 20:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-03-24 20:06 - 2020-03-24 20:05 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-03-24 20:06 - 2020-03-24 20:05 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-03-24 20:05 - 2020-03-24 20:05 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-03-24 20:05 - 2020-03-24 20:05 - 000000000 ____D C:\Program Files\Malwarebytes
2020-03-24 20:03 - 2020-03-24 20:03 - 001957784 _____ (Malwarebytes) C:\Users\kapit\Desktop\MBSetup.exe
2020-03-24 19:41 - 2020-03-24 19:50 - 000000000 ____D C:\AdwCleaner
2020-03-24 19:39 - 2020-03-24 19:39 - 008199856 _____ (Malwarebytes) C:\Users\kapit\Desktop\AdwCleaner.exe
2020-03-24 19:12 - 2020-03-24 19:12 - 000448512 _____ (OldTimer Tools) C:\Users\kapit\Downloads\TFC.exe
2020-03-24 19:07 - 2020-03-24 19:07 - 000050688 _____ (Atribune.org) C:\Users\kapit\Downloads\ATF-Cleaner.exe
2020-03-24 16:45 - 2020-03-24 16:45 - 000000000 ____D C:\Users\kapit\Downloads\takeout-20151003T123036Z-2
2020-03-24 13:48 - 2020-03-24 13:48 - 001134048 _____ (AVG Technologies) C:\Users\kapit\Downloads\avg_decryptor_Apocalypse.exe
2020-03-24 12:14 - 2020-03-24 12:16 - 000002158 _____ C:\CoinVaultDecryptor.1.0.0.6_24.03.2020_12.14.38_log.txt
2020-03-24 12:14 - 2020-03-24 12:14 - 000002128 _____ C:\WildfireDecryptor.1.0.0.4_24.03.2020_12.14.07_log.txt
2020-03-24 12:13 - 2020-03-24 12:13 - 000002150 _____ C:\ShadeDecryptor.1.1.1.47_24.03.2020_12.13.19_log.txt
2020-03-24 12:10 - 2020-03-24 12:12 - 000002680 _____ C:\RannohDecryptor.1.12.4.13_24.03.2020_12.10.56_log.txt
2020-03-24 12:07 - 2020-03-24 12:10 - 000003362 _____ C:\RakhniDecryptor.1.22.1.0_24.03.2020_12.07.17_log.txt
2020-03-24 11:58 - 2020-03-24 11:58 - 000000000 ____D C:\Users\kapit\Documents\Nová složka
2020-03-24 11:57 - 2020-03-24 12:06 - 000002238 _____ C:\CoinVaultDecryptor.1.0.0.6_24.03.2020_11.57.28_log.txt
2020-03-24 11:54 - 2020-03-24 11:54 - 002815214 _____ C:\Users\kapit\Downloads\WildfireDecryptor.zip
2020-03-24 11:54 - 2020-03-24 11:54 - 001457451 _____ C:\Users\kapit\Downloads\ShadeDecryptor.zip
2020-03-24 11:54 - 2020-03-24 11:54 - 001255089 _____ C:\Users\kapit\Downloads\CoinVaultDecryptor.zip
2020-03-24 11:54 - 2020-03-24 11:54 - 000845224 _____ (Kaspersky Lab AO) C:\Users\kapit\Downloads\xoristdecryptor.exe
2020-03-24 11:54 - 2020-03-24 11:54 - 000789743 _____ C:\Users\kapit\Downloads\rannohdecryptor.zip
2020-03-24 11:53 - 2020-03-24 11:53 - 005411837 _____ C:\Users\kapit\Downloads\RakhniDecryptor.zip
2020-03-24 03:19 - 2020-03-24 03:19 - 000388608 _____ (Trend Micro Inc.) C:\Users\kapit\Downloads\HijackThis.exe
2020-03-23 22:38 - 2020-03-23 22:38 - 000001117 _____ C:\Users\Public\Desktop\GridinSoft Anti-Malware.lnk
2020-03-23 22:37 - 2020-03-26 00:49 - 000000000 ____D C:\Program Files\GridinSoft Anti-Malware
2020-03-23 22:37 - 2020-03-23 22:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft Anti-Malware
2020-03-23 22:37 - 2020-03-23 22:37 - 000000000 ____D C:\ProgramData\GridinSoft
2020-03-23 22:35 - 2020-03-23 22:35 - 000000000 ____D C:\Users\kapit\Downloads\GridinSoft_Anti-Malware_4.1.15.31
2020-03-23 22:05 - 2020-03-23 22:06 - 077778984 _____ C:\Users\kapit\Downloads\GridinSoft_Anti-Malware_4.1.15.31.rar
2020-03-23 22:04 - 2020-03-23 22:05 - 056646911 _____ C:\Users\kapit\Downloads\SpyHunter 4.21.10.4585 Portable by wood.rar
2020-03-23 20:16 - 2020-03-23 20:16 - 001162528 _____ (Emsisoft Ltd.) C:\Users\kapit\Downloads\decrypt_STOPDjvu.exe
2020-03-23 19:31 - 2020-03-23 19:31 - 000001597 _____ C:\Users\kapit\Desktop\Cradle Of Empires.lnk
2020-03-23 19:30 - 2020-03-23 19:30 - 000002656 _____ C:\Users\kapit\Desktop\Word 2016.lnk
2020-03-23 19:29 - 2020-03-23 19:29 - 000001085 _____ C:\Users\kapit\Desktop\Adobe Photoshop CC 2018.lnk
2020-03-23 19:29 - 2020-03-23 19:29 - 000000436 _____ C:\Users\kapit\Desktop\Tento počítač – zástupce.lnk
2020-03-23 19:20 - 2020-03-23 19:20 - 000002301 _____ C:\Users\kapit\Desktop\Google Chrome.lnk
2020-03-23 19:18 - 2020-03-23 19:18 - 000002648 _____ C:\Users\kapit\Desktop\Excel 2016.lnk
2020-03-23 19:15 - 2020-03-23 19:15 - 000001172 _____ C:\Users\kapit\Desktop\PicosmosTools.lnk
2020-03-23 19:14 - 2020-03-23 19:14 - 000002464 _____ C:\Users\kapit\Desktop\Remote Desktop.lnk
2020-03-23 17:09 - 2020-03-23 17:09 - 000000020 ___SH C:\Users\kapit\ntuser.ini
2020-03-22 22:56 - 2020-03-22 22:56 - 000000371 _____ C:\Users\Public\FileRecovery.txt
2020-03-22 22:56 - 2020-03-22 22:56 - 000000371 _____ C:\Users\Public\Downloads\FileRecovery.txt
2020-03-22 22:56 - 2020-03-22 22:56 - 000000371 _____ C:\Users\Public\Documents\FileRecovery.txt
2020-03-22 22:56 - 2020-03-22 22:56 - 000000371 _____ C:\Users\kapit\FileRecovery.txt
2020-03-22 22:56 - 2020-03-22 22:56 - 000000371 _____ C:\Users\kapit\Downloads\FileRecovery.txt
2020-03-22 22:56 - 2020-03-22 22:56 - 000000371 _____ C:\Users\kapit\Documents\FileRecovery.txt
2020-03-22 22:56 - 2020-03-22 22:56 - 000000371 _____ C:\Users\kapit\AppData\LocalLow\FileRecovery.txt
2020-03-22 22:56 - 2020-03-22 22:56 - 000000371 _____ C:\Users\kapit\AppData\Local\FileRecovery.txt
2020-03-22 22:56 - 2020-03-22 22:56 - 000000371 _____ C:\Users\kapit\AppData\Local\Apps\FileRecovery.txt
2020-03-22 22:56 - 2020-03-22 22:56 - 000000371 _____ C:\Users\kapit\AppData\FileRecovery.txt
2020-03-22 00:07 - 2020-03-22 00:07 - 000195328 _____ C:\Users\kapit\AppData\Local\IconCache.db_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000147968 _____ C:\Users\kapit\AppData\Roaming\inst.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000123264 _____ C:\Users\kapit\AppData\Roaming\pcouffin.sys_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000011776 _____ C:\Users\kapit\AppData\Roaming\pcouffin.cat_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000003328 _____ C:\Users\kapit\AppData\Roaming\ID-I .js_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000001792 _____ C:\Users\kapit\AppData\Roaming\pcouffin.inf_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000000128 _____ C:\Users\kapit\AppData\Roaming\pcouffin.log_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000000128 _____ C:\Users\kapit\AppData\Local\resmon.resmoncfg_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000000000 _____ C:\Users\kapit\AppData\Roaming\01.js_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000000000 _____ C:\Users\kapit\AppData\Local\oobelibMkey.log_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:30 - 2020-03-21 23:30 - 000000512 _____ C:\Users\Public\Documents\desktop.ini_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:30 - 2020-03-21 23:30 - 000000384 _____ C:\Users\Public\Downloads\desktop.ini_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 001479296 _____ C:\Users\kapit\Downloads\youtube-downloader_setup_full235.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 001470976 _____ C:\Users\kapit\Downloads\mobilego_setup_full818.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 001453824 _____ C:\Users\kapit\Downloads\Realterm_2.0.0.70_setup.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 001277696 _____ C:\Users\kapit\Downloads\slimdrivers-setup.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 000867072 _____ C:\Users\kapit\Downloads\Zivotni_pojisteni_049240251_93900382.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 000362624 _____ C:\Users\kapit\Downloads\Firefox Setup Stub 49.0.2.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 000360832 _____ C:\Users\kapit\Downloads\Firefox_44.0.2.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 000327936 _____ C:\Users\kapit\Downloads\Informační list.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 000305408 _____ C:\Users\kapit\Downloads\TypeApp-Desktop-Installer.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 000278400 _____ C:\Users\kapit\Downloads\slevomat-cz-voucher-zamecky-wellness-pobyt-v-krasnem-chateau-kynsperk-9057887460K-735.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 000273920 _____ C:\Users\kapit\Downloads\dp105-3m-scotch-weld-technicky-list-cz.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 000263424 _____ C:\Users\kapit\Downloads\Ticketpro-eTicket-6213395.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 000125952 _____ C:\Users\kapit\Downloads\MSJR1_3-D_S Controller Operation Manual.docx_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 000090624 _____ C:\Users\kapit\Downloads\zadost_o_vraceni_ridicskeho_opravneni.doc_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 000024704 _____ C:\Users\kapit\Downloads\Stáhnout z Facebook _.html_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 000011520 _____ C:\Users\kapit\Downloads\Zadost-o-upusteni-od-vykonu-zbytku-trestu-zakazu-cinnosti.docx_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 000000512 _____ C:\Users\kapit\Downloads\desktop.ini_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2020-03-21 23:15 - 001540864 _____ C:\Users\kapit\Documents\IMG_20190828_0001.jpg_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2020-03-21 23:15 - 001515904 _____ C:\Users\kapit\Documents\IMG_20190828_0003.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2020-03-21 23:15 - 001136256 _____ C:\Users\kapit\Documents\IMG_20190703_0006.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2020-03-21 23:15 - 000992256 _____ C:\Users\kapit\Documents\IMG_20190703_0007.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2020-03-21 23:15 - 000974208 _____ C:\Users\kapit\Documents\IMG_20190828_0002.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2020-03-21 23:15 - 000439552 _____ C:\Users\kapit\Documents\IMG_20190703_0004.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2020-03-21 23:15 - 000438016 _____ C:\Users\kapit\Documents\IMG_20190703_0001.jpg_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2020-03-21 23:15 - 000390016 _____ C:\Users\kapit\Documents\IMG_20190703_0002.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2020-03-21 23:15 - 000236032 _____ C:\Users\kapit\Documents\IMG_20190703_0003.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2020-03-21 23:15 - 000198528 _____ C:\Users\kapit\Documents\IMG_20190703_0005.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2020-03-21 23:15 - 000168832 _____ C:\Users\kapit\Documents\Fotokniha.pbf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2020-03-21 23:15 - 000019712 _____ C:\Users\kapit\Documents\Zadost-o-upusteni-od-vykonu-zbytku-trestu-zakazu-cinnosti - Smitka.docx_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2020-03-21 23:15 - 000019328 _____ C:\Users\kapit\Documents\seznam dvd (inzerce).docx_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2020-03-21 23:15 - 000003456 _____ C:\Users\kapit\Desktop\WhatsApp.lnk_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2020-03-21 23:15 - 000000640 _____ C:\Users\kapit\Documents\desktop.ini_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2020-03-21 23:15 - 000000000 _____ C:\Users\kapit\AppData\viva.js_ID_1447932999_krastoken@gmail.com.google
2020-03-21 22:14 - 2020-03-21 22:14 - 000251904 _____ C:\Users\kapit\oorwiz4r.dll_ID_1447932999_krastoken@gmail.com.google
2020-03-21 22:14 - 2020-03-21 22:14 - 000002688 _____ C:\Users\kapit\readme.txt_ID_1447932999_krastoken@gmail.com.google
2020-03-21 22:14 - 2020-03-21 22:14 - 000000384 _____ C:\Users\Public\desktop.ini_ID_1447932999_krastoken@gmail.com.google
2020-03-21 22:14 - 2020-03-21 22:14 - 000000128 _____ C:\Users\kapit\ntuser.ini_ID_1447932999_krastoken@gmail.com.google
2020-03-21 21:03 - 2020-03-21 21:03 - 000000000 _____ C:\ProgramData\DP45977C.lfl_ID_1447932999_krastoken@gmail.com.google
2020-03-21 01:32 - 2020-03-21 01:32 - 000000000 ____D C:\Users\Default\AppData\Local\Google
2020-03-21 01:32 - 2020-03-21 01:32 - 000000000 ____D C:\Users\Default User\AppData\Local\Google
2020-03-20 13:31 - 2020-03-21 23:16 - 002508317 _____ C:\Users\kapit\Downloads\mp3gain-win-full-1_3_4.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-20 13:31 - 2020-03-20 13:54 - 000000000 ____D C:\Program Files (x86)\MP3Gain
2020-03-20 13:31 - 2020-03-20 13:31 - 000000000 ____D C:\Users\kapit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MP3Gain
2020-03-20 01:31 - 2020-03-20 01:31 - 000002531 _____ C:\Users\Public\Desktop\Disk Drill.lnk
2020-03-20 01:31 - 2020-03-20 01:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CleverFiles Disk Drill (x64)
2020-03-20 01:31 - 2020-03-20 01:31 - 000000000 ____D C:\Program Files\Dokan
2020-03-20 01:31 - 2020-03-20 01:31 - 000000000 ____D C:\Program Files\CleverFiles
2020-03-20 01:31 - 2018-08-09 07:54 - 000104312 _____ (Dokan Project) C:\WINDOWS\system32\Drivers\dokan1.sys
2020-03-20 01:28 - 2020-03-22 22:56 - 000000000 ____D C:\Users\kapit\Downloads\Disk Drill Pro 4.0.487.0
2020-03-20 01:27 - 2020-03-22 22:56 - 000000000 ____D C:\Users\kapit\Downloads\Disk Drill 4.0.499.0
2020-03-20 01:25 - 2020-03-22 22:56 - 000000000 ____D C:\Users\kapit\Downloads\Disk Drill Professional 4.0.514.0
2020-03-20 01:23 - 2020-03-22 22:56 - 000000000 ____D C:\Users\kapit\Downloads\Disk Drill Professional 4.0.513.0
2020-03-18 16:11 - 2020-03-22 22:57 - 000000000 ____D C:\Users\kapit\AppData\Local\Apps\Remote Desktop
2020-03-18 16:11 - 2020-03-22 22:56 - 000000000 ____D C:\Users\kapit\AppData\Local\rdclientwpf
2020-03-18 16:11 - 2020-03-18 16:11 - 000002464 _____ C:\Users\kapit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Remote Desktop.lnk
2020-03-18 16:10 - 2020-03-21 23:16 - 016723968 _____ C:\Users\kapit\Downloads\RemoteDesktop_1.2.675.0_x64.msi_ID_1447932999_krastoken@gmail.com.google
2020-03-18 12:01 - 2020-03-21 23:15 - 004690069 _____ C:\Users\kapit\Documents\Nový svazek (D) března-18 12_01.ddwscan_ID_1447932999_krastoken@gmail.com.google
2020-03-17 17:48 - 2020-03-22 22:56 - 000000000 ____D C:\ProgramData\CleverFiles
2020-03-17 17:46 - 2020-03-22 22:56 - 000000000 ____D C:\Users\kapit\AppData\Local\DiskDrill
2020-03-17 15:01 - 2020-03-22 00:07 - 003704888 _____ C:\Users\kapit\AppData\Roaming\signed.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-13 01:01 - 2020-03-13 01:01 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-03-13 01:01 - 2020-03-13 01:01 - 009930552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-03-13 01:01 - 2020-03-13 01:01 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-03-13 01:01 - 2020-03-13 01:01 - 006520776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-03-13 01:01 - 2020-03-13 01:01 - 004563416 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-03-13 01:01 - 2020-03-13 01:01 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-03-13 01:01 - 2020-03-13 01:01 - 001398584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-03-13 01:01 - 2020-03-13 01:01 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-03-13 01:01 - 2020-03-13 01:01 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-03-13 01:01 - 2020-03-13 01:01 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-03-13 01:01 - 2020-03-13 01:01 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-03-12 22:43 - 2020-03-22 22:56 - 000000000 ____D C:\ProgramData\TEMP
2020-03-12 22:42 - 2009-02-12 15:11 - 000026024 _____ (EldoS Corporation) C:\WINDOWS\system32\Drivers\rsdrvx64.sys
2020-03-12 22:28 - 2020-03-22 22:56 - 000000000 ____D C:\Users\kapit\Desktop\TEMP
2020-03-12 22:23 - 2020-03-22 22:56 - 000000000 ____D C:\Users\kapit\TEMP
2020-03-11 08:46 - 2020-03-11 08:46 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 019812352 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 018027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 011607552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 009711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 006285312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 005911040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 004348408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 004129648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 003819520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 003488768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 003243296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 002956688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-03-11 08:46 - 2020-03-11 08:46 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 002315680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 002224952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 002180408 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 002072664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll

[nandigo]

díl 3.

2020-03-11 08:46 - 2020-03-11 08:46 - 002031104 _____ C:\WINDOWS\system32\rdpnano.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 001867816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 001835128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 001770552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 001555904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 001490640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 001417976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 001282944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 001273856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 001108040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 001080832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 001000960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 000757632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 000739328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscsvc.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbc32.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\csc.sys
2020-03-11 08:46 - 2020-03-11 08:46 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 000510768 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2020-03-11 08:46 - 2020-03-11 08:46 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 000287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacEncoder.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacEncoder.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddpchunk.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 000145208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CscMig.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-03-11 08:46 - 2020-03-11 08:46 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 000042296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2020-03-11 08:46 - 2020-03-11 08:46 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-03-11 08:46 - 2020-03-11 08:46 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2020-03-11 08:46 - 2020-03-11 08:46 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-03-11 08:46 - 2020-03-11 08:46 - 000019768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2020-03-11 08:45 - 2020-03-11 08:45 - 025900544 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 022635008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 007755776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 007259648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 006084344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 005112832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 004855808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 004580352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 003971808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-03-11 08:45 - 2020-03-11 08:45 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 002875904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-03-11 08:45 - 2020-03-11 08:45 - 002773568 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-03-11 08:45 - 2020-03-11 08:45 - 002740736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directml.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 002584008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 002307584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 002259872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 002021888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 001985104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 001729024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 001688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 001684992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 001665416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 001484600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 001413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 001412096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 001284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 001283600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-03-11 08:45 - 2020-03-11 08:45 - 001264128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 001218632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2020-03-11 08:45 - 2020-03-11 08:45 - 001190912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 001088000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 001054376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 001031680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 001007672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000935040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2020-03-11 08:45 - 2020-03-11 08:45 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000892696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-03-11 08:45 - 2020-03-11 08:45 - 000776488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000769552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000734720 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetup.exe
2020-03-11 08:45 - 2020-03-11 08:45 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbc32.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-03-11 08:45 - 2020-03-11 08:45 - 000669496 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000668296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000627216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000551824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxs.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000526848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000478792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2020-03-11 08:45 - 2020-03-11 08:45 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-03-11 08:45 - 2020-03-11 08:45 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-03-11 08:45 - 2020-03-11 08:45 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-03-11 08:45 - 2020-03-11 08:45 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2020-03-11 08:45 - 2020-03-11 08:45 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcomapi.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000213984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-03-11 08:45 - 2020-03-11 08:45 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
2020-03-11 08:45 - 2020-03-11 08:45 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-03-11 08:45 - 2020-03-11 08:45 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2020-03-11 08:45 - 2020-03-11 08:45 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2020-03-11 08:45 - 2020-03-11 08:45 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtm.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeHelper.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000165504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000164776 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtm.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2020-03-11 08:45 - 2020-03-11 08:45 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-03-11 08:45 - 2020-03-11 08:45 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceMetadataRetrievalClient.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnpclean.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000136328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\omadmapi.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2020-03-11 08:45 - 2020-03-11 08:45 - 000133944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000130112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000120560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2020-03-11 08:45 - 2020-03-11 08:45 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GraphicsCapture.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000105832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2020-03-11 08:45 - 2020-03-11 08:45 - 000102760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profapi.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000089568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2020-03-11 08:45 - 2020-03-11 08:45 - 000068408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceReactivation.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmRes.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstUI.exe
2020-03-11 08:45 - 2020-03-11 08:45 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmapi.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000042336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-03-11 08:45 - 2020-03-11 08:45 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afunix.sys
2020-03-11 08:45 - 2020-03-11 08:45 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmtask.exe
2020-03-11 08:45 - 2020-03-11 08:45 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmprovhost.exe
2020-03-11 08:45 - 2020-03-11 08:45 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2020-03-11 08:45 - 2020-03-11 08:45 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-03-11 08:45 - 2020-03-11 08:45 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxstrace.exe
2020-03-11 08:45 - 2020-03-11 08:45 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Drivers\afunix.sys
2020-03-11 08:45 - 2020-03-11 08:45 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msauserext.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msauserext.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MUILanguageCleanup.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LangCleanupSysprepAction.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmplpxy.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtprio.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchTM.exe
2020-03-11 08:45 - 2020-03-11 08:45 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetupproxyserv.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtprio.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCertResources.dll
2020-03-11 08:45 - 2020-03-11 08:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-03-11 08:45 - 2020-03-11 08:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-03-11 08:45 - 2020-03-11 08:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-03-11 08:45 - 2020-03-11 08:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-03-11 08:45 - 2020-03-11 08:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-03-11 08:45 - 2020-03-11 08:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-03-11 08:45 - 2020-03-11 08:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-03-11 08:45 - 2020-03-11 08:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-03-11 08:45 - 2020-03-11 08:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-03-11 08:45 - 2020-03-11 08:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-03-11 08:45 - 2020-03-11 08:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-03-11 08:45 - 2020-03-11 08:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-03-11 08:44 - 2020-03-11 08:44 - 007905784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 006436352 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 006168064 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 004622280 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-03-11 08:44 - 2020-03-11 08:44 - 004471296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 004140544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 004048896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 003799552 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 003728896 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-03-11 08:44 - 2020-03-11 08:44 - 003708928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 003587896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-03-11 08:44 - 2020-03-11 08:44 - 003552768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 003371720 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 003260928 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 003143168 _____ (Microsoft Corporation) C:\WINDOWS\system32\directml.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-03-11 08:44 - 2020-03-11 08:44 - 002870272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 002808832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 002768440 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 002715648 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-03-11 08:44 - 2020-03-11 08:44 - 002698040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-03-11 08:44 - 2020-03-11 08:44 - 002522112 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 002474496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 002453504 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 002289152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 002157056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 002087376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 001999952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 001972536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2020-03-11 08:44 - 2020-03-11 08:44 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 001823232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 001764336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-03-11 08:44 - 2020-03-11 08:44 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 001657120 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 001609216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 001581056 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 001513040 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-03-11 08:44 - 2020-03-11 08:44 - 001482040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-03-11 08:44 - 2020-03-11 08:44 - 001481216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 001480192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-03-11 08:44 - 2020-03-11 08:44 - 001396152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 001394168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-03-11 08:44 - 2020-03-11 08:44 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 001260480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-03-11 08:44 - 2020-03-11 08:44 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-03-11 08:44 - 2020-03-11 08:44 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 001083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 001071184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2020-03-11 08:44 - 2020-03-11 08:44 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 001027000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2020-03-11 08:44 - 2020-03-11 08:44 - 000983896 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000945384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000929144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-03-11 08:44 - 2020-03-11 08:44 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000908504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000877232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-03-11 08:44 - 2020-03-11 08:44 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-03-11 08:44 - 2020-03-11 08:44 - 000845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2020-03-11 08:44 - 2020-03-11 08:44 - 000838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000833616 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000802304 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000796904 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000782848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000741392 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-03-11 08:44 - 2020-03-11 08:44 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000642216 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000636848 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxs.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000605896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-03-11 08:44 - 2020-03-11 08:44 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-03-11 08:44 - 2020-03-11 08:44 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-03-11 08:44 - 2020-03-11 08:44 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000522384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-03-11 08:44 - 2020-03-11 08:44 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-03-11 08:44 - 2020-03-11 08:44 - 000460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2020-03-11 08:44 - 2020-03-11 08:44 - 000459688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-03-11 08:44 - 2020-03-11 08:44 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-03-11 08:44 - 2020-03-11 08:44 - 000457016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-03-11 08:44 - 2020-03-11 08:44 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-03-11 08:44 - 2020-03-11 08:44 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000429880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2020-03-11 08:44 - 2020-03-11 08:44 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-03-11 08:44 - 2020-03-11 08:44 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000320312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2020-03-11 08:44 - 2020-03-11 08:44 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountCloudAP.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000260920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2020-03-11 08:44 - 2020-03-11 08:44 - 000259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000248064 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-03-11 08:44 - 2020-03-11 08:44 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000234984 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000221200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-03-11 08:44 - 2020-03-11 08:44 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000201744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2020-03-11 08:44 - 2020-03-11 08:44 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000146712 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\GraphicsCapture.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\profapi.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000128312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2020-03-11 08:44 - 2020-03-11 08:44 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000120048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2020-03-11 08:44 - 2020-03-11 08:44 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Taskbar.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000107832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000098104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2020-03-11 08:44 - 2020-03-11 08:44 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000089616 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-03-11 08:44 - 2020-03-11 08:44 - 000066336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlrmdr.exe
2020-03-11 08:44 - 2020-03-11 08:44 - 000063288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-03-11 08:44 - 2020-03-11 08:44 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmRes.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAProfileNotificationHandler.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmprovhost.exe
2020-03-11 08:44 - 2020-03-11 08:44 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-03-11 08:44 - 2020-03-11 08:44 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2020-03-11 08:44 - 2020-03-11 08:44 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxstrace.exe
2020-03-11 08:44 - 2020-03-11 08:44 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wci.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpnotify.exe
2020-03-11 08:44 - 2020-03-11 08:44 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmplpxy.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2020-03-11 08:44 - 2020-03-11 08:44 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchTM.exe
2020-03-11 08:44 - 2020-03-11 08:44 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-03-11 08:44 - 2020-03-11 08:44 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2020-03-11 08:43 - 2020-03-11 08:43 - 003977216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2020-03-11 08:43 - 2020-03-11 08:43 - 001762304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-03-11 08:43 - 2020-03-11 08:43 - 001428992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2020-03-11 08:43 - 2020-03-11 08:43 - 001180160 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-03-11 08:43 - 2020-03-11 08:43 - 001092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2020-03-11 08:43 - 2020-03-11 08:43 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2020-03-11 08:43 - 2020-03-11 08:43 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-03-11 08:43 - 2020-03-11 08:43 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2020-03-11 08:43 - 2020-03-11 08:43 - 000637240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-03-11 08:43 - 2020-03-11 08:43 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2020-03-11 08:43 - 2020-03-11 08:43 - 000531768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2020-03-11 08:43 - 2020-03-11 08:43 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-03-11 08:43 - 2020-03-11 08:43 - 000355000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2020-03-11 08:43 - 2020-03-11 08:43 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Acx01000.sys
2020-03-11 08:43 - 2020-03-11 08:43 - 000306696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2020-03-11 08:43 - 2020-03-11 08:43 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-03-11 08:43 - 2020-03-11 08:43 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-03-11 08:43 - 2020-03-11 08:43 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-03-11 08:43 - 2020-03-11 08:43 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-03-11 08:43 - 2020-03-11 08:43 - 000254776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2020-03-11 08:43 - 2020-03-11 08:43 - 000250896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2020-03-11 08:43 - 2020-03-11 08:43 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-03-11 08:43 - 2020-03-11 08:43 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-03-11 08:43 - 2020-03-11 08:43 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-03-11 08:43 - 2020-03-11 08:43 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2020-03-11 08:43 - 2020-03-11 08:43 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthA2dp.sys
2020-03-11 08:43 - 2020-03-11 08:43 - 000224056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2020-03-11 08:43 - 2020-03-11 08:43 - 000222520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
2020-03-11 08:43 - 2020-03-11 08:43 - 000208696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2020-03-11 08:43 - 2020-03-11 08:43 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2020-03-11 08:43 - 2020-03-11 08:43 - 000199992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2020-03-11 08:43 - 2020-03-11 08:43 - 000183608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2020-03-11 08:43 - 2020-03-11 08:43 - 000180232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2020-03-11 08:43 - 2020-03-11 08:43 - 000174392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2020-03-11 08:43 - 2020-03-11 08:43 - 000151568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2020-03-11 08:43 - 2020-03-11 08:43 - 000141840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2020-03-11 08:43 - 2020-03-11 08:43 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2020-03-11 08:43 - 2020-03-11 08:43 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2020-03-11 08:43 - 2020-03-11 08:43 - 000131896 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandler.exe
2020-03-11 08:43 - 2020-03-11 08:43 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-03-11 08:43 - 2020-03-11 08:43 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2020-03-11 08:43 - 2020-03-11 08:43 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2020-03-11 08:43 - 2020-03-11 08:43 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-03-11 08:43 - 2020-03-11 08:43 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-03-11 08:43 - 2020-03-11 08:43 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssecuser.dll
2020-03-11 08:43 - 2020-03-11 08:43 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2020-03-11 08:43 - 2020-03-11 08:43 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-03-11 08:43 - 2020-03-11 08:43 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-03-11 08:43 - 2020-03-11 08:43 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-03-11 08:43 - 2020-03-11 08:43 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-03-11 08:43 - 2020-03-11 08:43 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll

[nandigo]

díl 4.
2020-03-11 08:43 - 2020-03-11 08:43 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-03-11 08:43 - 2020-03-11 08:43 - 000069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys
2020-03-11 08:43 - 2020-03-11 08:43 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2020-03-11 08:43 - 2020-03-11 08:43 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-03-11 08:43 - 2020-03-11 08:43 - 000056632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciidex.sys
2020-03-11 08:43 - 2020-03-11 08:43 - 000048256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
2020-03-11 08:43 - 2020-03-11 08:43 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS
2020-03-11 08:43 - 2020-03-11 08:43 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-03-11 08:43 - 2020-03-11 08:43 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-03-11 08:43 - 2020-03-11 08:43 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-03-11 08:43 - 2020-03-11 08:43 - 000030008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\atapi.sys
2020-03-11 08:43 - 2020-03-11 08:43 - 000029712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tbs.sys
2020-03-11 08:43 - 2020-03-11 08:43 - 000028936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
2020-03-11 08:43 - 2020-03-11 08:43 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2020-03-11 08:43 - 2020-03-11 08:43 - 000019984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelide.sys
2020-03-11 08:43 - 2020-03-11 08:43 - 000016912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciide.sys
2020-03-11 08:43 - 2020-03-11 08:43 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll
2020-03-11 08:43 - 2020-03-11 08:43 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUserRes.dll
2020-03-11 08:23 - 2020-02-11 05:48 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-03-11 08:23 - 2020-02-11 05:37 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-03-09 22:29 - 2020-03-22 22:56 - 000000000 ____D C:\Users\kapit\AppData\LocalLow\3098htrhpen8ifg0
2020-03-09 18:10 - 2020-03-22 22:56 - 000000000 ____D C:\Users\kapit\Downloads\Matěj obnova
2020-03-09 17:52 - 2020-03-22 22:56 - 000000000 ____D C:\ProgramData\Newfol
2020-03-09 17:52 - 2020-03-09 17:52 - 000000000 ____D C:\Program Files (x86)\SHAREit
2020-03-08 13:34 - 2020-03-22 22:56 - 000000000 ____D C:\Users\kapit\AppData\Roaming\QtProject
2020-03-08 13:17 - 2020-03-21 23:16 - 005562976 _____ C:\Users\kapit\Downloads\rcsetup153.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-08 12:20 - 2020-03-22 22:56 - 000000000 ____D C:\ProgramData\newrestore
2020-03-08 12:19 - 2020-03-22 22:56 - 000000000 ____D C:\ProgramData\converthfs
2020-03-08 12:16 - 2020-03-22 22:56 - 000000000 ____D C:\ProgramData\deletepart
2020-03-08 12:14 - 2020-03-22 22:56 - 000000000 ____D C:\ProgramData\ftw
2020-03-08 12:13 - 2020-03-22 22:56 - 000000000 ____D C:\ProgramData\launcher
2020-03-07 17:49 - 2020-03-07 17:49 - 000000000 ____D C:\Users\kapit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Undelete Company
2020-03-07 17:49 - 2020-03-07 17:49 - 000000000 ____D C:\Program Files (x86)\The Undelete Company
2020-03-07 17:48 - 2020-03-22 22:56 - 000000000 ____D C:\Users\kapit\Downloads\HDD recovery pro 4.1
2020-03-07 17:40 - 2020-03-22 22:56 - 000000000 ____D C:\Users\kapit\AppData\Local\Downloaded Installations
2020-03-07 17:27 - 2020-03-22 22:56 - 000000000 ____D C:\ProgramData\SystemAcCrux
2020-03-07 17:26 - 2020-03-09 21:54 - 000000000 ____D C:\Program Files (x86)\EaseUS
2020-03-07 17:13 - 2020-03-22 22:56 - 000000000 ____D C:\Users\kapit\Downloads\testdisk-7.2-WIP.win
2020-03-05 18:26 - 2020-03-21 23:16 - 001136200 _____ C:\Users\kapit\Downloads\CZ -UNU7300.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-05 18:00 - 2020-03-21 23:16 - 006847011 _____ C:\Users\kapit\Downloads\Návod k použití CZ (1).pdf_ID_1447932999_krastoken@gmail.com.google

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-26 18:53 - 2019-08-01 12:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-03-26 11:18 - 2018-07-01 15:28 - 000000000 ____D C:\Users\kapit\AppData\Roaming\vlc
2020-03-26 06:34 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-03-26 02:00 - 2017-12-04 01:03 - 000000000 ____D C:\Users\kapit\AppData\Local\Adobe
2020-03-26 00:37 - 2017-12-03 22:26 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2020-03-26 00:36 - 2017-12-03 22:34 - 000000000 __SHD C:\Users\kapit\IntelGraphicsProfiles
2020-03-26 00:35 - 2018-06-24 20:59 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-03-26 00:35 - 2017-12-03 22:49 - 000000000 ____D C:\ProgramData\NVIDIA
2020-03-26 00:34 - 2019-08-01 13:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-03-26 00:34 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-03-26 00:23 - 2019-08-01 12:56 - 000000000 ____D C:\Users\kapit
2020-03-25 23:01 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-03-25 23:01 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-03-25 22:08 - 2019-10-04 01:28 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-03-25 07:54 - 2019-10-04 01:28 - 000003518 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2020-03-25 01:59 - 2018-01-23 16:06 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-03-24 20:06 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-03-24 01:24 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2020-03-24 01:23 - 2019-12-26 19:41 - 000000000 ____D C:\Users\kapit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2020-03-24 01:19 - 2017-12-05 19:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2020-03-24 01:19 - 2017-12-05 19:45 - 000000000 ____D C:\Program Files\Revo Uninstaller Pro
2020-03-24 01:18 - 2019-04-18 22:57 - 000000000 ____D C:\Program Files (x86)\PicosmosTools
2020-03-24 01:18 - 2018-07-23 10:40 - 000000000 ____D C:\Program Files (x86)\FormatFactory
2020-03-23 22:35 - 2017-12-03 23:38 - 000000000 ____D C:\Users\kapit\AppData\Roaming\WinRAR
2020-03-23 20:02 - 2019-08-01 13:22 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-03-23 20:01 - 2018-11-16 08:38 - 000000000 ____D C:\Users\kapit\AppData\Roaming\Winamp
2020-03-23 19:46 - 2020-02-24 23:16 - 000000000 ____D C:\Users\kapit\AppData\Roaming\Notepad++
2020-03-23 19:28 - 2018-06-01 17:30 - 000000000 ____D C:\ProgramData\VSO
2020-03-23 19:16 - 2019-04-18 18:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Commander
2020-03-23 17:24 - 2019-10-02 21:10 - 000000000 ____D C:\Users\kapit\AppData\Roaming\Marine Aquarium 3
2020-03-23 17:09 - 2017-12-03 22:26 - 000000000 ____D C:\Users\kapit\AppData\Local\ConnectedDevicesPlatform
2020-03-23 16:12 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\registration
2020-03-23 15:48 - 2020-02-21 11:09 - 000000000 ___HD C:\Users\kapit\Documents\.tmp.drivedownload
2020-03-22 22:56 - 2020-02-23 16:03 - 000000000 ____D C:\Users\kapit\AppData\Roaming\mgyun
2020-03-22 22:56 - 2020-02-23 14:34 - 000000000 ____D C:\Users\kapit\AppData\Local\Trolltech
2020-03-22 22:56 - 2020-02-23 14:34 - 000000000 ____D C:\ProgramData\SP_FT_Logs
2020-03-22 22:56 - 2020-02-23 14:14 - 000000000 ____D C:\Users\kapit\Downloads\Lenovo
2020-03-22 22:56 - 2020-02-12 18:27 - 000000000 ____D C:\adb
2020-03-22 22:56 - 2020-02-12 18:06 - 000000000 ____D C:\Users\kapit\Downloads\xiaomi
2020-03-22 22:56 - 2020-02-11 21:00 - 000000000 ____D C:\Users\kapit\Downloads\miflash_unlock-en-3.5.1128.45
2020-03-22 22:56 - 2020-02-11 20:52 - 000000000 ____D C:\Users\kapit\AppData\Roaming\Xiaomi
2020-03-22 22:56 - 2020-02-11 20:51 - 000000000 ____D C:\Users\kapit\Downloads\miflash_unlock-en-3.5.1108.44
2020-03-22 22:56 - 2020-02-09 17:52 - 000000000 ____D C:\Users\kapit\AppData\Local\SniperElite4
2020-03-22 22:56 - 2020-02-09 17:51 - 000000000 ____D C:\ProgramData\Sniper Elite 4
2020-03-22 22:56 - 2020-01-31 21:05 - 000000000 ____D C:\Users\kapit\AppData\Roaming\PDF Writer
2020-03-22 22:56 - 2020-01-31 21:05 - 000000000 ____D C:\ProgramData\PDF Writer
2020-03-22 22:56 - 2020-01-30 18:36 - 000000000 ___HD C:\ProgramData\CanonIJMIG
2020-03-22 22:56 - 2020-01-30 18:25 - 000000000 ___HD C:\ProgramData\CanonBJ
2020-03-22 22:56 - 2019-12-26 19:42 - 000000000 ____D C:\Users\kapit\Documents\Picosmos
2020-03-22 22:56 - 2019-12-26 19:36 - 000000000 ____D C:\Users\kapit\Downloads\FormatFactory2019_12_26
2020-03-22 22:56 - 2019-09-19 20:58 - 000000000 ___HD C:\ProgramData\CanonIJETV
2020-03-22 22:56 - 2019-08-01 15:11 - 000000000 ____D C:\Users\kapit\AppData\Local\OneDrive
2020-03-22 22:56 - 2019-08-01 15:09 - 000000000 ___RD C:\Users\kapit\OneDrive
2020-03-22 22:56 - 2019-08-01 12:48 - 000000000 ____D C:\ProgramData\USOShared
2020-03-22 22:56 - 2019-07-21 13:11 - 000000000 ____D C:\ProgramData\PACE
2020-03-22 22:56 - 2019-07-19 20:35 - 000000000 ____D C:\ProgramData\Apple
2020-03-22 22:56 - 2019-07-19 20:33 - 000000000 ____D C:\Users\kapit\Downloads\MixMeisterFusion_Win_77
2020-03-22 22:56 - 2019-07-19 20:21 - 000000000 ____D C:\Users\kapit\AppData\Local\D3DSCache
2020-03-22 22:56 - 2019-07-19 20:18 - 000000000 ____D C:\Users\kapit\Documents\Audacity
2020-03-22 22:56 - 2019-07-19 20:18 - 000000000 ____D C:\Users\kapit\AppData\Roaming\audacity
2020-03-22 22:56 - 2019-07-19 20:18 - 000000000 ____D C:\Users\kapit\AppData\Local\Audacity
2020-03-22 22:56 - 2019-07-19 20:05 - 000000000 ____D C:\Users\kapit\Documents\FormatFactory
2020-03-22 22:56 - 2019-07-19 18:46 - 000000000 ____D C:\Users\kapit\Downloads\FormatFactory2019_07_19
2020-03-22 22:56 - 2019-07-03 22:56 - 000000000 ____D C:\Users\kapit\AppData\LocalLow\Temp
2020-03-22 22:56 - 2019-06-22 23:11 - 000000000 ____D C:\Users\kapit\AppData\Roaming\dvdcss
2020-03-22 22:56 - 2019-04-18 18:59 - 000000000 ____D C:\Users\kapit\AppData\Roaming\GHISLER
2020-03-22 22:56 - 2019-04-18 18:59 - 000000000 ____D C:\Users\kapit\AppData\Local\GHISLER
2020-03-22 22:56 - 2019-04-18 18:59 - 000000000 ____D C:\totalcmd
2020-03-22 22:56 - 2019-04-18 18:53 - 000000000 ____D C:\Users\kapit\Documents\NPS
2020-03-22 22:56 - 2019-04-18 18:48 - 000000000 ____D C:\Users\kapit\Documents\Samsung
2020-03-22 22:56 - 2019-04-18 18:48 - 000000000 ____D C:\Users\kapit\Documents\My NPS Files
2020-03-22 22:56 - 2019-04-18 18:25 - 000000000 ____D C:\Users\kapit\Downloads\Wondershare Dr.Fone for Android 5.5.0 Final + Serials {B4tman}
2020-03-22 22:56 - 2019-04-15 16:19 - 000000000 ___HD C:\ProgramData\CanonIJEPPEX2
2020-03-22 22:56 - 2019-04-15 16:19 - 000000000 ___HD C:\ProgramData\CanonEPP
2020-03-22 22:56 - 2019-03-19 05:52 - 000000000 __RHD C:\Users\Public\Libraries
2020-03-22 22:56 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2020-03-22 22:56 - 2019-03-01 19:38 - 000000000 ____D C:\FFOutput
2020-03-22 22:56 - 2019-02-07 13:00 - 000000000 ____D C:\Users\kapit\.gnutls
2020-03-22 22:56 - 2019-01-14 15:34 - 000000000 ____D C:\Users\kapit\AppData\Local\typeapp-updater
2020-03-22 22:56 - 2019-01-04 13:55 - 000000000 ____D C:\Users\kapit\Downloads\Microsoft Office 2016 CZ 32 a 64bit FUNKČNÍ !!!
2020-03-22 22:56 - 2018-12-05 23:02 - 000000000 ____D C:\Users\kapit\Downloads\Sniper Ghost Warrior 2 CZ + CRACK
2020-03-22 22:56 - 2018-11-15 10:54 - 000000000 ____D C:\ProgramData\Bitstream
2020-03-22 22:56 - 2018-11-13 21:11 - 000000000 ____D C:\Users\kapit\AppData\Roaming\NVIDIA
2020-03-22 22:56 - 2018-11-13 21:10 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2020-03-22 22:56 - 2018-11-13 21:04 - 000000000 ____D C:\Users\kapit\Documents\Adobe
2020-03-22 22:56 - 2018-11-13 20:45 - 000000000 ____D C:\Users\kapit\Downloads\Adobe Photoshop CC 2018 CZ (v19.1) (64bit) + Crack [Kedar_CZ]
2020-03-22 22:56 - 2018-11-12 21:36 - 000000000 ____D C:\Users\kapit\Documents\Moje palety
2020-03-22 22:56 - 2018-11-12 21:23 - 000000000 ____D C:\Users\kapit\Documents\Corel
2020-03-22 22:56 - 2018-11-12 21:21 - 000000000 ____D C:\Users\kapit\AppData\Roaming\Corel
2020-03-22 22:56 - 2018-11-12 21:21 - 000000000 ____D C:\ProgramData\Protexis64
2020-03-22 22:56 - 2018-11-12 20:55 - 000000000 ____D C:\Users\Public\Documents\Corel
2020-03-22 22:56 - 2018-11-12 20:53 - 000000000 ____D C:\ProgramData\Corel
2020-03-22 22:56 - 2018-11-12 20:49 - 000000000 ____D C:\ProgramData\CorelDRAW Graphics Suite X7 x64
2020-03-22 22:56 - 2018-11-12 20:46 - 000000000 ____D C:\Users\kapit\Downloads\Corel Draw Graphics Suite X7 +CZ %2F serial generator + navod
2020-03-22 22:56 - 2018-11-04 12:46 - 000000000 ____D C:\Users\kapit\Downloads\Samsung GT-P5200
2020-03-22 22:56 - 2018-10-28 13:06 - 000000000 ____D C:\ProgramData\ProductFeatures
2020-03-22 22:56 - 2018-10-28 13:03 - 000000000 ____D C:\Users\kapit\.cache
2020-03-22 22:56 - 2018-10-28 12:57 - 000000000 ____D C:\AllMyTube Recorded
2020-03-22 22:56 - 2018-10-28 12:57 - 000000000 ____D C:\AllMyTube Downloaded
2020-03-22 22:56 - 2018-10-28 12:57 - 000000000 ____D C:\AllMyTube Converted
2020-03-22 22:56 - 2018-10-28 12:49 - 000000000 ____D C:\Users\kapit\Downloads\Stáhnout z Facebook __files
2020-03-22 22:56 - 2018-10-28 12:43 - 000000000 ____D C:\Users\kapit\AppData\Local\4kdownload.com
2020-03-22 22:56 - 2018-10-23 00:31 - 000000000 ____D C:\Users\kapit\Documents\textové dokumenty
2020-03-22 22:56 - 2018-10-23 00:30 - 000000000 ____D C:\Users\kapit\Documents\Vlastní šablony Office
2020-03-22 22:56 - 2018-10-23 00:06 - 000000000 ____D C:\Users\kapit\Downloads\facebook-donJuanAmbrozNandigoSurioMarioIvanezToreanorez
2020-03-22 22:56 - 2018-10-15 23:13 - 000000000 ____D C:\Users\kapit\AppData\Local\HappyFoto DESIGNER
2020-03-22 22:56 - 2018-10-15 23:10 - 000000000 ____D C:\ProgramData\HappyFoto DESIGNER
2020-03-22 22:56 - 2018-10-13 12:20 - 000000000 ____D C:\Users\kapit\Downloads\J510FN
2020-03-22 22:56 - 2018-10-10 22:01 - 000000000 ____D C:\Users\kapit\Downloads\facebook-jansmitka94
2020-03-22 22:56 - 2018-09-10 10:18 - 000000000 ____D C:\Users\kapit\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones
2020-03-22 22:56 - 2018-09-09 18:19 - 000000000 ____D C:\Users\kapit\Documents\SideSync
2020-03-22 22:56 - 2018-09-09 18:19 - 000000000 ____D C:\Users\kapit\AppData\Roaming\Samsung
2020-03-22 22:56 - 2018-09-09 18:16 - 000000000 ____D C:\ProgramData\Samsung
2020-03-22 22:56 - 2018-09-06 10:41 - 000000000 ____D C:\Users\kapit\Documents\Wondershare
2020-03-22 22:56 - 2018-09-02 11:44 - 000000000 ____D C:\ProgramData\Wondershare
2020-03-22 22:56 - 2018-09-02 11:42 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2020-03-22 22:56 - 2018-07-23 11:04 - 000000000 ____D C:\My Works
2020-03-22 22:56 - 2018-07-23 10:55 - 000000000 ____D C:\Users\kapit\AppData\Local\fontconfig
2020-03-22 22:56 - 2018-07-23 01:40 - 000000000 ____D C:\Users\kapit\Documents\NewBlueFX
2020-03-22 22:56 - 2018-07-23 01:40 - 000000000 ____D C:\Users\kapit\AppData\Roaming\Titler
2020-03-22 22:56 - 2018-07-23 01:22 - 000000000 ____D C:\Users\Public\CyberLink
2020-03-22 22:56 - 2018-07-23 01:18 - 000000000 ____D C:\Users\kapit\Documents\CyberLink
2020-03-22 22:56 - 2018-07-23 01:16 - 000000000 ____D C:\Users\kapit\AppData\Roaming\CyberLink
2020-03-22 22:56 - 2018-07-23 01:15 - 000000000 ____D C:\Users\kapit\AppData\Local\CyberLink
2020-03-22 22:56 - 2018-07-23 01:00 - 000000000 ____D C:\ProgramData\SUPPORTDIR
2020-03-22 22:56 - 2018-07-23 01:00 - 000000000 ____D C:\ProgramData\install_clap
2020-03-22 22:56 - 2018-07-23 01:00 - 000000000 ____D C:\ProgramData\install_backup
2020-03-22 22:56 - 2018-07-23 01:00 - 000000000 ____D C:\ProgramData\CyberLink
2020-03-22 22:56 - 2018-07-23 00:56 - 000000000 ____D C:\Users\kapit\Downloads\CyberLink PowerDirector Ultimate 15.0.2026.0 Multilingual + Serial Key [SadeemPC]
2020-03-22 22:56 - 2018-07-23 00:04 - 000000000 ____D C:\Users\kapit\AppData\Local\Windows Live
2020-03-22 22:56 - 2018-07-22 14:26 - 000000000 ____D C:\Users\kapit\AppData\Local\Nero_AG
2020-03-22 22:56 - 2018-07-22 11:39 - 000000000 ____D C:\Users\kapit\Documents\NeroVideo
2020-03-22 22:56 - 2018-07-22 11:39 - 000000000 ____D C:\Users\kapit\AppData\Local\Nero
2020-03-22 22:56 - 2018-07-16 23:58 - 000000000 ____D C:\Users\kapit\AppData\Roaming\Nero
2020-03-22 22:56 - 2018-07-16 23:33 - 000000000 ____D C:\ProgramData\Nero
2020-03-22 22:56 - 2018-06-24 21:31 - 000000000 ____D C:\Users\kapit\AppData\Local\TeamViewer
2020-03-22 22:56 - 2018-06-24 20:59 - 000000000 ____D C:\Users\kapit\AppData\Roaming\TeamViewer
2020-03-22 22:56 - 2018-06-20 11:17 - 000000000 ____D C:\Users\kapit\AppData\Roaming\WhatsApp
2020-03-22 22:56 - 2018-06-20 11:17 - 000000000 ____D C:\Users\kapit\AppData\Local\WhatsApp
2020-03-22 22:56 - 2018-06-20 11:17 - 000000000 ____D C:\Users\kapit\AppData\Local\SquirrelTemp
2020-03-22 22:56 - 2018-06-19 23:18 - 000000000 ___RD C:\Users\kapit\Disk Google
2020-03-22 22:56 - 2018-06-17 22:00 - 000000000 ____D C:\Users\kapit\Downloads\Truth.or.Dare.2018.HDRip.XViD.AC3-ETRG
2020-03-22 22:56 - 2018-06-11 17:02 - 000000000 ____D C:\Users\kapit\Downloads\záloha
2020-03-22 22:56 - 2018-06-11 17:00 - 000000000 ____D C:\Users\kapit\Downloads\VSO-ConvertXtoVideo-Ultimate-2.0.0.27-(CZ,EN)--(23.7.2016)
2020-03-22 22:56 - 2018-06-11 17:00 - 000000000 ____D C:\Users\kapit\Downloads\VSO-ConvertXtoDVD-6.0.0.29-Final-+-Patch-[KaranPC]
2020-03-22 22:56 - 2018-06-11 16:58 - 000000000 ____D C:\Users\kapit\Downloads\NERO-12--Platinum--CZ
2020-03-22 22:56 - 2018-06-04 21:41 - 000000000 ____D C:\Users\kapit\Downloads\sniper elite 1--- PC + crack 100% funkční vyzkoušeno
2020-03-22 22:56 - 2018-06-01 17:41 - 000000000 ____D C:\Users\kapit\Documents\ConvertXtoVideo Ultimate
2020-03-22 22:56 - 2018-06-01 17:40 - 000000000 ____D C:\Users\kapit\Downloads\VSO.ConvertXtoVideo.Ultimate.2.0.0.70.Multilingual
2020-03-22 22:56 - 2018-06-01 17:30 - 000000000 ____D C:\Users\kapit\Documents\ConvertXToDVD
2020-03-22 22:56 - 2018-06-01 17:30 - 000000000 ____D C:\Users\kapit\AppData\Roaming\VSO
2020-03-22 22:56 - 2018-06-01 17:26 - 000000000 ____D C:\Users\kapit\Downloads\VSO ConvertXtoDVD 7.0.0.56 Multilingual-P2P + Portable (20.2.2018)
2020-03-22 22:56 - 2018-05-21 20:48 - 000000000 ____D C:\Users\kapit\Downloads\Sniper-Elite-4-[FitGirl-Repack]
2020-03-22 22:56 - 2018-05-14 17:02 - 000000000 ____D C:\Users\kapit\Downloads\Odin3_v3.12.3
2020-03-22 22:56 - 2018-05-06 18:23 - 000000000 ____D C:\Users\kapit\AppData\Local\paint.net
2020-03-22 22:56 - 2018-05-06 18:22 - 000000000 ____D C:\Users\kapit\Downloads\paint.net.4.0.21.install
2020-03-22 22:56 - 2018-05-06 13:16 - 000000000 ___HD C:\ProgramData\CanonIJScan
2020-03-22 22:56 - 2018-05-06 13:15 - 000000000 ___HD C:\ProgramData\CanonIJQuickMenu
2020-03-22 22:56 - 2018-05-06 13:15 - 000000000 ____D C:\Users\kapit\AppData\Roaming\Canon
2020-03-22 22:56 - 2018-05-06 13:12 - 000000000 ____D C:\ProgramData\CanonIJWSpt
2020-03-22 22:56 - 2018-05-05 18:23 - 000000000 ____D C:\Users\kapit\AppData\Roaming\uTorrent
2020-03-22 22:56 - 2018-05-04 22:19 - 000000000 ____D C:\Users\kapit\AppData\Local\Sniper3
2020-03-22 22:56 - 2018-05-04 22:19 - 000000000 ____D C:\ProgramData\ALI213
2020-03-22 22:56 - 2018-05-04 21:41 - 000000000 ____D C:\Hry
2020-03-22 22:56 - 2018-05-04 19:41 - 000000000 ____D C:\Users\kapit\AppData\LocalLow\Google
2020-03-22 22:56 - 2018-05-04 14:46 - 000000000 ____D C:\Users\kapit\Downloads\Sniper Elite III CZ (2014)
2020-03-22 22:56 - 2018-05-03 19:33 - 000000000 ____D C:\ProgramData\Google
2020-03-22 22:56 - 2018-05-01 18:04 - 000000000 ____D C:\Users\kapit\AppData\Local\Macromedia
2020-03-22 22:56 - 2018-05-01 17:53 - 000000000 ____D C:\Users\kapit\AppData\Roaming\Macromedia
2020-03-22 22:56 - 2018-05-01 17:43 - 000000000 ____D C:\Users\kapit\AppData\Roaming\Mozilla
2020-03-22 22:56 - 2018-05-01 17:43 - 000000000 ____D C:\Users\kapit\AppData\LocalLow\Mozilla
2020-03-22 22:56 - 2018-05-01 17:43 - 000000000 ____D C:\Users\kapit\AppData\Local\Mozilla
2020-03-22 22:56 - 2018-04-30 14:05 - 000000000 ____D C:\Users\kapit\Downloads\Sniper Elite V2 čeština
2020-03-22 22:56 - 2018-04-28 08:17 - 000000000 ____D C:\Users\kapit\AppData\Local\SniperV2
2020-03-22 22:56 - 2018-04-28 08:17 - 000000000 ____D C:\Users\kapit\AppData\Local\SKIDROW
2020-03-22 22:56 - 2018-04-27 20:33 - 000000000 ____D C:\Users\kapit\Downloads\Sniper-Elite-V2-(CZ-titulky)
2020-03-22 22:56 - 2018-03-16 19:10 - 000000000 ____D C:\Users\kapit\Downloads\testdisk-7.1-WIP.win
2020-03-22 22:56 - 2018-01-23 18:18 - 000000000 ____D C:\Users\kapit\Downloads\3D spořič Marine Aquarium 3.2 3D screensaver (4.12.2017)
2020-03-22 22:56 - 2018-01-23 16:19 - 000000000 ____D C:\Users\kapit\ansel
2020-03-22 22:56 - 2018-01-06 18:08 - 000000000 ___HD C:\$AV_ASW
2020-03-22 22:56 - 2017-12-06 16:33 - 000000000 ____D C:\Users\kapit\Downloads\HDTune-Pro-5.00
2020-03-22 22:56 - 2017-12-06 16:24 - 000000000 ____D C:\Users\kapit\Downloads\WinDFT095
2020-03-22 22:56 - 2017-12-05 21:34 - 000000000 ____D C:\Users\kapit\AppData\Local\DBG
2020-03-22 22:56 - 2017-12-05 21:34 - 000000000 ____D C:\Users\kapit\AppData\Local\CrashDumps
2020-03-22 22:56 - 2017-12-05 19:47 - 000000000 ____D C:\ProgramData\VS Revo Group
2020-03-22 22:56 - 2017-12-05 19:45 - 000000000 ____D C:\Users\kapit\AppData\Local\VS Revo Group
2020-03-22 22:56 - 2017-12-05 19:41 - 000000000 ____D C:\Users\kapit\Downloads\Revo Uninstaller Pro 3.1.6 Cracknutý [Kedar_CZ]
2020-03-22 22:56 - 2017-12-05 14:22 - 000000000 ____D C:\ProgramData\acer
2020-03-22 22:56 - 2017-12-05 14:21 - 000000000 ____D C:\ProgramData\updater2
2020-03-22 22:56 - 2017-12-05 14:21 - 000000000 ____D C:\oem
2020-03-22 22:56 - 2017-12-05 13:51 - 000000000 ____D C:\Users\kapit\AppData\Local\PeerDistRepub
2020-03-22 22:56 - 2017-12-05 13:30 - 000000000 ____D C:\Users\kapit\AppData\Local\NVIDIA Corporation
2020-03-22 22:56 - 2017-12-04 01:05 - 000000000 ____D C:\Users\kapit\AppData\LocalLow\Adobe
2020-03-22 22:56 - 2017-12-04 01:05 - 000000000 ____D C:\Users\kapit\AppData\Local\CEF
2020-03-22 22:56 - 2017-12-04 01:04 - 000000000 ____D C:\ProgramData\Adobe
2020-03-22 22:56 - 2017-12-04 00:33 - 000000000 ____D C:\Users\kapit\AppData\Local\Microsoft Help
2020-03-22 22:56 - 2017-12-04 00:32 - 000000000 ____D C:\Users\kapit\AppData\Roaming\Client
2020-03-22 22:56 - 2017-12-03 23:38 - 000000000 ____D C:\Users\kapit\Downloads\kmspico windows 10 activator
2020-03-22 22:56 - 2017-12-03 23:01 - 000000000 ____D C:\Users\kapit\AppData\Local\PlaceholderTileLogoFolder
2020-03-22 22:56 - 2017-12-03 23:00 - 000000000 ____D C:\Users\kapit\AppData\Local\Google
2020-03-22 22:56 - 2017-12-03 22:49 - 000000000 ____D C:\Users\kapit\AppData\Local\NVIDIA
2020-03-22 22:56 - 2017-12-03 22:37 - 000000000 ____D C:\Users\kapit\AppData\Local\Comms
2020-03-22 22:56 - 2017-12-03 22:27 - 000000000 ___HD C:\Users\kapit\MicrosoftEdgeBackups
2020-03-22 22:56 - 2017-12-03 22:27 - 000000000 ____D C:\Users\kapit\AppData\Local\Publishers
2020-03-22 22:56 - 2017-12-03 22:27 - 000000000 ____D C:\Users\kapit\AppData\Local\MicrosoftEdge
2020-03-22 22:56 - 2017-12-03 22:26 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-03-22 22:56 - 2017-12-03 22:26 - 000000000 ___RD C:\Users\kapit\3D Objects
2020-03-22 22:56 - 2017-12-03 22:26 - 000000000 ____D C:\Users\kapit\AppData\Roaming\Adobe
2020-03-22 22:56 - 2017-12-03 22:26 - 000000000 ____D C:\Users\kapit\AppData\Local\VirtualStore
2020-03-22 22:56 - 2017-12-03 22:26 - 000000000 ____D C:\Users\kapit\AppData\Local\Packages
2020-03-22 22:56 - 2017-12-03 22:10 - 000000000 ____D C:\ProgramData\SetupTPDriver
2020-03-22 22:56 - 2017-12-03 22:09 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-03-22 22:56 - 2017-12-02 20:32 - 000000000 ____D C:\Intel
2020-03-22 00:07 - 2019-10-31 06:30 - 170539602 _____ C:\Users\kapit\AppData\Roaming\MiniTool.Power.Data.Recovery.8.6.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2019-10-23 18:00 - 048665024 _____ C:\Users\kapit\AppData\Roaming\disk-drill-win.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-02-20 00:18 - 001270848 _____ C:\Users\kapit\Downloads\Core-Temp-setup.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-01-30 19:00 - 050138704 _____ C:\Users\kapit\Downloads\mpnx_5_1-win-5_1_1-ea23_2.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-01-30 18:59 - 005824024 _____ C:\Users\kapit\Downloads\mypr-win-3_3_0-ea11_2.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-01-30 18:27 - 308689808 _____ C:\Users\kapit\Downloads\mig_-win-3_6_4-ea31_2.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-01-30 18:21 - 027020160 _____ C:\Users\kapit\Downloads\mp68-win-mp230-1_04-ea32_2.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2019-11-17 19:31 - 007589861 _____ C:\Users\kapit\Downloads\Loukotova_Kristyna.docx_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2019-09-19 20:56 - 050978352 _____ C:\Users\kapit\Downloads\win-mg3500-1_1-mcd.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2019-09-04 17:10 - 045342266 _____ C:\Users\kapit\Downloads\Návod k použití CZ.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2019-09-04 16:55 - 007593126 _____ C:\Users\kapit\Downloads\CZE_HMUDVBEUJ-1.312.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2019-08-19 20:35 - 001457309 _____ C:\Users\kapit\Downloads\MSJR1_3-D_S Controller Operation Manual.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2019-07-21 15:00 - 018630400 _____ C:\Users\kapit\Downloads\revosetup.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2019-07-19 20:27 - 002339208 _____ C:\Users\kapit\Downloads\mixmeister_pro_4064830242.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2019-07-19 20:17 - 027908264 _____ C:\Users\kapit\Downloads\audacity-win-2.3.2.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2019-07-19 20:15 - 050258248 _____ C:\Users\kapit\Downloads\install_virtualdj_pc_v8.2.3936.msi_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2019-06-20 17:26 - 025448448 _____ C:\Users\kapit\Downloads\4kvideodownloader_4.7.3.msi_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2019-04-22 12:10 - 040294303 _____ C:\Users\kapit\Downloads\General_CMS_V3.1.0.3.T.20151026.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2019-04-18 18:58 - 005147336 _____ C:\Users\kapit\Downloads\tcmd922ax64.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2019-04-18 18:44 - 173838160 _____ C:\Users\kapit\Downloads\New_PC_Studio_1.5.1.10064_2.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2019-03-11 16:07 - 139868088 _____ C:\Users\kapit\Downloads\WhatsAppSetup.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2019-02-19 18:58 - 008416679 _____ C:\Users\kapit\Downloads\giphy.gif_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2018-11-16 08:36 - 028626280 _____ C:\Users\kapit\Downloads\winamp5666_full_all.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2018-11-12 20:40 - 896488400 _____ C:\Users\kapit\Downloads\Corel Draw Graphics Suite X7 +CZ %2F serial generator + navod.rar_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2018-10-23 00:05 - 259852854 _____ C:\Users\kapit\Downloads\facebook-donJuanAmbrozNandigoSurioMarioIvanezToreanorez.zip_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2018-10-15 23:05 - 348696160 _____ C:\Users\kapit\Downloads\HappyFoto-Designer.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2018-10-10 21:59 - 101460048 _____ C:\Users\kapit\Downloads\facebook-jansmitka94.zip_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2018-09-10 11:15 - 009330032 _____ C:\Users\kapit\Downloads\Samsung-Usb-Driver-v1.5.55.0.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2018-07-23 10:38 - 001876360 _____ C:\Users\kapit\Downloads\FFSetupLatest.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2018-07-23 00:02 - 155421664 _____ C:\Users\kapit\Downloads\windows-movie-maker.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2018-07-01 15:26 - 041465128 _____ C:\Users\kapit\Downloads\vlc-3.0.3-win64.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2018-06-24 20:58 - 020367104 _____ C:\Users\kapit\Downloads\TeamViewer_Setup.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2018-06-19 23:09 - 001130840 _____ C:\Users\kapit\Downloads\installbackupandsync.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2018-05-08 18:53 - 001129816 _____ C:\Users\kapit\Downloads\GoogleEarthProSetup.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2018-05-05 16:22 - 021170376 _____ C:\Users\kapit\Downloads\picasa39-setup.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2018-05-03 19:32 - 011706368 _____ C:\Users\kapit\Downloads\chromeremotedesktophost.msi_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2018-05-01 17:42 - 034163608 _____ C:\Users\kapit\Downloads\Firefox Setup 55.0.2.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2018-04-28 18:45 - 2029942882 _____ C:\Users\kapit\Downloads\Microsoft Office 2016 CZ 32 a 64bit FUNKČNÍ !!!.rar_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2017-12-03 23:36 - 002220872 _____ C:\Users\kapit\Downloads\winrar-x64-550.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2019-07-03 22:31 - 001406034 _____ C:\Users\kapit\Documents\IMG_20190703_0009.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2019-07-03 21:53 - 025923484 _____ C:\Users\kapit\Documents\IMG_20190703_0008.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2019-06-18 20:39 - 002362598 _____ C:\Users\kapit\Documents\Boretin.pds_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2019-02-11 22:57 - 002451600 _____ C:\Users\kapit\Documents\Exekuce.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2019-01-29 21:00 - 002120510 _____ C:\Users\kapit\Documents\kámoši.pds_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2018-11-13 20:39 - 1711428500 _____ C:\Users\kapit\Downloads\Adobe Photoshop CC 2018 CZ (v19.1) (64bit) + Crack [Kedar_CZ].rar_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2018-10-28 12:42 - 025133056 _____ C:\Users\kapit\Downloads\4kvideodownloader_4.4.11_x64.msi_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2018-07-24 21:50 - 001399847 _____ C:\Users\kapit\Documents\konop.2.pds_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2018-07-23 22:25 - 001307266 _____ C:\Users\kapit\Documents\konopiště.pds_ID_1447932999_krastoken@gmail.com.google
2020-03-21 22:14 - 2019-07-25 14:51 - 003580280 _____ C:\Users\kapit\ooviewer.dll_ID_1447932999_krastoken@gmail.com.google
2020-03-21 22:14 - 2019-07-25 14:50 - 004388728 _____ C:\Users\kapit\oodrsurs.dll_ID_1447932999_krastoken@gmail.com.google
2020-03-21 22:14 - 2019-07-25 14:50 - 001644920 _____ C:\Users\kapit\oodrrs.dll_ID_1447932999_krastoken@gmail.com.google
2020-03-21 22:14 - 2018-06-22 15:38 - 004820256 _____ C:\Users\kapit\oorwiz4.dll_ID_1447932999_krastoken@gmail.com.google
2020-03-21 22:14 - 2018-06-22 15:38 - 003319584 _____ C:\Users\kapit\oosu.dll_ID_1447932999_krastoken@gmail.com.google
2020-03-21 22:14 - 2018-04-17 16:59 - 002665248 _____ C:\Users\kapit\ooliveupdate.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 01:33 - 2020-01-23 19:00 - 000002073 _____ C:\Users\Public\Desktop\Google Slides.lnk
2020-03-21 01:33 - 2020-01-23 19:00 - 000002071 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2020-03-21 01:33 - 2020-01-23 19:00 - 000002061 _____ C:\Users\Public\Desktop\Google Docs.lnk
2020-03-21 01:25 - 2019-08-01 13:22 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-03-21 01:25 - 2019-08-01 13:22 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-03-20 02:35 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-03-20 01:18 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-03-19 11:54 - 2019-08-01 13:22 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-03-19 11:53 - 2017-12-04 01:04 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-03-18 01:25 - 2017-12-03 23:00 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-03-17 17:47 - 2019-08-01 13:09 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-03-17 17:47 - 2019-03-19 12:57 - 000718198 _____ C:\WINDOWS\system32\perfh005.dat
2020-03-17 17:47 - 2019-03-19 12:57 - 000145242 _____ C:\WINDOWS\system32\perfc005.dat
2020-03-13 01:22 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-03-13 01:22 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-03-13 01:01 - 2012-07-26 09:18 - 000410830 __RSH C:\bootmgr
2020-03-12 22:24 - 2017-12-05 13:41 - 000000000 ___HD C:\Program Files (x86)\Temp
2020-03-12 00:14 - 2019-08-01 13:22 - 000004636 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-03-12 00:14 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-03-12 00:14 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-03-11 09:25 - 2019-08-01 12:42 - 000528296 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-03-11 09:22 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-03-11 09:22 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-03-11 09:22 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-03-11 09:22 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-03-11 09:22 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-03-11 09:22 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-03-11 09:22 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\setup
2020-03-11 09:22 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-03-11 09:22 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-03-11 09:22 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\servicing
2020-03-11 09:21 - 2019-03-19 12:59 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-03-11 09:21 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-03-11 09:03 - 2017-12-03 23:38 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-03-11 08:56 - 2017-12-03 23:37 - 121542864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-02-26 20:55 - 2019-11-27 22:04 - 000000000 ____D C:\WINDOWS\Minidump

==================== Files in the root of some directories ========

2019-04-22 12:12 - 2019-04-22 12:16 - 000104745 _____ () C:\Program Files (x86)\CMS Setup Log.txt
2019-05-13 20:08 - 2019-05-13 20:08 - 000023290 _____ () C:\Program Files (x86)\CMS Uninstall Log.txt
2019-07-25 14:51 - 2019-07-25 14:51 - 001644920 _____ (O&O Software GmbH) C:\Program Files (x86)\oodrrs.dll
2019-07-25 14:51 - 2019-07-25 14:51 - 004388728 _____ (O&O Software GmbH) C:\Program Files (x86)\oodrsurs.dll
2019-07-25 14:51 - 2019-07-25 14:51 - 006624120 _____ (O&O Software GmbH) C:\Program Files (x86)\oodskrec.exe
2018-04-17 17:10 - 2018-04-17 17:10 - 003566880 _____ (O&O Software GmbH) C:\Program Files (x86)\ooliveupdate.exe
2018-06-22 15:41 - 2018-06-22 15:41 - 006622496 _____ (O&O Software GmbH) C:\Program Files (x86)\oorwiz4.dll
2018-06-22 15:39 - 2018-06-22 15:39 - 000169248 _____ (O&O Software GmbH) C:\Program Files (x86)\oorwiz4r.dll
2018-06-22 15:41 - 2018-06-22 15:41 - 004570400 _____ (O&O Software GmbH) C:\Program Files (x86)\oosu.dll
2019-07-25 14:51 - 2019-07-25 14:51 - 004907384 _____ (O&O Software GmbH) C:\Program Files (x86)\ooviewer.dll
2019-07-25 14:39 - 2019-07-25 14:39 - 000001791 _____ () C:\Program Files (x86)\readme.txt
2020-03-22 00:07 - 2020-03-22 00:07 - 000000000 _____ () C:\Users\kapit\AppData\Roaming\01.js_ID_1447932999_krastoken@gmail.com.google
2019-10-23 18:00 - 2020-03-22 00:07 - 048665024 _____ () C:\Users\kapit\AppData\Roaming\disk-drill-win.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000003328 _____ () C:\Users\kapit\AppData\Roaming\ID-I .js_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000147968 _____ () C:\Users\kapit\AppData\Roaming\inst.exe_ID_1447932999_krastoken@gmail.com.google
2019-10-31 06:30 - 2020-03-22 00:07 - 170539602 _____ () C:\Users\kapit\AppData\Roaming\MiniTool.Power.Data.Recovery.8.6.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000011776 _____ () C:\Users\kapit\AppData\Roaming\pcouffin.cat_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000001792 _____ () C:\Users\kapit\AppData\Roaming\pcouffin.inf_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000000128 _____ () C:\Users\kapit\AppData\Roaming\pcouffin.log_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000123264 _____ () C:\Users\kapit\AppData\Roaming\pcouffin.sys_ID_1447932999_krastoken@gmail.com.google
2020-03-17 15:01 - 2020-03-22 00:07 - 003704888 _____ () C:\Users\kapit\AppData\Roaming\signed.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-22 22:56 - 2020-03-22 22:56 - 000000371 _____ () C:\Users\kapit\AppData\Roaming\Microsoft\FileRecovery.txt
2020-03-22 22:56 - 2020-03-22 22:56 - 000000371 _____ () C:\Users\kapit\AppData\Local\FileRecovery.txt
2020-03-22 00:07 - 2020-03-22 00:07 - 000000000 _____ () C:\Users\kapit\AppData\Local\oobelibMkey.log_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000000128 _____ () C:\Users\kapit\AppData\Local\resmon.resmoncfg_ID_1447932999_krastoken@gmail.com.google

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[nandigo]

Druhý log:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-03-2020
Ran by kapit (26-03-2020 19:12:42)
Running from C:\Users\kapit\Desktop
Windows 10 Pro Version 1903 18362.720 (X64) (2019-08-01 12:23:26)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1638003504-3678973619-763609851-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1638003504-3678973619-763609851-503 - Limited - Disabled)
Guest (S-1-5-21-1638003504-3678973619-763609851-501 - Limited - Disabled)
kapit (S-1-5-21-1638003504-3678973619-763609851-1001 - Administrator - Enabled) => C:\Users\kapit
WDAGUtilityAccount (S-1-5-21-1638003504-3678973619-763609851-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4K Video Downloader 4.7 (HKLM-x32\...\{6177A92A-AEE4-45EF-95B7-0E438A49F167}) (Version: 4.7.3.2742 - Open Media LLC)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.344 - Adobe)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_1) (Version: 19.1 - Adobe Systems Incorporated)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.18 - ASUS)
Audacity 2.3.2 (HKLM-x32\...\Audacity_is1) (Version: 2.3.2 - Audacity Team)
Backup and Sync from Google (HKLM\...\{0CF77D5B-BD7A-489C-A5D5-881E6C15073D}) (Version: 3.49.9760.2421 - Google, Inc.)
Balíček ovladače systému Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
Balíček ovladače systému Windows - MediaTek Inc. (wdm_usb) Ports (01/22/2015 3.0.1504.0) (HKLM\...\BD5E2A628C2263FAEC66A4BFF2E88B897427E4C3) (Version: 01/22/2015 3.0.1504.0 - MediaTek Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - ‪Canon Inc.‬)
Canon MP Navigator EX 5.1 (HKLM-x32\...\MP Navigator EX 5.1) (Version: - )
Canon MP230 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP230_series) (Version: 1.04 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.4 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
CGS17_Setup_x64 (HKLM\...\{83646B67-A878-4E95-BB4B-AF4A6E61F28C}) (Version: 17.0 - Corel Corporation) Hidden
Core Temp 1.15.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.15.1 - ALCPU)
Corel Graphics - Windows Shell Extension (HKLM\...\_{4AB916EE-ABA8-4079-9889-745798B6D809}) (Version: 17.0.0.491 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{4AB916EE-ABA8-4079-9889-745798B6D809}) (Version: 17.0.491 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (HKLM\...\{FD4A43CE-ABAE-4161-83AC-314A3C804F42}) (Version: 17.0.491 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Capture (x64) (HKLM\...\{2C91CB9D-323D-43E5-A433-229B71CFB773}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Common (x64) (HKLM\...\{9178F0A8-B6F6-4DA7-AD63-317CC4875F4B}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Connect (x64) (HKLM\...\{BD036E95-A9CD-4DED-B744-95AB1DCAFF0C}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Custom Data (x64) (HKLM\...\{5162E418-BB43-4C8F-ACD6-069645EF98C3}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - CZ (x64) (HKLM\...\{DCCD0EF6-DFCF-4D31-B71D-2AAC24C6AB16}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Draw (x64) (HKLM\...\{2C0DDC74-5234-43DD-BB5A-0645B8FE5289}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Filters (x64) (HKLM\...\{D10A5CFA-FE33-4F06-AE37-554604F00A52}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (x64) (HKLM\...\{5406029B-67AD-4F8E-9F2D-F1959CD9CD86}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (x64) (HKLM\...\{EF44BCCD-13F9-4974-862C-CCFAF43EE082}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM T (x64) (HKLM\...\{13179AB2-69FD-459B-800F-81865A501AD4}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (HKLM\...\{C922F325-DD52-4E22-B204-431A06E63E51}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (HKLM\...\{1A73168F-5983-46A6-AAAB-FD83BC231E02}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Redist (x64) (HKLM\...\{C57EDB5A-AC8E-4E03-9F1A-DC013A2BB9B2}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (x64) (HKLM\...\{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (x64) (HKLM\...\{5672E0DC-7489-4EAC-8CFD-E01B3868FCB5}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (HKLM\...\{966996DC-D67C-40E3-8BD4-31FA0F093571}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (x64) (HKLM\...\{D63404AC-C2F1-4B3D-96EA-9727AC9D994C}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.0.0.491 - Corel Corporation)
CyberLink PowerDirector 15 (HKLM-x32\...\{FA285575-B543-4E6E-A573-A4F534AC9965}) (Version: 15.0.2026.0 - CyberLink Corp.)
CyberLink WaveEditor 2 (HKLM-x32\...\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 5620 - CyberLink Corp.)
Disk Drill 4.0.499.0 (HKLM-x32\...\{b0226fab-bacc-4c77-947d-609c7422e604}) (Version: 4.0.499.0 - CleverFiles)
Disk Drill 4.0.499.0 (x64) (HKLM\...\{F9BAFE88-3436-4235-B22D-5D77F121BB1C}) (Version: 4.0.499.0 - CleverFiles) Hidden
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.35 - NVIDIA Corporation) Hidden
Dokan Library 1.2.0.1000 (x64) (HKLM\...\{65A3A964-3DC3-0102-0000-180809151012}) (Version: 1.2.0.1000 - Dokany Project) Hidden
Dokan Library 1.2.0.1000 Bundle (HKLM-x32\...\{c2f619b0-68fd-4433-970e-cd66cd7a2775}) (Version: 1.2.0.1000 - Dokany Project)
FormatFactory 4.9.5.0 (HKLM-x32\...\FormatFactory) (Version: 4.9.5.0 - Free Time)
GEAR driver installer for AMD64 and Intel EM64T (HKLM\...\{50CBBEC7-1010-41C5-8718-A1A6FEDD9C3A}) (Version: 2.003.1 - GEAR Software, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.149 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
GridinSoft Anti-Malware (HKLM\...\GridinSoft Anti-Malware) (Version: 4.1.15 - GridinSoft LLC)
HappyFoto DESIGNER 5.6 (HKLM-x32\...\HappyFoto-Designer_is1) (Version: - )
Chrome Remote Desktop Host (HKLM-x32\...\{EF08968E-F7E7-43EA-95B1-1E8ACC8CC459}) (Version: 80.0.3987.18 - Google Inc.)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4885 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel(R) Corporation) Hidden
LenovoUsbDriver 1.1.34 (HKLM-x32\...\LenovoUsbDriver) (Version: 1.1.34 - Lenovo)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 1.6.5230.111 - Waves Audio Ltd.) Hidden
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.11.25325 (HKLM-x32\...\{404c9c27-8377-4fd1-b607-7ca635db4e49}) (Version: 14.11.25325.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nero 12 (HKLM-x32\...\{560FC78C-A4B2-461D-9B47-820C1EEF87B8}) (Version: 12.0.02000 - Nero AG)
NewBlue Titler Pro for Windows (HKLM-x32\...\NewBlue Titler Pro for Windows) (Version: 1.5 - NewBlue)
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials VI for Windows (HKLM-x32\...\NewBlue Video Essentials VI for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials VII for Windows (HKLM-x32\...\NewBlue Video Essentials VII for Windows) (Version: 3.0 - NewBlue)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.8.4 - Notepad++ Team)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Ovládací panel NVIDIA 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 391.35 - NVIDIA Corporation) Hidden
PACE License Support Win64 (HKLM\...\{72ad9d51-0903-4fe7-af5d-33b3185fa6e9}) (Version: 2.4.7.0852 - PACE Anti-Piracy, Inc.) Hidden
PACE License Support Win64 (HKLM-x32\...\InstallShield_{72ad9d51-0903-4fe7-af5d-33b3185fa6e9}) (Version: 2.4.7.0852 - PACE Anti-Piracy, Inc.)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (HKLM\...\{E237254B-36A1-3D27-815E-B37C13BE0796}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (HKLM-x32\...\{03077B58-6ACF-32CA-B42A-EAA458C295A1}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{15BCA3AB-444B-4AC5-A04F-F2AD0F7AD3EC}) (Version: 4.2.10 - dotPDN LLC)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
PicosmosTools 2.2.0.0 (HKLM-x32\...\PicosmosTools) (Version: 2.2.0.0 - Free Time)
Prerequisite installer (HKLM-x32\...\{3AAB08A3-F129-4BD5-B409-AE674F93759D}) (Version: 12.0.0002 - Nero AG) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.27058 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.23.1003.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8098 - Realtek Semiconductor Corp.)
Remote Desktop (HKLM\...\{84EAFC3C-807B-4E05-9479-4BD14EBA7F00}) (Version: 1.2.675.0 - Microsoft Corporation)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.7.0 - Sophos Limited)
STORMWARE PDF Printer 10.1.0.1871 (HKLM\...\STORMWARE PDF Printer_is1) (Version: 10.1.0.1871 - STORMWARE)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.36215 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22a - Ghisler Software GmbH)
Update for Skype for Business 2016 (KB4484245) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{69A69F88-A5E4-4019-A9A5-28A23D3CDC2A}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4484245) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{69A69F88-A5E4-4019-A9A5-28A23D3CDC2A}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4484245) 64-Bit Edition (HKLM\...\{90160000-012B-0405-1000-0000000FF1CE}_Office16.PROPLUS_{69A69F88-A5E4-4019-A9A5-28A23D3CDC2A}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
VSO ConvertXToDVD 7 (HKLM-x32\...\{A021D003-6933-4EA4-B582-F1D0C3E52409}_is1) (Version: 7.0.0.56 - VSO Software)
VSO ConvertXtoVideo Ultimate 2 (HKLM-x32\...\{{3852A371-F5ED-491A-86C3-998CD0688D4A}_is1) (Version: 2.0.0.70 - VSO Software)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Welcome App (Start-up experience) (HKLM-x32\...\{828175FA-7307-4DBF-95AD-9CEE086B6F45}) (Version: 12.0.14000 - Nero AG) Hidden
WhatsApp (HKU\S-1-5-21-1638003504-3678973619-763609851-1001\...\WhatsApp) (Version: 0.4.1302 - WhatsApp)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Zemana AntiMalware verze 3.1.495 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.1.495 - Zemana)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (HKLM\...\{25FB53C5-BE4C-3B6C-A0C9-D49A39227E1E}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (HKLM-x32\...\{68DC347D-C1C0-3DE2-A53E-CCC71DA53E57}) (Version: 11.0.51108 - Microsoft Corporation) Hidden

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2020-03-23] (Autodesk Inc.)
Beach Sunsets by Josh Sommers -> C:\Program Files\WindowsApps\Microsoft.BeachSunsetsbyJoshSommers_1.1.0.0_neutral__8wekyb3d8bbwe [2020-03-23] (Microsoft Corporation)
Butterflies of Nagpur by Mayur Kotlikar -> C:\Program Files\WindowsApps\Microsoft.ButterfliesofNagpurbyMayurKotlikar_1.0.0.0_neutral__8wekyb3d8bbwe [2020-03-23] (Microsoft Corporation)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.164.200.0_x86__kgqvnymyfvs32 [2020-03-23] (king.com)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.9.0.1_neutral__6e5tt8cgb93ep [2020-03-23] (Canon Inc.)
Cradle of Empires -> C:\Program Files\WindowsApps\AWEMGAMESLTD.CradleofEmpires_4.7.59.0_x86__bk6jmky90x9y4 [2020-03-23] (AWEM GAMES LTD)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-03-23] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2020-03-23] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-03-23] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-03-23] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.1224.0_x64__8wekyb3d8bbwe [2020-03-23] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
WinZip Universal -> C:\Program Files\WindowsApps\WinZipComputing.WinZipUniversal_1.5.13516.0_x64__3ykzqggjzj4z0 [2020-03-23] (WinZip Computing)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1638003504-3678973619-763609851-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1638003504-3678973619-763609851-1001_Classes\CLSID\{b6905d38-2ca7-41f7-8557-38ac84ddec2e}\localserver32 -> "C:\Users\kapit\AppData\Local\Apps\Remote Desktop\msrdcw.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-1638003504-3678973619-763609851-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-02-27] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-02-27] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-02-27] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2019-11-04] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2020-01-29] (Notepad++ -> )
ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_106.dll [2019-09-25] (Free Time) [File not signed]
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-02-27] (Google LLC -> Google)
ContextMenuHandlers1: [PicosmosShell] -> {A3888921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\PicosmosTools\ShellEx64_102.dll [2018-12-05] (Free Time Co., Ltd. -> Free Time) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-03-24] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_106.dll [2019-09-25] (Free Time) [File not signed]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-02-27] (Google LLC -> Google)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2018-01-02] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2019-11-04] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-03-24] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\Revo Uninstaller Pro\RUExt.dll [2012-12-29] (VS Revo Group -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.pDAD] => C:\WINDOWS\system32\prodad-codec.dll [607256 2016-08-26] (proDAD GmbH -> proDAD GmbH)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\kapit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=efmjfjelnicpmdcmfikempdhlmainjcb
ShortcutWithArgument: C:\Users\kapit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Vzdálená plocha Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp

==================== Loaded Modules (Whitelisted) =============

2017-09-06 18:11 - 2017-09-06 18:11 - 000125952 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-09-06 18:11 - 2017-09-06 18:11 - 000118272 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-09-06 18:11 - 2017-09-06 18:11 - 000086528 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2017-09-06 18:11 - 2017-09-06 18:11 - 000214528 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-09-06 18:11 - 2017-09-06 18:11 - 000117248 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2020-01-31 21:04 - 2013-10-04 08:42 - 000210944 _____ (Bullzip) [File not signed] C:\Program Files\Common Files\STORMWARE\PDF Printer\Ports\STORMWARE\bzpdf.dll
2018-05-06 13:12 - 2013-01-24 15:24 - 000359936 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2018-12-05 05:39 - 2018-12-05 05:39 - 000347488 _____ (Free Time Co., Ltd. -> Free Time) [File not signed] C:\Program Files (x86)\PicosmosTools\ShellEx64_102.dll
2019-09-25 17:52 - 2019-09-25 17:52 - 000305152 _____ (Free Time) [File not signed] C:\Program Files (x86)\FormatFactory\ShellEx64_106.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:6DDED7D9 [155]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2020-03-23 19:51 - 2020-03-25 23:57 - 000000841 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Users\kapit\AppData\Local\Microsoft\WindowsApps;C:\adb
HKU\S-1-5-21-1638003504-3678973619-763609851-1001\Control Panel\Desktop\\Wallpaper -> D:\obrázky\Maďarsko 2019\IMG-20190927-WA0209.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKU\S-1-5-21-1638003504-3678973619-763609851-1001\...\StartupApproved\Run: => "Client"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{D0C5301C-9F5B-49C6-82FD-779FA912E2A1}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{B8A46D95-7116-4722-A610-B880DFED3556}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

23-03-2020 00:14:25 Naplánovaný kontrolní bod
23-03-2020 16:02:20 Operace obnovení
24-03-2020 21:50:32 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/26/2020 07:03:14 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: Velikost požadované vyrovnávací paměti je větší než velikost vyrovnávací paměti předané do funkce Collect knihovny DLL rozšiřitelných čítačů C:\Windows\System32\perfts.dll pro službu LSM. Velikost dané vyrovnávací paměti: 30536; požadovaná velikost: 30648.

Error: (03/26/2020 01:34:53 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2480,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/26/2020 11:34:26 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5720,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/26/2020 04:45:57 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6068,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/26/2020 12:54:55 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4708,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/26/2020 12:44:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MBAMService.exe, verze: 3.2.0.890, časové razítko: 0x5e4bfca6
Název chybujícího modulu: CleanControllerImpl.dll, verze: 3.2.0.565, časové razítko: 0x5e5957c5
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000033425d
ID chybujícího procesu: 0x10fc
Čas spuštění chybující aplikace: 0x01d602fe00c09070
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
Cesta k chybujícímu modulu: C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\CleanControllerImpl.dll
ID zprávy: c585a6b3-cd8e-466e-8d85-6736a2c20103
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/25/2020 11:57:00 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (03/25/2020 11:49:43 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8596,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (03/26/2020 12:49:46 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Genuine Software Integrity Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/26/2020 12:49:44 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Genuine Monitor Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/26/2020 12:49:42 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/26/2020 12:44:33 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Malwarebytes Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (03/26/2020 12:40:35 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Optimalizace doručení přestala během spouštění reagovat.

Error: (03/26/2020 12:36:00 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (03/26/2020 12:36:00 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Presentation Foundation Font Cache 3.0.0.0 bylo dosaženo časového limitu (30000 ms).

Error: (03/26/2020 12:23:15 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.


Windows Defender:
===================================
Date: 2020-03-25 23:43:35.283
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win64/AutoKMS
ID: 2147723334
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\ProgramData\RogueKiller\quarantine\F380308BEA6D3361.vir
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: BERUNA\kapit
Název procesu: C:\Users\kapit\Desktop\RogueKiller_portable64.exe
Verze bezpečnostních informací: AV: 1.313.68.0, AS: 1.313.68.0, NIS: 1.313.68.0
Verze modulu: AM: 1.1.16900.4, NIS: 1.1.16900.4

Date: 2020-03-24 16:45:57.067
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: VirTool:Win32/DelfInject
ID: 2147597831
Závažnost: Vážné
Kategorie: Nástroj
Cesta: file:_C:\Users\kapit\Downloads\takeout-20151003T123036Z-2\Takeout\Disk\Cheat-Engine-6.2.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: BERUNA\kapit
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.311.1852.0, AS: 1.311.1852.0, NIS: 1.311.1852.0
Verze modulu: AM: 1.1.16800.2, NIS: 1.1.16800.2

Date: 2020-03-24 03:57:13.933
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {818C53E1-2DAC-4950-A336-C5973631EDFF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-03-23 21:42:24.328
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Persistence!rfn
ID: 2147745911
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Program Files (x86)\SHAREit\files\share\it.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: BERUNA\kapit
Název procesu: C:\Program Files\WiperSoft\WiperSoft.exe
Verze bezpečnostních informací: AV: 1.311.1827.0, AS: 1.311.1827.0, NIS: 1.311.1827.0
Verze modulu: AM: 1.1.16800.2, NIS: 1.1.16800.2

Date: 2020-03-22 00:07:37.691
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Bluteal!rfn
ID: 2147724737
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\kapit\AppData\Roaming\01.js
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: BERUNA\kapit
Název procesu: C:\Users\kapit\AppData\Roaming\bild.exe
Verze bezpečnostních informací: AV: 1.311.1661.0, AS: 1.311.1661.0, NIS: 1.311.1661.0
Verze modulu: AM: 1.1.16800.2, NIS: 1.1.16800.2

Date: 2020-03-25 19:35:48.575
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.313.8.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16900.4
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.

Date: 2020-03-25 19:24:44.129
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.

Date: 2020-03-23 20:03:58.318
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.311.1827.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16800.2
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2020-03-23 17:08:50.903
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o načtení bezpečnostních informací a pokusí se o obnovení poslední známé funkční verze.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80070003
Popis chyby: Systém nemůže nalézt uvedenou cestu.
Verze bezpečnostních informací: 0.0.0.0;0.0.0.0
Verze modulu: 0.0.0.0

Date: 2020-03-19 17:50:08.624
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.311.1411.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16800.2
Kód chyby: 0x80070645
Popis chyby: Tato akce je platná pouze u produktů, které jsou momentálně nainstalovány.

CodeIntegrity:
===================================

Date: 2020-03-26 00:44:33.367
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-03-26 00:44:33.353
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-03-26 00:44:33.065
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-03-26 00:44:33.052
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-03-26 00:44:32.999
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-03-26 00:44:32.977
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-03-26 00:44:29.923
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-03-26 00:44:29.728
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: American Megatrends Inc. X550CL.207 07/10/2014
Motherboard: ASUSTeK COMPUTER INC. X550CL
Processor: Intel(R) Pentium(R) CPU 2117U @ 1.80GHz
Percentage of memory in use: 34%
Total physical RAM: 8077.68 MB
Available physical RAM: 5253.2 MB
Total Virtual: 9357.68 MB
Available Virtual: 6323.05 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.31 GB) (Free:97.2 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Nový svazek) (Fixed) (Total:931.51 GB) (Free:227.19 GB) NTFS

\\?\Volume{2e043828-0000-0000-0000-b0a9e8000000}\ () (Fixed) (Total:0 GB) (Free:0 GB)

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 2E043828)
Partition 1: (Active) - (Size=930.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=880 MB) - (Type=27)

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 73736572)
Partition 1: (Not Active) - (Size=866 GB) - (Type=72)
Partition 2: (Not Active) - (Size=931.6 GB) - (Type=6C)
Partition 00: (Not Active) - (Size=0) - (Type=00) ATTENTION ===> 0 byte partition bootkit.
Partition 3: (Not Active) - (Size=224 KB) - (Type=00)

==================== End of Addition.txt =======================

[jaro3]

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“,
po jeho skončení - vše zatrhni (dej zatržítka vlevo od nálezů , do bílých políček)
- pak klikni na "Remove Selected"
- Počkej, dokud Status box nezobrazí " Removal finished, please review result "
- Klikni na "Open report " a pak na " Open TXT“ a zkopíruj ten log a vlož obsah té zprávy prosím sem. Log je možno nalézt v C:\ProgramData\RogueKiller\Logs - Zavři RogueKiller.


Předem upozorňuji , že zašifrované soubory a složky nepůjdou otevřít , proto je třeba je smazat. Neukládat nic na jiné médium!

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CreateRestorePoint:
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1638003504-3678973619-763609851-1001\...\Policies\Explorer: [NoSecurityTab] 1
ShortcutTarget: viva.ini.lnk -> C:\Users\kapit\AppData\viva.js (No File)
Task: {5FFCCB7F-3D99-48EE-9DEC-DA2CDDFEE938} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-03] (Google Inc -> Google Inc.)
Task: {8A7FC109-16AF-4D7A-8743-986348F1D12A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-03] (Google Inc -> Google Inc.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
SearchScopes: HKU\S-1-5-21-1638003504-3678973619-763609851-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
Handler: WSKVAllmytubechrome - {91AB862D-07B8-4A85 - No File
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
S3 ALSysIO; \??\C:\Users\kapit\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
(Emsisoft Ltd.) C:\Users\kapit\Downloads\decrypt_STOPDjvu.exe
C:\Users\kapit\AppData\Local\IconCache.db_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000147968 _____ C:\Users\kapit\AppData\Roaming\inst.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000123264 _____ C:\Users\kapit\AppData\Roaming\pcouffin.sys_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000011776 _____ C:\Users\kapit\AppData\Roaming\pcouffin.cat_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000003328 _____ C:\Users\kapit\AppData\Roaming\ID-I .js_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000001792 _____ C:\Users\kapit\AppData\Roaming\pcouffin.inf_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000000128 _____ C:\Users\kapit\AppData\Roaming\pcouffin.log_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000000128 _____ C:\Users\kapit\AppData\Local\resmon.resmoncfg_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000000000 _____ C:\Users\kapit\AppData\Roaming\01.js_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000000000 _____ C:\Users\kapit\AppData\Local\oobelibMkey.log_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:30 - 2020-03-21 23:30 - 000000512 _____ C:\Users\Public\Documents\desktop.ini_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:30 - 2020-03-21 23:30 - 000000384 _____ C:\Users\Public\Downloads\desktop.ini_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 001479296 _____ C:\Users\kapit\Downloads\youtube-downloader_setup_full235.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 001470976 _____ C:\Users\kapit\Downloads\mobilego_setup_full818.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 001453824 _____ C:\Users\kapit\Downloads\Realterm_2.0.0.70_setup.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 001277696 _____ C:\Users\kapit\Downloads\slimdrivers-setup.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 000867072 _____ C:\Users\kapit\Downloads\Zivotni_pojisteni_049240251_93900382.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 000362624 _____ C:\Users\kapit\Downloads\Firefox Setup Stub 49.0.2.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 000360832 _____ C:\Users\kapit\Downloads\Firefox_44.0.2.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 000327936 _____ C:\Users\kapit\Downloads\Informační list.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 000305408 _____ C:\Users\kapit\Downloads\TypeApp-Desktop-Installer.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 000278400 _____ C:\Users\kapit\Downloads\slevomat-cz-voucher-zamecky-wellness-pobyt-v-krasnem-chateau-kynsperk-9057887460K-735.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 000273920 _____ C:\Users\kapit\Downloads\dp105-3m-scotch-weld-technicky-list-cz.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 000263424 _____ C:\Users\kapit\Downloads\Ticketpro-eTicket-6213395.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 000125952 _____ C:\Users\kapit\Downloads\MSJR1_3-D_S Controller Operation Manual.docx_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 000090624 _____ C:\Users\kapit\Downloads\zadost_o_vraceni_ridicskeho_opravneni.doc_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 000024704 _____ C:\Users\kapit\Downloads\Stáhnout z Facebook _.html_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 000011520 _____ C:\Users\kapit\Downloads\Zadost-o-upusteni-od-vykonu-zbytku-trestu-zakazu-cinnosti.docx_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 000000512 _____ C:\Users\kapit\Downloads\desktop.ini_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2020-03-21 23:15 - 001540864 _____ C:\Users\kapit\Documents\IMG_20190828_0001.jpg_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2020-03-21 23:15 - 001515904 _____ C:\Users\kapit\Documents\IMG_20190828_0003.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2020-03-21 23:15 - 001136256 _____ C:\Users\kapit\Documents\IMG_20190703_0006.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2020-03-21 23:15 - 000992256 _____ C:\Users\kapit\Documents\IMG_20190703_0007.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2020-03-21 23:15 - 000974208 _____ C:\Users\kapit\Documents\IMG_20190828_0002.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2020-03-21 23:15 - 000439552 _____ C:\Users\kapit\Documents\IMG_20190703_0004.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2020-03-21 23:15 - 000438016 _____ C:\Users\kapit\Documents\IMG_20190703_0001.jpg_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2020-03-21 23:15 - 000390016 _____ C:\Users\kapit\Documents\IMG_20190703_0002.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2020-03-21 23:15 - 000236032 _____ C:\Users\kapit\Documents\IMG_20190703_0003.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2020-03-21 23:15 - 000198528 _____ C:\Users\kapit\Documents\IMG_20190703_0005.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2020-03-21 23:15 - 000168832 _____ C:\Users\kapit\Documents\Fotokniha.pbf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2020-03-21 23:15 - 000019712 _____ C:\Users\kapit\Documents\Zadost-o-upusteni-od-vykonu-zbytku-trestu-zakazu-cinnosti - Smitka.docx_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2020-03-21 23:15 - 000019328 _____ C:\Users\kapit\Documents\seznam dvd (inzerce).docx_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2020-03-21 23:15 - 000003456 _____ C:\Users\kapit\Desktop\WhatsApp.lnk_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2020-03-21 23:15 - 000000640 _____ C:\Users\kapit\Documents\desktop.ini_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2020-03-21 23:15 - 000000000 _____ C:\Users\kapit\AppData\viva.js_ID_1447932999_krastoken@gmail.com.google
2020-03-21 22:14 - 2020-03-21 22:14 - 000251904 _____ C:\Users\kapit\oorwiz4r.dll_ID_1447932999_krastoken@gmail.com.google
2020-03-21 22:14 - 2020-03-21 22:14 - 000002688 _____ C:\Users\kapit\readme.txt_ID_1447932999_krastoken@gmail.com.google
2020-03-21 22:14 - 2020-03-21 22:14 - 000000384 _____ C:\Users\Public\desktop.ini_ID_1447932999_krastoken@gmail.com.google
2020-03-21 22:14 - 2020-03-21 22:14 - 000000128 _____ C:\Users\kapit\ntuser.ini_ID_1447932999_krastoken@gmail.com.google
2020-03-21 21:03 - 2020-03-21 21:03 - 000000000 _____ C:\ProgramData\DP45977C.lfl_ID_1447932999_krastoken@gmail.com.google
2020-03-18 16:10 - 2020-03-21 23:16 - 016723968 _____ C:\Users\kapit\Downloads\RemoteDesktop_1.2.675.0_x64.msi_ID_1447932999_krastoken@gmail.com.google
2020-03-18 12:01 - 2020-03-21 23:15 - 004690069 _____ C:\Users\kapit\Documents\Nový svazek (D) března-18 12_01.ddwscan_ID_1447932999_krastoken@gmail.com.google
2020-03-17 15:01 - 2020-03-22 00:07 - 003704888 _____ C:\Users\kapit\AppData\Roaming\signed.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-08 13:17 - 2020-03-21 23:16 - 005562976 _____ C:\Users\kapit\Downloads\rcsetup153.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-05 18:26 - 2020-03-21 23:16 - 001136200 _____ C:\Users\kapit\Downloads\CZ -UNU7300.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-05 18:00 - 2020-03-21 23:16 - 006847011 _____ C:\Users\kapit\Downloads\Návod k použití CZ (1).pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2019-10-31 06:30 - 170539602 _____ C:\Users\kapit\AppData\Roaming\MiniTool.Power.Data.Recovery.8.6.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2019-10-23 18:00 - 048665024 _____ C:\Users\kapit\AppData\Roaming\disk-drill-win.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-02-20 00:18 - 001270848 _____ C:\Users\kapit\Downloads\Core-Temp-setup.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-01-30 19:00 - 050138704 _____ C:\Users\kapit\Downloads\mpnx_5_1-win-5_1_1-ea23_2.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-01-30 18:59 - 005824024 _____ C:\Users\kapit\Downloads\mypr-win-3_3_0-ea11_2.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-01-30 18:27 - 308689808 _____ C:\Users\kapit\Downloads\mig_-win-3_6_4-ea31_2.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-01-30 18:21 - 027020160 _____ C:\Users\kapit\Downloads\mp68-win-mp230-1_04-ea32_2.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2019-11-17 19:31 - 007589861 _____ C:\Users\kapit\Downloads\Loukotova_Kristyna.docx_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2019-09-19 20:56 - 050978352 _____ C:\Users\kapit\Downloads\win-mg3500-1_1-mcd.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2019-09-04 17:10 - 045342266 _____ C:\Users\kapit\Downloads\Návod k použití CZ.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2019-09-04 16:55 - 007593126 _____ C:\Users\kapit\Downloads\CZE_HMUDVBEUJ-1.312.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2019-08-19 20:35 - 001457309 _____ C:\Users\kapit\Downloads\MSJR1_3-D_S Controller Operation Manual.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2019-07-21 15:00 - 018630400 _____ C:\Users\kapit\Downloads\revosetup.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2019-07-19 20:27 - 002339208 _____ C:\Users\kapit\Downloads\mixmeister_pro_4064830242.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2019-07-19 20:17 - 027908264 _____ C:\Users\kapit\Downloads\audacity-win-2.3.2.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2019-07-19 20:15 - 050258248 _____ C:\Users\kapit\Downloads\install_virtualdj_pc_v8.2.3936.msi_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2019-06-20 17:26 - 025448448 _____ C:\Users\kapit\Downloads\4kvideodownloader_4.7.3.msi_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2019-04-22 12:10 - 040294303 _____ C:\Users\kapit\Downloads\General_CMS_V3.1.0.3.T.20151026.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2019-04-18 18:58 - 005147336 _____ C:\Users\kapit\Downloads\tcmd922ax64.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2019-04-18 18:44 - 173838160 _____ C:\Users\kapit\Downloads\New_PC_Studio_1.5.1.10064_2.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2019-03-11 16:07 - 139868088 _____ C:\Users\kapit\Downloads\WhatsAppSetup.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2019-02-19 18:58 - 008416679 _____ C:\Users\kapit\Downloads\giphy.gif_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2018-11-16 08:36 - 028626280 _____ C:\Users\kapit\Downloads\winamp5666_full_all.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2018-11-12 20:40 - 896488400 _____ C:\Users\kapit\Downloads\Corel Draw Graphics Suite X7 +CZ %2F serial generator + navod.rar_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2018-10-23 00:05 - 259852854 _____ C:\Users\kapit\Downloads\facebook-donJuanAmbrozNandigoSurioMarioIvanezToreanorez.zip_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2018-10-15 23:05 - 348696160 _____ C:\Users\kapit\Downloads\HappyFoto-Designer.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2018-10-10 21:59 - 101460048 _____ C:\Users\kapit\Downloads\facebook-jansmitka94.zip_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2018-09-10 11:15 - 009330032 _____ C:\Users\kapit\Downloads\Samsung-Usb-Driver-v1.5.55.0.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2018-07-23 10:38 - 001876360 _____ C:\Users\kapit\Downloads\FFSetupLatest.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2018-07-23 00:02 - 155421664 _____ C:\Users\kapit\Downloads\windows-movie-maker.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2018-07-01 15:26 - 041465128 _____ C:\Users\kapit\Downloads\vlc-3.0.3-win64.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2018-06-24 20:58 - 020367104 _____ C:\Users\kapit\Downloads\TeamViewer_Setup.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2018-06-19 23:09 - 001130840 _____ C:\Users\kapit\Downloads\installbackupandsync.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2018-05-08 18:53 - 001129816 _____ C:\Users\kapit\Downloads\GoogleEarthProSetup.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2018-05-05 16:22 - 021170376 _____ C:\Users\kapit\Downloads\picasa39-setup.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2018-05-03 19:32 - 011706368 _____ C:\Users\kapit\Downloads\chromeremotedesktophost.msi_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2018-05-01 17:42 - 034163608 _____ C:\Users\kapit\Downloads\Firefox Setup 55.0.2.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2018-04-28 18:45 - 2029942882 _____ C:\Users\kapit\Downloads\Microsoft Office 2016 CZ 32 a 64bit FUNKČNÍ !!!.rar_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2017-12-03 23:36 - 002220872 _____ C:\Users\kapit\Downloads\winrar-x64-550.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2019-07-03 22:31 - 001406034 _____ C:\Users\kapit\Documents\IMG_20190703_0009.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2019-07-03 21:53 - 025923484 _____ C:\Users\kapit\Documents\IMG_20190703_0008.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2019-06-18 20:39 - 002362598 _____ C:\Users\kapit\Documents\Boretin.pds_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2019-02-11 22:57 - 002451600 _____ C:\Users\kapit\Documents\Exekuce.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2019-01-29 21:00 - 002120510 _____ C:\Users\kapit\Documents\kámoši.pds_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2018-11-13 20:39 - 1711428500 _____ C:\Users\kapit\Downloads\Adobe Photoshop CC 2018 CZ (v19.1) (64bit) + Crack [Kedar_CZ].rar_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2018-10-28 12:42 - 025133056 _____ C:\Users\kapit\Downloads\4kvideodownloader_4.4.11_x64.msi_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2018-07-24 21:50 - 001399847 _____ C:\Users\kapit\Documents\konop.2.pds_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2018-07-23 22:25 - 001307266 _____ C:\Users\kapit\Documents\konopiště.pds_ID_1447932999_krastoken@gmail.com.google
2020-03-21 22:14 - 2019-07-25 14:51 - 003580280 _____ C:\Users\kapit\ooviewer.dll_ID_1447932999_krastoken@gmail.com.google
2020-03-21 22:14 - 2019-07-25 14:50 - 004388728 _____ C:\Users\kapit\oodrsurs.dll_ID_1447932999_krastoken@gmail.com.google
2020-03-21 22:14 - 2019-07-25 14:50 - 001644920 _____ C:\Users\kapit\oodrrs.dll_ID_1447932999_krastoken@gmail.com.google
2020-03-21 22:14 - 2018-06-22 15:38 - 004820256 _____ C:\Users\kapit\oorwiz4.dll_ID_1447932999_krastoken@gmail.com.google
2020-03-21 22:14 - 2018-06-22 15:38 - 003319584 _____ C:\Users\kapit\oosu.dll_ID_1447932999_krastoken@gmail.com.google
2020-03-21 22:14 - 2018-04-17 16:59 - 002665248 _____ C:\Users\kapit\ooliveupdate.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000000000 _____ () C:\Users\kapit\AppData\Roaming\01.js_ID_1447932999_krastoken@gmail.com.google
2019-10-23 18:00 - 2020-03-22 00:07 - 048665024 _____ () C:\Users\kapit\AppData\Roaming\disk-drill-win.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000003328 _____ () C:\Users\kapit\AppData\Roaming\ID-I .js_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000147968 _____ () C:\Users\kapit\AppData\Roaming\inst.exe_ID_1447932999_krastoken@gmail.com.google
2019-10-31 06:30 - 2020-03-22 00:07 - 170539602 _____ () C:\Users\kapit\AppData\Roaming\MiniTool.Power.Data.Recovery.8.6.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000011776 _____ () C:\Users\kapit\AppData\Roaming\pcouffin.cat_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000001792 _____ () C:\Users\kapit\AppData\Roaming\pcouffin.inf_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000000128 _____ () C:\Users\kapit\AppData\Roaming\pcouffin.log_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000123264 _____ () C:\Users\kapit\AppData\Roaming\pcouffin.sys_ID_1447932999_krastoken@gmail.com.google
2020-03-17 15:01 - 2020-03-22 00:07 - 003704888 _____ () C:\Users\kapit\AppData\Roaming\signed.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000000000 _____ () C:\Users\kapit\AppData\Local\oobelibMkey.log_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000000128 _____ () C:\Users\kapit\AppData\Local\resmon.resmoncfg_ID_1447932999_krastoken@gmail.com.google
CustomCLSID: HKU\S-1-5-21-1638003504-3678973619-763609851-1001_Classes\CLSID\{b6905d38-2ca7-41f7-8557-38ac84ddec2e}\localserver32 -> "C:\Users\kapit\AppData\Local\Apps\Remote Desktop\msrdcw.exe" -ToastActivated => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\ProgramData\TEMP:6DDED7D9 [155]
C:\Users\kapit\AppData\Roaming\01.js
C:\Program Files (x86)\SHAREit\files\share\it.exe
C:\Users\kapit\Downloads\takeout-20151003T123036Z-2\Takeout\Disk\Cheat-Engine-6.2.exe

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

Drive c: () (Fixed) (Total:930.31 GB) (Free:97.2 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Totální nedostatek volného místa na disku!! Něco odinstaluj , smaž. Máš mít nejméně 15-20% volného místa na syst. disku , pro zajištění bezproblémového chodu windows!!

[nandigo]

RogueKiller Anti-Malware V14.3.0.0 (x64) [Mar 23 2020] (Free) by Adlice Software
mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.18362) 64 bits
Started in : Normal mode
User : kapit [Administrator]
Started from : C:\Users\kapit\Desktop\RogueKiller_portable64.exe
Signatures : 20200326_090727, Driver : Loaded
Mode : Standard Scan, Scan -- Date : 2020/03/26 21:25:30 (Duration : 01:01:20)

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

[nandigo]

Fix result of Farbar Recovery Scan Tool (x64) Version: 26-03-2020
Ran by kapit (26-03-2020 23:07:38) Run:1
Running from C:\Users\kapit\Desktop
Loaded Profiles: kapit (Available Profiles: kapit)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1638003504-3678973619-763609851-1001\...\Policies\Explorer: [NoSecurityTab] 1
ShortcutTarget: viva.ini.lnk -> C:\Users\kapit\AppData\viva.js (No File)
Task: {5FFCCB7F-3D99-48EE-9DEC-DA2CDDFEE938} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-03] (Google Inc -> Google Inc.)
Task: {8A7FC109-16AF-4D7A-8743-986348F1D12A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-03] (Google Inc -> Google Inc.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
SearchScopes: HKU\S-1-5-21-1638003504-3678973619-763609851-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
Handler: WSKVAllmytubechrome - {91AB862D-07B8-4A85 - No File
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
S3 ALSysIO; \??\C:\Users\kapit\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
(Emsisoft Ltd.) C:\Users\kapit\Downloads\decrypt_STOPDjvu.exe
C:\Users\kapit\AppData\Local\IconCache.db_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000147968 _____ C:\Users\kapit\AppData\Roaming\inst.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000123264 _____ C:\Users\kapit\AppData\Roaming\pcouffin.sys_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000011776 _____ C:\Users\kapit\AppData\Roaming\pcouffin.cat_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000003328 _____ C:\Users\kapit\AppData\Roaming\ID-I .js_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000001792 _____ C:\Users\kapit\AppData\Roaming\pcouffin.inf_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000000128 _____ C:\Users\kapit\AppData\Roaming\pcouffin.log_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000000128 _____ C:\Users\kapit\AppData\Local\resmon.resmoncfg_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000000000 _____ C:\Users\kapit\AppData\Roaming\01.js_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000000000 _____ C:\Users\kapit\AppData\Local\oobelibMkey.log_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:30 - 2020-03-21 23:30 - 000000512 _____ C:\Users\Public\Documents\desktop.ini_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:30 - 2020-03-21 23:30 - 000000384 _____ C:\Users\Public\Downloads\desktop.ini_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 001479296 _____ C:\Users\kapit\Downloads\youtube-downloader_setup_full235.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 001470976 _____ C:\Users\kapit\Downloads\mobilego_setup_full818.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 001453824 _____ C:\Users\kapit\Downloads\Realterm_2.0.0.70_setup.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 001277696 _____ C:\Users\kapit\Downloads\slimdrivers-setup.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 000867072 _____ C:\Users\kapit\Downloads\Zivotni_pojisteni_049240251_93900382.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 000362624 _____ C:\Users\kapit\Downloads\Firefox Setup Stub 49.0.2.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 000360832 _____ C:\Users\kapit\Downloads\Firefox_44.0.2.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 000327936 _____ C:\Users\kapit\Downloads\Informační list.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 000305408 _____ C:\Users\kapit\Downloads\TypeApp-Desktop-Installer.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 000278400 _____ C:\Users\kapit\Downloads\slevomat-cz-voucher-zamecky-wellness-pobyt-v-krasnem-chateau-kynsperk-9057887460K-735.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 000273920 _____ C:\Users\kapit\Downloads\dp105-3m-scotch-weld-technicky-list-cz.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 000263424 _____ C:\Users\kapit\Downloads\Ticketpro-eTicket-6213395.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 000125952 _____ C:\Users\kapit\Downloads\MSJR1_3-D_S Controller Operation Manual.docx_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 000090624 _____ C:\Users\kapit\Downloads\zadost_o_vraceni_ridicskeho_opravneni.doc_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 000024704 _____ C:\Users\kapit\Downloads\Stáhnout z Facebook _.html_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 000011520 _____ C:\Users\kapit\Downloads\Zadost-o-upusteni-od-vykonu-zbytku-trestu-zakazu-cinnosti.docx_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-03-21 23:16 - 000000512 _____ C:\Users\kapit\Downloads\desktop.ini_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2020-03-21 23:15 - 001540864 _____ C:\Users\kapit\Documents\IMG_20190828_0001.jpg_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2020-03-21 23:15 - 001515904 _____ C:\Users\kapit\Documents\IMG_20190828_0003.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2020-03-21 23:15 - 001136256 _____ C:\Users\kapit\Documents\IMG_20190703_0006.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2020-03-21 23:15 - 000992256 _____ C:\Users\kapit\Documents\IMG_20190703_0007.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2020-03-21 23:15 - 000974208 _____ C:\Users\kapit\Documents\IMG_20190828_0002.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2020-03-21 23:15 - 000439552 _____ C:\Users\kapit\Documents\IMG_20190703_0004.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2020-03-21 23:15 - 000438016 _____ C:\Users\kapit\Documents\IMG_20190703_0001.jpg_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2020-03-21 23:15 - 000390016 _____ C:\Users\kapit\Documents\IMG_20190703_0002.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2020-03-21 23:15 - 000236032 _____ C:\Users\kapit\Documents\IMG_20190703_0003.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2020-03-21 23:15 - 000198528 _____ C:\Users\kapit\Documents\IMG_20190703_0005.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2020-03-21 23:15 - 000168832 _____ C:\Users\kapit\Documents\Fotokniha.pbf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2020-03-21 23:15 - 000019712 _____ C:\Users\kapit\Documents\Zadost-o-upusteni-od-vykonu-zbytku-trestu-zakazu-cinnosti - Smitka.docx_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2020-03-21 23:15 - 000019328 _____ C:\Users\kapit\Documents\seznam dvd (inzerce).docx_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2020-03-21 23:15 - 000003456 _____ C:\Users\kapit\Desktop\WhatsApp.lnk_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2020-03-21 23:15 - 000000640 _____ C:\Users\kapit\Documents\desktop.ini_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2020-03-21 23:15 - 000000000 _____ C:\Users\kapit\AppData\viva.js_ID_1447932999_krastoken@gmail.com.google
2020-03-21 22:14 - 2020-03-21 22:14 - 000251904 _____ C:\Users\kapit\oorwiz4r.dll_ID_1447932999_krastoken@gmail.com.google
2020-03-21 22:14 - 2020-03-21 22:14 - 000002688 _____ C:\Users\kapit\readme.txt_ID_1447932999_krastoken@gmail.com.google
2020-03-21 22:14 - 2020-03-21 22:14 - 000000384 _____ C:\Users\Public\desktop.ini_ID_1447932999_krastoken@gmail.com.google
2020-03-21 22:14 - 2020-03-21 22:14 - 000000128 _____ C:\Users\kapit\ntuser.ini_ID_1447932999_krastoken@gmail.com.google
2020-03-21 21:03 - 2020-03-21 21:03 - 000000000 _____ C:\ProgramData\DP45977C.lfl_ID_1447932999_krastoken@gmail.com.google
2020-03-18 16:10 - 2020-03-21 23:16 - 016723968 _____ C:\Users\kapit\Downloads\RemoteDesktop_1.2.675.0_x64.msi_ID_1447932999_krastoken@gmail.com.google
2020-03-18 12:01 - 2020-03-21 23:15 - 004690069 _____ C:\Users\kapit\Documents\Nový svazek (D) března-18 12_01.ddwscan_ID_1447932999_krastoken@gmail.com.google
2020-03-17 15:01 - 2020-03-22 00:07 - 003704888 _____ C:\Users\kapit\AppData\Roaming\signed.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-08 13:17 - 2020-03-21 23:16 - 005562976 _____ C:\Users\kapit\Downloads\rcsetup153.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-05 18:26 - 2020-03-21 23:16 - 001136200 _____ C:\Users\kapit\Downloads\CZ -UNU7300.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-05 18:00 - 2020-03-21 23:16 - 006847011 _____ C:\Users\kapit\Downloads\Návod k použití CZ (1).pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2019-10-31 06:30 - 170539602 _____ C:\Users\kapit\AppData\Roaming\MiniTool.Power.Data.Recovery.8.6.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2019-10-23 18:00 - 048665024 _____ C:\Users\kapit\AppData\Roaming\disk-drill-win.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-02-20 00:18 - 001270848 _____ C:\Users\kapit\Downloads\Core-Temp-setup.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-01-30 19:00 - 050138704 _____ C:\Users\kapit\Downloads\mpnx_5_1-win-5_1_1-ea23_2.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-01-30 18:59 - 005824024 _____ C:\Users\kapit\Downloads\mypr-win-3_3_0-ea11_2.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-01-30 18:27 - 308689808 _____ C:\Users\kapit\Downloads\mig_-win-3_6_4-ea31_2.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2020-01-30 18:21 - 027020160 _____ C:\Users\kapit\Downloads\mp68-win-mp230-1_04-ea32_2.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2019-11-17 19:31 - 007589861 _____ C:\Users\kapit\Downloads\Loukotova_Kristyna.docx_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2019-09-19 20:56 - 050978352 _____ C:\Users\kapit\Downloads\win-mg3500-1_1-mcd.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2019-09-04 17:10 - 045342266 _____ C:\Users\kapit\Downloads\Návod k použití CZ.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2019-09-04 16:55 - 007593126 _____ C:\Users\kapit\Downloads\CZE_HMUDVBEUJ-1.312.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2019-08-19 20:35 - 001457309 _____ C:\Users\kapit\Downloads\MSJR1_3-D_S Controller Operation Manual.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2019-07-21 15:00 - 018630400 _____ C:\Users\kapit\Downloads\revosetup.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2019-07-19 20:27 - 002339208 _____ C:\Users\kapit\Downloads\mixmeister_pro_4064830242.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2019-07-19 20:17 - 027908264 _____ C:\Users\kapit\Downloads\audacity-win-2.3.2.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2019-07-19 20:15 - 050258248 _____ C:\Users\kapit\Downloads\install_virtualdj_pc_v8.2.3936.msi_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2019-06-20 17:26 - 025448448 _____ C:\Users\kapit\Downloads\4kvideodownloader_4.7.3.msi_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2019-04-22 12:10 - 040294303 _____ C:\Users\kapit\Downloads\General_CMS_V3.1.0.3.T.20151026.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2019-04-18 18:58 - 005147336 _____ C:\Users\kapit\Downloads\tcmd922ax64.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2019-04-18 18:44 - 173838160 _____ C:\Users\kapit\Downloads\New_PC_Studio_1.5.1.10064_2.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2019-03-11 16:07 - 139868088 _____ C:\Users\kapit\Downloads\WhatsAppSetup.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2019-02-19 18:58 - 008416679 _____ C:\Users\kapit\Downloads\giphy.gif_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2018-11-16 08:36 - 028626280 _____ C:\Users\kapit\Downloads\winamp5666_full_all.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2018-11-12 20:40 - 896488400 _____ C:\Users\kapit\Downloads\Corel Draw Graphics Suite X7 +CZ %2F serial generator + navod.rar_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2018-10-23 00:05 - 259852854 _____ C:\Users\kapit\Downloads\facebook-donJuanAmbrozNandigoSurioMarioIvanezToreanorez.zip_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2018-10-15 23:05 - 348696160 _____ C:\Users\kapit\Downloads\HappyFoto-Designer.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2018-10-10 21:59 - 101460048 _____ C:\Users\kapit\Downloads\facebook-jansmitka94.zip_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2018-09-10 11:15 - 009330032 _____ C:\Users\kapit\Downloads\Samsung-Usb-Driver-v1.5.55.0.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2018-07-23 10:38 - 001876360 _____ C:\Users\kapit\Downloads\FFSetupLatest.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2018-07-23 00:02 - 155421664 _____ C:\Users\kapit\Downloads\windows-movie-maker.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2018-07-01 15:26 - 041465128 _____ C:\Users\kapit\Downloads\vlc-3.0.3-win64.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2018-06-24 20:58 - 020367104 _____ C:\Users\kapit\Downloads\TeamViewer_Setup.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2018-06-19 23:09 - 001130840 _____ C:\Users\kapit\Downloads\installbackupandsync.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2018-05-08 18:53 - 001129816 _____ C:\Users\kapit\Downloads\GoogleEarthProSetup.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2018-05-05 16:22 - 021170376 _____ C:\Users\kapit\Downloads\picasa39-setup.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2018-05-03 19:32 - 011706368 _____ C:\Users\kapit\Downloads\chromeremotedesktophost.msi_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2018-05-01 17:42 - 034163608 _____ C:\Users\kapit\Downloads\Firefox Setup 55.0.2.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2018-04-28 18:45 - 2029942882 _____ C:\Users\kapit\Downloads\Microsoft Office 2016 CZ 32 a 64bit FUNKČNÍ !!!.rar_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:16 - 2017-12-03 23:36 - 002220872 _____ C:\Users\kapit\Downloads\winrar-x64-550.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2019-07-03 22:31 - 001406034 _____ C:\Users\kapit\Documents\IMG_20190703_0009.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2019-07-03 21:53 - 025923484 _____ C:\Users\kapit\Documents\IMG_20190703_0008.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2019-06-18 20:39 - 002362598 _____ C:\Users\kapit\Documents\Boretin.pds_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2019-02-11 22:57 - 002451600 _____ C:\Users\kapit\Documents\Exekuce.pdf_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2019-01-29 21:00 - 002120510 _____ C:\Users\kapit\Documents\kámoši.pds_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2018-11-13 20:39 - 1711428500 _____ C:\Users\kapit\Downloads\Adobe Photoshop CC 2018 CZ (v19.1) (64bit) + Crack [Kedar_CZ].rar_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2018-10-28 12:42 - 025133056 _____ C:\Users\kapit\Downloads\4kvideodownloader_4.4.11_x64.msi_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2018-07-24 21:50 - 001399847 _____ C:\Users\kapit\Documents\konop.2.pds_ID_1447932999_krastoken@gmail.com.google
2020-03-21 23:15 - 2018-07-23 22:25 - 001307266 _____ C:\Users\kapit\Documents\konopiště.pds_ID_1447932999_krastoken@gmail.com.google
2020-03-21 22:14 - 2019-07-25 14:51 - 003580280 _____ C:\Users\kapit\ooviewer.dll_ID_1447932999_krastoken@gmail.com.google
2020-03-21 22:14 - 2019-07-25 14:50 - 004388728 _____ C:\Users\kapit\oodrsurs.dll_ID_1447932999_krastoken@gmail.com.google
2020-03-21 22:14 - 2019-07-25 14:50 - 001644920 _____ C:\Users\kapit\oodrrs.dll_ID_1447932999_krastoken@gmail.com.google
2020-03-21 22:14 - 2018-06-22 15:38 - 004820256 _____ C:\Users\kapit\oorwiz4.dll_ID_1447932999_krastoken@gmail.com.google
2020-03-21 22:14 - 2018-06-22 15:38 - 003319584 _____ C:\Users\kapit\oosu.dll_ID_1447932999_krastoken@gmail.com.google
2020-03-21 22:14 - 2018-04-17 16:59 - 002665248 _____ C:\Users\kapit\ooliveupdate.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000000000 _____ () C:\Users\kapit\AppData\Roaming\01.js_ID_1447932999_krastoken@gmail.com.google
2019-10-23 18:00 - 2020-03-22 00:07 - 048665024 _____ () C:\Users\kapit\AppData\Roaming\disk-drill-win.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000003328 _____ () C:\Users\kapit\AppData\Roaming\ID-I .js_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000147968 _____ () C:\Users\kapit\AppData\Roaming\inst.exe_ID_1447932999_krastoken@gmail.com.google
2019-10-31 06:30 - 2020-03-22 00:07 - 170539602 _____ () C:\Users\kapit\AppData\Roaming\MiniTool.Power.Data.Recovery.8.6.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000011776 _____ () C:\Users\kapit\AppData\Roaming\pcouffin.cat_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000001792 _____ () C:\Users\kapit\AppData\Roaming\pcouffin.inf_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000000128 _____ () C:\Users\kapit\AppData\Roaming\pcouffin.log_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000123264 _____ () C:\Users\kapit\AppData\Roaming\pcouffin.sys_ID_1447932999_krastoken@gmail.com.google
2020-03-17 15:01 - 2020-03-22 00:07 - 003704888 _____ () C:\Users\kapit\AppData\Roaming\signed.exe_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000000000 _____ () C:\Users\kapit\AppData\Local\oobelibMkey.log_ID_1447932999_krastoken@gmail.com.google
2020-03-22 00:07 - 2020-03-22 00:07 - 000000128 _____ () C:\Users\kapit\AppData\Local\resmon.resmoncfg_ID_1447932999_krastoken@gmail.com.google
CustomCLSID: HKU\S-1-5-21-1638003504-3678973619-763609851-1001_Classes\CLSID\{b6905d38-2ca7-41f7-8557-38ac84ddec2e}\localserver32 -> "C:\Users\kapit\AppData\Local\Apps\Remote Desktop\msrdcw.exe" -ToastActivated => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\ProgramData\TEMP:6DDED7D9 [155]
C:\Users\kapit\AppData\Roaming\01.js
C:\Program Files (x86)\SHAREit\files\share\it.exe
C:\Users\kapit\Downloads\takeout-20151003T123036Z-2\Takeout\Disk\Cheat-Engine-6.2.exe

EmptyTemp:
End

*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
"HKU\S-1-5-21-1638003504-3678973619-763609851-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSecurityTab" => removed successfully
"C:\Users\kapit\AppData\viva.js" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5FFCCB7F-3D99-48EE-9DEC-DA2CDDFEE938}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5FFCCB7F-3D99-48EE-9DEC-DA2CDDFEE938}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8A7FC109-16AF-4D7A-8743-986348F1D12A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A7FC109-16AF-4D7A-8743-986348F1D12A}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => moved successfully
HKU\S-1-5-21-1638003504-3678973619-763609851-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} => removed successfully
HKLM\Software\Classes\PROTOCOLS\Handler\WSKVAllmytubechrome => removed successfully
Handler: WSKVAllmytubechrome - {91AB862D-07B8-4A85 - No File => could not remove.: incorrect path.
"HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN" => not found
C:\Program Files\VideoLAN\VLC\npvlc.dll => moved successfully
"HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN" => not found
"C:\Program Files\VideoLAN\VLC\npvlc.dll" => not found
"HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN" => not found
"C:\Program Files\VideoLAN\VLC\npvlc.dll" => not found
"HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN" => not found
"C:\Program Files\VideoLAN\VLC\npvlc.dll" => not found
HKLM\System\CurrentControlSet\Services\ALSysIO => removed successfully
ALSysIO => service removed successfully
C:\Users\kapit\Downloads\decrypt_STOPDjvu.exe => No running process found
C:\Users\kapit\AppData\Local\IconCache.db_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\AppData\Roaming\inst.exe_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\AppData\Roaming\pcouffin.sys_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\AppData\Roaming\pcouffin.cat_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\AppData\Roaming\ID-I .js_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\AppData\Roaming\pcouffin.inf_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\AppData\Roaming\pcouffin.log_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\AppData\Local\resmon.resmoncfg_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\AppData\Roaming\01.js_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\AppData\Local\oobelibMkey.log_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\Public\Documents\desktop.ini_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\Public\Downloads\desktop.ini_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\youtube-downloader_setup_full235.exe_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\mobilego_setup_full818.exe_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\Realterm_2.0.0.70_setup.exe_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\slimdrivers-setup.exe_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\Zivotni_pojisteni_049240251_93900382.pdf_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\Firefox Setup Stub 49.0.2.exe_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\Firefox_44.0.2.exe_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\Informační list.pdf_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\TypeApp-Desktop-Installer.exe_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\slevomat-cz-voucher-zamecky-wellness-pobyt-v-krasnem-chateau-kynsperk-9057887460K-735.pdf_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\dp105-3m-scotch-weld-technicky-list-cz.pdf_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\Ticketpro-eTicket-6213395.pdf_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\MSJR1_3-D_S Controller Operation Manual.docx_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\zadost_o_vraceni_ridicskeho_opravneni.doc_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\Stáhnout z Facebook _.html_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\Zadost-o-upusteni-od-vykonu-zbytku-trestu-zakazu-cinnosti.docx_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\desktop.ini_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Documents\IMG_20190828_0001.jpg_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Documents\IMG_20190828_0003.pdf_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Documents\IMG_20190703_0006.pdf_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Documents\IMG_20190703_0007.pdf_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Documents\IMG_20190828_0002.pdf_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Documents\IMG_20190703_0004.pdf_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Documents\IMG_20190703_0001.jpg_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Documents\IMG_20190703_0002.pdf_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Documents\IMG_20190703_0003.pdf_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Documents\IMG_20190703_0005.pdf_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Documents\Fotokniha.pbf_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Documents\Zadost-o-upusteni-od-vykonu-zbytku-trestu-zakazu-cinnosti - Smitka.docx_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Documents\seznam dvd (inzerce).docx_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Desktop\WhatsApp.lnk_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Documents\desktop.ini_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\AppData\viva.js_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\oorwiz4r.dll_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\readme.txt_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\Public\desktop.ini_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\ntuser.ini_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\ProgramData\DP45977C.lfl_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\RemoteDesktop_1.2.675.0_x64.msi_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Documents\Nový svazek (D) března-18 12_01.ddwscan_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\AppData\Roaming\signed.exe_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\rcsetup153.exe_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\CZ -UNU7300.pdf_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\Návod k použití CZ (1).pdf_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\AppData\Roaming\MiniTool.Power.Data.Recovery.8.6.exe_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\AppData\Roaming\disk-drill-win.exe_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\Core-Temp-setup.exe_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\mpnx_5_1-win-5_1_1-ea23_2.exe_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\mypr-win-3_3_0-ea11_2.exe_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\mig_-win-3_6_4-ea31_2.exe_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\mp68-win-mp230-1_04-ea32_2.exe_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\Loukotova_Kristyna.docx_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\win-mg3500-1_1-mcd.exe_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\Návod k použití CZ.pdf_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\CZE_HMUDVBEUJ-1.312.pdf_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\MSJR1_3-D_S Controller Operation Manual.pdf_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\revosetup.exe_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\mixmeister_pro_4064830242.exe_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\audacity-win-2.3.2.exe_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\install_virtualdj_pc_v8.2.3936.msi_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\4kvideodownloader_4.7.3.msi_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\General_CMS_V3.1.0.3.T.20151026.exe_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\tcmd922ax64.exe_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\New_PC_Studio_1.5.1.10064_2.exe_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\WhatsAppSetup.exe_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\giphy.gif_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\winamp5666_full_all.exe_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\Corel Draw Graphics Suite X7 +CZ %2F serial generator + navod.rar_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\facebook-donJuanAmbrozNandigoSurioMarioIvanezToreanorez.zip_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\HappyFoto-Designer.exe_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\facebook-jansmitka94.zip_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\Samsung-Usb-Driver-v1.5.55.0.exe_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\FFSetupLatest.exe_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\windows-movie-maker.exe_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\vlc-3.0.3-win64.exe_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\TeamViewer_Setup.exe_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\installbackupandsync.exe_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\GoogleEarthProSetup.exe_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\picasa39-setup.exe_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\chromeremotedesktophost.msi_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\Firefox Setup 55.0.2.exe_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\Microsoft Office 2016 CZ 32 a 64bit FUNKČNÍ !!!.rar_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\winrar-x64-550.exe_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Documents\IMG_20190703_0009.pdf_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Documents\IMG_20190703_0008.pdf_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Documents\Boretin.pds_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Documents\Exekuce.pdf_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Documents\kámoši.pds_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\Adobe Photoshop CC 2018 CZ (v19.1) (64bit) + Crack [Kedar_CZ].rar_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Downloads\4kvideodownloader_4.4.11_x64.msi_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Documents\konop.2.pds_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\Documents\konopiště.pds_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\ooviewer.dll_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\oodrsurs.dll_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\oodrrs.dll_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\oorwiz4.dll_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\oosu.dll_ID_1447932999_krastoken@gmail.com.google => moved successfully
C:\Users\kapit\ooliveupdate.exe_ID_1447932999_krastoken@gmail.com.google => moved successfully
"C:\Users\kapit\AppData\Roaming\01.js_ID_1447932999_krastoken@gmail.com.google" => not found
"C:\Users\kapit\AppData\Roaming\disk-drill-win.exe_ID_1447932999_krastoken@gmail.com.google" => not found
"C:\Users\kapit\AppData\Roaming\ID-I .js_ID_1447932999_krastoken@gmail.com.google" => not found
"C:\Users\kapit\AppData\Roaming\inst.exe_ID_1447932999_krastoken@gmail.com.google" => not found
"C:\Users\kapit\AppData\Roaming\MiniTool.Power.Data.Recovery.8.6.exe_ID_1447932999_krastoken@gmail.com.google" => not found
"C:\Users\kapit\AppData\Roaming\pcouffin.cat_ID_1447932999_krastoken@gmail.com.google" => not found
"C:\Users\kapit\AppData\Roaming\pcouffin.inf_ID_1447932999_krastoken@gmail.com.google" => not found
"C:\Users\kapit\AppData\Roaming\pcouffin.log_ID_1447932999_krastoken@gmail.com.google" => not found
"C:\Users\kapit\AppData\Roaming\pcouffin.sys_ID_1447932999_krastoken@gmail.com.google" => not found
"C:\Users\kapit\AppData\Roaming\signed.exe_ID_1447932999_krastoken@gmail.com.google" => not found
"C:\Users\kapit\AppData\Local\oobelibMkey.log_ID_1447932999_krastoken@gmail.com.google" => not found
"C:\Users\kapit\AppData\Local\resmon.resmoncfg_ID_1447932999_krastoken@gmail.com.google" => not found
HKU\S-1-5-21-1638003504-3678973619-763609851-1001_Classes\CLSID\{b6905d38-2ca7-41f7-8557-38ac84ddec2e} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
C:\ProgramData\TEMP => ":6DDED7D9" ADS removed successfully
"C:\Users\kapit\AppData\Roaming\01.js" => not found
"C:\Program Files (x86)\SHAREit\files\share\it.exe" => not found
"C:\Users\kapit\Downloads\takeout-20151003T123036Z-2\Takeout\Disk\Cheat-Engine-6.2.exe" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 11034624 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 398719978 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 106622 B
Edge => 0 B
Chrome => 448521134 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 16324 B
NetworkService => 18190 B
kapit => 4382006 B

RecycleBin => 0 B
EmptyTemp: => 822.8 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 23:12:27 ====

[nandigo]

Takže čeho jsme tím vším docílili?

[jaro3]

Odstranili jsme nákazy.