Kontrola logu Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: memphisto, Mods_senior, Security team

huhto
Level 3.5
Level 3.5
Příspěvky: 709
Registrován: únor 14
Pohlaví: Nespecifikováno

Re: Kontrola logu

Příspěvekod huhto » 17 dub 2021 13:39

RogueKiller Anti-Malware V14.8.6.0 (x64) [Mar 24 2021] (Free) by Adlice Software
mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.19042) 64 bits
Started in : Normal mode
User : huhto [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Signatures : 20210415_121741, Driver : Loaded
Mode : Quick Scan, Scan -- Date : 2021/04/17 12:40:21 (Duration : 00:01:04)
Switches : -minimize

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤



Reklama
huhto
Level 3.5
Level 3.5
Příspěvky: 709
Registrován: únor 14
Pohlaví: Nespecifikováno

Re: Kontrola logu

Příspěvekod huhto » 17 dub 2021 13:40

tak,už to mam vše,mam počitač v pořadku?
Nemáte oprávnění prohlížet přiložené soubory.

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 41649
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Kontrola logu

Příspěvekod jaro3 » 17 dub 2021 15:52

Vypni antivir i firewall, RogueKiller, Malwarebytes Antimalware, windowsDefender
Stáhni Zoek.exe
http://download.bleepingcomputer.com/smeenk/zoek.exe
https://uloz.to/file/nFH1LwSrGioP/zoek1-rar

Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
-pozor , náběh programu může trvat déle.
Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log Zkopíruj sem celý obsah toho logu.
Pokud budou problémy , spusť zoek v nouz. režimu.


Vlož nový log z HJT + informuj o problémech.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

huhto
Level 3.5
Level 3.5
Příspěvky: 709
Registrován: únor 14
Pohlaví: Nespecifikováno

Re: Kontrola logu

Příspěvekod huhto » 17 dub 2021 18:48

Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by huhto on 17.04.2021 at 18:28:21,20.
Microsoft Windows 10 Pro 10.0.19042 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\huhto\Desktop\Nová složka\zoek1\zoek (1).exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2021-04-17-162646.log 1648 bytes

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\Program Files\ModifiableWindowsApps

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Users\huhto\AppData\Roaming\discord deleted
C:\Users\huhto\AppData\Roaming\alsoft.ini deleted
C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\huhto\AppData\Local\cache deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tpm-5bc-20d0-4a243f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-237c-14b4-4f8a7c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b18-a1c-4b6f17.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10e4-a54-cf0bc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10e4-a54-cf0dd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10e4-a54-cf0fe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10e4-a54-cf120.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10e4-a54-cf131.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10e4-a54-cf143.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10e4-a54-cf155.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10e4-a54-cf166.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10e4-a54-cf178.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10e4-a54-cf189.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10e4-a54-cf19b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10e4-a54-cf1ad.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10e4-a54-cf1ed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10e4-a54-cf21e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10e4-a54-cf23f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10e4-a54-cf261.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10e4-a54-cf272.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10e4-a54-cf2a3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-10e4-a54-cf2e4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1294-1eb8-9a0e5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1294-1eb8-9a0f7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1294-1eb8-9a0f9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1294-1eb8-9a10a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1294-1eb8-9a10c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1294-1eb8-9a10e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1294-1eb8-9a120.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1294-1eb8-9a122.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1294-1eb8-9a124.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1294-1eb8-9a136.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1294-1eb8-9a138.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1294-1eb8-9a13a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1294-1eb8-9a14b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1294-1eb8-9a14d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1294-1eb8-9a14f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1294-1eb8-9a161.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1294-1eb8-9a163.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1294-1eb8-9a165.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1294-1eb8-9a176.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-14ac-1bc4-cc873.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-14ac-1bc4-cc875.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-14ac-1bc4-cc887.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-14ac-1bc4-cc889.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-14ac-1bc4-cc89b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-14ac-1bc4-cc89d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-14ac-1bc4-cc89f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-14ac-1bc4-cc8b0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-14ac-1bc4-cc8b2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-14ac-1bc4-cc8b4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-14ac-1bc4-cc8c6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-14ac-1bc4-cc8c8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-14ac-1bc4-cc8ca.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-14ac-1bc4-cc8dc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-14ac-1bc4-cc8de.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-14ac-1bc4-cc8ef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-14ac-1bc4-cc8f1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-14ac-1bc4-cc8f3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-14ac-1bc4-cc905.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1780-1418-6bb03a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1780-1418-6bb08a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1780-1418-6bb0ac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1780-1418-6bb0cd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1780-1418-6bb12d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1780-1418-6bb13e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1780-1418-6bb150.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1780-1418-6bb190.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1780-1418-6bb1b2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1780-1418-6bb1c3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1780-1418-6bb1d5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1780-1418-6bb1f6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1780-1418-6bb227.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1780-1418-6bb287.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1780-1418-6bb2d7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1780-1418-6bb2e8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1780-1418-6bb30a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1780-1418-6bb31b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1780-1418-6bb31d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-185c-1bf8-37592e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-185c-1bf8-37595f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-185c-1bf8-375ac8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-185c-1bf8-375b38.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-185c-1bf8-375b59.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-185c-1bf8-375c07.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-185c-1bf8-375c38.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-185c-1bf8-375c49.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-185c-1bf8-375c5b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-185c-1bf8-375c9b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-185c-1bf8-375cad.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-185c-1bf8-375cce.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-185c-1bf8-375ce0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-185c-1bf8-375d30.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-185c-1bf8-375d42.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-185c-1bf8-375d53.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-185c-1bf8-375d94.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-185c-1bf8-375db5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-185c-1bf8-375dd6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19b4-2144-994ef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19b4-2144-99500.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19b4-2144-99502.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19b4-2144-99504.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19b4-2144-99516.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19b4-2144-99518.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19b4-2144-9951a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19b4-2144-9952b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19b4-2144-9952d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19b4-2144-9952f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19b4-2144-99541.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19b4-2144-99543.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19b4-2144-99545.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19b4-2144-99557.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19b4-2144-99559.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19b4-2144-9955b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19b4-2144-9956c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19b4-2144-9956e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19b4-2144-99580.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e28-2550-1bf3a1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e28-2550-1bf3b3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e28-2550-1bf3b5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e28-2550-1bf3c6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e28-2550-1bf3c8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e28-2550-1bf3da.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e28-2550-1bf3dc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e28-2550-1bf3de.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e28-2550-1bf3f0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e28-2550-1bf3f2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e28-2550-1bf3f4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e28-2550-1bf405.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e28-2550-1bf407.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e28-2550-1bf419.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e28-2550-1bf41b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e28-2550-1bf41d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e28-2550-1bf42f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e28-2550-1bf431.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e28-2550-1bf433.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eb4-4f0-12acc0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eb4-4f0-12acd2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eb4-4f0-12acd4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eb4-4f0-12acd6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eb4-4f0-12ace8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eb4-4f0-12acea.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eb4-4f0-12acec.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eb4-4f0-12acfd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eb4-4f0-12acff.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eb4-4f0-12ad11.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eb4-4f0-12ad13.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eb4-4f0-12ad15.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eb4-4f0-12ad27.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eb4-4f0-12ad29.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eb4-4f0-12ad2b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eb4-4f0-12ad3c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eb4-4f0-12ad3e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eb4-4f0-12ad50.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eb4-4f0-12ad52.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-20d0-1d08-dcfc2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-20d0-1d08-dcfd3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-20d0-1d08-dcfe5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-20d0-1d08-dcfe7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-20d0-1d08-dcfe9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-20d0-1d08-dcffb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-20d0-1d08-dcffd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-20d0-1d08-dcfff.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-20d0-1d08-dd010.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-20d0-1d08-dd012.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-20d0-1d08-dd091.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-20d0-1d08-dd0d2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-20d0-1d08-dd170.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-20d0-1d08-dd1b0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-20d0-1d08-dd1e1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-20d0-1d08-dd203.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-20d0-1d08-dd253.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-20d0-1d08-dd439.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-20d0-1d08-dd46a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-213c-19a8-1f098c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-213c-19a8-1f099e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-213c-19a8-1f09a0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-213c-19a8-1f09b1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-213c-19a8-1f09b3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-213c-19a8-1f09b5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-213c-19a8-1f09c7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-213c-19a8-1f09c9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-213c-19a8-1f09da.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-213c-19a8-1f09dc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-213c-19a8-1f09ee.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-213c-19a8-1f09f0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-213c-19a8-1f0a02.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-213c-19a8-1f0a04.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-213c-19a8-1f0a06.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-213c-19a8-1f0a17.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-213c-19a8-1f0a19.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-213c-19a8-1f0a2b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-213c-19a8-1f0a2d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2178-6b4-99b57.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2178-6b4-99b69.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2178-6b4-99b7a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2178-6b4-99b9c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2178-6b4-99bec.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2178-6b4-99c0d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2178-6b4-99c3e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2178-6b4-99c6f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2178-6b4-99c90.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2178-6b4-99cb1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2178-6b4-99d30.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2178-6b4-99d52.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2178-6b4-99d63.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2178-6b4-99d65.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2178-6b4-99d77.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2178-6b4-99d88.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2178-6b4-99db9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2178-6b4-99eb5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2178-6b4-99f25.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-24c8-2440-9e531.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-24c8-2440-9e543.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-24c8-2440-9e545.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-24c8-2440-9e547.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-24c8-2440-9e559.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-24c8-2440-9e55b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-24c8-2440-9e55d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-24c8-2440-9e56e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-24c8-2440-9e570.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-24c8-2440-9e572.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-24c8-2440-9e584.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-24c8-2440-9e586.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-24c8-2440-9e588.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-24c8-2440-9e59a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-24c8-2440-9e59c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-24c8-2440-9e59e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-24c8-2440-9e5af.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-24c8-2440-9e5b1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-24c8-2440-9e5b3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25f0-252c-98d0f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25f0-252c-98d11.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25f0-252c-98d42.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25f0-252c-98d44.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25f0-252c-98d46.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25f0-252c-98d57.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25f0-252c-98d59.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25f0-252c-98d5b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25f0-252c-98d6d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25f0-252c-98d6f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25f0-252c-98d71.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25f0-252c-98d83.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25f0-252c-98d85.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25f0-252c-98d87.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25f0-252c-98da8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25f0-252c-98daa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25f0-252c-98dac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25f0-252c-98dbe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25f0-252c-98dc0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27f4-2234-99f20.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27f4-2234-99f22.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27f4-2234-99f34.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27f4-2234-99f36.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27f4-2234-99f38.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27f4-2234-99f49.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27f4-2234-99f4b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27f4-2234-99f4d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27f4-2234-99f5f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27f4-2234-99f61.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27f4-2234-99f72.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27f4-2234-99f74.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27f4-2234-99f76.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27f4-2234-99f88.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27f4-2234-99f8a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27f4-2234-99f8c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27f4-2234-99f9e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27f4-2234-99fa0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27f4-2234-99fb1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-15b0-bc9640.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-15b0-bc9680.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-15b0-bc9896.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-15b0-bc98e6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-15b0-bc9907.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-15b0-bc9919.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-15b0-bc992a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-15b0-bc993c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-15b0-bc994d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-15b0-bc994f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-15b0-bc9961.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-15b0-bc9973.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-15b0-bc9994.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-15b0-bc99b5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-15b0-bc99d6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-15b0-bc99f8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-15b0-bc9a09.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-15b0-bc9a3a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-15b0-bc9a4c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-298c-2a90-364879.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-298c-2a90-36488b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-298c-2a90-36489d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-298c-2a90-36489f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-298c-2a90-3648a1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-298c-2a90-3648b2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-298c-2a90-3648b4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-298c-2a90-3648b6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-298c-2a90-3648c8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-298c-2a90-3648ca.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-298c-2a90-3648cc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-298c-2a90-3648de.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-298c-2a90-3648e0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-298c-2a90-3648e2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-298c-2a90-3648f3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-298c-2a90-3648f5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-298c-2a90-364907.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-298c-2a90-364909.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-298c-2a90-36490b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2a3c-1bdc-31225c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2a3c-1bdc-31227d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2a3c-1bdc-31228f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2a3c-1bdc-3122b0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2a3c-1bdc-3122c2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2a3c-1bdc-3122d3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2a3c-1bdc-3122f5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2a3c-1bdc-312306.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2a3c-1bdc-312318.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2a3c-1bdc-312329.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2a3c-1bdc-31236a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2a3c-1bdc-31239b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2a3c-1bdc-3123bc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2a3c-1bdc-3123ce.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2a3c-1bdc-3123ff.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2a3c-1bdc-312420.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2a3c-1bdc-312441.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2a3c-1bdc-312453.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2a3c-1bdc-312493.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2a98-1c60-12982f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2a98-1c60-129840.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2a98-1c60-129842.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2a98-1c60-129854.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2a98-1c60-129856.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2a98-1c60-129858.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2a98-1c60-12986a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2a98-1c60-12986c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2a98-1c60-12987d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2a98-1c60-12987f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2a98-1c60-129891.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2a98-1c60-1298a3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2a98-1c60-129941.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2a98-1c60-1299fe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2a98-1c60-129a3f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2a98-1c60-129a50.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2a98-1c60-129a72.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2a98-1c60-129ad1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2a98-1c60-129ae3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4b0-d30-99c70.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4b0-d30-99c82.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4b0-d30-99c84.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4b0-d30-99c96.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4b0-d30-99c98.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4b0-d30-99c9a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4b0-d30-99cab.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4b0-d30-99cad.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4b0-d30-99cbf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4b0-d30-99cc1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4b0-d30-99cc3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4b0-d30-99cd5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4b0-d30-99cd7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4b0-d30-99cd9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4b0-d30-99cea.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4b0-d30-99cec.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4b0-d30-99cee.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4b0-d30-99d00.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4b0-d30-99d02.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-598-59c-a47b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-598-59c-a47d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-598-59c-a48e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-598-59c-a490.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-598-59c-a492.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-598-59c-a494.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-598-59c-a4a6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-598-59c-a4a8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-598-59c-a4aa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-598-59c-a4ac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-598-59c-a4be.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-598-59c-a4c0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-598-59c-a4c2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-598-59c-a4c4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-598-59c-a4d5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-598-59c-a4d7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-598-59c-a4d9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-598-59c-a4eb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-598-59c-a4ed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5bc-20d0-49f588.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5bc-20d0-49fb18.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5bc-20d0-49fe66.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5bc-20d0-49ff33.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5bc-20d0-4a06b7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5bc-20d0-4a07a3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5bc-20d0-4a0af1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5bc-20d0-4a0b60.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5bc-20d0-4a0e21.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5bc-20d0-4a0eb0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5bc-20d0-4a1038.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5bc-20d0-4a1125.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5bc-20d0-4a134a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5bc-20d0-4a13c9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5bc-20d0-4a15bf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5bc-20d0-4a164d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5bc-20d0-4a1ce7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5bc-20d0-4a1f0c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5bc-20d0-4a243e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-798-7ac-19f90a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-798-7ac-19f91b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-798-7ac-19f91d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-798-7ac-19f92f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-798-7ac-19f931.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-798-7ac-19f933.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-798-7ac-19f945.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-798-7ac-19f966.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-798-7ac-19f9b6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-798-7ac-19fa93.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-798-7ac-19fbdd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-798-7ac-19fc4c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-798-7ac-19fc6d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-798-7ac-19fcae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-798-7ac-19fcee.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-798-7ac-19fd00.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-798-7ac-19fd31.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-798-7ac-19fd71.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-798-7ac-19fd83.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8dc-28cc-2308dd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8dc-28cc-2308ee.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8dc-28cc-230910.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8dc-28cc-230931.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8dc-28cc-230952.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8dc-28cc-230973.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8dc-28cc-230985.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8dc-28cc-230997.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8dc-28cc-2309a8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8dc-28cc-2309ba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8dc-28cc-2309db.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8dc-28cc-2309fc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8dc-28cc-230a1e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8dc-28cc-230a3f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8dc-28cc-230a50.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8dc-28cc-230a72.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8dc-28cc-230a83.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8dc-28cc-230a95.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8dc-28cc-230aa7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b00-b04-2ab305.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b00-b04-2ab307.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b00-b04-2ab319.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b00-b04-2ab31b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b00-b04-2ab31d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b00-b04-2ab32e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b00-b04-2ab330.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b00-b04-2ab332.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b00-b04-2ab344.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b00-b04-2ab346.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b00-b04-2ab358.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b00-b04-2ab35a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b00-b04-2ab35c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b00-b04-2ab36d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b00-b04-2ab36f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b00-b04-2ab371.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b00-b04-2ab383.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b00-b04-2ab385.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b00-b04-2ab387.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b18-a1c-4b6eba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b18-a1c-4b6ebc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b18-a1c-4b6ebe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b18-a1c-4b6ec0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b18-a1c-4b6ed2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b18-a1c-4b6ed4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-b18-a1c-4b6ef5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ec4-27dc-3e8aac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ec4-27dc-3e8add.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ec4-27dc-3e8b1d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ec4-27dc-3e8b2f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ec4-27dc-3e8b40.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ec4-27dc-3e8b62.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ec4-27dc-3e8b83.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ec4-27dc-3e8b95.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ec4-27dc-3e8bb6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ec4-27dc-3e8be7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ec4-27dc-3e8bf8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ec4-27dc-3e8c1a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ec4-27dc-3e8c4a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ec4-27dc-3e8d46.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ec4-27dc-3e8d58.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ec4-27dc-3e8d6a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ec4-27dc-3e8d7b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ec4-27dc-3e8dac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ec4-27dc-3e8ddd.tmp deleted
"C:\ProgramData\mntemp" deleted
"C:\DumpStack.log.tmp" not deleted

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
ihcjicgdanjaechkgeegckofjjedodee - No path found[]

Chrome Media Router - huhto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

==== Reset Google Chrome ======================

C:\Users\huhto\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\huhto\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\huhto\AppData\Local\Microsoft\Edge\User Data\Default\Preferences was reset successfully
C:\Users\huhto\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences was reset successfully
C:\Users\huhto\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\huhto\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\huhto\AppData\Local\Microsoft\Edge\User Data\Default\Web Data was reset successfully
C:\Users\huhto\AppData\Local\Microsoft\Edge\User Data\Default\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\huhto\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\huhto\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Edge Cache ======================

Edge Cache Emptied Successfully

==== Empty Chrome Cache ======================

C:\Users\huhto\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\huhto\AppData\Local\Microsoft\Edge\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=793 folders=536 334848284 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\huhto\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\huhto\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\DumpStack.log.tmp" not deleted

==== EOF on 17.04.2021 at 18:46:09,23 ======================

huhto
Level 3.5
Level 3.5
Příspěvky: 709
Registrován: únor 14
Pohlaví: Nespecifikováno

Re: Kontrola logu

Příspěvekod huhto » 17 dub 2021 18:51

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:50:42, on 17.04.2021
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.19041.0001)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Users\huhto\Desktop\HijackThis.exe
C:\WINDOWS\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O1 - Hosts: ::1 localhost
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [Discord] C:\ProgramData\SquirrelMachineInstalls\Discord.exe --checkInstall
O4 - HKCU\..\Run: [OneDrive] "C:\Users\huhto\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Steam] "E:\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [EPSON SX125 Series] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGGE.EXE /FU "C:\WINDOWS\TEMP\E_S1CF6.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [com.squirrel.Teams.Teams] C:\Users\huhto\AppData\Local\Microsoft\Teams\Update.exe --processStart "Teams.exe" --process-start-args "--system-initiated"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD Crash Defender Service - Unknown owner - C:\WINDOWS\system32\amdfendrsr.exe (file missing)
O23 - Service: AMD External Events Utility - AMD - C:\WINDOWS\System32\DriverStore\FileRepository\u0360470.inf_amd64_35c64671e7fac064\B360357\atiesrxx.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_5d74e - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files\Google\Chrome\Application\90.0.4430.72\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: IObit Uninstaller Service (IObitUnSvr) - IObit - C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: Rockstar Game Library Service (Rockstar Service) - Rockstar Games - E:\Launcher\RockstarService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Universal Service (RtkAudioUniversalService) - Unknown owner - C:\WINDOWS\System32\RtkAudUService64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\steamservice.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8276 bytes
Tak,už je to vše,mam počitač v pořadku?děkuji za odpověd

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 41649
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Kontrola logu

Příspěvekod jaro3 » 17 dub 2021 20:11

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O1 - Hosts: ::1 localhost


Stáhni si zde DelFix
Další odkazy:
https://toolslib.net/downloads/viewdownload/2-delfix/
http://ccm.net/download/download-24087-delfix
https://www.bleepingcomputer.com/download/delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7, 8 a10 musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

huhto
Level 3.5
Level 3.5
Příspěvky: 709
Registrován: únor 14
Pohlaví: Nespecifikováno

Re: Kontrola logu

Příspěvekod huhto » 18 dub 2021 11:40

# DelFix v1.013 - Logfile created 18/04/2021 at 11:38:47
# Updated 17/04/2016 by Xplode
# Username : huhto - DESKTOP-SGEVLO1
# Operating System : Windows 10 Enterprise (64 bits)

~ Removing disinfection tools ...

Deleted : C:\Users\huhto\Desktop\HijackThis.exe
Deleted : C:\Users\huhto\Desktop\log.txt
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

~ Cleaning system restore ...

Deleted : RP #1 [zoek.exe restore point | 04/17/2021 16:24:58]

New restore point created !

########## - EOF - ##########
Tak už je to všechno,mam už počitač v pořadku?děkuji za odpověd

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 41649
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Kontrola logu

Příspěvekod jaro3 » 18 dub 2021 12:26

Měl by být , ale pokud chceš hloubkovou kontrolu , tak ještě:
Vypni antivir i firewall.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
další odkaz:
http://www.bleepingcomputer.com/downloa ... scan-tool/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

huhto
Level 3.5
Level 3.5
Příspěvky: 709
Registrován: únor 14
Pohlaví: Nespecifikováno

Re: Kontrola logu

Příspěvekod huhto » 18 dub 2021 14:01

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-04-2021
Ran by huhto (administrator) on DESKTOP-SGEVLO1 (18-04-2021 13:56:21)
Running from C:\Users\huhto\Desktop
Loaded Profiles: huhto
Platform: Windows 10 Pro Version 20H2 19042.928 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ABBYY SOLUTIONS LIMITED -> ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0360470.inf_amd64_35c64671e7fac064\B360357\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0360470.inf_amd64_35c64671e7fac064\B360357\atiesrxx.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <13>
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\Pub\imsctadn.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.BingWeather_4.46.30621.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.Word_16001.13801.20454.0_x64__8wekyb3d8bbwe\WordIm.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12101.1001.14.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [881440 2019-06-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [976320 2009-12-03] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [68822328 2021-04-06] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-1040710261-2495403586-1490062961-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [408896 2021-04-03] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1040710261-2495403586-1490062961-1001\...\Run: [Steam] => E:\Steam\steam.exe [4087528 2021-04-12] (Valve -> Valve Corporation)
HKU\S-1-5-21-1040710261-2495403586-1490062961-1001\...\Run: [EPSON SX125 Series] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGGE.EXE [224768 2009-09-14] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1040710261-2495403586-1490062961-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\huhto\AppData\Local\Microsoft\Teams\Update.exe [2453704 2021-04-07] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM\...\Print\Monitors\EPSON SX125 Series 64MonitorBE: C:\WINDOWS\system32\E_ILMGGE.DLL [118784 2008-11-12] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\90.0.4430.72\Installer\chrmstp.exe [2021-04-15] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {4000CA3A-99E3-48CD-A82F-1D0FF1770413} - System32\Tasks\Uninstaller_SkipUac_huhto => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [6701784 2021-03-24] (IObit Information Technology -> IObit)
Task: {6544D4D9-11F8-4AF2-AC59-2FD9AB89FFA0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {895E7E7E-6FD7-454B-8AE1-4121FE38D08D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-04-03] (Google LLC -> Google LLC)
Task: {A80801A9-F83D-4E90-AC8B-9ACD266DAC0F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-04-03] (Google LLC -> Google LLC)
Task: {E5767445-BCA9-4907-A94C-3091A5BBA243} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F336B461-E3B8-450A-B702-2434D7FEC837} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F67283D9-4640-44A4-9301-CC108D90B2DD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{e7b9a312-bccd-4efc-bd37-7ff075316e88}: [DhcpNameServer] 62.129.50.20 85.135.32.100

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\huhto\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-18]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

Chrome:
=======
CHR Profile: C:\Users\huhto\AppData\Local\Google\Chrome\User Data\Default [2021-04-18]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Extension: (Prezentace) - C:\Users\huhto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-04-17]
CHR Extension: (Dokumenty) - C:\Users\huhto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-04-17]
CHR Extension: (Disk Google) - C:\Users\huhto\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-04-17]
CHR Extension: (YouTube) - C:\Users\huhto\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-04-17]
CHR Extension: (FARMERAMA) - C:\Users\huhto\AppData\Local\Google\Chrome\User Data\Default\Extensions\clkfdgnfefjmciocbhnffnbpkjpdleca [2021-04-17]
CHR Extension: (Tabulky) - C:\Users\huhto\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-04-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\huhto\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-17]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\huhto\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-04-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\huhto\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-17]
CHR Extension: (Gmail) - C:\Users\huhto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-04-17]
CHR Extension: (Chrome Media Router) - C:\Users\huhto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-17]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY SOLUTIONS LIMITED -> ABBYY)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4993344 2021-04-03] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [158992 2020-10-19] (IObit Information Technology -> IObit)
S3 Rockstar Service; E:\Launcher\RockstarService.exe [1332632 2021-03-30] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5361256 2021-04-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12849960 2021-03-15] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe [2624104 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe [128376 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 AsrSetupDrv103; C:\WINDOWS\SysWOW64\Drivers\AsrSetupDrv103.sys [34568 2021-04-08] (ASROCK Incorporation -> RW-Everything) [File not signed]
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2021-04-03] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2021-04-03] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [43896 2020-07-31] (IObit Information Technology -> IObit)
R3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [37112 2020-07-31] (IObit Information Technology -> IObit)
R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [51128 2020-07-31] (IObit Information Technology -> IObit)
R3 MpKsl9a2c026c; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B7EF1E20-3BC6-43BF-BBE2-41BC12450C65}\MpKslDrv.sys [97528 2021-04-18] (Microsoft Windows -> Microsoft Corporation)
S3 MpKslc19bcecb; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B7EF1E20-3BC6-43BF-BBE2-41BC12450C65}\MpKslDrv.sys [97528 2021-04-18] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421088 2021-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72928 2021-04-11] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-18 13:56 - 2021-04-18 13:56 - 000013799 _____ C:\Users\huhto\Desktop\FRST.txt
2021-04-18 13:56 - 2021-04-18 13:56 - 000000000 ____D C:\FRST
2021-04-18 13:53 - 2021-04-18 13:53 - 002298368 _____ (Farbar) C:\Users\huhto\Desktop\FRST64.exe
2021-04-18 12:03 - 2021-04-18 12:03 - 000000000 ____D C:\Users\huhto\AppData\Local\PeerDistRepub
2021-04-18 11:38 - 2021-04-18 11:38 - 000000563 _____ C:\DelFix.txt
2021-04-18 11:17 - 2021-04-18 11:17 - 000000016 _____ C:\ProgramData\mntemp
2021-04-18 10:50 - 2021-04-18 10:50 - 002705497 _____ C:\Users\huhto\Desktop\package.zip
2021-04-17 20:05 - 2021-04-17 20:05 - 000001253 _____ C:\Users\huhto\Desktop\OpenRails reshade.lnk
2021-04-17 20:01 - 2021-04-17 20:01 - 000000025 _____ C:\Users\huhto\AppData\Roaming\alsoft.ini
2021-04-17 19:24 - 2021-04-17 19:24 - 059693930 _____ C:\Users\huhto\Desktop\OR_NewYear_MG.rar
2021-04-17 19:14 - 2021-04-17 19:57 - 000000000 ____D C:\Users\huhto\AppData\Local\TeamViewer
2021-04-17 19:14 - 2021-04-17 19:14 - 000001116 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2021-04-17 19:14 - 2021-04-17 19:14 - 000001104 _____ C:\Users\Public\Desktop\TeamViewer.lnk
2021-04-17 19:14 - 2021-04-17 19:14 - 000000000 ____D C:\Users\huhto\AppData\Roaming\TeamViewer
2021-04-17 19:13 - 2021-04-18 11:30 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-04-17 19:03 - 2021-04-17 20:48 - 000000000 ____D C:\Users\huhto\AppData\Roaming\discord
2021-04-17 18:54 - 2021-04-17 18:54 - 029028008 _____ (TeamViewer Germany GmbH) C:\Users\huhto\Desktop\TeamViewer_Setup.exe
2021-04-17 18:48 - 2021-04-17 18:51 - 000000000 ____D C:\ProgramData\ProductData
2021-04-17 18:44 - 2014-02-13 23:59 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2021-04-17 18:03 - 2021-04-17 18:03 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2021-04-16 22:58 - 2021-04-16 22:58 - 000002956 _____ C:\WINDOWS\system32\Tasks\Uninstaller_SkipUac_huhto
2021-04-16 12:18 - 2021-04-16 12:18 - 000000000 ____D C:\Users\huhto\AppData\Local\CrashDumps
2021-04-16 11:04 - 2021-04-16 11:04 - 000000030 _____ C:\Users\huhto\Desktop\ShapeViewer.bat
2021-04-16 11:04 - 2021-04-16 11:04 - 000000000 ____D C:\Users\huhto\Desktop\tsre_appdata
2021-04-16 11:03 - 2021-04-16 11:03 - 000000000 ____D C:\Users\huhto\Desktop\tsre_assets
2021-04-16 10:29 - 2021-04-16 11:04 - 000000035 _____ C:\Users\huhto\Desktop\cerecent.txt
2021-04-16 10:29 - 2021-04-16 11:04 - 000000028 _____ C:\Users\huhto\Desktop\ConsistEditor.bat
2021-04-16 10:29 - 2021-04-16 09:45 - 002078632 _____ (Malwarebytes) C:\Users\huhto\Desktop\MBSetup.exe
2021-04-16 10:29 - 2021-04-07 18:18 - 000002366 _____ C:\Users\huhto\Desktop\Microsoft Teams.lnk
2021-04-16 10:29 - 2021-04-06 14:07 - 000002237 _____ C:\Users\huhto\Desktop\Discord.lnk
2021-04-16 10:29 - 2021-04-06 14:04 - 068822328 _____ (Discord Inc.) C:\Users\huhto\Desktop\DiscordSetup.exe
2021-04-16 10:29 - 2021-04-04 14:01 - 155688664 _____ (Gameforge 4D GmbH ) C:\Users\huhto\Desktop\20180103_AION_Setup.exe
2021-04-16 10:29 - 2021-04-03 19:18 - 000000619 _____ C:\Users\huhto\Desktop\Rockstar Games Launcher.lnk
2021-04-16 10:29 - 2021-04-03 18:50 - 000000201 _____ C:\Users\huhto\Desktop\Grand Theft Auto IV The Complete Edition.url
2021-04-16 10:29 - 2021-04-03 18:35 - 001770744 _____ C:\Users\huhto\Desktop\SteamSetup.exe
2021-04-16 10:29 - 2021-04-03 16:13 - 000001149 _____ C:\Users\huhto\Desktop\settings.txt
2021-04-16 10:29 - 2021-04-03 16:13 - 000001044 _____ C:\Users\huhto\Desktop\ConsistEditor – zástupce.lnk
2021-04-16 10:29 - 2021-04-03 16:13 - 000001026 _____ C:\Users\huhto\Desktop\ShapeViewer – zástupce.lnk
2021-04-16 10:29 - 2021-04-03 16:11 - 022705664 _____ () C:\Users\huhto\Desktop\TSRE5_v0.7.002.exe
2021-04-16 10:29 - 2021-04-03 16:09 - 000873984 _____ C:\Users\huhto\Desktop\OpenAL32.dll
2021-04-16 10:29 - 2021-04-03 16:08 - 000001261 _____ C:\Users\huhto\Desktop\editor.lnk
2021-04-16 10:29 - 2021-04-03 16:00 - 000001135 _____ C:\Users\huhto\Desktop\OpenRails.lnk
2021-04-16 10:29 - 2021-04-03 11:38 - 000001122 _____ C:\Users\huhto\Desktop\WinRAR.lnk
2021-04-16 10:29 - 2021-02-13 14:34 - 000000436 _____ C:\Users\huhto\Desktop\Tento počítač – zástupce.lnk
2021-04-16 10:29 - 2020-12-07 13:28 - 000106442 _____ C:\Users\huhto\Desktop\Uvolnění-dítěte-ze-školní-družiny.pdf
2021-04-15 11:26 - 2021-04-15 11:26 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-04-15 11:26 - 2021-04-15 11:26 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-04-15 11:26 - 2021-04-15 11:26 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-04-10 19:04 - 2020-10-29 13:33 - 001783920 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-04-10 19:04 - 2020-10-29 13:33 - 001783920 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-04-10 19:04 - 2020-10-29 13:33 - 001374320 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-04-10 19:04 - 2020-10-29 13:33 - 001374320 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-04-10 19:04 - 2020-10-29 13:33 - 001085360 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-04-10 19:04 - 2020-10-29 13:33 - 001085360 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-04-10 19:04 - 2020-10-29 13:33 - 000944208 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-04-10 19:04 - 2020-10-29 13:33 - 000944208 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-04-10 19:04 - 2020-10-29 13:33 - 000736880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2021-04-10 19:04 - 2020-10-29 13:33 - 000046704 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2021-04-10 19:04 - 2020-10-29 13:33 - 000043632 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2021-04-10 19:04 - 2020-10-29 13:32 - 064809072 _____ C:\WINDOWS\system32\amd_comgr.dll
2021-04-10 19:04 - 2020-10-29 13:32 - 053684848 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2021-04-10 19:04 - 2020-10-29 13:32 - 004630640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2021-04-10 19:04 - 2020-10-29 13:32 - 004141168 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2021-04-10 19:04 - 2020-10-29 13:32 - 001774192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2021-04-10 19:04 - 2020-10-29 13:32 - 001341552 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2021-04-10 19:04 - 2020-10-29 13:32 - 001341552 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2021-04-10 19:04 - 2020-10-29 13:32 - 000760432 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2021-04-10 19:04 - 2020-10-29 13:32 - 000621168 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2021-04-10 19:04 - 2020-10-29 13:32 - 000496752 _____ C:\WINDOWS\system32\GameManager64.dll
2021-04-10 19:04 - 2020-10-29 13:32 - 000493168 _____ C:\WINDOWS\system32\dgtrayicon.exe
2021-04-10 19:04 - 2020-10-29 13:32 - 000468592 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2021-04-10 19:04 - 2020-10-29 13:32 - 000456304 _____ C:\WINDOWS\system32\atieah64.exe
2021-04-10 19:04 - 2020-10-29 13:32 - 000432752 _____ C:\WINDOWS\system32\EEURestart.exe
2021-04-10 19:04 - 2020-10-29 13:32 - 000380016 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2021-04-10 19:04 - 2020-10-29 13:32 - 000351856 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2021-04-10 19:04 - 2020-10-29 13:32 - 000339568 _____ C:\WINDOWS\system32\clinfo.exe
2021-04-10 19:04 - 2020-10-29 13:32 - 000245360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2021-04-10 19:04 - 2020-10-29 13:32 - 000213104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2021-04-10 19:04 - 2020-10-29 13:32 - 000186992 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2021-04-10 19:04 - 2020-10-29 13:32 - 000182392 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2021-04-10 19:04 - 2020-10-29 13:32 - 000167024 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2021-04-10 19:04 - 2020-10-29 13:32 - 000166512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2021-04-10 19:04 - 2020-10-29 13:32 - 000158656 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2021-04-10 19:04 - 2020-10-29 13:32 - 000156784 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2021-04-10 19:04 - 2020-10-29 13:32 - 000142448 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2021-04-10 19:04 - 2020-10-29 13:32 - 000140912 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2021-04-10 19:04 - 2020-10-29 13:32 - 000135792 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2021-04-10 19:04 - 2020-10-29 13:32 - 000134768 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-04-10 19:04 - 2020-10-29 13:32 - 000125552 _____ C:\WINDOWS\system32\atidxx64.dll
2021-04-10 19:04 - 2020-10-29 13:32 - 000122480 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2021-04-10 19:04 - 2020-10-29 13:32 - 000120432 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-04-10 19:04 - 2020-10-29 13:32 - 000107632 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2021-04-10 19:04 - 2020-10-29 13:32 - 000107120 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2021-04-10 19:04 - 2020-10-29 13:32 - 000090736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mcl64.dll
2021-04-10 19:04 - 2020-10-29 13:32 - 000075376 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mcl32.dll
2021-04-10 19:04 - 2020-10-29 13:32 - 000070256 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2021-04-10 19:04 - 2020-10-29 13:32 - 000019784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2021-04-10 19:04 - 2020-10-29 13:32 - 000019784 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2021-04-10 19:04 - 2020-10-29 13:31 - 071030384 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64.dll
2021-04-10 19:04 - 2020-10-29 13:31 - 001686016 _____ (AMD) C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll
2021-04-10 19:04 - 2020-10-29 13:31 - 001365368 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll
2021-04-10 19:04 - 2020-10-29 13:31 - 000941168 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2021-04-10 19:04 - 2020-10-29 13:31 - 000768624 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2021-04-10 19:04 - 2020-10-29 13:31 - 000553584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2021-04-10 19:04 - 2020-10-29 13:31 - 000546800 _____ C:\WINDOWS\system32\amdmiracast.dll
2021-04-10 19:04 - 2020-10-29 13:31 - 000489584 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2021-04-10 19:04 - 2020-10-29 13:31 - 000466544 _____ C:\WINDOWS\system32\amdlogum.exe
2021-04-10 19:04 - 2020-10-29 13:31 - 000383600 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2021-04-10 19:04 - 2020-10-29 13:31 - 000380016 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2021-04-10 19:04 - 2020-10-29 13:31 - 000198312 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2021-04-10 19:04 - 2020-10-29 13:31 - 000167400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2021-04-10 19:04 - 2020-10-29 13:31 - 000135928 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2021-04-10 19:04 - 2020-10-29 13:31 - 000130232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2021-04-10 19:04 - 2020-10-29 13:31 - 000130232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2021-04-10 19:04 - 2020-10-29 13:31 - 000120264 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2021-04-10 19:04 - 2020-10-29 13:31 - 000108248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2021-04-10 19:04 - 2020-10-29 13:31 - 000108248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2021-04-10 19:04 - 2020-10-29 12:29 - 000154384 _____ C:\WINDOWS\system32\samu_krnl_ci.sbin
2021-04-10 19:04 - 2020-10-29 12:29 - 000138832 _____ C:\WINDOWS\system32\samu_krnl_isv_ci.sbin
2021-04-10 19:04 - 2020-10-29 12:29 - 000125488 _____ C:\WINDOWS\system32\kapp_ci.sbin
2021-04-10 19:04 - 2020-10-29 12:29 - 000121168 _____ C:\WINDOWS\system32\kapp_si.sbin
2021-04-10 19:04 - 2020-10-29 12:28 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2021-04-10 19:04 - 2020-10-29 12:28 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2021-04-10 19:04 - 2020-10-29 12:28 - 000544256 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2021-04-10 19:04 - 2020-10-29 12:28 - 000544256 _____ C:\WINDOWS\system32\atiapfxx.blb
2021-04-10 19:04 - 2020-10-29 12:28 - 000204952 _____ C:\WINDOWS\SysWOW64\ativvsvl.dat
2021-04-10 19:04 - 2020-10-29 12:28 - 000204952 _____ C:\WINDOWS\system32\ativvsvl.dat
2021-04-10 19:04 - 2020-10-29 12:28 - 000157144 _____ C:\WINDOWS\SysWOW64\ativvsva.dat
2021-04-10 19:04 - 2020-10-29 12:28 - 000157144 _____ C:\WINDOWS\system32\ativvsva.dat
2021-04-10 19:04 - 2020-10-29 12:28 - 000069770 _____ C:\WINDOWS\system32\AMDKernelEvents.man
2021-04-10 11:10 - 2021-04-10 11:10 - 000000000 ____D C:\Users\huhto\AppData\Local\ATI
2021-04-10 11:04 - 2021-04-11 10:11 - 000000000 ____D C:\Users\huhto\AppData\Local\AMD
2021-04-10 11:02 - 2021-04-10 11:02 - 000000000 ____D C:\ProgramData\AMD
2021-04-10 10:54 - 2021-04-18 12:03 - 000000000 ____D C:\Users\huhto\AppData\Local\D3DSCache
2021-04-10 10:54 - 2021-04-10 19:11 - 000000000 ____D C:\Users\huhto\AppData\LocalLow\AMD
2021-04-10 10:50 - 2021-04-10 10:50 - 000301098 _____ C:\WINDOWS\ntbtlog.txt
2021-04-10 10:50 - 2021-04-10 10:50 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2021-04-08 19:14 - 2019-06-16 23:38 - 006857296 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2021-04-08 19:14 - 2019-06-16 23:38 - 000881440 _____ (Realtek Semiconductor) C:\WINDOWS\system32\RtkAudUService64.exe
2021-04-08 19:14 - 2019-06-16 23:38 - 000821336 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64U.dll
2021-04-08 19:14 - 2019-06-16 23:38 - 000270952 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTHDASIO64.dll
2021-04-08 19:14 - 2019-06-16 23:38 - 000227432 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RTHDASIO.dll
2021-04-08 19:14 - 2019-06-16 23:38 - 000215032 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2021-04-08 19:14 - 2019-06-16 20:38 - 005569576 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPOU64.dll
2021-04-08 19:14 - 2019-06-16 20:38 - 001126344 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtCOM64.dll
2021-04-08 19:14 - 2019-06-16 20:38 - 000481888 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2021-04-08 19:14 - 2019-06-16 20:27 - 032720854 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2021-04-07 18:18 - 2021-04-07 18:18 - 000002368 _____ C:\Users\huhto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-04-07 18:18 - 2021-04-07 18:18 - 000000000 ____D C:\Users\huhto\AppData\Roaming\Teams
2021-04-06 14:06 - 2021-04-17 20:03 - 000000000 ____D C:\Users\huhto\AppData\Local\Discord
2021-04-06 14:02 - 2021-04-06 14:02 - 000000000 ____D C:\Users\huhto\AppData\Roaming\Skype
2021-04-06 14:02 - 2021-04-06 14:02 - 000000000 ____D C:\ProgramData\SquirrelMachineInstalls
2021-04-04 15:59 - 2021-04-04 15:59 - 000000000 ____D C:\Users\huhto\AppData\Roaming\Valve Corporation

huhto
Level 3.5
Level 3.5
Příspěvky: 709
Registrován: únor 14
Pohlaví: Nespecifikováno

Re: Kontrola logu

Příspěvekod huhto » 18 dub 2021 14:02

2021-04-04 15:53 - 2021-04-04 15:53 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2021-04-04 14:02 - 2021-04-04 14:02 - 000001578 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AION Free-to-Play.lnk
2021-04-04 14:02 - 2021-04-04 14:02 - 000001566 _____ C:\Users\Public\Desktop\AION Free-to-Play.lnk
2021-04-04 14:02 - 2021-04-04 14:02 - 000000000 ____D C:\Program Files (x86)\Gameforge
2021-04-04 11:33 - 2009-10-01 03:01 - 000088064 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_IBCBGGE.DLL
2021-04-04 11:33 - 2007-04-10 01:06 - 000010752 _____ (SEIKO EPSON CORP.) C:\WINDOWS\system32\E_GCINST.DLL
2021-04-03 19:22 - 2021-04-03 19:27 - 000000000 ____D C:\Users\huhto\AppData\Local\Rockstar Games
2021-04-03 19:22 - 2021-04-03 19:22 - 000000000 ____D C:\Users\huhto\OneDrive\Documents\Rockstar Games
2021-04-03 19:18 - 2021-04-03 19:18 - 000000000 ____D C:\Users\huhto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2021-04-03 19:18 - 2021-04-03 19:18 - 000000000 ____D C:\ProgramData\Rockstar Games
2021-04-03 19:17 - 2021-04-10 11:26 - 000000000 ____D C:\Program Files\Rockstar Games
2021-04-03 19:17 - 2021-04-10 11:26 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2021-04-03 18:50 - 2021-04-03 18:50 - 000000000 ____D C:\Users\huhto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-04-03 18:39 - 2021-04-03 18:39 - 000000000 ____D C:\Users\huhto\AppData\Local\Steam
2021-04-03 18:39 - 2021-04-03 18:39 - 000000000 ____D C:\Users\huhto\AppData\Local\CEF
2021-04-03 18:37 - 2021-04-03 18:37 - 000000560 _____ C:\Users\Public\Desktop\Steam.lnk
2021-04-03 18:37 - 2021-04-03 18:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2021-04-03 16:42 - 2021-04-04 11:32 - 000000000 ____D C:\Users\huhto\AppData\Roaming\Epson
2021-04-03 16:39 - 2021-04-03 16:39 - 000000000 ____D C:\Program Files\Common Files\EPSON
2021-04-03 16:38 - 2021-04-03 16:38 - 000002244 _____ C:\Users\Public\Desktop\Epson Easy Photo Print.lnk
2021-04-03 16:38 - 2021-04-03 16:38 - 000000000 ____D C:\ProgramData\UDL
2021-04-03 16:36 - 2021-04-03 16:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
2021-04-03 16:36 - 2021-04-03 16:36 - 000000306 _____ C:\WINDOWS\setup.iss
2021-04-03 16:36 - 2021-04-03 16:36 - 000000000 ____D C:\Program Files\Epson Software
2021-04-03 16:36 - 2021-04-03 16:36 - 000000000 ____D C:\Program Files (x86)\Epson Software
2021-04-03 16:35 - 2021-04-03 16:35 - 000000000 ____D C:\Users\huhto\AppData\Local\ABBYY
2021-04-03 16:35 - 2021-04-03 16:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 9.0 Sprint
2021-04-03 16:35 - 2021-04-03 16:35 - 000000000 ____D C:\ProgramData\ABBYY
2021-04-03 16:35 - 2021-04-03 16:35 - 000000000 ____D C:\Program Files (x86)\ABBYY FineReader 9.0 Sprint
2021-04-03 16:33 - 2021-04-03 16:33 - 000002380 _____ C:\Users\Public\Desktop\EPSON SX125 Series Manuál.lnk
2021-04-03 16:32 - 2021-04-04 11:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2021-04-03 16:32 - 2021-04-03 16:56 - 000001007 _____ C:\Users\Public\Desktop\EPSON Scan.lnk
2021-04-03 16:32 - 2021-04-03 16:39 - 000000000 ____D C:\ProgramData\EPSON
2021-04-03 16:32 - 2021-04-03 16:36 - 000000000 ____D C:\Program Files (x86)\epson
2021-04-03 16:32 - 2011-08-10 00:00 - 000464384 _____ (Seiko Epson Corporation) C:\WINDOWS\system32\esxw2ud.dll
2021-04-03 16:32 - 2009-10-16 00:00 - 000132560 _____ (Seiko Epson Corporation) C:\WINDOWS\system32\esdevapp.exe
2021-04-03 16:32 - 2009-10-16 00:00 - 000013824 _____ (Seiko Epson Corporation) C:\WINDOWS\system32\esxcdev.dll
2021-04-03 16:32 - 2008-11-12 03:00 - 000118784 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_ILMGGE.DLL
2021-04-03 16:00 - 2021-04-17 20:16 - 000000000 ____D C:\Users\huhto\AppData\Roaming\Open Rails
2021-04-03 16:00 - 2021-04-03 16:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Open Rails
2021-04-03 16:00 - 2021-04-03 16:00 - 000000000 ____D C:\Program Files (x86)\Microsoft XNA
2021-04-03 15:59 - 2021-04-03 15:59 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2021-04-03 15:59 - 2021-04-03 15:59 - 000000000 ____D C:\Program Files\Reference Assemblies
2021-04-03 15:59 - 2021-04-03 15:59 - 000000000 ____D C:\Program Files\MSBuild
2021-04-03 15:59 - 2021-04-03 15:59 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2021-04-03 15:59 - 2021-04-03 15:59 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-04-03 14:15 - 2021-04-08 19:14 - 000000000 ___HD C:\Program Files (x86)\Temp
2021-04-03 14:15 - 2019-04-15 20:13 - 002856624 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2021-04-03 14:14 - 2021-04-08 19:14 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-04-03 14:14 - 2021-04-08 19:13 - 000000000 ____D C:\Program Files (x86)\Realtek
2021-04-03 14:13 - 2021-04-08 19:12 - 000034568 _____ (RW-Everything) C:\WINDOWS\SysWOW64\Drivers\AsrSetupDrv103.sys
2021-04-03 14:13 - 2021-04-08 19:12 - 000000000 ____D C:\Users\huhto\Downloads\ASRSetup
2021-04-03 13:47 - 2021-04-03 13:47 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-04-03 13:47 - 2021-04-03 13:47 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-04-03 13:47 - 2021-04-03 13:47 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-04-03 13:47 - 2021-04-03 13:47 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-04-03 13:47 - 2021-04-03 13:47 - 000480256 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-04-03 13:47 - 2021-04-03 13:47 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-04-03 13:47 - 2021-04-03 13:47 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-04-03 13:47 - 2021-04-03 13:47 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-04-03 13:47 - 2021-04-03 13:47 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-04-03 13:47 - 2021-04-03 13:47 - 000138056 _____ C:\WINDOWS\system32\HvsiManagementApi.dll
2021-04-03 13:47 - 2021-04-03 13:47 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-04-03 13:47 - 2021-04-03 13:47 - 000101704 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll
2021-04-03 13:47 - 2021-04-03 13:47 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-04-03 13:47 - 2021-04-03 13:47 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-04-03 13:47 - 2021-04-03 13:47 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-04-03 13:47 - 2021-04-03 13:47 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-04-03 13:47 - 2021-04-03 13:47 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-04-03 13:46 - 2021-04-03 13:46 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-04-03 13:46 - 2021-04-03 13:46 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-04-03 13:46 - 2021-04-03 13:46 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-04-03 13:46 - 2021-04-03 13:46 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-04-03 13:46 - 2021-04-03 13:46 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-04-03 13:46 - 2021-04-03 13:46 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-04-03 13:46 - 2021-04-03 13:46 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-04-03 13:46 - 2021-04-03 13:46 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-04-03 13:46 - 2021-04-03 13:46 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-04-03 13:46 - 2021-04-03 13:46 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-04-03 13:46 - 2021-04-03 13:46 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-04-03 13:46 - 2021-04-03 13:46 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-04-03 13:46 - 2021-04-03 13:46 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-04-03 13:46 - 2021-04-03 13:46 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2021-04-03 13:46 - 2021-04-03 13:46 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-04-03 13:46 - 2021-04-03 13:46 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-04-03 13:46 - 2021-04-03 13:46 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-04-03 13:46 - 2021-04-03 13:46 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-04-03 13:46 - 2021-04-03 13:46 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2021-04-03 13:46 - 2021-04-03 13:46 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2021-04-03 13:46 - 2021-04-03 13:46 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-04-03 13:46 - 2021-04-03 13:46 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-04-03 13:46 - 2021-04-03 13:46 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-04-03 13:46 - 2021-04-03 13:46 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2021-04-03 13:46 - 2021-04-03 13:46 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2021-04-03 13:46 - 2021-04-03 13:46 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2021-04-03 13:46 - 2021-04-03 13:46 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2021-04-03 13:45 - 2021-04-03 13:45 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-04-03 13:45 - 2021-04-03 13:45 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-04-03 13:45 - 2021-04-03 13:45 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-04-03 13:45 - 2021-04-03 13:45 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-04-03 13:45 - 2021-04-03 13:45 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-04-03 13:45 - 2021-04-03 13:45 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-04-03 13:45 - 2021-04-03 13:45 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-04-03 13:45 - 2021-04-03 13:45 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-04-03 13:45 - 2021-04-03 13:45 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-04-03 13:45 - 2021-04-03 13:45 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-04-03 13:45 - 2021-04-03 13:45 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-04-03 13:45 - 2021-04-03 13:45 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-04-03 13:45 - 2021-04-03 13:45 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-04-03 13:45 - 2021-04-03 13:45 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-04-03 13:45 - 2021-04-03 13:45 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-04-03 13:45 - 2021-04-03 13:45 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-04-03 13:45 - 2021-04-03 13:45 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2021-04-03 13:45 - 2021-04-03 13:45 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-04-03 13:45 - 2021-04-03 13:45 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2021-04-03 13:45 - 2021-04-03 13:45 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-04-03 13:37 - 2021-04-03 13:37 - 000000000 ___HD C:\$WinREAgent
2021-04-03 13:37 - 2021-04-03 13:37 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-04-03 13:34 - 2021-04-03 13:35 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2021-04-03 13:33 - 2021-04-03 13:33 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-04-03 13:22 - 2021-04-03 13:22 - 000000000 ____D C:\Users\huhto\AppData\Roaming\WinRAR
2021-04-03 13:19 - 2021-04-03 13:19 - 000000905 _____ C:\Users\Public\Desktop\Train Simulator.lnk
2021-04-03 13:19 - 2021-04-03 13:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2021-04-03 13:15 - 2021-04-03 13:15 - 000001332 _____ C:\Users\Public\Desktop\Acrobat Reader 4.0.lnk
2021-04-03 13:15 - 2021-04-03 13:15 - 000000000 ____D C:\WINDOWS\Profiles\All Users
2021-04-03 13:15 - 2021-04-03 13:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 4.0
2021-04-03 13:15 - 2021-04-03 13:15 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-04-03 13:15 - 1998-10-02 19:00 - 000327168 _____ (InstallShield Software Corporation) C:\WINDOWS\IsUninst.exe
2021-04-03 13:15 - 1997-01-22 20:26 - 000565760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVCP50.DLL
2021-04-03 13:14 - 2021-04-03 13:14 - 000000000 ____D C:\Users\huhto\AppData\Local\Disc_Soft_Ltd
2021-04-03 13:12 - 2021-04-03 13:12 - 000059360 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtliteusbbus.sys
2021-04-03 13:12 - 2021-04-03 13:12 - 000042256 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtlitescsibus.sys
2021-04-03 13:12 - 2021-04-03 13:12 - 000000834 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2021-04-03 13:12 - 2021-04-03 13:12 - 000000000 ____D C:\Users\huhto\AppData\Roaming\Disc-Soft
2021-04-03 13:12 - 2021-04-03 13:12 - 000000000 ____D C:\Users\huhto\AppData\Roaming\DAEMON Tools Lite
2021-04-03 13:12 - 2021-04-03 13:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\DAEMON Tools Lite
2021-04-03 13:12 - 2021-04-03 13:12 - 000000000 ____D C:\ProgramData\Disc-Soft
2021-04-03 13:12 - 2021-04-03 13:12 - 000000000 ____D C:\Program Files\DAEMON Tools Lite
2021-04-03 13:08 - 2021-04-15 08:55 - 000000000 ____D C:\Users\huhto\AppData\Local\PlaceholderTileLogoFolder
2021-04-03 13:02 - 2021-04-17 18:53 - 000000000 _____ C:\Users\huhto\AppData\Roaming\FileOut.cns
2021-04-03 13:02 - 2021-04-17 18:53 - 000000000 _____ C:\Users\huhto\AppData\Roaming\FileIn.cns
2021-04-03 12:56 - 2021-04-17 11:09 - 000000000 ____D C:\Users\huhto\AppData\Local\ConnectedDevicesPlatform
2021-04-03 12:56 - 2021-04-03 12:56 - 000000020 ___SH C:\Users\huhto\ntuser.ini
2021-04-03 12:56 - 2021-04-03 12:56 - 000000000 ___RD C:\Users\huhto\3D Objects
2021-04-03 12:41 - 2020-10-29 13:31 - 000107560 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdkmpfd.sys
2021-04-03 12:39 - 2021-04-13 08:19 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1040710261-2495403586-1490062961-1001
2021-04-03 12:39 - 2021-04-03 12:39 - 000003400 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-04-03 12:39 - 2021-04-03 12:39 - 000003176 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-04-03 12:39 - 2021-04-03 12:39 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1040710261-2495403586-1490062961-500
2021-04-03 12:38 - 2021-04-03 12:39 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2021-04-03 12:38 - 2021-04-03 12:39 - 000007623 _____ C:\WINDOWS\diagerr.xml
2021-04-03 12:37 - 2021-04-17 18:26 - 000000000 ____D C:\Users\huhto
2021-04-03 12:37 - 2021-04-13 08:19 - 000002365 _____ C:\Users\huhto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-04-03 12:37 - 2021-04-03 12:37 - 000000000 _SHDL C:\Users\huhto\Šablony
2021-04-03 12:37 - 2021-04-03 12:37 - 000000000 _SHDL C:\Users\huhto\Soubory cookie
2021-04-03 12:37 - 2021-04-03 12:37 - 000000000 _SHDL C:\Users\huhto\Poslední
2021-04-03 12:37 - 2021-04-03 12:37 - 000000000 _SHDL C:\Users\huhto\Okolní tiskárny
2021-04-03 12:37 - 2021-04-03 12:37 - 000000000 _SHDL C:\Users\huhto\Okolní síť
2021-04-03 12:37 - 2021-04-03 12:37 - 000000000 _SHDL C:\Users\huhto\Nabídka Start
2021-04-03 12:37 - 2021-04-03 12:37 - 000000000 _SHDL C:\Users\huhto\Dokumenty
2021-04-03 12:37 - 2021-04-03 12:37 - 000000000 _SHDL C:\Users\huhto\Data aplikací
2021-04-03 12:37 - 2021-04-03 12:37 - 000000000 _SHDL C:\Users\huhto\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2021-04-03 12:37 - 2021-04-03 12:37 - 000000000 _SHDL C:\Users\huhto\AppData\Local\Data aplikací
2021-04-03 12:36 - 2021-04-03 12:36 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_amdpsp_01011.Wdf
2021-04-03 12:35 - 2021-04-18 11:30 - 000008192 ___SH C:\DumpStack.log.tmp
2021-04-03 12:27 - 2021-04-03 13:35 - 000000000 ____D C:\Program Files\CMAK
2021-04-03 12:27 - 2021-04-03 12:27 - 000000000 ____D C:\Program Files (x86)\CMAK
2021-04-03 12:25 - 2021-04-03 12:25 - 000016148 _____ C:\WINDOWS\system32\DESKTOP-SGEVLO1_huhto_HistoryPrediction.bin
2021-04-03 12:22 - 2021-04-04 17:07 - 000000000 ____D C:\Program Files\rempl
2021-04-03 12:21 - 2021-04-15 11:20 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-04-03 12:21 - 2021-04-03 12:41 - 000000000 ____D C:\Program Files\CUAssistant
2021-04-03 12:21 - 2021-04-03 12:24 - 000000000 ____D C:\WINDOWS\UpdateAssistant
2021-04-03 12:19 - 2021-04-03 12:19 - 000243056 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\Drivers\amdpsp.sys
2021-04-03 12:19 - 2021-04-03 12:19 - 000129008 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\tbaseregistry64.dll
2021-04-03 12:19 - 2021-04-03 12:19 - 000108528 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\tbaseregistry32.dll
2021-04-03 12:19 - 2021-04-03 12:19 - 000106480 _____ (AMD) C:\WINDOWS\system32\pspcoins.dll
2021-04-03 12:19 - 2021-04-03 12:19 - 000101232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\Drivers\amdkmcsp.sys
2021-04-03 12:19 - 2021-04-03 12:19 - 000091632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdumcsp.dll
2021-04-03 12:19 - 2021-04-03 12:19 - 000071664 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdumcsp.dll
2021-04-03 12:19 - 2021-04-03 12:19 - 000031592 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\AMDPCIDev.sys
2021-04-03 12:19 - 2021-04-03 12:19 - 000026096 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\t-base_client_api.dll
2021-04-03 12:19 - 2021-04-03 12:19 - 000022000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\t-base_client_api.dll
2021-04-03 12:19 - 2017-08-29 06:22 - 000033144 _____ (Advanced Micro Devices, Inc) C:\WINDOWS\system32\Drivers\amdgpio3.sys
2021-04-03 12:13 - 2021-04-16 09:10 - 000000000 ___DC C:\WINDOWS\Panther
2021-04-03 12:13 - 2021-04-06 14:06 - 000000000 ____D C:\Users\huhto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2021-04-03 12:12 - 2021-04-07 18:18 - 000000000 ____D C:\Users\huhto\AppData\Local\SquirrelTemp
2021-04-03 12:11 - 2021-04-03 12:39 - 000000000 ___HD C:\$GetCurrent
2021-04-03 12:06 - 2021-04-03 12:13 - 000000036 _____ C:\WINDOWS\progress.ini
2021-04-03 11:39 - 2021-04-03 12:56 - 000000000 ____D C:\Windows10Upgrade
2021-04-03 11:39 - 2021-04-03 12:11 - 000000731 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pomocník s aktualizací Windows 10.lnk
2021-04-03 11:37 - 2021-04-03 13:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-04-03 11:37 - 2021-04-03 12:37 - 000000000 ____D C:\Users\huhto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-04-03 11:37 - 2021-04-03 11:37 - 000000000 ____D C:\Program Files\WinRAR
2021-04-03 11:14 - 2021-04-16 09:42 - 000000000 ____D C:\Users\huhto\AppData\Roaming\IObit
2021-04-03 11:14 - 2021-04-07 14:00 - 000000000 ____D C:\ProgramData\IObit
2021-04-03 11:14 - 2021-04-03 13:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2021-04-03 11:14 - 2021-04-03 11:15 - 000000000 ____D C:\Users\huhto\AppData\LocalLow\IObit
2021-04-03 11:14 - 2021-04-03 11:14 - 027508816 _____ (IObit ) C:\Users\huhto\Downloads\iobituninstaller.exe
2021-04-03 11:14 - 2021-04-03 11:14 - 027508816 _____ (IObit ) C:\Users\huhto\Downloads\iobituninstaller (1).exe
2021-04-03 11:14 - 2021-04-03 11:14 - 000001428 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2021-04-03 11:14 - 2021-04-03 11:14 - 000001416 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2021-04-03 11:14 - 2021-04-03 11:14 - 000000000 ____D C:\Program Files (x86)\IObit
2021-04-03 10:59 - 2021-04-15 08:07 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-04-03 10:59 - 2021-04-15 08:07 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-04-03 10:59 - 2021-04-03 11:14 - 000000000 ____D C:\Users\huhto\AppData\Local\Google
2021-04-03 10:59 - 2021-04-03 10:59 - 000000000 ____D C:\Program Files\Google
2021-04-03 10:59 - 2021-04-03 10:59 - 000000000 ____D C:\Program Files (x86)\Google
2021-04-03 10:58 - 2021-04-03 11:03 - 001304160 _____ (Google LLC) C:\Users\huhto\Downloads\ChromeSetup.exe
2021-04-03 10:50 - 2021-04-10 11:08 - 000000000 ____D C:\Users\huhto\AppData\Local\AMD_Common
2021-04-03 10:48 - 2021-04-18 11:30 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2021-04-03 10:48 - 2021-04-10 11:03 - 000000000 ____D C:\WINDOWS\system32\AMD
2021-04-03 10:47 - 2020-07-27 09:41 - 000062056 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdxe.sys
2021-04-03 10:45 - 2021-04-10 19:09 - 000000000 ____D C:\Program Files\AMD
2021-04-03 10:44 - 2021-04-10 10:57 - 000000000 ____D C:\AMD
2021-04-03 10:42 - 2021-04-03 10:42 - 000000000 ____D C:\Users\huhto\AppData\Local\MicrosoftEdge
2021-04-03 10:35 - 2021-04-18 11:25 - 000000108 _____ C:\Users\huhto\OneDrive\Documents\aionmemo_41759818.dat
2021-04-03 10:34 - 2021-01-17 15:24 - 045757016 _____ (Open Rails ) C:\Users\huhto\OneDrive\Documents\OpenRails-1.3.1-Setup.exe
2021-04-03 10:32 - 2021-04-03 12:08 - 616802835 _____ C:\WINDOWS\MEMORY.DMP
2021-04-03 10:30 - 2021-04-03 10:30 - 000000000 ___HD C:\OneDriveTemp
2021-04-03 10:30 - 2021-04-03 10:30 - 000000000 ____D C:\Users\huhto\OneDrive\Documents\Zvukové záznamy
2021-04-03 10:30 - 2021-04-03 10:30 - 000000000 ____D C:\Users\huhto\OneDrive\Documents\Password Manager
2021-04-03 10:30 - 2021-04-03 10:30 - 000000000 ____D C:\Users\huhto\OneDrive\Documents\FFOutput
2021-04-03 10:30 - 2021-04-03 10:30 - 000000000 ____D C:\Users\huhto\OneDrive\Documents\FeedbackHub
2021-04-03 10:30 - 2021-04-03 10:30 - 000000000 ____D C:\Users\huhto\AppData\Local\OneDrive
2021-04-03 10:29 - 2021-04-13 08:19 - 000000000 ___RD C:\Users\huhto\OneDrive
2021-04-03 10:29 - 2021-04-03 10:29 - 000000000 ____D C:\Users\huhto\AppData\Local\Comms
2021-04-03 10:27 - 2021-04-18 11:55 - 000000000 ____D C:\Users\huhto\AppData\Local\Packages
2021-04-03 10:27 - 2021-04-04 11:38 - 000000000 ____D C:\Users\huhto\AppData\Local\VirtualStore
2021-04-03 10:27 - 2021-04-03 10:27 - 000016148 _____ C:\WINDOWS\system32\DESKTOP-SGEVLO1_defaultuser0_HistoryPrediction.bin
2021-04-03 10:27 - 2021-04-03 10:27 - 000000000 ____D C:\Users\huhto\AppData\Roaming\Adobe
2021-04-03 10:27 - 2021-04-03 10:27 - 000000000 ____D C:\Users\huhto\AppData\Local\Publishers
2021-04-03 10:21 - 2021-04-03 10:21 - 000110104 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\SETA9EB.tmp
2021-04-03 10:17 - 2021-04-03 10:17 - 000000000 _SHDL C:\Users\Default\Šablony
2021-04-03 10:17 - 2021-04-03 10:17 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2021-04-03 10:17 - 2021-04-03 10:17 - 000000000 _SHDL C:\Users\Default\Poslední
2021-04-03 10:17 - 2021-04-03 10:17 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2021-04-03 10:17 - 2021-04-03 10:17 - 000000000 _SHDL C:\Users\Default\Okolní síť
2021-04-03 10:17 - 2021-04-03 10:17 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2021-04-03 10:17 - 2021-04-03 10:17 - 000000000 _SHDL C:\Users\Default\Dokumenty
2021-04-03 10:17 - 2021-04-03 10:17 - 000000000 _SHDL C:\Users\Default\Data aplikací
2021-04-03 10:17 - 2021-04-03 10:17 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2021-04-03 10:17 - 2021-04-03 10:17 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2021-04-03 10:17 - 2021-04-03 10:17 - 000000000 _SHDL C:\ProgramData\Šablony
2021-04-03 10:17 - 2021-04-03 10:17 - 000000000 _SHDL C:\ProgramData\Plocha
2021-04-03 10:17 - 2021-04-03 10:17 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2021-04-03 10:17 - 2021-04-03 10:17 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2021-04-03 10:17 - 2021-04-03 10:17 - 000000000 _SHDL C:\ProgramData\Dokumenty
2021-04-03 10:17 - 2021-04-03 10:17 - 000000000 _SHDL C:\ProgramData\Data aplikací
2021-04-03 10:17 - 2021-04-03 10:17 - 000000000 ____D C:\WINDOWS\CSC

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-18 13:36 - 2020-11-19 00:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-04-18 12:03 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-18 11:34 - 2020-11-19 01:55 - 001694140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-18 11:34 - 2019-12-07 16:43 - 000717008 _____ C:\WINDOWS\system32\perfh005.dat
2021-04-18 11:34 - 2019-12-07 16:43 - 000145186 _____ C:\WINDOWS\system32\perfc005.dat
2021-04-18 11:34 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-04-18 11:30 - 2020-11-19 01:46 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-04-18 11:30 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-04-18 11:05 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-18 11:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-04-17 21:00 - 2020-11-19 00:46 - 000267872 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-04-17 18:03 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-04-16 22:46 - 2020-11-19 01:48 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-16 22:46 - 2020-11-19 01:48 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-04-16 09:58 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-04-15 11:31 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-04-15 11:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-04-15 11:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-04-15 11:27 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-04-11 09:25 - 2020-11-19 01:46 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-04-07 18:19 - 2020-11-19 01:50 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-04-05 13:39 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-04-04 11:40 - 2020-11-19 01:50 - 000000000 ____D C:\ProgramData\Packages
2021-04-04 09:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2021-04-03 15:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2021-04-03 15:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\MUI
2021-04-03 14:07 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-04-03 14:07 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-04-03 14:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-04-03 14:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-04-03 14:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-04-03 14:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-04-03 14:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-04-03 14:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-04-03 14:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-04-03 14:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-04-03 14:04 - 2020-11-19 01:48 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-04-03 13:51 - 2019-12-07 16:47 - 000000000 ___SD C:\WINDOWS\system32\AppV
2021-04-03 13:51 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-04-03 13:51 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-04-03 13:51 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-04-03 13:51 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-04-03 13:51 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-04-03 13:51 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-04-03 13:51 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-04-03 13:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-04-03 13:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-04-03 13:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-04-03 13:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-04-03 13:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-04-03 13:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-04-03 13:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-04-03 13:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-04-03 13:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-04-03 13:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-04-03 13:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-04-03 13:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-04-03 13:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-04-03 13:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-04-03 13:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-04-03 13:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-04-03 13:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-04-03 13:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-04-03 13:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\IME
2021-04-03 13:51 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-04-03 13:51 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-04-03 13:51 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-04-03 13:35 - 2019-12-07 11:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-04-03 13:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-04-03 13:35 - 2015-07-10 13:04 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2021-04-03 13:35 - 2015-07-10 13:04 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2021-04-03 13:35 - 2015-07-10 13:04 - 000000000 ____D C:\WINDOWS\InfusedApps
2021-04-03 13:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Resources
2021-04-03 13:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Help
2021-04-03 13:33 - 2019-12-07 11:18 - 000000000 ____D C:\WINDOWS\Setup
2021-04-03 13:32 - 2020-11-19 04:49 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2021-04-03 13:32 - 2019-12-07 11:10 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2021-04-03 12:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-04-03 12:40 - 2020-11-19 01:48 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-03 12:40 - 2020-11-19 01:48 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-04-03 12:39 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\USOPrivate
2021-04-03 12:39 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows NT
2021-04-03 12:38 - 2019-12-07 11:14 - 000000000 __RHD C:\Users\Public\Libraries
2021-04-03 12:37 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM

==================== Files in the root of some directories ========

2021-04-17 20:01 - 2021-04-17 20:01 - 000000025 _____ () C:\Users\huhto\AppData\Roaming\alsoft.ini
2021-04-03 13:02 - 2021-04-17 18:53 - 000000000 _____ () C:\Users\huhto\AppData\Roaming\FileIn.cns
2021-04-03 13:02 - 2021-04-17 18:53 - 000000000 _____ () C:\Users\huhto\AppData\Roaming\FileOut.cns

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

huhto
Level 3.5
Level 3.5
Příspěvky: 709
Registrován: únor 14
Pohlaví: Nespecifikováno

Re: Kontrola logu

Příspěvekod huhto » 18 dub 2021 14:02

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-04-2021
Ran by huhto (18-04-2021 13:57:50)
Running from C:\Users\huhto\Desktop
Windows 10 Pro Version 20H2 19042.928 (X64) (2021-04-03 10:39:12)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1040710261-2495403586-1490062961-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1040710261-2495403586-1490062961-503 - Limited - Disabled)
Guest (S-1-5-21-1040710261-2495403586-1490062961-501 - Limited - Disabled)
huhto (S-1-5-21-1040710261-2495403586-1490062961-1001 - Administrator - Enabled) => C:\Users\huhto
marti (S-1-5-21-1040710261-2495403586-1490062961-1002 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1040710261-2495403586-1490062961-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ABBYY FineReader 9.0 Sprint (HKLM-x32\...\{F9000000-0018-0000-0000-074957833700}) (Version: 9.01.513.58212 - ABBYY) Hidden
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
Adobe Acrobat 4.0 (HKLM-x32\...\Adobe Acrobat 4.0) (Version: 4.0 - Adobe Systems, Inc.)
AION Free-to-Play (HKLM-x32\...\{82E73E8D-E1E7-45A4-A311-6D31492AA913}_is1) (Version: - Gameforge 4D GmbH)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.14.0.1709 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-1040710261-2495403586-1490062961-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Epson Easy Photo Print 2 (HKLM-x32\...\{39F58DDB-B2B8-4B86-AF20-4706A80EB30D}) (Version: 2.2.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}) (Version: 2.40.0001 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON SX125 Series Manuál (HKLM-x32\...\EPSON SX125 Series Manual) (Version: - )
EPSON SX125 Series Printer Uninstall (HKLM\...\EPSON SX125 Series) (Version: - SEIKO EPSON Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.72 - Google LLC)
IObit Uninstaller 10 (HKLM-x32\...\IObitUninstall) (Version: 10.4.0.13 - IObit)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.77 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1040710261-2495403586-1490062961-1001\...\OneDriveSetup.exe) (Version: 21.052.0314.0001 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1040710261-2495403586-1490062961-1001\...\Teams) (Version: 1.4.00.7174 - Microsoft Corporation)
Microsoft Train Simulator (HKLM-x32\...\Train Simulator 1.0) (Version: - )
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
MSTS Patch 1.7.00819 (HKLM-x32\...\{587A2120-41D3-11DB-3D6C-00E19E4D4AE1}) (Version: 1.7.081920 - George)
Open Rails 1.3.1.4328 (HKLM-x32\...\{94E15E08-869D-4B69-B8D7-8C82075CB51C} ; Generat~67F3DAC8_is1) (Version: 1.3.1.4328 - Open Rails)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23258 - Microsoft Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.35.510.2019 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8730.1 - Realtek Semiconductor Corp.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.37.349 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.8.1 - Rockstar Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.16.8 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{6753CC12-A884-47B2-9270-F5CD31B6F256}) (Version: 2.67.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{0746492E-47B6-4251-940C-44462DFD74BB}) (Version: 2.55.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{76A22428-2400-4521-96AF-7AC4A6174CA5}) (Version: 1.25.0.0 - Microsoft Corporation) Hidden
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-04-03] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-04-03] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.4072.0_x64__8wekyb3d8bbwe [2021-04-17] (Microsoft Studios) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2021-04-03] (Microsoft Corporation) [MS Ad]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.2.175.0_x64__dt26b99r8h8gj [2021-04-08] (Realtek Semiconductor Corp)
Word Mobile -> C:\Program Files\WindowsApps\Microsoft.Office.Word_16001.13801.20454.0_x64__8wekyb3d8bbwe [2021-04-15] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1040710261-2495403586-1490062961-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\huhto\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20339.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2021-04-03] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2021-04-03] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\huhto\Desktop\ConsistEditor – zástupce.lnk -> C:\Users\huhto\Desktop\ConsistEditor.bat ()
Shortcut: C:\Users\huhto\Desktop\ShapeViewer – zástupce.lnk -> C:\Users\huhto\Desktop\ShapeViewer.bat ()

==================== Loaded Modules (Whitelisted) =============

2008-04-11 11:54 - 2008-04-11 11:54 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\MSVCR71.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

SearchScopes: HKU\S-1-5-21-1040710261-2495403586-1490062961-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1040710261-2495403586-1490062961-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2020-01-31] (IObit Information Technology -> IObit)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.) [File not signed]
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.) [File not signed]

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 13:04 - 2021-04-18 11:29 - 000000813 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1040710261-2495403586-1490062961-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\huhto\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\screenshot_tirol austria_47.39009-11.78272_17-19-18.jpg
DNS Servers: 62.129.50.20 - 85.135.32.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "EEventManager"
HKLM\...\StartupApproved\Run32: => "Discord"
HKU\S-1-5-21-1040710261-2495403586-1490062961-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1040710261-2495403586-1490062961-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1040710261-2495403586-1490062961-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1040710261-2495403586-1490062961-1001\...\StartupApproved\Run: => "EPSON SX125 Series"
HKU\S-1-5-21-1040710261-2495403586-1490062961-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{DD5F5687-AA59-487A-85EC-7246A14D8966}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{8CA44F05-30B1-43B7-A077-90259A366D23}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{74986C54-FEF6-4D82-8529-82C1F60B5708}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B5D49429-7027-4C63-9CF1-1D002D647677}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EB72A960-67A5-4381-A952-AD6104600753}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{69CB3083-913A-47A1-AFEC-F37B106F3798}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{F6F8F9F7-246E-43D5-A89F-DE5D7068C36B}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [UDP Query User{6FEB003C-C890-4778-85C1-9FCBEF82F3A6}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [{4FD7A610-45C2-401C-9015-6C48CCEB9AAD}] => (Allow) E:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{CAB8D792-BDE2-4B6A-AF30-DE2C4E91C93D}] => (Allow) E:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{A2EDE1CC-123E-4378-97CF-7A24D00FB47E}] => (Allow) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{D62DB998-DF52-4C69-8B70-DD7F845D2E6C}] => (Allow) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{883E90BF-B275-48AF-B094-12EB37409E1F}] => (Allow) E:\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{2E6C094A-6219-48DE-BB67-2FAA7F69E18D}] => (Allow) E:\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{0AF1DE6B-226A-455E-96AD-88748FE755FD}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{BAD18CAD-F954-4AC6-A14B-BA096F9B17BB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{AA2F815E-16A7-4920-92AC-1B705A36F503}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{16AAFC76-FBE2-4134-A906-36A27994F21D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{CD052CA9-829E-4036-88F0-F0E94CBB54AA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

==================== Restore Points =========================

18-04-2021 11:38:48 End of disinfection

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (04/18/2021 01:50:39 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5988,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (04/18/2021 01:35:39 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2576,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (04/18/2021 01:33:20 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Nový svazek (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (04/18/2021 01:20:39 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9552,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (04/18/2021 01:05:39 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5756,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (04/18/2021 12:50:39 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4720,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (04/18/2021 12:36:11 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (520,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (04/18/2021 12:18:48 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3108,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (04/18/2021 11:30:13 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-SGEVLO1)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/18/2021 10:57:03 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (10:55:44, ‎18.‎04.‎2021) bylo neočekávané.

Error: (04/18/2021 10:56:51 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684Při zpracování obnovovacích dat došlo k závažné chybě.

Error: (04/18/2021 10:45:55 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (21:01:17, ‎17.‎04.‎2021) bylo neočekávané.

Error: (04/18/2021 10:45:45 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684Při zpracování obnovovacích dat došlo k závažné chybě.

Error: (04/17/2021 09:00:17 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (20:59:14, ‎17.‎04.‎2021) bylo neočekávané.

Error: (04/17/2021 09:00:04 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684Při zpracování obnovovacích dat došlo k závažné chybě.

Error: (04/17/2021 06:41:54 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.


Windows Defender:
================
Date: 2021-04-11 13:08:43
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {48E7EB7E-85CC-4D0D-A3D8-522EC3475EBD}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-04-08 14:25:45
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {AFC4AAA7-34C3-4DB0-B4DE-F030186EAD97}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-04-04 14:09:22
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {9D6A485A-9170-4BD3-B97F-30B7D1D2B3B6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-04-04 12:51:24
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {CB3BB746-77E1-40F4-BBA6-9A513010966F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-04-10 10:50:08
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.

Date: 2021-04-03 12:39:01
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o načtení bezpečnostních informací a pokusí se o obnovení poslední známé funkční verze.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80070003
Popis chyby: Systém nemůže nalézt uvedenou cestu.
Verze bezpečnostních informací: 0.0.0.0;0.0.0.0
Verze modulu: 0.0.0.0

CodeIntegrity:
===============
Date: 2021-04-16 09:46:50
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

BIOS: American Megatrends Inc. P1.60 08/01/2019
Motherboard: ASRock B450M Pro4-F
Processor: AMD Ryzen 5 2600 Six-Core Processor
Percentage of memory in use: 24%
Total physical RAM: 16315.73 MB
Available physical RAM: 12368.51 MB
Total Virtual: 18747.73 MB
Available Virtual: 12744.62 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:118.25 GB) (Free:79.83 GB) NTFS
Drive e: (Nový svazek) (Fixed) (Total:464.74 GB) (Free:327.79 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{74b99aa1-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS
\\?\Volume{74b99aa1-0000-0000-0000-60af1d000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{c83095c7-0000-0000-0000-004f74000000}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 119.2 GB) (Disk ID: 74B99AA1)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=118.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=512 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: C83095C7)
Partition 1: (Active) - (Size=464.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=537 MB) - (Type=27)

==================== End of Addition.txt =======================

huhto
Level 3.5
Level 3.5
Příspěvky: 709
Registrován: únor 14
Pohlaví: Nespecifikováno

Re: Kontrola logu

Příspěvekod huhto » 18 dub 2021 14:03

tak udělano,tak už je to vše ,mam počítač v pořadku?děkuji za odpověd


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: CommonCrawl [Bot] a 2 hosti