prosím o kontrolu - po stratu windows se sama otevírá reklamní stránka key 4 you
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-01-2021
Ran by Oliver (18-01-2021 21:44:54)
Running from C:\Users\Oliver\Downloads
Windows 10 Home Version 1909 18363.1316 (X64) (2020-05-28 00:31:09)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1419420685-1268110993-1861172331-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1419420685-1268110993-1861172331-503 - Limited - Disabled)
Guest (S-1-5-21-1419420685-1268110993-1861172331-501 - Limited - Disabled)
Oliver (S-1-5-21-1419420685-1268110993-1861172331-1001 - Administrator - Enabled) => C:\Users\Oliver
WDAGUtilityAccount (S-1-5-21-1419420685-1268110993-1861172331-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.17.5 - ICEpower a/s)
Call of Duty 4 - Modern Warfare verze 1.7 (HKLM-x32\...\{826D7727-6105-4C5D-A049-E4BADBC8BAAB}_is1) (Version: 1.7 - tomi2k9)
Call Of Duty Modern Warfare 2 verze 1.2 CZ (HKLM-x32\...\{318EAFB5-2019-4A09-811D-33A45A4E71D5}_is1) (Version: 1.2 CZ - tomi2k9)
CCleaner (HKLM\...\CCleaner) (Version: 5.76 - Piriform)
Hearts of Iron IV Man the Guns (HKLM-x32\...\Hearts of Iron IV Man the Guns_is1) (Version: - )
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.13530.20376 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.75 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft OneDrive (HKU\S-1-5-21-1419420685-1268110993-1861172331-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
NVIDIA Ovladače grafiky 442.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 442.94 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13530.20376 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13530.20376 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13530.20376 - Microsoft Corporation) Hidden
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.13.6 - TeamViewer)
Total Uninstall 7.0.0 (HKLM\...\Total Uninstall 7_is1) (Version: 7.0.0 - Gavrila Martau)
Vietcong - Gold Edition verze 1.60 (HKLM-x32\...\{C77CF4A8-70F3-41AA-84AE-AA82298A4725}_is1) (Version: 1.60 - )
Wargaming.net Game Center (HKU\S-1-5-21-1419420685-1268110993-1861172331-1001\...\Wargaming.net Game Center) (Version: 20.7.2.2851 - Wargaming.net)
WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)
World of Tanks EU (HKU\S-1-5-21-1419420685-1268110993-1861172331-1001\...\WOT.EU.PRODUCTION) (Version: - Wargaming.net)
World_of_Warplanes (HKU\S-1-5-21-1419420685-1268110993-1861172331-1001\...\WOWP.WW.PRODUCTION) (Version: - Wargaming.net)
Packages:
=========
AudioWizard -> C:\Program Files\WindowsApps\ICEpower.AudioWizard_1.5.28.0_x64__dxp88312j1fgj [2020-06-04] (ICEpower)
AVG Online Security -> C:\Program Files\WindowsApps\51CA791E.AVGOnlineSecurity_19.4.444.0_neutral__s1d0xtrs8dx04 [2020-05-27] (AVAST Software)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-06-02] (INTEL CORP)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.0.1.0_neutral__w1wdnht996qgy [2019-07-12] (LinkedIn)
McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.54.0_x64__wafk5atnkzcwy [2020-12-04] (McAfee LLC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-05-30] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-05-30] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1102.0_x64__8wekyb3d8bbwe [2021-01-14] (Microsoft Studios) [MS Ad]
MyASUS -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_2.3.8.0_x64__qmba6cd70vzyy [2020-12-23] (ASUSTeK COMPUTER INC.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.959.0_x64__56jybvy8sckqj [2020-11-29] (NVIDIA Corp.)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3282.0_x64__8j3eq9eme6ctt [2020-12-30] (INTEL CORP) [Startup Task]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.7.198.0_x64__dt26b99r8h8gj [2020-06-02] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0 [2020-12-12] (Spotify AB) [Startup Task]
VLC -> C:\Program Files\WindowsApps\VideoLAN.VLC_3.2.1.0_x64__paz6r1rewnh0a [2020-05-27] (VideoLAN)
World Conqueror 4 -> C:\Program Files\WindowsApps\EasyTech.WorldConqueror4_1.0.2.0_x86__nz34nvfqxfk3r [2020-05-28] (EasyTech)
World of Tanks Blitz -> C:\Program Files\WindowsApps\7458BE2C.WorldofTanksBlitz_7.5.231.0_x64__x4tje2y229k00 [2020-12-26] (Wargaming Group Limited)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-01-18] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvam.inf_amd64_c436e4f86f7beadc\nvshext.dll [2020-04-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-01-18] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1419420685-1268110993-1861172331-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1419420685-1268110993-1861172331-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-1419420685-1268110993-1861172331-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1419420685-1268110993-1861172331-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-01-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-08] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1419420685-1268110993-1861172331-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 84.16.96.225 - 84.16.96.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "MSStp"
HKLM\...\StartupApproved\Run32: => "mncyarehsSrv"
HKU\S-1-5-21-1419420685-1268110993-1861172331-1001\...\StartupApproved\Run: => "Wargaming.net Game Center"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{D1D57C3F-D9DC-4BE2-A5DB-8B6EC4761F1A}] => (Allow) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{EDAEAD96-BFE1-4FC6-9DE9-5F7F22887158}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Block) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{46BB5207-8BBB-4A15-BE0C-C47D1256F0EF}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Block) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{394EF2E0-ACC9-4FF0-935A-E499658A15C3}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Block) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{209A72C7-3AE4-4D2D-9FF5-F957CE0EC955}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Block) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{F997B607-2F28-4D8B-B499-8E9FB6201D72}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2466257F-7735-46D7-8ACD-74169D52BDB0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B069A78E-A30E-4BDA-9F9B-C7343E0D1733}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{55DA1BFD-9D95-488F-8E57-F9B880FAEF9E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0090BD99-5490-4FA6-9DDC-3AEBD9A0FDC5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{22617DB8-8EC4-42E0-AF86-A9985AC8C2A3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6C7F010F-109C-44DE-9A85-788C20839D9B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{21CD2AA7-A5D8-48E3-8F26-358E9242838B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{44352827-E9F1-4115-B29A-ED344E58FD27}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5883AC86-0524-4E03-B9F2-BB7ECA6C6763}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4CDFA3EC-36A1-4E46-84ED-1E51E7A2A0DE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2E2142B3-0E51-4F59-A83C-FFC652763965}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{845E98FB-8522-44AC-8B09-95B917E8F5BF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8B16607E-6EF9-42E0-9FC0-BA399460DFA9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{FEE0CA57-D231-45E1-8F2C-624DA6EA049A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{97DCB726-AB42-43BE-A9E7-4A72AFE003A4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C70E7EE3-F4E1-444D-B0F1-B963F408F333}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{71E39644-D8D9-4847-A5AD-CD9F410B2E8B}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_206cee59ee512fde\ASUSLinkNear\AsusLinkNear.exe (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
FirewallRules: [{E2EAF819-B55E-459E-976F-2B57B5C1C6D8}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_206cee59ee512fde\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{3B7461BA-1D12-43B2-BD25-49495F1C9ED0}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_206cee59ee512fde\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
==================== Restore Points =========================
28-12-2020 18:51:46 Naplánovaný kontrolní bod
08-01-2021 22:33:13 Naplánovaný kontrolní bod
14-01-2021 12:03:32 Windows Update
18-01-2021 21:02:25 Odinstalovat s Total Uninstall "Minecraft 1.12.2 + Titan Launcher 3.7.0"
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/18/2021 08:58:25 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (01/18/2021 08:36:01 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: Velikost požadované vyrovnávací paměti je větší než velikost vyrovnávací paměti předané do funkce Collect knihovny DLL rozšiřitelných čítačů C:\Windows\System32\perfts.dll pro službu LSM. Velikost dané vyrovnávací paměti: 27144; požadovaná velikost: 35064.
Error: (01/13/2021 09:29:05 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: Velikost požadované vyrovnávací paměti je větší než velikost vyrovnávací paměti předané do funkce Collect knihovny DLL rozšiřitelných čítačů C:\Windows\System32\perfts.dll pro službu LSM. Velikost dané vyrovnávací paměti: 27208; požadovaná velikost: 33408.
Error: (01/12/2021 06:24:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AsusSystemAnalysis.exe, verze: 2.0.29.0, časové razítko: 0x5fb493d7
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.18362.1110, časové razítko: 0xb4cacc38
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000006dace
ID chybujícího procesu: 0xe40
Čas spuštění chybující aplikace: 0x01d6d1e4a738bb18
Cesta k chybující aplikaci: C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_fd308420000a4872\ASUSSystemAnalysis\AsusSystemAnalysis.exe
Cesta k chybujícímu modulu: C:\Windows\System32\ucrtbase.dll
ID zprávy: 8b3e7457-44d0-4890-8328-e86c26b257dd
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (01/09/2021 09:48:05 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: Velikost požadované vyrovnávací paměti je větší než velikost vyrovnávací paměti předané do funkce Collect knihovny DLL rozšiřitelných čítačů C:\Windows\System32\perfts.dll pro službu LSM. Velikost dané vyrovnávací paměti: 27320; požadovaná velikost: 32488.
Error: (01/05/2021 02:21:09 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: Velikost požadované vyrovnávací paměti je větší než velikost vyrovnávací paměti předané do funkce Collect knihovny DLL rozšiřitelných čítačů C:\Windows\System32\perfts.dll pro službu LSM. Velikost dané vyrovnávací paměti: 27160; požadovaná velikost: 32120.
Error: (01/03/2021 03:57:18 PM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x305; CorrelationId: {BD05367D-D0FF-4279-8585-F42425C353FD}
Error: (01/01/2021 12:24:06 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: Velikost požadované vyrovnávací paměti je větší než velikost vyrovnávací paměti předané do funkce Collect knihovny DLL rozšiřitelných čítačů C:\Windows\System32\perfts.dll pro službu LSM. Velikost dané vyrovnávací paměti: 27432; požadovaná velikost: 32856.
System errors:
=============
Error: (01/18/2021 09:31:30 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-NV3BKN5U)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/18/2021 09:25:52 PM) (Source: DCOM) (EventID: 10000) (User: LAPTOP-NV3BKN5U)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (01/18/2021 09:09:00 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-NV3BKN5U)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/18/2021 09:06:21 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-NV3BKN5U)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/18/2021 08:59:39 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-NV3BKN5U)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/18/2021 08:51:02 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-NV3BKN5U)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/18/2021 08:43:10 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-NV3BKN5U)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/18/2021 08:30:45 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-NV3BKN5U)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
===================================
Date: 2021-01-13 21:44:55.923
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {9E38C3B5-6EC4-4D79-BAB8-5B66D27060CC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-01-12 18:27:24.159
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {2551862A-8D77-4EA6-BC17-165AE44F98C5}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-01-11 17:17:12.374
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {FB19A59C-3D78-40F3-995D-5EFF95680E6D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-01-10 19:45:07.564
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {11D8D59A-12D7-4B41-8FF7-81DD5671B918}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-01-08 22:30:36.048
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {60382D00-E76F-44EC-B323-0FFFD1166E36}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
CodeIntegrity:
===================================
Date: 2021-01-18 20:45:06.004
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2021-01-18 20:45:06.000
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2021-01-18 20:45:05.995
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2021-01-18 20:45:05.987
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2021-01-18 20:45:05.980
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2021-01-18 20:45:05.976
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2021-01-18 20:45:05.967
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2021-01-18 20:45:05.961
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. X509FJ.302 08/28/2019
Motherboard: ASUSTeK COMPUTER INC. X509FJ
Processor: Intel(R) Core(TM) i5-8265U CPU @ 1.60GHz
Percentage of memory in use: 65%
Total physical RAM: 8043.45 MB
Available physical RAM: 2814.24 MB
Total Virtual: 10347.45 MB
Available Virtual: 4047.33 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:476.03 GB) (Free:308.3 GB) NTFS
\\?\Volume{1c1ba087-3cd6-46c7-8fa4-152f983fd41d}\ (RECOVERY) (Fixed) (Total:0.63 GB) (Free:0.23 GB) NTFS
\\?\Volume{e6921bd4-91c9-4171-8305-eed60be215df}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 49CD6B01)
Partition: GPT.
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosím o kontrolu - sama se otevírá reklamní stránka
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118244
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu - sama se otevírá reklamní stránka
Zdravím!
Ještě potřebuji vidět log FRST (dal jste pouze Addition). Najdete ho v souboru addition.txt v C:\Users\Oliver\Downloads. Děkuji.
Ještě potřebuji vidět log FRST (dal jste pouze Addition). Najdete ho v souboru addition.txt v C:\Users\Oliver\Downloads. Děkuji.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosím o kontrolu - sama se otevírá reklamní stránka
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-01-2021
Ran by Oliver (administrator) on LAPTOP-NV3BKN5U (ASUSTeK COMPUTER INC. VivoBook_ASUSLaptop X509FJ_X509FJ) (18-01-2021 21:43:20)
Running from C:\Users\Oliver\Downloads
Loaded Profiles: Oliver
Platform: Windows 10 Home Version 1909 18363.1316 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_206cee59ee512fde\ASUSLinkRemote\AsusLinkRemote.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_206cee59ee512fde\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_206cee59ee512fde\ASUSLinkNear\AsusLinkNear.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_206cee59ee512fde\ASUSLinkNear\AsusLinkNearExt.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_206cee59ee512fde\ASUSOptimization\AsusOptimization.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_206cee59ee512fde\ASUSOptimization\AsusOptimizationStartupTask.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_206cee59ee512fde\ASUSOptimization\AsusOSD.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_206cee59ee512fde\ASUSSoftwareManager\AsusSoftwareManager.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_206cee59ee512fde\ASUSSystemAnalysis\AsusSystemAnalysis.exe
(ICEpower a/s -> ICEpower A/S) C:\Windows\System32\DriverStore\FileRepository\icesoundapo64.inf_amd64_db704b106aae3892\ICEsoundService64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_7ecc5be6ca7b3b0d\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_e7523682cc7528cc\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_e7523682cc7528cc\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_9c1ab568b4fa57de\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_9c1ab568b4fa57de\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_eea3cf789013ad4f\RstMwService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <22>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Oliver\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_206cee59ee512fde\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvam.inf_amd64_c436e4f86f7beadc\Display.NvContainer\NVDisplay.Container.exe <2>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [mncyarehsSrv] => C:\Windows\inf\mncyarehs.vbe [1342 2014-01-19] () [File not signed]
HKU\S-1-5-21-1419420685-1268110993-1861172331-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2481016 2020-12-03] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-1419420685-1268110993-1861172331-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32440376 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2021-01-18]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Java 32bit.bat [2018-01-07] () [File not signed]
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {21AC2C83-936C-4C38-940A-8016C6B7FBE4} - System32\Tasks\Microsoft\Windows\PLA\AsusLinkNear => {FF679DA1-8FF2-4474-9C9E-52BBD409B557} C:\Windows\system32\pla.dll [1507328 2020-06-01] (Microsoft Windows -> Microsoft Corporation)
Task: {4D082232-228B-4149-B716-4E840378D83F} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2021-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {5F89EFA2-80E3-4065-9489-4BE3B351C20D} - System32\Tasks\RtkAudUService64_BG => C:\Windows\System32\RtkAudUService64.exe [976888 2019-10-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {6DFAB0AC-C2C7-488A-A1C1-B77F56603A7A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23061896 2021-01-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {756797BE-C80C-4B47-A698-5CC52BD4E608} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_206cee59ee512fde\ASUSSystemAnalysis\AsusSystemAnalysis.exe [2166712 2020-12-09] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
Task: {7ABA43AB-BA92-4862-8966-6BBD3FDCEBAB} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {85B35732-C2F7-47CE-AF0B-B644454A42E1} - System32\Tasks\ASUS Update Checker 2.0 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_206cee59ee512fde\ASUSSoftwareManager\AsusUpdateChecker.exe [693192 2020-12-09] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
Task: {9A94262C-9AF6-46C4-9935-2384497A2AC9} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2021-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {A876CE91-1C5F-4637-9FE1-CC30E5672982} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26913848 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {BFACDAF0-A6B5-4B59-A3F5-9CA7076AD3B0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23061896 2021-01-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {C8E2B61A-11A8-4BE4-B47C-5BEE031C4E88} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_206cee59ee512fde\ASUSOptimization\AsusHotkeyExec.exe [226232 2020-12-09] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
Task: {F8CBF3A5-63B3-4312-80A8-637293E07937} - System32\Tasks\Microsoft\Windows\PLA\074C0539-0999-4DA9-9D0D-3D016B62F4E9 => {FF679DA1-8FF2-4474-9C9E-52BBD409B557} C:\Windows\system32\pla.dll [1507328 2020-06-01] (Microsoft Windows -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 84.16.96.225 84.16.96.2
Tcpip\..\Interfaces\{05b16e8c-89c5-420a-83f1-54ffa2179a48}: [DhcpNameServer] 40.53.1.12
Tcpip\..\Interfaces\{d949d488-7472-486a-8bc7-76fc4e231af9}: [DhcpNameServer] 84.16.96.225 84.16.96.2
Edge:
=======
DownloadDir: C:\Users\Oliver\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-1419420685-1268110993-1861172331-1001 -> hxxp://www.seznam.cz/
Edge Extension: (AVG Online Security) -> EdgeExtension_51CA791EAVGOnlineSecurity_s1d0xtrs8dx04 => C:\Program Files\WindowsApps\51CA791E.AVGOnlineSecurity_19.4.444.0_neutral__s1d0xtrs8dx04 [2020-05-27]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Oliver\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-18]
Edge DownloadDir: C:\Users\Oliver\Downloads
Edge HomePage: Default -> hxxp://www.seznam.cz/
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-18] (Microsoft Corporation -> Microsoft Corporation)
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASUSLinkNear; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_206cee59ee512fde\ASUSLinkNear\AsusLinkNear.exe [1085880 2020-12-09] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
R2 ASUSLinkNearExt; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_206cee59ee512fde\ASUSLinkNear\AsusLinkNearExt.exe [142280 2020-12-09] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
R2 ASUSLinkRemote; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_206cee59ee512fde\ASUSLinkRemote\AsusLinkRemote.exe [790968 2020-12-09] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R2 ASUSOptimization; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_206cee59ee512fde\ASUSOptimization\AsusOptimization.exe [311224 2020-12-09] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R2 ASUSSoftwareManager; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_206cee59ee512fde\ASUSSoftwareManager\AsusSoftwareManager.exe [797128 2020-12-09] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_206cee59ee512fde\ASUSSystemAnalysis\AsusSystemAnalysis.exe [2166712 2020-12-09] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_206cee59ee512fde\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [600488 2020-12-09] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8960904 2021-01-03] (Microsoft Corporation -> Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-01-18] (Malwarebytes Inc -> Malwarebytes)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12757520 2020-12-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvam.inf_amd64_c436e4f86f7beadc\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvam.inf_amd64_c436e4f86f7beadc\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AsusPTPDrv; C:\Windows\System32\drivers\AsusPTPFilter.sys [108504 2019-04-23] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R1 ASUSSAIO; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_206cee59ee512fde\ASUSSystemAnalysis\ASUSSAIO.sys [36792 2020-12-09] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R1 ATKWMIACPIIO; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_206cee59ee512fde\ASUSOptimization\atkwmiacpi64.sys [44712 2020-12-09] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2021-01-18] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [220160 2021-01-18] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2021-01-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [197792 2021-01-18] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [77496 2021-01-18] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-01-18] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [141472 2021-01-18] (Malwarebytes Inc -> Malwarebytes)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-18 21:43 - 2021-01-18 21:43 - 000016227 _____ C:\Users\Oliver\Downloads\FRST.txt
2021-01-18 21:43 - 2021-01-18 21:43 - 000000000 ____D C:\FRST
2021-01-18 21:40 - 2021-01-18 21:41 - 002295296 _____ (Farbar) C:\Users\Oliver\Downloads\FRST64.exe
2021-01-18 21:36 - 2021-01-18 21:36 - 000000000 ____D C:\rsit
2021-01-18 21:36 - 2021-01-18 21:36 - 000000000 ____D C:\Program Files\trend micro
2021-01-18 21:35 - 2021-01-18 21:35 - 001222144 _____ C:\Users\Oliver\Downloads\RSITx64.exe
2021-01-18 21:30 - 2021-01-18 21:30 - 000197792 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2021-01-18 21:30 - 2021-01-18 21:30 - 000141472 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2021-01-18 21:30 - 2021-01-18 21:30 - 000077496 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2021-01-18 21:30 - 2021-01-18 21:30 - 000000000 ____D C:\Users\Oliver\AppData\LocalLow\IGDump
2021-01-18 21:22 - 2021-01-18 21:32 - 000000000 ____D C:\Program Files\CCleaner
2021-01-18 21:22 - 2021-01-18 21:22 - 030584912 _____ (Piriform Software Ltd) C:\Users\Oliver\Downloads\ccsetup576.exe
2021-01-18 21:22 - 2021-01-18 21:22 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-01-18 21:22 - 2021-01-18 21:22 - 000002890 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2021-01-18 21:22 - 2021-01-18 21:22 - 000000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2021-01-18 21:22 - 2021-01-18 21:22 - 000000865 _____ C:\ProgramData\Desktop\CCleaner.lnk
2021-01-18 21:22 - 2021-01-18 21:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-01-18 21:05 - 2021-01-18 21:05 - 000000165 _____ C:\Users\Oliver\Desktop\www10.elbaestes.pro.url
2021-01-18 21:02 - 2021-01-18 21:02 - 000000894 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Uninstall 7.lnk
2021-01-18 21:02 - 2021-01-18 21:02 - 000000882 _____ C:\Users\Public\Desktop\Total Uninstall 7.lnk
2021-01-18 21:02 - 2021-01-18 21:02 - 000000882 _____ C:\ProgramData\Desktop\Total Uninstall 7.lnk
2021-01-18 21:02 - 2021-01-18 21:02 - 000000016 _____ C:\ProgramData\mntemp
2021-01-18 21:02 - 2021-01-18 21:02 - 000000012 _____ C:\ProgramData\qtuemdke.aob
2021-01-18 21:02 - 2021-01-18 21:02 - 000000012 _____ C:\ProgramData\qmtcubwg.nqd
2021-01-18 21:02 - 2021-01-18 21:02 - 000000012 _____ C:\ProgramData\oiptnvyg.xmk
2021-01-18 21:02 - 2021-01-18 21:02 - 000000012 _____ C:\ProgramData\ipqbdleq.kee
2021-01-18 21:02 - 2021-01-18 21:02 - 000000008 _____ C:\ProgramData\yiwyxjlh.gfr
2021-01-18 21:02 - 2021-01-18 21:02 - 000000008 _____ C:\ProgramData\rndkvoqs.sir
2021-01-18 21:02 - 2021-01-18 21:02 - 000000008 _____ C:\ProgramData\lygmafen.sxc
2021-01-18 21:02 - 2021-01-18 21:02 - 000000008 _____ C:\ProgramData\iokjqkej.tdb
2021-01-18 21:02 - 2021-01-18 21:02 - 000000000 ____D C:\ProgramData\Martau
2021-01-18 21:01 - 2021-01-18 21:02 - 000000000 ____D C:\Program Files\Total Uninstall 7
2021-01-18 21:01 - 2021-01-18 21:01 - 032236120 _____ C:\Users\Oliver\Downloads\Total-Uninstall-Setup-7.0.0.exe
2021-01-18 20:38 - 2021-01-18 20:38 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-01-18 20:38 - 2021-01-18 20:38 - 000002023 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-01-18 20:38 - 2021-01-18 20:38 - 000002023 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2021-01-18 20:38 - 2021-01-18 20:38 - 000000000 ____D C:\Users\Oliver\AppData\Local\mbam
2021-01-18 20:37 - 2021-01-18 20:37 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2021-01-18 20:37 - 2021-01-18 20:37 - 000220160 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2021-01-18 20:37 - 2021-01-18 20:37 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2021-01-18 20:37 - 2021-01-18 20:37 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2021-01-18 20:37 - 2021-01-18 20:37 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-01-18 20:36 - 2021-01-18 20:36 - 002086424 _____ (Malwarebytes) C:\Users\Oliver\Downloads\MBSetup (1).exe
2021-01-18 20:36 - 2021-01-18 20:36 - 000000000 ____D C:\Program Files\Malwarebytes
2021-01-18 20:35 - 2021-01-18 20:35 - 002086424 _____ (Malwarebytes) C:\Users\Oliver\Downloads\MBSetup.exe
2021-01-15 13:41 - 2021-01-18 20:32 - 000000000 ____D C:\Users\Oliver\AppData\Local\TeamViewer
2021-01-15 13:41 - 2021-01-15 13:41 - 000001118 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2021-01-15 13:41 - 2021-01-15 13:41 - 000001106 _____ C:\Users\Public\Desktop\TeamViewer.lnk
2021-01-15 13:41 - 2021-01-15 13:41 - 000001106 _____ C:\ProgramData\Desktop\TeamViewer.lnk
2021-01-15 13:41 - 2021-01-15 13:41 - 000000000 ____D C:\Users\Oliver\AppData\Roaming\TeamViewer
2021-01-15 13:40 - 2021-01-18 21:30 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-01-15 13:38 - 2021-01-15 13:38 - 040428040 _____ C:\Users\Oliver\Downloads\TeamViewer_Setup.exe
2021-01-14 12:10 - 2021-01-14 12:10 - 000576512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2021-01-14 12:10 - 2021-01-14 12:10 - 000568320 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2021-01-14 12:10 - 2021-01-14 12:10 - 000500224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoScreensaver.scr
2021-01-14 12:10 - 2021-01-14 12:10 - 000455680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl
2021-01-14 12:10 - 2021-01-14 12:10 - 000233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2021-01-14 12:10 - 2021-01-14 12:10 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\VBICodec.ax
2021-01-14 12:10 - 2021-01-14 12:10 - 000135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VBICodec.ax
2021-01-14 12:10 - 2021-01-14 12:10 - 000094720 _____ C:\Windows\system32\VirtualMonitorManager.dll
2021-01-14 12:10 - 2021-01-14 12:10 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl
2021-01-14 12:10 - 2021-01-14 12:10 - 000072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2021-01-14 12:10 - 2021-01-14 12:10 - 000067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscui.cpl
2021-01-14 12:10 - 2021-01-14 12:10 - 000053248 _____ C:\Windows\SysWOW64\BWContextHandler.dll
2021-01-14 12:09 - 2021-01-14 12:10 - 000294912 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2021-01-14 12:09 - 2021-01-14 12:09 - 002590720 _____ C:\Windows\system32\dwmscene.dll
2021-01-14 12:09 - 2021-01-14 12:09 - 001841152 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2021-01-14 12:09 - 2021-01-14 12:09 - 001101312 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll
2021-01-14 12:09 - 2021-01-14 12:09 - 000696832 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2021-01-14 12:09 - 2021-01-14 12:09 - 000555008 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2021-01-14 12:09 - 2021-01-14 12:09 - 000549888 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl
2021-01-14 12:09 - 2021-01-14 12:09 - 000540672 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2021-01-14 12:09 - 2021-01-14 12:09 - 000458240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmsys.cpl
2021-01-14 12:09 - 2021-01-14 12:09 - 000453632 _____ C:\Windows\system32\ssdm.dll
2021-01-14 12:09 - 2021-01-14 12:09 - 000415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2021-01-14 12:09 - 2021-01-14 12:09 - 000331264 _____ C:\Windows\SysWOW64\ssdm.dll
2021-01-14 12:09 - 2021-01-14 12:09 - 000266752 _____ C:\Windows\system32\HeatCore.dll
2021-01-14 12:09 - 2021-01-14 12:09 - 000235520 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2021-01-14 12:09 - 2021-01-14 12:09 - 000208896 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl
2021-01-14 12:09 - 2021-01-14 12:09 - 000208384 _____ C:\Windows\SysWOW64\HeatCore.dll
2021-01-14 12:09 - 2021-01-14 12:09 - 000186368 _____ C:\Windows\system32\BthpanContextHandler.dll
2021-01-14 12:09 - 2021-01-14 12:09 - 000184320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2021-01-14 12:09 - 2021-01-14 12:09 - 000167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2021-01-14 12:09 - 2021-01-14 12:09 - 000164864 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2021-01-14 12:09 - 2021-01-14 12:09 - 000086016 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2021-01-14 12:09 - 2021-01-14 12:09 - 000067072 _____ C:\Windows\system32\BWContextHandler.dll
2021-01-14 12:09 - 2021-01-14 12:09 - 000061440 _____ C:\Windows\system32\rdsxvmaudio.dll
2021-01-14 12:09 - 2021-01-14 12:09 - 000000315 _____ C:\Windows\system32\DrtmAuth9.bin
2021-01-14 12:09 - 2021-01-14 12:09 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2021-01-14 12:09 - 2021-01-14 12:09 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2021-01-14 12:09 - 2021-01-14 12:09 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2021-01-14 12:09 - 2021-01-14 12:09 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2021-01-14 12:09 - 2021-01-14 12:09 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2021-01-14 12:09 - 2021-01-14 12:09 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2021-01-14 12:09 - 2021-01-14 12:09 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2021-01-14 12:09 - 2021-01-14 12:09 - 000000315 _____ C:\Windows\system32\DrtmAuth18.bin
2021-01-14 12:09 - 2021-01-14 12:09 - 000000315 _____ C:\Windows\system32\DrtmAuth17.bin
2021-01-14 12:09 - 2021-01-14 12:09 - 000000315 _____ C:\Windows\system32\DrtmAuth16.bin
2021-01-14 12:09 - 2021-01-14 12:09 - 000000315 _____ C:\Windows\system32\DrtmAuth15.bin
2021-01-14 12:09 - 2021-01-14 12:09 - 000000315 _____ C:\Windows\system32\DrtmAuth12.bin
2021-01-14 12:09 - 2021-01-14 12:09 - 000000315 _____ C:\Windows\system32\DrtmAuth11.bin
2021-01-14 12:09 - 2021-01-14 12:09 - 000000315 _____ C:\Windows\system32\DrtmAuth10.bin
2021-01-14 12:09 - 2021-01-14 12:09 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2021-01-13 13:19 - 2021-01-13 22:42 - 000016112 _____ C:\ProgramData\DisplaySessionContainer35.log_backup1
2021-01-12 22:17 - 2021-01-13 13:19 - 000013912 _____ C:\ProgramData\DisplaySessionContainer34.log_backup1
2021-01-11 22:22 - 2021-01-12 22:17 - 000018952 _____ C:\ProgramData\DisplaySessionContainer33.log_backup1
2021-01-10 22:54 - 2021-01-11 22:22 - 000018324 _____ C:\ProgramData\DisplaySessionContainer32.log_backup1
2021-01-09 23:31 - 2021-01-10 22:54 - 000016118 _____ C:\ProgramData\DisplaySessionContainer31.log_backup1
2021-01-09 00:10 - 2021-01-09 23:31 - 000024597 _____ C:\ProgramData\DisplaySessionContainer30.log_backup1
2021-01-07 22:16 - 2021-01-09 00:10 - 000013333 _____ C:\ProgramData\DisplaySessionContainer29.log_backup1
2021-01-06 21:46 - 2021-01-07 22:16 - 000015771 _____ C:\ProgramData\DisplaySessionContainer28.log_backup1
2021-01-05 22:25 - 2021-01-06 21:46 - 000013914 _____ C:\ProgramData\DisplaySessionContainer27.log_backup1
2021-01-04 22:10 - 2021-01-05 22:25 - 000025254 _____ C:\ProgramData\DisplaySessionContainer26.log_backup1
2021-01-03 22:31 - 2021-01-04 22:10 - 000021352 _____ C:\ProgramData\DisplaySessionContainer25.log_backup1
2021-01-02 22:52 - 2021-01-03 22:31 - 000020839 _____ C:\ProgramData\DisplaySessionContainer24.log_backup1
2021-01-01 23:15 - 2021-01-02 22:52 - 000023048 _____ C:\ProgramData\DisplaySessionContainer23.log_backup1
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-18 21:37 - 2019-07-12 16:43 - 000685252 _____ C:\Windows\system32\perfh005.dat
2021-01-18 21:37 - 2019-07-12 16:43 - 000137918 _____ C:\Windows\system32\perfc005.dat
2021-01-18 21:37 - 2019-07-12 16:29 - 001606106 _____ C:\Windows\system32\PerfStringBackup.INI
2021-01-18 21:37 - 2019-03-19 05:50 - 000000000 ____D C:\Windows\INF
2021-01-18 21:32 - 2020-05-28 01:35 - 000003752 _____ C:\Windows\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2021-01-18 21:31 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-18 21:30 - 2020-06-25 09:40 - 000011727 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2021-01-18 21:30 - 2020-06-18 08:44 - 000017975 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2021-01-18 21:30 - 2020-06-18 08:44 - 000017032 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2021-01-18 21:30 - 2020-05-28 01:37 - 000000000 ___RD C:\Users\Oliver\OneDrive
2021-01-18 21:30 - 2020-05-28 01:35 - 000000000 __SHD C:\Users\Oliver\IntelGraphicsProfiles
2021-01-18 21:30 - 2019-12-24 21:02 - 000000000 ____D C:\ProgramData\NVIDIA
2021-01-18 21:30 - 2019-07-12 16:21 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-01-18 21:30 - 2019-03-19 05:37 - 000786432 _____ C:\Windows\system32\config\BBI
2021-01-18 21:18 - 2020-05-28 01:34 - 000000000 ____D C:\Users\Oliver
2021-01-18 21:08 - 2020-08-25 13:37 - 000001205 _____ C:\ProgramData\NvcDispCorePlugin.log_backup1
2021-01-18 20:49 - 2019-12-24 21:04 - 000000000 ____D C:\Program Files\McAfee
2021-01-18 20:48 - 2019-03-19 05:52 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-01-18 20:48 - 2019-03-19 05:37 - 000032768 _____ C:\Windows\system32\config\ELAM
2021-01-18 20:41 - 2019-07-12 16:21 - 000440808 _____ C:\Windows\system32\FNTCACHE.DAT
2021-01-18 20:33 - 2020-05-27 20:27 - 000000000 ____D C:\Users\Oliver\AppData\Local\D3DSCache
2021-01-18 20:33 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\AppReadiness
2021-01-15 22:57 - 2020-06-25 22:10 - 000020523 _____ C:\ProgramData\DisplaySessionContainer2.log_backup1
2021-01-15 22:52 - 2019-07-12 16:21 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-01-15 19:21 - 2020-05-28 11:28 - 000003764 _____ C:\Windows\system32\Tasks\ASUS Optimization 36D18D69AFC3
2021-01-15 19:21 - 2019-12-24 21:03 - 000004122 _____ C:\Windows\system32\Tasks\ASUS Update Checker 2.0
2021-01-15 13:26 - 2019-07-12 16:27 - 000000000 ____D C:\Program Files\Microsoft Office
2021-01-14 20:28 - 2020-05-28 01:35 - 000000000 ___RD C:\Users\Oliver\3D Objects
2021-01-14 20:28 - 2019-12-24 20:57 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-01-14 20:28 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2021-01-14 20:27 - 2019-03-19 07:20 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-14 20:27 - 2019-03-19 07:20 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ___SD C:\Windows\SysWOW64\F12
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ___SD C:\Windows\system32\UNP
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ___SD C:\Windows\system32\F12
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ___RD C:\Windows\PrintDialog
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SysWOW64\setup
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SysWOW64\Com
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SystemResources
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\setup
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\oobe
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\migwiz
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\Dism
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\Com
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\AdvancedInstallers
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\ShellExperiences
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\ShellComponents
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\Provisioning
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\IME
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\bcastdvr
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-14 16:35 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\LiveKernelReports
2021-01-14 12:14 - 2019-03-19 05:37 - 000000000 ____D C:\Windows\CbsTemp
2021-01-14 12:13 - 2020-06-01 13:37 - 000000000 ____D C:\Windows\system32\MRT
2021-01-14 12:12 - 2020-06-01 13:37 - 135062968 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-01-14 12:09 - 2019-07-12 16:26 - 002877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2021-01-14 11:54 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-09 09:42 - 2020-07-15 07:41 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-09 09:42 - 2020-07-15 07:41 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-01-09 09:42 - 2020-07-15 07:41 - 000002276 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-01-08 21:36 - 2020-09-18 17:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-01-01 23:15 - 2020-09-30 20:58 - 000025251 _____ C:\ProgramData\DisplaySessionContainer22.log_backup1
2021-01-01 00:31 - 2020-09-30 16:45 - 000025574 _____ C:\ProgramData\DisplaySessionContainer21.log_backup1
2020-12-30 23:19 - 2020-07-13 21:47 - 000025890 _____ C:\ProgramData\DisplaySessionContainer20.log_backup1
2020-12-29 20:58 - 2020-07-12 20:32 - 000024583 _____ C:\ProgramData\DisplaySessionContainer19.log_backup1
2020-12-28 23:17 - 2020-07-11 21:37 - 000018638 _____ C:\ProgramData\DisplaySessionContainer18.log_backup1
2020-12-26 22:53 - 2020-06-23 22:16 - 000013914 _____ C:\ProgramData\DisplaySessionContainer17.log_backup1
2020-12-24 10:29 - 2020-09-25 22:11 - 000014233 _____ C:\ProgramData\DisplaySessionContainer15.log_backup1
2020-12-23 23:20 - 2020-06-21 21:48 - 000021160 _____ C:\ProgramData\DisplaySessionContainer14.log_backup1
2020-12-23 00:23 - 2020-06-20 22:37 - 000014234 _____ C:\ProgramData\DisplaySessionContainer13.log_backup1
2020-12-22 15:58 - 2020-06-19 22:15 - 000013914 _____ C:\ProgramData\DisplaySessionContainer12.log_backup1
2020-12-22 13:41 - 2020-06-18 21:52 - 000015135 _____ C:\ProgramData\DisplaySessionContainer11.log_backup1
2020-12-21 23:16 - 2020-06-18 21:32 - 000020846 _____ C:\ProgramData\DisplaySessionContainer10.log_backup1
2020-12-20 23:26 - 2020-06-18 08:44 - 000022727 _____ C:\ProgramData\DisplaySessionContainer9.log_backup1
2020-12-20 00:00 - 2020-06-30 21:47 - 000025885 _____ C:\ProgramData\DisplaySessionContainer8.log_backup1
2020-12-19 00:31 - 2020-06-29 21:08 - 000023366 _____ C:\ProgramData\DisplaySessionContainer7.log_backup1
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Ran by Oliver (administrator) on LAPTOP-NV3BKN5U (ASUSTeK COMPUTER INC. VivoBook_ASUSLaptop X509FJ_X509FJ) (18-01-2021 21:43:20)
Running from C:\Users\Oliver\Downloads
Loaded Profiles: Oliver
Platform: Windows 10 Home Version 1909 18363.1316 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_206cee59ee512fde\ASUSLinkRemote\AsusLinkRemote.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_206cee59ee512fde\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_206cee59ee512fde\ASUSLinkNear\AsusLinkNear.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_206cee59ee512fde\ASUSLinkNear\AsusLinkNearExt.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_206cee59ee512fde\ASUSOptimization\AsusOptimization.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_206cee59ee512fde\ASUSOptimization\AsusOptimizationStartupTask.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_206cee59ee512fde\ASUSOptimization\AsusOSD.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_206cee59ee512fde\ASUSSoftwareManager\AsusSoftwareManager.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_206cee59ee512fde\ASUSSystemAnalysis\AsusSystemAnalysis.exe
(ICEpower a/s -> ICEpower A/S) C:\Windows\System32\DriverStore\FileRepository\icesoundapo64.inf_amd64_db704b106aae3892\ICEsoundService64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_7ecc5be6ca7b3b0d\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_e7523682cc7528cc\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_e7523682cc7528cc\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_9c1ab568b4fa57de\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_9c1ab568b4fa57de\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_eea3cf789013ad4f\RstMwService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <22>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Oliver\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_206cee59ee512fde\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvam.inf_amd64_c436e4f86f7beadc\Display.NvContainer\NVDisplay.Container.exe <2>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [mncyarehsSrv] => C:\Windows\inf\mncyarehs.vbe [1342 2014-01-19] () [File not signed]
HKU\S-1-5-21-1419420685-1268110993-1861172331-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2481016 2020-12-03] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-1419420685-1268110993-1861172331-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32440376 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2021-01-18]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Java 32bit.bat [2018-01-07] () [File not signed]
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {21AC2C83-936C-4C38-940A-8016C6B7FBE4} - System32\Tasks\Microsoft\Windows\PLA\AsusLinkNear => {FF679DA1-8FF2-4474-9C9E-52BBD409B557} C:\Windows\system32\pla.dll [1507328 2020-06-01] (Microsoft Windows -> Microsoft Corporation)
Task: {4D082232-228B-4149-B716-4E840378D83F} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2021-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {5F89EFA2-80E3-4065-9489-4BE3B351C20D} - System32\Tasks\RtkAudUService64_BG => C:\Windows\System32\RtkAudUService64.exe [976888 2019-10-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {6DFAB0AC-C2C7-488A-A1C1-B77F56603A7A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23061896 2021-01-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {756797BE-C80C-4B47-A698-5CC52BD4E608} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_206cee59ee512fde\ASUSSystemAnalysis\AsusSystemAnalysis.exe [2166712 2020-12-09] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
Task: {7ABA43AB-BA92-4862-8966-6BBD3FDCEBAB} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {85B35732-C2F7-47CE-AF0B-B644454A42E1} - System32\Tasks\ASUS Update Checker 2.0 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_206cee59ee512fde\ASUSSoftwareManager\AsusUpdateChecker.exe [693192 2020-12-09] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
Task: {9A94262C-9AF6-46C4-9935-2384497A2AC9} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2021-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {A876CE91-1C5F-4637-9FE1-CC30E5672982} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26913848 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {BFACDAF0-A6B5-4B59-A3F5-9CA7076AD3B0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23061896 2021-01-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {C8E2B61A-11A8-4BE4-B47C-5BEE031C4E88} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_206cee59ee512fde\ASUSOptimization\AsusHotkeyExec.exe [226232 2020-12-09] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
Task: {F8CBF3A5-63B3-4312-80A8-637293E07937} - System32\Tasks\Microsoft\Windows\PLA\074C0539-0999-4DA9-9D0D-3D016B62F4E9 => {FF679DA1-8FF2-4474-9C9E-52BBD409B557} C:\Windows\system32\pla.dll [1507328 2020-06-01] (Microsoft Windows -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 84.16.96.225 84.16.96.2
Tcpip\..\Interfaces\{05b16e8c-89c5-420a-83f1-54ffa2179a48}: [DhcpNameServer] 40.53.1.12
Tcpip\..\Interfaces\{d949d488-7472-486a-8bc7-76fc4e231af9}: [DhcpNameServer] 84.16.96.225 84.16.96.2
Edge:
=======
DownloadDir: C:\Users\Oliver\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-1419420685-1268110993-1861172331-1001 -> hxxp://www.seznam.cz/
Edge Extension: (AVG Online Security) -> EdgeExtension_51CA791EAVGOnlineSecurity_s1d0xtrs8dx04 => C:\Program Files\WindowsApps\51CA791E.AVGOnlineSecurity_19.4.444.0_neutral__s1d0xtrs8dx04 [2020-05-27]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Oliver\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-18]
Edge DownloadDir: C:\Users\Oliver\Downloads
Edge HomePage: Default -> hxxp://www.seznam.cz/
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-18] (Microsoft Corporation -> Microsoft Corporation)
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASUSLinkNear; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_206cee59ee512fde\ASUSLinkNear\AsusLinkNear.exe [1085880 2020-12-09] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
R2 ASUSLinkNearExt; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_206cee59ee512fde\ASUSLinkNear\AsusLinkNearExt.exe [142280 2020-12-09] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
R2 ASUSLinkRemote; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_206cee59ee512fde\ASUSLinkRemote\AsusLinkRemote.exe [790968 2020-12-09] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R2 ASUSOptimization; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_206cee59ee512fde\ASUSOptimization\AsusOptimization.exe [311224 2020-12-09] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R2 ASUSSoftwareManager; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_206cee59ee512fde\ASUSSoftwareManager\AsusSoftwareManager.exe [797128 2020-12-09] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_206cee59ee512fde\ASUSSystemAnalysis\AsusSystemAnalysis.exe [2166712 2020-12-09] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_206cee59ee512fde\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [600488 2020-12-09] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8960904 2021-01-03] (Microsoft Corporation -> Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-01-18] (Malwarebytes Inc -> Malwarebytes)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12757520 2020-12-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvam.inf_amd64_c436e4f86f7beadc\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvam.inf_amd64_c436e4f86f7beadc\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AsusPTPDrv; C:\Windows\System32\drivers\AsusPTPFilter.sys [108504 2019-04-23] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R1 ASUSSAIO; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_206cee59ee512fde\ASUSSystemAnalysis\ASUSSAIO.sys [36792 2020-12-09] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R1 ATKWMIACPIIO; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_206cee59ee512fde\ASUSOptimization\atkwmiacpi64.sys [44712 2020-12-09] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2021-01-18] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [220160 2021-01-18] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2021-01-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [197792 2021-01-18] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [77496 2021-01-18] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-01-18] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [141472 2021-01-18] (Malwarebytes Inc -> Malwarebytes)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-18 21:43 - 2021-01-18 21:43 - 000016227 _____ C:\Users\Oliver\Downloads\FRST.txt
2021-01-18 21:43 - 2021-01-18 21:43 - 000000000 ____D C:\FRST
2021-01-18 21:40 - 2021-01-18 21:41 - 002295296 _____ (Farbar) C:\Users\Oliver\Downloads\FRST64.exe
2021-01-18 21:36 - 2021-01-18 21:36 - 000000000 ____D C:\rsit
2021-01-18 21:36 - 2021-01-18 21:36 - 000000000 ____D C:\Program Files\trend micro
2021-01-18 21:35 - 2021-01-18 21:35 - 001222144 _____ C:\Users\Oliver\Downloads\RSITx64.exe
2021-01-18 21:30 - 2021-01-18 21:30 - 000197792 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2021-01-18 21:30 - 2021-01-18 21:30 - 000141472 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2021-01-18 21:30 - 2021-01-18 21:30 - 000077496 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2021-01-18 21:30 - 2021-01-18 21:30 - 000000000 ____D C:\Users\Oliver\AppData\LocalLow\IGDump
2021-01-18 21:22 - 2021-01-18 21:32 - 000000000 ____D C:\Program Files\CCleaner
2021-01-18 21:22 - 2021-01-18 21:22 - 030584912 _____ (Piriform Software Ltd) C:\Users\Oliver\Downloads\ccsetup576.exe
2021-01-18 21:22 - 2021-01-18 21:22 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-01-18 21:22 - 2021-01-18 21:22 - 000002890 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2021-01-18 21:22 - 2021-01-18 21:22 - 000000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2021-01-18 21:22 - 2021-01-18 21:22 - 000000865 _____ C:\ProgramData\Desktop\CCleaner.lnk
2021-01-18 21:22 - 2021-01-18 21:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-01-18 21:05 - 2021-01-18 21:05 - 000000165 _____ C:\Users\Oliver\Desktop\www10.elbaestes.pro.url
2021-01-18 21:02 - 2021-01-18 21:02 - 000000894 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Uninstall 7.lnk
2021-01-18 21:02 - 2021-01-18 21:02 - 000000882 _____ C:\Users\Public\Desktop\Total Uninstall 7.lnk
2021-01-18 21:02 - 2021-01-18 21:02 - 000000882 _____ C:\ProgramData\Desktop\Total Uninstall 7.lnk
2021-01-18 21:02 - 2021-01-18 21:02 - 000000016 _____ C:\ProgramData\mntemp
2021-01-18 21:02 - 2021-01-18 21:02 - 000000012 _____ C:\ProgramData\qtuemdke.aob
2021-01-18 21:02 - 2021-01-18 21:02 - 000000012 _____ C:\ProgramData\qmtcubwg.nqd
2021-01-18 21:02 - 2021-01-18 21:02 - 000000012 _____ C:\ProgramData\oiptnvyg.xmk
2021-01-18 21:02 - 2021-01-18 21:02 - 000000012 _____ C:\ProgramData\ipqbdleq.kee
2021-01-18 21:02 - 2021-01-18 21:02 - 000000008 _____ C:\ProgramData\yiwyxjlh.gfr
2021-01-18 21:02 - 2021-01-18 21:02 - 000000008 _____ C:\ProgramData\rndkvoqs.sir
2021-01-18 21:02 - 2021-01-18 21:02 - 000000008 _____ C:\ProgramData\lygmafen.sxc
2021-01-18 21:02 - 2021-01-18 21:02 - 000000008 _____ C:\ProgramData\iokjqkej.tdb
2021-01-18 21:02 - 2021-01-18 21:02 - 000000000 ____D C:\ProgramData\Martau
2021-01-18 21:01 - 2021-01-18 21:02 - 000000000 ____D C:\Program Files\Total Uninstall 7
2021-01-18 21:01 - 2021-01-18 21:01 - 032236120 _____ C:\Users\Oliver\Downloads\Total-Uninstall-Setup-7.0.0.exe
2021-01-18 20:38 - 2021-01-18 20:38 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-01-18 20:38 - 2021-01-18 20:38 - 000002023 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-01-18 20:38 - 2021-01-18 20:38 - 000002023 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2021-01-18 20:38 - 2021-01-18 20:38 - 000000000 ____D C:\Users\Oliver\AppData\Local\mbam
2021-01-18 20:37 - 2021-01-18 20:37 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2021-01-18 20:37 - 2021-01-18 20:37 - 000220160 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2021-01-18 20:37 - 2021-01-18 20:37 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2021-01-18 20:37 - 2021-01-18 20:37 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2021-01-18 20:37 - 2021-01-18 20:37 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-01-18 20:36 - 2021-01-18 20:36 - 002086424 _____ (Malwarebytes) C:\Users\Oliver\Downloads\MBSetup (1).exe
2021-01-18 20:36 - 2021-01-18 20:36 - 000000000 ____D C:\Program Files\Malwarebytes
2021-01-18 20:35 - 2021-01-18 20:35 - 002086424 _____ (Malwarebytes) C:\Users\Oliver\Downloads\MBSetup.exe
2021-01-15 13:41 - 2021-01-18 20:32 - 000000000 ____D C:\Users\Oliver\AppData\Local\TeamViewer
2021-01-15 13:41 - 2021-01-15 13:41 - 000001118 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2021-01-15 13:41 - 2021-01-15 13:41 - 000001106 _____ C:\Users\Public\Desktop\TeamViewer.lnk
2021-01-15 13:41 - 2021-01-15 13:41 - 000001106 _____ C:\ProgramData\Desktop\TeamViewer.lnk
2021-01-15 13:41 - 2021-01-15 13:41 - 000000000 ____D C:\Users\Oliver\AppData\Roaming\TeamViewer
2021-01-15 13:40 - 2021-01-18 21:30 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-01-15 13:38 - 2021-01-15 13:38 - 040428040 _____ C:\Users\Oliver\Downloads\TeamViewer_Setup.exe
2021-01-14 12:10 - 2021-01-14 12:10 - 000576512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2021-01-14 12:10 - 2021-01-14 12:10 - 000568320 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2021-01-14 12:10 - 2021-01-14 12:10 - 000500224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoScreensaver.scr
2021-01-14 12:10 - 2021-01-14 12:10 - 000455680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl
2021-01-14 12:10 - 2021-01-14 12:10 - 000233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2021-01-14 12:10 - 2021-01-14 12:10 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\VBICodec.ax
2021-01-14 12:10 - 2021-01-14 12:10 - 000135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VBICodec.ax
2021-01-14 12:10 - 2021-01-14 12:10 - 000094720 _____ C:\Windows\system32\VirtualMonitorManager.dll
2021-01-14 12:10 - 2021-01-14 12:10 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl
2021-01-14 12:10 - 2021-01-14 12:10 - 000072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2021-01-14 12:10 - 2021-01-14 12:10 - 000067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscui.cpl
2021-01-14 12:10 - 2021-01-14 12:10 - 000053248 _____ C:\Windows\SysWOW64\BWContextHandler.dll
2021-01-14 12:09 - 2021-01-14 12:10 - 000294912 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2021-01-14 12:09 - 2021-01-14 12:09 - 002590720 _____ C:\Windows\system32\dwmscene.dll
2021-01-14 12:09 - 2021-01-14 12:09 - 001841152 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2021-01-14 12:09 - 2021-01-14 12:09 - 001101312 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll
2021-01-14 12:09 - 2021-01-14 12:09 - 000696832 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2021-01-14 12:09 - 2021-01-14 12:09 - 000555008 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2021-01-14 12:09 - 2021-01-14 12:09 - 000549888 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl
2021-01-14 12:09 - 2021-01-14 12:09 - 000540672 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2021-01-14 12:09 - 2021-01-14 12:09 - 000458240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmsys.cpl
2021-01-14 12:09 - 2021-01-14 12:09 - 000453632 _____ C:\Windows\system32\ssdm.dll
2021-01-14 12:09 - 2021-01-14 12:09 - 000415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2021-01-14 12:09 - 2021-01-14 12:09 - 000331264 _____ C:\Windows\SysWOW64\ssdm.dll
2021-01-14 12:09 - 2021-01-14 12:09 - 000266752 _____ C:\Windows\system32\HeatCore.dll
2021-01-14 12:09 - 2021-01-14 12:09 - 000235520 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2021-01-14 12:09 - 2021-01-14 12:09 - 000208896 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl
2021-01-14 12:09 - 2021-01-14 12:09 - 000208384 _____ C:\Windows\SysWOW64\HeatCore.dll
2021-01-14 12:09 - 2021-01-14 12:09 - 000186368 _____ C:\Windows\system32\BthpanContextHandler.dll
2021-01-14 12:09 - 2021-01-14 12:09 - 000184320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2021-01-14 12:09 - 2021-01-14 12:09 - 000167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2021-01-14 12:09 - 2021-01-14 12:09 - 000164864 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2021-01-14 12:09 - 2021-01-14 12:09 - 000086016 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2021-01-14 12:09 - 2021-01-14 12:09 - 000067072 _____ C:\Windows\system32\BWContextHandler.dll
2021-01-14 12:09 - 2021-01-14 12:09 - 000061440 _____ C:\Windows\system32\rdsxvmaudio.dll
2021-01-14 12:09 - 2021-01-14 12:09 - 000000315 _____ C:\Windows\system32\DrtmAuth9.bin
2021-01-14 12:09 - 2021-01-14 12:09 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2021-01-14 12:09 - 2021-01-14 12:09 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2021-01-14 12:09 - 2021-01-14 12:09 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2021-01-14 12:09 - 2021-01-14 12:09 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2021-01-14 12:09 - 2021-01-14 12:09 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2021-01-14 12:09 - 2021-01-14 12:09 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2021-01-14 12:09 - 2021-01-14 12:09 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2021-01-14 12:09 - 2021-01-14 12:09 - 000000315 _____ C:\Windows\system32\DrtmAuth18.bin
2021-01-14 12:09 - 2021-01-14 12:09 - 000000315 _____ C:\Windows\system32\DrtmAuth17.bin
2021-01-14 12:09 - 2021-01-14 12:09 - 000000315 _____ C:\Windows\system32\DrtmAuth16.bin
2021-01-14 12:09 - 2021-01-14 12:09 - 000000315 _____ C:\Windows\system32\DrtmAuth15.bin
2021-01-14 12:09 - 2021-01-14 12:09 - 000000315 _____ C:\Windows\system32\DrtmAuth12.bin
2021-01-14 12:09 - 2021-01-14 12:09 - 000000315 _____ C:\Windows\system32\DrtmAuth11.bin
2021-01-14 12:09 - 2021-01-14 12:09 - 000000315 _____ C:\Windows\system32\DrtmAuth10.bin
2021-01-14 12:09 - 2021-01-14 12:09 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2021-01-13 13:19 - 2021-01-13 22:42 - 000016112 _____ C:\ProgramData\DisplaySessionContainer35.log_backup1
2021-01-12 22:17 - 2021-01-13 13:19 - 000013912 _____ C:\ProgramData\DisplaySessionContainer34.log_backup1
2021-01-11 22:22 - 2021-01-12 22:17 - 000018952 _____ C:\ProgramData\DisplaySessionContainer33.log_backup1
2021-01-10 22:54 - 2021-01-11 22:22 - 000018324 _____ C:\ProgramData\DisplaySessionContainer32.log_backup1
2021-01-09 23:31 - 2021-01-10 22:54 - 000016118 _____ C:\ProgramData\DisplaySessionContainer31.log_backup1
2021-01-09 00:10 - 2021-01-09 23:31 - 000024597 _____ C:\ProgramData\DisplaySessionContainer30.log_backup1
2021-01-07 22:16 - 2021-01-09 00:10 - 000013333 _____ C:\ProgramData\DisplaySessionContainer29.log_backup1
2021-01-06 21:46 - 2021-01-07 22:16 - 000015771 _____ C:\ProgramData\DisplaySessionContainer28.log_backup1
2021-01-05 22:25 - 2021-01-06 21:46 - 000013914 _____ C:\ProgramData\DisplaySessionContainer27.log_backup1
2021-01-04 22:10 - 2021-01-05 22:25 - 000025254 _____ C:\ProgramData\DisplaySessionContainer26.log_backup1
2021-01-03 22:31 - 2021-01-04 22:10 - 000021352 _____ C:\ProgramData\DisplaySessionContainer25.log_backup1
2021-01-02 22:52 - 2021-01-03 22:31 - 000020839 _____ C:\ProgramData\DisplaySessionContainer24.log_backup1
2021-01-01 23:15 - 2021-01-02 22:52 - 000023048 _____ C:\ProgramData\DisplaySessionContainer23.log_backup1
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-18 21:37 - 2019-07-12 16:43 - 000685252 _____ C:\Windows\system32\perfh005.dat
2021-01-18 21:37 - 2019-07-12 16:43 - 000137918 _____ C:\Windows\system32\perfc005.dat
2021-01-18 21:37 - 2019-07-12 16:29 - 001606106 _____ C:\Windows\system32\PerfStringBackup.INI
2021-01-18 21:37 - 2019-03-19 05:50 - 000000000 ____D C:\Windows\INF
2021-01-18 21:32 - 2020-05-28 01:35 - 000003752 _____ C:\Windows\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2021-01-18 21:31 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-18 21:30 - 2020-06-25 09:40 - 000011727 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2021-01-18 21:30 - 2020-06-18 08:44 - 000017975 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2021-01-18 21:30 - 2020-06-18 08:44 - 000017032 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2021-01-18 21:30 - 2020-05-28 01:37 - 000000000 ___RD C:\Users\Oliver\OneDrive
2021-01-18 21:30 - 2020-05-28 01:35 - 000000000 __SHD C:\Users\Oliver\IntelGraphicsProfiles
2021-01-18 21:30 - 2019-12-24 21:02 - 000000000 ____D C:\ProgramData\NVIDIA
2021-01-18 21:30 - 2019-07-12 16:21 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-01-18 21:30 - 2019-03-19 05:37 - 000786432 _____ C:\Windows\system32\config\BBI
2021-01-18 21:18 - 2020-05-28 01:34 - 000000000 ____D C:\Users\Oliver
2021-01-18 21:08 - 2020-08-25 13:37 - 000001205 _____ C:\ProgramData\NvcDispCorePlugin.log_backup1
2021-01-18 20:49 - 2019-12-24 21:04 - 000000000 ____D C:\Program Files\McAfee
2021-01-18 20:48 - 2019-03-19 05:52 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-01-18 20:48 - 2019-03-19 05:37 - 000032768 _____ C:\Windows\system32\config\ELAM
2021-01-18 20:41 - 2019-07-12 16:21 - 000440808 _____ C:\Windows\system32\FNTCACHE.DAT
2021-01-18 20:33 - 2020-05-27 20:27 - 000000000 ____D C:\Users\Oliver\AppData\Local\D3DSCache
2021-01-18 20:33 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\AppReadiness
2021-01-15 22:57 - 2020-06-25 22:10 - 000020523 _____ C:\ProgramData\DisplaySessionContainer2.log_backup1
2021-01-15 22:52 - 2019-07-12 16:21 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-01-15 19:21 - 2020-05-28 11:28 - 000003764 _____ C:\Windows\system32\Tasks\ASUS Optimization 36D18D69AFC3
2021-01-15 19:21 - 2019-12-24 21:03 - 000004122 _____ C:\Windows\system32\Tasks\ASUS Update Checker 2.0
2021-01-15 13:26 - 2019-07-12 16:27 - 000000000 ____D C:\Program Files\Microsoft Office
2021-01-14 20:28 - 2020-05-28 01:35 - 000000000 ___RD C:\Users\Oliver\3D Objects
2021-01-14 20:28 - 2019-12-24 20:57 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-01-14 20:28 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2021-01-14 20:27 - 2019-03-19 07:20 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-14 20:27 - 2019-03-19 07:20 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ___SD C:\Windows\SysWOW64\F12
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ___SD C:\Windows\system32\UNP
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ___SD C:\Windows\system32\F12
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ___RD C:\Windows\PrintDialog
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SysWOW64\setup
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SysWOW64\Com
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SystemResources
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\setup
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\oobe
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\migwiz
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\Dism
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\Com
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\AdvancedInstallers
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\ShellExperiences
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\ShellComponents
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\Provisioning
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\IME
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\bcastdvr
2021-01-14 20:27 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-14 16:35 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\LiveKernelReports
2021-01-14 12:14 - 2019-03-19 05:37 - 000000000 ____D C:\Windows\CbsTemp
2021-01-14 12:13 - 2020-06-01 13:37 - 000000000 ____D C:\Windows\system32\MRT
2021-01-14 12:12 - 2020-06-01 13:37 - 135062968 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-01-14 12:09 - 2019-07-12 16:26 - 002877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2021-01-14 11:54 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-09 09:42 - 2020-07-15 07:41 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-09 09:42 - 2020-07-15 07:41 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-01-09 09:42 - 2020-07-15 07:41 - 000002276 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-01-08 21:36 - 2020-09-18 17:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-01-01 23:15 - 2020-09-30 20:58 - 000025251 _____ C:\ProgramData\DisplaySessionContainer22.log_backup1
2021-01-01 00:31 - 2020-09-30 16:45 - 000025574 _____ C:\ProgramData\DisplaySessionContainer21.log_backup1
2020-12-30 23:19 - 2020-07-13 21:47 - 000025890 _____ C:\ProgramData\DisplaySessionContainer20.log_backup1
2020-12-29 20:58 - 2020-07-12 20:32 - 000024583 _____ C:\ProgramData\DisplaySessionContainer19.log_backup1
2020-12-28 23:17 - 2020-07-11 21:37 - 000018638 _____ C:\ProgramData\DisplaySessionContainer18.log_backup1
2020-12-26 22:53 - 2020-06-23 22:16 - 000013914 _____ C:\ProgramData\DisplaySessionContainer17.log_backup1
2020-12-24 10:29 - 2020-09-25 22:11 - 000014233 _____ C:\ProgramData\DisplaySessionContainer15.log_backup1
2020-12-23 23:20 - 2020-06-21 21:48 - 000021160 _____ C:\ProgramData\DisplaySessionContainer14.log_backup1
2020-12-23 00:23 - 2020-06-20 22:37 - 000014234 _____ C:\ProgramData\DisplaySessionContainer13.log_backup1
2020-12-22 15:58 - 2020-06-19 22:15 - 000013914 _____ C:\ProgramData\DisplaySessionContainer12.log_backup1
2020-12-22 13:41 - 2020-06-18 21:52 - 000015135 _____ C:\ProgramData\DisplaySessionContainer11.log_backup1
2020-12-21 23:16 - 2020-06-18 21:32 - 000020846 _____ C:\ProgramData\DisplaySessionContainer10.log_backup1
2020-12-20 23:26 - 2020-06-18 08:44 - 000022727 _____ C:\ProgramData\DisplaySessionContainer9.log_backup1
2020-12-20 00:00 - 2020-06-30 21:47 - 000025885 _____ C:\ProgramData\DisplaySessionContainer8.log_backup1
2020-12-19 00:31 - 2020-06-29 21:08 - 000023366 _____ C:\ProgramData\DisplaySessionContainer7.log_backup1
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
-
Rudy
- Site Admin
- Příspěvky: 118244
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu - sama se otevírá reklamní stránka
Smažte tento soubor:
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Java 32bit.bat
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosím o kontrolu - sama se otevírá reklamní stránka
díky pomohlo to všo OK
-
Rudy
- Site Admin
- Příspěvky: 118244
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu - sama se otevírá reklamní stránka
To jsem rád a nemáte zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?