Dobrý den mám nový notebook s Win 11 a mám problém. Po zapnutí pc notebooku mi vyskočí v prohlížeči (chrome i edge) nová karta a tam stránky xervoo a gestyy.com Mám antivirus F-secure a provedl jsem blokaci ale i přesto se stránka spustí při zapnutí notebooku ale už tam je že to je blokované.Použil jsem program ADWCLEANER ale nic nenašel. program antimalwarebytes též nic nenašel. Mohli by jste mi poradit prosím ?
zde přidávám logy z FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-04-2022
Ran by david (administrator) on PCDOMA (ASUSTeK COMPUTER INC. VivoBook_ASUSLaptop X409JB_A409JB) (05-04-2022 10:52:09)
Running from C:\Users\david\Desktop
Loaded Profiles: david
Platform: Microsoft Windows 11 Home Version 21H2 22000.556 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d362b93e88f9afb\ASUSOptimization\AsusOSD.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.95.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.29\msedgewebview2.exe <6>
(DriverStore\FileRepository\asussci2.inf_amd64_9d362b93e88f9afb\ASUSOptimization\AsusOptimization.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d362b93e88f9afb\ASUSOptimization\AsusOptimizationStartupTask.exe
(DriverStore\FileRepository\asussci2.inf_amd64_9d362b93e88f9afb\ASUSSoftwareManager\AsusSoftwareManager.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d362b93e88f9afb\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_23e9be9389950d33\igfxCUIServiceN.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_23e9be9389950d33\igfxEMN.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <10>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d362b93e88f9afb\ASUSLinkRemote\AsusLinkRemote.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d362b93e88f9afb\AsusAppService\AsusAppService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d362b93e88f9afb\ASUSLinkNear\AsusLinkNear.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d362b93e88f9afb\ASUSOptimization\AsusOptimization.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d362b93e88f9afb\ASUSSoftwareManager\AsusSoftwareManager.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d362b93e88f9afb\ASUSSwitch\AsusSwitch.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d362b93e88f9afb\ASUSSystemAnalysis\AsusSystemAnalysis.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe <3>
(services.exe ->) (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1647513771\fshoster64.exe <2>
(services.exe ->) (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1647513771\fsorsp64.exe
(services.exe ->) (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1647513771\fsulprothoster.exe
(services.exe ->) (ICEpower a/s -> ICEpower A/S) C:\Windows\System32\DriverStore\FileRepository\icesoundapo64.inf_amd64_a5d3270da26fb113\ICEsoundService64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_23e9be9389950d33\igfxCUIServiceN.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_82b77f8c4618e2d0\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_ba273d0ffb93e225\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_3d2488852c7b45a0\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_710678b194c962d0\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_c6fd2d54422ec157\Intel_PIE_Service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_7aa6ca9dbb25bff8\jhi_service.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d362b93e88f9afb\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvam.inf_amd64_61df758291bf519e\Display.NvContainer\NVDisplay.Container.exe <2>
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2202.10603.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.95.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
(svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <3>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKU\S-1-5-21-1533411228-2271978786-1148630678-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [479632 2022-03-29] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1533411228-2271978786-1148630678-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35888256 2022-03-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1533411228-2271978786-1148630678-1001\...\Run: [MicrosoftEdgeAutoLaunch_30FCCE2722F4190AAE310221237BB02B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKU\S-1-5-21-1533411228-2271978786-1148630678-1001\...\MountPoints2: {fb33e38a-ad50-11ec-a4d6-ac12030fdfa6} - "E:\Autorun\autorun.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\100.0.4896.75\Installer\chrmstp.exe [2022-04-04] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat [2019-04-14] () [File not signed] <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0F246912-D05D-4AF2-A508-06E348381505} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d362b93e88f9afb\ASUSOptimization\AsusHotkey.exe [240280 2022-03-07] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {175F61FF-0BE9-4E37-8618-D3EE1B360221} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [59232 2022-03-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {1A7C5146-99EB-4E1E-90CA-B5911A64C9F7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22580696 2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {24FA1F21-9DF5-4DE0-AB79-7991893432B2} - System32\Tasks\GoogleUpdateTaskMachineUA{0F6422D9-4BE9-47A8-A76D-25AA06E6D1BD} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-04-04] (Google LLC -> Google LLC)
Task: {3C4F2689-8B92-44F0-A416-6B4B73F26DFE} - System32\Tasks\CCleanerSkipUAC - david => C:\Program Files\CCleaner\CCleaner.exe [30053504 2022-03-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {42DF2CFD-86B1-4515-9FF5-D0B1F17B8A40} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [137072 2022-03-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {4D27E54E-5D9A-4480-9B04-A9AEF39E8E34} - System32\Tasks\F-Secure\F-Secure Hotfix => C:\Program Files (x86)\F-Secure\SAFE\fs_hotfix.exe [291992 2022-03-24] (F-Secure Corporation -> F-Secure Corporation)
Task: {63346A47-E575-46DF-9511-A190DBABD262} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-03-10] (Piriform Software Ltd -> Piriform)
Task: {6A465644-7385-4981-A42D-D6CB4DBFC0B3} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\RtkAudUService64.exe [1076728 2020-03-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {9583704D-2DB4-4458-9448-2DABB347F69F} - System32\Tasks\GoogleUpdateTaskMachineCore{DA146310-5C44-4488-A58C-E7FB14E7C2F2} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-04-04] (Google LLC -> Google LLC)
Task: {9B288A27-3FFF-487D-86D0-B2041C39D0C4} - System32\Tasks\ASUS Update Checker 2.0 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d362b93e88f9afb\ASUSSoftwareManager\AsusUpdateChecker.exe [772240 2022-03-07] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {A05DA08D-95F2-4E9C-B08D-16A62F792F09} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {A5E08D84-1C0E-48D6-980B-6A7440FC1C57} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d362b93e88f9afb\ASUSSystemAnalysis\AsusSystemAnalysis.exe [3140280 2022-03-07] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {DBE852B8-E04E-4C64-ADC2-DF0962D05380} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22580696 2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {FE49DA6F-BF5F-424B-A4C4-ECBBAA2DB34A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [137072 2022-03-30] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.88.1 192.168.0.1
Tcpip\..\Interfaces\{9b19c42c-39db-4265-b0fc-9890bec1f7d2}: [DhcpNameServer] 192.168.88.1 192.168.0.1
Tcpip\..\Interfaces\{b2ebe98e-eccc-495d-8b48-accafc3c9362}: [DhcpNameServer] 40.52.1.13
Edge:
=======
Edge Profile: C:\Users\david\AppData\Local\Microsoft\Edge\User Data\Default [2022-04-05]
Edge HomePage: Default -> hxxp://www.msn.com/?pc=ASTE
Edge Extension: (Browsing Protection by F-Secure) - C:\Users\david\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cpikpibllpjmpnchjajlibnmmomnnhnm [2022-04-01]
Edge HKLM\...\Edge\Extension: [cpikpibllpjmpnchjajlibnmmomnnhnm]
Edge HKLM-x32\...\Edge\Extension: [cpikpibllpjmpnchjajlibnmmomnnhnm]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-03-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-03-30] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\david\AppData\Local\Google\Chrome\User Data\Default [2022-04-05]
CHR Extension: (Prezentace) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-04-04]
CHR Extension: (Dokumenty) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2022-04-04]
CHR Extension: (Disk Google) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-04-04]
CHR Extension: (YouTube) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-04-04]
CHR Extension: (Tabulky) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-04-04]
CHR Extension: (Dokumenty Google offline) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-04]
CHR Extension: (Browsing Protection by F-Secure) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2022-04-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-04-04]
CHR Extension: (Gmail) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-04-04]
CHR HKLM\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade]
CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AsusAppService; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d362b93e88f9afb\AsusAppService\AsusAppService.exe [870560 2022-03-07] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSLinkNear; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d362b93e88f9afb\ASUSLinkNear\AsusLinkNear.exe [1148560 2022-03-07] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 ASUSLinkRemote; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d362b93e88f9afb\ASUSLinkRemote\AsusLinkRemote.exe [762008 2022-03-07] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSOptimization; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d362b93e88f9afb\ASUSOptimization\AsusOptimization.exe [366744 2022-03-07] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSoftwareManager; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d362b93e88f9afb\ASUSSoftwareManager\AsusSoftwareManager.exe [1046672 2022-03-07] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSwitch; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d362b93e88f9afb\ASUSSwitch\AsusSwitch.exe [603824 2022-03-07] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d362b93e88f9afb\ASUSSystemAnalysis\AsusSystemAnalysis.exe [3140280 2022-03-07] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d362b93e88f9afb\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [702368 2022-03-07] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11649952 2022-02-27] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4958096 2022-03-29] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 fshoster; C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe [234648 2022-03-24] (F-Secure Corporation -> F-Secure Corporation)
R2 fsnethoster; C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe [234648 2022-03-24] (F-Secure Corporation -> F-Secure Corporation)
R2 fsulhoster; C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1647513771\fshoster64.exe [417496 2022-03-27] (F-Secure Corporation -> F-Secure Corporation)
R2 fsulnethoster; C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1647513771\fshoster64.exe [417496 2022-03-27] (F-Secure Corporation -> F-Secure Corporation)
R2 fsulorsp; C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1647513771\fsorsp64.exe [106136 2022-03-27] (F-Secure Corporation -> F-Secure Corporation)
R2 fsulprothoster; C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1647513771\fsulprothoster.exe [417496 2022-03-27] (F-Secure Corporation -> F-Secure Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [2599312 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [128376 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_61df758291bf519e\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_61df758291bf519e\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [112336 2019-10-02] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R3 AsusSAIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d362b93e88f9afb\ASUSSystemAnalysis\AsusSAIO.sys [37048 2022-03-07] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R1 ATKWMIACPIIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d362b93e88f9afb\ASUSOptimization\AsusWmiAcpi.sys [44200 2022-03-07] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2022-03-29] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [63696 2022-03-29] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 F-Secure Gatekeeper; C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1647513771\fsulgk.sys [398792 2022-03-27] (Microsoft Windows Hardware Compatibility Publisher -> F-Secure Corporation)
R0 fsbts; C:\WINDOWS\System32\drivers\fsbts.sys [51736 2022-03-27] (Microsoft Windows Hardware Compatibility Publisher -> F-Secure Corporation)
S0 fselms; C:\WINDOWS\System32\drivers\fselms.sys [15816 2022-03-27] (Microsoft Windows Early Launch Anti-malware Publisher -> F-Secure Corporation)
R2 fsnif2; C:\Program Files (x86)\F-Secure\SAFE\Ultralight\nif2\1643898281\nif2s64.sys [172480 2022-03-27] (Microsoft Windows Hardware Compatibility Publisher -> F-Secure Corporation)
S3 Hsp; C:\WINDOWS\System32\drivers\Hsp.sys [110904 2022-03-26] (Microsoft Windows -> Microsoft Corporation)
R3 iaLPSS2_GPIO2_ICL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_icl.inf_amd64_a88140dd513c6aee\iaLPSS2_GPIO2_ICL.sys [131584 2019-12-25] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 iaLPSS2_I2C_ICL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_icl.inf_amd64_e0e88582ca2b3459\iaLPSS2_I2C_ICL.sys [198656 2019-12-25] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 iaLPSS2_SPI_ICL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_spi_icl.inf_amd64_7e39397aa93f0448\iaLPSS2_SPI_ICL.sys [157696 2019-12-25] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 iaLPSS2_UART2_ICL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_uart2_icl.inf_amd64_cdb4b3c82f5fef21\iaLPSS2_UART2_ICL.sys [310784 2019-12-25] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [49560 2021-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [421112 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [73960 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-04-05 10:52 - 2022-04-05 10:52 - 000023204 _____ C:\Users\david\Desktop\FRST.txt
2022-04-05 10:51 - 2022-04-05 10:52 - 000000000 ____D C:\FRST
2022-04-05 10:50 - 2022-04-05 10:50 - 002365440 _____ (Farbar) C:\Users\david\Desktop\FRST64.exe
2022-04-05 10:07 - 2022-04-05 10:07 - 000000000 ___HD C:\$WinREAgent
2022-04-04 22:20 - 2022-04-04 22:20 - 000002325 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-04-04 22:20 - 2022-04-04 22:20 - 000002284 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-04-04 22:19 - 2022-04-05 10:24 - 000000000 ____D C:\Program Files (x86)\Google
2022-04-04 22:19 - 2022-04-04 22:19 - 001343320 _____ (Google LLC) C:\Users\david\Downloads\ChromeSetup.exe
2022-04-04 22:19 - 2022-04-04 22:19 - 000003550 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{0F6422D9-4BE9-47A8-A76D-25AA06E6D1BD}
2022-04-04 22:19 - 2022-04-04 22:19 - 000003426 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{DA146310-5C44-4488-A58C-E7FB14E7C2F2}
2022-04-04 22:19 - 2022-04-04 22:19 - 000000000 ____D C:\Program Files\Google
2022-04-04 22:07 - 2022-04-04 22:08 - 000000000 ____D C:\AdwCleaner
2022-04-04 22:07 - 2022-04-04 22:07 - 008540344 _____ (Malwarebytes) C:\Users\david\Downloads\adwcleaner.exe
2022-04-04 22:00 - 2022-04-04 22:00 - 000000000 ____D C:\WINDOWS\Panther
2022-04-04 19:15 - 2022-04-04 19:15 - 000000000 ____D C:\Users\david\AppData\Local\mbam
2022-04-03 10:52 - 2022-04-03 10:52 - 000000000 ____D C:\Users\david\AppData\Local\SKIDROW
2022-04-03 10:51 - 2022-04-03 10:51 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2022-04-03 10:51 - 2022-04-03 10:51 - 000000000 ____D C:\Program Files\Reference Assemblies
2022-04-03 10:51 - 2022-04-03 10:51 - 000000000 ____D C:\Program Files\MSBuild
2022-04-03 10:51 - 2022-04-03 10:51 - 000000000 ____D C:\Program Files (x86)\MSBuild
2022-04-03 10:49 - 2022-04-03 10:49 - 000000661 _____ C:\Users\david\Desktop\MAFIA II .lnk
2022-04-01 10:18 - 2022-04-01 10:19 - 000000000 ____D C:\Users\david\Desktop\Documents\NFS Most Wanted
2022-04-01 10:18 - 2022-04-01 10:18 - 000001643 _____ C:\Users\Public\Desktop\NFS Most Wanted.lnk
2022-04-01 10:18 - 2022-04-01 10:18 - 000000000 ____D C:\ProgramData\Caphyon
2022-03-31 08:13 - 2022-03-31 08:13 - 000000000 ____D C:\Users\david\AppData\Roaming\NVIDIA
2022-03-31 08:08 - 2022-03-31 08:08 - 000000000 ____D C:\Users\david\AppData\Local\2K Games
2022-03-30 08:14 - 2022-03-30 08:14 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2022-03-30 08:11 - 2022-03-31 07:50 - 000000000 ____D C:\Users\david\AppData\Local\Disc_Soft_Ltd
2022-03-29 20:19 - 2022-03-29 20:19 - 000000000 ____D C:\Users\david\Desktop\Documents\VIDEA
2022-03-29 20:19 - 2022-03-29 20:19 - 000000000 ____D C:\Users\david\Desktop\Documents\FOTKY
2022-03-29 20:19 - 2022-03-29 20:19 - 000000000 ____D C:\Users\david\Desktop\Documents\DOKUMENTY
2022-03-29 19:55 - 2022-03-29 19:55 - 000000000 ____D C:\Users\david\AppData\Local\Microsoft Help
2022-03-29 19:53 - 2022-03-29 19:53 - 000000000 ____D C:\Users\david\AppData\Roaming\WinRAR
2022-03-29 19:51 - 2022-04-05 10:12 - 000000000 ____D C:\Program Files\CCleaner
2022-03-29 19:51 - 2022-04-04 00:29 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-03-29 19:51 - 2022-03-29 19:51 - 000002886 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - david
2022-03-29 19:51 - 2022-03-29 19:51 - 000000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2022-03-29 19:51 - 2022-03-29 19:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2022-03-29 19:30 - 2022-03-29 19:30 - 000000000 ____D C:\Users\david\AppData\Roaming\DAEMON Tools Lite
2022-03-29 19:29 - 2022-03-29 19:29 - 000063696 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtliteusbbus.sys
2022-03-29 19:29 - 2022-03-29 19:29 - 000042256 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtlitescsibus.sys
2022-03-29 19:29 - 2022-03-29 19:29 - 000000836 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2022-03-29 19:29 - 2022-03-29 19:29 - 000000000 ____D C:\Users\david\AppData\Roaming\Disc-Soft
2022-03-29 19:29 - 2022-03-29 19:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\DAEMON Tools Lite
2022-03-29 19:29 - 2022-03-29 19:29 - 000000000 ____D C:\Program Files\DAEMON Tools Lite
2022-03-29 19:28 - 2022-03-29 19:28 - 000000000 ____D C:\ProgramData\Disc-Soft
2022-03-29 19:26 - 2022-03-29 19:26 - 000000000 ____D C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-03-29 19:26 - 2022-03-29 19:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-03-29 19:25 - 2022-03-29 19:26 - 000000000 ____D C:\Program Files\WinRAR
2022-03-27 09:26 - 2022-03-27 09:26 - 000051736 _____ (F-Secure Corporation) C:\WINDOWS\system32\Drivers\fsbts.sys
2022-03-27 09:26 - 2022-03-27 09:26 - 000015816 _____ (F-Secure Corporation) C:\WINDOWS\system32\Drivers\fselms.sys
2022-03-27 09:26 - 2022-03-27 09:26 - 000002053 _____ C:\Users\Public\Desktop\F-Secure SAFE.lnk
2022-03-27 09:26 - 2022-03-27 09:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\F-Secure
2022-03-27 09:26 - 2022-03-27 09:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\F-Secure
2022-03-27 09:26 - 2022-03-27 09:26 - 000000000 ____D C:\Program Files (x86)\F-Secure
2022-03-27 09:21 - 2022-03-31 10:11 - 000000000 ____D C:\Users\david\AppData\Local\F-Secure
2022-03-27 09:21 - 2022-03-27 09:26 - 000000000 ____D C:\ProgramData\F-Secure
2022-03-27 05:16 - 2022-03-27 05:16 - 000000000 _SHDL C:\Documents and Settings
2022-03-27 05:10 - 2022-03-27 05:10 - 000000000 ____D C:\eSupport
2022-03-27 05:09 - 2022-03-27 10:01 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-03-27 05:09 - 2022-03-27 05:12 - 000000000 ____D C:\ProgramData\Intel
2022-03-27 05:09 - 2022-03-26 22:50 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2022-03-27 05:08 - 2022-04-04 22:16 - 000012288 ___SH C:\DumpStack.log.tmp
2022-03-27 05:08 - 2022-04-04 22:16 - 000000000 ___HD C:\Intel
2022-03-27 05:08 - 2022-04-04 16:44 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-03-27 05:08 - 2022-03-27 05:08 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-03-27 05:08 - 2022-03-26 21:40 - 000000000 ____D C:\ProgramData\ASUS
2022-03-27 00:16 - 2022-03-27 08:24 - 000000000 ____D C:\Users\david\AppData\Roaming\vlc
2022-03-27 00:16 - 2022-03-27 00:16 - 000002049 _____ C:\Users\david\Desktop\K1 VideoLAN v3.lnk
2022-03-27 00:16 - 2022-03-27 00:16 - 000000000 ____D C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\K1 VideoLAN v3
2022-03-27 00:16 - 2022-03-27 00:16 - 000000000 ____D C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\K1 VideoLAN
2022-03-27 00:15 - 2022-03-27 00:16 - 000000000 ____D C:\Program Files (x86)\K1 VideoLAN v3
2022-03-26 23:44 - 2022-03-26 23:44 - 000000017 _____ C:\Users\david\AppData\Local\resmon.resmoncfg
2022-03-26 23:28 - 2022-03-26 23:28 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-03-26 23:02 - 2022-04-04 22:20 - 000000000 ____D C:\Users\david\AppData\Local\Google
2022-03-26 22:59 - 2022-03-26 22:59 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2022-03-26 22:59 - 2022-03-26 22:59 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2022-03-26 22:56 - 2022-04-04 22:24 - 001714894 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-03-26 22:54 - 2022-04-05 10:13 - 000003752 _____ C:\WINDOWS\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2022-03-26 22:54 - 2022-04-04 22:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-03-26 22:54 - 2022-04-04 19:40 - 000003756 _____ C:\WINDOWS\system32\Tasks\ASUS Optimization 36D18D69AFC3
2022-03-26 22:54 - 2022-04-04 19:39 - 000004122 _____ C:\WINDOWS\system32\Tasks\ASUS Update Checker 2.0
2022-03-26 22:54 - 2022-03-27 20:00 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1533411228-2271978786-1148630678-1001
2022-03-26 22:54 - 2022-03-27 20:00 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1533411228-2271978786-1148630678-1001
2022-03-26 22:54 - 2022-03-27 09:24 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2022-03-26 22:54 - 2022-03-26 22:54 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2022-03-26 22:54 - 2022-03-26 22:54 - 000011433 _____ C:\WINDOWS\diagerr.xml
2022-03-26 22:54 - 2022-03-26 22:54 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-03-26 22:54 - 2022-03-26 22:54 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-03-26 22:54 - 2022-03-26 22:54 - 000002852 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3396655946-2138759336-799000995-500
2022-03-26 22:54 - 2022-03-26 22:54 - 000002314 _____ C:\WINDOWS\system32\Tasks\RtkAudUService64_BG
2022-03-26 22:54 - 2022-03-26 22:54 - 000000020 ___SH C:\Users\david\ntuser.ini
2022-03-26 22:54 - 2022-03-26 22:54 - 000000000 _SHDL C:\Users\Default\Šablony
2022-03-26 22:54 - 2022-03-26 22:54 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2022-03-26 22:54 - 2022-03-26 22:54 - 000000000 _SHDL C:\Users\Default\Poslední
2022-03-26 22:54 - 2022-03-26 22:54 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2022-03-26 22:54 - 2022-03-26 22:54 - 000000000 _SHDL C:\Users\Default\Okolní síť
2022-03-26 22:54 - 2022-03-26 22:54 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2022-03-26 22:54 - 2022-03-26 22:54 - 000000000 _SHDL C:\Users\Default\Dokumenty
2022-03-26 22:54 - 2022-03-26 22:54 - 000000000 _SHDL C:\Users\Default\Data aplikací
2022-03-26 22:54 - 2022-03-26 22:54 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2022-03-26 22:54 - 2022-03-26 22:54 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2022-03-26 22:54 - 2022-03-26 22:54 - 000000000 _SHDL C:\ProgramData\Šablony
2022-03-26 22:54 - 2022-03-26 22:54 - 000000000 _SHDL C:\ProgramData\Plocha
2022-03-26 22:54 - 2022-03-26 22:54 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2022-03-26 22:54 - 2022-03-26 22:54 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2022-03-26 22:54 - 2022-03-26 22:54 - 000000000 _SHDL C:\ProgramData\Dokumenty
2022-03-26 22:54 - 2022-03-26 22:54 - 000000000 _SHDL C:\ProgramData\Data aplikací
2022-03-26 22:54 - 2022-03-26 22:54 - 000000000 ____D C:\WINDOWS\system32\Tasks\Intel
2022-03-26 22:49 - 2022-04-04 22:37 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-03-26 22:49 - 2022-04-01 23:55 - 000478640 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-03-26 22:29 - 2022-03-27 00:22 - 000000000 ____D C:\Users\david
2022-03-26 22:29 - 2022-03-26 22:49 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2022-03-26 22:29 - 2022-03-26 22:29 - 000000000 _SHDL C:\Users\david\Šablony
2022-03-26 22:29 - 2022-03-26 22:29 - 000000000 _SHDL C:\Users\david\Soubory cookie
2022-03-26 22:29 - 2022-03-26 22:29 - 000000000 _SHDL C:\Users\david\Poslední
2022-03-26 22:29 - 2022-03-26 22:29 - 000000000 _SHDL C:\Users\david\Okolní tiskárny
2022-03-26 22:29 - 2022-03-26 22:29 - 000000000 _SHDL C:\Users\david\Okolní síť
2022-03-26 22:29 - 2022-03-26 22:29 - 000000000 _SHDL C:\Users\david\Nabídka Start
2022-03-26 22:29 - 2022-03-26 22:29 - 000000000 _SHDL C:\Users\david\Dokumenty
2022-03-26 22:29 - 2022-03-26 22:29 - 000000000 _SHDL C:\Users\david\Desktop\Documents\Obrázky
2022-03-26 22:29 - 2022-03-26 22:29 - 000000000 _SHDL C:\Users\david\Desktop\Documents\Hudba
2022-03-26 22:29 - 2022-03-26 22:29 - 000000000 _SHDL C:\Users\david\Desktop\Documents\Filmy
2022-03-26 22:29 - 2022-03-26 22:29 - 000000000 _SHDL C:\Users\david\Data aplikací
2022-03-26 22:29 - 2022-03-26 22:29 - 000000000 _SHDL C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2022-03-26 22:29 - 2022-03-26 22:29 - 000000000 _SHDL C:\Users\david\AppData\Local\Data aplikací
2022-03-26 22:29 - 2021-06-05 14:04 - 000001281 _____ C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk
2022-03-26 22:29 - 2021-06-05 14:04 - 000000407 _____ C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk
2022-03-26 22:28 - 2022-03-26 22:28 - 000000000 ____D C:\WINDOWS\Firmware
2022-03-26 22:27 - 2022-03-26 22:29 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2022-03-26 22:25 - 2022-03-26 22:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2022-03-26 22:20 - 2022-03-26 22:20 - 000617648 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2022-03-26 22:20 - 2022-03-26 22:20 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-03-26 22:20 - 2022-03-26 22:20 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-03-26 22:20 - 2022-03-26 22:20 - 000425984 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-03-26 22:20 - 2022-03-26 22:20 - 000339968 _____ C:\WINDOWS\system32\pku2u.dll
2022-03-26 22:20 - 2022-03-26 22:20 - 000335872 _____ C:\WINDOWS\system32\Windows.Internal.UI.Dialogs.dll
2022-03-26 22:20 - 2022-03-26 22:20 - 000311296 _____ C:\WINDOWS\system32\EsclScan.dll
2022-03-26 22:20 - 2022-03-26 22:20 - 000267264 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Dialogs.dll
2022-03-26 22:20 - 2022-03-26 22:20 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssText3d.scr
2022-03-26 22:20 - 2022-03-26 22:20 - 000247808 _____ C:\WINDOWS\SysWOW64\pku2u.dll
2022-03-26 22:20 - 2022-03-26 22:20 - 000221184 _____ C:\WINDOWS\SysWOW64\Microsoft.Internal.FrameworkUdk.System.dll
2022-03-26 22:20 - 2022-03-26 22:20 - 000188416 _____ C:\WINDOWS\system32\EsclProtocol.dll
2022-03-26 22:20 - 2022-03-26 22:20 - 000121344 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-03-26 22:20 - 2022-03-26 22:20 - 000077824 _____ C:\WINDOWS\system32\APMonUI.dll
2022-03-26 22:20 - 2022-03-26 22:20 - 000041594 _____ C:\WINDOWS\SysWOW64\ctac.json
2022-03-26 22:20 - 2022-03-26 22:20 - 000040960 _____ C:\WINDOWS\system32\prxyqry.dll
2022-03-26 22:20 - 2022-03-26 22:20 - 000036864 _____ C:\WINDOWS\system32\umpodev.dll
2022-03-26 22:20 - 2022-03-26 22:20 - 000015016 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-03-26 22:20 - 2022-03-26 22:20 - 000013824 _____ C:\WINDOWS\SysWOW64\prxyqry.dll
2022-03-26 22:20 - 2022-03-26 22:20 - 000009522 _____ C:\WINDOWS\system32\ResPriUHMImageList
2022-03-26 22:20 - 2022-03-26 22:20 - 000009522 _____ C:\WINDOWS\system32\ResPriImageList
2022-03-26 22:20 - 2022-03-26 22:20 - 000009522 _____ C:\WINDOWS\system32\ResPriHMImageList
2022-03-26 22:20 - 2022-03-26 22:20 - 000009402 _____ C:\WINDOWS\system32\ResPriHMImageListLowCost
2022-03-26 22:20 - 2022-03-26 22:20 - 000008964 _____ C:\WINDOWS\system32\ResPriLMImageList
2022-03-26 22:20 - 2022-03-26 22:20 - 000008870 _____ C:\WINDOWS\system32\ResPriImageListLowCost
2022-03-26 22:20 - 2022-03-26 22:20 - 000006656 _____ C:\WINDOWS\SysWOW64\nrtapi.dll
2022-03-26 22:20 - 2022-03-26 22:20 - 000003366 _____ C:\WINDOWS\SysWOW64\AppxProvisioning.xml
2022-03-26 22:19 - 2022-03-26 22:19 - 000727576 _____ C:\WINDOWS\system32\TextShaping.dll
2022-03-26 22:19 - 2022-03-26 22:19 - 000614400 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-03-26 22:19 - 2022-03-26 22:19 - 000360448 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2022-03-26 22:19 - 2022-03-26 22:19 - 000339968 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-03-26 22:19 - 2022-03-26 22:19 - 000311296 _____ C:\WINDOWS\system32\Microsoft.Internal.FrameworkUdk.System.dll
2022-03-26 22:19 - 2022-03-26 22:19 - 000286720 _____ C:\WINDOWS\system32\AggregatorHost.exe
2022-03-26 22:19 - 2022-03-26 22:19 - 000258048 _____ C:\WINDOWS\system32\CoreMas.dll
2022-03-26 22:19 - 2022-03-26 22:19 - 000210432 _____ C:\WINDOWS\system32\CloudIdWxhExtension.dll
2022-03-26 22:19 - 2022-03-26 22:19 - 000208896 _____ C:\WINDOWS\system32\IHDS.dll
2022-03-26 22:19 - 2022-03-26 22:19 - 000180224 _____ C:\WINDOWS\system32\CloudExperienceHostRedirection.dll
2022-03-26 22:19 - 2022-03-26 22:19 - 000172032 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-03-26 22:19 - 2022-03-26 22:19 - 000167936 _____ C:\WINDOWS\system32\TpmTool.exe
2022-03-26 22:19 - 2022-03-26 22:19 - 000099560 _____ C:\WINDOWS\system32\wow64con.dll
2022-03-26 22:19 - 2022-03-26 22:19 - 000077824 _____ C:\WINDOWS\system32\runexehelper.exe
2022-03-26 22:19 - 2022-03-26 22:19 - 000041594 _____ C:\WINDOWS\system32\ctac.json
2022-03-26 22:19 - 2022-03-26 22:19 - 000024576 _____ C:\WINDOWS\system32\nrtapi.dll
2022-03-26 22:19 - 2022-03-26 22:19 - 000003366 _____ C:\WINDOWS\system32\AppxProvisioning.xml
2022-03-26 22:03 - 2022-03-26 22:03 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2022-03-26 21:46 - 2022-03-26 21:46 - 000000000 ____D C:\Users\david\AppData\Local\Comms
2022-03-26 21:40 - 2022-03-26 21:40 - 000000000 ____D C:\Users\david\AppData\Local\ASUS
2022-03-26 21:34 - 2022-03-29 18:51 - 000000000 ____D C:\Program Files\RUXIM
2022-03-26 21:34 - 2022-03-26 21:34 - 000001148 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2022-03-26 21:34 - 2022-03-26 21:34 - 000000000 ____D C:\Program Files\PCHealthCheck
2022-03-26 21:32 - 2022-04-04 22:21 - 000000000 ____D C:\Users\david\AppData\Local\D3DSCache
2022-03-26 21:32 - 2022-03-26 21:32 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-03-26 21:31 - 2022-04-05 10:07 - 000000000 ___RD C:\Users\david\OneDrive
2022-03-26 21:31 - 2022-04-01 10:22 - 000000000 ____D C:\Users\david\AppData\Local\PlaceholderTileLogoFolder
2022-03-26 21:31 - 2022-03-26 21:31 - 000000000 ___HD C:\OneDriveTemp
2022-03-26 21:29 - 2022-04-05 10:06 - 000000000 __SHD C:\Users\david\IntelGraphicsProfiles
2022-03-26 21:29 - 2022-04-04 20:03 - 000000000 ____D C:\Users\david\AppData\Local\Packages
2022-03-26 21:29 - 2022-04-04 20:03 - 000000000 ____D C:\ProgramData\Packages
2022-03-26 21:29 - 2022-03-30 19:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2022-03-26 21:29 - 2022-03-26 22:55 - 000000000 ____D C:\Users\david\AppData\Local\ConnectedDevicesPlatform
2022-03-26 21:29 - 2022-03-26 21:46 - 000000000 ____D C:\Users\david\AppData\Local\Publishers
2022-03-26 21:29 - 2022-03-26 21:29 - 000000000 ___RD C:\Users\david\3D Objects
2022-03-26 21:29 - 2022-03-26 21:29 - 000000000 ____D C:\Users\david\AppData\Roaming\Adobe
2022-03-26 21:29 - 2022-03-26 21:29 - 000000000 ____D C:\Users\david\AppData\LocalLow\Intel
2022-03-26 21:29 - 2022-03-26 21:29 - 000000000 ____D C:\Users\david\AppData\Local\VirtualStore
2022-03-26 21:23 - 2022-03-27 20:00 - 000002383 _____ C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-03-26 21:07 - 2022-03-27 05:14 - 000000000 ____D C:\WINDOWS\ASUS
2022-03-26 21:02 - 2022-03-26 21:02 - 000000000 ____D C:\WINDOWS\system32\sk
2022-03-26 21:00 - 2022-03-26 22:49 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2022-03-26 21:00 - 2022-03-26 22:49 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2022-03-26 21:00 - 2022-03-26 22:49 - 000000000 ____D C:\WINDOWS\system32\Macromed
2022-03-26 21:00 - 2022-03-26 21:00 - 000000000 ____D C:\WINDOWS\system32\ti-et
2022-03-26 21:00 - 2022-03-26 21:00 - 000000000 ____D C:\WINDOWS\system32\ta-lk
2022-03-26 21:00 - 2022-03-26 21:00 - 000000000 ____D C:\WINDOWS\system32\ta-in
2022-03-26 21:00 - 2022-03-26 21:00 - 000000000 ____D C:\WINDOWS\system32\si-lk
2022-03-26 21:00 - 2022-03-26 21:00 - 000000000 ____D C:\WINDOWS\system32\osa-Osge-001
2022-03-26 21:00 - 2022-03-26 21:00 - 000000000 ____D C:\WINDOWS\system32\my-mm
2022-03-26 21:00 - 2022-03-26 21:00 - 000000000 ____D C:\WINDOWS\system32\ff-Adlm-SN
2022-03-26 21:00 - 2022-03-26 21:00 - 000000000 ____D C:\WINDOWS\system32\ContainerSettingsProviders
2022-03-26 21:00 - 2022-03-26 21:00 - 000000000 ____D C:\WINDOWS\system32\am-et
2022-03-26 20:53 - 2021-05-28 15:05 - 001511192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-03-26 20:53 - 2021-05-28 15:05 - 001163552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-03-26 20:53 - 2021-05-28 15:05 - 000690456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-03-26 20:53 - 2021-05-28 15:05 - 000678704 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-03-26 20:53 - 2021-05-28 15:05 - 000671504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2022-03-26 20:53 - 2021-05-28 15:05 - 000612120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-03-26 20:53 - 2021-05-28 15:05 - 000556832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2022-03-26 20:53 - 2021-05-28 15:05 - 000546072 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-03-26 20:53 - 2021-05-28 15:04 - 002102576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-03-26 20:53 - 2021-05-28 15:04 - 001587504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-03-26 20:53 - 2021-05-28 15:04 - 000811824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-03-26 20:53 - 2021-05-28 15:04 - 000655664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-03-26 20:53 - 2021-05-28 15:04 - 000445232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-03-26 20:53 - 2021-05-28 15:03 - 008306480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-03-26 20:53 - 2021-05-28 15:03 - 007429904 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-03-26 20:53 - 2021-05-28 15:03 - 005637424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-03-26 20:53 - 2021-05-28 15:03 - 004610328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-03-26 20:53 - 2021-05-28 15:03 - 002729752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-03-26 20:53 - 2021-05-28 15:02 - 000848672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-03-26 20:53 - 2021-05-28 15:01 - 007120352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2022-03-26 20:53 - 2021-05-28 15:01 - 006076536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-03-26 20:53 - 2021-05-28 14:30 - 000084514 _____ C:\WINDOWS\system32\nvinfo.pb
2022-03-26 20:52 - 2022-03-26 21:07 - 000000000 ___HD C:\$SysReset
2022-03-26 20:44 - 2021-08-06 03:11 - 001870368 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-03-26 20:44 - 2021-08-06 03:11 - 001870368 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-03-26 20:44 - 2021-08-06 03:11 - 001450040 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-03-26 20:44 - 2021-08-06 03:11 - 001450040 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-03-26 20:44 - 2021-08-06 03:11 - 001115688 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-03-26 20:44 - 2021-08-06 03:11 - 001115688 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-03-26 20:44 - 2021-08-06 03:11 - 000969232 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-03-26 20:44 - 2021-08-06 03:11 - 000969232 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-03-26 20:44 - 2021-08-06 03:11 - 000459080 _____ C:\WINDOWS\system32\ze_tracing_layer.dll
2022-03-26 20:44 - 2021-08-06 03:11 - 000376160 _____ C:\WINDOWS\system32\ze_loader.dll
2022-03-26 20:44 - 2021-08-06 03:11 - 000309696 _____ (Intel Corporation) C:\WINDOWS\system32\libmfxhw64.dll
2022-03-26 20:44 - 2021-08-06 03:11 - 000257096 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\libmfxhw32.dll
2022-03-26 20:44 - 2021-08-06 03:11 - 000173112 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll
2022-03-26 20:44 - 2021-08-06 03:11 - 000148384 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll
2022-03-26 20:44 - 2021-08-06 03:11 - 000148280 _____ C:\WINDOWS\system32\ze_validation_layer.dll
2022-03-26 20:44 - 2021-08-06 03:10 - 026737480 _____ (Intel Corporation) C:\WINDOWS\system32\mfxplugin64_hw.dll
2022-03-26 20:44 - 2021-08-06 03:10 - 013530440 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfxplugin32_hw.dll
2022-03-26 20:44 - 2021-08-06 03:09 - 000392008 _____ C:\WINDOWS\system32\ControlLib.dll
2022-03-26 20:42 - 2020-12-17 19:19 - 000283336 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTHDASIO64.dll
2022-03-26 20:42 - 2020-12-17 19:19 - 000238280 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RTHDASIO.dll
2022-03-26 20:42 - 2020-03-26 04:46 - 006514520 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPOU64.dll
2022-03-26 20:42 - 2020-03-26 04:46 - 001145680 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtCOM64.dll
2022-03-26 20:42 - 2020-03-26 04:46 - 001076728 _____ (Realtek Semiconductor) C:\WINDOWS\system32\RtkAudUService64.exe
2022-03-26 20:42 - 2020-03-26 04:46 - 000845096 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64U.dll
2022-03-26 20:42 - 2020-03-26 04:46 - 000495528 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2022-03-26 20:42 - 2020-03-26 04:46 - 000224480 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2022-03-26 20:42 - 2020-03-26 04:44 - 007324456 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2022-03-26 20:42 - 2020-03-26 01:35 - 039068972 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-04-05 10:50 - 2021-06-05 14:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-04-05 10:16 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-04-05 00:17 - 2020-10-22 20:07 - 000000000 ____D C:\ProgramData\NVIDIA
2022-04-04 22:24 - 2021-06-05 19:20 - 000727326 _____ C:\WINDOWS\system32\perfh005.dat
2022-04-04 22:24 - 2021-06-05 19:20 - 000151236 _____ C:\WINDOWS\system32\perfc005.dat
2022-04-04 22:24 - 2021-06-05 14:09 - 000000000 ____D C:\WINDOWS\INF
2022-04-04 22:16 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-04-04 22:16 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\ServiceState
2022-04-04 22:16 - 2021-06-05 14:01 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-04-04 21:58 - 2021-06-05 14:10 - 000000000 ___HD C:\Program Files\WindowsApps
2022-04-04 19:19 - 2021-06-05 14:10 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-04-03 10:51 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2022-04-03 10:51 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\MUI
2022-04-03 10:51 - 2021-06-05 14:01 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-04-01 23:55 - 2020-10-22 20:08 - 000000000 ____D C:\Program Files\Common Files\McAfee
2022-03-30 19:03 - 2021-06-05 14:10 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-03-30 19:03 - 2019-10-23 03:12 - 000000000 ____D C:\Program Files\Microsoft Office
2022-03-30 08:28 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\OCR
2022-03-29 20:08 - 2019-03-19 06:49 - 000000076 _____ C:\WINDOWS\win.ini
2022-03-29 18:51 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\appcompat
2022-03-27 09:24 - 2021-06-05 14:01 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-03-27 08:38 - 2021-06-05 14:01 - 000000000 ____D C:\WINDOWS\servicing
2022-03-27 05:14 - 2019-10-23 03:12 - 000000000 ____D C:\WINDOWS\Log
2022-03-27 05:12 - 2020-10-22 20:12 - 000000000 ____D C:\ProgramData\McInstTemp0323141603390354
2022-03-27 05:12 - 2020-10-22 20:07 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2022-03-27 05:12 - 2020-10-22 20:06 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-03-27 05:12 - 2019-10-23 03:12 - 000000000 ____D C:\Program Files\Microsoft Office 15
2022-03-27 05:12 - 2019-10-07 04:51 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2022-03-27 05:11 - 2019-10-23 03:14 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2022-03-26 23:13 - 2021-06-05 14:10 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-03-26 22:57 - 2021-06-05 14:10 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-03-26 22:57 - 2020-10-22 20:04 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-03-26 22:54 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-03-26 22:54 - 2021-06-05 14:10 - 000000000 ____D C:\Program Files\Windows NT
2022-03-26 22:51 - 2021-06-05 14:10 - 000000000 __RHD C:\Users\Public\Libraries
2022-03-26 22:49 - 2021-06-05 19:20 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2022-03-26 22:49 - 2021-06-05 19:20 - 000000000 ____D C:\WINDOWS\system32\WCN
2022-03-26 22:49 - 2021-06-05 14:10 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2022-03-26 22:49 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2022-03-26 22:49 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\spool
2022-03-26 22:49 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2022-03-26 22:49 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2022-03-26 22:49 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\IME
2022-03-26 22:49 - 2021-06-05 14:08 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2022-03-26 22:49 - 2020-10-22 20:16 - 000000000 ____D C:\WINDOWS\OEM
2022-03-26 22:49 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2022-03-26 22:34 - 2021-06-05 14:14 - 000000000 ____D C:\WINDOWS\Setup
2022-03-26 22:32 - 2021-06-05 14:10 - 000000000 ____D C:\ProgramData\USOPrivate
2022-03-26 22:29 - 2021-06-05 19:28 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2022-03-26 22:29 - 2021-06-05 19:28 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-03-26 22:29 - 2021-06-05 19:20 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2022-03-26 22:29 - 2021-06-05 19:20 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2022-03-26 22:29 - 2021-06-05 19:20 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2022-03-26 22:29 - 2021-06-05 19:20 - 000000000 ____D C:\WINDOWS\system32\winrm
2022-03-26 22:29 - 2021-06-05 19:20 - 000000000 ____D C:\WINDOWS\system32\slmgr
2022-03-26 22:29 - 2021-06-05 19:20 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2022-03-26 22:29 - 2021-06-05 14:10 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2022-03-26 22:29 - 2021-06-05 14:10 - 000000000 ___SD C:\WINDOWS\system32\F12
2022-03-26 22:29 - 2021-06-05 14:10 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-03-26 22:29 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2022-03-26 22:29 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-03-26 22:29 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-03-26 22:29 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2022-03-26 22:29 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-03-26 22:29 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-03-26 22:29 - 2021-06-05 14:10 - 000000000 ____D C:\Program Files\Common Files\System
2022-03-26 22:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-03-26 22:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2022-03-26 22:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2022-03-26 22:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-03-26 22:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-03-26 22:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2022-03-26 22:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2022-03-26 22:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2022-03-26 22:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-03-26 22:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-03-26 22:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2022-03-26 22:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SystemResources
2022-03-26 22:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-03-26 22:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2022-03-26 22:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-03-26 22:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\setup
2022-03-26 22:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-03-26 22:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-03-26 22:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-03-26 22:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\id-ID
2022-03-26 22:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2022-03-26 22:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2022-03-26 22:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-03-26 22:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-03-26 22:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2022-03-26 22:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-03-26 22:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-03-26 22:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-03-26 22:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\Provisioning
2022-03-26 22:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\DiagTrack
2022-03-26 22:26 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-03-26 22:25 - 2021-06-05 19:28 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2022-03-26 22:25 - 2021-06-05 19:28 - 000021047 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2022-03-26 22:14 - 2021-06-05 14:10 - 000000000 ____D C:\Program Files\Windows Defender
2022-03-26 22:14 - 2021-06-05 14:10 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2022-03-26 21:29 - 2019-10-23 03:15 - 000002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2022-03-26 21:29 - 2019-10-23 03:15 - 000002513 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2022-03-26 21:29 - 2019-10-23 03:15 - 000002490 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2022-03-26 21:29 - 2019-10-23 03:15 - 000002485 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2022-03-26 21:29 - 2019-10-23 03:15 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2022-03-26 21:29 - 2019-10-23 03:15 - 000002411 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2022-03-26 21:29 - 2019-10-23 03:15 - 000002407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
==================== Files in the root of some directories ========
2022-03-26 23:44 - 2022-03-26 23:44 - 000000017 _____ () C:\Users\david\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-04-2022
Ran by david (05-04-2022 10:53:18)
Running from C:\Users\david\Desktop
Microsoft Windows 11 Home Version 21H2 22000.556 (X64) (2022-03-26 20:54:49)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1533411228-2271978786-1148630678-500 - Administrator - Disabled)
david (S-1-5-21-1533411228-2271978786-1148630678-1001 - Administrator - Enabled) => C:\Users\david
DefaultAccount (S-1-5-21-1533411228-2271978786-1148630678-503 - Limited - Disabled)
Guest (S-1-5-21-1533411228-2271978786-1148630678-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1533411228-2271978786-1148630678-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: F-Secure SAFE (Enabled - Up to date) {EFA7F7EC-9723-5757-549F-DDC923618754}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
CCleaner (HKLM\...\CCleaner) (Version: 5.91 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 11.0.0.1970 - Disc Soft Ltd)
F-Secure SAFE (HKLM-x32\...\{235B3536-A54E-4072-905F-FEFC431CEB2C}) (Version: 18.2 - F-Secure Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 100.0.4896.75 - Google LLC)
K1 VideoLAN (HKLM-x32\...\K1 VideoLAN) (Version: - )
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.14931.20132 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 100.0.1185.29 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 100.0.1185.29 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1533411228-2271978786-1148630678-1001\...\OneDriveSetup.exe) (Version: 22.045.0227.0004 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{4812E2CC-BAA9-49AE-B310-DA845882322B}) (Version: 4.66.0.0 - Microsoft Corporation)
Need For Speed Most Wanted (HKLM-x32\...\Need For Speed Most Wanted 1.3.0) (Version: 1.3.0 - Electronic Arts)
NVIDIA Ovladače grafiky 462.59 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 462.59 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14931.20010 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14931.20094 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.11929.20394 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Packages:
=========
AudioWizard -> C:\Program Files\WindowsApps\ICEpower.AudioWizard_1.5.28.0_x64__dxp88312j1fgj [2022-04-04] (ICEpower)
Clipchamp -> C:\Program Files\WindowsApps\Clipchamp.Clipchamp_1.6.0.0_neutral__yxz26nhyzhsrt [2022-04-04] (Clipchamp)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.3171.0_x64__8wekyb3d8bbwe [2022-04-04] (Microsoft Studios) [MS Ad]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.66.5751.0_x64__8wekyb3d8bbwe [2022-04-02] (Microsoft Corporation) [Startup Task]
MyASUS -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.3.0_x64__qmba6cd70vzyy [2022-04-04] (ASUSTeK COMPUTER INC.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\nvidiacorp.nvidiacontrolpanel_8.1.962.0_x64__56jybvy8sckqj [2022-03-26] (NVIDIA Corp.)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3407.0_x64__8j3eq9eme6ctt [2022-04-04] (INTEL CORP) [Startup Task]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.10.216.0_x64__dt26b99r8h8gj [2022-03-27] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0 [2022-03-26] (Spotify AB) [Startup Task]
WinRAR -> C:\Program Files\WinRAR [2022-03-29] (0)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [F-Secure DataGuard Icon Overlay] -> {CA789262-D278-40F7-AC12-19C0395F9DD9} => C:\Program Files (x86)\F-Secure\SAFE\FsShellExtension64.dll [2022-03-24] (F-Secure Corporation -> F-Secure Corporation)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2022-03-29] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2022-03-29] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_61df758291bf519e\nvshext.dll [2021-05-28] (NVIDIA Corporation -> NVIDIA Corporation)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\david\Desktop\K1 VideoLAN v3.lnk -> C:\Program Files (x86)\K1 VideoLAN v3\vlc.exe (VideoLAN) -> hxxp://www.kabel1.cz/playlist.m3u
ShortcutWithArgument: C:\Users\david\AppData\Local\Microsoft\Edge\User Data\Default\Web Applications\_crx__lmnchbakjbeoekoggbcmegfainnmokbm\Clipchamp.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=lmnchbakjbeoekoggbcmegfainnmokbm --app-url=hxxps://app.clipchamp.com/ --app-launch-source=4
==================== Loaded Modules (Whitelisted) =============
2022-03-26 23:15 - 2022-03-26 23:15 - 000137168 _____ (Microsoft Windows -> Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.95.0_x64__cw5n1h2txyewy\Dashboard\WebView2Loader.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\SAFE\Ultralight\http\1647346890\browser\fs_ie_https\fs_ie_https64.dll [2022-03-27] (F-Secure Corporation -> F-Secure Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-03-30] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\SAFE\Ultralight\http\1647346890\browser\fs_ie_https\fs_ie_https.dll [2022-03-27] (F-Secure Corporation -> F-Secure Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-03-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-03-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-03-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-03-30] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 06:49 - 2019-03-19 06:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1533411228-2271978786-1148630678-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.88.1 - 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{7501FCD9-2575-4AF9-8906-C0FDC7150ABD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4C7CB6BE-DFB1-4658-A31B-34E89B828699}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A6D22B04-FA8D-415A-AD85-63F6835E08B3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6BCA9B03-9C85-44D7-A916-0B29DB94D854}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F8F298B2-2971-4207-ADB9-D4A9D988AC4F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{335D1CE6-9378-435C-A7AE-B00691021287}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F6D2DDB9-21E5-4A35-A516-3C4E4A802785}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{08E4FEA8-BA1B-431F-91D4-CBB90612FC68}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D72FDBE3-C494-439C-960C-9597C231694A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D3CE3B70-5938-4A2E-B56A-4FD96C9C10B0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B2F263A6-E573-4E7E-B0D3-066D42956F82}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AFBCBF77-FE8A-458E-8F65-5BF4FD74C70A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B4751127-0492-4211-B948-1B1026D47855}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22055.502.1226.2344_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8D23FFF8-68C2-4B40-BFFB-6474B58FAA7F}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22055.502.1226.2344_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A19E1A17-C484-4DB7-B524-4D9566BE6BE9}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{A52E56B0-6BF7-42EE-8FC7-FC3905EF16AB}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{2227F659-A836-4207-8A55-5430737B59E8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0B39DE2A-B8E4-485E-ACD0-C88A334D2911}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.3.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{F3CD6579-10B1-4AA4-BCB4-626A7658A267}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.3.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{58FBC573-73B2-42B9-AA66-A127AA3D71E0}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.3.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{AFC54296-C280-477C-8148-208CBCC3CA27}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.3.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{6BE1F49D-54F0-4A2E-99DC-7D0B65D9B4F2}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.29\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E0CA2E28-B986-4C94-BE13-6F1D79EFFE07}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d362b93e88f9afb\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{D2676BB0-86D9-40E2-AC0C-819FF065E1B6}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d362b93e88f9afb\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{69E4BC2C-5070-498A-B014-BF4277C0DE33}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (04/04/2022 07:40:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RtkAudUService64.exe, verze: 1.0.272.1, časové razítko: 0x5e79a2ca
Název chybujícího modulu: combase.dll, verze: 10.0.22000.527, časové razítko: 0x244b2314
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000f90e7
ID chybujícího procesu: 0x11b0
Čas spuštění chybující aplikace: 0x01d84842954b1c2a
Cesta k chybující aplikaci: C:\WINDOWS\system32\RtkAudUService64.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\combase.dll
ID zprávy: 2cb53233-f42f-46d3-8c05-efef6185c09e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (04/04/2022 07:40:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RtkAudUService64.exe, verze: 1.0.272.1, časové razítko: 0x5e79a2ca
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x000001c5e3ef8810
ID chybujícího procesu: 0x11b0
Čas spuštění chybující aplikace: 0x01d84842954b1c2a
Cesta k chybující aplikaci: C:\WINDOWS\system32\RtkAudUService64.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 5c7e343b-800c-4cce-8930-6babfbd6929e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (04/03/2022 10:52:07 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Systém Windows nemůže získat přístup k souboru z jednoho z těchto důvodů:
došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen, nebo
s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí.
Systém Windows kvůli této chybě ukončil program autorun.exe.
Program: autorun.exe
Soubor:
Hodnota chyby je uvedena v části Další údaje.
Akce uživatele
1. Otevřete soubor znovu.
Může se jednat o dočasný problém, který se při novém spuštění programu nebude opakovat.
2.
Pokud k souboru stále nelze získat přístup a:
- Nachází se v síti,
měl by správce sítě ověřit, zda nedošlo k problému se sítí a zda lze server kontaktovat.
- Je na vyměnitelném disku (například disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen do počítače.
3. Zkontrolujte a opravte systém souborů pomocí nástroje CHKDSK. Ten lze spustit tak, že kliknete na tlačítko Start a příkaz Spustit, zadáte příkaz CMD a kliknete na tlačítko OK. Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte klávesu ENTER.
4. Pokud potíže potrvají, obnovte soubor ze záložní kopie.
5. Zjistěte, zda lze otevřít jiné soubory na stejném disku. Pokud ne, může být disk poškozen. Jedná-li se o pevný disk, obraťte se na správce nebo na dodavatele počítačového hardwaru
se žádostí o pomoc.
Další údaje
Hodnota chyby: C0000102
Typ disku: 0
Error: (04/03/2022 10:52:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: autorun.exe_unknown, verze: 0.0.0.0, časové razítko: 0x4c04de0e
Název chybujícího modulu: ntdll.dll, verze: 10.0.22000.527, časové razítko: 0x4ae92803
Kód výjimky: 0xc0000006
Posun chyby: 0x0006944a
ID chybujícího procesu: 0x1268
Čas spuštění chybující aplikace: 0x01d84736b7a8302c
Cesta k chybující aplikaci: E:\Autorun\autorun.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 0362ce68-2f86-4a3d-887a-24cd5bc59c0e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (03/30/2022 08:23:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RtkAudUService64.exe, verze: 1.0.272.1, časové razítko: 0x5e79a2ca
Název chybujícího modulu: combase.dll, verze: 10.0.22000.527, časové razítko: 0x244b2314
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000f90e7
ID chybujícího procesu: 0xf08
Čas spuštění chybující aplikace: 0x01d8415dc11bb934
Cesta k chybující aplikaci: C:\WINDOWS\system32\RtkAudUService64.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\combase.dll
ID zprávy: 4c0b3afc-f21f-490a-a909-189a8918f974
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (03/30/2022 08:23:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RtkAudUService64.exe, verze: 1.0.272.1, časové razítko: 0x5e79a2ca
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000015fa95e4650
ID chybujícího procesu: 0xf08
Čas spuštění chybující aplikace: 0x01d8415dc11bb934
Cesta k chybující aplikaci: C:\WINDOWS\system32\RtkAudUService64.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 5240a37c-7e87-42eb-855e-40fe0bdba20e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (03/29/2022 08:13:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: WebViewHost.exe, verze: 18.2110.1311.0, časové razítko: 0x617e4ffd
Název chybujícího modulu: WebViewHost.exe, verze: 18.2110.1311.0, časové razítko: 0x617e4ffd
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000000e25e
ID chybujícího procesu: 0x26c8
Čas spuštění chybující aplikace: 0x01d843983ee1eb9c
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2110.13110.0_x64__8wekyb3d8bbwe\WebViewHost\WebViewHost.exe
Cesta k chybujícímu modulu: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2110.13110.0_x64__8wekyb3d8bbwe\WebViewHost\WebViewHost.exe
ID zprávy: 66220a60-2190-4e3a-b10d-6a5577da86e2
Úplný název chybujícího balíčku: Microsoft.MicrosoftOfficeHub_18.2110.13110.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: Microsoft.MicrosoftOfficeHub
Error: (03/26/2022 11:48:09 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1017) (User: NT AUTHORITY)
Description: Sběr dat čítače výkonu od služby Lsa byl vypnut z důvodu jedné nebo více chyb generovaných knihovnou čítače výkonu pro tuto službu. Chyby, které vyvolaly tuto akci, byly zapsány do protokolu událostí aplikace. Opravte tyto chyby před novým zapnutím čítačů výkonu pro tuto službu.
System errors:
=============
Error: (04/05/2022 10:06:42 AM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{9B19C42C-39DB-4265-B0FC-9890BEC1F7D2}, protože jiný počítač v síti má stejný název. Server nelze spustit.
Error: (04/04/2022 10:49:14 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{9B19C42C-39DB-4265-B0FC-9890BEC1F7D2}, protože jiný počítač v síti má stejný název. Server nelze spustit.
Error: (04/04/2022 10:47:21 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{9B19C42C-39DB-4265-B0FC-9890BEC1F7D2}, protože jiný počítač v síti má stejný název. Server nelze spustit.
Error: (04/04/2022 08:07:04 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.
Error: (04/04/2022 08:02:45 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{9B19C42C-39DB-4265-B0FC-9890BEC1F7D2}, protože jiný počítač v síti má stejný název. Server nelze spustit.
Error: (04/04/2022 06:22:33 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{9B19C42C-39DB-4265-B0FC-9890BEC1F7D2}, protože jiný počítač v síti má stejný název. Server nelze spustit.
Error: (04/04/2022 05:08:05 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{9B19C42C-39DB-4265-B0FC-9890BEC1F7D2}, protože jiný počítač v síti má stejný název. Server nelze spustit.
Error: (04/04/2022 04:56:03 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{9B19C42C-39DB-4265-B0FC-9890BEC1F7D2}, protože jiný počítač v síti má stejný název. Server nelze spustit.
CodeIntegrity:
===============
Date: 2022-04-05 10:07:22
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1647513771\fsamsi64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2022-04-04 22:20:14
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1647513771\fshook64.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. X409JB.309 08/12/2021
Motherboard: ASUSTeK COMPUTER INC. X409JB
Processor: Intel(R) Core(TM) i5-1035G1 CPU @ 1.00GHz
Percentage of memory in use: 57%
Total physical RAM: 7997.5 MB
Available physical RAM: 3378.07 MB
Total Virtual: 9277.5 MB
Available Virtual: 4176.9 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:83.01 GB) (Free:37.91 GB) NTFS
Drive d: (DISK 2) (Fixed) (Total:392.34 GB) (Free:374.64 GB) NTFS
\\?\Volume{110ed41c-7012-43b8-9524-ce97a21dfc3d}\ (RECOVERY) (Fixed) (Total:1.32 GB) (Free:0.8 GB) NTFS
\\?\Volume{c78dbe89-7bc7-4b5a-b395-1d5e26352d2c}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.21 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 67067F30)
Partition: GPT.
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Reklama v prohlížeči.
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Reklama v prohlížeči.
ahoj,
najdi a ZMAZ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat
najdi a ZMAZ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Reklama v prohlížeči.
Nemůžu nikde najit program data nevím kde ho přesně hledat
Re: Reklama v prohlížeči.
našel jsem program data jako skrytá složka ale nemužu najít to start menu to tam nemám nevím kde hledat dále
Re: Reklama v prohlížeči.
Skus to napr. cez totalcommander
Prip. daj hladat update.bat
Mozno to mas v ceste pocestene - po spusteni
Prip. daj hladat update.bat
Mozno to mas v ceste pocestene - po spusteni
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Reklama v prohlížeči.
Hotovo uz je to ok děkuji za pomoc
Re: Reklama v prohlížeči.
Rado sa stalo
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Přispějete na provoz fóra?