Preventivní kontrola

[PavlosCZ]

Ahoj, prosím o preventivní kontrolu, mám podezření z infekce, předem děkuji

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-01-2021
Ran by ANNA (administrator) on DESKTOP-CIU6LDF (Gigabyte Technology Co., Ltd. EP43-DS3) (09-01-2021 11:30:39)
Running from C:\Users\ANNA\Desktop
Loaded Profiles: ANNA
Platform: Windows 10 Home Version 1909 18363.1256 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.152.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.152.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\87.0.4280.141\Installer\chrmstp.exe [2021-01-08] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {19B7CBD0-45FA-49B3-8E16-15CF37D171F7} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2069952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1F82E931-049A-4A30-8AAC-3A0BBCC79F7F} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-CIU6LDF-ANNA => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {22C7F1AE-942C-4D0B-9E4F-DAD2A7063334} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-08] (Google LLC -> Google LLC)
Task: {2E1A6132-433D-4B01-B8DE-51F8D5AC2DBF} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2E8B1A60-716C-4851-8DD8-22CE59145D76} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {41505C63-51E7-4579-9DCA-005635959AC9} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [510912 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {466FB294-1972-4848-BDEA-7530E9BA3E37} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-08] (Google LLC -> Google LLC)
Task: {76347838-38ED-4A51-AFFB-8B447349E729} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2021-01-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {92756728-A02F-47F6-9744-6ECBEBE7B315} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {981CB7B2-1D25-425B-9626-DE6DF40CC43D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2021-01-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A4DB7C7E-61C4-463C-B805-9B707CF9A74D} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [976832 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C92A422E-63DF-4850-B7C2-32E055F35470} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2021-01-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D10994DD-FDE5-4088-8161-C318E7F4F1FE} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files (x86)\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {F6B57A98-D1FA-437D-987A-0ED2E04C4146} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [757184 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FBE72F90-3A23-4C96-91E8-20F3AD9B86B8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2021-01-08] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{b2b1d8f3-7e69-4d71-9b73-fc8de941129d}: [DhcpNameServer] 192.168.8.1 192.168.8.1

FireFox:
========
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\ANNA\AppData\Local\Google\Chrome\User Data\Default [2021-01-09]
CHR DownloadDir: C:\Download
CHR Notifications: Default -> hxxps://cs.soringpcrepair.com; hxxps://filmora.wondershare.net; hxxps://www.youtube.com
CHR HomePage: Default -> hxxp://www.google.cz/
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=E210CZ91105G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\ANNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-01-08]
CHR Extension: (Dokumenty) - C:\Users\ANNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-01-08]
CHR Extension: (Disk Google) - C:\Users\ANNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-08]
CHR Extension: (YouTube) - C:\Users\ANNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-01-08]
CHR Extension: (Tabulky) - C:\Users\ANNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-01-08]
CHR Extension: (Dokumenty Google offline) - C:\Users\ANNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-01-08]
CHR Extension: (NewTab) - C:\Users\ANNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\imhlianhlhdicjchlbmbfaefhhjencbe [2021-01-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\ANNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-08]
CHR Extension: (Gmail) - C:\Users\ANNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-08]
CHR Extension: (Chrome Media Router) - C:\Users\ANNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-08]
CHR Profile: C:\Users\ANNA\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-01-08]
CHR Profile: C:\Users\ANNA\AppData\Local\Google\Chrome\User Data\System Profile [2021-01-08]
CHR HKLM-x32\...\Chrome\Extension: [imhlianhlhdicjchlbmbfaefhhjencbe]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-02-16] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2021-01-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2021-01-08] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-01-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2021-01-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2021-01-08] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-09 11:30 - 2021-01-09 11:31 - 000014089 _____ C:\Users\ANNA\Desktop\FRST.txt
2021-01-09 11:21 - 2021-01-09 11:30 - 000000000 ____D C:\FRST
2021-01-09 11:16 - 2021-01-09 11:16 - 002282496 _____ (Farbar) C:\Users\ANNA\Desktop\FRST64.exe
2021-01-09 11:10 - 2021-01-09 11:17 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC
2021-01-09 11:10 - 2021-01-09 11:10 - 000003584 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0-DESKTOP-CIU6LDF-ANNA
2021-01-09 10:51 - 2021-01-09 10:51 - 000001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2018.lnk
2021-01-09 10:48 - 2021-01-09 10:50 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-01-08 23:35 - 2021-01-08 23:35 - 000000000 ____D C:\Users\ANNA\AppData\Local\OneDrive
2021-01-08 23:14 - 2021-01-08 23:14 - 000000000 ____D C:\Program Files\UNP
2021-01-08 22:37 - 2021-01-08 22:37 - 000062124 _____ C:\Users\ANNA\AppData\Roaming\nehalessamhassan.txt
2021-01-08 22:09 - 2021-01-08 22:09 - 000000000 ____D C:\Program Files (x86)\Starth
2021-01-08 22:04 - 2021-01-09 10:51 - 000000000 ____D C:\Users\ANNA\Documents\Adobe
2021-01-08 22:02 - 2021-01-08 22:02 - 000000000 ____D C:\Program Files\Adobe
2021-01-08 22:01 - 2021-01-09 11:10 - 000000000 ____D C:\Users\ANNA\AppData\Local\Adobe
2021-01-08 22:01 - 2021-01-09 10:49 - 000000000 ____D C:\ProgramData\Adobe
2021-01-08 22:01 - 2021-01-09 10:48 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-01-08 21:49 - 2021-01-08 21:49 - 000000000 ____D C:\Users\ANNA\AppData\Local\GHISLER
2021-01-08 21:47 - 2021-01-08 21:49 - 000000000 ____D C:\totalcmd
2021-01-08 21:47 - 2021-01-08 21:47 - 000000683 _____ C:\Users\ANNA\Desktop\Total Commander 64 bit.lnk
2021-01-08 21:47 - 2021-01-08 21:47 - 000000000 ____D C:\Users\ANNA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2021-01-08 21:47 - 2021-01-08 21:47 - 000000000 ____D C:\Users\ANNA\AppData\Roaming\GHISLER
2021-01-08 19:02 - 2021-01-08 19:03 - 000000000 ____D C:\ProgramData\Wondershare
2021-01-08 19:02 - 2021-01-08 19:02 - 000000016 _____ C:\ProgramData\mntemp
2021-01-08 18:59 - 2021-01-08 19:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2021-01-08 18:59 - 2021-01-08 18:59 - 000001193 _____ C:\Users\Public\Desktop\Wondershare Filmora X.lnk
2021-01-08 18:59 - 2021-01-08 18:59 - 000000000 ____D C:\Users\ANNA\AppData\Roaming\NVIDIA
2021-01-08 18:59 - 2021-01-08 18:59 - 000000000 ____D C:\Users\ANNA\AppData\Local\Wondershare
2021-01-08 18:58 - 2021-01-08 19:04 - 000000000 ____D C:\ProgramData\Wondershare Filmora
2021-01-08 18:58 - 2021-01-08 19:02 - 000000000 ____D C:\Program Files\Wondershare
2021-01-08 18:58 - 2021-01-08 18:58 - 000000000 ____D C:\Users\ANNA\Documents\Wondershare
2021-01-08 18:53 - 2021-01-08 18:59 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2021-01-08 18:49 - 2021-01-08 19:03 - 000000000 ____D C:\Users\ANNA\AppData\Local\NVIDIA
2021-01-08 18:49 - 2021-01-08 18:49 - 000004000 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-08 18:49 - 2021-01-08 18:49 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-08 18:49 - 2021-01-08 18:49 - 000000000 ____D C:\Users\ANNA\AppData\Local\NVIDIA Corporation
2021-01-08 18:49 - 2021-01-08 18:49 - 000000000 ____D C:\Users\ANNA\AppData\Local\CEF
2021-01-08 18:49 - 2021-01-08 18:49 - 000000000 ____D C:\Users\ANNA\ansel
2021-01-08 18:49 - 2021-01-08 18:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2021-01-08 18:49 - 2018-03-24 02:19 - 002480064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2021-01-08 18:49 - 2018-03-24 02:19 - 002137024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2021-01-08 18:49 - 2018-03-24 02:19 - 001310144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2021-01-08 18:48 - 2021-01-08 18:48 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-08 18:48 - 2021-01-08 18:48 - 000004088 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-08 18:48 - 2021-01-08 18:48 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-08 18:48 - 2021-01-08 18:48 - 000003866 _____ C:\WINDOWS\system32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-08 18:48 - 2021-01-08 18:48 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-08 18:48 - 2021-01-08 18:48 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-08 18:48 - 2021-01-08 18:48 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2021-01-08 18:48 - 2018-03-24 02:19 - 000189784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2021-01-08 18:48 - 2018-03-24 02:19 - 000152408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2021-01-08 18:48 - 2018-03-24 02:19 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2021-01-08 18:48 - 2018-03-24 00:05 - 000138120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2021-01-08 18:48 - 2017-12-08 23:25 - 000798520 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-01-08 18:48 - 2017-12-08 23:25 - 000490808 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-01-08 18:48 - 2017-12-08 23:24 - 000928568 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-01-08 18:48 - 2017-12-08 23:24 - 000591672 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-01-08 18:47 - 2021-01-08 18:48 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2021-01-08 18:47 - 2021-01-08 18:47 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2021-01-08 18:45 - 2021-01-09 11:04 - 000000000 ____D C:\ProgramData\Package Cache
2021-01-08 18:44 - 2018-03-25 17:15 - 000998424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-01-08 18:44 - 2018-03-25 17:15 - 000950016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-01-08 18:44 - 2018-03-25 17:14 - 004318112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-01-08 18:44 - 2018-03-25 17:14 - 003719096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-01-08 18:44 - 2018-03-25 17:14 - 001985112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439135.dll
2021-01-08 18:44 - 2018-03-25 17:14 - 001683712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439135.dll
2021-01-08 18:44 - 2018-03-25 17:14 - 001138720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-01-08 18:44 - 2018-03-25 17:14 - 001065888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-01-08 18:44 - 2018-03-25 17:13 - 040278608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2021-01-08 18:44 - 2018-03-25 17:13 - 035188992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2021-01-08 18:44 - 2018-03-25 17:10 - 013571520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2021-01-08 18:44 - 2018-03-25 17:10 - 011132384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2021-01-08 18:44 - 2018-03-25 17:09 - 019855144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2021-01-08 18:44 - 2018-03-25 17:09 - 016496776 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2021-01-08 18:44 - 2018-03-25 17:09 - 001153744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2021-01-08 18:44 - 2018-03-25 17:09 - 000902096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2021-01-08 18:44 - 2018-03-25 17:08 - 012967056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-01-08 18:44 - 2018-03-25 17:08 - 011001504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-01-08 18:44 - 2018-03-25 17:08 - 003939624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-01-08 18:44 - 2018-03-24 02:19 - 000059240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2021-01-08 18:44 - 2018-03-24 02:19 - 000058816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2021-01-08 18:44 - 2018-03-24 02:19 - 000045600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2021-01-08 18:41 - 2021-01-08 18:41 - 000000000 ____D C:\NVIDIA
2021-01-08 18:33 - 2021-01-09 11:30 - 000000000 ____D C:\Download
2021-01-08 18:21 - 2021-01-08 18:21 - 000000000 ____D C:\ProgramData\ssh
2021-01-08 18:15 - 2021-01-08 18:15 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-08 18:15 - 2021-01-08 18:15 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-08 18:15 - 2021-01-08 18:15 - 000249856 _____ (Gracenote, Inc.) C:\WINDOWS\SysWOW64\gnsdk_fp.dll
2021-01-08 18:15 - 2021-01-08 18:15 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2021-01-08 18:15 - 2021-01-08 18:15 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-08 18:15 - 2021-01-08 18:15 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2021-01-08 18:14 - 2021-01-08 18:14 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2021-01-08 18:14 - 2021-01-08 18:14 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-01-08 18:14 - 2021-01-08 18:14 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-01-08 18:14 - 2021-01-08 18:14 - 002045952 _____ C:\WINDOWS\system32\rdpnano.dll
2021-01-08 18:14 - 2021-01-08 18:14 - 001893888 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2021-01-08 18:14 - 2021-01-08 18:14 - 001282872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-01-08 18:14 - 2021-01-08 18:14 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2021-01-08 18:14 - 2021-01-08 18:14 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2021-01-08 18:14 - 2021-01-08 18:14 - 000860160 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-01-08 18:14 - 2021-01-08 18:14 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2021-01-08 18:14 - 2021-01-08 18:14 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-08 18:14 - 2021-01-08 18:14 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-01-08 18:14 - 2021-01-08 18:14 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-08 18:14 - 2021-01-08 18:14 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-01-08 18:14 - 2021-01-08 18:14 - 000421376 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\system32\curl.exe
2021-01-08 18:14 - 2021-01-08 18:14 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-08 18:14 - 2021-01-08 18:14 - 000386048 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\SysWOW64\curl.exe
2021-01-08 18:14 - 2021-01-08 18:14 - 000259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2021-01-08 18:14 - 2021-01-08 18:14 - 000217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2021-01-08 18:14 - 2021-01-08 18:14 - 000171008 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-01-08 18:14 - 2021-01-08 18:14 - 000110080 _____ C:\WINDOWS\system32\ResBParser.dll
2021-01-08 18:14 - 2021-01-08 18:14 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2021-01-08 18:14 - 2021-01-08 18:14 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2021-01-08 18:14 - 2021-01-08 18:14 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-08 18:14 - 2021-01-08 18:14 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-08 18:14 - 2021-01-08 18:14 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-08 18:14 - 2021-01-08 18:14 - 000059221 _____ C:\WINDOWS\system32\srms.dat
2021-01-08 18:14 - 2021-01-08 18:14 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2021-01-08 18:14 - 2021-01-08 18:14 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2021-01-08 18:14 - 2021-01-08 18:14 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth14.bin
2021-01-08 18:14 - 2021-01-08 18:14 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth13.bin
2021-01-08 18:14 - 2021-01-08 18:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2021-01-08 18:14 - 2021-01-08 18:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2021-01-08 18:14 - 2021-01-08 18:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2021-01-08 18:14 - 2021-01-08 18:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2021-01-08 18:14 - 2021-01-08 18:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2021-01-08 18:14 - 2021-01-08 18:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2021-01-08 18:14 - 2021-01-08 18:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2021-01-08 18:14 - 2021-01-08 18:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2021-01-08 18:14 - 2021-01-08 18:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2021-01-08 18:14 - 2021-01-08 18:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2021-01-08 18:14 - 2021-01-08 18:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2021-01-08 18:14 - 2021-01-08 18:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2021-01-08 18:14 - 2021-01-08 18:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2021-01-08 18:14 - 2021-01-08 18:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2021-01-08 18:14 - 2021-01-08 18:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2021-01-08 18:14 - 2021-01-08 18:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2021-01-08 18:13 - 2021-01-08 18:13 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2021-01-08 18:13 - 2021-01-08 18:13 - 002590208 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-08 18:13 - 2021-01-08 18:13 - 002321408 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-01-08 18:13 - 2021-01-08 18:13 - 001841152 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-08 18:13 - 2021-01-08 18:13 - 001756600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-01-08 18:13 - 2021-01-08 18:13 - 001366144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-01-08 18:13 - 2021-01-08 18:13 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2021-01-08 18:13 - 2021-01-08 18:13 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2021-01-08 18:13 - 2021-01-08 18:13 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2021-01-08 18:13 - 2021-01-08 18:13 - 000811160 _____ C:\WINDOWS\SysWOW64\locale.nls
2021-01-08 18:13 - 2021-01-08 18:13 - 000811160 _____ C:\WINDOWS\system32\locale.nls
2021-01-08 18:13 - 2021-01-08 18:13 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2021-01-08 18:13 - 2021-01-08 18:13 - 000237880 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-01-08 18:13 - 2021-01-08 18:13 - 000164864 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-08 18:13 - 2021-01-08 18:13 - 000059392 _____ C:\WINDOWS\system32\runexehelper.exe
2021-01-08 18:13 - 2021-01-08 18:13 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2021-01-08 18:13 - 2021-01-08 18:13 - 000053248 _____ C:\WINDOWS\system32\Drivers\UsbPmApi.sys
2021-01-08 18:13 - 2021-01-08 18:13 - 000047616 _____ C:\WINDOWS\system32\UsbPmApi.dll
2021-01-08 18:13 - 2021-01-08 18:13 - 000047616 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2021-01-08 18:13 - 2021-01-08 18:13 - 000037888 _____ C:\WINDOWS\system32\usocoreps.dll
2021-01-08 18:13 - 2021-01-08 18:13 - 000035840 _____ C:\WINDOWS\system32\deploymentcsphelper.exe
2021-01-08 18:13 - 2021-01-08 18:13 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2021-01-08 18:12 - 2021-01-08 18:12 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2021-01-08 18:12 - 2021-01-08 18:12 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-08 18:12 - 2021-01-08 18:12 - 000200704 _____ C:\WINDOWS\system32\IHDS.dll
2021-01-08 18:12 - 2021-01-08 18:12 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-01-08 17:51 - 2021-01-08 17:51 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-01-08 17:49 - 2021-01-08 17:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-08 17:31 - 2021-01-09 11:06 - 000000000 ____D C:\ProgramData\NVIDIA
2021-01-08 17:31 - 2018-03-25 17:17 - 000541784 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-01-08 17:31 - 2018-03-25 17:17 - 000447576 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-01-08 17:31 - 2018-03-24 02:19 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2021-01-08 17:31 - 2018-03-24 00:02 - 005952392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2021-01-08 17:31 - 2018-03-24 00:02 - 002596320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2021-01-08 17:31 - 2018-03-24 00:02 - 001767824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2021-01-08 17:31 - 2018-03-24 00:02 - 000633224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2021-01-08 17:31 - 2018-03-24 00:02 - 000451040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2021-01-08 17:31 - 2018-03-24 00:02 - 000123840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2021-01-08 17:31 - 2018-03-24 00:02 - 000083072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2021-01-08 17:31 - 2018-03-21 12:22 - 008114212 _____ C:\WINDOWS\system32\nvcoproc.bin
2021-01-08 17:30 - 2021-01-08 18:49 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-01-08 17:30 - 2021-01-08 18:49 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-01-08 17:30 - 2021-01-08 18:49 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-01-08 17:30 - 2018-03-25 17:08 - 004633920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-01-08 17:30 - 2018-03-24 02:19 - 001682288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2021-01-08 17:30 - 2018-03-24 02:19 - 000226760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2021-01-08 17:30 - 2018-03-24 02:19 - 000048407 _____ C:\WINDOWS\system32\nvinfo.pb
2021-01-08 17:30 - 2017-01-17 05:55 - 001964600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437654.dll
2021-01-08 17:30 - 2017-01-17 05:55 - 001598392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437654.dll
2021-01-08 17:12 - 2021-01-09 00:30 - 000002282 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-01-08 17:12 - 2021-01-08 18:25 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-08 17:12 - 2021-01-08 17:12 - 000000000 ____D C:\Program Files\Google
2021-01-08 17:03 - 2021-01-08 17:29 - 000000000 ____D C:\Users\ANNA\AppData\Local\Google
2021-01-08 17:03 - 2021-01-08 17:03 - 000003472 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-01-08 17:03 - 2021-01-08 17:03 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-01-08 17:03 - 2021-01-08 17:03 - 000000000 ____D C:\Program Files (x86)\Google
2021-01-08 17:02 - 2021-01-08 17:02 - 001321688 _____ (Google LLC) C:\Users\ANNA\Downloads\ChromeSetup.exe
2021-01-08 17:00 - 2021-01-08 23:07 - 000000000 ____D C:\Users\ANNA\AppData\Local\PlaceholderTileLogoFolder
2021-01-08 17:00 - 2021-01-08 17:00 - 000000000 ___HD C:\Users\ANNA\MicrosoftEdgeBackups
2021-01-08 16:45 - 2021-01-08 16:45 - 000000000 ____D C:\Users\ANNA\AppData\Local\Comms
2021-01-07 23:26 - 2021-01-08 17:27 - 000000000 ____D C:\ProgramData\Packages
2021-01-07 23:22 - 2021-01-08 16:59 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3078502766-4097944727-2642959677-1001
2021-01-07 23:22 - 2021-01-08 16:59 - 000000000 ___RD C:\Users\ANNA\OneDrive
2021-01-07 23:21 - 2021-01-07 23:21 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-01-07 23:20 - 2021-01-07 23:20 - 000000000 ____D C:\Users\ANNA\AppData\Local\MicrosoftEdge
2021-01-07 23:19 - 2021-01-09 11:10 - 000000000 ____D C:\Users\ANNA\AppData\Roaming\Adobe
2021-01-07 23:19 - 2021-01-08 22:10 - 000000000 ____D C:\Users\ANNA\AppData\Local\Packages
2021-01-07 23:19 - 2021-01-08 18:25 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-01-07 23:19 - 2021-01-08 18:25 - 000000000 ___RD C:\Users\ANNA\3D Objects
2021-01-07 23:19 - 2021-01-07 23:19 - 000000000 ____D C:\Users\ANNA\AppData\Local\VirtualStore
2021-01-07 23:19 - 2021-01-07 23:19 - 000000000 ____D C:\Users\ANNA\AppData\Local\Publishers
2021-01-07 23:19 - 2021-01-07 23:19 - 000000000 ____D C:\Users\ANNA\AppData\Local\ConnectedDevicesPlatform
2021-01-07 23:18 - 2021-01-09 11:12 - 001606106 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-07 23:18 - 2021-01-08 18:49 - 000000000 ____D C:\Users\ANNA
2021-01-07 23:18 - 2021-01-08 16:59 - 000002362 _____ C:\Users\ANNA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-01-07 23:18 - 2021-01-07 23:18 - 000000020 ___SH C:\Users\ANNA\ntuser.ini
2021-01-07 23:18 - 2021-01-07 23:18 - 000000000 _SHDL C:\Users\ANNA\Šablony
2021-01-07 23:18 - 2021-01-07 23:18 - 000000000 _SHDL C:\Users\ANNA\Soubory cookie
2021-01-07 23:18 - 2021-01-07 23:18 - 000000000 _SHDL C:\Users\ANNA\Poslední
2021-01-07 23:18 - 2021-01-07 23:18 - 000000000 _SHDL C:\Users\ANNA\Okolní tiskárny
2021-01-07 23:18 - 2021-01-07 23:18 - 000000000 _SHDL C:\Users\ANNA\Okolní síť
2021-01-07 23:18 - 2021-01-07 23:18 - 000000000 _SHDL C:\Users\ANNA\Nabídka Start
2021-01-07 23:18 - 2021-01-07 23:18 - 000000000 _SHDL C:\Users\ANNA\Dokumenty
2021-01-07 23:18 - 2021-01-07 23:18 - 000000000 _SHDL C:\Users\ANNA\Documents\Obrázky
2021-01-07 23:18 - 2021-01-07 23:18 - 000000000 _SHDL C:\Users\ANNA\Documents\Hudba
2021-01-07 23:18 - 2021-01-07 23:18 - 000000000 _SHDL C:\Users\ANNA\Documents\Filmy
2021-01-07 23:18 - 2021-01-07 23:18 - 000000000 _SHDL C:\Users\ANNA\Data aplikací
2021-01-07 23:18 - 2021-01-07 23:18 - 000000000 _SHDL C:\Users\ANNA\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2021-01-07 23:18 - 2021-01-07 23:18 - 000000000 _SHDL C:\Users\ANNA\AppData\Local\Data aplikací
2021-01-07 23:15 - 2021-01-07 23:15 - 000000000 ____D C:\WINDOWS\minidump
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Public\Documents\Obrázky
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Public\Documents\Hudba
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Public\Documents\Filmy
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default\Šablony
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default\Poslední
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default\Okolní síť
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default\Dokumenty
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default\Documents\Obrázky
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default\Documents\Hudba
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default\Documents\Filmy
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default\Data aplikací
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default User\Šablony
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default User\Soubory cookie
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default User\Poslední
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default User\Okolní tiskárny
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default User\Okolní síť
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default User\Nabídka Start
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default User\Dokumenty
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default User\Documents\Obrázky
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default User\Documents\Hudba
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default User\Documents\Filmy
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default User\Data aplikací
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Data aplikací
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\ProgramData\Šablony
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\ProgramData\Plocha
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\ProgramData\Dokumenty
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\ProgramData\Data aplikací
2021-01-07 23:06 - 2021-01-07 23:06 - 000000000 ____D C:\ProgramData\USOShared
2021-01-07 23:03 - 2021-01-09 11:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-07 23:03 - 2021-01-08 17:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-01-07 23:03 - 2021-01-07 23:03 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2021-01-07 22:59 - 2021-01-08 21:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-07 22:59 - 2021-01-08 18:22 - 000258096 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-07 22:59 - 2021-01-07 22:59 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-01-07 22:58 - 2021-01-07 23:15 - 000000000 ____D C:\Windows.old
2021-01-07 22:57 - 2021-01-07 22:57 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-01-07 22:46 - 2021-01-07 23:15 - 000000000 ___DC C:\WINDOWS\Panther

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-09 11:27 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2021-01-09 11:20 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-09 11:12 - 2019-03-19 12:55 - 000682526 _____ C:\WINDOWS\system32\perfh005.dat
2021-01-09 11:12 - 2019-03-19 12:55 - 000137244 _____ C:\WINDOWS\system32\perfc005.dat
2021-01-09 11:05 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-01-09 10:32 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-01-09 10:32 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\appcompat
2021-01-08 22:18 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-08 22:10 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-08 18:59 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-01-08 18:21 - 2019-03-19 12:58 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-08 18:21 - 2019-03-19 12:58 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\TextInput
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Common Files\System
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\PerfLogs
2021-01-08 18:21 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\servicing
2021-01-08 18:19 - 2019-03-19 12:58 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-01-08 18:19 - 2019-03-19 12:58 - 000018903 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-01-08 18:19 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-01-08 17:31 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Help
2021-01-08 16:49 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\USOPrivate
2021-01-07 23:16 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\spool
2021-01-07 23:16 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2021-01-07 23:15 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ServiceState
2021-01-07 23:14 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows NT
2021-01-07 23:03 - 2019-03-19 05:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-01-07 22:58 - 2019-03-19 05:56 - 000000000 ____D C:\WINDOWS\Setup
2021-01-07 22:58 - 2019-03-19 05:49 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template

==================== Files in the root of some directories ========

2021-01-08 22:37 - 2021-01-08 22:37 - 000062124 _____ () C:\Users\ANNA\AppData\Roaming\nehalessamhassan.txt

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-01-2021
Ran by ANNA (09-01-2021 11:32:48)
Running from C:\Users\ANNA\Desktop
Windows 10 Home Version 1909 18363.1256 (X64) (2021-01-07 22:15:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3078502766-4097944727-2642959677-500 - Administrator - Disabled)
ANNA (S-1-5-21-3078502766-4097944727-2642959677-1001 - Administrator - Enabled) => C:\Users\ANNA
DefaultAccount (S-1-5-21-3078502766-4097944727-2642959677-503 - Limited - Disabled)
Guest (S-1-5-21-3078502766-4097944727-2642959677-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3078502766-4097944727-2642959677-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_1_5) (Version: 19.1.5 - Adobe Systems Incorporated)
Aktualizace NVIDIA 31.1.10.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.1.10.0 - NVIDIA Corporation) Hidden
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.35 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.141 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Microsoft OneDrive (HKU\S-1-5-21-3078502766-4097944727-2642959677-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29325 (HKLM-x32\...\{33628a12-6787-4b9f-95a1-92449f69fae0}) (Version: 14.28.29325.2 - Microsoft Corporation)
NVIDIA GeForce Experience 3.13.1.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.13.1.30 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.35 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.35 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Ovládací panel NVIDIA 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 391.35 - NVIDIA Corporation) Hidden
StartHi uninstall (HKLM-x32\...\HStar) (Version: - ) <==== ATTENTION
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22a - Ghisler Software GmbH)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Wondershare Filmora X(Build 10.0.10.20) (HKLM\...\Wondershare Filmora X_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2021-01-07] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.2.11280.0_x86__8wekyb3d8bbwe [2021-01-07] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.25.20211.0_x64__8wekyb3d8bbwe [2021-01-07] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe [2021-01-07] (Microsoft Corporation) [MS Ad]
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.152.0_x64__kzf8qxf38zg5c [2021-01-07] (Skype)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0 [2021-01-08] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-01-08 18:59 - 2016-07-21 10:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2021-01-08 18:59 - 2017-09-12 10:34 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2021-01-08 18:48 - 2018-03-24 00:05 - 000880024 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll
2021-01-08 18:48 - 2018-03-24 00:05 - 000343728 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr64.dll
2021-01-08 18:59 - 2017-09-12 10:36 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3078502766-4097944727-2642959677-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.8.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{3D2F7CFD-F768-454C-AA25-A94E1F2DCA6A}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{AA86DB44-AB79-4807-82FD-2A3CC0CA6884}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7954C758-EB45-4A0C-A477-9C95EE391813}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BBCD41F4-FA98-4629-9471-ECE990AA517F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A231C6ED-6B3F-4008-9D9A-82C9E5DBEB8F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8468A3C0-D659-4B4E-B2EE-F1F8CAD0A45F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AC150928-29AC-4323-A19E-0D2176DE9877}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{65AA653D-E6B2-49A8-85D9-C100AEFBBEA5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DAFDF3E9-E815-41EB-AA4F-F3E7AB3F432F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A7ABBAC7-B5B0-460D-9DD7-E2681F9C77A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{95EED746-6610-4CB2-B135-7BCBAEF98E95}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{16234226-D078-471E-BF3B-EE8FD042B175}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9C523C1F-053B-4512-B1D4-BC9137EE9DBA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AE09472E-993B-45A7-BC3A-B96CC0210CEC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F271712F-CDCB-4604-805B-D147F441B81E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

==================== Restore Points =========================

08-01-2021 17:29:55 Windows Update

==================== Faulty Device Manager Devices ============

Name: Multimediální zvukový adaptér
Description: Multimediální zvukový adaptér
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Vstupní zařízení pro sběrnici PCI
Description: Vstupní zařízení pro sběrnici PCI
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (01/08/2021 04:58:24 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0x800704CF
Argument příkazového řádku:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2b1f36bb-c1cd-4306-bf5c-a0367c2d97d8;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (01/08/2021 04:58:11 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0x800704CF
Argument příkazového řádku:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2b1f36bb-c1cd-4306-bf5c-a0367c2d97d8;NotificationInterval=1440;Trigger=UserLogon;SessionId=3

Error: (01/08/2021 04:44:55 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0x800704CF
Argument příkazového řádku:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2b1f36bb-c1cd-4306-bf5c-a0367c2d97d8;NotificationInterval=1440;Trigger=UserLogon;SessionId=2

Error: (01/07/2021 11:25:42 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0x800704CF
Argument příkazového řádku:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2b1f36bb-c1cd-4306-bf5c-a0367c2d97d8;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (01/07/2021 11:20:52 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0x800704CF
Argument příkazového řádku:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2b1f36bb-c1cd-4306-bf5c-a0367c2d97d8;NotificationInterval=1440;Trigger=UserLogon;SessionId=2

Error: (01/07/2021 11:19:46 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0x800704CF
Argument příkazového řádku:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2b1f36bb-c1cd-4306-bf5c-a0367c2d97d8;NotificationInterval=1440;Trigger=TimerEvent

Error: (01/07/2021 11:19:45 PM) (Source: ESENT) (EventID: 455) (User: )
Description: StartMenuExperienceHost (4620,R,98) TILEREPOSITORYS-1-5-21-3078502766-4097944727-2642959677-1001: Při otevírání souboru protokolu C:\Users\ANNA\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/07/2021 11:19:45 PM) (Source: ESENT) (EventID: 522) (User: )
Description: StartMenuExperienceHost (4620,P,98) TILEREPOSITORYS-1-5-21-3078502766-4097944727-2642959677-1001: Pokus o otevření zařízení s názvem \\.\C:, který obsahuje C:\, se nepodařil a došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace se nepodaří a dojde k chybě -1032 (0xfffffbf8).


System errors:
=============
Error: (01/09/2021 10:48:22 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AdobeUpdateService byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/08/2021 11:38:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AdobeUpdateService byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/08/2021 11:20:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AdobeUpdateService byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/08/2021 11:10:55 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-CIU6LDF)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/08/2021 11:10:55 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-CIU6LDF)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/08/2021 11:10:55 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-CIU6LDF)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/08/2021 11:10:55 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-CIU6LDF)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/08/2021 11:10:55 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-CIU6LDF)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
===================================
Date: 2021-01-08 23:14:27.920
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
ID: 2147735505
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_E:\Software\Adobe Photoshop CC 2018 19.1.5 ML CZ x32 x64\Install.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-CIU6LDF\ANNA
Název procesu: C:\totalcmd\TOTALCMD64.EXE
Verze bezpečnostních informací: AV: 1.329.1882.0, AS: 1.329.1882.0, NIS: 1.329.1882.0
Verze modulu: AM: 1.1.17700.4, NIS: 1.1.17700.4

Date: 2021-01-08 23:13:11.547
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/AgentTesla!ml
ID: 2147760503
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\ANNA\AppData\Roaming\xcn.exe; regkey:_HKCU@S-1-5-21-3078502766-4097944727-2642959677-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\xcn; runkey:_HKCU@S-1-5-21-3078502766-4097944727-2642959677-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\xcn
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-CIU6LDF\ANNA
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.329.1882.0, AS: 1.329.1882.0, NIS: 1.329.1882.0
Verze modulu: AM: 1.1.17700.4, NIS: 1.1.17700.4

Date: 2021-01-08 23:12:32.810
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/AgentTesla!ml
ID: 2147760503
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\ANNA\AppData\Roaming\xcn.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-CIU6LDF\ANNA
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.329.1882.0, AS: 1.329.1882.0, NIS: 1.329.1882.0
Verze modulu: AM: 1.1.17700.4, NIS: 1.1.17700.4

Date: 2021-01-08 23:22:15.966
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.1882.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2021-01-08 18:47:23.351
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o nahrání podezřelého souboru pro další analýzu.
Název souboru: C:\Users\ANNA\AppData\Local\Temp\{499c1228-5848-4244-bd53-821055fb865b}\SET3BC.tmp
Sha256: ede016442e1befdf8056387b674ad8889ff7e5df39ab4ef64c0f6f6988524799
Aktuální verze bezpečnostních informací: AV: 1.329.1868.0, AS: 1.329.1868.0
Aktuální verze modulu: 1.1.17700.4
Kód chyby: 0x80508016

==================== Memory info ===========================

BIOS: Award Software International, Inc. F9 09/24/2008
Motherboard: Gigabyte Technology Co., Ltd. EP43-DS3
Processor: Intel(R) Core(TM)2 Quad CPU Q8400 @ 2.66GHz
Percentage of memory in use: 33%
Total physical RAM: 8190.49 MB
Available physical RAM: 5416.4 MB
Total Virtual: 10110.49 MB
Available Virtual: 7112.88 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:223 GB) (Free:182.76 GB) NTFS

\\?\Volume{0228a0e4-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
\\?\Volume{0228a0e4-0000-0000-0000-90c637000000}\ () (Fixed) (Total:0.46 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 0228A0E4)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=476 MB) - (Type=27)

==================== End of Addition.txt =======================

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[PavlosCZ]

# -------------------------------
# Malwarebytes AdwCleaner 8.0.9.0
# -------------------------------
# Build: 01-11-2021
# Database: 2021-01-11.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-11-2021
# Duration: 00:00:00
# OS: Windows 10 Home
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

Deleted NewTab - imhlianhlhdicjchlbmbfaefhhjencbe

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1443 octets] - [11/01/2021 18:13:45]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

[Rudy]

Dejte nové logy FRST+Addition.

[PavlosCZ]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-01-2021
Ran by ANNA (administrator) on DESKTOP-CIU6LDF (Gigabyte Technology Co., Ltd. EP43-DS3) (11-01-2021 19:12:04)
Running from C:\Users\ANNA\Desktop
Loaded Profiles: ANNA
Platform: Windows 10 Home Version 1909 18363.1256 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.1190_none_1716e3ef2a15f08c\TiWorker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.152.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.152.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\87.0.4280.141\Installer\chrmstp.exe [2021-01-08] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {19B7CBD0-45FA-49B3-8E16-15CF37D171F7} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2069952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {22C7F1AE-942C-4D0B-9E4F-DAD2A7063334} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-08] (Google LLC -> Google LLC)
Task: {2E1A6132-433D-4B01-B8DE-51F8D5AC2DBF} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2E8B1A60-716C-4851-8DD8-22CE59145D76} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {41505C63-51E7-4579-9DCA-005635959AC9} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [510912 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {466FB294-1972-4848-BDEA-7530E9BA3E37} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-08] (Google LLC -> Google LLC)
Task: {76347838-38ED-4A51-AFFB-8B447349E729} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2021-01-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {92756728-A02F-47F6-9744-6ECBEBE7B315} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {981CB7B2-1D25-425B-9626-DE6DF40CC43D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2021-01-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A4DB7C7E-61C4-463C-B805-9B707CF9A74D} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [976832 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C92A422E-63DF-4850-B7C2-32E055F35470} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2021-01-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D10994DD-FDE5-4088-8161-C318E7F4F1FE} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files (x86)\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {F6B57A98-D1FA-437D-987A-0ED2E04C4146} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [757184 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F7B7BB2E-913B-46E2-9095-291639057E89} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {FBE72F90-3A23-4C96-91E8-20F3AD9B86B8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2021-01-08] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{b2b1d8f3-7e69-4d71-9b73-fc8de941129d}: [DhcpNameServer] 192.168.8.1 192.168.8.1

FireFox:
========
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\ANNA\AppData\Local\Google\Chrome\User Data\Default [2021-01-11]
CHR DownloadDir: C:\Download
CHR Notifications: Default -> hxxps://cs.soringpcrepair.com; hxxps://filmora.wondershare.net; hxxps://www.youtube.com
CHR HomePage: Default -> hxxp://www.google.cz/
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=E210CZ91105G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\ANNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-01-08]
CHR Extension: (Dokumenty) - C:\Users\ANNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-01-08]
CHR Extension: (Disk Google) - C:\Users\ANNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-08]
CHR Extension: (YouTube) - C:\Users\ANNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-01-08]
CHR Extension: (Tabulky) - C:\Users\ANNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-01-08]
CHR Extension: (Dokumenty Google offline) - C:\Users\ANNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-01-08]
CHR Extension: (NewTab) - C:\Users\ANNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\imhlianhlhdicjchlbmbfaefhhjencbe [2021-01-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\ANNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-08]
CHR Extension: (Gmail) - C:\Users\ANNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-08]
CHR Extension: (Chrome Media Router) - C:\Users\ANNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-08]
CHR Profile: C:\Users\ANNA\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-01-08]
CHR Profile: C:\Users\ANNA\AppData\Local\Google\Chrome\User Data\System Profile [2021-01-08]
CHR HKLM-x32\...\Chrome\Extension: [imhlianhlhdicjchlbmbfaefhhjencbe]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-02-16] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2021-01-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2021-01-08] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-01-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2021-01-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2021-01-08] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-11 19:12 - 2021-01-11 19:12 - 000013027 _____ C:\Users\ANNA\Desktop\FRST.txt
2021-01-11 19:11 - 2021-01-11 19:11 - 000000000 ____D C:\Users\ANNA\Desktop\FRST-OlderVersion
2021-01-11 18:18 - 2021-01-11 18:18 - 000001613 _____ C:\Users\ANNA\Desktop\AdwCleaner[C00].txt
2021-01-11 18:13 - 2021-01-11 18:15 - 000000000 ____D C:\AdwCleaner
2021-01-11 18:11 - 2021-01-11 18:11 - 008458096 _____ (Malwarebytes) C:\Users\ANNA\Desktop\adwcleaner_8.0.9.exe
2021-01-10 15:47 - 2021-01-11 18:13 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-01-10 15:47 - 2021-01-10 15:47 - 000003522 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2021-01-10 10:00 - 2021-01-10 10:17 - 000000000 ____D C:\TEMP
2021-01-09 19:05 - 2021-01-09 19:05 - 000001085 _____ C:\Users\ANNA\Desktop\Photoshop.lnk
2021-01-09 13:50 - 2021-01-09 13:50 - 000008061 _____ C:\Users\ANNA\Desktop\FRST.zip
2021-01-09 11:21 - 2021-01-11 19:12 - 000000000 ____D C:\FRST
2021-01-09 11:16 - 2021-01-11 19:11 - 002281472 _____ (Farbar) C:\Users\ANNA\Desktop\FRST64.exe
2021-01-09 10:51 - 2021-01-09 10:51 - 000001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2018.lnk
2021-01-09 10:48 - 2021-01-09 10:50 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-01-08 23:35 - 2021-01-08 23:35 - 000000000 ____D C:\Users\ANNA\AppData\Local\OneDrive
2021-01-08 23:14 - 2021-01-08 23:14 - 000000000 ____D C:\Program Files\UNP
2021-01-08 22:37 - 2021-01-08 22:37 - 000062124 _____ C:\Users\ANNA\AppData\Roaming\nehalessamhassan.txt
2021-01-08 22:09 - 2021-01-08 22:09 - 000000000 ____D C:\Program Files (x86)\Starth
2021-01-08 22:04 - 2021-01-09 10:51 - 000000000 ____D C:\Users\ANNA\Documents\Adobe
2021-01-08 22:02 - 2021-01-08 22:02 - 000000000 ____D C:\Program Files\Adobe
2021-01-08 22:01 - 2021-01-09 11:10 - 000000000 ____D C:\Users\ANNA\AppData\Local\Adobe
2021-01-08 22:01 - 2021-01-09 10:49 - 000000000 ____D C:\ProgramData\Adobe
2021-01-08 22:01 - 2021-01-09 10:48 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-01-08 21:49 - 2021-01-08 21:49 - 000000000 ____D C:\Users\ANNA\AppData\Local\GHISLER
2021-01-08 21:47 - 2021-01-08 21:49 - 000000000 ____D C:\totalcmd
2021-01-08 21:47 - 2021-01-08 21:47 - 000000683 _____ C:\Users\ANNA\Desktop\Total Commander 64 bit.lnk
2021-01-08 21:47 - 2021-01-08 21:47 - 000000000 ____D C:\Users\ANNA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2021-01-08 21:47 - 2021-01-08 21:47 - 000000000 ____D C:\Users\ANNA\AppData\Roaming\GHISLER
2021-01-08 19:02 - 2021-01-08 19:03 - 000000000 ____D C:\ProgramData\Wondershare
2021-01-08 19:02 - 2021-01-08 19:02 - 000000016 _____ C:\ProgramData\mntemp
2021-01-08 18:59 - 2021-01-08 19:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2021-01-08 18:59 - 2021-01-08 18:59 - 000001193 _____ C:\Users\Public\Desktop\Wondershare Filmora X.lnk
2021-01-08 18:59 - 2021-01-08 18:59 - 000000000 ____D C:\Users\ANNA\AppData\Roaming\NVIDIA
2021-01-08 18:59 - 2021-01-08 18:59 - 000000000 ____D C:\Users\ANNA\AppData\Local\Wondershare
2021-01-08 18:58 - 2021-01-08 19:04 - 000000000 ____D C:\ProgramData\Wondershare Filmora
2021-01-08 18:58 - 2021-01-08 19:02 - 000000000 ____D C:\Program Files\Wondershare
2021-01-08 18:58 - 2021-01-08 18:58 - 000000000 ____D C:\Users\ANNA\Documents\Wondershare
2021-01-08 18:53 - 2021-01-08 18:59 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2021-01-08 18:49 - 2021-01-08 19:03 - 000000000 ____D C:\Users\ANNA\AppData\Local\NVIDIA
2021-01-08 18:49 - 2021-01-08 18:49 - 000004000 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-08 18:49 - 2021-01-08 18:49 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-08 18:49 - 2021-01-08 18:49 - 000000000 ____D C:\Users\ANNA\AppData\Local\NVIDIA Corporation
2021-01-08 18:49 - 2021-01-08 18:49 - 000000000 ____D C:\Users\ANNA\AppData\Local\CEF
2021-01-08 18:49 - 2021-01-08 18:49 - 000000000 ____D C:\Users\ANNA\ansel
2021-01-08 18:49 - 2021-01-08 18:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2021-01-08 18:49 - 2018-03-24 02:19 - 002480064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2021-01-08 18:49 - 2018-03-24 02:19 - 002137024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2021-01-08 18:49 - 2018-03-24 02:19 - 001310144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2021-01-08 18:48 - 2021-01-08 18:48 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-08 18:48 - 2021-01-08 18:48 - 000004088 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-08 18:48 - 2021-01-08 18:48 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-08 18:48 - 2021-01-08 18:48 - 000003866 _____ C:\WINDOWS\system32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-08 18:48 - 2021-01-08 18:48 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-08 18:48 - 2021-01-08 18:48 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-08 18:48 - 2021-01-08 18:48 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2021-01-08 18:48 - 2018-03-24 02:19 - 000189784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2021-01-08 18:48 - 2018-03-24 02:19 - 000152408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2021-01-08 18:48 - 2018-03-24 02:19 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2021-01-08 18:48 - 2018-03-24 00:05 - 000138120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2021-01-08 18:48 - 2017-12-08 23:25 - 000798520 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-01-08 18:48 - 2017-12-08 23:25 - 000490808 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-01-08 18:48 - 2017-12-08 23:24 - 000928568 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-01-08 18:48 - 2017-12-08 23:24 - 000591672 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-01-08 18:47 - 2021-01-08 18:47 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2021-01-08 18:45 - 2021-01-09 11:04 - 000000000 ____D C:\ProgramData\Package Cache
2021-01-08 18:44 - 2018-03-25 17:15 - 000998424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-01-08 18:44 - 2018-03-25 17:15 - 000950016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-01-08 18:44 - 2018-03-25 17:14 - 004318112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-01-08 18:44 - 2018-03-25 17:14 - 003719096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-01-08 18:44 - 2018-03-25 17:14 - 001985112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439135.dll
2021-01-08 18:44 - 2018-03-25 17:14 - 001683712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439135.dll
2021-01-08 18:44 - 2018-03-25 17:14 - 001138720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-01-08 18:44 - 2018-03-25 17:14 - 001065888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-01-08 18:44 - 2018-03-25 17:13 - 040278608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2021-01-08 18:44 - 2018-03-25 17:13 - 035188992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2021-01-08 18:44 - 2018-03-25 17:10 - 013571520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2021-01-08 18:44 - 2018-03-25 17:10 - 011132384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2021-01-08 18:44 - 2018-03-25 17:09 - 019855144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2021-01-08 18:44 - 2018-03-25 17:09 - 016496776 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2021-01-08 18:44 - 2018-03-25 17:09 - 001153744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2021-01-08 18:44 - 2018-03-25 17:09 - 000902096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2021-01-08 18:44 - 2018-03-25 17:08 - 012967056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-01-08 18:44 - 2018-03-25 17:08 - 011001504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-01-08 18:44 - 2018-03-25 17:08 - 003939624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-01-08 18:44 - 2018-03-24 02:19 - 000059240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2021-01-08 18:44 - 2018-03-24 02:19 - 000058816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2021-01-08 18:44 - 2018-03-24 02:19 - 000045600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2021-01-08 18:41 - 2021-01-08 18:41 - 000000000 ____D C:\NVIDIA
2021-01-08 18:33 - 2021-01-11 18:12 - 000000000 ____D C:\Download
2021-01-08 18:21 - 2021-01-08 18:21 - 000000000 ____D C:\ProgramData\ssh
2021-01-08 18:15 - 2021-01-08 18:15 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-08 18:15 - 2021-01-08 18:15 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-08 18:15 - 2021-01-08 18:15 - 000249856 _____ (Gracenote, Inc.) C:\WINDOWS\SysWOW64\gnsdk_fp.dll
2021-01-08 18:15 - 2021-01-08 18:15 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2021-01-08 18:15 - 2021-01-08 18:15 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-08 18:15 - 2021-01-08 18:15 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2021-01-08 18:14 - 2021-01-08 18:14 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2021-01-08 18:14 - 2021-01-08 18:14 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-01-08 18:14 - 2021-01-08 18:14 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-01-08 18:14 - 2021-01-08 18:14 - 002045952 _____ C:\WINDOWS\system32\rdpnano.dll
2021-01-08 18:14 - 2021-01-08 18:14 - 001893888 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2021-01-08 18:14 - 2021-01-08 18:14 - 001282872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-01-08 18:14 - 2021-01-08 18:14 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2021-01-08 18:14 - 2021-01-08 18:14 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2021-01-08 18:14 - 2021-01-08 18:14 - 000860160 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-01-08 18:14 - 2021-01-08 18:14 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2021-01-08 18:14 - 2021-01-08 18:14 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-08 18:14 - 2021-01-08 18:14 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-01-08 18:14 - 2021-01-08 18:14 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-08 18:14 - 2021-01-08 18:14 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-01-08 18:14 - 2021-01-08 18:14 - 000421376 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\system32\curl.exe
2021-01-08 18:14 - 2021-01-08 18:14 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-08 18:14 - 2021-01-08 18:14 - 000386048 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\SysWOW64\curl.exe
2021-01-08 18:14 - 2021-01-08 18:14 - 000259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2021-01-08 18:14 - 2021-01-08 18:14 - 000217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2021-01-08 18:14 - 2021-01-08 18:14 - 000171008 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-01-08 18:14 - 2021-01-08 18:14 - 000110080 _____ C:\WINDOWS\system32\ResBParser.dll
2021-01-08 18:14 - 2021-01-08 18:14 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2021-01-08 18:14 - 2021-01-08 18:14 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2021-01-08 18:14 - 2021-01-08 18:14 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-08 18:14 - 2021-01-08 18:14 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-08 18:14 - 2021-01-08 18:14 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-08 18:14 - 2021-01-08 18:14 - 000059221 _____ C:\WINDOWS\system32\srms.dat
2021-01-08 18:14 - 2021-01-08 18:14 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2021-01-08 18:14 - 2021-01-08 18:14 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2021-01-08 18:14 - 2021-01-08 18:14 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth14.bin
2021-01-08 18:14 - 2021-01-08 18:14 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth13.bin
2021-01-08 18:14 - 2021-01-08 18:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2021-01-08 18:14 - 2021-01-08 18:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2021-01-08 18:14 - 2021-01-08 18:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2021-01-08 18:14 - 2021-01-08 18:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2021-01-08 18:14 - 2021-01-08 18:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2021-01-08 18:14 - 2021-01-08 18:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2021-01-08 18:14 - 2021-01-08 18:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2021-01-08 18:14 - 2021-01-08 18:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2021-01-08 18:14 - 2021-01-08 18:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2021-01-08 18:14 - 2021-01-08 18:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2021-01-08 18:14 - 2021-01-08 18:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2021-01-08 18:14 - 2021-01-08 18:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2021-01-08 18:14 - 2021-01-08 18:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2021-01-08 18:14 - 2021-01-08 18:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2021-01-08 18:14 - 2021-01-08 18:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2021-01-08 18:14 - 2021-01-08 18:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2021-01-08 18:13 - 2021-01-08 18:13 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2021-01-08 18:13 - 2021-01-08 18:13 - 002590208 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-08 18:13 - 2021-01-08 18:13 - 002321408 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-01-08 18:13 - 2021-01-08 18:13 - 001841152 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-08 18:13 - 2021-01-08 18:13 - 001756600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-01-08 18:13 - 2021-01-08 18:13 - 001366144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-01-08 18:13 - 2021-01-08 18:13 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2021-01-08 18:13 - 2021-01-08 18:13 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2021-01-08 18:13 - 2021-01-08 18:13 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2021-01-08 18:13 - 2021-01-08 18:13 - 000811160 _____ C:\WINDOWS\SysWOW64\locale.nls
2021-01-08 18:13 - 2021-01-08 18:13 - 000811160 _____ C:\WINDOWS\system32\locale.nls
2021-01-08 18:13 - 2021-01-08 18:13 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2021-01-08 18:13 - 2021-01-08 18:13 - 000237880 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-01-08 18:13 - 2021-01-08 18:13 - 000164864 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-08 18:13 - 2021-01-08 18:13 - 000059392 _____ C:\WINDOWS\system32\runexehelper.exe
2021-01-08 18:13 - 2021-01-08 18:13 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2021-01-08 18:13 - 2021-01-08 18:13 - 000053248 _____ C:\WINDOWS\system32\Drivers\UsbPmApi.sys
2021-01-08 18:13 - 2021-01-08 18:13 - 000047616 _____ C:\WINDOWS\system32\UsbPmApi.dll
2021-01-08 18:13 - 2021-01-08 18:13 - 000047616 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2021-01-08 18:13 - 2021-01-08 18:13 - 000037888 _____ C:\WINDOWS\system32\usocoreps.dll
2021-01-08 18:13 - 2021-01-08 18:13 - 000035840 _____ C:\WINDOWS\system32\deploymentcsphelper.exe
2021-01-08 18:13 - 2021-01-08 18:13 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2021-01-08 18:12 - 2021-01-08 18:12 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2021-01-08 18:12 - 2021-01-08 18:12 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-08 18:12 - 2021-01-08 18:12 - 000200704 _____ C:\WINDOWS\system32\IHDS.dll
2021-01-08 18:12 - 2021-01-08 18:12 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-01-08 17:51 - 2021-01-08 17:51 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-01-08 17:49 - 2021-01-08 17:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-08 17:31 - 2021-01-11 18:15 - 000000000 ____D C:\ProgramData\NVIDIA
2021-01-08 17:31 - 2018-03-25 17:17 - 000541784 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-01-08 17:31 - 2018-03-25 17:17 - 000447576 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-01-08 17:31 - 2018-03-24 02:19 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2021-01-08 17:31 - 2018-03-24 00:02 - 005952392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2021-01-08 17:31 - 2018-03-24 00:02 - 002596320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2021-01-08 17:31 - 2018-03-24 00:02 - 001767824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2021-01-08 17:31 - 2018-03-24 00:02 - 000633224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2021-01-08 17:31 - 2018-03-24 00:02 - 000451040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2021-01-08 17:31 - 2018-03-24 00:02 - 000123840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2021-01-08 17:31 - 2018-03-24 00:02 - 000083072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2021-01-08 17:31 - 2018-03-21 12:22 - 008114212 _____ C:\WINDOWS\system32\nvcoproc.bin
2021-01-08 17:30 - 2021-01-08 18:49 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-01-08 17:30 - 2021-01-08 18:49 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-01-08 17:30 - 2021-01-08 18:49 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-01-08 17:30 - 2018-03-25 17:08 - 004633920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-01-08 17:30 - 2018-03-24 02:19 - 001682288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2021-01-08 17:30 - 2018-03-24 02:19 - 000226760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2021-01-08 17:30 - 2018-03-24 02:19 - 000048407 _____ C:\WINDOWS\system32\nvinfo.pb
2021-01-08 17:30 - 2017-01-17 05:55 - 001964600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437654.dll
2021-01-08 17:30 - 2017-01-17 05:55 - 001598392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437654.dll
2021-01-08 17:12 - 2021-01-09 00:30 - 000002282 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-01-08 17:12 - 2021-01-08 18:25 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-08 17:12 - 2021-01-08 17:12 - 000000000 ____D C:\Program Files\Google
2021-01-08 17:03 - 2021-01-08 17:29 - 000000000 ____D C:\Users\ANNA\AppData\Local\Google
2021-01-08 17:03 - 2021-01-08 17:03 - 000003472 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-01-08 17:03 - 2021-01-08 17:03 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-01-08 17:03 - 2021-01-08 17:03 - 000000000 ____D C:\Program Files (x86)\Google
2021-01-08 17:02 - 2021-01-08 17:02 - 001321688 _____ (Google LLC) C:\Users\ANNA\Downloads\ChromeSetup.exe
2021-01-08 17:00 - 2021-01-08 23:07 - 000000000 ____D C:\Users\ANNA\AppData\Local\PlaceholderTileLogoFolder
2021-01-08 17:00 - 2021-01-08 17:00 - 000000000 ___HD C:\Users\ANNA\MicrosoftEdgeBackups
2021-01-08 16:45 - 2021-01-08 16:45 - 000000000 ____D C:\Users\ANNA\AppData\Local\Comms
2021-01-07 23:26 - 2021-01-08 17:27 - 000000000 ____D C:\ProgramData\Packages
2021-01-07 23:22 - 2021-01-08 16:59 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3078502766-4097944727-2642959677-1001
2021-01-07 23:22 - 2021-01-08 16:59 - 000000000 ___RD C:\Users\ANNA\OneDrive
2021-01-07 23:21 - 2021-01-07 23:21 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-01-07 23:20 - 2021-01-08 16:59 - 000000000 ____D C:\Users\ANNA\AppData\Local\MicrosoftEdge
2021-01-07 23:19 - 2021-01-10 11:08 - 000000000 ____D C:\Users\ANNA\AppData\Local\Packages
2021-01-07 23:19 - 2021-01-09 11:10 - 000000000 ____D C:\Users\ANNA\AppData\Roaming\Adobe
2021-01-07 23:19 - 2021-01-08 18:25 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-01-07 23:19 - 2021-01-08 18:25 - 000000000 ___RD C:\Users\ANNA\3D Objects
2021-01-07 23:19 - 2021-01-07 23:19 - 000000000 ____D C:\Users\ANNA\AppData\Local\VirtualStore
2021-01-07 23:19 - 2021-01-07 23:19 - 000000000 ____D C:\Users\ANNA\AppData\Local\Publishers
2021-01-07 23:19 - 2021-01-07 23:19 - 000000000 ____D C:\Users\ANNA\AppData\Local\ConnectedDevicesPlatform
2021-01-07 23:18 - 2021-01-09 11:12 - 001606106 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-07 23:18 - 2021-01-08 18:49 - 000000000 ____D C:\Users\ANNA
2021-01-07 23:18 - 2021-01-08 16:59 - 000002362 _____ C:\Users\ANNA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-01-07 23:18 - 2021-01-07 23:18 - 000000020 ___SH C:\Users\ANNA\ntuser.ini
2021-01-07 23:18 - 2021-01-07 23:18 - 000000000 _SHDL C:\Users\ANNA\Šablony
2021-01-07 23:18 - 2021-01-07 23:18 - 000000000 _SHDL C:\Users\ANNA\Soubory cookie
2021-01-07 23:18 - 2021-01-07 23:18 - 000000000 _SHDL C:\Users\ANNA\Poslední
2021-01-07 23:18 - 2021-01-07 23:18 - 000000000 _SHDL C:\Users\ANNA\Okolní tiskárny
2021-01-07 23:18 - 2021-01-07 23:18 - 000000000 _SHDL C:\Users\ANNA\Okolní síť
2021-01-07 23:18 - 2021-01-07 23:18 - 000000000 _SHDL C:\Users\ANNA\Nabídka Start
2021-01-07 23:18 - 2021-01-07 23:18 - 000000000 _SHDL C:\Users\ANNA\Dokumenty
2021-01-07 23:18 - 2021-01-07 23:18 - 000000000 _SHDL C:\Users\ANNA\Documents\Obrázky
2021-01-07 23:18 - 2021-01-07 23:18 - 000000000 _SHDL C:\Users\ANNA\Documents\Hudba
2021-01-07 23:18 - 2021-01-07 23:18 - 000000000 _SHDL C:\Users\ANNA\Documents\Filmy
2021-01-07 23:18 - 2021-01-07 23:18 - 000000000 _SHDL C:\Users\ANNA\Data aplikací
2021-01-07 23:18 - 2021-01-07 23:18 - 000000000 _SHDL C:\Users\ANNA\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2021-01-07 23:18 - 2021-01-07 23:18 - 000000000 _SHDL C:\Users\ANNA\AppData\Local\Data aplikací
2021-01-07 23:15 - 2021-01-07 23:15 - 000000000 ____D C:\WINDOWS\minidump
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Public\Documents\Obrázky
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Public\Documents\Hudba
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Public\Documents\Filmy
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default\Šablony
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default\Poslední
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default\Okolní síť
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default\Dokumenty
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default\Documents\Obrázky
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default\Documents\Hudba
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default\Documents\Filmy
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default\Data aplikací
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default User\Šablony
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default User\Soubory cookie
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default User\Poslední
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default User\Okolní tiskárny
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default User\Okolní síť
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default User\Nabídka Start
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default User\Dokumenty
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default User\Documents\Obrázky
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default User\Documents\Hudba
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default User\Documents\Filmy
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default User\Data aplikací
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Data aplikací
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\ProgramData\Šablony
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\ProgramData\Plocha
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\ProgramData\Dokumenty
2021-01-07 23:14 - 2021-01-07 23:14 - 000000000 _SHDL C:\ProgramData\Data aplikací
2021-01-07 23:06 - 2021-01-07 23:06 - 000000000 ____D C:\ProgramData\USOShared
2021-01-07 23:03 - 2021-01-09 11:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-07 23:03 - 2021-01-08 17:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-01-07 23:03 - 2021-01-07 23:03 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2021-01-07 22:59 - 2021-01-11 18:10 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-07 22:59 - 2021-01-08 18:22 - 000258096 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-07 22:59 - 2021-01-07 22:59 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-01-07 22:58 - 2021-01-07 23:15 - 000000000 ____D C:\Windows.old
2021-01-07 22:57 - 2021-01-07 22:57 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-01-07 22:46 - 2021-01-07 23:15 - 000000000 ___DC C:\WINDOWS\Panther

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-11 18:20 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-10 11:08 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-10 11:08 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-09 19:06 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-01-09 11:27 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2021-01-09 11:12 - 2019-03-19 12:55 - 000682526 _____ C:\WINDOWS\system32\perfh005.dat
2021-01-09 11:12 - 2019-03-19 12:55 - 000137244 _____ C:\WINDOWS\system32\perfc005.dat
2021-01-09 11:05 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-01-09 10:32 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-01-09 10:32 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\appcompat
2021-01-08 18:59 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-01-08 18:21 - 2019-03-19 12:58 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-08 18:21 - 2019-03-19 12:58 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\TextInput
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Common Files\System
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-01-08 18:21 - 2019-03-19 05:52 - 000000000 ____D C:\PerfLogs
2021-01-08 18:21 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\servicing
2021-01-08 18:19 - 2019-03-19 12:58 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-01-08 18:19 - 2019-03-19 12:58 - 000018903 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-01-08 17:31 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Help
2021-01-08 16:49 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\USOPrivate
2021-01-08 16:45 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ServiceState
2021-01-07 23:16 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\spool
2021-01-07 23:16 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2021-01-07 23:14 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows NT
2021-01-07 23:03 - 2019-03-19 05:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-01-07 22:58 - 2019-03-19 05:56 - 000000000 ____D C:\WINDOWS\Setup
2021-01-07 22:58 - 2019-03-19 05:49 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template

==================== Files in the root of some directories ========

2021-01-08 22:37 - 2021-01-08 22:37 - 000062124 _____ () C:\Users\ANNA\AppData\Roaming\nehalessamhassan.txt
2021-01-11 18:13 - 2021-01-11 18:13 - 000000000 _____ () C:\Users\ANNA\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-01-2021
Ran by ANNA (11-01-2021 19:14:36)
Running from C:\Users\ANNA\Desktop
Windows 10 Home Version 1909 18363.1256 (X64) (2021-01-07 22:15:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3078502766-4097944727-2642959677-500 - Administrator - Disabled)
ANNA (S-1-5-21-3078502766-4097944727-2642959677-1001 - Administrator - Enabled) => C:\Users\ANNA
DefaultAccount (S-1-5-21-3078502766-4097944727-2642959677-503 - Limited - Disabled)
Guest (S-1-5-21-3078502766-4097944727-2642959677-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3078502766-4097944727-2642959677-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_1_5) (Version: 19.1.5 - Adobe Systems Incorporated)
Aktualizace NVIDIA 31.1.10.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.1.10.0 - NVIDIA Corporation) Hidden
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.35 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.141 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Microsoft OneDrive (HKU\S-1-5-21-3078502766-4097944727-2642959677-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29325 (HKLM-x32\...\{33628a12-6787-4b9f-95a1-92449f69fae0}) (Version: 14.28.29325.2 - Microsoft Corporation)
NVIDIA GeForce Experience 3.13.1.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.13.1.30 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.35 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.35 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Ovládací panel NVIDIA 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 391.35 - NVIDIA Corporation) Hidden
StartHi uninstall (HKLM-x32\...\HStar) (Version: - ) <==== ATTENTION
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22a - Ghisler Software GmbH)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Wondershare Filmora X(Build 10.0.10.20) (HKLM\...\Wondershare Filmora X_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-01-10] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-01-10] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.2.11280.0_x86__8wekyb3d8bbwe [2021-01-07] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.25.20211.0_x64__8wekyb3d8bbwe [2021-01-07] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe [2021-01-07] (Microsoft Corporation) [MS Ad]
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.152.0_x64__kzf8qxf38zg5c [2021-01-07] (Skype)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0 [2021-01-08] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-01-08 18:48 - 2018-03-24 00:05 - 000880024 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll
2021-01-08 18:48 - 2018-03-24 00:05 - 000343728 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3078502766-4097944727-2642959677-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.8.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{3D2F7CFD-F768-454C-AA25-A94E1F2DCA6A}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{AA86DB44-AB79-4807-82FD-2A3CC0CA6884}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7954C758-EB45-4A0C-A477-9C95EE391813}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BBCD41F4-FA98-4629-9471-ECE990AA517F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A231C6ED-6B3F-4008-9D9A-82C9E5DBEB8F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8468A3C0-D659-4B4E-B2EE-F1F8CAD0A45F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AC150928-29AC-4323-A19E-0D2176DE9877}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{65AA653D-E6B2-49A8-85D9-C100AEFBBEA5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DAFDF3E9-E815-41EB-AA4F-F3E7AB3F432F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A7ABBAC7-B5B0-460D-9DD7-E2681F9C77A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{95EED746-6610-4CB2-B135-7BCBAEF98E95}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{16234226-D078-471E-BF3B-EE8FD042B175}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9C523C1F-053B-4512-B1D4-BC9137EE9DBA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AE09472E-993B-45A7-BC3A-B96CC0210CEC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F271712F-CDCB-4604-805B-D147F441B81E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============

Name: Multimediální zvukový adaptér
Description: Multimediální zvukový adaptér
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Vstupní zařízení pro sběrnici PCI
Description: Vstupní zařízení pro sběrnici PCI
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (01/08/2021 04:58:24 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0x800704CF
Argument příkazového řádku:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2b1f36bb-c1cd-4306-bf5c-a0367c2d97d8;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (01/08/2021 04:58:11 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0x800704CF
Argument příkazového řádku:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2b1f36bb-c1cd-4306-bf5c-a0367c2d97d8;NotificationInterval=1440;Trigger=UserLogon;SessionId=3

Error: (01/08/2021 04:44:55 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0x800704CF
Argument příkazového řádku:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2b1f36bb-c1cd-4306-bf5c-a0367c2d97d8;NotificationInterval=1440;Trigger=UserLogon;SessionId=2

Error: (01/07/2021 11:25:42 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0x800704CF
Argument příkazového řádku:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2b1f36bb-c1cd-4306-bf5c-a0367c2d97d8;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (01/07/2021 11:20:52 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0x800704CF
Argument příkazového řádku:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2b1f36bb-c1cd-4306-bf5c-a0367c2d97d8;NotificationInterval=1440;Trigger=UserLogon;SessionId=2

Error: (01/07/2021 11:19:46 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0x800704CF
Argument příkazového řádku:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2b1f36bb-c1cd-4306-bf5c-a0367c2d97d8;NotificationInterval=1440;Trigger=TimerEvent

Error: (01/07/2021 11:19:45 PM) (Source: ESENT) (EventID: 455) (User: )
Description: StartMenuExperienceHost (4620,R,98) TILEREPOSITORYS-1-5-21-3078502766-4097944727-2642959677-1001: Při otevírání souboru protokolu C:\Users\ANNA\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/07/2021 11:19:45 PM) (Source: ESENT) (EventID: 522) (User: )
Description: StartMenuExperienceHost (4620,P,98) TILEREPOSITORYS-1-5-21-3078502766-4097944727-2642959677-1001: Pokus o otevření zařízení s názvem \\.\C:, který obsahuje C:\, se nepodařil a došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace se nepodaří a dojde k chybě -1032 (0xfffffbf8).


System errors:
=============
Error: (01/11/2021 06:15:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (01/11/2021 06:15:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Genuine Software Integrity Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/11/2021 06:15:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Instalační služba modulů systému Windows byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (01/11/2021 06:15:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Genuine Monitor Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/11/2021 06:15:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (01/11/2021 06:15:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Telemetry Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (01/11/2021 06:15:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AdobeUpdateService byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/09/2021 10:48:22 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AdobeUpdateService byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
===================================
Date: 2021-01-10 09:50:35.367
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {18479E25-49DF-434A-B4AA-8BFE4F34806A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-01-09 21:22:17.193
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {488973A0-6E71-4378-8984-C4D907A66FFC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-01-08 23:14:27.920
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
ID: 2147735505
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_E:\Software\Adobe Photoshop CC 2018 19.1.5 ML CZ x32 x64\Install.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-CIU6LDF\ANNA
Název procesu: C:\totalcmd\TOTALCMD64.EXE
Verze bezpečnostních informací: AV: 1.329.1882.0, AS: 1.329.1882.0, NIS: 1.329.1882.0
Verze modulu: AM: 1.1.17700.4, NIS: 1.1.17700.4

Date: 2021-01-08 23:13:11.547
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/AgentTesla!ml
ID: 2147760503
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\ANNA\AppData\Roaming\xcn.exe; regkey:_HKCU@S-1-5-21-3078502766-4097944727-2642959677-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\xcn; runkey:_HKCU@S-1-5-21-3078502766-4097944727-2642959677-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\xcn
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-CIU6LDF\ANNA
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.329.1882.0, AS: 1.329.1882.0, NIS: 1.329.1882.0
Verze modulu: AM: 1.1.17700.4, NIS: 1.1.17700.4

Date: 2021-01-08 23:12:32.810
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/AgentTesla!ml
ID: 2147760503
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\ANNA\AppData\Roaming\xcn.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-CIU6LDF\ANNA
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.329.1882.0, AS: 1.329.1882.0, NIS: 1.329.1882.0
Verze modulu: AM: 1.1.17700.4, NIS: 1.1.17700.4

Date: 2021-01-08 23:22:15.966
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.1882.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2021-01-08 18:47:23.351
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o nahrání podezřelého souboru pro další analýzu.
Název souboru: C:\Users\ANNA\AppData\Local\Temp\{499c1228-5848-4244-bd53-821055fb865b}\SET3BC.tmp
Sha256: ede016442e1befdf8056387b674ad8889ff7e5df39ab4ef64c0f6f6988524799
Aktuální verze bezpečnostních informací: AV: 1.329.1868.0, AS: 1.329.1868.0
Aktuální verze modulu: 1.1.17700.4
Kód chyby: 0x80508016

==================== Memory info ===========================

BIOS: Award Software International, Inc. F9 09/24/2008
Motherboard: Gigabyte Technology Co., Ltd. EP43-DS3
Processor: Intel(R) Core(TM)2 Quad CPU Q8400 @ 2.66GHz
Percentage of memory in use: 36%
Total physical RAM: 8190.49 MB
Available physical RAM: 5196.82 MB
Total Virtual: 10110.49 MB
Available Virtual: 6724.44 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:223 GB) (Free:184.48 GB) NTFS
Drive f: (WIN 10 1903) (Removable) (Total:14.41 GB) (Free:5.36 GB) FAT32

\\?\Volume{0228a0e4-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
\\?\Volume{0228a0e4-0000-0000-0000-90c637000000}\ () (Fixed) (Total:0.46 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 0228A0E4)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=476 MB) - (Type=27)

==========================================================
Disk: 1 (Protective MBR) (Size: 14.4 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
Task: {22C7F1AE-942C-4D0B-9E4F-DAD2A7063334} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-08] (Google LLC -> Google LLC)
Task: {466FB294-1972-4848-BDEA-7530E9BA3E37} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-08] (Google LLC -> Google LLC)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
E:\Software\Adobe Photoshop CC 2018 19.1.5 ML CZ x32 x64\Install.exe
C:\Users\ANNA\AppData\Roaming\xcn.exe
HKCU@S-1-5-21-3078502766-4097944727-2642959677-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\xcn
HKCU@S-1-5-21-3078502766-4097944727-2642959677-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\xcn

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[PavlosCZ]

Fix result of Farbar Recovery Scan Tool (x64) Version: 09-01-2021
Ran by ANNA (11-01-2021 20:33:50) Run:1
Running from C:\Users\ANNA\Desktop
Loaded Profiles: ANNA
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
Task: {22C7F1AE-942C-4D0B-9E4F-DAD2A7063334} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-08] (Google LLC -> Google LLC)
Task: {466FB294-1972-4848-BDEA-7530E9BA3E37} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-08] (Google LLC -> Google LLC)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
E:\Software\Adobe Photoshop CC 2018 19.1.5 ML CZ x32 x64\Install.exe
C:\Users\ANNA\AppData\Roaming\xcn.exe
HKCU@S-1-5-21-3078502766-4097944727-2642959677-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\xcn
HKCU@S-1-5-21-3078502766-4097944727-2642959677-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\xcn

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{22C7F1AE-942C-4D0B-9E4F-DAD2A7063334}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{22C7F1AE-942C-4D0B-9E4F-DAD2A7063334}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{466FB294-1972-4848-BDEA-7530E9BA3E37}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{466FB294-1972-4848-BDEA-7530E9BA3E37}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
"E:\Software\Adobe Photoshop CC 2018 19.1.5 ML CZ x32 x64\Install.exe" => not found
"C:\Users\ANNA\AppData\Roaming\xcn.exe" => not found
HKCU@S-1-5-21-3078502766-4097944727-2642959677-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\xcn => Error: No automatic fix found for this entry.
HKCU@S-1-5-21-3078502766-4097944727-2642959677-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\xcn => Error: No automatic fix found for this entry.

=========== EmptyTemp: ==========

BITS transfer queue => 6578176 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 18022621 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 3947508 B
Edge => 2136248 B
Chrome => 389037026 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 23238 B
ANNA => 50409392 B

RecycleBin => 2450698 B
EmptyTemp: => 450.7 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:34:19 ====

[Rudy]

OK. Log by již měl být v pořádku.

[PavlosCZ]

Velmi děkuji a posílám symbolických 50,- Kč za pomoc...

[Rudy]

Za příspěvek děkujeme a vy nemáte zač!