Občas se mi zasekne pc a pomuze jen vypnuti a zapnuti zdroje.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-08-2023
Ran by danha (administrator) on DESKTOP-1LFJ36G (10-08-2023 14:40:06)
Running from C:\Users\danha\Desktop\FRST64.exe
Loaded Profiles: danha
Platform: Microsoft Windows 10 Pro Version 22H2 19045.3324 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\G-Menu\G-Menu.exe ->) (TOP VICTORY ELECTRONICS (TAIWAN) CO., LTD. -> Zeasn) C:\G-Menu\resources\bin\G_Menu.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Creative Technology Ltd -> Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Command\Creative.SBCommand.exe
(explorer.exe ->) (A FOUR TECH CO., LTD. -> ) C:\Program Files (x86)\Bloody7\Bloody7\Bloody7.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (TOP VICTORY ELECTRONICS (TAIWAN) CO., LTD. -> AOC) C:\G-Menu\G-Menu.exe <5>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler64.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.25\AsSysCtrlService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ) C:\Windows\System32\AsusUpdateCheck.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.94\AsusFanControlService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.00.51\atkexComSvc.exe
(services.exe ->) (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\efwd.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd) C:\Windows\SysWOW64\CtxSvc32.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1ddf203f8d876fdf\Display.NvContainer\NVDisplay.Container.exe <2>
(svchost.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
(svchost.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) C:\Program Files\GIGABYTE\Control Center\GCC.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [194704 2023-08-04] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [Creative.SBCommand] => C:\Program Files (x86)\Creative\Sound Blaster Command\Creative.SBCommand.exe [207984 2022-11-08] (Creative Technology Ltd -> Creative Technology Ltd)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2262484748-1581816627-3459754211-1001\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody7\Bloody7\Bloody7.exe [20998160 2022-11-29] (A FOUR TECH CO., LTD. -> )
HKU\S-1-5-21-2262484748-1581816627-3459754211-1001\...\Run: [MicrosoftEdgeAutoLaunch_739984D67ED48D532AB489E0D9A494F2] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4088256 2023-08-06] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\115.0.5790.171\Installer\chrmstp.exe [2023-08-08] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {E20FC034-4307-4AB1-BB82-30999A0ED3AF} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [672064 2023-07-24] (Advanced Micro Devices Inc. -> )
Task: {56C1CE24-536E-4159-8601-A534669CE78F} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2115632 2020-10-22] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {5446BFB0-B4F0-4097-8E86-3F44F629769D} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [1469288 2020-10-19] (ASUSTeK Computer Inc. -> )
Task: {34434C7A-CF97-463D-A8E6-88570FCAB201} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [4329008 2020-10-12] (ASUSTeK Computer Inc. -> TODO: <Company name>)
Task: {A4E92970-7863-4D6F-89B2-1165DC1A3AD9} - System32\Tasks\Cloud => C:\Program Files\GIGABYTE\Control Center\GbtCloudMatrix.exe [84584 2023-03-25] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
Task: {30EE263B-4E79-4EB2-A19F-0645B77AA009} - System32\Tasks\GCC => C:\Program Files\GIGABYTE\Control Center\GCC.exe [35139688 2023-07-24] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
Task: {0D6CA3DA-3322-4777-8CA5-352578FBACCA} - System32\Tasks\GoogleUpdateTaskMachineCore{B8E3713C-1427-4281-804E-E597862F40C2} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-08-08] (Google LLC -> Google LLC)
Task: {CA958B64-17AC-4399-BF88-F8EDD7FA94A3} - System32\Tasks\GoogleUpdateTaskMachineUA{283ECE0C-6868-4C76-9250-2525BE353521} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-08-08] (Google LLC -> Google LLC)
Task: {B148684E-D03F-44D9-AEAC-145B18D82009} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(1): %windir%\system32\compattelrunner.exe -> -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc
Task: {B148684E-D03F-44D9-AEAC-145B18D82009} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(2): %windir%\system32\compattelrunner.exe -> -m:appraiser.dll -f:DoScheduledTelemetryRun
Task: {B148684E-D03F-44D9-AEAC-145B18D82009} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(3): %windir%\system32\compattelrunner.exe -> -m:aemarebackup.dll -f:BackupMareData
Task: {AEAFF083-99E6-4DA9-A13F-799B8E342DFA} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-15] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {7CCD0E27-8049-46C8-8CDB-523335E89B5D} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-01-27] (Nvidia Corporation -> NVIDIA Corporation)
Task: {02FCC4A3-44FC-4AB9-886D-6BFC998A51CF} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1C7F0F7C-259B-4923-9B59-F6BF6320597F} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8E5E7293-A45D-4AD7-80C6-C3FD33BBCA54} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1FEE2AB7-A2FD-47B1-B2F0-9C8BA1DCD4F6} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0FA74E5E-A945-41D3-9E3F-35A7BB91D884} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F4726B92-B19A-4430-874D-2ECDFEE8ABEA} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {589489B7-8DD2-442B-9A23-0577CF0B7008} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.15.1
Tcpip\..\Interfaces\{23527b15-04eb-41e8-8fed-18bf0a31f3a6}: [DhcpNameServer] 192.168.15.1
Edge:
=======
Edge Profile: C:\Users\danha\AppData\Local\Microsoft\Edge\User Data\Default [2023-08-10]
Edge Extension: (Edge relevant text changes) - C:\Users\danha\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-08-09]
Chrome:
=======
CHR Profile: C:\Users\danha\AppData\Local\Google\Chrome\User Data\Default [2023-08-10]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR HomePage: Default -> hxxp://www.google.com/
CHR Session Restore: Default -> is enabled.
CHR Extension: (Překladač Google) - C:\Users\danha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-08-08]
CHR Extension: (BetterTTV) - C:\Users\danha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2023-08-08]
CHR Extension: (7TV) - C:\Users\danha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammjkodgmmoknidbanneddgankgfejfh [2023-08-08]
CHR Extension: (Avira Password Manager) - C:\Users\danha\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2023-08-08]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\danha\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2023-08-08]
CHR Extension: (FrankerFaceZ) - C:\Users\danha\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2023-08-08]
CHR Extension: (Return YouTube Dislike) - C:\Users\danha\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebbhagfogifgggkldgodflihgfeippi [2023-08-08]
CHR Extension: (Dokumenty Google offline) - C:\Users\danha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-08]
CHR Extension: (Void Theme - Black and Minimal) - C:\Users\danha\AppData\Local\Google\Chrome\User Data\Default\Extensions\kioklelcojgbjoljlilalgdcppkiioge [2023-08-09]
CHR Extension: (Shazam: Hledejte názvy skladeb v prohlížeči) - C:\Users\danha\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmioliijnhnoblpgimnlajmefafdfilb [2023-08-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\danha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-08-08]
CHR Extension: (Hlídač Shopů) - C:\Users\danha\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlonggbfebcjelncogcnclagkmkikk [2023-08-08]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AORUS LCD Panel Service; C:\Program Files\GIGABYTE\Control Center\Lib\GBT_VGA\Service\MonitorService-exec.exe [371304 2023-06-21] (GIGA-BYTE TECHNOLOGY CO., LTD. -> CloudBees, Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.51\atkexComSvc.exe [442928 2020-10-22] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.25\AsSysCtrlService.exe [1360016 2020-10-12] (ASUSTeK Computer Inc. -> ) [File not signed]
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.94\AsusFanControlService.exe [2073136 2020-10-12] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusUpdateCheck; C:\Windows\System32\AsusUpdateCheck.exe [768408 2023-08-10] (ASUSTeK Computer Inc. -> )
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15044872 2023-08-09] (BattlEye Innovations e.K. -> )
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [458240 2020-03-12] (Creative Technology Ltd) [File not signed]
R2 CtxSvc32; C:\Windows\sysWow64\CtxSvc32.exe [166368 2022-03-23] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [943528 2023-08-09] (EasyAntiCheat Oy -> Epic Games, Inc.)
R2 efwd; C:\Program Files\ESET\ESET Security\efwd.exe [2528888 2023-08-04] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3860792 2023-08-04] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3860792 2023-08-04] (ESET, spol. s r.o. -> ESET)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-02-10] (Epic Games Inc. -> Epic Games, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402200 2023-08-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1ddf203f8d876fdf\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1ddf203f8d876fdf\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AmdTools64; C:\Windows\System32\drivers\AmdTools64.sys [63392 2020-06-16] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 Asusgio2; C:\Windows\system32\drivers\AsIO2.sys [35136 2020-05-25] (ASUSTeK Computer Inc. -> )
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 CtxHda; C:\Windows\system32\drivers\CtxHda.sys [1226112 2022-03-23] (Creative Technology Ltd -> Creative Technology Ltd)
R3 CtxHdb; C:\Windows\system32\DRIVERS\Ctxhdb.sys [62848 2022-03-23] (Creative Technology Ltd -> Creative Technology Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [208704 2023-08-04] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [118904 2023-08-04] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [16336 2023-08-03] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [249544 2023-08-04] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [55424 2023-08-04] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [81712 2023-08-04] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [123040 2023-08-04] (ESET, spol. s r.o. -> ESET)
R4 IOMap; C:\Windows\system32\drivers\IOMap64.sys [34064 2020-10-15] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-08-10 14:40 - 2023-08-10 14:40 - 000018733 _____ C:\Users\danha\Desktop\FRST.txt
2023-08-10 14:40 - 2023-08-10 14:39 - 002384896 _____ (Farbar) C:\Users\danha\Desktop\FRST64.exe
2023-08-10 14:39 - 2023-08-10 14:40 - 000000000 ____D C:\FRST
2023-08-10 14:32 - 2023-08-10 14:32 - 272544200 _____ (Advanced Micro Devices, Inc.) C:\Users\danha\Downloads\amd-ryzen-master (1).exe
2023-08-10 14:30 - 2023-08-10 14:30 - 000003528 _____ C:\Windows\system32\Tasks\AMDAutoUpdate
2023-08-10 14:30 - 2023-08-10 14:30 - 000002219 _____ C:\Users\Public\Desktop\AMD Ryzen Master.lnk
2023-08-10 14:30 - 2023-08-10 14:30 - 000000000 ____D C:\Users\danha\AppData\Local\Downloaded Installations
2023-08-10 14:30 - 2023-08-10 14:30 - 000000000 ____D C:\Users\danha\AppData\Local\AMD
2023-08-10 14:30 - 2023-08-10 14:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Ryzen Master
2023-08-10 14:30 - 2023-08-10 14:30 - 000000000 ____D C:\ProgramData\AMD AutoUpdate
2023-08-10 14:30 - 2023-08-10 14:30 - 000000000 ____D C:\Program Files\AMD
2023-08-10 14:29 - 2023-08-10 14:29 - 272544200 _____ (Advanced Micro Devices, Inc.) C:\Users\danha\Downloads\amd-ryzen-master.exe
2023-08-10 14:29 - 2023-08-10 14:29 - 000000000 ____D C:\Users\danha\AppData\Local\CrashDumps
2023-08-10 14:23 - 2023-08-10 14:28 - 000003410 _____ C:\Windows\system32\Tasks\Cloud
2023-08-10 14:21 - 2023-08-10 14:21 - 000000000 ____D C:\Users\danha\Documents\temp
2023-08-10 14:19 - 2023-08-10 14:28 - 000003448 _____ C:\Windows\system32\Tasks\GCC
2023-08-10 14:19 - 2023-08-10 14:20 - 000000999 _____ C:\Users\Public\Desktop\GCC.lnk
2023-08-10 14:19 - 2023-08-10 14:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
2023-08-10 14:19 - 2023-08-10 14:19 - 000000000 ____D C:\Program Files\GIGABYTE
2023-08-10 07:47 - 2023-08-10 07:47 - 000000000 ____D C:\Users\danha\AppData\Local\PeerDistRepub
2023-08-09 21:10 - 2023-08-10 14:38 - 000000000 ____D C:\Users\danha\AppData\Roaming\G-Menu
2023-08-09 21:10 - 2023-08-09 21:11 - 000000000 ____D C:\G-Menu
2023-08-09 21:10 - 2023-08-09 21:10 - 000001560 _____ C:\Users\danha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\G-Menu.lnk
2023-08-09 21:10 - 2023-08-09 21:10 - 000001530 _____ C:\Users\danha\Desktop\G-Menu.lnk
2023-08-09 21:10 - 2023-08-09 21:10 - 000000000 ____D C:\Users\danha\AppData\Roaming\G_Menu
2023-08-09 21:10 - 2023-08-09 21:10 - 000000000 ____D C:\Users\danha\AppData\Local\g-menu-updater
2023-08-09 21:10 - 2023-08-09 21:10 - 000000000 ____D C:\Users\danha\AppData\Local\ASP.NET
2023-08-09 10:45 - 2023-08-09 10:45 - 000000436 _____ C:\Users\danha\Desktop\Tento počítač – zástupce.lnk
2023-08-09 06:47 - 2023-08-09 06:47 - 000000000 ____D C:\Users\danha\AppData\Local\CrashReportClient
2023-08-09 06:46 - 2023-08-09 06:46 - 000000000 ____D C:\Users\danha\AppData\Roaming\EasyAntiCheat
2023-08-09 06:46 - 2023-08-09 06:46 - 000000000 ____D C:\Users\danha\AppData\Local\FortniteGame
2023-08-09 06:46 - 2023-08-09 06:46 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat_EOS
2023-08-09 01:56 - 2023-08-09 01:56 - 000002098 _____ C:\Users\Public\Desktop\Bloody7.lnk
2023-08-09 01:56 - 2023-08-09 01:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloody
2023-08-09 01:56 - 2023-08-09 01:56 - 000000000 ____D C:\ProgramData\Bloody7
2023-08-09 01:56 - 2023-08-09 01:56 - 000000000 ____D C:\Program Files (x86)\Bloody7
2023-08-09 01:52 - 2023-08-09 01:52 - 000000354 _____ C:\Users\danha\Desktop\Fortnite.url
2023-08-09 00:37 - 2023-08-09 00:37 - 000000219 _____ C:\Users\danha\Desktop\Dota 2.url
2023-08-09 00:37 - 2023-08-09 00:37 - 000000000 ____D C:\Users\danha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2023-08-09 00:35 - 2023-08-09 00:36 - 000000000 ____D C:\Users\danha\AppData\Local\Steam
2023-08-09 00:35 - 2023-08-09 00:35 - 002595096 _____ (WiseCleaner.com ) C:\Users\danha\Downloads\WASSetup_2.0.3.104.exe
2023-08-09 00:35 - 2023-08-09 00:35 - 000001293 _____ C:\Users\Public\Desktop\Wise Auto Shutdown.lnk
2023-08-09 00:35 - 2023-08-09 00:35 - 000000000 ____D C:\Users\danha\AppData\Roaming\Wise Auto Shutdown
2023-08-09 00:35 - 2023-08-09 00:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Auto Shutdown
2023-08-09 00:35 - 2023-08-09 00:35 - 000000000 ____D C:\Program Files (x86)\Wise
2023-08-09 00:34 - 2023-08-10 13:58 - 000000000 ____D C:\Program Files (x86)\Steam
2023-08-09 00:34 - 2023-08-09 00:34 - 000001036 _____ C:\Users\Public\Desktop\Steam.lnk
2023-08-09 00:34 - 2023-08-09 00:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2023-08-09 00:33 - 2023-08-09 00:33 - 002296488 _____ C:\Users\danha\Downloads\SteamSetup (1).exe
2023-08-09 00:30 - 2023-08-09 00:30 - 000000000 ____D C:\Program Files\Epic Games
2023-08-09 00:28 - 2023-08-10 14:29 - 000000000 ____D C:\AMD
2023-08-09 00:28 - 2023-08-09 00:28 - 000000000 ____D C:\Users\danha\AppData\Roaming\AMD
2023-08-09 00:28 - 2023-08-09 00:28 - 000000000 ____D C:\Users\danha\AppData\Local\setup
2023-08-09 00:28 - 2023-08-09 00:28 - 000000000 ____D C:\Users\danha\AppData\Local\cache
2023-08-09 00:27 - 2023-08-09 00:27 - 000000000 ____D C:\Users\danha\AppData\Roaming\WinRAR
2023-08-09 00:27 - 2023-08-09 00:27 - 000000000 ____D C:\Users\danha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-08-09 00:27 - 2023-08-09 00:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-08-09 00:27 - 2023-08-09 00:27 - 000000000 ____D C:\Program Files\WinRAR
2023-08-09 00:27 - 2023-08-09 00:27 - 000000000 ____D C:\Program Files (x86)\AMD
2023-08-09 00:26 - 2023-08-09 06:47 - 000000000 ____D C:\Users\danha\AppData\Local\UnrealEngine
2023-08-09 00:26 - 2023-08-09 00:26 - 000000000 ____D C:\Users\danha\AppData\Local\UnrealEngineLauncher
2023-08-09 00:26 - 2023-08-09 00:26 - 000000000 ____D C:\Users\danha\AppData\Local\EpicGamesLauncher
2023-08-09 00:26 - 2023-08-09 00:26 - 000000000 ____D C:\Users\danha\AppData\Local\Epic Games
2023-08-09 00:25 - 2023-08-09 00:27 - 000000000 ____D C:\ProgramData\Epic
2023-08-09 00:25 - 2023-08-09 00:26 - 000000000 ____D C:\Program Files (x86)\Epic Games
2023-08-09 00:25 - 2023-08-09 00:25 - 000001270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2023-08-09 00:25 - 2023-08-09 00:25 - 000001258 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk
2023-08-09 00:20 - 2023-08-09 00:33 - 000000000 ____D C:\Users\danha\AppData\Roaming\discord
2023-08-09 00:20 - 2023-08-09 00:32 - 000000000 ____D C:\Users\danha\AppData\Local\Discord
2023-08-09 00:20 - 2023-08-09 00:20 - 000002231 _____ C:\Users\danha\Desktop\Discord.lnk
2023-08-09 00:20 - 2023-08-09 00:20 - 000000000 ____D C:\Users\danha\AppData\Roaming\NVIDIA
2023-08-09 00:20 - 2023-08-09 00:20 - 000000000 ____D C:\Users\danha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2023-08-09 00:20 - 2023-08-09 00:20 - 000000000 ____D C:\Users\danha\AppData\Local\SquirrelTemp
2023-08-09 00:20 - 2023-08-08 23:21 - 000000000 ____D C:\Windows\Panther
2023-08-09 00:18 - 2023-08-09 00:18 - 000000000 ____D C:\Windows\system32\Drivers\mde
2023-08-09 00:10 - 2023-08-09 00:10 - 000000000 ___HD C:\$WinREAgent
2023-08-09 00:10 - 2023-08-09 00:10 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-08-09 00:08 - 2023-08-09 00:09 - 000000000 ____D C:\Windows\system32\MRT
2023-08-09 00:06 - 2023-08-05 22:55 - 001487472 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2023-08-09 00:06 - 2023-08-05 22:55 - 001226864 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2023-08-09 00:06 - 2023-08-05 22:55 - 000849080 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2023-08-09 00:06 - 2023-08-05 22:55 - 000849080 _____ C:\Windows\system32\vulkaninfo.exe
2023-08-09 00:06 - 2023-08-05 22:55 - 000713912 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-08-09 00:06 - 2023-08-05 22:55 - 000713912 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2023-08-09 00:06 - 2023-08-05 22:55 - 000653504 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2023-08-09 00:06 - 2023-08-05 22:55 - 000653504 _____ C:\Windows\system32\vulkan-1.dll
2023-08-09 00:06 - 2023-08-05 22:55 - 000637112 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2023-08-09 00:06 - 2023-08-05 22:55 - 000637112 _____ C:\Windows\SysWOW64\vulkan-1.dll
2023-08-09 00:06 - 2023-08-05 22:51 - 000920712 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2023-08-09 00:06 - 2023-08-05 22:51 - 000668792 _____ C:\Windows\system32\nvofapi64.dll
2023-08-09 00:06 - 2023-08-05 22:51 - 000503928 _____ C:\Windows\SysWOW64\nvofapi.dll
2023-08-09 00:06 - 2023-08-05 22:50 - 002167928 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2023-08-09 00:06 - 2023-08-05 22:50 - 001621616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2023-08-09 00:06 - 2023-08-05 22:50 - 001538072 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2023-08-09 00:06 - 2023-08-05 22:50 - 001195024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2023-08-09 00:06 - 2023-08-05 22:50 - 000992376 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2023-08-09 00:06 - 2023-08-05 22:50 - 000776328 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2023-08-09 00:06 - 2023-08-05 22:50 - 000769160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2023-08-09 00:06 - 2023-08-05 22:49 - 014520856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2023-08-09 00:06 - 2023-08-05 22:49 - 012066952 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2023-08-09 00:06 - 2023-08-05 22:49 - 006190616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2023-08-09 00:06 - 2023-08-05 22:49 - 003483160 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2023-08-09 00:06 - 2023-08-05 22:49 - 000459376 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2023-08-09 00:06 - 2023-08-05 22:48 - 005845104 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2023-08-09 00:06 - 2023-08-05 22:48 - 005550728 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll
2023-08-09 00:06 - 2023-08-05 22:48 - 000853000 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2023-08-09 00:06 - 2023-08-05 22:46 - 006738136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2023-08-09 00:06 - 2023-08-05 06:08 - 000108142 _____ C:\Windows\system32\nvinfo.pb
2023-08-08 23:59 - 2023-08-10 12:10 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-08-08 23:59 - 2023-08-08 23:59 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2023-08-08 23:59 - 2023-08-08 23:59 - 000001043 _____ C:\Users\Public\Desktop\Thunderbird.lnk
2023-08-08 23:59 - 2023-08-08 23:59 - 000000000 ____D C:\Users\danha\AppData\Roaming\Thunderbird
2023-08-08 23:59 - 2023-08-08 23:59 - 000000000 ____D C:\Users\danha\AppData\Roaming\Mozilla
2023-08-08 23:59 - 2023-08-08 23:59 - 000000000 ____D C:\Users\danha\AppData\Local\Thunderbird
2023-08-08 23:59 - 2023-08-08 23:59 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2023-08-08 23:59 - 2023-08-08 23:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-08-08 23:57 - 2023-08-09 06:48 - 000000000 ____D C:\Users\danha\AppData\Local\NVIDIA Corporation
2023-08-08 23:57 - 2023-08-08 23:57 - 000001447 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2023-08-08 23:57 - 2023-08-08 23:57 - 000000000 ____D C:\Users\danha\AppData\Local\CEF
2023-08-08 23:57 - 2023-08-08 23:57 - 000000000 ____D C:\Users\danha\ansel
2023-08-08 23:56 - 2023-08-08 23:56 - 000002016 _____ C:\Users\Public\Desktop\ESET Ochrana bankovnictví a online plateb.lnk
2023-08-08 23:55 - 2023-08-08 23:55 - 000004308 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-08-08 23:55 - 2023-08-08 23:55 - 000003976 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-08-08 23:55 - 2023-08-08 23:55 - 000003940 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-08-08 23:55 - 2023-08-08 23:55 - 000003894 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-08-08 23:55 - 2023-08-08 23:55 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-08-08 23:55 - 2023-08-08 23:55 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-08-08 23:55 - 2023-08-08 23:55 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-08-08 23:55 - 2023-08-08 23:55 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-08-08 23:55 - 2023-08-08 23:55 - 000003654 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-08-08 23:55 - 2023-08-08 23:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2023-08-08 23:55 - 2023-08-08 23:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2023-08-08 23:55 - 2023-08-08 23:55 - 000000000 ____D C:\ProgramData\ESET
2023-08-08 23:55 - 2023-08-08 23:55 - 000000000 ____D C:\Program Files\ESET
2023-08-08 23:55 - 2023-01-20 18:45 - 002904632 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2023-08-08 23:55 - 2023-01-20 18:45 - 002234920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2023-08-08 23:55 - 2023-01-20 18:45 - 001297464 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
2023-08-08 23:55 - 2023-01-13 04:34 - 000086568 _____ C:\Windows\system32\FvSDK_x64.dll
2023-08-08 23:55 - 2023-01-13 04:34 - 000075304 _____ C:\Windows\SysWOW64\FvSDK_x86.dll
2023-08-08 23:54 - 2023-08-08 23:55 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2023-08-08 23:54 - 2022-12-13 11:27 - 000169512 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2023-08-08 23:54 - 2022-12-13 11:27 - 000148520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2023-08-08 23:53 - 2022-10-14 09:06 - 000059928 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2023-08-08 23:53 - 2022-07-14 01:32 - 000060112 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2023-08-08 23:52 - 2022-03-23 18:10 - 001933736 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\CtxRFX32.dll
2023-08-08 23:52 - 2022-03-23 18:10 - 000385072 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\CtxMLX32.dll
2023-08-08 23:50 - 2023-08-08 23:50 - 000000000 ____D C:\Users\danha\AppData\Local\OneDrive
2023-08-08 23:48 - 2023-08-08 23:48 - 008971384 _____ (ESET) C:\Users\danha\Downloads\eset_internet_security_live_installer.exe
2023-08-08 23:47 - 2023-08-08 23:47 - 000000000 ____D C:\Users\Public\Documents\Creative
2023-08-08 23:47 - 2023-08-08 23:47 - 000000000 ____D C:\Users\danha\AppData\Local\Creative_Technology_Ltd
2023-08-08 23:47 - 2023-08-08 23:47 - 000000000 ____D C:\Users\danha\AppData\Local\Creative
2023-08-08 23:47 - 2020-10-15 13:59 - 000034064 ____N (ASUSTeK Computer Inc.) C:\Windows\system32\Drivers\IOMap64.sys
2023-08-08 23:45 - 2023-08-10 14:13 - 000000000 ____D C:\Users\danha\AppData\Local\D3DSCache
2023-08-08 23:43 - 2023-08-10 14:30 - 000000000 ____D C:\Program Files (x86)\Google
2023-08-08 23:43 - 2023-08-08 23:43 - 000003844 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{283ECE0C-6868-4C76-9250-2525BE353521}
2023-08-08 23:43 - 2023-08-08 23:43 - 000003720 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{B8E3713C-1427-4281-804E-E597862F40C2}
2023-08-08 23:43 - 2023-08-08 23:43 - 000002323 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-08-08 23:43 - 2023-08-08 23:43 - 000002282 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-08-08 23:43 - 2023-08-08 23:43 - 000000000 ____D C:\Users\danha\AppData\Local\Google
2023-08-08 23:43 - 2023-08-08 23:43 - 000000000 ____D C:\Program Files\Google
2023-08-08 23:42 - 2023-08-09 22:54 - 000000000 ____D C:\Users\danha\AppData\Roaming\PotPlayerMini64
2023-08-08 23:42 - 2023-08-09 22:50 - 000001018 _____ C:\Users\Public\Desktop\PotPlayer 64 bit.lnk
2023-08-08 23:42 - 2023-08-09 00:05 - 000000000 ____D C:\Users\danha\AppData\Local\Comms
2023-08-08 23:42 - 2023-08-08 23:42 - 001372712 _____ (Google LLC) C:\Users\danha\Downloads\ChromeSetup.exe
2023-08-08 23:42 - 2023-08-08 23:42 - 000000000 ____D C:\Users\danha\AppData\Roaming\Daum
2023-08-08 23:42 - 2023-08-08 23:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PotPlayer
2023-08-08 23:42 - 2023-08-08 23:42 - 000000000 ____D C:\Program Files\DAUM
2023-08-08 23:41 - 2023-08-08 23:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2023-08-08 23:40 - 2023-08-10 11:58 - 000000000 ____D C:\ProgramData\Package Cache
2023-08-08 23:40 - 2023-08-08 23:52 - 000000079 ___RH C:\Windows\ctfile.rfc
2023-08-08 23:40 - 2023-08-08 23:51 - 000001368 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sound Blaster Command.lnk
2023-08-08 23:40 - 2023-08-08 23:51 - 000001356 _____ C:\Users\Public\Desktop\Sound Blaster Command.lnk
2023-08-08 23:40 - 2023-08-08 23:41 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2023-08-08 23:40 - 2023-08-08 23:41 - 000000000 ____D C:\Windows\system32\Tasks\ASUS
2023-08-08 23:40 - 2023-08-08 23:40 - 000466520 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2023-08-08 23:40 - 2023-08-08 23:40 - 000445016 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2023-08-08 23:40 - 2023-08-08 23:40 - 000123480 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2023-08-08 23:40 - 2023-08-08 23:40 - 000109144 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2023-08-08 23:40 - 2023-08-08 23:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2023-08-08 23:40 - 2023-08-08 23:40 - 000000000 ____D C:\ProgramData\Creative
2023-08-08 23:40 - 2023-08-08 23:40 - 000000000 ____D C:\Program Files (x86)\Creative
2023-08-08 23:40 - 2020-09-07 18:07 - 000009741 _____ C:\Windows\system32\CTOPT352.cat
2023-08-08 23:40 - 2020-09-07 18:07 - 000009645 _____ C:\Windows\SysWOW64\CTOPT352.cat
2023-08-08 23:40 - 2020-09-07 18:07 - 000009213 _____ C:\Windows\system32\CTOPT399.cat
2023-08-08 23:40 - 2020-09-07 18:07 - 000009117 _____ C:\Windows\SysWOW64\CTOPT399.cat
2023-08-08 23:40 - 2020-09-07 11:42 - 000184320 _____ (Creative Technology Ltd) C:\Windows\system32\CTOPT352.dll
2023-08-08 23:40 - 2020-09-07 11:42 - 000167424 _____ (Creative Technology Ltd) C:\Windows\SysWOW64\CTOPT352.dll
2023-08-08 23:40 - 2020-09-07 11:41 - 000079872 _____ (Creative Technology Ltd) C:\Windows\SysWOW64\CTOPT399.dll
2023-08-08 23:40 - 2020-09-07 11:40 - 000088576 _____ (Creative Technology Ltd) C:\Windows\system32\CTOPT399.dll
2023-08-08 23:40 - 2020-05-26 04:02 - 000120880 _____ C:\Windows\system32\AsIO2.dll
2023-08-08 23:40 - 2020-05-26 04:02 - 000095280 _____ C:\Windows\SysWOW64\AsIO2.dll
2023-08-08 23:40 - 2020-05-25 10:58 - 000035136 _____ C:\Windows\system32\Drivers\AsIO2.sys
2023-08-08 23:40 - 2019-05-14 10:00 - 001942528 ____N (Creative) C:\Windows\SysWOW64\Sens_oal.dll
2023-08-08 23:40 - 2008-12-22 20:13 - 000061440 _____ (Creative Technology Ltd) C:\Windows\SysWOW64\CTChkAud.dll
2023-08-08 23:40 - 2008-12-22 20:13 - 000049664 _____ (Creative Technology Ltd) C:\Windows\system32\CTChkAud.dll
2023-08-08 23:34 - 2023-08-09 15:47 - 000000000 ____D C:\Users\danha\AppData\Roaming\Microsoft\Spelling
2023-08-08 23:28 - 2023-08-09 00:26 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2023-08-08 23:27 - 2023-08-10 01:05 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2262484748-1581816627-3459754211-1001
2023-08-08 23:27 - 2023-08-10 01:05 - 000003380 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2262484748-1581816627-3459754211-1001
2023-08-08 23:27 - 2023-08-09 06:12 - 000000000 ___RD C:\Users\danha\OneDrive
2023-08-08 23:27 - 2023-08-09 02:32 - 000000000 ____D C:\Users\danha\AppData\Local\PlaceholderTileLogoFolder
2023-08-08 23:27 - 2023-08-08 23:27 - 000000000 ___HD C:\OneDriveTemp
2023-08-08 23:27 - 2023-08-08 23:27 - 000000000 ____D C:\Users\danha\AppData\Roaming\Microsoft\MMC
2023-08-08 23:27 - 2023-08-08 23:27 - 000000000 ____D C:\Users\danha\AppData\Local\DBG
2023-08-08 23:27 - 2023-08-08 23:27 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2023-08-08 23:26 - 2023-08-10 14:28 - 000000000 ____D C:\ProgramData\NVIDIA
2023-08-08 23:26 - 2023-08-10 12:06 - 000000000 ____D C:\Users\danha\AppData\Local\Packages
2023-08-08 23:26 - 2023-08-09 10:23 - 000000000 ____D C:\ProgramData\Packages
2023-08-08 23:26 - 2023-08-09 06:47 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2023-08-08 23:26 - 2023-08-09 00:09 - 000000000 ____D C:\Users\danha\AppData\Local\NVIDIA
2023-08-08 23:26 - 2023-08-08 23:55 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2023-08-08 23:26 - 2023-08-08 23:52 - 000000000 ____D C:\Users\Public\Creative
2023-08-08 23:26 - 2023-08-08 23:32 - 000000000 ____D C:\Users\danha\AppData\Local\ConnectedDevicesPlatform
2023-08-08 23:26 - 2023-08-08 23:27 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-08-08 23:26 - 2023-08-08 23:26 - 000000000 ___SD C:\Users\danha\AppData\Roaming\Microsoft\Crypto
2023-08-08 23:26 - 2023-08-08 23:26 - 000000000 ___RD C:\Users\danha\3D Objects
2023-08-08 23:26 - 2023-08-08 23:26 - 000000000 ____D C:\Windows\system32\lxss
2023-08-08 23:26 - 2023-08-08 23:26 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2023-08-08 23:26 - 2023-08-08 23:26 - 000000000 ____D C:\Users\danha\AppData\Roaming\Microsoft\Vault
2023-08-08 23:26 - 2023-08-08 23:26 - 000000000 ____D C:\Users\danha\AppData\Roaming\Microsoft\Network
2023-08-08 23:26 - 2023-08-08 23:26 - 000000000 ____D C:\Users\danha\AppData\Roaming\Adobe
2023-08-08 23:26 - 2023-08-08 23:26 - 000000000 ____D C:\Users\danha\AppData\Local\VirtualStore
2023-08-08 23:26 - 2023-08-08 23:26 - 000000000 ____D C:\Users\danha\AppData\Local\Publishers
2023-08-08 23:26 - 2023-08-05 22:46 - 007858216 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2023-08-08 23:26 - 2023-05-17 07:01 - 000131528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2023-08-08 23:25 - 2023-08-10 14:30 - 000000000 ____D C:\Users\danha
2023-08-08 23:25 - 2023-08-10 01:05 - 000002381 _____ C:\Users\danha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-08-08 23:25 - 2023-08-08 23:26 - 000000000 ____D C:\Users\danha\AppData\Roaming\Microsoft\Windows
2023-08-08 23:25 - 2023-08-08 23:25 - 000000020 ___SH C:\Users\danha\ntuser.ini
2023-08-08 23:25 - 2023-08-08 23:25 - 000000000 _SHDL C:\Users\danha\Šablony
2023-08-08 23:25 - 2023-08-08 23:25 - 000000000 _SHDL C:\Users\danha\Soubory cookie
2023-08-08 23:25 - 2023-08-08 23:25 - 000000000 _SHDL C:\Users\danha\Poslední
2023-08-08 23:25 - 2023-08-08 23:25 - 000000000 _SHDL C:\Users\danha\Okolní tiskárny
2023-08-08 23:25 - 2023-08-08 23:25 - 000000000 _SHDL C:\Users\danha\Okolní síť
2023-08-08 23:25 - 2023-08-08 23:25 - 000000000 _SHDL C:\Users\danha\Nabídka Start
2023-08-08 23:25 - 2023-08-08 23:25 - 000000000 _SHDL C:\Users\danha\Dokumenty
2023-08-08 23:25 - 2023-08-08 23:25 - 000000000 _SHDL C:\Users\danha\Documents\Obrázky
2023-08-08 23:25 - 2023-08-08 23:25 - 000000000 _SHDL C:\Users\danha\Documents\Hudba
2023-08-08 23:25 - 2023-08-08 23:25 - 000000000 _SHDL C:\Users\danha\Documents\Filmy
2023-08-08 23:25 - 2023-08-08 23:25 - 000000000 _SHDL C:\Users\danha\Data aplikací
2023-08-08 23:25 - 2023-08-08 23:25 - 000000000 _SHDL C:\Users\danha\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2023-08-08 23:25 - 2023-08-08 23:25 - 000000000 _SHDL C:\Users\danha\AppData\Local\Data aplikací
2023-08-08 23:25 - 2023-08-08 23:25 - 000000000 ___SD C:\Users\danha\AppData\Roaming\Microsoft\SystemCertificates
2023-08-08 23:25 - 2023-08-08 23:25 - 000000000 ___SD C:\Users\danha\AppData\Roaming\Microsoft\Protect
2023-08-08 23:25 - 2023-08-08 23:25 - 000000000 ___SD C:\Users\danha\AppData\Roaming\Microsoft\Credentials
2023-08-08 23:24 - 2023-08-08 23:41 - 000000000 ____D C:\Program Files (x86)\ASUS
2023-08-08 23:24 - 2023-08-08 23:26 - 000378376 _____ C:\Windows\system32\syncas.dll
2023-08-08 23:24 - 2023-08-08 23:26 - 000338552 _____ () C:\Windows\system32\AsusDownLoadLicense.exe
2023-08-08 23:24 - 2023-08-08 23:24 - 001189784 _____ (ASUSTeK Computer Inc.) C:\Windows\system32\AsusDownloadAgent.exe
2023-08-08 23:22 - 2023-08-08 23:22 - 000000000 _SHDL C:\Users\Public\Documents\Obrázky
2023-08-08 23:22 - 2023-08-08 23:22 - 000000000 _SHDL C:\Users\Public\Documents\Hudba
2023-08-08 23:22 - 2023-08-08 23:22 - 000000000 _SHDL C:\Users\Public\Documents\Filmy
2023-08-08 23:22 - 2023-08-08 23:22 - 000000000 _SHDL C:\Users\Default\Šablony
2023-08-08 23:22 - 2023-08-08 23:22 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2023-08-08 23:22 - 2023-08-08 23:22 - 000000000 _SHDL C:\Users\Default\Poslední
2023-08-08 23:22 - 2023-08-08 23:22 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2023-08-08 23:22 - 2023-08-08 23:22 - 000000000 _SHDL C:\Users\Default\Okolní síť
2023-08-08 23:22 - 2023-08-08 23:22 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2023-08-08 23:22 - 2023-08-08 23:22 - 000000000 _SHDL C:\Users\Default\Dokumenty
2023-08-08 23:22 - 2023-08-08 23:22 - 000000000 _SHDL C:\Users\Default\Documents\Obrázky
2023-08-08 23:22 - 2023-08-08 23:22 - 000000000 _SHDL C:\Users\Default\Documents\Hudba
2023-08-08 23:22 - 2023-08-08 23:22 - 000000000 _SHDL C:\Users\Default\Documents\Filmy
2023-08-08 23:22 - 2023-08-08 23:22 - 000000000 _SHDL C:\Users\Default\Data aplikací
2023-08-08 23:22 - 2023-08-08 23:22 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2023-08-08 23:22 - 2023-08-08 23:22 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2023-08-08 23:22 - 2023-08-08 23:22 - 000000000 _SHDL C:\ProgramData\Šablony
2023-08-08 23:22 - 2023-08-08 23:22 - 000000000 _SHDL C:\ProgramData\Plocha
2023-08-08 23:22 - 2023-08-08 23:22 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2023-08-08 23:22 - 2023-08-08 23:22 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2023-08-08 23:22 - 2023-08-08 23:22 - 000000000 _SHDL C:\ProgramData\Dokumenty
2023-08-08 23:22 - 2023-08-08 23:22 - 000000000 _SHDL C:\ProgramData\Data aplikací
2023-08-08 23:22 - 2023-08-08 23:22 - 000000000 _SHDL C:\Documents and Settings
2023-08-08 23:22 - 2023-08-08 23:22 - 000000000 ____D C:\Windows\CSC
2023-08-08 23:20 - 2023-08-10 14:28 - 000807280 _____ C:\Windows\system32\wpbbin.exe
2023-08-08 23:20 - 2023-08-10 14:28 - 000768408 _____ C:\Windows\system32\AsusUpdateCheck.exe
2023-08-08 23:20 - 2023-08-10 14:28 - 000008192 ___SH C:\DumpStack.log.tmp
2023-08-08 23:20 - 2023-08-10 14:28 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-08-08 23:20 - 2023-08-10 14:12 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-08-08 23:20 - 2023-08-09 10:23 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-08-08 23:20 - 2023-08-09 10:23 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-08-08 23:20 - 2023-08-09 10:15 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-08-08 23:20 - 2023-08-09 10:15 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-08-08 23:20 - 2023-08-09 00:19 - 000259768 _____ C:\Windows\system32\FNTCACHE.DAT
2023-08-08 23:20 - 2023-08-08 23:47 - 000000000 ____D C:\ProgramData\ASUS
2023-08-08 23:20 - 2023-08-08 23:20 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2023-08-08 23:20 - 2023-08-08 23:20 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-08-08 23:20 - 2023-08-08 23:20 - 000000000 ____D C:\Windows\ServiceProfiles
2023-08-04 12:03 - 2023-08-04 12:03 - 000249544 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2023-08-04 12:03 - 2023-08-04 12:03 - 000208704 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2023-08-04 12:03 - 2023-08-04 12:03 - 000123040 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys
2023-08-04 12:03 - 2023-08-04 12:03 - 000118904 _____ (ESET) C:\Windows\system32\Drivers\edevmon.sys
2023-08-04 12:03 - 2023-08-04 12:03 - 000081712 _____ (ESET) C:\Windows\system32\Drivers\epfw.sys
2023-08-04 12:03 - 2023-08-04 12:03 - 000055424 _____ (ESET) C:\Windows\system32\Drivers\ekbdflt.sys
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-08-10 14:30 - 2022-09-08 05:11 - 000000000 ____D C:\Windows\SystemTemp
2023-08-10 14:30 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-08-10 14:26 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2023-08-10 14:21 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2023-08-10 12:06 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-08-10 12:06 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2023-08-10 11:58 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-08-10 10:26 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2023-08-09 04:04 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\appcompat
2023-08-09 00:26 - 2019-12-07 16:43 - 000682184 _____ C:\Windows\system32\perfh005.dat
2023-08-09 00:26 - 2019-12-07 16:43 - 000137000 _____ C:\Windows\system32\perfc005.dat
2023-08-09 00:20 - 2019-12-07 11:14 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2023-08-09 00:18 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-08-09 00:18 - 2019-12-07 16:43 - 000000000 ____D C:\Windows\SysWOW64\cs
2023-08-09 00:18 - 2019-12-07 16:43 - 000000000 ____D C:\Windows\system32\cs
2023-08-09 00:18 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\UNP
2023-08-09 00:18 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-08-09 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-08-09 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2023-08-09 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2023-08-09 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2023-08-09 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2023-08-09 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2023-08-09 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2023-08-09 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2023-08-09 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2023-08-09 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemApps
2023-08-09 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-08-09 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup
2023-08-09 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2023-08-09 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2023-08-09 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2023-08-09 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\migwiz
2023-08-09 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\lv-LV
2023-08-09 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\lt-LT
2023-08-09 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\et-EE
2023-08-09 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\es-MX
2023-08-09 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2023-08-09 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\DDFs
2023-08-09 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\appraiser
2023-08-09 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellExperiences
2023-08-09 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Provisioning
2023-08-09 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-08-09 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2023-08-09 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-08-09 00:16 - 2019-12-07 11:15 - 000208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2023-08-09 00:16 - 2019-12-07 11:14 - 000232448 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2023-08-09 00:16 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\servicing
2023-08-08 23:55 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2023-08-08 23:33 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\PrintDialog
2023-08-08 23:33 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2023-08-08 23:25 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2023-08-08 23:22 - 2019-12-07 16:45 - 000000000 ____D C:\Windows\system32\FxsTmp
2023-08-08 23:22 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\spool
2023-08-08 23:22 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\USOPrivate
2023-08-08 23:22 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows NT
2023-08-08 23:20 - 2019-12-07 11:03 - 000032768 _____ C:\Windows\system32\config\ELAM
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-08-2023
Ran by danha (10-08-2023 14:40:43)
Running from C:\Users\danha\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.3324 (X64) (2023-08-08 21:22:10)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2262484748-1581816627-3459754211-500 - Administrator - Disabled)
danha (S-1-5-21-2262484748-1581816627-3459754211-1001 - Administrator - Enabled) => C:\Users\danha
DefaultAccount (S-1-5-21-2262484748-1581816627-3459754211-503 - Limited - Disabled)
Guest (S-1-5-21-2262484748-1581816627-3459754211-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2262484748-1581816627-3459754211-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Security (Enabled - Up to date) {DF8BEACB-94C9-218A-73AD-A78362A8C516}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {E7B06BEE-DEA6-20D2-58F2-0EB69C7B826D}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 3.00.69 - ASUSTeK Computer Inc.)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 3.10.22.706 - Advanced Micro Devices, Inc.)
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.83 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.17.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 7.0.4.4 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Master (HKLM\...\{02247819-03CD-414E-AC8D-FD518BFBA445}) (Version: 2.11.1.2623 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 2.11.1.2623 - Advanced Micro Devices, Inc.)
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\{cf77cf6b-71ff-4a71-802d-43adb9b271b7}) (Version: 3.10.22.706 - Advanced Micro Devices, Inc.) Hidden
Bloody7 (HKLM-x32\...\Bloody3) (Version: 22.11.0004 - Bloody)
Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.45 - Creative Technology Limited)
Discord (HKU\S-1-5-21-2262484748-1581816627-3459754211-1001\...\Discord) (Version: 1.0.9016 - Discord Inc.)
Dolby Digital Live Pack version 4.02.00 (HKLM-x32\...\DDLMaster_is1) (Version: 4.02.00 - Creative Technology Ltd.)
DTS Connect Pack version 2.02.00 (HKLM-x32\...\DTSMaster_is1) (Version: 2.02.00 - Creative Technology Ltd.)
Epic Games Launcher (HKLM-x32\...\{C027033D-F5BC-4556-B302-84E6EC6BD4D4}) (Version: 1.3.67.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{4757C19B-4CE3-418C-91D2-E15E938091FB}) (Version: 2.0.39.0 - Epic Games, Inc.)
ESET Security (HKLM\...\{32DA3D18-091D-4B85-BFD4-C17C514674ED}) (Version: 16.2.13.0 - ESET, spol. s r.o.)
GBT_MB_Update 23.07.17.01 (HKLM\...\GBT_MB_Update) (Version: 23.07.17.01 - GIGABYTE)
GBT_RGB_Sync_Control 23.07.21.01 (HKLM\...\GBT_RGB_Sync_Control) (Version: 23.07.21.01 - GIGABYTE)
GBT_VGA 23.08.02.01 (HKLM\...\GBT_VGA) (Version: 23.08.02.01 - GIGABYTE)
GIGABYTE Control Center 23.07.21.01 (HKLM\...\GIGABYTE Control Center) (Version: 23.07.21.01 - GIGABYTE)
GMenu (HKU\S-1-5-21-2262484748-1581816627-3459754211-1001\...\4ac46a8d-c0d4-56ee-87f3-9abd4ce22e7f) (Version: 3.20.0 - AOC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 115.0.5790.171 - Google LLC)
Host OpenAL (HKLM-x32\...\Host OpenAL) (Version: 2.03 - Creative Technology Limited)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 115.0.1901.200 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 115.0.1901.200 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2262484748-1581816627-3459754211-1001\...\OneDriveSetup.exe) (Version: 23.147.0716.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 115.1.0 - Mozilla)
Mozilla Thunderbird (x64 cs) (HKLM\...\Mozilla Thunderbird 115.1.0 (x64 cs)) (Version: 115.1.0 - Mozilla)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.112 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.112 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 536.99 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 536.99 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 230707 - Kakao Corp.)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 2.0.1.0 - Advanced Micro Devices, Inc.) Hidden
Sound Blaster AE-Series Driver (HKLM-x32\...\AESeries_is1) (Version: 1.0.01.06 - Creative Technology Ltd.)
Sound Blaster Command version 3.5.09.00 (HKLM-x32\...\Sound Blaster Command_is1) (Version: 3.5.09.00 - Creative Technology Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
WinRAR 6.22 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.22.0 - win.rar GmbH)
Wise Auto Shutdown 2.0.3 (HKLM-x32\...\Wise Auto Shutdown_is1) (Version: 2.0.3 - WiseCleaner.com, Inc.)
Packages:
=========
Beach Time PREMIUM -> C:\Program Files\WindowsApps\Microsoft.BeachTimePREMIUM_1.0.0.0_neutral__8wekyb3d8bbwe [2023-08-10] (Microsoft Corporation)
Colors of Mexico -> C:\Program Files\WindowsApps\Microsoft.ColorsofMexico_1.0.0.0_neutral__8wekyb3d8bbwe [2023-08-10] (Microsoft Corporation)
Forest for the Trees -> C:\Program Files\WindowsApps\Microsoft.ForestfortheTrees_1.0.0.0_neutral__8wekyb3d8bbwe [2023-08-10] (Microsoft Corporation)
Mountain Dwellings -> C:\Program Files\WindowsApps\Microsoft.MountainDwellings_1.0.0.0_neutral__8wekyb3d8bbwe [2023-08-10] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-08-09] (NVIDIA Corp.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.17.8040.0_x64__8wekyb3d8bbwe [2023-08-09] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.217.834.0_x64__zpdnekdrzrea0 [2023-08-09] (Spotify AB) [Startup Task]
World National Parks -> C:\Program Files\WindowsApps\Microsoft.WorldNationalParks_1.0.0.0_neutral__8wekyb3d8bbwe [2023-08-10] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-08-04] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-05-29] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-05-29] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-08-04] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1ddf203f8d876fdf\nvshext.dll [2023-08-05] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-08-04] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-05-29] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-05-29] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2023-08-09 21:11 - 2023-08-03 05:27 - 002772480 _____ () [File not signed] C:\G-Menu\ffmpeg.dll
2023-08-09 21:11 - 2023-08-03 05:27 - 000379904 _____ () [File not signed] C:\G-Menu\libegl.dll
2023-08-09 21:11 - 2023-08-03 05:27 - 007863296 _____ () [File not signed] C:\G-Menu\libglesv2.dll
2023-08-09 21:11 - 2023-08-03 05:27 - 000085504 _____ () [File not signed] C:\G-Menu\resources\bin\lib\BeiYing\KBAccess_AGK600.dll
2023-08-09 21:11 - 2023-08-03 05:27 - 000081920 _____ () [File not signed] C:\G-Menu\resources\bin\lib\BeiYing\KBAccess_GK450_K901.dll
2023-08-09 21:11 - 2023-08-03 05:27 - 000081920 _____ () [File not signed] C:\G-Menu\resources\bin\lib\BeiYing\KBAccess_GK480_K901.dll
2023-08-09 21:11 - 2023-08-03 05:27 - 000085504 _____ () [File not signed] C:\G-Menu\resources\bin\lib\BeiYing\KBAccess_GK530.dll
2023-08-09 21:11 - 2023-08-03 05:27 - 000091136 _____ () [File not signed] C:\G-Menu\resources\bin\lib\BeiYing\MSAccess_AGM600.dll
2023-08-09 21:11 - 2023-08-03 05:27 - 000091136 _____ () [File not signed] C:\G-Menu\resources\bin\lib\BeiYing\MSAccess_GM300.dll
2023-08-09 21:11 - 2023-08-03 05:27 - 000091136 _____ () [File not signed] C:\G-Menu\resources\bin\lib\BeiYing\MSAccess_GM310.dll
2023-08-09 21:11 - 2023-08-03 05:27 - 000091136 _____ () [File not signed] C:\G-Menu\resources\bin\lib\BeiYing\MSAccess_GM510.dll
2023-08-09 21:11 - 2023-08-03 05:27 - 000091136 _____ () [File not signed] C:\G-Menu\resources\bin\lib\BeiYing\MSAccess_GM530.dll
2023-08-08 23:40 - 2020-10-15 13:59 - 000147456 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2023-08-08 23:41 - 2020-10-12 15:00 - 000884224 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2023-08-08 23:41 - 2020-10-12 15:00 - 000999936 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2023-08-08 23:41 - 2020-10-12 15:00 - 000988160 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2023-08-08 23:41 - 2020-10-12 15:00 - 000950784 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2023-08-08 23:40 - 2020-10-12 09:00 - 006065152 _____ () [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.94\libprotobufd.dll
2023-08-09 01:56 - 2017-04-17 04:43 - 003852800 ____N () [File not signed] C:\Program Files (x86)\Bloody7\Bloody7\Data\Mouse\Forms\Internet_Advertisement\Internet_Advertisement_DLL.dll
2023-08-08 23:40 - 2020-10-15 13:59 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsAcpi.dll
2023-08-08 23:40 - 2020-10-15 13:59 - 000676864 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\asacpiEx.dll
2023-08-08 23:40 - 2020-10-15 13:59 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsMultiLang.dll
2023-08-08 23:41 - 2020-10-12 15:00 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\AsMultiLang.dll
2023-08-08 23:40 - 2020-08-24 07:52 - 000158208 _____ (Creative Lab Pte Ltd.) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Command\Platform\ClplLEDController.dll
2023-08-08 23:40 - 2020-03-05 05:08 - 000565248 _____ (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Command\Platform\CTAudEp.dll
2023-08-08 23:40 - 2020-07-21 08:49 - 002087424 _____ (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Command\Platform\CTCDC.dll
2023-08-08 23:40 - 2020-08-24 07:52 - 001830912 _____ (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Command\Platform\CTDrvLedMgr.dll
2023-08-08 23:40 - 2021-07-21 01:26 - 000124416 _____ (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Command\Platform\CTHID.dll
2023-08-08 23:40 - 2021-07-21 01:26 - 000587776 _____ (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Command\Platform\CTHIDRpA.dll
2023-08-08 23:40 - 2018-10-23 01:25 - 000098304 _____ (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Command\Platform\CTIntrfu.dll
2023-08-08 23:40 - 2018-08-16 03:33 - 001878528 _____ (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Command\Platform\MalLgcy.dll
2023-08-08 23:40 - 2022-05-05 06:27 - 000141312 _____ (Creative Technology Ltd.) [File not signed] [File is in use] C:\Program Files (x86)\Creative\Sound Blaster Command\Platform\Creative.Platform.PropStore.dll
2023-08-09 21:11 - 2023-08-03 05:27 - 000034304 _____ (LED_Control) [File not signed] [File is in use] C:\G-Menu\resources\bin\LED_Control.dll
2023-08-09 21:11 - 2023-08-03 05:27 - 000828928 _____ (NLog) [File not signed] [File is in use] C:\G-Menu\resources\bin\NLog.dll
2023-08-09 21:11 - 2023-08-03 05:27 - 000046592 _____ (NLog) [File not signed] [File is in use] C:\G-Menu\resources\bin\NLog.Extensions.Logging.dll
2023-08-09 21:11 - 2023-08-03 05:27 - 000048128 _____ (NLog) [File not signed] [File is in use] C:\G-Menu\resources\bin\NLog.Web.AspNetCore.dll
2023-08-09 21:11 - 2023-08-03 05:27 - 000014848 _____ (Swashbuckle.AspNetCore.Swagger) [File not signed] [File is in use] C:\G-Menu\resources\bin\Swashbuckle.AspNetCore.Swagger.dll
2023-08-09 21:11 - 2023-08-03 05:27 - 000084480 _____ (Swashbuckle.AspNetCore.SwaggerGen) [File not signed] [File is in use] C:\G-Menu\resources\bin\Swashbuckle.AspNetCore.SwaggerGen.dll
2023-08-09 21:11 - 2023-08-03 05:27 - 003724800 _____ (Swashbuckle.AspNetCore.SwaggerUI) [File not signed] [File is in use] C:\G-Menu\resources\bin\Swashbuckle.AspNetCore.SwaggerUI.dll
2023-08-09 21:11 - 2023-08-03 05:27 - 000354816 _____ (TODO: <公司名>) [File not signed] C:\G-Menu\resources\bin\DDCHelperLib.dll
2023-08-09 21:11 - 2023-08-03 05:27 - 000808448 _____ (Zeasn) [File not signed] [File is in use] C:\G-Menu\resources\bin\G_Menu.dll
2023-08-09 21:11 - 2023-08-03 05:27 - 000160768 _____ (Zeasn.Com.Lib) [File not signed] [File is in use] C:\G-Menu\resources\bin\Zeasn.Com.Lib.dll
2023-08-09 21:11 - 2023-08-03 05:27 - 000089088 _____ (Zeasn.DDC.Lib) [File not signed] [File is in use] C:\G-Menu\resources\bin\Zeasn.DDC.Lib.dll
2023-08-09 21:11 - 2023-08-03 05:27 - 000070656 _____ (Zeasn.DTS.Lib) [File not signed] [File is in use] C:\G-Menu\resources\bin\Zeasn.DTS.Lib.dll
2023-08-09 21:11 - 2023-08-03 05:27 - 000680960 _____ (Zeasn.Equipment.Base.Lib) [File not signed] [File is in use] C:\G-Menu\resources\bin\Zeasn.Equipment.Base.Lib.dll
2023-08-09 21:11 - 2023-08-03 05:27 - 000159744 _____ (Zeasn.Equipment.Entity.Lib) [File not signed] [File is in use] C:\G-Menu\resources\bin\Zeasn.Equipment.Entity.Lib.dll
2023-08-09 21:11 - 2023-08-03 05:27 - 000247808 _____ (Zeasn.Equipment.Option.Lib) [File not signed] [File is in use] C:\G-Menu\resources\bin\Zeasn.Equipment.Option.Lib.dll
2023-08-09 21:11 - 2023-08-03 05:27 - 000162304 _____ (Zeasn.Framework.Core.Lib) [File not signed] [File is in use] C:\G-Menu\resources\bin\Zeasn.Framework.Core.Lib.dll
2023-08-09 21:11 - 2023-08-03 05:27 - 000088064 _____ (Zeasn.Framework.Game.Lib) [File not signed] [File is in use] C:\G-Menu\resources\bin\Zeasn.Framework.Game.Lib.dll
2023-08-09 21:11 - 2023-08-03 05:27 - 000043520 _____ (Zeasn.Log.Lib) [File not signed] [File is in use] C:\G-Menu\resources\bin\Zeasn.Log.Lib.dll
2023-08-09 21:11 - 2023-08-03 05:27 - 000053760 _____ (Zeasn.Open.Equipment.Lib) [File not signed] [File is in use] C:\G-Menu\resources\bin\Zeasn.Open.Equipment.Lib.dll
2023-08-09 21:11 - 2023-08-03 05:27 - 000105984 _____ (Zeasn.USB.BeiYing.Lib) [File not signed] [File is in use] C:\G-Menu\resources\bin\Zeasn.USB.BeiYing.Lib.dll
2023-08-09 21:11 - 2023-08-03 05:27 - 000104448 _____ (Zeasn.USB.CmediaSDK.Lib) [File not signed] [File is in use] C:\G-Menu\resources\bin\Zeasn.USB.CmediaSDK.Lib.dll
2023-08-09 21:11 - 2023-08-03 05:27 - 000060928 _____ (Zeasn.USB.IOne.Lib) [File not signed] [File is in use] C:\G-Menu\resources\bin\Zeasn.USB.IOne.Lib.dll
2023-08-09 21:11 - 2023-08-03 05:27 - 000269824 _____ (Zeasn.Win.Lib) [File not signed] [File is in use] C:\G-Menu\resources\bin\Zeasn.Win.Lib.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2262484748-1581816627-3459754211-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\danha\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.15.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{2069874E-EF3F-4007-9450-66CD75FCD59D}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{BB0ACC2C-A5B1-4A5E-87C7-98118C0480D8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{92F5351A-F443-4E55-9D3F-02DB26CD2ABF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{BD1FDFAE-A41C-40BC-A6D9-48443C42E8FC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{6EAFFABD-D05F-41D8-B965-4B3F2CA2F82A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{84EB2E4B-7C4D-4200-993E-B76D607BA8AF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{9C98CF6F-AF17-4A31-B5C5-3DA3E9F51D51}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{DFDE504F-51D3-4E60-A36E-D80FD277FA7F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{8DAB5BAC-5715-40DA-9C88-E378E264BD95}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{444CBD99-47E7-4434-BECE-AF82D180C49F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{262DD46E-FBBC-4C43-A020-3CAEEE2A1CF7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{82B88D2E-5DA1-4329-AAA7-9AB93D6FA283}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.217.834.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A7DDC7C4-0B4D-4861-A051-7E509FA0DB45}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.217.834.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{FE18409B-AD7D-46E6-8421-CD5AA61BB85E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.217.834.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3A0B7C6C-CB71-4B51-A581-7CFFF71BE3B6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.217.834.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F19C1661-A583-4928-B192-577E0E990EF1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.217.834.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F1C2BCE0-82EA-4C64-95C2-CBEBD72FD7B2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.217.834.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5A74CA9B-AFBD-433B-B293-701FF46737CD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.217.834.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{49B2F39B-9E2D-435C-BC0E-97772666A645}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.217.834.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C3504E68-2750-42E2-96F8-0DB0010716E4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.217.834.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B48E980D-697C-4B48-A7E4-809A256A7472}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.217.834.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9BA10B73-11C9-4ED4-841A-27CE16B160DF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.100.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B967AAE3-D427-4413-A756-5DD24DEDBC45}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.100.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2A1B842D-EAEE-4681-A222-EC0C51FC0AA1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.100.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B51D8550-185A-4C4A-A01E-89BC0E73D1BF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.100.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1F84DA98-D630-4C6E-B0EB-819F231065DF}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\115.0.1901.200\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{373D1E0C-72D5-4A5C-820D-4BFDF8F1DBA2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve Corp. -> )
FirewallRules: [{A3B19DF6-4CA2-487B-B375-A443AF383DB2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve Corp. -> )
FirewallRules: [{E5E06309-E17D-4ACE-89CB-5770887D610B}] => (Allow) C:\Program Files\GIGABYTE\Control Center\GCC.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{9D93D085-729C-47C6-940C-DDAE1B6BDFE3}] => (Allow) C:\Program Files\GIGABYTE\Control Center\GCC.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
==================== Restore Points =========================
08-08-2023 23:22:42 Instalační služba modulů systému Windows
10-08-2023 10:25:57 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
Name: NVIDIA High Definition Audio
Description: NVIDIA High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: NVHDA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: NVIDIA Virtual Audio Device (Wave Extensible) (WDM)
Description: NVIDIA Virtual Audio Device (Wave Extensible) (WDM)
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: nvvad_WaveExtensible
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (08/10/2023 02:29:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GbtCloudMatrix.exe, verze: 22.9.21.1, časové razítko: 0xf4734db7
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.3324, časové razítko: 0x6967c799
Kód výjimky: 0xe0434352
Posun chyby: 0x000000000002cf19
ID chybujícího procesu: 0xbf4
Čas spuštění chybující aplikace: 0x01d9cb8632c031dd
Cesta k chybující aplikaci: C:\Program Files\GIGABYTE\Control Center\GbtCloudMatrix.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 84bb4559-5e27-4abf-83fb-ef04e82e3e95
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (08/10/2023 02:29:32 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: GbtCloudMatrix.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.FileNotFoundException
na GbtCloudMatrix.Service.UploadCloudMatrixService.query_cloudmatrix_interval()
na GbtCloudMatrix.Views.UploadPage.funDoUpload()
na GbtCloudMatrix.Views.UploadPage.OnTick(System.Object, System.EventArgs)
na System.Windows.Threading.DispatcherTimer.FireTick(System.Object)
na System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
na System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
na System.Windows.Threading.DispatcherOperation.InvokeImpl()
na MS.Internal.CulturePreservingExecutionContext.CallbackWrapper(System.Object)
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
na MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
na System.Windows.Threading.DispatcherOperation.Invoke()
na System.Windows.Threading.Dispatcher.ProcessQueue()
na System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
na System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
na System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
na System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
na MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
na MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
na System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
na System.Windows.Application.RunDispatcher(System.Object)
na System.Windows.Application.RunInternal(System.Windows.Window)
na GbtCloudMatrix.App.Main()
Error: (08/10/2023 05:41:42 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.19041.3271 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 36c
Čas spuštění: 01d9cb3c8285a736
Čas ukončení: 0
Cesta k aplikaci: C:\Windows\explorer.exe
ID hlášení: 834432cd-8e1c-49fb-8a7c-b5be2812c982
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Unknown
Error: (08/10/2023 05:41:13 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.19041.3271 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 21c8
Čas spuštění: 01d9cb3c7048c076
Čas ukončení: 0
Cesta k aplikaci: C:\Windows\explorer.exe
ID hlášení: 3dc2dd61-6f79-469f-98bd-388b12ddfcba
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Unknown
Error: (08/09/2023 03:32:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wmiprvse.exe, verze: 10.0.19041.546, časové razítko: 0x5da7ab91
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0x80131623
Posun chyby: 0x00007ffd690a200f
ID chybujícího procesu: 0x1d88
Čas spuštění chybující aplikace: 0x01d9cac5f77dbb6a
Cesta k chybující aplikaci: C:\Windows\system32\wbem\wmiprvse.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 9f8d319a-8892-4fc7-936c-42236542dbe9
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (08/09/2023 03:32:39 PM) (Source: .NET Runtime) (EventID: 1025) (User: )
Description: Application: wmiprvse.exe
Framework Version: v4.0.30319
Description: The application requested process termination through System.Environment.FailFast(string message).
Message: Byla vyvolána neočekávaná výjimka od poskytovatele:
System.IO.FileLoadException:
File name: 'Microsoft.AppV.AppvClientComConsumer, Version=10.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'
at Microsoft.AppV.AppvPublishingServerWMI.AppvPublishingServer.EnumeratePublishingServers()
Stack:
at System.Environment.FailFast(System.String)
at WmiNative.WbemProvider.WmiNative.IWbemServices.CreateInstanceEnumAsync(System.String, Int32, WmiNative.IWbemContext, WmiNative.IWbemObjectSink)
Error: (08/09/2023 03:32:39 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002
Error: (08/09/2023 03:32:39 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002
System errors:
=============
Error: (08/10/2023 02:28:37 PM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.
Error: (08/10/2023 02:26:39 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba AsusUpdateCheck se po přijetí pokynu pro vypnutí neukončila správně.
Error: (08/10/2023 02:12:22 PM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.
Error: (08/10/2023 02:12:27 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (13:53:58, 10.08.2023) bylo neočekávané.
Error: (08/10/2023 10:27:17 AM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.
Error: (08/10/2023 10:26:47 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba AsusUpdateCheck se po přijetí pokynu pro vypnutí neukončila správně.
Error: (08/10/2023 05:42:29 AM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.
Error: (08/10/2023 05:42:06 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba AsusUpdateCheck se po přijetí pokynu pro vypnutí neukončila správně.
CodeIntegrity:
===============
Date: 2023-08-10 14:32:00
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 5003 02/03/2023
Motherboard: ASUSTeK COMPUTER INC. ROG STRIX B450-F GAMING
Processor: AMD Ryzen 5 5600 6-Core Processor
Percentage of memory in use: 13%
Total physical RAM: 32690.64 MB
Available physical RAM: 28329.37 MB
Total Virtual: 37810.64 MB
Available Virtual: 32036.78 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.19 GB) (Free:317.49 GB) (Model: Samsung SSD 980 500GB) NTFS
Drive d: (Seagate 2) (Fixed) (Total:1863.01 GB) (Free:1784.41 GB) (Model: ST2000DM008-2FR102) NTFS
Drive e: () (Fixed) (Total:1863.01 GB) (Free:596.07 GB) (Model: ST2000DM008-2FR102) NTFS
\\?\Volume{e2614bdc-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS
\\?\Volume{e2614bdc-0000-0000-0000-704f74000000}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: C2BA66D0)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 6A9E1E05)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: E2614BDC)
Partition 1: (Active) - (Size=50 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=531 MB) - (Type=27)
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Pc se zasekne a nejde nic delat
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pc se zasekne a nejde nic delat
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pc se zasekne a nejde nic delat
# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 08-11-2023
# Duration: 00:00:00
# OS: Windows 10 (Build 19045.3324)
# Cleaned: 0
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1420 octets] - [11/08/2023 07:55:31]
AdwCleaner[S01].txt - [1481 octets] - [11/08/2023 07:57:01]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 08-11-2023
# Duration: 00:00:00
# OS: Windows 10 (Build 19045.3324)
# Cleaned: 0
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1420 octets] - [11/08/2023 07:55:31]
AdwCleaner[S01].txt - [1481 octets] - [11/08/2023 07:57:01]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pc se zasekne a nejde nic delat
Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
Task: {0D6CA3DA-3322-4777-8CA5-352578FBACCA} - System32\Tasks\GoogleUpdateTaskMachineCore{B8E3713C-1427-4281-804E-E597862F40C2} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-08-08] (Google LLC -> Google LLC)
Task: {CA958B64-17AC-4399-BF88-F8EDD7FA94A3} - System32\Tasks\GoogleUpdateTaskMachineUA{283ECE0C-6868-4C76-9250-2525BE353521} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-08-08] (Google LLC -> Google LLC)
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{283ECE0C-6868-4C76-9250-2525BE353521}
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{B8E3713C-1427-4281-804E-E597862F40C2}
C:\DumpStack.log.tmp
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pc se zasekne a nejde nic delat
omlouvam se za delsi odmlku. tady je fixlog
Fix result of Farbar Recovery Scan Tool (x64) Version: 15-08-2023 01
Ran by danha (15-08-2023 18:52:43) Run:1
Running from C:\Users\danha\Desktop
Loaded Profiles: danha
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
Task: {0D6CA3DA-3322-4777-8CA5-352578FBACCA} - System32\Tasks\GoogleUpdateTaskMachineCore{B8E3713C-1427-4281-804E-E597862F40C2} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-08-08] (Google LLC -> Google LLC)
Task: {CA958B64-17AC-4399-BF88-F8EDD7FA94A3} - System32\Tasks\GoogleUpdateTaskMachineUA{283ECE0C-6868-4C76-9250-2525BE353521} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-08-08] (Google LLC -> Google LLC)
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{283ECE0C-6868-4C76-9250-2525BE353521}
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{B8E3713C-1427-4281-804E-E597862F40C2}
C:\DumpStack.log.tmp
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0D6CA3DA-3322-4777-8CA5-352578FBACCA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D6CA3DA-3322-4777-8CA5-352578FBACCA}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore{B8E3713C-1427-4281-804E-E597862F40C2} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{B8E3713C-1427-4281-804E-E597862F40C2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CA958B64-17AC-4399-BF88-F8EDD7FA94A3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA958B64-17AC-4399-BF88-F8EDD7FA94A3}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA{283ECE0C-6868-4C76-9250-2525BE353521} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA{283ECE0C-6868-4C76-9250-2525BE353521}" => removed successfully
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{283ECE0C-6868-4C76-9250-2525BE353521}" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{B8E3713C-1427-4281-804E-E597862F40C2}" => not found
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 34970518 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 424508926 B
Windows/system/drivers => 5225565 B
Edge => 0 B
Chrome => 523359539 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 36762 B
NetworkService => 38644 B
danha => 421291860 B
RecycleBin => 0 B
EmptyTemp: => 1.3 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 15-08-2023 18:53:39)
C:\DumpStack.log.tmp => Could not move
==== End of Fixlog 18:53:39 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 15-08-2023 01
Ran by danha (15-08-2023 18:52:43) Run:1
Running from C:\Users\danha\Desktop
Loaded Profiles: danha
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
Task: {0D6CA3DA-3322-4777-8CA5-352578FBACCA} - System32\Tasks\GoogleUpdateTaskMachineCore{B8E3713C-1427-4281-804E-E597862F40C2} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-08-08] (Google LLC -> Google LLC)
Task: {CA958B64-17AC-4399-BF88-F8EDD7FA94A3} - System32\Tasks\GoogleUpdateTaskMachineUA{283ECE0C-6868-4C76-9250-2525BE353521} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-08-08] (Google LLC -> Google LLC)
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{283ECE0C-6868-4C76-9250-2525BE353521}
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{B8E3713C-1427-4281-804E-E597862F40C2}
C:\DumpStack.log.tmp
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0D6CA3DA-3322-4777-8CA5-352578FBACCA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D6CA3DA-3322-4777-8CA5-352578FBACCA}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore{B8E3713C-1427-4281-804E-E597862F40C2} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{B8E3713C-1427-4281-804E-E597862F40C2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CA958B64-17AC-4399-BF88-F8EDD7FA94A3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA958B64-17AC-4399-BF88-F8EDD7FA94A3}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA{283ECE0C-6868-4C76-9250-2525BE353521} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA{283ECE0C-6868-4C76-9250-2525BE353521}" => removed successfully
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{283ECE0C-6868-4C76-9250-2525BE353521}" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{B8E3713C-1427-4281-804E-E597862F40C2}" => not found
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 34970518 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 424508926 B
Windows/system/drivers => 5225565 B
Edge => 0 B
Chrome => 523359539 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 36762 B
NetworkService => 38644 B
danha => 421291860 B
RecycleBin => 0 B
EmptyTemp: => 1.3 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 15-08-2023 18:53:39)
C:\DumpStack.log.tmp => Could not move
==== End of Fixlog 18:53:39 ====
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pc se zasekne a nejde nic delat
Smazáno. Změniko se něco k lepšímu?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pc se zasekne a nejde nic delat
zatim sem nemel zadny problem tak uvidime jak to bude behem par dni.
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pc se zasekne a nejde nic delat
IJ, nechám to tu otevřené, případně pište. 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?