Prosím o preventivní kontrolu. děkuji
Napsal: 18 kvě 2021 10:50
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-05-2021
Ran by david (administrator) on DAVID-NOTAS-WIN (Dell Inc. Latitude E5440) (18-05-2021 11:43:39)
Running from C:\Users\david\Desktop
Loaded Profiles: david
Platform: Windows 10 Pro Version 20H2 19042.985 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(ALPS ELECTRIC CO., LTD. -> ALPSALPINE CO., LTD.) C:\Program Files\DellTPad\hidfind.exe
(Intel Corporation -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowsstore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Users\david\AppData\Local\Mozilla Firefox\firefox.exe <11>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [779152 2019-12-12] (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8474880 2015-05-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403800 2015-05-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKU\S-1-5-21-1071685242-337247553-1059379746-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4087528 2021-05-15] (Valve -> Valve Corporation)
Startup: C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar68.lnk [2021-05-18]
ShortcutTarget: Sidebar68.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) [File not signed] [File is in use]
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {057CC232-7925-4AD4-88C7-12A0F140A31F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1BD2CAB2-8EEA-40E1-8BF4-6D3B35868103} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1D1CFD8B-76B7-4203-8DBB-471695377C94} - System32\Tasks\Mozilla\Firefox Default Browser Agent E921FE7E93B133DD => C:\Users\david\AppData\Local\Mozilla Firefox\default-browser-agent.exe [696304 2021-05-04] (Mozilla Corporation -> Mozilla Foundation)
Task: {5C4069F0-CEBB-4FFE-AD45-1CB499C32CE9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6FCFB6AB-48DC-4D5C-80EC-FAFBA62E8162} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D6C8B373-5BA4-4B0B-9ED6-8D9F993449B1} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403800 2015-05-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{47a4e8ad-b990-412c-bda9-d55c3eee706a}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Edge:
=======
Edge Profile: C:\Users\david\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-18]
FireFox:
========
FF DefaultProfile: 7exe16j0.default
FF ProfilePath: C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\7exe16j0.default [2021-05-16]
FF ProfilePath: C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\lc5qrmy2.default-release [2021-05-18]
FF DownloadDir: C:\Users\david\Desktop
FF Homepage: Mozilla\Firefox\Profiles\lc5qrmy2.default-release -> hxxps://www.seznam.cz/
FF Session Restore: Mozilla\Firefox\Profiles\lc5qrmy2.default-release -> is enabled.
FF Extension: (Google Translator for Firefox) - C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\lc5qrmy2.default-release\Extensions\translator@zoli.bod.xpi [2021-05-16]
FF Extension: (uBlock Origin) - C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\lc5qrmy2.default-release\Extensions\uBlock0@raymondhill.net.xpi [2021-05-16]
FF Extension: (Aliexpress SuperStar česky, Historie cen a koruny) - C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\lc5qrmy2.default-release\Extensions\{49756ccc-44ea-4661-bc1f-2baba64cca2f}.xpi [2021-05-16]
FF Extension: (element google překladače) - C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\lc5qrmy2.default-release\Extensions\{a0901e86-92df-4b8d-9fcd-7ad4746a6f95}.xpi [2021-05-16]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [114960 2019-12-12] (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5393288 2021-05-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2104.14-0\NisSrv.exe [2599328 2021-05-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2104.14-0\MsMpEng.exe [128376 2021-05-16] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [19440 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> OSR Open Systems Resources, Inc.)
R3 guardian2; C:\WINDOWS\System32\Drivers\oz776x64.sys [99864 2015-11-02] (BayHub Technology Inc. -> O2Micro)
R0 stdcfltn; C:\WINDOWS\System32\DRIVERS\stdcfltn.sys [30352 2016-10-07] (STMICROELECTRONICS S.R.L. -> ST Microelectronics)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-05-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421112 2021-05-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [73960 2021-05-16] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-05-18 11:43 - 2021-05-18 11:44 - 000009671 _____ C:\Users\david\Desktop\FRST.txt
2021-05-18 11:42 - 2021-05-18 11:44 - 000000000 ____D C:\FRST
2021-05-18 11:42 - 2021-05-18 11:42 - 002299392 _____ (Farbar) C:\Users\david\Desktop\FRST64.exe
2021-05-17 06:20 - 2021-05-17 06:20 - 000000000 ____D C:\Users\david\AppData\Local\PeerDistRepub
2021-05-17 06:00 - 2021-05-17 06:00 - 000000000 ____D C:\Users\david\AppData\Local\OneDrive
2021-05-16 21:59 - 2021-05-16 21:59 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-05-16 21:54 - 2021-05-16 21:09 - 000000000 ____D C:\WINDOWS\Panther
2021-05-16 21:53 - 2021-05-16 21:53 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-05-16 21:53 - 2021-05-16 21:09 - 000000000 ____D C:\Windows.old
2021-05-16 21:52 - 2021-05-16 21:52 - 000000000 ____D C:\ProgramData\ssh
2021-05-16 21:48 - 2021-05-16 21:48 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2021-05-16 21:48 - 2021-05-16 21:48 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-05-16 21:48 - 2021-05-16 21:48 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-05-16 21:48 - 2021-05-16 21:48 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-05-16 21:48 - 2021-05-16 21:48 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-05-16 21:48 - 2021-05-16 21:48 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-05-16 21:48 - 2021-05-16 21:48 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2021-05-16 21:48 - 2021-05-16 21:48 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2021-05-16 21:48 - 2021-05-16 21:48 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2021-05-16 21:48 - 2021-05-16 21:48 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-05-16 21:48 - 2021-05-16 21:48 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-05-16 21:48 - 2021-05-16 21:48 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-05-16 21:48 - 2021-05-16 21:48 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-05-16 21:48 - 2021-05-16 21:48 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-05-16 21:48 - 2021-05-16 21:48 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-05-16 21:48 - 2021-05-16 21:48 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-05-16 21:48 - 2021-05-16 21:48 - 000480256 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-05-16 21:48 - 2021-05-16 21:48 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-05-16 21:48 - 2021-05-16 21:48 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-05-16 21:48 - 2021-05-16 21:48 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-05-16 21:48 - 2021-05-16 21:48 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-05-16 21:48 - 2021-05-16 21:48 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2021-05-16 21:48 - 2021-05-16 21:48 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-05-16 21:48 - 2021-05-16 21:48 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-05-16 21:48 - 2021-05-16 21:48 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2021-05-16 21:48 - 2021-05-16 21:48 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2021-05-16 21:48 - 2021-05-16 21:48 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-05-16 21:48 - 2021-05-16 21:48 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-05-16 21:48 - 2021-05-16 21:48 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-05-16 21:48 - 2021-05-16 21:48 - 000153600 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
2021-05-16 21:48 - 2021-05-16 21:48 - 000138056 _____ C:\WINDOWS\system32\HvsiManagementApi.dll
2021-05-16 21:48 - 2021-05-16 21:48 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-05-16 21:48 - 2021-05-16 21:48 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb
2021-05-16 21:48 - 2021-05-16 21:48 - 000101704 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll
2021-05-16 21:48 - 2021-05-16 21:48 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2021-05-16 21:48 - 2021-05-16 21:48 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-05-16 21:48 - 2021-05-16 21:48 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-05-16 21:48 - 2021-05-16 21:48 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-05-16 21:48 - 2021-05-16 21:48 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-05-16 21:48 - 2021-05-16 21:48 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-05-16 21:48 - 2021-05-16 21:48 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-05-16 21:48 - 2021-05-16 21:48 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2021-05-16 21:48 - 2021-05-16 21:48 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-05-16 21:48 - 2021-05-16 21:48 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2021-05-16 21:48 - 2021-05-16 21:48 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2021-05-16 21:48 - 2021-05-16 21:48 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2021-05-16 21:47 - 2021-05-16 21:47 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 001823816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-05-16 21:47 - 2021-05-16 21:47 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-05-16 21:47 - 2021-05-16 21:47 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-16 21:47 - 2021-05-16 21:47 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-05-16 21:47 - 2021-05-16 21:47 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-05-16 21:47 - 2021-05-16 21:47 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-05-16 21:47 - 2021-05-16 21:47 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2021-05-16 21:47 - 2021-05-16 21:47 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-05-16 21:47 - 2021-05-16 21:47 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-05-16 21:47 - 2021-05-16 21:47 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-05-16 21:47 - 2021-05-16 21:47 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-16 21:47 - 2021-05-16 21:47 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-05-16 21:47 - 2021-05-16 21:47 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb
2021-05-16 21:47 - 2021-05-16 21:47 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2021-05-16 21:47 - 2021-05-16 21:47 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-05-16 21:47 - 2021-05-16 21:47 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-05-16 21:47 - 2021-05-16 21:47 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv
2021-05-16 21:47 - 2021-05-16 21:47 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv
2021-05-16 21:47 - 2021-05-16 21:47 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-05-16 21:47 - 2021-05-16 21:47 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2021-05-16 21:47 - 2021-05-16 21:47 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2021-05-16 21:47 - 2021-05-16 21:47 - 000000000 ____D C:\Users\david\AppData\Local\Steam
2021-05-16 21:47 - 2021-05-16 21:47 - 000000000 ____D C:\Users\david\AppData\Local\CEF
2021-05-16 21:41 - 2021-05-16 21:43 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-05-16 21:41 - 2021-05-16 21:41 - 000000000 ____D C:\Program Files\STMicroelectronics
2021-05-16 21:41 - 2021-05-16 21:41 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-05-16 21:40 - 2021-05-16 21:40 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-05-16 21:40 - 2021-05-16 21:40 - 000000000 ____D C:\Program Files\DellTPad
2021-05-16 21:37 - 2021-05-16 21:37 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-05-16 21:37 - 2021-05-16 21:37 - 000000000 ____D C:\WINDOWS\PixArt
2021-05-16 21:37 - 2009-07-01 09:56 - 000000885 _____ C:\WINDOWS\SysWOW64\SP7302.ini
2021-05-16 21:37 - 2008-03-24 11:09 - 000141824 _____ (PixArt Imaging Incorporation) C:\WINDOWS\SysWOW64\SP7302.ax
2021-05-16 21:37 - 2006-10-12 11:57 - 000014336 _____ (PixArt Imaging Inc.) C:\WINDOWS\SysWOW64\P7302USD.dll
2021-05-16 21:36 - 2021-05-16 21:36 - 000000000 ____D C:\Users\david\AppData\Local\Comms
2021-05-16 21:29 - 2021-05-18 11:26 - 000000000 ____D C:\Program Files (x86)\Steam
2021-05-16 21:29 - 2021-05-16 21:29 - 000001032 _____ C:\Users\Public\Desktop\Steam.lnk
2021-05-16 21:27 - 2021-05-16 21:30 - 000000000 ____D C:\Users\david\AppData\Local\Sidebar7
2021-05-16 21:23 - 2021-05-18 11:27 - 000000000 ____D C:\ProgramData\Mozilla
2021-05-16 21:23 - 2021-05-16 21:23 - 000001273 _____ C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-05-16 21:23 - 2021-05-16 21:23 - 000001265 _____ C:\Users\david\Desktop\Firefox.lnk
2021-05-16 21:23 - 2021-05-16 21:23 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-05-16 21:23 - 2021-05-16 21:23 - 000000000 ____D C:\Users\david\AppData\Roaming\Mozilla
2021-05-16 21:23 - 2021-05-16 21:23 - 000000000 ____D C:\Users\david\AppData\Local\Mozilla
2021-05-16 21:22 - 2021-05-18 11:18 - 000000000 ____D C:\Users\david\AppData\Local\Mozilla Firefox
2021-05-16 21:21 - 2021-05-17 05:59 - 000000000 ____D C:\Users\david\AppData\Local\PlaceholderTileLogoFolder
2021-05-16 21:20 - 2021-05-16 21:20 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-05-16 21:19 - 2021-05-16 23:53 - 000000000 ____D C:\Users\david\AppData\Local\Packages
2021-05-16 21:19 - 2021-05-16 21:45 - 000000000 ____D C:\Users\david\AppData\Local\ConnectedDevicesPlatform
2021-05-16 21:19 - 2021-05-16 21:36 - 000000000 ____D C:\ProgramData\Packages
2021-05-16 21:19 - 2021-05-16 21:19 - 000000020 ___SH C:\Users\david\ntuser.ini
2021-05-16 21:19 - 2021-05-16 21:19 - 000000000 ____D C:\Users\david\AppData\Roaming\Adobe
2021-05-16 21:19 - 2021-05-16 21:19 - 000000000 ____D C:\Users\david\AppData\Local\VirtualStore
2021-05-16 21:19 - 2021-05-16 21:19 - 000000000 ____D C:\Users\david\AppData\Local\Publishers
2021-05-16 21:10 - 2021-05-18 11:34 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-05-16 21:06 - 2021-05-16 21:06 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2021-05-16 21:06 - 2021-05-16 21:06 - 000000000 _SHDL C:\ProgramData\Šablony
2021-05-16 21:06 - 2021-05-16 21:06 - 000000000 _SHDL C:\ProgramData\Plocha
2021-05-16 21:06 - 2021-05-16 21:06 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2021-05-16 21:06 - 2021-05-16 21:06 - 000000000 _SHDL C:\ProgramData\Dokumenty
2021-05-16 21:06 - 2021-05-16 21:06 - 000000000 _SHDL C:\ProgramData\Data aplikací
2021-05-16 21:01 - 2021-05-18 08:29 - 000000000 ____D C:\Users\david
2021-05-16 21:01 - 2021-05-16 21:01 - 000000000 _SHDL C:\Users\david\Šablony
2021-05-16 21:01 - 2021-05-16 21:01 - 000000000 _SHDL C:\Users\david\Soubory cookie
2021-05-16 21:01 - 2021-05-16 21:01 - 000000000 _SHDL C:\Users\david\Poslední
2021-05-16 21:01 - 2021-05-16 21:01 - 000000000 _SHDL C:\Users\david\Okolní tiskárny
2021-05-16 21:01 - 2021-05-16 21:01 - 000000000 _SHDL C:\Users\david\Okolní síť
2021-05-16 21:01 - 2021-05-16 21:01 - 000000000 _SHDL C:\Users\david\Nabídka Start
2021-05-16 21:01 - 2021-05-16 21:01 - 000000000 _SHDL C:\Users\david\Dokumenty
2021-05-16 21:01 - 2021-05-16 21:01 - 000000000 _SHDL C:\Users\david\Documents\Obrázky
2021-05-16 21:01 - 2021-05-16 21:01 - 000000000 _SHDL C:\Users\david\Documents\Hudba
2021-05-16 21:01 - 2021-05-16 21:01 - 000000000 _SHDL C:\Users\david\Documents\Filmy
2021-05-16 21:01 - 2021-05-16 21:01 - 000000000 _SHDL C:\Users\david\Data aplikací
2021-05-16 21:01 - 2021-05-16 21:01 - 000000000 _SHDL C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2021-05-16 21:01 - 2021-05-16 21:01 - 000000000 _SHDL C:\Users\david\AppData\Local\Data aplikací
2021-05-16 20:59 - 2021-05-18 11:26 - 000000000 ____D C:\ProgramData\NVIDIA
2021-05-16 20:59 - 2021-05-16 20:59 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-05-16 20:59 - 2021-05-16 20:59 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-05-16 20:59 - 2021-05-16 20:59 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-05-16 20:59 - 2018-02-28 00:41 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2021-05-16 20:59 - 2018-02-28 00:03 - 005966408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2021-05-16 20:59 - 2018-02-28 00:03 - 002589312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2021-05-16 20:59 - 2018-02-28 00:03 - 001767360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2021-05-16 20:59 - 2018-02-28 00:03 - 000608840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2021-05-16 20:59 - 2018-02-28 00:03 - 000449368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2021-05-16 20:59 - 2018-02-28 00:03 - 000124032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2021-05-16 20:59 - 2018-02-28 00:03 - 000082880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2021-05-16 20:59 - 2018-02-16 20:17 - 008083703 _____ C:\WINDOWS\system32\nvcoproc.bin
2021-05-16 20:58 - 2021-05-16 20:58 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ST_Accel_01011.Wdf
2021-05-16 20:58 - 2021-05-16 20:58 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Apfiltr_01009.Wdf
2021-05-16 20:58 - 2021-05-16 20:58 - 000000000 ____D C:\Program Files\DIFX
2021-05-16 20:58 - 2016-10-07 06:37 - 000030352 _____ (ST Microelectronics) C:\WINDOWS\system32\Drivers\stdcfltn.sys
2021-05-16 20:57 - 2021-05-18 11:26 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-05-16 20:57 - 2021-05-16 20:57 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2021-05-16 20:57 - 2021-05-16 20:57 - 000000000 ____D C:\Program Files\Intel
2021-05-16 20:57 - 2021-05-16 20:57 - 000000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2021-05-16 20:57 - 2018-12-21 02:23 - 000100056 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2021-05-16 20:56 - 2021-05-18 11:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-05-16 20:56 - 2021-05-18 10:58 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-05-16 20:56 - 2021-05-17 00:18 - 000258096 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-05-16 20:56 - 2021-05-16 21:40 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-05-16 20:56 - 2021-05-16 21:10 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-05-16 20:56 - 2021-05-16 21:10 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-05-16 20:56 - 2021-05-16 20:56 - 000561160 _____ C:\WINDOWS\system32\Drivers\rtwavesskdy.dat
2021-05-16 20:56 - 2021-05-16 20:56 - 000134304 _____ C:\WINDOWS\system32\Drivers\rtwavesvp.dat
2021-05-16 20:56 - 2021-05-16 20:56 - 000031095 _____ C:\WINDOWS\system32\Drivers\rtwavesEFX.dat
2021-05-16 20:56 - 2021-05-16 20:56 - 000020823 _____ C:\WINDOWS\system32\Drivers\rtwavesvpcap.dat
2021-05-16 20:56 - 2021-05-16 20:56 - 000010945 _____ C:\WINDOWS\system32\Drivers\rtwavesMFX.dat
2021-05-16 20:56 - 2021-05-16 20:56 - 000003218 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_PushButton
2021-05-16 20:56 - 2021-05-16 20:56 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2021-05-16 20:56 - 2021-05-16 20:56 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2021-05-16 20:56 - 2021-05-16 20:56 - 000000000 ____D C:\Program Files\Realtek
2021-05-16 20:56 - 2021-05-16 20:56 - 000000000 ____D C:\Program Files (x86)\Realtek
2021-05-16 20:09 - 2021-05-16 20:13 - 000000000 _____ C:\Recovery.txt
2021-05-11 18:15 - 2021-05-11 18:22 - 000921636 _____ C:\PA7302.DAT
2021-05-11 18:13 - 2021-05-16 21:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iLook 300
2021-05-07 09:02 - 2021-05-07 09:02 - 005184529 _____ C:\Users\david\Desktop\dv6-engine-1-6-16v-hdi-serwisowka-silnika.pdf
2021-05-02 23:26 - 2021-05-16 21:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2021-05-02 22:53 - 2015-05-27 15:34 - 013098384 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO3064.dll
2021-05-02 22:53 - 2015-05-27 15:34 - 002880872 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkAPO64.dll
2021-05-02 22:53 - 2015-05-27 15:34 - 002020528 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\MBAPO264.dll
2021-05-02 22:53 - 2015-05-27 15:34 - 001749832 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\MBAPO232.dll
2021-05-02 22:53 - 2015-05-27 15:34 - 001523096 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO5064.dll
2021-05-02 22:53 - 2015-05-27 15:34 - 001381616 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO6064.dll
2021-05-02 22:53 - 2015-05-27 15:34 - 001318432 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2021-05-02 22:53 - 2015-05-27 15:34 - 001158488 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll
2021-05-02 22:53 - 2015-05-27 15:34 - 000997856 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO2064.dll
2021-05-02 22:53 - 2015-05-27 15:34 - 000914024 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\MBAPO64.dll
2021-05-02 22:53 - 2015-05-27 15:34 - 000768824 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\MBAPO32.dll
2021-05-02 22:53 - 2015-05-27 15:34 - 000678192 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2021-05-02 22:53 - 2015-05-27 15:34 - 000642928 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\MBTHX64.dll
2021-05-02 22:53 - 2015-05-27 15:34 - 000577840 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\MBTHX32.dll
2021-05-02 22:53 - 2015-05-27 15:34 - 000410040 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\MBWrp64.dll
2021-05-02 22:53 - 2015-05-27 15:34 - 000343712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2021-05-02 22:53 - 2015-05-27 15:34 - 000321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2021-05-02 22:53 - 2015-05-27 15:34 - 000321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2021-05-02 22:53 - 2015-05-27 15:34 - 000179176 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2021-05-02 22:53 - 2015-05-27 15:34 - 000074608 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\MBppld64.dll
2021-05-02 22:53 - 2015-05-27 15:34 - 000069928 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\MBPPCn64.dll
2021-05-02 22:53 - 2015-05-27 15:33 - 072121872 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2021-05-02 22:53 - 2015-05-27 15:33 - 003700360 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioMeters64.exe
2021-05-02 22:53 - 2015-05-27 15:33 - 003227544 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2021-05-02 22:53 - 2015-05-27 15:33 - 002869504 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2021-05-02 22:53 - 2015-05-27 15:33 - 002540800 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTDVHD64.sys
2021-05-02 22:53 - 2015-05-27 15:33 - 001745152 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2021-05-02 22:53 - 2015-05-27 15:33 - 001570560 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTDSnM64.cpl
2021-05-02 22:53 - 2015-05-27 15:33 - 000171264 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTHDASIO64.dll
2021-05-02 22:53 - 2015-05-27 15:33 - 000147712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RTHDASIO.dll
2021-05-02 22:53 - 2015-05-27 15:33 - 000023704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2021-05-02 22:53 - 2015-05-27 15:04 - 000002236 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2021-05-02 18:23 - 2021-05-16 21:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\8GadgetPack
2021-05-02 14:11 - 2021-05-16 21:06 - 000000000 ____D C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2021-05-02 14:03 - 2018-05-07 01:21 - 036359712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2021-05-02 14:03 - 2018-05-07 01:21 - 029389296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2021-05-02 14:03 - 2018-05-07 01:21 - 001630216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvir3dgenco64.dll
2021-05-02 14:03 - 2018-05-07 01:21 - 000989680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-05-02 14:03 - 2018-05-07 01:21 - 000941040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-05-02 14:03 - 2018-05-07 01:21 - 000504328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvstusb.sys
2021-05-02 14:03 - 2018-05-07 01:20 - 040247200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2021-05-02 14:03 - 2018-05-07 01:20 - 035167264 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2021-05-02 14:03 - 2018-05-07 01:20 - 004210672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-05-02 14:03 - 2018-05-07 01:20 - 003624024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-05-02 14:03 - 2018-05-07 01:20 - 001998936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438908.dll
2021-05-02 14:03 - 2018-05-07 01:20 - 001682416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438908.dll
2021-05-02 14:03 - 2018-05-07 01:20 - 001108976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-05-02 14:03 - 2018-05-07 01:20 - 001041952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-05-02 14:03 - 2018-05-07 01:18 - 023482944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2021-05-02 14:03 - 2018-05-07 01:18 - 019218440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2021-05-02 14:03 - 2018-05-07 01:18 - 013378296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2021-05-02 14:03 - 2018-05-07 01:18 - 010986416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2021-05-02 14:03 - 2018-05-07 01:18 - 001154072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2021-05-02 14:03 - 2018-05-07 01:18 - 000902096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2021-05-02 14:03 - 2018-05-07 01:17 - 014001328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-05-02 14:03 - 2018-05-07 01:17 - 011896592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-05-02 14:03 - 2018-05-07 01:17 - 004533480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-05-02 14:03 - 2018-05-07 01:17 - 003860336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-05-02 14:03 - 2018-05-06 21:50 - 000048568 _____ C:\WINDOWS\system32\nvinfo.pb
2021-05-02 14:03 - 2018-05-06 21:50 - 000000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2021-05-02 14:03 - 2018-05-06 21:50 - 000000669 _____ C:\WINDOWS\system32\nv-vk64.json
2021-05-02 14:01 - 2021-05-18 11:26 - 000000000 __SHD C:\Users\david\IntelGraphicsProfiles
2021-05-02 14:01 - 2021-05-16 20:59 - 000000000 ____D C:\Intel
2021-05-02 13:52 - 2021-05-18 11:26 - 000000000 ____D C:\Users\david\AppData\LocalLow\Mozilla
2021-05-02 13:46 - 2021-05-02 13:46 - 000000000 ___HD C:\$WinREAgent
2021-05-02 13:44 - 2021-05-02 13:44 - 000000000 ___HD C:\OneDriveTemp
2021-05-02 13:43 - 2021-05-18 10:18 - 000000000 ___RD C:\Users\david\OneDrive
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-05-18 11:34 - 2019-12-07 16:43 - 000683426 _____ C:\WINDOWS\system32\perfh005.dat
2021-05-18 11:34 - 2019-12-07 16:43 - 000137206 _____ C:\WINDOWS\system32\perfc005.dat
2021-05-18 11:34 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-05-18 11:28 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-05-18 11:26 - 2020-11-19 01:56 - 000008192 ___SH C:\DumpStack.log.tmp
2021-05-18 11:24 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-05-18 04:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-05-18 00:24 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-05-17 06:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-05-17 06:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-05-17 06:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2021-05-17 00:17 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-05-17 00:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-05-17 00:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-05-16 23:52 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-05-16 22:00 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-05-16 21:54 - 2019-12-07 11:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-05-16 21:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-05-16 21:52 - 2019-12-07 16:47 - 000000000 ___SD C:\WINDOWS\system32\AppV
2021-05-16 21:52 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-05-16 21:52 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-05-16 21:52 - 2019-12-07 16:44 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\IME
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-05-16 21:51 - 2019-12-07 16:47 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-05-16 21:51 - 2019-12-07 16:47 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-05-16 21:40 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-05-16 21:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-05-16 21:35 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-05-16 21:26 - 2019-12-07 11:14 - 000000000 ___SD C:\Program Files\Windows Sidebar
2021-05-16 21:26 - 2019-12-07 11:14 - 000000000 ___SD C:\Program Files (x86)\Windows Sidebar
2021-05-16 21:19 - 2020-11-19 02:05 - 000000000 ___RD C:\Users\david\3D Objects
2021-05-16 21:19 - 2020-11-19 01:50 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-05-16 21:19 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-05-16 21:17 - 2020-11-19 01:48 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-05-16 21:09 - 2019-12-07 16:45 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2021-05-16 21:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\spool
2021-05-16 21:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-05-16 21:09 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\USOPrivate
2021-05-16 21:06 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows NT
2021-05-16 20:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Help
2021-05-16 20:56 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-05-2021
Ran by david (18-05-2021 11:47:24)
Running from C:\Users\david\Desktop
Windows 10 Pro Version 20H2 19042.985 (X64) (2021-05-16 19:09:21)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1071685242-337247553-1059379746-500 - Administrator - Disabled)
david (S-1-5-21-1071685242-337247553-1059379746-1001 - Administrator - Enabled) => C:\Users\david
DefaultAccount (S-1-5-21-1071685242-337247553-1059379746-503 - Limited - Disabled)
Guest (S-1-5-21-1071685242-337247553-1059379746-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1071685242-337247553-1059379746-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
8GadgetPack (HKLM-x32\...\{2C6DC07C-5D68-4E32-B6C6-EF5F24DA9FDF}) (Version: 33.0.0 - 8GadgetPack.net)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.3201.101.215 - ALPSALPINE CO., LTD.)
iLook 300 (HKLM-x32\...\{7EF900F4-61A8-4D95-8A65-488D3BECA206}) (Version: 1.0.0.28 - )
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.62 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Mozilla Firefox 88.0.1 (x64 cs) (HKU\S-1-5-21-1071685242-337247553-1059379746-1001\...\Mozilla Firefox 88.0.1 (x64 cs)) (Version: 88.0.1 - Mozilla)
Realtek Audio COM Components (HKLM-x32\...\{2355B503-9B11-4449-861D-1C1748B26320}) (Version: 1.0.2 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6070 - Realtek Semiconductor Corp.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Packages:
=========
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5060.0_x64__8wekyb3d8bbwe [2021-05-16] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0 [2021-05-16] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1071685242-337247553-1059379746-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\david\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler) [File not signed]
CustomCLSID: HKU\S-1-5-21-1071685242-337247553-1059379746-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\david\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2018-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-02-28] (NVIDIA Corporation -> NVIDIA Corporation)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2021-05-16 21:26 - 2020-06-23 09:54 - 000660480 _____ (Helmut Buhler) [File not signed] C:\Program Files\Windows Sidebar\dwmapi.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1071685242-337247553-1059379746-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\david\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\africanwildlife1.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{EAC83B74-ECB8-46E6-AF8F-AD9A1D4E0923}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1AFAB0E0-D827-44C7-A4D2-5379401C1C7B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8EBB2343-5F16-459D-AF71-E8A6E6CD98EB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D9D90D79-969F-425A-8929-4872E5DAD7D8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7C12EDC2-D57A-4C37-BDFA-383935CC5C36}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{830E4089-A766-497F-AE93-E4598C5C79DE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{67B2770F-D8BC-4B4C-B8CB-29F67783F60C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{83AE709C-3F2B-4082-A562-9A60F74AAC0E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CC8275C3-803C-4A4E-A0A9-8517A1BA5EA7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{35EB2EF7-A93C-452A-9C86-E43EADEFDFD1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{937E19CA-4DF9-490E-92FB-CB09B04475D1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C8487AC0-4483-495A-AEB8-253D03ACA484}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8177AD13-82E0-4B37-8147-17B2D43071D3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C5A73109-9037-4E45-9A41-4D488E215D47}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{513607BC-4A7E-498A-B64A-E56AD394872D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B295D4E1-DD84-4587-838C-596F5B9F0E5B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
==================== Restore Points =========================
18-05-2021 00:23:55 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (05/16/2021 09:50:59 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (05/16/2021 09:50:59 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (05/16/2021 09:50:59 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (05/16/2021 09:00:58 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu Windows Defender na SECURITY_PRODUCT_STATE_ON došlo k chybě.
Error: (05/16/2021 08:56:30 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Služba Šifrování neinicializovala databázi katalogu. Chyba součásti ESENT: -1409.
System errors:
=============
Error: (05/18/2021 10:14:55 AM) (Source: DCOM) (EventID: 10010) (User: DAVID-NOTAS-WIN)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.
Error: (05/18/2021 08:00:49 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (05/18/2021 08:00:49 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).
Error: (05/18/2021 03:56:36 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (0:45:10, 18.05.2021) bylo neočekávané.
Error: (05/17/2021 10:29:13 AM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: )
Description: Firmware platformy při předchozím přechodu systémového napájení poškodil paměť. Zkontrolujte dostupnost aktualizovaného firmwaru pro váš systém.
Error: (05/16/2021 09:47:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (05/16/2021 09:47:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).
Error: (05/16/2021 09:43:15 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x8024001e): Nástroj k odstranění škodlivého softwaru v systému Windows, verze pro procesory x64 – v5.89 (KB890830).
Windows Defender:
================
Date: 2021-05-18 11:40:31
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\david\Desktop\FRST64.exe.part
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DAVID-NOTAS-WIN\david
Název procesu: C:\Users\david\AppData\Local\Mozilla Firefox\firefox.exe
Verze bezpečnostních informací: AV: 1.339.953.0, AS: 1.339.953.0, NIS: 1.339.953.0
Verze modulu: AM: 1.1.18100.6, NIS: 1.1.18100.6
Date: 2021-05-18 11:40:18
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\david\Desktop\FRST64.exe.part
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DAVID-NOTAS-WIN\david
Název procesu: C:\Users\david\AppData\Local\Mozilla Firefox\firefox.exe
Verze bezpečnostních informací: AV: 1.339.953.0, AS: 1.339.953.0, NIS: 1.339.953.0
Verze modulu: AM: 1.1.18100.6, NIS: 1.1.18100.6
Date: 2021-05-18 11:40:00
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\david\Desktop\FRST64.exe.part
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DAVID-NOTAS-WIN\david
Název procesu: C:\Users\david\AppData\Local\Mozilla Firefox\firefox.exe
Verze bezpečnostních informací: AV: 1.339.953.0, AS: 1.339.953.0, NIS: 1.339.953.0
Verze modulu: AM: 1.1.18100.6, NIS: 1.1.18100.6
Date: 2021-05-18 11:35:57
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\david\Desktop\FRST64.exe.part
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DAVID-NOTAS-WIN\david
Název procesu: C:\Users\david\AppData\Local\Mozilla Firefox\firefox.exe
Verze bezpečnostních informací: AV: 1.339.945.0, AS: 1.339.945.0, NIS: 1.339.945.0
Verze modulu: AM: 1.1.18100.6, NIS: 1.1.18100.6
Date: 2021-05-18 11:31:19
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\david\Desktop\FRST64.exe.part
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DAVID-NOTAS-WIN\david
Název procesu: C:\Users\david\AppData\Local\Mozilla Firefox\firefox.exe
Verze bezpečnostních informací: AV: 1.339.945.0, AS: 1.339.945.0, NIS: 1.339.945.0
Verze modulu: AM: 1.1.18100.6, NIS: 1.1.18100.6
Date: 2021-05-18 11:40:31
Description:
Antivirová ochrana v programu Microsoft Defender narazil na kritickou chybu při provádění akce s malwarem nebo jiným potenciálně nežádoucím softwarem.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\david\Desktop\FRST64.exe.part
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DAVID-NOTAS-WIN\david
Název procesu: C:\Users\david\AppData\Local\Mozilla Firefox\firefox.exe
Akce: Neznámý
Stav akce: No additional actions required
Kód chyby: 0x80508032
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Verze bezpečnostních informací: AV: 1.339.953.0, AS: 1.339.953.0, NIS: 1.339.953.0
Verze modulu: AM: 1.1.18100.6, NIS: 1.1.18100.6
==================== Memory info ===========================
BIOS: Dell Inc. A24 06/13/2019
Motherboard: Dell Inc. 0XPJ8D
Processor: Intel(R) Core(TM) i5-4300U CPU @ 1.90GHz
Percentage of memory in use: 55%
Total physical RAM: 8097.32 MB
Available physical RAM: 3624.27 MB
Total Virtual: 10017.32 MB
Available Virtual: 5004.56 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:237.87 GB) (Free:201.13 GB) NTFS
Drive e: () (Removable) (Total:7.39 GB) (Free:7.39 GB) FAT32
\\?\Volume{2d6837da-9f69-4f65-bae9-f8483a735538}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS
\\?\Volume{536d0047-5b2e-4bf5-be64-6374688b233b}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 608DBCCB)
Partition: GPT.
==========================================================
Disk: 1 (Size: 7.4 GB) (Disk ID: AE55EA84)
Partition 1: (Active) - (Size=7.4 GB) - (Type=0C)
==================== End of Addition.txt =======================
Ran by david (administrator) on DAVID-NOTAS-WIN (Dell Inc. Latitude E5440) (18-05-2021 11:43:39)
Running from C:\Users\david\Desktop
Loaded Profiles: david
Platform: Windows 10 Pro Version 20H2 19042.985 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(ALPS ELECTRIC CO., LTD. -> ALPSALPINE CO., LTD.) C:\Program Files\DellTPad\hidfind.exe
(Intel Corporation -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowsstore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Users\david\AppData\Local\Mozilla Firefox\firefox.exe <11>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [779152 2019-12-12] (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8474880 2015-05-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403800 2015-05-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKU\S-1-5-21-1071685242-337247553-1059379746-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4087528 2021-05-15] (Valve -> Valve Corporation)
Startup: C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar68.lnk [2021-05-18]
ShortcutTarget: Sidebar68.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) [File not signed] [File is in use]
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {057CC232-7925-4AD4-88C7-12A0F140A31F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1BD2CAB2-8EEA-40E1-8BF4-6D3B35868103} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1D1CFD8B-76B7-4203-8DBB-471695377C94} - System32\Tasks\Mozilla\Firefox Default Browser Agent E921FE7E93B133DD => C:\Users\david\AppData\Local\Mozilla Firefox\default-browser-agent.exe [696304 2021-05-04] (Mozilla Corporation -> Mozilla Foundation)
Task: {5C4069F0-CEBB-4FFE-AD45-1CB499C32CE9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6FCFB6AB-48DC-4D5C-80EC-FAFBA62E8162} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D6C8B373-5BA4-4B0B-9ED6-8D9F993449B1} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403800 2015-05-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{47a4e8ad-b990-412c-bda9-d55c3eee706a}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Edge:
=======
Edge Profile: C:\Users\david\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-18]
FireFox:
========
FF DefaultProfile: 7exe16j0.default
FF ProfilePath: C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\7exe16j0.default [2021-05-16]
FF ProfilePath: C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\lc5qrmy2.default-release [2021-05-18]
FF DownloadDir: C:\Users\david\Desktop
FF Homepage: Mozilla\Firefox\Profiles\lc5qrmy2.default-release -> hxxps://www.seznam.cz/
FF Session Restore: Mozilla\Firefox\Profiles\lc5qrmy2.default-release -> is enabled.
FF Extension: (Google Translator for Firefox) - C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\lc5qrmy2.default-release\Extensions\translator@zoli.bod.xpi [2021-05-16]
FF Extension: (uBlock Origin) - C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\lc5qrmy2.default-release\Extensions\uBlock0@raymondhill.net.xpi [2021-05-16]
FF Extension: (Aliexpress SuperStar česky, Historie cen a koruny) - C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\lc5qrmy2.default-release\Extensions\{49756ccc-44ea-4661-bc1f-2baba64cca2f}.xpi [2021-05-16]
FF Extension: (element google překladače) - C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\lc5qrmy2.default-release\Extensions\{a0901e86-92df-4b8d-9fcd-7ad4746a6f95}.xpi [2021-05-16]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [114960 2019-12-12] (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5393288 2021-05-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2104.14-0\NisSrv.exe [2599328 2021-05-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2104.14-0\MsMpEng.exe [128376 2021-05-16] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [19440 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> OSR Open Systems Resources, Inc.)
R3 guardian2; C:\WINDOWS\System32\Drivers\oz776x64.sys [99864 2015-11-02] (BayHub Technology Inc. -> O2Micro)
R0 stdcfltn; C:\WINDOWS\System32\DRIVERS\stdcfltn.sys [30352 2016-10-07] (STMICROELECTRONICS S.R.L. -> ST Microelectronics)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-05-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421112 2021-05-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [73960 2021-05-16] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-05-18 11:43 - 2021-05-18 11:44 - 000009671 _____ C:\Users\david\Desktop\FRST.txt
2021-05-18 11:42 - 2021-05-18 11:44 - 000000000 ____D C:\FRST
2021-05-18 11:42 - 2021-05-18 11:42 - 002299392 _____ (Farbar) C:\Users\david\Desktop\FRST64.exe
2021-05-17 06:20 - 2021-05-17 06:20 - 000000000 ____D C:\Users\david\AppData\Local\PeerDistRepub
2021-05-17 06:00 - 2021-05-17 06:00 - 000000000 ____D C:\Users\david\AppData\Local\OneDrive
2021-05-16 21:59 - 2021-05-16 21:59 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-05-16 21:54 - 2021-05-16 21:09 - 000000000 ____D C:\WINDOWS\Panther
2021-05-16 21:53 - 2021-05-16 21:53 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-05-16 21:53 - 2021-05-16 21:09 - 000000000 ____D C:\Windows.old
2021-05-16 21:52 - 2021-05-16 21:52 - 000000000 ____D C:\ProgramData\ssh
2021-05-16 21:48 - 2021-05-16 21:48 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2021-05-16 21:48 - 2021-05-16 21:48 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-05-16 21:48 - 2021-05-16 21:48 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-05-16 21:48 - 2021-05-16 21:48 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-05-16 21:48 - 2021-05-16 21:48 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-05-16 21:48 - 2021-05-16 21:48 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-05-16 21:48 - 2021-05-16 21:48 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2021-05-16 21:48 - 2021-05-16 21:48 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2021-05-16 21:48 - 2021-05-16 21:48 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2021-05-16 21:48 - 2021-05-16 21:48 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-05-16 21:48 - 2021-05-16 21:48 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-05-16 21:48 - 2021-05-16 21:48 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-05-16 21:48 - 2021-05-16 21:48 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-05-16 21:48 - 2021-05-16 21:48 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-05-16 21:48 - 2021-05-16 21:48 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-05-16 21:48 - 2021-05-16 21:48 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-05-16 21:48 - 2021-05-16 21:48 - 000480256 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-05-16 21:48 - 2021-05-16 21:48 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-05-16 21:48 - 2021-05-16 21:48 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-05-16 21:48 - 2021-05-16 21:48 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-05-16 21:48 - 2021-05-16 21:48 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-05-16 21:48 - 2021-05-16 21:48 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2021-05-16 21:48 - 2021-05-16 21:48 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-05-16 21:48 - 2021-05-16 21:48 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-05-16 21:48 - 2021-05-16 21:48 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2021-05-16 21:48 - 2021-05-16 21:48 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2021-05-16 21:48 - 2021-05-16 21:48 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-05-16 21:48 - 2021-05-16 21:48 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-05-16 21:48 - 2021-05-16 21:48 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-05-16 21:48 - 2021-05-16 21:48 - 000153600 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
2021-05-16 21:48 - 2021-05-16 21:48 - 000138056 _____ C:\WINDOWS\system32\HvsiManagementApi.dll
2021-05-16 21:48 - 2021-05-16 21:48 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-05-16 21:48 - 2021-05-16 21:48 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb
2021-05-16 21:48 - 2021-05-16 21:48 - 000101704 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll
2021-05-16 21:48 - 2021-05-16 21:48 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2021-05-16 21:48 - 2021-05-16 21:48 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-05-16 21:48 - 2021-05-16 21:48 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-05-16 21:48 - 2021-05-16 21:48 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-05-16 21:48 - 2021-05-16 21:48 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-05-16 21:48 - 2021-05-16 21:48 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-05-16 21:48 - 2021-05-16 21:48 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-05-16 21:48 - 2021-05-16 21:48 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2021-05-16 21:48 - 2021-05-16 21:48 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-05-16 21:48 - 2021-05-16 21:48 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2021-05-16 21:48 - 2021-05-16 21:48 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2021-05-16 21:48 - 2021-05-16 21:48 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2021-05-16 21:47 - 2021-05-16 21:47 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 001823816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-05-16 21:47 - 2021-05-16 21:47 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-05-16 21:47 - 2021-05-16 21:47 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-16 21:47 - 2021-05-16 21:47 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-05-16 21:47 - 2021-05-16 21:47 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-05-16 21:47 - 2021-05-16 21:47 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-05-16 21:47 - 2021-05-16 21:47 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2021-05-16 21:47 - 2021-05-16 21:47 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-05-16 21:47 - 2021-05-16 21:47 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-05-16 21:47 - 2021-05-16 21:47 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-05-16 21:47 - 2021-05-16 21:47 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-16 21:47 - 2021-05-16 21:47 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-05-16 21:47 - 2021-05-16 21:47 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb
2021-05-16 21:47 - 2021-05-16 21:47 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2021-05-16 21:47 - 2021-05-16 21:47 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-05-16 21:47 - 2021-05-16 21:47 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-05-16 21:47 - 2021-05-16 21:47 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv
2021-05-16 21:47 - 2021-05-16 21:47 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2021-05-16 21:47 - 2021-05-16 21:47 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv
2021-05-16 21:47 - 2021-05-16 21:47 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-05-16 21:47 - 2021-05-16 21:47 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2021-05-16 21:47 - 2021-05-16 21:47 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2021-05-16 21:47 - 2021-05-16 21:47 - 000000000 ____D C:\Users\david\AppData\Local\Steam
2021-05-16 21:47 - 2021-05-16 21:47 - 000000000 ____D C:\Users\david\AppData\Local\CEF
2021-05-16 21:41 - 2021-05-16 21:43 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-05-16 21:41 - 2021-05-16 21:41 - 000000000 ____D C:\Program Files\STMicroelectronics
2021-05-16 21:41 - 2021-05-16 21:41 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-05-16 21:40 - 2021-05-16 21:40 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-05-16 21:40 - 2021-05-16 21:40 - 000000000 ____D C:\Program Files\DellTPad
2021-05-16 21:37 - 2021-05-16 21:37 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-05-16 21:37 - 2021-05-16 21:37 - 000000000 ____D C:\WINDOWS\PixArt
2021-05-16 21:37 - 2009-07-01 09:56 - 000000885 _____ C:\WINDOWS\SysWOW64\SP7302.ini
2021-05-16 21:37 - 2008-03-24 11:09 - 000141824 _____ (PixArt Imaging Incorporation) C:\WINDOWS\SysWOW64\SP7302.ax
2021-05-16 21:37 - 2006-10-12 11:57 - 000014336 _____ (PixArt Imaging Inc.) C:\WINDOWS\SysWOW64\P7302USD.dll
2021-05-16 21:36 - 2021-05-16 21:36 - 000000000 ____D C:\Users\david\AppData\Local\Comms
2021-05-16 21:29 - 2021-05-18 11:26 - 000000000 ____D C:\Program Files (x86)\Steam
2021-05-16 21:29 - 2021-05-16 21:29 - 000001032 _____ C:\Users\Public\Desktop\Steam.lnk
2021-05-16 21:27 - 2021-05-16 21:30 - 000000000 ____D C:\Users\david\AppData\Local\Sidebar7
2021-05-16 21:23 - 2021-05-18 11:27 - 000000000 ____D C:\ProgramData\Mozilla
2021-05-16 21:23 - 2021-05-16 21:23 - 000001273 _____ C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-05-16 21:23 - 2021-05-16 21:23 - 000001265 _____ C:\Users\david\Desktop\Firefox.lnk
2021-05-16 21:23 - 2021-05-16 21:23 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-05-16 21:23 - 2021-05-16 21:23 - 000000000 ____D C:\Users\david\AppData\Roaming\Mozilla
2021-05-16 21:23 - 2021-05-16 21:23 - 000000000 ____D C:\Users\david\AppData\Local\Mozilla
2021-05-16 21:22 - 2021-05-18 11:18 - 000000000 ____D C:\Users\david\AppData\Local\Mozilla Firefox
2021-05-16 21:21 - 2021-05-17 05:59 - 000000000 ____D C:\Users\david\AppData\Local\PlaceholderTileLogoFolder
2021-05-16 21:20 - 2021-05-16 21:20 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-05-16 21:19 - 2021-05-16 23:53 - 000000000 ____D C:\Users\david\AppData\Local\Packages
2021-05-16 21:19 - 2021-05-16 21:45 - 000000000 ____D C:\Users\david\AppData\Local\ConnectedDevicesPlatform
2021-05-16 21:19 - 2021-05-16 21:36 - 000000000 ____D C:\ProgramData\Packages
2021-05-16 21:19 - 2021-05-16 21:19 - 000000020 ___SH C:\Users\david\ntuser.ini
2021-05-16 21:19 - 2021-05-16 21:19 - 000000000 ____D C:\Users\david\AppData\Roaming\Adobe
2021-05-16 21:19 - 2021-05-16 21:19 - 000000000 ____D C:\Users\david\AppData\Local\VirtualStore
2021-05-16 21:19 - 2021-05-16 21:19 - 000000000 ____D C:\Users\david\AppData\Local\Publishers
2021-05-16 21:10 - 2021-05-18 11:34 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-05-16 21:06 - 2021-05-16 21:06 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2021-05-16 21:06 - 2021-05-16 21:06 - 000000000 _SHDL C:\ProgramData\Šablony
2021-05-16 21:06 - 2021-05-16 21:06 - 000000000 _SHDL C:\ProgramData\Plocha
2021-05-16 21:06 - 2021-05-16 21:06 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2021-05-16 21:06 - 2021-05-16 21:06 - 000000000 _SHDL C:\ProgramData\Dokumenty
2021-05-16 21:06 - 2021-05-16 21:06 - 000000000 _SHDL C:\ProgramData\Data aplikací
2021-05-16 21:01 - 2021-05-18 08:29 - 000000000 ____D C:\Users\david
2021-05-16 21:01 - 2021-05-16 21:01 - 000000000 _SHDL C:\Users\david\Šablony
2021-05-16 21:01 - 2021-05-16 21:01 - 000000000 _SHDL C:\Users\david\Soubory cookie
2021-05-16 21:01 - 2021-05-16 21:01 - 000000000 _SHDL C:\Users\david\Poslední
2021-05-16 21:01 - 2021-05-16 21:01 - 000000000 _SHDL C:\Users\david\Okolní tiskárny
2021-05-16 21:01 - 2021-05-16 21:01 - 000000000 _SHDL C:\Users\david\Okolní síť
2021-05-16 21:01 - 2021-05-16 21:01 - 000000000 _SHDL C:\Users\david\Nabídka Start
2021-05-16 21:01 - 2021-05-16 21:01 - 000000000 _SHDL C:\Users\david\Dokumenty
2021-05-16 21:01 - 2021-05-16 21:01 - 000000000 _SHDL C:\Users\david\Documents\Obrázky
2021-05-16 21:01 - 2021-05-16 21:01 - 000000000 _SHDL C:\Users\david\Documents\Hudba
2021-05-16 21:01 - 2021-05-16 21:01 - 000000000 _SHDL C:\Users\david\Documents\Filmy
2021-05-16 21:01 - 2021-05-16 21:01 - 000000000 _SHDL C:\Users\david\Data aplikací
2021-05-16 21:01 - 2021-05-16 21:01 - 000000000 _SHDL C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2021-05-16 21:01 - 2021-05-16 21:01 - 000000000 _SHDL C:\Users\david\AppData\Local\Data aplikací
2021-05-16 20:59 - 2021-05-18 11:26 - 000000000 ____D C:\ProgramData\NVIDIA
2021-05-16 20:59 - 2021-05-16 20:59 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-05-16 20:59 - 2021-05-16 20:59 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-05-16 20:59 - 2021-05-16 20:59 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-05-16 20:59 - 2018-02-28 00:41 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2021-05-16 20:59 - 2018-02-28 00:03 - 005966408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2021-05-16 20:59 - 2018-02-28 00:03 - 002589312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2021-05-16 20:59 - 2018-02-28 00:03 - 001767360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2021-05-16 20:59 - 2018-02-28 00:03 - 000608840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2021-05-16 20:59 - 2018-02-28 00:03 - 000449368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2021-05-16 20:59 - 2018-02-28 00:03 - 000124032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2021-05-16 20:59 - 2018-02-28 00:03 - 000082880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2021-05-16 20:59 - 2018-02-16 20:17 - 008083703 _____ C:\WINDOWS\system32\nvcoproc.bin
2021-05-16 20:58 - 2021-05-16 20:58 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ST_Accel_01011.Wdf
2021-05-16 20:58 - 2021-05-16 20:58 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Apfiltr_01009.Wdf
2021-05-16 20:58 - 2021-05-16 20:58 - 000000000 ____D C:\Program Files\DIFX
2021-05-16 20:58 - 2016-10-07 06:37 - 000030352 _____ (ST Microelectronics) C:\WINDOWS\system32\Drivers\stdcfltn.sys
2021-05-16 20:57 - 2021-05-18 11:26 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-05-16 20:57 - 2021-05-16 20:57 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2021-05-16 20:57 - 2021-05-16 20:57 - 000000000 ____D C:\Program Files\Intel
2021-05-16 20:57 - 2021-05-16 20:57 - 000000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2021-05-16 20:57 - 2018-12-21 02:23 - 000100056 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2021-05-16 20:56 - 2021-05-18 11:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-05-16 20:56 - 2021-05-18 10:58 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-05-16 20:56 - 2021-05-17 00:18 - 000258096 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-05-16 20:56 - 2021-05-16 21:40 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-05-16 20:56 - 2021-05-16 21:10 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-05-16 20:56 - 2021-05-16 21:10 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-05-16 20:56 - 2021-05-16 20:56 - 000561160 _____ C:\WINDOWS\system32\Drivers\rtwavesskdy.dat
2021-05-16 20:56 - 2021-05-16 20:56 - 000134304 _____ C:\WINDOWS\system32\Drivers\rtwavesvp.dat
2021-05-16 20:56 - 2021-05-16 20:56 - 000031095 _____ C:\WINDOWS\system32\Drivers\rtwavesEFX.dat
2021-05-16 20:56 - 2021-05-16 20:56 - 000020823 _____ C:\WINDOWS\system32\Drivers\rtwavesvpcap.dat
2021-05-16 20:56 - 2021-05-16 20:56 - 000010945 _____ C:\WINDOWS\system32\Drivers\rtwavesMFX.dat
2021-05-16 20:56 - 2021-05-16 20:56 - 000003218 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_PushButton
2021-05-16 20:56 - 2021-05-16 20:56 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2021-05-16 20:56 - 2021-05-16 20:56 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2021-05-16 20:56 - 2021-05-16 20:56 - 000000000 ____D C:\Program Files\Realtek
2021-05-16 20:56 - 2021-05-16 20:56 - 000000000 ____D C:\Program Files (x86)\Realtek
2021-05-16 20:09 - 2021-05-16 20:13 - 000000000 _____ C:\Recovery.txt
2021-05-11 18:15 - 2021-05-11 18:22 - 000921636 _____ C:\PA7302.DAT
2021-05-11 18:13 - 2021-05-16 21:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iLook 300
2021-05-07 09:02 - 2021-05-07 09:02 - 005184529 _____ C:\Users\david\Desktop\dv6-engine-1-6-16v-hdi-serwisowka-silnika.pdf
2021-05-02 23:26 - 2021-05-16 21:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2021-05-02 22:53 - 2015-05-27 15:34 - 013098384 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO3064.dll
2021-05-02 22:53 - 2015-05-27 15:34 - 002880872 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkAPO64.dll
2021-05-02 22:53 - 2015-05-27 15:34 - 002020528 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\MBAPO264.dll
2021-05-02 22:53 - 2015-05-27 15:34 - 001749832 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\MBAPO232.dll
2021-05-02 22:53 - 2015-05-27 15:34 - 001523096 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO5064.dll
2021-05-02 22:53 - 2015-05-27 15:34 - 001381616 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO6064.dll
2021-05-02 22:53 - 2015-05-27 15:34 - 001318432 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2021-05-02 22:53 - 2015-05-27 15:34 - 001158488 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll
2021-05-02 22:53 - 2015-05-27 15:34 - 000997856 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO2064.dll
2021-05-02 22:53 - 2015-05-27 15:34 - 000914024 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\MBAPO64.dll
2021-05-02 22:53 - 2015-05-27 15:34 - 000768824 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\MBAPO32.dll
2021-05-02 22:53 - 2015-05-27 15:34 - 000678192 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2021-05-02 22:53 - 2015-05-27 15:34 - 000642928 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\MBTHX64.dll
2021-05-02 22:53 - 2015-05-27 15:34 - 000577840 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\MBTHX32.dll
2021-05-02 22:53 - 2015-05-27 15:34 - 000410040 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\MBWrp64.dll
2021-05-02 22:53 - 2015-05-27 15:34 - 000343712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2021-05-02 22:53 - 2015-05-27 15:34 - 000321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2021-05-02 22:53 - 2015-05-27 15:34 - 000321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2021-05-02 22:53 - 2015-05-27 15:34 - 000179176 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2021-05-02 22:53 - 2015-05-27 15:34 - 000074608 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\MBppld64.dll
2021-05-02 22:53 - 2015-05-27 15:34 - 000069928 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\MBPPCn64.dll
2021-05-02 22:53 - 2015-05-27 15:33 - 072121872 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2021-05-02 22:53 - 2015-05-27 15:33 - 003700360 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioMeters64.exe
2021-05-02 22:53 - 2015-05-27 15:33 - 003227544 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2021-05-02 22:53 - 2015-05-27 15:33 - 002869504 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2021-05-02 22:53 - 2015-05-27 15:33 - 002540800 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTDVHD64.sys
2021-05-02 22:53 - 2015-05-27 15:33 - 001745152 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2021-05-02 22:53 - 2015-05-27 15:33 - 001570560 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTDSnM64.cpl
2021-05-02 22:53 - 2015-05-27 15:33 - 000171264 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTHDASIO64.dll
2021-05-02 22:53 - 2015-05-27 15:33 - 000147712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RTHDASIO.dll
2021-05-02 22:53 - 2015-05-27 15:33 - 000023704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2021-05-02 22:53 - 2015-05-27 15:04 - 000002236 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2021-05-02 18:23 - 2021-05-16 21:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\8GadgetPack
2021-05-02 14:11 - 2021-05-16 21:06 - 000000000 ____D C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2021-05-02 14:03 - 2018-05-07 01:21 - 036359712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2021-05-02 14:03 - 2018-05-07 01:21 - 029389296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2021-05-02 14:03 - 2018-05-07 01:21 - 001630216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvir3dgenco64.dll
2021-05-02 14:03 - 2018-05-07 01:21 - 000989680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-05-02 14:03 - 2018-05-07 01:21 - 000941040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-05-02 14:03 - 2018-05-07 01:21 - 000504328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvstusb.sys
2021-05-02 14:03 - 2018-05-07 01:20 - 040247200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2021-05-02 14:03 - 2018-05-07 01:20 - 035167264 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2021-05-02 14:03 - 2018-05-07 01:20 - 004210672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-05-02 14:03 - 2018-05-07 01:20 - 003624024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-05-02 14:03 - 2018-05-07 01:20 - 001998936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438908.dll
2021-05-02 14:03 - 2018-05-07 01:20 - 001682416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438908.dll
2021-05-02 14:03 - 2018-05-07 01:20 - 001108976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-05-02 14:03 - 2018-05-07 01:20 - 001041952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-05-02 14:03 - 2018-05-07 01:18 - 023482944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2021-05-02 14:03 - 2018-05-07 01:18 - 019218440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2021-05-02 14:03 - 2018-05-07 01:18 - 013378296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2021-05-02 14:03 - 2018-05-07 01:18 - 010986416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2021-05-02 14:03 - 2018-05-07 01:18 - 001154072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2021-05-02 14:03 - 2018-05-07 01:18 - 000902096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2021-05-02 14:03 - 2018-05-07 01:17 - 014001328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-05-02 14:03 - 2018-05-07 01:17 - 011896592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-05-02 14:03 - 2018-05-07 01:17 - 004533480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-05-02 14:03 - 2018-05-07 01:17 - 003860336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-05-02 14:03 - 2018-05-06 21:50 - 000048568 _____ C:\WINDOWS\system32\nvinfo.pb
2021-05-02 14:03 - 2018-05-06 21:50 - 000000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2021-05-02 14:03 - 2018-05-06 21:50 - 000000669 _____ C:\WINDOWS\system32\nv-vk64.json
2021-05-02 14:01 - 2021-05-18 11:26 - 000000000 __SHD C:\Users\david\IntelGraphicsProfiles
2021-05-02 14:01 - 2021-05-16 20:59 - 000000000 ____D C:\Intel
2021-05-02 13:52 - 2021-05-18 11:26 - 000000000 ____D C:\Users\david\AppData\LocalLow\Mozilla
2021-05-02 13:46 - 2021-05-02 13:46 - 000000000 ___HD C:\$WinREAgent
2021-05-02 13:44 - 2021-05-02 13:44 - 000000000 ___HD C:\OneDriveTemp
2021-05-02 13:43 - 2021-05-18 10:18 - 000000000 ___RD C:\Users\david\OneDrive
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-05-18 11:34 - 2019-12-07 16:43 - 000683426 _____ C:\WINDOWS\system32\perfh005.dat
2021-05-18 11:34 - 2019-12-07 16:43 - 000137206 _____ C:\WINDOWS\system32\perfc005.dat
2021-05-18 11:34 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-05-18 11:28 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-05-18 11:26 - 2020-11-19 01:56 - 000008192 ___SH C:\DumpStack.log.tmp
2021-05-18 11:24 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-05-18 04:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-05-18 00:24 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-05-17 06:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-05-17 06:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-05-17 06:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2021-05-17 00:17 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-05-17 00:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-05-17 00:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-05-16 23:52 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-05-16 22:00 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-05-16 21:54 - 2019-12-07 11:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-05-16 21:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-05-16 21:52 - 2019-12-07 16:47 - 000000000 ___SD C:\WINDOWS\system32\AppV
2021-05-16 21:52 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-05-16 21:52 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-05-16 21:52 - 2019-12-07 16:44 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\IME
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-05-16 21:52 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-05-16 21:51 - 2019-12-07 16:47 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-05-16 21:51 - 2019-12-07 16:47 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-05-16 21:40 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-05-16 21:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-05-16 21:35 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-05-16 21:26 - 2019-12-07 11:14 - 000000000 ___SD C:\Program Files\Windows Sidebar
2021-05-16 21:26 - 2019-12-07 11:14 - 000000000 ___SD C:\Program Files (x86)\Windows Sidebar
2021-05-16 21:19 - 2020-11-19 02:05 - 000000000 ___RD C:\Users\david\3D Objects
2021-05-16 21:19 - 2020-11-19 01:50 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-05-16 21:19 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-05-16 21:17 - 2020-11-19 01:48 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-05-16 21:09 - 2019-12-07 16:45 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2021-05-16 21:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\spool
2021-05-16 21:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-05-16 21:09 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\USOPrivate
2021-05-16 21:06 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows NT
2021-05-16 20:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Help
2021-05-16 20:56 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-05-2021
Ran by david (18-05-2021 11:47:24)
Running from C:\Users\david\Desktop
Windows 10 Pro Version 20H2 19042.985 (X64) (2021-05-16 19:09:21)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1071685242-337247553-1059379746-500 - Administrator - Disabled)
david (S-1-5-21-1071685242-337247553-1059379746-1001 - Administrator - Enabled) => C:\Users\david
DefaultAccount (S-1-5-21-1071685242-337247553-1059379746-503 - Limited - Disabled)
Guest (S-1-5-21-1071685242-337247553-1059379746-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1071685242-337247553-1059379746-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
8GadgetPack (HKLM-x32\...\{2C6DC07C-5D68-4E32-B6C6-EF5F24DA9FDF}) (Version: 33.0.0 - 8GadgetPack.net)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.3201.101.215 - ALPSALPINE CO., LTD.)
iLook 300 (HKLM-x32\...\{7EF900F4-61A8-4D95-8A65-488D3BECA206}) (Version: 1.0.0.28 - )
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.62 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Mozilla Firefox 88.0.1 (x64 cs) (HKU\S-1-5-21-1071685242-337247553-1059379746-1001\...\Mozilla Firefox 88.0.1 (x64 cs)) (Version: 88.0.1 - Mozilla)
Realtek Audio COM Components (HKLM-x32\...\{2355B503-9B11-4449-861D-1C1748B26320}) (Version: 1.0.2 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6070 - Realtek Semiconductor Corp.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Packages:
=========
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5060.0_x64__8wekyb3d8bbwe [2021-05-16] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0 [2021-05-16] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1071685242-337247553-1059379746-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\david\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler) [File not signed]
CustomCLSID: HKU\S-1-5-21-1071685242-337247553-1059379746-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\david\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2018-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-02-28] (NVIDIA Corporation -> NVIDIA Corporation)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2021-05-16 21:26 - 2020-06-23 09:54 - 000660480 _____ (Helmut Buhler) [File not signed] C:\Program Files\Windows Sidebar\dwmapi.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1071685242-337247553-1059379746-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\david\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\africanwildlife1.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{EAC83B74-ECB8-46E6-AF8F-AD9A1D4E0923}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1AFAB0E0-D827-44C7-A4D2-5379401C1C7B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8EBB2343-5F16-459D-AF71-E8A6E6CD98EB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D9D90D79-969F-425A-8929-4872E5DAD7D8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7C12EDC2-D57A-4C37-BDFA-383935CC5C36}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{830E4089-A766-497F-AE93-E4598C5C79DE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{67B2770F-D8BC-4B4C-B8CB-29F67783F60C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{83AE709C-3F2B-4082-A562-9A60F74AAC0E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CC8275C3-803C-4A4E-A0A9-8517A1BA5EA7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{35EB2EF7-A93C-452A-9C86-E43EADEFDFD1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{937E19CA-4DF9-490E-92FB-CB09B04475D1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C8487AC0-4483-495A-AEB8-253D03ACA484}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8177AD13-82E0-4B37-8147-17B2D43071D3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C5A73109-9037-4E45-9A41-4D488E215D47}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{513607BC-4A7E-498A-B64A-E56AD394872D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B295D4E1-DD84-4587-838C-596F5B9F0E5B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
==================== Restore Points =========================
18-05-2021 00:23:55 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (05/16/2021 09:50:59 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (05/16/2021 09:50:59 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (05/16/2021 09:50:59 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (05/16/2021 09:00:58 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu Windows Defender na SECURITY_PRODUCT_STATE_ON došlo k chybě.
Error: (05/16/2021 08:56:30 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Služba Šifrování neinicializovala databázi katalogu. Chyba součásti ESENT: -1409.
System errors:
=============
Error: (05/18/2021 10:14:55 AM) (Source: DCOM) (EventID: 10010) (User: DAVID-NOTAS-WIN)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.
Error: (05/18/2021 08:00:49 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (05/18/2021 08:00:49 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).
Error: (05/18/2021 03:56:36 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (0:45:10, 18.05.2021) bylo neočekávané.
Error: (05/17/2021 10:29:13 AM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: )
Description: Firmware platformy při předchozím přechodu systémového napájení poškodil paměť. Zkontrolujte dostupnost aktualizovaného firmwaru pro váš systém.
Error: (05/16/2021 09:47:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (05/16/2021 09:47:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).
Error: (05/16/2021 09:43:15 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x8024001e): Nástroj k odstranění škodlivého softwaru v systému Windows, verze pro procesory x64 – v5.89 (KB890830).
Windows Defender:
================
Date: 2021-05-18 11:40:31
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\david\Desktop\FRST64.exe.part
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DAVID-NOTAS-WIN\david
Název procesu: C:\Users\david\AppData\Local\Mozilla Firefox\firefox.exe
Verze bezpečnostních informací: AV: 1.339.953.0, AS: 1.339.953.0, NIS: 1.339.953.0
Verze modulu: AM: 1.1.18100.6, NIS: 1.1.18100.6
Date: 2021-05-18 11:40:18
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\david\Desktop\FRST64.exe.part
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DAVID-NOTAS-WIN\david
Název procesu: C:\Users\david\AppData\Local\Mozilla Firefox\firefox.exe
Verze bezpečnostních informací: AV: 1.339.953.0, AS: 1.339.953.0, NIS: 1.339.953.0
Verze modulu: AM: 1.1.18100.6, NIS: 1.1.18100.6
Date: 2021-05-18 11:40:00
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\david\Desktop\FRST64.exe.part
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DAVID-NOTAS-WIN\david
Název procesu: C:\Users\david\AppData\Local\Mozilla Firefox\firefox.exe
Verze bezpečnostních informací: AV: 1.339.953.0, AS: 1.339.953.0, NIS: 1.339.953.0
Verze modulu: AM: 1.1.18100.6, NIS: 1.1.18100.6
Date: 2021-05-18 11:35:57
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\david\Desktop\FRST64.exe.part
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DAVID-NOTAS-WIN\david
Název procesu: C:\Users\david\AppData\Local\Mozilla Firefox\firefox.exe
Verze bezpečnostních informací: AV: 1.339.945.0, AS: 1.339.945.0, NIS: 1.339.945.0
Verze modulu: AM: 1.1.18100.6, NIS: 1.1.18100.6
Date: 2021-05-18 11:31:19
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\david\Desktop\FRST64.exe.part
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DAVID-NOTAS-WIN\david
Název procesu: C:\Users\david\AppData\Local\Mozilla Firefox\firefox.exe
Verze bezpečnostních informací: AV: 1.339.945.0, AS: 1.339.945.0, NIS: 1.339.945.0
Verze modulu: AM: 1.1.18100.6, NIS: 1.1.18100.6
Date: 2021-05-18 11:40:31
Description:
Antivirová ochrana v programu Microsoft Defender narazil na kritickou chybu při provádění akce s malwarem nebo jiným potenciálně nežádoucím softwarem.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\david\Desktop\FRST64.exe.part
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DAVID-NOTAS-WIN\david
Název procesu: C:\Users\david\AppData\Local\Mozilla Firefox\firefox.exe
Akce: Neznámý
Stav akce: No additional actions required
Kód chyby: 0x80508032
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Verze bezpečnostních informací: AV: 1.339.953.0, AS: 1.339.953.0, NIS: 1.339.953.0
Verze modulu: AM: 1.1.18100.6, NIS: 1.1.18100.6
==================== Memory info ===========================
BIOS: Dell Inc. A24 06/13/2019
Motherboard: Dell Inc. 0XPJ8D
Processor: Intel(R) Core(TM) i5-4300U CPU @ 1.90GHz
Percentage of memory in use: 55%
Total physical RAM: 8097.32 MB
Available physical RAM: 3624.27 MB
Total Virtual: 10017.32 MB
Available Virtual: 5004.56 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:237.87 GB) (Free:201.13 GB) NTFS
Drive e: () (Removable) (Total:7.39 GB) (Free:7.39 GB) FAT32
\\?\Volume{2d6837da-9f69-4f65-bae9-f8483a735538}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS
\\?\Volume{536d0047-5b2e-4bf5-be64-6374688b233b}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 608DBCCB)
Partition: GPT.
==========================================================
Disk: 1 (Size: 7.4 GB) (Disk ID: AE55EA84)
Partition 1: (Active) - (Size=7.4 GB) - (Type=0C)
==================== End of Addition.txt =======================