Prosím o kontrolu logu
Napsal: 06 zář 2021 08:51
Dobrý den, prosím o kontrolu logu, pořád se mi zobrazuje popup okno, že jsou soubory zašifrované a mám si nainstalovat antivirový program. Děkuji. Milan
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-09-2021
Ran by sykor (administrator) on LAPTOP-NDM9P2C5 (ASUSTeK COMPUTER INC. VivoBook_ASUSLaptop X509DAP_M509DA) (06-09-2021 09:46:16)
Running from C:\Users\sykor\Desktop
Loaded Profiles: sykor
Platform: Windows 10 Home Version 21H1 19043.1165 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0365656.inf_amd64_5926d42fa64b989d\B365142\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0365656.inf_amd64_5926d42fa64b989d\B365142\atiesrxx.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSLinkRemote\AsusLinkRemote.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe
(ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSLinkNear\AsusLinkNear.exe
(ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSLinkNear\AsusLinkNearExt.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSOptimization\AsusOptimization.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSOptimization\AsusOptimizationStartupTask.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSOptimization\AsusOSD.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSSoftwareManager\AsusSoftwareManager.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSSystemAnalysis\AsusSystemAnalysis.exe
(Google LLC -> Google LLC) C:\Users\sykor\AppData\Local\Google\Chrome\Application\chrome.exe <19>
(Google LLC -> Google LLC) C:\Users\sykor\AppData\Local\Google\Update\1.3.36.102\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Users\sykor\AppData\Local\Google\Update\1.3.36.102\GoogleCrashHandler64.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Users\sykor\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2108.25001.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_6903f1a9d3b68dab\RtkAudUService64.exe <3>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKU\S-1-5-21-3198401371-966965265-1492882394-1001\...\Run: [97736D20087CAB12D8C353E2C093D23895070BE3._service_run] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=service /prefetch:8
HKU\S-1-5-21-3198401371-966965265-1492882394-1001\...\Run: [Google Update] => C:\Users\sykor\AppData\Local\Google\Update\1.3.36.102\GoogleUpdateCore.exe [223816 2021-08-05] (Google LLC -> Google LLC)
HKU\S-1-5-21-3198401371-966965265-1492882394-1001\...\MountPoints2: {150961d8-2a22-11eb-afb2-204ef629c68a} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3198401371-966965265-1492882394-1001\...\MountPoints2: {82ceaf65-8239-11eb-afbe-204ef629c68a} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3198401371-966965265-1492882394-1001\...\MountPoints2: {82ceaf78-8239-11eb-afbe-204ef629c68a} - "D:\HiSuiteDownLoader.exe"
Startup: C:\Users\sykor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2021-01-11]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {08A313E0-D5A3-43A9-B838-6278CBD70A02} - System32\Tasks\RtkAudUService64_BG => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_6903f1a9d3b68dab\RtkAudUService64.exe [1259888 2021-05-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {2037B4C7-F562-470D-9B02-4E1B9F35DB76} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21858176 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {20A94587-2226-4D3F-8641-0FB8C93FFFB0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3198401371-966965265-1492882394-1001Core => C:\Users\sykor\AppData\Local\Google\Update\GoogleUpdate.exe [155592 2021-01-05] (Google LLC -> Google LLC)
Task: {2FB5B7E7-315C-45E6-9F7B-27D755F5B145} - System32\Tasks\Microsoft\Windows\PLA\AsusLinkNear => {FF679DA1-8FF2-4474-9C9E-52BBD409B557} C:\Windows\system32\pla.dll [1493504 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {4A88D1D8-CD10-4F9F-B4EA-DDE2DBB7A293} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6C6D31FC-C7A1-47E3-8ECE-BECC72538EE0} - System32\Tasks\ASUS Update Checker 2.0 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSSoftwareManager\AsusUpdateChecker.exe [771200 2021-08-16] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {86DB3C32-987D-4F21-A9D8-3F270815468E} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139128 2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {8F71D857-BC17-438B-B939-3596D3ECD2CF} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSSystemAnalysis\AsusSystemAnalysis.exe [2593424 2021-08-16] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {A8C5A65F-E55C-4844-B6E5-D51B5FDCB01C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E0DB0476-9055-4BAE-AC65-6F56D730E9BD} - System32\Tasks\Microsoft\Windows\PLA\074C0539-0999-4DA9-9D0D-3D016B62F4E9 => {FF679DA1-8FF2-4474-9C9E-52BBD409B557} C:\Windows\system32\pla.dll [1493504 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {E1FB079E-FF81-4E7F-95AE-FB424FC814E5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E5FDA5D6-ADD3-412C-8138-2FAD6A4C7D31} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21858176 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {EE391A86-A19C-4CA1-B318-6A93612714FD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3198401371-966965265-1492882394-1001UA => C:\Users\sykor\AppData\Local\Google\Update\GoogleUpdate.exe [155592 2021-01-05] (Google LLC -> Google LLC)
Task: {F513F1A9-EAEA-448F-8434-6A1D9D586771} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139128 2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {FA3399A0-57C2-4E7B-A9F9-EB7789FA5CA5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FA5A38C8-EAC8-4E76-BF9E-C317E6CE39C9} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSOptimization\AsusHotkeyExec.exe [233624 2021-08-16] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{c17ee61e-988b-4f1b-861f-67654d68786c}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{d4e6f1ed-2a59-4655-8278-3624f0a0c224}: [DhcpNameServer] 10.66.104.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\sykor\AppData\Local\Microsoft\Edge\User Data\Default [2021-09-06]
Edge Profile: C:\Users\sykor\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2021-09-06]
Edge Notifications: Profile 1 -> hxxps://meet.google.com
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\sykor\AppData\Local\Google\Chrome\User Data\Default [2021-09-06]
CHR Notifications: Default -> hxxps://gomez.cz; hxxps://meet.google.com; hxxps://www.facebook.com; hxxps://www.freefilm.to
CHR Extension: (Prezentace) - C:\Users\sykor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-01-05]
CHR Extension: (Dokumenty) - C:\Users\sykor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-01-05]
CHR Extension: (Disk Google) - C:\Users\sykor\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-05]
CHR Extension: (YouTube) - C:\Users\sykor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-01-05]
CHR Extension: (Tabulky) - C:\Users\sykor\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-01-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\sykor\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\sykor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\sykor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-05]
CHR Extension: (Chrome Media Router) - C:\Users\sykor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-08-02]
CHR Profile: C:\Users\sykor\AppData\Local\Google\Chrome\User Data\System Profile [2021-01-11]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASUSLinkNear; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSLinkNear\AsusLinkNear.exe [1302672 2021-08-16] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 ASUSLinkNearExt; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSLinkNear\AsusLinkNearExt.exe [148096 2021-08-16] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 ASUSLinkRemote; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSLinkRemote\AsusLinkRemote.exe [798848 2021-08-16] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSOptimization; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSOptimization\AsusOptimization.exe [338560 2021-08-16] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSoftwareManager; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSSoftwareManager\AsusSoftwareManager.exe [945280 2021-08-16] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSSystemAnalysis\AsusSystemAnalysis.exe [2593424 2021-08-16] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [629152 2021-08-16] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9166736 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [977824 2021-08-24] (McAfee, LLC -> McAfee, LLC)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AsusPTPDrv; C:\Windows\System32\drivers\AsusPTPFilter.sys [112848 2020-09-27] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R3 ASUSSAIO; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSSystemAnalysis\ASUSSAIO.sys [35968 2021-08-16] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R1 ATKWMIACPIIO; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSOptimization\atkwmiacpi64.sys [44184 2021-08-16] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49568 2021-08-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [434424 2021-08-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-04] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-09-06 09:46 - 2021-09-06 09:46 - 000017130 _____ C:\Users\sykor\Desktop\FRST.txt
2021-09-06 09:46 - 2021-09-06 09:46 - 000000000 ____D C:\FRST
2021-09-06 09:44 - 2021-09-06 09:45 - 002302464 _____ (Farbar) C:\Users\sykor\Desktop\FRST64.exe
2021-09-06 09:39 - 2021-09-06 09:39 - 036335448 _____ (Piriform Software Ltd) C:\Users\sykor\Downloads\ccsetup584.exe
2021-09-06 09:29 - 2021-09-06 09:31 - 000000000 ____D C:\ProgramData\McInstTemp0282751630913369
2021-09-06 08:14 - 2021-09-06 09:37 - 000001380 _____ C:\Users\sykor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2021-09-06 08:14 - 2021-09-06 09:37 - 000001274 _____ C:\Users\sykor\Desktop\ESET Online Scanner.lnk
2021-09-06 08:14 - 2021-09-06 08:14 - 000000000 ____D C:\Users\sykor\AppData\Local\ESET
2021-09-06 08:13 - 2021-09-06 08:13 - 011697056 _____ (ESET) C:\Users\sykor\Downloads\esetonlinescanner.exe
2021-08-28 09:35 - 2021-08-28 10:44 - 1263769242 _____ C:\Users\sykor\Downloads\To - Kapitola 1 - Horor 2017 CZ dab (dublsoft).avi
2021-08-27 17:25 - 2021-08-27 18:34 - 1058989875 _____ C:\Users\sykor\Downloads\To Kapitola 1 (2017) CZ Dabing 1920x800.mkv
2021-08-19 17:24 - 2021-09-06 09:29 - 000000175 _____ C:\Users\sykor\BullseyeCoverageError.txt
2021-08-13 19:04 - 2021-08-13 19:04 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2021-08-13 19:04 - 2021-08-13 19:04 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2021-08-13 19:04 - 2021-08-13 19:04 - 001333760 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll
2021-08-13 19:04 - 2021-08-13 19:04 - 000011347 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-08-13 19:03 - 2021-08-13 19:03 - 001823280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2021-08-13 19:03 - 2021-08-13 19:03 - 001393480 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2021-08-13 19:03 - 2021-08-13 19:03 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2021-08-13 18:44 - 2021-08-13 18:44 - 000000000 ___HD C:\$WinREAgent
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-09-06 09:36 - 2021-01-05 16:54 - 000000000 ____D C:\Users\sykor\AppData\Local\Packages
2021-09-06 09:36 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2021-09-06 09:35 - 2020-05-13 06:07 - 000683426 _____ C:\Windows\system32\perfh005.dat
2021-09-06 09:35 - 2020-05-13 06:07 - 000137206 _____ C:\Windows\system32\perfc005.dat
2021-09-06 09:35 - 2020-05-13 05:25 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2021-09-06 09:35 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2021-09-06 09:34 - 2021-01-05 16:56 - 000000000 ___RD C:\Users\sykor\OneDrive
2021-09-06 09:33 - 2021-01-05 17:59 - 000003752 _____ C:\Windows\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2021-09-06 09:32 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-09-06 09:31 - 2020-11-19 06:58 - 000000000 ____D C:\Users\sykor
2021-09-06 09:31 - 2020-11-19 06:25 - 000000000 ____D C:\ProgramData\McAfee
2021-09-06 09:31 - 2020-11-19 06:25 - 000000000 ____D C:\Program Files\McAfee
2021-09-06 09:31 - 2020-05-13 05:18 - 000008192 ___SH C:\DumpStack.log.tmp
2021-09-06 09:31 - 2020-05-13 05:18 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-09-06 09:31 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2021-09-06 09:30 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-09-06 09:30 - 2019-12-07 11:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2021-09-06 09:27 - 2020-05-13 05:18 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-09-06 08:21 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-09-06 08:18 - 2020-05-13 05:21 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-31 17:06 - 2020-05-13 05:22 - 000000000 ____D C:\Program Files\Microsoft Office
2021-08-31 09:37 - 2021-03-07 19:21 - 000803176 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2021-08-26 12:25 - 2020-11-19 05:20 - 000004122 _____ C:\Windows\system32\Tasks\ASUS Update Checker 2.0
2021-08-26 12:25 - 2020-11-19 05:20 - 000003764 _____ C:\Windows\system32\Tasks\ASUS Optimization 36D18D69AFC3
2021-08-24 18:58 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\LiveKernelReports
2021-08-22 18:18 - 2021-01-05 16:56 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3198401371-966965265-1492882394-1001
2021-08-22 18:18 - 2020-11-19 06:58 - 000002379 _____ C:\Users\sykor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-19 17:22 - 2021-01-24 21:12 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-08-19 16:25 - 2021-01-05 16:54 - 000000000 ____D C:\Users\sykor\AppData\Local\D3DSCache
2021-08-19 14:06 - 2021-01-05 18:16 - 000002500 _____ C:\Users\sykor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-08-19 14:06 - 2021-01-05 18:16 - 000002463 _____ C:\Users\sykor\Desktop\Google Chrome.lnk
2021-08-19 14:05 - 2020-05-13 05:21 - 000003584 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-19 14:05 - 2020-05-13 05:21 - 000003460 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-14 00:01 - 2020-05-13 05:18 - 000439896 _____ C:\Windows\system32\FNTCACHE.DAT
2021-08-14 00:00 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\UNP
2021-08-14 00:00 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-08-14 00:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-08-14 00:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2021-08-14 00:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2021-08-14 00:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2021-08-14 00:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellComponents
2021-08-14 00:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2021-08-14 00:00 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\servicing
2021-08-13 19:10 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2021-08-13 18:42 - 2021-01-12 09:04 - 000000000 ____D C:\Windows\system32\MRT
2021-08-13 18:33 - 2021-01-12 09:04 - 133215968 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-09-2021
Ran by sykor (06-09-2021 09:47:31)
Running from C:\Users\sykor\Desktop
Windows 10 Home Version 21H1 19043.1165 (X64) (2020-11-19 04:41:15)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3198401371-966965265-1492882394-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3198401371-966965265-1492882394-503 - Limited - Disabled)
Guest (S-1-5-21-3198401371-966965265-1492882394-501 - Limited - Disabled)
sykor (S-1-5-21-3198401371-966965265-1492882394-1001 - Administrator - Enabled) => C:\Users\sykor
WDAGUtilityAccount (S-1-5-21-3198401371-966965265-1492882394-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Google Chrome (HKU\S-1-5-21-3198401371-966965265-1492882394-1001\...\Google Chrome) (Version: 92.0.4515.159 - Google LLC)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.14326.20238 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 93.0.961.38 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 93.0.961.38 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3198401371-966965265-1492882394-1001\...\OneDriveSetup.exe) (Version: 21.150.0725.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{852D8FE5-BC66-4061-B1C4-CADF51E5B27D}) (Version: 2.82.0.0 - Microsoft Corporation)
Movavi Video Editor Plus 2021 (HKU\S-1-5-21-3198401371-966965265-1492882394-1001\...\Movavi Video Editor Plus 2021) (Version: 21.3.0 - Movavi)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14326.20238 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14326.20238 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.621 - McAfee, LLC)
Zoom (HKU\S-1-5-21-3198401371-966965265-1492882394-1001\...\ZoomUMX) (Version: 5.6.3 (751) - Zoom Video Communications, Inc.)
Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.45012.0_x64__0a9344xs7nr4m [2021-07-06] (Advanced Micro Devices Inc.) [Startup Task]
AMD Radeon™ Settings Lite -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.59462344778C5_10.19.10006.0_x64__0a9344xs7nr4m [2021-01-05] (Advanced Micro Devices Inc.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1200.9.118.0_x64__8xx8rvfyw5nnt [2021-09-06] (Facebook Inc) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-01-09] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-01-09] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-06] (Microsoft Studios) [MS Ad]
MyASUS -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.0.19.0_x64__qmba6cd70vzyy [2021-08-19] (ASUSTeK COMPUTER INC.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.26.250.0_x64__dt26b99r8h8gj [2021-07-21] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0 [2021-09-06] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3198401371-966965265-1492882394-1001_Classes\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 -> C:\Users\sykor\AppData\Local\Google\Update\1.3.36.102\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3198401371-966965265-1492882394-1001_Classes\CLSID\{8B480070-D37D-4090-A063-7A429F849652}\InprocServer32 -> C:\Users\sykor\AppData\Local\Google\Update\1.3.36.92\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3198401371-966965265-1492882394-1001_Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\localserver32 -> C:\Users\sykor\AppData\Local\Google\Chrome\Application\92.0.4515.159\notification_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3198401371-966965265-1492882394-1001_Classes\CLSID\{BE5C2E39-090F-46A2-AFAA-47540743B4FE}\InprocServer32 -> C:\Users\sykor\AppData\Local\Google\Update\1.3.36.102\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3198401371-966965265-1492882394-1001_Classes\CLSID\{CA8FA699-91CD-412F-9D13-9B1222F4370E}\InprocServer32 -> C:\Users\sykor\AppData\Local\Google\Update\1.3.36.82\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3198401371-966965265-1492882394-1001_Classes\CLSID\{CA919489-0396-4164-A6E7-94CDED45A707}\InprocServer32 -> C:\Users\sykor\AppData\Local\Google\Update\1.3.36.52\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3198401371-966965265-1492882394-1001_Classes\CLSID\{DEDF773D-E27B-485E-8E7D-85C5B0EB5A67}\InprocServer32 -> C:\Users\sykor\AppData\Local\Google\Update\1.3.36.72\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3198401371-966965265-1492882394-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\sykor\AppData\Local\Google\Update\1.3.36.102\psuser_64.dll (Google LLC -> Google LLC)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Windows\System32\atiacm64.dll [2021-03-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\sykor\AppData\Local\Microsoft\Edge\User Data\Default\Profil 1 - Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) =============
2020-05-13 05:22 - 2020-05-13 05:22 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2020-05-13 05:22 - 2020-05-13 05:22 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-3198401371-966965265-1492882394-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=ASTE
HKU\S-1-5-21-3198401371-966965265-1492882394-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msn.com/?pc=ASTE
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-08-24] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-08-24] (McAfee, LLC -> McAfee, LLC)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3198401371-966965265-1492882394-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\asus\wallpapers\asus.jpg
DNS Servers: 172.20.10.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{AF32990D-2B76-475D-94BA-AA046798DBB9}C:\users\sykor\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\sykor\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{E3A0C2CB-E1E4-4BCE-8E58-CFAD021F1672}C:\users\sykor\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\sykor\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{92C7001C-DBCD-4C11-A189-B5743E88D551}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{65C63F22-6E40-4F48-A47B-DF73DACF2CA5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3219D60F-B300-4B1D-B300-5D3A4D1EE162}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6E5F308F-CBC9-4A66-80DF-7775235EEC82}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{37EE7795-DD9F-4355-B5E5-02368CDBB0EB}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{5E35FF8A-4231-4F01-857F-7718E6C3271B}C:\users\sykor\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\sykor\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{80B358E8-8C5E-40DB-A363-14D6922DEF58}C:\users\sykor\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\sykor\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{0125E3FD-C2B6-4B2C-8903-DFA76A4D2A3C}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\93.0.961.38\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BE4B6034-62C8-4D84-AF89-9F27C3D60E42}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{86842F0D-2D46-41A6-854B-373705EF86A7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{43B8A4E7-D85C-4256-B659-80A0085993EA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7F5B6242-E808-40FC-A222-4BE6C9B04F88}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{06FA0807-4CF4-4637-B1D0-472F55B2065F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3D003A63-6234-46F1-A846-7A08C3FD1F6C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{454D02C5-44B0-44E1-A0A8-069B598DCB3F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9AB32246-62F6-4131-95ED-A24F2297780A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F6ECE7E9-1D0D-48CF-A2FC-B86338798CAE}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSLinkNear\AsusLinkNear.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{D52E43D3-73F5-49AC-9711-6D3082DAC2C8}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{C228FF76-3CD2-4D1B-9215-236E1366B0C1}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
==================== Restore Points =========================
13-08-2021 18:42:12 Instalační služba modulů systému Windows
24-08-2021 12:35:05 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (08/26/2021 12:25:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RtkAudUService64.exe, verze: 1.0.379.1, časové razítko: 0x609a471c
Název chybujícího modulu: combase.dll, verze: 10.0.19041.1081, časové razítko: 0x473ce9d1
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000cc84b
ID chybujícího procesu: 0xdc0
Čas spuštění chybující aplikace: 0x01d799085e362124
Cesta k chybující aplikaci: C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_6903f1a9d3b68dab\RtkAudUService64.exe
Cesta k chybujícímu modulu: C:\Windows\System32\combase.dll
ID zprávy: 1508e5bb-a4ae-42f9-8fa6-e04c06bc1226
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (08/26/2021 12:25:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RtkAudUService64.exe, verze: 1.0.379.1, časové razítko: 0x609a471c
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x000001b950befae0
ID chybujícího procesu: 0xdc0
Čas spuštění chybující aplikace: 0x01d799085e362124
Cesta k chybující aplikaci: C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_6903f1a9d3b68dab\RtkAudUService64.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 40ace8c8-62b9-4a22-ae6c-e59bee061656
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (08/24/2021 06:43:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program RtkUWP.exe verze 1.26.250.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 2378
Čas spuštění: 01d790d929eda46a
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.26.250.0_x64__dt26b99r8h8gj\RtkUWP.exe
ID hlášení: f37b5c5b-277a-45c7-a858-88f4d3cc763b
Úplný název balíčku s chybou: RealtekSemiconductorCorp.RealtekAudioControl_1.26.250.0_x64__dt26b99r8h8gj
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (08/24/2021 06:43:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program StartMenuExperienceHost.exe verze 0.0.0.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 22c8
Čas spuštění: 01d7908ee9858eb8
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
ID hlášení: 42ded614-c1d3-4d2f-927f-7825d3b89006
Úplný název balíčku s chybou: Microsoft.Windows.StartMenuExperienceHost_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (08/20/2021 11:00:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GameBar.exe, verze: 5.721.8052.0, časové razítko: 0x610c90c0
Název chybujícího modulu: GameBar.exe, verze: 5.721.8052.0, časové razítko: 0x610c90c0
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000002f726
ID chybujícího procesu: 0x3a6c
Čas spuštění chybující aplikace: 0x01d795a1cf92c9b8
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.8052.0_x64__8wekyb3d8bbwe\GameBar.exe
Cesta k chybujícímu modulu: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.8052.0_x64__8wekyb3d8bbwe\GameBar.exe
ID zprávy: 12c79dc1-5b9a-4625-96fe-3c67ad59e940
Úplný název chybujícího balíčku: Microsoft.XboxGamingOverlay_5.721.8052.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App
Error: (07/17/2021 08:48:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RtkAudUService64.exe, verze: 1.0.288.1, časové razítko: 0x5ed5ffea
Název chybujícího modulu: combase.dll, verze: 10.0.19041.1052, časové razítko: 0x30807450
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000cc91b
ID chybujícího procesu: 0xe20
Čas spuštění chybující aplikace: 0x01d7729a15b2b953
Cesta k chybující aplikaci: C:\Windows\system32\RtkAudUService64.exe
Cesta k chybujícímu modulu: C:\Windows\System32\combase.dll
ID zprávy: 67d182cf-edfc-4022-a30e-6c9403cb5960
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (07/17/2021 08:48:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RtkAudUService64.exe, verze: 1.0.288.1, časové razítko: 0x5ed5ffea
Název chybujícího modulu: RtkAudUService64.exe, verze: 1.0.288.1, časové razítko: 0x5ed5ffea
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000065063
ID chybujícího procesu: 0xe20
Čas spuštění chybující aplikace: 0x01d7729a15b2b953
Cesta k chybující aplikaci: C:\Windows\system32\RtkAudUService64.exe
Cesta k chybujícímu modulu: C:\Windows\system32\RtkAudUService64.exe
ID zprávy: f069abc4-5f74-4a1d-8087-013d07a83335
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (06/13/2021 06:21:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RtkAudUService64.exe, verze: 1.0.288.1, časové razítko: 0x5ed5ffea
Název chybujícího modulu: combase.dll, verze: 10.0.19041.1052, časové razítko: 0x30807450
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000cc91b
ID chybujícího procesu: 0xfd8
Čas spuštění chybující aplikace: 0x01d75fd491311a66
Cesta k chybující aplikaci: C:\Windows\system32\RtkAudUService64.exe
Cesta k chybujícímu modulu: C:\Windows\System32\combase.dll
ID zprávy: 46ce7725-bd68-46a1-a892-0c04397b98bb
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (09/06/2021 08:17:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Error: (09/06/2021 08:17:01 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\sykor\AppData\Local\Temp\ehdrv.sys
Error: (09/06/2021 08:17:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Error: (09/06/2021 08:17:01 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\sykor\AppData\Local\Temp\ehdrv.sys
Error: (09/06/2021 08:17:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Error: (09/06/2021 08:17:01 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\sykor\AppData\Local\Temp\ehdrv.sys
Error: (09/06/2021 08:17:00 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Error: (09/06/2021 08:17:00 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\sykor\AppData\Local\Temp\ehdrv.sys
Windows Defender:
================
Date: 2021-08-29 20:11:38
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {7A636122-75AC-497B-A9ED-8B954FA3EF1D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-08-28 16:02:30
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {743CDECC-E2BA-4B6C-A0E3-0022255D2DDF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-08-27 10:40:25
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {14595E82-331F-4953-A98B-38E008DF55F7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-08-24 21:38:05
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {666F0A29-07E0-4A6C-B10A-A2BE5CFF586C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-08-24 11:18:39
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {EF4A77FD-E936-4808-8C3D-D3C611651747}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-06-29 16:06:06
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.343.25.0
Předchozí verze bezpečnostních informací: 1.341.1614.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-06-29 16:06:06
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.343.25.0
Předchozí verze bezpečnostních informací: 1.341.1614.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-06-29 16:06:06
Description:
Program Antivirová ochrana v programu Microsoft Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-06-04 16:28:26
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.341.54.0
Předchozí verze bezpečnostních informací: 1.339.1950.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18200.4
Předchozí verze modulu: 1.1.18100.6
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-06-04 16:28:26
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.341.54.0
Předchozí verze bezpečnostních informací: 1.339.1950.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18200.4
Předchozí verze modulu: 1.1.18100.6
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
CodeIntegrity:
===============
Date: 2021-09-06 09:23:37
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Microsoft signing level requirements.
Date: 2021-09-06 08:12:48
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. X509DAP.300 01/08/2020
Motherboard: ASUSTeK COMPUTER INC. X509DAP
Processor: AMD Ryzen 3 3250U with Radeon Graphics
Percentage of memory in use: 61%
Total physical RAM: 6094.18 MB
Available physical RAM: 2338.08 MB
Total Virtual: 14030.18 MB
Available Virtual: 9604.65 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:475.89 GB) (Free:370.53 GB) NTFS
\\?\Volume{53b13df2-674c-4542-88d8-d9d8ae5312f5}\ (RECOVERY) (Fixed) (Total:0.78 GB) (Free:0.11 GB) NTFS
\\?\Volume{b194e1e3-e0ab-4656-880a-a515f82c5ded}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: BE2260F2)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-09-2021
Ran by sykor (administrator) on LAPTOP-NDM9P2C5 (ASUSTeK COMPUTER INC. VivoBook_ASUSLaptop X509DAP_M509DA) (06-09-2021 09:46:16)
Running from C:\Users\sykor\Desktop
Loaded Profiles: sykor
Platform: Windows 10 Home Version 21H1 19043.1165 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0365656.inf_amd64_5926d42fa64b989d\B365142\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0365656.inf_amd64_5926d42fa64b989d\B365142\atiesrxx.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSLinkRemote\AsusLinkRemote.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe
(ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSLinkNear\AsusLinkNear.exe
(ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSLinkNear\AsusLinkNearExt.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSOptimization\AsusOptimization.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSOptimization\AsusOptimizationStartupTask.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSOptimization\AsusOSD.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSSoftwareManager\AsusSoftwareManager.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSSystemAnalysis\AsusSystemAnalysis.exe
(Google LLC -> Google LLC) C:\Users\sykor\AppData\Local\Google\Chrome\Application\chrome.exe <19>
(Google LLC -> Google LLC) C:\Users\sykor\AppData\Local\Google\Update\1.3.36.102\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Users\sykor\AppData\Local\Google\Update\1.3.36.102\GoogleCrashHandler64.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Users\sykor\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2108.25001.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_6903f1a9d3b68dab\RtkAudUService64.exe <3>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKU\S-1-5-21-3198401371-966965265-1492882394-1001\...\Run: [97736D20087CAB12D8C353E2C093D23895070BE3._service_run] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=service /prefetch:8
HKU\S-1-5-21-3198401371-966965265-1492882394-1001\...\Run: [Google Update] => C:\Users\sykor\AppData\Local\Google\Update\1.3.36.102\GoogleUpdateCore.exe [223816 2021-08-05] (Google LLC -> Google LLC)
HKU\S-1-5-21-3198401371-966965265-1492882394-1001\...\MountPoints2: {150961d8-2a22-11eb-afb2-204ef629c68a} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3198401371-966965265-1492882394-1001\...\MountPoints2: {82ceaf65-8239-11eb-afbe-204ef629c68a} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3198401371-966965265-1492882394-1001\...\MountPoints2: {82ceaf78-8239-11eb-afbe-204ef629c68a} - "D:\HiSuiteDownLoader.exe"
Startup: C:\Users\sykor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2021-01-11]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {08A313E0-D5A3-43A9-B838-6278CBD70A02} - System32\Tasks\RtkAudUService64_BG => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_6903f1a9d3b68dab\RtkAudUService64.exe [1259888 2021-05-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {2037B4C7-F562-470D-9B02-4E1B9F35DB76} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21858176 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {20A94587-2226-4D3F-8641-0FB8C93FFFB0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3198401371-966965265-1492882394-1001Core => C:\Users\sykor\AppData\Local\Google\Update\GoogleUpdate.exe [155592 2021-01-05] (Google LLC -> Google LLC)
Task: {2FB5B7E7-315C-45E6-9F7B-27D755F5B145} - System32\Tasks\Microsoft\Windows\PLA\AsusLinkNear => {FF679DA1-8FF2-4474-9C9E-52BBD409B557} C:\Windows\system32\pla.dll [1493504 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {4A88D1D8-CD10-4F9F-B4EA-DDE2DBB7A293} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6C6D31FC-C7A1-47E3-8ECE-BECC72538EE0} - System32\Tasks\ASUS Update Checker 2.0 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSSoftwareManager\AsusUpdateChecker.exe [771200 2021-08-16] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {86DB3C32-987D-4F21-A9D8-3F270815468E} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139128 2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {8F71D857-BC17-438B-B939-3596D3ECD2CF} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSSystemAnalysis\AsusSystemAnalysis.exe [2593424 2021-08-16] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {A8C5A65F-E55C-4844-B6E5-D51B5FDCB01C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E0DB0476-9055-4BAE-AC65-6F56D730E9BD} - System32\Tasks\Microsoft\Windows\PLA\074C0539-0999-4DA9-9D0D-3D016B62F4E9 => {FF679DA1-8FF2-4474-9C9E-52BBD409B557} C:\Windows\system32\pla.dll [1493504 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {E1FB079E-FF81-4E7F-95AE-FB424FC814E5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E5FDA5D6-ADD3-412C-8138-2FAD6A4C7D31} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21858176 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {EE391A86-A19C-4CA1-B318-6A93612714FD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3198401371-966965265-1492882394-1001UA => C:\Users\sykor\AppData\Local\Google\Update\GoogleUpdate.exe [155592 2021-01-05] (Google LLC -> Google LLC)
Task: {F513F1A9-EAEA-448F-8434-6A1D9D586771} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139128 2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {FA3399A0-57C2-4E7B-A9F9-EB7789FA5CA5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FA5A38C8-EAC8-4E76-BF9E-C317E6CE39C9} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSOptimization\AsusHotkeyExec.exe [233624 2021-08-16] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{c17ee61e-988b-4f1b-861f-67654d68786c}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{d4e6f1ed-2a59-4655-8278-3624f0a0c224}: [DhcpNameServer] 10.66.104.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\sykor\AppData\Local\Microsoft\Edge\User Data\Default [2021-09-06]
Edge Profile: C:\Users\sykor\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2021-09-06]
Edge Notifications: Profile 1 -> hxxps://meet.google.com
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\sykor\AppData\Local\Google\Chrome\User Data\Default [2021-09-06]
CHR Notifications: Default -> hxxps://gomez.cz; hxxps://meet.google.com; hxxps://www.facebook.com; hxxps://www.freefilm.to
CHR Extension: (Prezentace) - C:\Users\sykor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-01-05]
CHR Extension: (Dokumenty) - C:\Users\sykor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-01-05]
CHR Extension: (Disk Google) - C:\Users\sykor\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-05]
CHR Extension: (YouTube) - C:\Users\sykor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-01-05]
CHR Extension: (Tabulky) - C:\Users\sykor\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-01-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\sykor\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\sykor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\sykor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-05]
CHR Extension: (Chrome Media Router) - C:\Users\sykor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-08-02]
CHR Profile: C:\Users\sykor\AppData\Local\Google\Chrome\User Data\System Profile [2021-01-11]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASUSLinkNear; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSLinkNear\AsusLinkNear.exe [1302672 2021-08-16] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 ASUSLinkNearExt; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSLinkNear\AsusLinkNearExt.exe [148096 2021-08-16] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 ASUSLinkRemote; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSLinkRemote\AsusLinkRemote.exe [798848 2021-08-16] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSOptimization; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSOptimization\AsusOptimization.exe [338560 2021-08-16] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSoftwareManager; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSSoftwareManager\AsusSoftwareManager.exe [945280 2021-08-16] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSSystemAnalysis\AsusSystemAnalysis.exe [2593424 2021-08-16] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [629152 2021-08-16] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9166736 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [977824 2021-08-24] (McAfee, LLC -> McAfee, LLC)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AsusPTPDrv; C:\Windows\System32\drivers\AsusPTPFilter.sys [112848 2020-09-27] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R3 ASUSSAIO; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSSystemAnalysis\ASUSSAIO.sys [35968 2021-08-16] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R1 ATKWMIACPIIO; C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSOptimization\atkwmiacpi64.sys [44184 2021-08-16] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49568 2021-08-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [434424 2021-08-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-04] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-09-06 09:46 - 2021-09-06 09:46 - 000017130 _____ C:\Users\sykor\Desktop\FRST.txt
2021-09-06 09:46 - 2021-09-06 09:46 - 000000000 ____D C:\FRST
2021-09-06 09:44 - 2021-09-06 09:45 - 002302464 _____ (Farbar) C:\Users\sykor\Desktop\FRST64.exe
2021-09-06 09:39 - 2021-09-06 09:39 - 036335448 _____ (Piriform Software Ltd) C:\Users\sykor\Downloads\ccsetup584.exe
2021-09-06 09:29 - 2021-09-06 09:31 - 000000000 ____D C:\ProgramData\McInstTemp0282751630913369
2021-09-06 08:14 - 2021-09-06 09:37 - 000001380 _____ C:\Users\sykor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2021-09-06 08:14 - 2021-09-06 09:37 - 000001274 _____ C:\Users\sykor\Desktop\ESET Online Scanner.lnk
2021-09-06 08:14 - 2021-09-06 08:14 - 000000000 ____D C:\Users\sykor\AppData\Local\ESET
2021-09-06 08:13 - 2021-09-06 08:13 - 011697056 _____ (ESET) C:\Users\sykor\Downloads\esetonlinescanner.exe
2021-08-28 09:35 - 2021-08-28 10:44 - 1263769242 _____ C:\Users\sykor\Downloads\To - Kapitola 1 - Horor 2017 CZ dab (dublsoft).avi
2021-08-27 17:25 - 2021-08-27 18:34 - 1058989875 _____ C:\Users\sykor\Downloads\To Kapitola 1 (2017) CZ Dabing 1920x800.mkv
2021-08-19 17:24 - 2021-09-06 09:29 - 000000175 _____ C:\Users\sykor\BullseyeCoverageError.txt
2021-08-13 19:04 - 2021-08-13 19:04 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2021-08-13 19:04 - 2021-08-13 19:04 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2021-08-13 19:04 - 2021-08-13 19:04 - 001333760 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll
2021-08-13 19:04 - 2021-08-13 19:04 - 000011347 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-08-13 19:03 - 2021-08-13 19:03 - 001823280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2021-08-13 19:03 - 2021-08-13 19:03 - 001393480 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2021-08-13 19:03 - 2021-08-13 19:03 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2021-08-13 18:44 - 2021-08-13 18:44 - 000000000 ___HD C:\$WinREAgent
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-09-06 09:36 - 2021-01-05 16:54 - 000000000 ____D C:\Users\sykor\AppData\Local\Packages
2021-09-06 09:36 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2021-09-06 09:35 - 2020-05-13 06:07 - 000683426 _____ C:\Windows\system32\perfh005.dat
2021-09-06 09:35 - 2020-05-13 06:07 - 000137206 _____ C:\Windows\system32\perfc005.dat
2021-09-06 09:35 - 2020-05-13 05:25 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2021-09-06 09:35 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2021-09-06 09:34 - 2021-01-05 16:56 - 000000000 ___RD C:\Users\sykor\OneDrive
2021-09-06 09:33 - 2021-01-05 17:59 - 000003752 _____ C:\Windows\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2021-09-06 09:32 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-09-06 09:31 - 2020-11-19 06:58 - 000000000 ____D C:\Users\sykor
2021-09-06 09:31 - 2020-11-19 06:25 - 000000000 ____D C:\ProgramData\McAfee
2021-09-06 09:31 - 2020-11-19 06:25 - 000000000 ____D C:\Program Files\McAfee
2021-09-06 09:31 - 2020-05-13 05:18 - 000008192 ___SH C:\DumpStack.log.tmp
2021-09-06 09:31 - 2020-05-13 05:18 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-09-06 09:31 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2021-09-06 09:30 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-09-06 09:30 - 2019-12-07 11:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2021-09-06 09:27 - 2020-05-13 05:18 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-09-06 08:21 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-09-06 08:18 - 2020-05-13 05:21 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-31 17:06 - 2020-05-13 05:22 - 000000000 ____D C:\Program Files\Microsoft Office
2021-08-31 09:37 - 2021-03-07 19:21 - 000803176 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2021-08-26 12:25 - 2020-11-19 05:20 - 000004122 _____ C:\Windows\system32\Tasks\ASUS Update Checker 2.0
2021-08-26 12:25 - 2020-11-19 05:20 - 000003764 _____ C:\Windows\system32\Tasks\ASUS Optimization 36D18D69AFC3
2021-08-24 18:58 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\LiveKernelReports
2021-08-22 18:18 - 2021-01-05 16:56 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3198401371-966965265-1492882394-1001
2021-08-22 18:18 - 2020-11-19 06:58 - 000002379 _____ C:\Users\sykor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-19 17:22 - 2021-01-24 21:12 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-08-19 16:25 - 2021-01-05 16:54 - 000000000 ____D C:\Users\sykor\AppData\Local\D3DSCache
2021-08-19 14:06 - 2021-01-05 18:16 - 000002500 _____ C:\Users\sykor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-08-19 14:06 - 2021-01-05 18:16 - 000002463 _____ C:\Users\sykor\Desktop\Google Chrome.lnk
2021-08-19 14:05 - 2020-05-13 05:21 - 000003584 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-19 14:05 - 2020-05-13 05:21 - 000003460 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-14 00:01 - 2020-05-13 05:18 - 000439896 _____ C:\Windows\system32\FNTCACHE.DAT
2021-08-14 00:00 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\UNP
2021-08-14 00:00 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-08-14 00:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-08-14 00:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2021-08-14 00:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2021-08-14 00:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2021-08-14 00:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellComponents
2021-08-14 00:00 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2021-08-14 00:00 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\servicing
2021-08-13 19:10 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2021-08-13 18:42 - 2021-01-12 09:04 - 000000000 ____D C:\Windows\system32\MRT
2021-08-13 18:33 - 2021-01-12 09:04 - 133215968 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-09-2021
Ran by sykor (06-09-2021 09:47:31)
Running from C:\Users\sykor\Desktop
Windows 10 Home Version 21H1 19043.1165 (X64) (2020-11-19 04:41:15)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3198401371-966965265-1492882394-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3198401371-966965265-1492882394-503 - Limited - Disabled)
Guest (S-1-5-21-3198401371-966965265-1492882394-501 - Limited - Disabled)
sykor (S-1-5-21-3198401371-966965265-1492882394-1001 - Administrator - Enabled) => C:\Users\sykor
WDAGUtilityAccount (S-1-5-21-3198401371-966965265-1492882394-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Google Chrome (HKU\S-1-5-21-3198401371-966965265-1492882394-1001\...\Google Chrome) (Version: 92.0.4515.159 - Google LLC)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.14326.20238 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 93.0.961.38 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 93.0.961.38 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3198401371-966965265-1492882394-1001\...\OneDriveSetup.exe) (Version: 21.150.0725.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{852D8FE5-BC66-4061-B1C4-CADF51E5B27D}) (Version: 2.82.0.0 - Microsoft Corporation)
Movavi Video Editor Plus 2021 (HKU\S-1-5-21-3198401371-966965265-1492882394-1001\...\Movavi Video Editor Plus 2021) (Version: 21.3.0 - Movavi)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14326.20238 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14326.20238 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.621 - McAfee, LLC)
Zoom (HKU\S-1-5-21-3198401371-966965265-1492882394-1001\...\ZoomUMX) (Version: 5.6.3 (751) - Zoom Video Communications, Inc.)
Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.45012.0_x64__0a9344xs7nr4m [2021-07-06] (Advanced Micro Devices Inc.) [Startup Task]
AMD Radeon™ Settings Lite -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.59462344778C5_10.19.10006.0_x64__0a9344xs7nr4m [2021-01-05] (Advanced Micro Devices Inc.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1200.9.118.0_x64__8xx8rvfyw5nnt [2021-09-06] (Facebook Inc) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-01-09] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-01-09] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-06] (Microsoft Studios) [MS Ad]
MyASUS -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.0.19.0_x64__qmba6cd70vzyy [2021-08-19] (ASUSTeK COMPUTER INC.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.26.250.0_x64__dt26b99r8h8gj [2021-07-21] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0 [2021-09-06] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3198401371-966965265-1492882394-1001_Classes\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 -> C:\Users\sykor\AppData\Local\Google\Update\1.3.36.102\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3198401371-966965265-1492882394-1001_Classes\CLSID\{8B480070-D37D-4090-A063-7A429F849652}\InprocServer32 -> C:\Users\sykor\AppData\Local\Google\Update\1.3.36.92\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3198401371-966965265-1492882394-1001_Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\localserver32 -> C:\Users\sykor\AppData\Local\Google\Chrome\Application\92.0.4515.159\notification_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3198401371-966965265-1492882394-1001_Classes\CLSID\{BE5C2E39-090F-46A2-AFAA-47540743B4FE}\InprocServer32 -> C:\Users\sykor\AppData\Local\Google\Update\1.3.36.102\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3198401371-966965265-1492882394-1001_Classes\CLSID\{CA8FA699-91CD-412F-9D13-9B1222F4370E}\InprocServer32 -> C:\Users\sykor\AppData\Local\Google\Update\1.3.36.82\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3198401371-966965265-1492882394-1001_Classes\CLSID\{CA919489-0396-4164-A6E7-94CDED45A707}\InprocServer32 -> C:\Users\sykor\AppData\Local\Google\Update\1.3.36.52\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3198401371-966965265-1492882394-1001_Classes\CLSID\{DEDF773D-E27B-485E-8E7D-85C5B0EB5A67}\InprocServer32 -> C:\Users\sykor\AppData\Local\Google\Update\1.3.36.72\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3198401371-966965265-1492882394-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\sykor\AppData\Local\Google\Update\1.3.36.102\psuser_64.dll (Google LLC -> Google LLC)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Windows\System32\atiacm64.dll [2021-03-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\sykor\AppData\Local\Microsoft\Edge\User Data\Default\Profil 1 - Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) =============
2020-05-13 05:22 - 2020-05-13 05:22 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2020-05-13 05:22 - 2020-05-13 05:22 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-3198401371-966965265-1492882394-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=ASTE
HKU\S-1-5-21-3198401371-966965265-1492882394-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msn.com/?pc=ASTE
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-08-24] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-08-24] (McAfee, LLC -> McAfee, LLC)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3198401371-966965265-1492882394-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\asus\wallpapers\asus.jpg
DNS Servers: 172.20.10.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{AF32990D-2B76-475D-94BA-AA046798DBB9}C:\users\sykor\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\sykor\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{E3A0C2CB-E1E4-4BCE-8E58-CFAD021F1672}C:\users\sykor\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\sykor\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{92C7001C-DBCD-4C11-A189-B5743E88D551}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{65C63F22-6E40-4F48-A47B-DF73DACF2CA5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3219D60F-B300-4B1D-B300-5D3A4D1EE162}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6E5F308F-CBC9-4A66-80DF-7775235EEC82}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{37EE7795-DD9F-4355-B5E5-02368CDBB0EB}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{5E35FF8A-4231-4F01-857F-7718E6C3271B}C:\users\sykor\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\sykor\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{80B358E8-8C5E-40DB-A363-14D6922DEF58}C:\users\sykor\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\sykor\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{0125E3FD-C2B6-4B2C-8903-DFA76A4D2A3C}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\93.0.961.38\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BE4B6034-62C8-4D84-AF89-9F27C3D60E42}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{86842F0D-2D46-41A6-854B-373705EF86A7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{43B8A4E7-D85C-4256-B659-80A0085993EA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7F5B6242-E808-40FC-A222-4BE6C9B04F88}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{06FA0807-4CF4-4637-B1D0-472F55B2065F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3D003A63-6234-46F1-A846-7A08C3FD1F6C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{454D02C5-44B0-44E1-A0A8-069B598DCB3F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9AB32246-62F6-4131-95ED-A24F2297780A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F6ECE7E9-1D0D-48CF-A2FC-B86338798CAE}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSLinkNear\AsusLinkNear.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{D52E43D3-73F5-49AC-9711-6D3082DAC2C8}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{C228FF76-3CD2-4D1B-9215-236E1366B0C1}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_31188efe6ea572b9\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
==================== Restore Points =========================
13-08-2021 18:42:12 Instalační služba modulů systému Windows
24-08-2021 12:35:05 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (08/26/2021 12:25:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RtkAudUService64.exe, verze: 1.0.379.1, časové razítko: 0x609a471c
Název chybujícího modulu: combase.dll, verze: 10.0.19041.1081, časové razítko: 0x473ce9d1
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000cc84b
ID chybujícího procesu: 0xdc0
Čas spuštění chybující aplikace: 0x01d799085e362124
Cesta k chybující aplikaci: C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_6903f1a9d3b68dab\RtkAudUService64.exe
Cesta k chybujícímu modulu: C:\Windows\System32\combase.dll
ID zprávy: 1508e5bb-a4ae-42f9-8fa6-e04c06bc1226
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (08/26/2021 12:25:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RtkAudUService64.exe, verze: 1.0.379.1, časové razítko: 0x609a471c
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x000001b950befae0
ID chybujícího procesu: 0xdc0
Čas spuštění chybující aplikace: 0x01d799085e362124
Cesta k chybující aplikaci: C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_6903f1a9d3b68dab\RtkAudUService64.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 40ace8c8-62b9-4a22-ae6c-e59bee061656
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (08/24/2021 06:43:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program RtkUWP.exe verze 1.26.250.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 2378
Čas spuštění: 01d790d929eda46a
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.26.250.0_x64__dt26b99r8h8gj\RtkUWP.exe
ID hlášení: f37b5c5b-277a-45c7-a858-88f4d3cc763b
Úplný název balíčku s chybou: RealtekSemiconductorCorp.RealtekAudioControl_1.26.250.0_x64__dt26b99r8h8gj
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (08/24/2021 06:43:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program StartMenuExperienceHost.exe verze 0.0.0.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 22c8
Čas spuštění: 01d7908ee9858eb8
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
ID hlášení: 42ded614-c1d3-4d2f-927f-7825d3b89006
Úplný název balíčku s chybou: Microsoft.Windows.StartMenuExperienceHost_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (08/20/2021 11:00:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GameBar.exe, verze: 5.721.8052.0, časové razítko: 0x610c90c0
Název chybujícího modulu: GameBar.exe, verze: 5.721.8052.0, časové razítko: 0x610c90c0
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000002f726
ID chybujícího procesu: 0x3a6c
Čas spuštění chybující aplikace: 0x01d795a1cf92c9b8
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.8052.0_x64__8wekyb3d8bbwe\GameBar.exe
Cesta k chybujícímu modulu: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.8052.0_x64__8wekyb3d8bbwe\GameBar.exe
ID zprávy: 12c79dc1-5b9a-4625-96fe-3c67ad59e940
Úplný název chybujícího balíčku: Microsoft.XboxGamingOverlay_5.721.8052.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App
Error: (07/17/2021 08:48:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RtkAudUService64.exe, verze: 1.0.288.1, časové razítko: 0x5ed5ffea
Název chybujícího modulu: combase.dll, verze: 10.0.19041.1052, časové razítko: 0x30807450
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000cc91b
ID chybujícího procesu: 0xe20
Čas spuštění chybující aplikace: 0x01d7729a15b2b953
Cesta k chybující aplikaci: C:\Windows\system32\RtkAudUService64.exe
Cesta k chybujícímu modulu: C:\Windows\System32\combase.dll
ID zprávy: 67d182cf-edfc-4022-a30e-6c9403cb5960
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (07/17/2021 08:48:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RtkAudUService64.exe, verze: 1.0.288.1, časové razítko: 0x5ed5ffea
Název chybujícího modulu: RtkAudUService64.exe, verze: 1.0.288.1, časové razítko: 0x5ed5ffea
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000065063
ID chybujícího procesu: 0xe20
Čas spuštění chybující aplikace: 0x01d7729a15b2b953
Cesta k chybující aplikaci: C:\Windows\system32\RtkAudUService64.exe
Cesta k chybujícímu modulu: C:\Windows\system32\RtkAudUService64.exe
ID zprávy: f069abc4-5f74-4a1d-8087-013d07a83335
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (06/13/2021 06:21:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RtkAudUService64.exe, verze: 1.0.288.1, časové razítko: 0x5ed5ffea
Název chybujícího modulu: combase.dll, verze: 10.0.19041.1052, časové razítko: 0x30807450
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000cc91b
ID chybujícího procesu: 0xfd8
Čas spuštění chybující aplikace: 0x01d75fd491311a66
Cesta k chybující aplikaci: C:\Windows\system32\RtkAudUService64.exe
Cesta k chybujícímu modulu: C:\Windows\System32\combase.dll
ID zprávy: 46ce7725-bd68-46a1-a892-0c04397b98bb
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (09/06/2021 08:17:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Error: (09/06/2021 08:17:01 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\sykor\AppData\Local\Temp\ehdrv.sys
Error: (09/06/2021 08:17:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Error: (09/06/2021 08:17:01 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\sykor\AppData\Local\Temp\ehdrv.sys
Error: (09/06/2021 08:17:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Error: (09/06/2021 08:17:01 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\sykor\AppData\Local\Temp\ehdrv.sys
Error: (09/06/2021 08:17:00 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Error: (09/06/2021 08:17:00 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\sykor\AppData\Local\Temp\ehdrv.sys
Windows Defender:
================
Date: 2021-08-29 20:11:38
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {7A636122-75AC-497B-A9ED-8B954FA3EF1D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-08-28 16:02:30
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {743CDECC-E2BA-4B6C-A0E3-0022255D2DDF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-08-27 10:40:25
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {14595E82-331F-4953-A98B-38E008DF55F7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-08-24 21:38:05
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {666F0A29-07E0-4A6C-B10A-A2BE5CFF586C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-08-24 11:18:39
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {EF4A77FD-E936-4808-8C3D-D3C611651747}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-06-29 16:06:06
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.343.25.0
Předchozí verze bezpečnostních informací: 1.341.1614.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-06-29 16:06:06
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.343.25.0
Předchozí verze bezpečnostních informací: 1.341.1614.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-06-29 16:06:06
Description:
Program Antivirová ochrana v programu Microsoft Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-06-04 16:28:26
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.341.54.0
Předchozí verze bezpečnostních informací: 1.339.1950.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18200.4
Předchozí verze modulu: 1.1.18100.6
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-06-04 16:28:26
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.341.54.0
Předchozí verze bezpečnostních informací: 1.339.1950.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18200.4
Předchozí verze modulu: 1.1.18100.6
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
CodeIntegrity:
===============
Date: 2021-09-06 09:23:37
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Microsoft signing level requirements.
Date: 2021-09-06 08:12:48
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. X509DAP.300 01/08/2020
Motherboard: ASUSTeK COMPUTER INC. X509DAP
Processor: AMD Ryzen 3 3250U with Radeon Graphics
Percentage of memory in use: 61%
Total physical RAM: 6094.18 MB
Available physical RAM: 2338.08 MB
Total Virtual: 14030.18 MB
Available Virtual: 9604.65 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:475.89 GB) (Free:370.53 GB) NTFS
\\?\Volume{53b13df2-674c-4542-88d8-d9d8ae5312f5}\ (RECOVERY) (Fixed) (Total:0.78 GB) (Free:0.11 GB) NTFS
\\?\Volume{b194e1e3-e0ab-4656-880a-a515f82c5ded}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: BE2260F2)
Partition: GPT.
==================== End of Addition.txt =======================
