VIRY.CZ

Zdravím ,využití procesoru velmi vysoké i když je spuštěn pouze Windows.., dnes ráno použití nástroje pro obnovení systému , ale zdá se mi , že to nepomohlo ...

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-09-2021 02
Ran by k08ik (administrator) on DESKTOP-QRU1R0I (Acer Aspire E1-531) (01-10-2021 23:24:31)
Running from C:\Users\k08ik\Desktop
Loaded Profiles: k08ik
Platform: Windows 10 Home Version 21H1 19043.1237 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <9>
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\k08ik\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowsstore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CredentialEnrollmentManager.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\NisSrv.exe
(Notepad++ -> Don HO don.h@free.fr) C:\Program Files\Notepad++\notepad++.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13653208 2013-09-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKU\S-1-5-21-63133299-3127860021-3020444460-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\k08ik\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-63133299-3127860021-3020444460-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\k08ik\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\94.0.4606.71\Installer\chrmstp.exe [2021-10-01] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0A167680-FC7C-4603-BC2A-5699A146AA85} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-10-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3B2ACF3D-906E-4F89-A081-24280DEFE0A4} - System32\Tasks\AVG\Overseer => C:\Windows\OEM\CustomizationFiles\Overseer.exe [1815352 2021-10-01] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {3F32C23E-BB49-4749-8DA5-410304C14634} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-10-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6806969E-A8EB-4DA4-A0A3-DFA1493E5C05} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-10-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7D4BF4F1-4E86-423E-AB29-56B432AEF460} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-01] (Google LLC -> Google LLC)
Task: {8977863A-2AA5-442C-A040-DDC420EBEBAB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-01] (Google LLC -> Google LLC)
Task: {CECD55E2-7E9F-41D2-AF0A-D883715B560A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-10-01] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{dc0a2f1a-4531-49cf-87f3-a4e1d7ef6e8e}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge Profile: C:\Users\k08ik\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-01]

Chrome:
=======
CHR Profile: C:\Users\k08ik\AppData\Local\Google\Chrome\User Data\Default [2021-10-01]
CHR Extension: (Prezentace) - C:\Users\k08ik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-10-01]
CHR Extension: (Dokumenty) - C:\Users\k08ik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-10-01]
CHR Extension: (Disk Google) - C:\Users\k08ik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-10-01]
CHR Extension: (YouTube) - C:\Users\k08ik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-10-01]
CHR Extension: (Tabulky) - C:\Users\k08ik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-10-01]
CHR Extension: (Dokumenty Google offline) - C:\Users\k08ik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\k08ik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-01]
CHR Extension: (Gmail) - C:\Users\k08ik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-10-01]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2108.7-0\NisSrv.exe [2772856 2021-10-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2108.7-0\MsMpEng.exe [136640 2021-10-01] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-10-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [433384 2021-10-01] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86264 2021-10-01] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Three months (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-10-01 23:24 - 2021-10-01 23:25 - 000009245 _____ C:\Users\k08ik\Desktop\FRST.txt
2021-10-01 22:33 - 2021-10-01 22:34 - 000000000 ____D C:\Users\k08ik\AppData\Roaming\Notepad++
2021-10-01 22:33 - 2021-10-01 22:33 - 000000887 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2021-10-01 22:33 - 2021-10-01 22:33 - 000000875 _____ C:\Users\Public\Desktop\Notepad++.lnk
2021-10-01 22:33 - 2021-10-01 22:33 - 000000000 ____D C:\Program Files\Notepad++
2021-10-01 22:32 - 2021-10-01 22:32 - 004338784 _____ (Don HO don.h@free.fr) C:\Users\k08ik\Downloads\npp.8.1.5.Installer.x64.exe
2021-10-01 22:02 - 2021-10-01 22:27 - 000018250 _____ C:\Users\k08ik\Desktop\Shortcut.txt
2021-10-01 22:00 - 2021-10-01 22:27 - 000015417 _____ C:\Users\k08ik\Desktop\Addition.txt
2021-10-01 21:49 - 2021-10-01 23:24 - 000000000 ____D C:\FRST
2021-10-01 21:47 - 2021-10-01 21:47 - 002304512 _____ (Farbar) C:\Users\k08ik\Desktop\FRST64.exe
2021-10-01 18:30 - 2021-10-01 18:30 - 000000000 ___HD C:\$WinREAgent
2021-10-01 18:30 - 2021-10-01 18:30 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-10-01 18:29 - 2021-10-01 18:30 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-10-01 14:06 - 2021-10-01 14:06 - 001341272 _____ (Google LLC) C:\Users\k08ik\Downloads\ChromeSetup (1).exe
2021-10-01 13:54 - 2021-10-01 14:07 - 000002329 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-10-01 13:54 - 2021-10-01 14:07 - 000002288 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-10-01 13:53 - 2021-10-01 13:53 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-10-01 13:53 - 2021-10-01 13:53 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-10-01 13:53 - 2021-10-01 13:53 - 000000000 ____D C:\Program Files\Google
2021-10-01 13:52 - 2021-10-01 22:58 - 000000000 ____D C:\Program Files (x86)\Google
2021-10-01 13:52 - 2021-10-01 14:00 - 000000000 ____D C:\Users\k08ik\AppData\Local\Google
2021-10-01 13:52 - 2021-10-01 13:52 - 001341272 _____ (Google LLC) C:\Users\k08ik\Downloads\ChromeSetup.exe
2021-10-01 13:40 - 2021-10-01 13:40 - 000000000 ____D C:\Users\k08ik\AppData\Local\Comms
2021-10-01 13:35 - 2021-10-01 13:35 - 000000000 ____D C:\Users\k08ik\AppData\Local\D3DSCache
2021-10-01 13:27 - 2021-10-01 13:47 - 000000000 ____D C:\Users\k08ik\AppData\Local\PlaceholderTileLogoFolder
2021-10-01 13:25 - 2021-10-01 13:26 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-63133299-3127860021-3020444460-1001
2021-10-01 13:25 - 2021-10-01 13:25 - 000000000 ___RD C:\Users\k08ik\OneDrive
2021-10-01 13:24 - 2021-10-01 13:24 - 000001339 _____ C:\Users\k08ik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Správce zvuku Realtek HD.lnk
2021-10-01 13:24 - 2021-10-01 13:24 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-10-01 13:23 - 2021-10-01 13:47 - 000000000 ____D C:\ProgramData\Packages
2021-10-01 13:23 - 2021-10-01 13:23 - 000000000 ____D C:\Users\k08ik\AppData\Local\Publishers
2021-10-01 13:22 - 2021-10-01 13:47 - 000000000 ____D C:\Users\k08ik\AppData\Local\Packages
2021-10-01 13:22 - 2021-10-01 13:24 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-10-01 13:22 - 2021-10-01 13:23 - 000000000 ____D C:\Users\k08ik\AppData\Local\ConnectedDevicesPlatform
2021-10-01 13:22 - 2021-10-01 13:22 - 000000000 ___RD C:\Users\k08ik\3D Objects
2021-10-01 13:22 - 2021-10-01 13:22 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG
2021-10-01 13:22 - 2021-10-01 13:22 - 000000000 ____D C:\Users\k08ik\AppData\Local\VirtualStore
2021-10-01 13:12 - 2021-10-01 13:26 - 000002371 _____ C:\Users\k08ik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-10-01 13:12 - 2021-10-01 13:25 - 000000000 ____D C:\Users\k08ik
2021-10-01 13:12 - 2021-10-01 13:12 - 000000020 ___SH C:\Users\k08ik\ntuser.ini
2021-10-01 13:12 - 2021-10-01 13:12 - 000000000 _SHDL C:\Users\k08ik\Šablony
2021-10-01 13:12 - 2021-10-01 13:12 - 000000000 _SHDL C:\Users\k08ik\Soubory cookie
2021-10-01 13:12 - 2021-10-01 13:12 - 000000000 _SHDL C:\Users\k08ik\Poslední
2021-10-01 13:12 - 2021-10-01 13:12 - 000000000 _SHDL C:\Users\k08ik\Okolní tiskárny
2021-10-01 13:12 - 2021-10-01 13:12 - 000000000 _SHDL C:\Users\k08ik\Okolní síť
2021-10-01 13:12 - 2021-10-01 13:12 - 000000000 _SHDL C:\Users\k08ik\Nabídka Start
2021-10-01 13:12 - 2021-10-01 13:12 - 000000000 _SHDL C:\Users\k08ik\Dokumenty
2021-10-01 13:12 - 2021-10-01 13:12 - 000000000 _SHDL C:\Users\k08ik\Documents\Obrázky
2021-10-01 13:12 - 2021-10-01 13:12 - 000000000 _SHDL C:\Users\k08ik\Documents\Hudba
2021-10-01 13:12 - 2021-10-01 13:12 - 000000000 _SHDL C:\Users\k08ik\Documents\Filmy
2021-10-01 13:12 - 2021-10-01 13:12 - 000000000 _SHDL C:\Users\k08ik\Data aplikací
2021-10-01 13:12 - 2021-10-01 13:12 - 000000000 _SHDL C:\Users\k08ik\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2021-10-01 13:12 - 2021-10-01 13:12 - 000000000 _SHDL C:\Users\k08ik\AppData\Local\Data aplikací
2021-10-01 12:14 - 2021-10-01 12:55 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Public\Documents\Obrázky
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Public\Documents\Hudba
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Public\Documents\Filmy
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Default\Šablony
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Default\Poslední
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Default\Okolní síť
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Default\Dokumenty
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Default\Documents\Obrázky
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Default\Documents\Hudba
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Default\Documents\Filmy
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Default\Data aplikací
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Default User
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\All Users
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\ProgramData\Šablony
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\ProgramData\Plocha
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\ProgramData\Dokumenty
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\ProgramData\Data aplikací
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Documents and Settings
2021-10-01 12:01 - 2021-10-01 22:45 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-10-01 12:01 - 2021-10-01 22:45 - 000002284 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-10-01 12:01 - 2021-10-01 22:37 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-01 12:01 - 2021-10-01 22:37 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-10-01 12:01 - 2021-10-01 12:01 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2021-10-01 12:01 - 2021-10-01 12:01 - 000000000 ____H C:\ProgramData\DP45977C.lfl
2021-10-01 12:01 - 2021-10-01 12:01 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2021-10-01 12:01 - 2021-10-01 12:01 - 000000000 ____D C:\Program Files\Realtek
2021-10-01 12:01 - 2021-10-01 12:01 - 000000000 ____D C:\Intel
2021-10-01 11:59 - 2021-10-01 20:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-10-01 11:59 - 2021-10-01 13:29 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-10-01 11:59 - 2021-10-01 12:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-10-01 11:59 - 2021-10-01 11:59 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-10-01 11:58 - 2021-10-01 12:09 - 000008192 ___SH C:\DumpStack.log.tmp
2021-10-01 11:58 - 2021-10-01 11:59 - 000258960 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-10-01 06:29 - 2021-10-01 06:29 - 000000000 ____D C:\WINDOWS\OEM
2021-10-01 06:28 - 2021-10-01 12:10 - 000000000 ____D C:\WINDOWS\Panther
2021-10-01 06:18 - 2021-10-01 12:10 - 000000000 ____D C:\Windows.old
2021-10-01 06:18 - 2021-10-01 06:18 - 000000000 ____D C:\Program Files\Elantech
2021-10-01 06:17 - 2021-10-01 06:17 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-10-01 06:16 - 2021-10-01 06:16 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2021-10-01 06:16 - 2021-10-01 06:16 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2021-10-01 06:16 - 2021-10-01 06:16 - 000000000 ____D C:\WINDOWS\Setup
2021-10-01 06:16 - 2021-10-01 06:16 - 000000000 ____D C:\WINDOWS\OCR
2021-10-01 06:15 - 2021-10-01 12:55 - 000683426 _____ C:\WINDOWS\system32\perfh005.dat
2021-10-01 06:15 - 2021-10-01 12:55 - 000137206 _____ C:\WINDOWS\system32\perfc005.dat
2021-10-01 06:15 - 2021-10-01 06:15 - 000296964 _____ C:\WINDOWS\system32\perfi005.dat
2021-10-01 06:15 - 2021-10-01 06:15 - 000038778 _____ C:\WINDOWS\system32\perfd005.dat
2021-10-01 06:15 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2021-10-01 06:15 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2021-10-01 06:15 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2021-10-01 06:15 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2021-10-01 06:15 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2021-10-01 06:15 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2021-10-01 06:15 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\SysWOW64\0409
2021-10-01 06:15 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\system32\winrm
2021-10-01 06:15 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\system32\WCN
2021-10-01 06:15 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\system32\slmgr
2021-10-01 06:15 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2021-10-01 06:15 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\system32\cs
2021-10-01 06:15 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\system32\0409
2021-10-01 06:15 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\DigitalLocker
2021-10-01 06:11 - 2021-10-01 06:07 - 000215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2021-10-01 06:11 - 2021-10-01 06:07 - 000003103 _____ C:\WINDOWS\SysWOW64\mmc.exe.config
2021-10-01 06:11 - 2021-10-01 06:07 - 000000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2021-10-01 06:10 - 2021-10-01 23:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-10-01 06:10 - 2021-10-01 22:45 - 000000000 ___HD C:\Program Files\WindowsApps
2021-10-01 06:10 - 2021-10-01 22:45 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-10-01 06:10 - 2021-10-01 13:52 - 000000000 ___RD C:\Program Files (x86)
2021-10-01 06:10 - 2021-10-01 13:40 - 000000000 ____D C:\WINDOWS\ServiceState
2021-10-01 06:10 - 2021-10-01 13:39 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-10-01 06:10 - 2021-10-01 13:27 - 000000000 ____D C:\Program Files\Windows Defender
2021-10-01 06:10 - 2021-10-01 13:23 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-10-01 06:10 - 2021-10-01 13:12 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-10-01 06:10 - 2021-10-01 13:05 - 000000000 ____D C:\ProgramData\USOPrivate
2021-10-01 06:10 - 2021-10-01 12:11 - 000000000 ____D C:\WINDOWS\system32\spool
2021-10-01 06:10 - 2021-10-01 12:09 - 000000000 ____D C:\Program Files\Windows NT
2021-10-01 06:10 - 2021-10-01 12:01 - 000000000 ____D C:\WINDOWS\appcompat
2021-10-01 06:10 - 2021-10-01 06:27 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ___SD C:\WINDOWS\system32\dsc
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\system32\setup
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\system32\MUI
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\system32\Com
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\IME
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\Help
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\Program Files\Common Files\System
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\Program Files (x86)\Windows NT
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-10-01 06:10 - 2021-10-01 06:11 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui
2021-10-01 06:10 - 2021-10-01 06:11 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-10-01 06:10 - 2021-10-01 06:11 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-10-01 06:10 - 2021-10-01 06:11 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2021-10-01 06:10 - 2021-10-01 06:11 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-10-01 06:10 - 2021-10-01 06:11 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml
2021-10-01 06:10 - 2021-10-01 06:11 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2021-10-01 06:10 - 2021-10-01 06:11 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2021-10-01 06:10 - 2021-10-01 06:11 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 __SHD C:\Program Files\Windows Sidebar
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 __RSD C:\WINDOWS\Media
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 __RHD C:\Users\Public\Libraries
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ___SD C:\WINDOWS\system32\Nui
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ___SD C:\WINDOWS\system32\Configuration
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ___HD C:\WINDOWS\LanguageOverlayCache
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\Web
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\WaaS
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\Vss
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\tracing
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\TAPI
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\SysWOW64\ras
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Msdtc
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\SystemResources
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\SystemApps
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\winevt
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\ti-et
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\ta-lk
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\ta-in
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\si-lk
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\ras
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\ProximityToast
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\PointOfService
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\osa-Osge-001
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\my-mm
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\Macromed
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\Ipmi
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\IME
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\icsxml
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\ias
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\Hydrogen
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\GroupPolicyUsers
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\ff-Adlm-SN
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\DriverState
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\downlevel
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\DDFs
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\ContainerSettingsProviders
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\config\TxR
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\config\RegBack
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\config\Journal
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\Bthprops
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\am-et
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\System
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\SKB
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\schemas
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\SchCache
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\security
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\Resources
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\rescache
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\Registration
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\Provisioning
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\PLA
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\Performance
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\ModemLogs
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\L2Schemas
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\InputMethod
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\IdentityCRL
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\Globalization
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\Cursors
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\Containers
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\Branding
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\ProgramData\USOShared
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\Program Files\Windows Security
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\Program Files\Windows Portable Devices
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\Program Files\ModifiableWindowsApps
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\Program Files\Common Files\Services
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2021-10-01 06:10 - 2021-10-01 06:07 - 000215943 _____ C:\WINDOWS\system32\dssec.dat
2021-10-01 06:10 - 2021-10-01 06:07 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-10-01 06:10 - 2021-10-01 06:07 - 000017635 _____ C:\WINDOWS\system32\Drivers\etc\services
2021-10-01 06:10 - 2021-10-01 06:07 - 000003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2021-10-01 06:10 - 2021-10-01 06:07 - 000003103 _____ C:\WINDOWS\system32\mmc.exe.config
2021-10-01 06:10 - 2021-10-01 06:07 - 000001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol
2021-10-01 06:10 - 2021-10-01 06:07 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2021-10-01 06:10 - 2021-10-01 06:07 - 000000741 _____ C:\WINDOWS\system32\NOISE.DAT
2021-10-01 06:10 - 2021-10-01 06:07 - 000000407 _____ C:\WINDOWS\system32\Drivers\etc\networks
2021-10-01 06:10 - 2021-10-01 06:07 - 000000219 _____ C:\WINDOWS\system.ini
2021-10-01 06:10 - 2021-10-01 06:07 - 000000092 _____ C:\WINDOWS\win.ini
2021-10-01 06:08 - 2021-10-01 18:31 - 000000000 ____D C:\WINDOWS\INF
2021-10-01 06:00 - 2021-10-01 18:39 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-10-01 05:53 - 2021-10-01 18:39 - 000000000 ____D C:\WINDOWS\servicing
2021-10-01 05:53 - 2021-10-01 13:26 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-10-01 05:53 - 2021-10-01 12:08 - 068157440 _____ C:\WINDOWS\system32\config\SOFTWARE
2021-10-01 05:53 - 2021-10-01 12:08 - 013631488 _____ C:\WINDOWS\system32\config\SYSTEM
2021-10-01 05:53 - 2021-10-01 12:08 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-10-01 05:53 - 2021-10-01 12:08 - 000262144 _____ C:\WINDOWS\system32\config\DEFAULT
2021-10-01 05:53 - 2021-10-01 12:08 - 000131072 _____ C:\WINDOWS\system32\config\SAM
2021-10-01 05:53 - 2021-10-01 12:08 - 000032768 _____ C:\WINDOWS\system32\config\SECURITY
2021-10-01 05:53 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\SMI
2021-10-01 05:50 - 2021-10-01 12:58 - 000000000 ___HD C:\$SysReset
2021-09-15 10:25 - 2021-09-15 10:25 - 000672768 ____N C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-09-15 10:25 - 2021-09-15 10:25 - 000452096 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-09-15 10:24 - 2021-09-15 10:24 - 002111488 ____N (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll
2021-09-15 10:24 - 2021-09-15 10:24 - 001333760 ____N C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-09-15 10:24 - 2021-09-15 10:24 - 001313608 ____N (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-09-15 10:24 - 2021-09-15 10:24 - 001164288 ____N C:\WINDOWS\system32\MBR2GPT.EXE
2021-09-15 10:24 - 2021-09-15 10:24 - 000570368 ____N (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-09-15 10:24 - 2021-09-15 10:24 - 000426496 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-09-15 10:24 - 2021-09-15 10:24 - 000223744 ____N C:\WINDOWS\SysWOW64\TpmTool.exe
2021-09-15 10:24 - 2021-09-15 10:24 - 000147456 ____N (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2021-09-15 10:24 - 2021-09-15 10:24 - 000122880 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2021-09-15 10:24 - 2021-09-15 10:24 - 000011355 ____N C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-09-15 10:23 - 2021-09-15 10:23 - 002295296 ____N (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll
2021-09-15 10:23 - 2021-09-15 10:23 - 002260992 ____N C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-09-15 10:23 - 2021-09-15 10:23 - 001823304 ____N (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-09-15 10:23 - 2021-09-15 10:23 - 001393480 ____N (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-09-15 10:23 - 2021-09-15 10:23 - 000098816 ____N C:\WINDOWS\system32\Drivers\cimfs.sys
2021-09-15 10:22 - 2021-09-15 10:22 - 000566784 ____N (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-09-15 10:22 - 2021-09-15 10:22 - 000272384 ____N C:\WINDOWS\system32\TpmTool.exe
2021-09-15 10:22 - 2021-09-15 10:22 - 000162816 ____N C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-08-13 02:45 - 2021-08-13 02:45 - 002755584 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-08-13 02:44 - 2021-08-13 02:44 - 002755584 ____N (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-08-13 02:43 - 2021-08-13 02:43 - 000288768 ____N C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-07-15 03:56 - 2021-07-15 03:56 - 000007680 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-07-15 03:56 - 2021-07-15 03:56 - 000007680 ____N (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-07-15 03:56 - 2021-07-15 03:56 - 000006656 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-07-15 03:56 - 2021-07-15 03:56 - 000006656 ____N (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2021-07-07 19:23 - 2021-07-07 19:23 - 002371072 ____N C:\WINDOWS\system32\rdpnano.dll
2021-07-07 19:23 - 2021-07-07 19:23 - 000084992 ____N (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-07-07 19:23 - 2021-07-07 19:23 - 000067584 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-07-07 19:22 - 2021-07-07 19:22 - 000060928 ____N C:\WINDOWS\system32\runexehelper.exe

==================== Three months (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)


==================== SigCheckExt =========================

2021-10-01 21:47 - 2021-10-01 21:47 - 002304512 _____ (Farbar) C:\Users\k08ik\Desktop\FRST64.exe

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


==================== BCD ================================

Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=\Device\HarddiskVolume1
description Windows Boot Manager
locale cs-CZ
inherit {globalsettings}
default {current}
resumeobject {9b0124f5-226e-11ec-a647-90fbd4410f82}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30

Windows Boot Loader
-------------------
identifier {current}
device partition=C:
path \WINDOWS\system32\winload.exe
description Windows 10
locale cs-CZ
inherit {bootloadersettings}
recoverysequence {e746e2e3-ded0-11ea-ab9a-9cb4751df4f5}
displaymessageoverride Recovery
recoveryenabled Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {9b0124f5-226e-11ec-a647-90fbd4410f82}
nx OptIn
bootmenupolicy Standard

Windows Boot Loader
-------------------
identifier {e746e2e3-ded0-11ea-ab9a-9cb4751df4f5}
device ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{e746e2e4-ded0-11ea-ab9a-9cb4751df4f5}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale cs-CZ
inherit {bootloadersettings}
displaymessage Recovery
displaymessageoverride PushButtonReset
osdevice ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{e746e2e4-ded0-11ea-ab9a-9cb4751df4f5}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes

Resume from Hibernate
---------------------
identifier {9b0124f5-226e-11ec-a647-90fbd4410f82}
device partition=C:
path \WINDOWS\system32\winresume.exe
description Windows Resume Application
locale cs-CZ
inherit {resumeloadersettings}
recoverysequence {e746e2e3-ded0-11ea-ab9a-9cb4751df4f5}
recoveryenabled Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No

Windows Memory Tester
---------------------
identifier {memdiag}
device partition=\Device\HarddiskVolume1
path \boot\memtest.exe
description Diagnostika pamŘti syst‚mu Windows
locale cs-CZ
inherit {globalsettings}
badmemoryaccess Yes

EMS Settings
------------
identifier {emssettings}
bootems No

Debugger Settings
-----------------
identifier {dbgsettings}
debugtype Local

RAM Defects
-----------
identifier {badmemory}

Global Settings
---------------
identifier {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Boot Loader Settings
--------------------
identifier {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Hypervisor Settings
-------------------
identifier {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Resume Loader Settings
----------------------
identifier {resumeloadersettings}
inherit {globalsettings}

Device options
--------------
identifier {e746e2e4-ded0-11ea-ab9a-9cb4751df4f5}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume3
ramdisksdipath \Recovery\WindowsRE\boot.sdi

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-09-2021 02
Ran by k08ik (01-10-2021 22:25:31)
Running from C:\Users\k08ik\Desktop
Windows 10 Home Version 21H1 19043.1237 (X64) (2021-10-01 10:10:30)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-63133299-3127860021-3020444460-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-63133299-3127860021-3020444460-503 - Limited - Disabled)
Guest (S-1-5-21-63133299-3127860021-3020444460-501 - Limited - Disabled)
k08ik (S-1-5-21-63133299-3127860021-3020444460-1001 - Administrator - Enabled) => C:\Users\k08ik
WDAGUtilityAccount (S-1-5-21-63133299-3127860021-3020444460-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 94.0.4606.71 - Google LLC)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.68 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-63133299-3127860021-3020444460-1001\...\OneDriveSetup.exe) (Version: 21.170.0822.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B981965-2FBC-433C-B4B3-E183EE97CD29}) (Version: 2.83.0.0 - Microsoft Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7040 - Realtek Semiconductor Corp.)

Packages:
=========
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-10-01] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.169.612.0_x86__zpdnekdrzrea0 [2021-10-01] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2021-10-01 06:10 - 2021-10-01 06:07 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-63133299-3127860021-3020444460-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{8C9B496F-B39D-43C2-A22C-82C8E045F8E4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8C9972F0-BEAE-4618-AF77-B7E4477CBA56}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{897CBC20-6128-42E6-A6A2-26299766616D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{443427B6-63DD-43EF-817C-BFD2CCDB0851}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{10BC7E85-304B-40AE-B72B-C63E0A5DFCE0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.169.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D4DD6A9C-D453-45A0-A8B1-06B8F5DC592D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.169.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8A1198AF-5B93-4FB2-8604-081A34C66786}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.169.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{624552F8-1BA6-444E-920B-4AEE854C7530}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.169.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5F5E603A-804A-463A-852C-299C995E60E4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.169.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3D305450-5626-403D-931F-F4F4864E3B60}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.169.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E1C68BC0-1EE0-4ECA-ACC0-86FFE9D8B6C1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.169.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EC6721BC-0FB3-45F5-AA3D-023891303917}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.169.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{42280CF8-D1FC-495E-81EA-85CCAEFAA822}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

01-10-2021 18:31:09 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (10/01/2021 01:25:04 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0x8007007B
Argument příkazového řádku:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (10/01/2021 01:25:01 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0x8007007B
Argument příkazového řádku:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=UserLogon;SessionId=2

Error: (10/01/2021 12:14:34 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0x8007267C
Argument příkazového řádku:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=TimerEvent

Error: (10/01/2021 12:03:40 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu Windows Defender na SECURITY_PRODUCT_STATE_ON došlo k chybě.


System errors:
=============
Error: (10/01/2021 12:07:32 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba seznamu sítí byla ukončena s následující chybou:
Zařízení není připraveno.

Error: (10/01/2021 12:07:32 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {A47979D2-C419-11D9-A5B4-001185AD2B89} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/01/2021 12:05:32 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba seznamu sítí byla ukončena s následující chybou:
Zařízení není připraveno.

Error: (10/01/2021 12:05:32 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {A47979D2-C419-11D9-A5B4-001185AD2B89} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/01/2021 12:03:34 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba platformy připojených zařízení závisí na službě Zprostředkovatel síťového připojení, která neuspěla při spuštění v důsledku následující chyby:
Zařízení připojené k systému nefunguje.

Error: (10/01/2021 12:03:32 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba seznamu sítí byla ukončena s následující chybou:
Zařízení není připraveno.

Error: (10/01/2021 12:03:32 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Zprostředkovatel síťového připojení byla ukončena s následující chybou:
Zařízení připojené k systému nefunguje.

Error: (10/01/2021 12:03:32 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {A47979D2-C419-11D9-A5B4-001185AD2B89} se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
================
Date: 2021-10-01 13:00:02
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 0.0.0.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 0.0.0.0
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2021-10-01 12:35:01
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 0.0.0.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 0.0.0.0
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2021-10-01 12:35:01
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 0.0.0.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 0.0.0.0
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2021-10-01 12:35:01
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 0.0.0.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 0.0.0.0
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2021-10-01 12:35:01
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 0.0.0.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 0.0.0.0
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

==================== Memory info ===========================

BIOS: Acer V1.09 07/30/2012
Motherboard: Acer EA50_HC_HR
Processor: Intel(R) Pentium(R) CPU B960 @ 2.20GHz
Percentage of memory in use: 92%
Total physical RAM: 3932.36 MB
Available physical RAM: 298.03 MB
Total Virtual: 5340.36 MB
Available Virtual: 1159.17 MB

==================== Drives ================================

Drive c: (Windows 10) (Fixed) (Total:930.45 GB) (Free:907.09 GB) NTFS

\\?\Volume{39e4c2b3-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.54 GB) (Free:0.5 GB) NTFS
\\?\Volume{39e4c2b3-0000-0000-0000-40bfe8000000}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 39E4C2B3)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=535 MB) - (Type=27)

==================== End of Addition.txt =======================


Users shortcut scan result (x64) Version: 22-09-2021 02
Ran by k08ik (01-10-2021 22:27:17)
Running from C:\Users\k08ik\Desktop
Boot Mode: Normal

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)


Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\RecoveryDrive.lnk -> C:\Windows\System32\RecoveryDrive.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Registry Editor.lnk -> C:\Windows\regedit.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Defender Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\k08ik\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\k08ik\Links\Desktop.lnk -> C:\Users\k08ik\Desktop ()
Shortcut: C:\Users\k08ik\Links\Downloads.lnk -> C:\Users\k08ik\Downloads ()
Shortcut: C:\Users\k08ik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\k08ik\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\k08ik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Správce zvuku Realtek HD.lnk -> C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
Shortcut: C:\Users\k08ik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\k08ik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\k08ik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\k08ik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\k08ik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\k08ik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\k08ik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\k08ik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\k08ik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\k08ik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\k08ik\AppData\Roaming\Microsoft\Windows\SendTo\Přenos souborů pomocí rozhraní Bluetooth.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\k08ik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\k08ik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
Shortcut: C:\Users\k08ik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\k08ik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\k08ik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\k08ik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\k08ik\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\k08ik\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\k08ik\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\k08ik\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\k08ik\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\k08ik\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\k08ik\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\k08ik\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\k08ik\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC)
Shortcut: C:\Users\Public\Desktop\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\k08ik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.AdministrativeTools
ShortcutWithArgument: C:\Users\k08ik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\k08ik\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\k08ik\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\k08ik\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\k08ik\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\k08ik\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\k08ik\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\k08ik\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\k08ik\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\k08ik\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\k08ik\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}

==================== End of Shortcut.txt =============================


Musel jsem zakázat síťový adaptér ,protože mě nechtěl nechat ani poslat či otevřít FRST ... Prve skočila chyba že je soubor s neplatnou připonou , pak že nemám oprávnění jej otevřít .... A teď po zakazani síťového adaptéru najednou FRST.txt normálně otevřu nakopiruju do prohlížečea snad nyní odešlu ....

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-09-09.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 10-02-2021
# Duration: 00:00:08
# OS: Windows 10 Home
# Scanned: 31999
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [1406 octets] - [02/10/2021 13:09:36]
AdwCleaner[C00].txt - [1596 octets] - [02/10/2021 13:11:08]
AdwCleaner_Debug.log - [2310 octets] - [02/10/2021 13:27:04]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-09-09.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-02-2021
# Duration: 00:00:06
# OS: Windows 10 Home
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete IFEO
[+] Delete Prefetch
[+] Delete Tracing Keys
[+] Reset BITS
[+] Reset Windows Firewall
[+] Reset Hosts File
[+] Reset IPSec
[+] Reset IE Policies
[+] Reset Proxy Settings
[+] Reset TCP/IP
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1406 octets] - [02/10/2021 13:09:36]
AdwCleaner[C00].txt - [1596 octets] - [02/10/2021 13:11:08]
AdwCleaner_Debug.log - [6099 octets] - [02/10/2021 13:27:04]
AdwCleaner[S01].txt - [1590 octets] - [02/10/2021 13:27:59]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
2021-10-02 11:27:04 : <INFO> [Button clicked] Glossary closed
2021-10-02 11:27:12 : <INFO> [Button clicked] Glossary closed
2021-10-02 11:27:48 : <INFO> [Button clicked] Dashboard menu item
2021-10-02 11:27:51 : <INFO> [Button clicked] Scan
2021-10-02 11:27:51 : <INFO> [Scan] Started
2021-10-02 11:27:51 : <INFO> [Database] Downloading database
2021-10-02 11:27:51 : <INFO> [Database] Checking integrity
2021-10-02 11:27:51 : <INFO> [Database] Found 2676 families
2021-10-02 11:27:51 : <INFO> [Database] Database v "2021-09-09.1"
2021-10-02 11:27:52 : <INFO> [Loading paths] Local paths loaded
2021-10-02 11:27:52 : <INFO> [Loading paths] Chrome paths loaded
2021-10-02 11:27:52 : <INFO> [Loading paths] Firefox paths loaded
2021-10-02 11:27:52 : <INFO> [Loading paths] User Keys loaded
2021-10-02 11:27:52 : <INFO> [Module initialized] "File"
2021-10-02 11:27:52 : <INFO> [Module initialized] "Folder"
2021-10-02 11:27:52 : <INFO> [Module initialized] "RegistryKey"
2021-10-02 11:27:52 : <INFO> [Module initialized] "RegistryValue"
2021-10-02 11:27:52 : <INFO> [Module initialized] "TaskName"
2021-10-02 11:27:52 : <INFO> [Module initialized] "Winlogon"
2021-10-02 11:27:52 : <INFO> [Module initialized] "Service"
2021-10-02 11:27:52 : <INFO> [Module initialized] "RegAppInit"
2021-10-02 11:27:52 : <INFO> [Module initialized] "RegClasses"
2021-10-02 11:27:52 : <INFO> [Module initialized] "DNS"
2021-10-02 11:27:52 : <INFO> [Module initialized] "RegGuid"
2021-10-02 11:27:52 : <INFO> [Module initialized] "RegFirewallPolicy"
2021-10-02 11:27:52 : <INFO> [Module initialized] "RegOther"
2021-10-02 11:27:52 : <INFO> [Module initialized] "RegIEElevationPolicy"
2021-10-02 11:27:52 : <INFO> [Module initialized] "RegProductID"
2021-10-02 11:27:52 : <INFO> [Module initialized] "RegSoftware"
2021-10-02 11:27:52 : <INFO> [Module initialized] "RegStartup"
2021-10-02 11:27:52 : <INFO> [Module initialized] "FirefoxExt"

2021-10-02 11:27:52 : <INFO> [Module initialized] "WMI"
2021-10-02 11:27:52 : <INFO> [Module initialized] "URL"
2021-10-02 11:27:52 : <INFO> [Scan] Exclusions loaded
2021-10-02 11:27:59 : <INFO> [Telemetry] Sending to Influx
2021-10-02 11:28:00 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2021-10-02 11:28:00 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2021-10-02 11:28:00 : <INFO> [SslCert] Locality Name ("Santa Clara")
2021-10-02 11:28:00 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2021-10-02 11:28:00 : <INFO> [SslCert] Certificate EffectiveDate: "pá dub 10 00:00:00 2020 GMT"
2021-10-02 11:28:00 : <INFO> [SslCert] Certificate ExpirationDate: "po kvi 23 12:00:00 2022 GMT"
2021-10-02 11:28:00 : <INFO> [SslCert] ALPN: Yes
2021-10-02 11:28:00 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2021-10-02 11:28:00 : <INFO> [SslCert] KXE: "ECDH"
2021-10-02 11:28:00 : <INFO> [SslCert] Protocol: "TLSv1.2"
2021-10-02 11:28:00 : <INFO> [Telemetry] Status code: QVariant(int, 204)
2021-10-02 11:28:00 : <INFO> [Telemetry] Sending to DSE
2021-10-02 11:28:01 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2021-10-02 11:28:01 : <INFO> [SslCert] Issued to ("telemetry.malwarebytes.com")
2021-10-02 11:28:01 : <INFO> [SslCert] Locality Name ("Santa Clara")
2021-10-02 11:28:01 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2021-10-02 11:28:01 : <INFO> [SslCert] Certificate EffectiveDate: "et oíj 22 00:00:00 2020 GMT"
2021-10-02 11:28:01 : <INFO> [SslCert] Certificate ExpirationDate: "ne oíj 24 23:59:59 2021 GMT"
2021-10-02 11:28:01 : <INFO> [SslCert] ALPN: Yes
2021-10-02 11:28:01 : <INFO> [SslCert] Cipher: "ECDHE-ECDSA-AES256-GCM-SHA384"
2021-10-02 11:28:01 : <INFO> [SslCert] KXE: "ECDH"
2021-10-02 11:28:01 : <INFO> [SslCert] Protocol: "TLSv1.2"
2021-10-02 11:28:01 : <INFO> [Telemetry] Status code: QVariant(int, 201)
2021-10-02 11:28:01 : <INFO> [Scan] Finished
2021-10-02 11:28:14 : <INFO> [Button clicked] Basic repair
2021-10-02 11:28:21 : <INFO> [Button clicked] Dialog button clicked [ 2 ]
2021-10-02 11:28:21 : <INFO> [Cleaning] Started
2021-10-02 11:28:21 : <WARNING> [Cleaning] Unable to Open process - "[System Process]" 0
2021-10-02 11:28:21 : <WARNING> [Cleaning] Unable to Open process - "System" 0
2021-10-02 11:28:21 : <WARNING> [Cleaning] Unable to Open process - "Registry" 0
2021-10-02 11:28:21 : <WARNING> [Cleaning] Unable to Open process - "Memory Compression" 0
2021-10-02 11:28:21 : <WARNING> [Cleaning] Unable to Open process - "SgrmBroker.exe" 0
2021-10-02 11:28:21 : <WARNING> [Cleaning] Unable to Open process - "SecurityHealthService.exe" 0
2021-10-02 11:28:21 : <WARNING> [Cleaning] Unable to Open process - "NisSrv.exe" 0
2021-10-02 11:28:21 : <WARNING> [Cleaning] Unable to Open process - "MpCopyAccelerator.exe" 0
2021-10-02 11:28:22 : <INFO> [Engine Additional Action] "Delete IFEO"
2021-10-02 11:28:22 : <INFO> [Engine Additional Action] "Delete Prefetch"
2021-10-02 11:28:22 : <INFO> [Engine Additional Action] "Delete Tracing Keys"
2021-10-02 11:28:26 : <INFO> [Engine Additional Action] "Reset BITS"
2021-10-02 11:28:27 : <INFO> [Engine Additional Action] "Reset Windows Firewall"
2021-10-02 11:28:27 : <INFO> [Engine Additional Action] "Reset Hosts File"
2021-10-02 11:28:27 : <INFO> [Engine Additional Action] "Reset IPSec"
2021-10-02 11:28:27 : <INFO> [Engine Additional Action] "Reset IE Policies"
2021-10-02 11:28:27 : <INFO> [Engine Additional Action] "Reset Proxy Settings"
2021-10-02 11:28:28 : <INFO> [Engine Additional Action] "Reset TCP/IP"
2021-10-02 11:28:28 : <INFO> [Engine Additional Action] "Reset Winsock"
2021-10-02 11:28:28 : <INFO> [Telemetry] Sending to Influx
2021-10-02 11:28:28 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2021-10-02 11:28:28 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2021-10-02 11:28:28 : <INFO> [SslCert] Locality Name ("Santa Clara")
2021-10-02 11:28:28 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2021-10-02 11:28:28 : <INFO> [SslCert] Certificate EffectiveDate: "pá dub 10 00:00:00 2020 GMT"
2021-10-02 11:28:28 : <INFO> [SslCert] Certificate ExpirationDate: "po kvi 23 12:00:00 2022 GMT"
2021-10-02 11:28:28 : <INFO> [SslCert] ALPN: Yes
2021-10-02 11:28:28 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2021-10-02 11:28:28 : <INFO> [SslCert] KXE: "ECDH"
2021-10-02 11:28:28 : <INFO> [SslCert] Protocol: "TLSv1.2"
2021-10-02 11:28:28 : <INFO> [Telemetry] Status code: QVariant(int, 204)
2021-10-02 11:28:28 : <INFO> [Telemetry] Sending to DSE
2021-10-02 11:28:29 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2021-10-02 11:28:29 : <INFO> [SslCert] Issued to ("telemetry.malwarebytes.com")
2021-10-02 11:28:29 : <INFO> [SslCert] Locality Name ("Santa Clara")
2021-10-02 11:28:29 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2021-10-02 11:28:29 : <INFO> [SslCert] Certificate EffectiveDate: "et oíj 22 00:00:00 2020 GMT"
2021-10-02 11:28:29 : <INFO> [SslCert] Certificate ExpirationDate: "ne oíj 24 23:59:59 2021 GMT"
2021-10-02 11:28:29 : <INFO> [SslCert] ALPN: Yes
2021-10-02 11:28:29 : <INFO> [SslCert] Cipher: "ECDHE-ECDSA-AES256-GCM-SHA384"
2021-10-02 11:28:29 : <INFO> [SslCert] KXE: "ECDH"
2021-10-02 11:28:29 : <INFO> [SslCert] Protocol: "TLSv1.2"
2021-10-02 11:28:29 : <INFO> [Telemetry] Status code: QVariant(int, 201)
2021-10-02 11:28:29 : <INFO> [Cleaning] Finished
2021-10-02 11:28:29 : <INFO> [MBBanner] Checking Iris
2021-10-02 11:28:29 : <INFO> [IRIS] Making request
2021-10-02 11:28:29 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2021-10-02 11:28:29 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2021-10-02 11:28:29 : <INFO> [SslCert] Locality Name ("Santa Clara")
2021-10-02 11:28:29 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2021-10-02 11:28:29 : <INFO> [SslCert] Certificate EffectiveDate: "pá dub 10 00:00:00 2020 GMT"
2021-10-02 11:28:29 : <INFO> [SslCert] Certificate ExpirationDate: "po kvi 23 12:00:00 2022 GMT"
2021-10-02 11:28:29 : <INFO> [SslCert] ALPN: None
2021-10-02 11:28:29 : <INFO> [SslCert] Cipher: "TLS_AES_128_GCM_SHA256"
2021-10-02 11:28:29 : <INFO> [SslCert] KXE: "any"
2021-10-02 11:28:29 : <INFO> [SslCert] Protocol: "TLSv1.3"
2021-10-02 11:28:29 : <WARNING> [File Downloader] Error downloading ( QNetworkReply::ContentNotFoundError )
2021-10-02 11:28:29 : <INFO> [IRIS] Failed
2021-10-02 11:28:38 : <INFO> [Button clicked] View Log

Žádný restart neproběhl a je normální že nemám ve Windows žádný program co otevře .txt soubory a po stažení Notepad++ když chci otevřít .txt soubor vyskočí na mě. Okno Spustit v programu : Najít program na Microsoft store (když na to kliknu nic se neděje) když kliknu na další aplikace taky se nic neděje...

To je divné. Dejte nové logy FRST+Addition.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-10-2021
Ran by k08ik (administrator) on DESKTOP-QRU1R0I (Acer Aspire E1-531) (02-10-2021 21:00:29)
Running from C:\Users\k08ik\Desktop
Loaded Profiles: k08ik
Platform: Windows 10 Home Version 21H1 19043.1237 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <24>
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowsstore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\NisSrv.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13653208 2013-09-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKU\S-1-5-21-63133299-3127860021-3020444460-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\k08ik\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-63133299-3127860021-3020444460-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\k08ik\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\94.0.4606.71\Installer\chrmstp.exe [2021-10-01] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0A167680-FC7C-4603-BC2A-5699A146AA85} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-10-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3B2ACF3D-906E-4F89-A081-24280DEFE0A4} - System32\Tasks\AVG\Overseer => C:\Windows\OEM\CustomizationFiles\Overseer.exe [1815352 2021-10-01] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {3F32C23E-BB49-4749-8DA5-410304C14634} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-10-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6806969E-A8EB-4DA4-A0A3-DFA1493E5C05} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-10-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7D4BF4F1-4E86-423E-AB29-56B432AEF460} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-01] (Google LLC -> Google LLC)
Task: {8977863A-2AA5-442C-A040-DDC420EBEBAB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-01] (Google LLC -> Google LLC)
Task: {CECD55E2-7E9F-41D2-AF0A-D883715B560A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-10-01] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{dc0a2f1a-4531-49cf-87f3-a4e1d7ef6e8e}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge Profile: C:\Users\k08ik\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-02]

Chrome:
=======
CHR Profile: C:\Users\k08ik\AppData\Local\Google\Chrome\User Data\Default [2021-10-02]
CHR Extension: (Prezentace) - C:\Users\k08ik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-10-01]
CHR Extension: (Dokumenty) - C:\Users\k08ik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-10-01]
CHR Extension: (Disk Google) - C:\Users\k08ik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-10-01]
CHR Extension: (YouTube) - C:\Users\k08ik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-10-01]
CHR Extension: (Tabulky) - C:\Users\k08ik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-10-01]
CHR Extension: (Dokumenty Google offline) - C:\Users\k08ik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\k08ik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-01]
CHR Extension: (Gmail) - C:\Users\k08ik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-10-01]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2108.7-0\NisSrv.exe [2772856 2021-10-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2108.7-0\MsMpEng.exe [136640 2021-10-01] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-10-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [433384 2021-10-01] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86264 2021-10-01] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-10-02 21:00 - 2021-10-02 21:01 - 000007999 _____ C:\Users\k08ik\Desktop\FRST.txt
2021-10-02 20:59 - 2021-10-02 20:59 - 000000000 ____D C:\Users\k08ik\Desktop\FRST-OlderVersion
2021-10-02 13:07 - 2021-10-02 13:07 - 008553680 _____ (Malwarebytes) C:\Users\k08ik\Desktop\adwcleaner_8.3.0 (1).exe
2021-10-02 13:05 - 2021-10-02 13:09 - 000000000 ____D C:\AdwCleaner
2021-10-02 13:05 - 2021-10-02 13:05 - 008553680 _____ (Malwarebytes) C:\Users\k08ik\Downloads\adwcleaner_8.3.0.exe
2021-10-02 02:32 - 2021-10-02 02:33 - 000000444 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2021-10-01 22:33 - 2021-10-02 13:09 - 000000000 ____D C:\Users\k08ik\AppData\Roaming\Notepad++
2021-10-01 22:33 - 2021-10-01 22:33 - 000000887 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2021-10-01 22:33 - 2021-10-01 22:33 - 000000875 _____ C:\Users\Public\Desktop\Notepad++.lnk
2021-10-01 22:33 - 2021-10-01 22:33 - 000000000 ____D C:\Program Files\Notepad++
2021-10-01 22:32 - 2021-10-01 22:32 - 004338784 _____ (Don HO don.h@free.fr) C:\Users\k08ik\Downloads\npp.8.1.5.Installer.x64.exe
2021-10-01 21:49 - 2021-10-02 21:01 - 000000000 ____D C:\FRST
2021-10-01 21:47 - 2021-10-02 20:59 - 002304512 _____ (Farbar) C:\Users\k08ik\Desktop\FRST64.exe
2021-10-01 18:30 - 2021-10-01 18:30 - 000000000 ___HD C:\$WinREAgent
2021-10-01 18:30 - 2021-10-01 18:30 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-10-01 18:29 - 2021-10-01 18:30 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-10-01 14:06 - 2021-10-01 14:06 - 001341272 _____ (Google LLC) C:\Users\k08ik\Downloads\ChromeSetup (1).exe
2021-10-01 13:54 - 2021-10-01 14:07 - 000002329 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-10-01 13:54 - 2021-10-01 14:07 - 000002288 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-10-01 13:53 - 2021-10-01 13:53 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-10-01 13:53 - 2021-10-01 13:53 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-10-01 13:53 - 2021-10-01 13:53 - 000000000 ____D C:\Program Files\Google
2021-10-01 13:52 - 2021-10-02 20:58 - 000000000 ____D C:\Program Files (x86)\Google
2021-10-01 13:52 - 2021-10-01 14:00 - 000000000 ____D C:\Users\k08ik\AppData\Local\Google
2021-10-01 13:52 - 2021-10-01 13:52 - 001341272 _____ (Google LLC) C:\Users\k08ik\Downloads\ChromeSetup.exe
2021-10-01 13:40 - 2021-10-01 13:40 - 000000000 ____D C:\Users\k08ik\AppData\Local\Comms
2021-10-01 13:35 - 2021-10-01 13:35 - 000000000 ____D C:\Users\k08ik\AppData\Local\D3DSCache
2021-10-01 13:27 - 2021-10-01 13:47 - 000000000 ____D C:\Users\k08ik\AppData\Local\PlaceholderTileLogoFolder
2021-10-01 13:25 - 2021-10-01 13:26 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-63133299-3127860021-3020444460-1001
2021-10-01 13:25 - 2021-10-01 13:25 - 000000000 ___RD C:\Users\k08ik\OneDrive
2021-10-01 13:24 - 2021-10-01 13:24 - 000001339 _____ C:\Users\k08ik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Správce zvuku Realtek HD.lnk
2021-10-01 13:24 - 2021-10-01 13:24 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-10-01 13:23 - 2021-10-01 13:47 - 000000000 ____D C:\ProgramData\Packages
2021-10-01 13:23 - 2021-10-01 13:23 - 000000000 ____D C:\Users\k08ik\AppData\Local\Publishers
2021-10-01 13:22 - 2021-10-01 13:47 - 000000000 ____D C:\Users\k08ik\AppData\Local\Packages
2021-10-01 13:22 - 2021-10-01 13:24 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-10-01 13:22 - 2021-10-01 13:23 - 000000000 ____D C:\Users\k08ik\AppData\Local\ConnectedDevicesPlatform
2021-10-01 13:22 - 2021-10-01 13:22 - 000000000 ___RD C:\Users\k08ik\3D Objects
2021-10-01 13:22 - 2021-10-01 13:22 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG
2021-10-01 13:22 - 2021-10-01 13:22 - 000000000 ____D C:\Users\k08ik\AppData\Local\VirtualStore
2021-10-01 13:12 - 2021-10-01 13:26 - 000002371 _____ C:\Users\k08ik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-10-01 13:12 - 2021-10-01 13:25 - 000000000 ____D C:\Users\k08ik
2021-10-01 13:12 - 2021-10-01 13:12 - 000000020 ___SH C:\Users\k08ik\ntuser.ini
2021-10-01 13:12 - 2021-10-01 13:12 - 000000000 _SHDL C:\Users\k08ik\Šablony
2021-10-01 13:12 - 2021-10-01 13:12 - 000000000 _SHDL C:\Users\k08ik\Soubory cookie
2021-10-01 13:12 - 2021-10-01 13:12 - 000000000 _SHDL C:\Users\k08ik\Poslední
2021-10-01 13:12 - 2021-10-01 13:12 - 000000000 _SHDL C:\Users\k08ik\Okolní tiskárny
2021-10-01 13:12 - 2021-10-01 13:12 - 000000000 _SHDL C:\Users\k08ik\Okolní síť
2021-10-01 13:12 - 2021-10-01 13:12 - 000000000 _SHDL C:\Users\k08ik\Nabídka Start
2021-10-01 13:12 - 2021-10-01 13:12 - 000000000 _SHDL C:\Users\k08ik\Dokumenty
2021-10-01 13:12 - 2021-10-01 13:12 - 000000000 _SHDL C:\Users\k08ik\Documents\Obrázky
2021-10-01 13:12 - 2021-10-01 13:12 - 000000000 _SHDL C:\Users\k08ik\Documents\Hudba
2021-10-01 13:12 - 2021-10-01 13:12 - 000000000 _SHDL C:\Users\k08ik\Documents\Filmy
2021-10-01 13:12 - 2021-10-01 13:12 - 000000000 _SHDL C:\Users\k08ik\Data aplikací
2021-10-01 13:12 - 2021-10-01 13:12 - 000000000 _SHDL C:\Users\k08ik\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2021-10-01 13:12 - 2021-10-01 13:12 - 000000000 _SHDL C:\Users\k08ik\AppData\Local\Data aplikací
2021-10-01 12:14 - 2021-10-02 02:34 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Public\Documents\Obrázky
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Public\Documents\Hudba
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Public\Documents\Filmy
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Default\Šablony
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Default\Poslední
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Default\Okolní síť
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Default\Dokumenty
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Default\Documents\Obrázky
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Default\Documents\Hudba
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Default\Documents\Filmy
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Default\Data aplikací
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Default User
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\All Users
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\ProgramData\Šablony
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\ProgramData\Plocha
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\ProgramData\Dokumenty
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\ProgramData\Data aplikací
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Documents and Settings
2021-10-01 12:01 - 2021-10-02 13:43 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-01 12:01 - 2021-10-02 13:43 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-10-01 12:01 - 2021-10-01 22:45 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-10-01 12:01 - 2021-10-01 22:45 - 000002284 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-10-01 12:01 - 2021-10-01 12:01 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2021-10-01 12:01 - 2021-10-01 12:01 - 000000000 ____H C:\ProgramData\DP45977C.lfl
2021-10-01 12:01 - 2021-10-01 12:01 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2021-10-01 12:01 - 2021-10-01 12:01 - 000000000 ____D C:\Program Files\Realtek
2021-10-01 12:01 - 2021-10-01 12:01 - 000000000 ____D C:\Intel
2021-10-01 11:59 - 2021-10-02 13:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-10-01 11:59 - 2021-10-01 13:29 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-10-01 11:59 - 2021-10-01 12:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-10-01 11:59 - 2021-10-01 11:59 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-10-01 11:58 - 2021-10-01 12:09 - 000008192 ___SH C:\DumpStack.log.tmp
2021-10-01 11:58 - 2021-10-01 11:59 - 000258960 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-10-01 06:29 - 2021-10-01 06:29 - 000000000 ____D C:\WINDOWS\OEM
2021-10-01 06:28 - 2021-10-01 12:10 - 000000000 ____D C:\WINDOWS\Panther
2021-10-01 06:18 - 2021-10-01 12:10 - 000000000 ____D C:\Windows.old
2021-10-01 06:18 - 2021-10-01 06:18 - 000000000 ____D C:\Program Files\Elantech
2021-10-01 06:17 - 2021-10-01 06:17 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-10-01 06:16 - 2021-10-01 06:16 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2021-10-01 06:16 - 2021-10-01 06:16 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2021-10-01 06:16 - 2021-10-01 06:16 - 000000000 ____D C:\WINDOWS\Setup
2021-10-01 06:16 - 2021-10-01 06:16 - 000000000 ____D C:\WINDOWS\OCR
2021-10-01 06:15 - 2021-10-02 02:34 - 000683426 _____ C:\WINDOWS\system32\perfh005.dat
2021-10-01 06:15 - 2021-10-02 02:34 - 000137206 _____ C:\WINDOWS\system32\perfc005.dat
2021-10-01 06:15 - 2021-10-01 06:15 - 000296964 _____ C:\WINDOWS\system32\perfi005.dat
2021-10-01 06:15 - 2021-10-01 06:15 - 000038778 _____ C:\WINDOWS\system32\perfd005.dat
2021-10-01 06:15 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2021-10-01 06:15 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2021-10-01 06:15 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2021-10-01 06:15 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2021-10-01 06:15 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2021-10-01 06:15 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2021-10-01 06:15 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\SysWOW64\0409
2021-10-01 06:15 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\system32\winrm
2021-10-01 06:15 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\system32\WCN
2021-10-01 06:15 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\system32\slmgr
2021-10-01 06:15 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2021-10-01 06:15 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\system32\cs
2021-10-01 06:15 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\system32\0409
2021-10-01 06:15 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\DigitalLocker
2021-10-01 06:11 - 2021-10-01 06:07 - 000215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2021-10-01 06:11 - 2021-10-01 06:07 - 000003103 _____ C:\WINDOWS\SysWOW64\mmc.exe.config
2021-10-01 06:11 - 2021-10-01 06:07 - 000000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2021-10-01 06:10 - 2021-10-02 20:58 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-10-01 06:10 - 2021-10-02 20:48 - 000000000 ____D C:\WINDOWS\Registration
2021-10-01 06:10 - 2021-10-02 13:03 - 000000000 ____D C:\WINDOWS\appcompat
2021-10-01 06:10 - 2021-10-01 22:45 - 000000000 ___HD C:\Program Files\WindowsApps
2021-10-01 06:10 - 2021-10-01 22:45 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-10-01 06:10 - 2021-10-01 13:52 - 000000000 ___RD C:\Program Files (x86)
2021-10-01 06:10 - 2021-10-01 13:40 - 000000000 ____D C:\WINDOWS\ServiceState
2021-10-01 06:10 - 2021-10-01 13:39 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-10-01 06:10 - 2021-10-01 13:27 - 000000000 ____D C:\Program Files\Windows Defender
2021-10-01 06:10 - 2021-10-01 13:23 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-10-01 06:10 - 2021-10-01 13:12 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-10-01 06:10 - 2021-10-01 13:05 - 000000000 ____D C:\ProgramData\USOPrivate
2021-10-01 06:10 - 2021-10-01 12:11 - 000000000 ____D C:\WINDOWS\system32\spool
2021-10-01 06:10 - 2021-10-01 12:09 - 000000000 ____D C:\Program Files\Windows NT
2021-10-01 06:10 - 2021-10-01 11:58 - 000000000 ____D C:\WINDOWS\system32\config\TxR
2021-10-01 06:10 - 2021-10-01 06:27 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ___SD C:\WINDOWS\system32\dsc
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\system32\setup
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\system32\MUI
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\system32\Com
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\IME
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\Help
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\Program Files\Common Files\System
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\Program Files (x86)\Windows NT
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-10-01 06:10 - 2021-10-01 06:11 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui
2021-10-01 06:10 - 2021-10-01 06:11 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-10-01 06:10 - 2021-10-01 06:11 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-10-01 06:10 - 2021-10-01 06:11 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2021-10-01 06:10 - 2021-10-01 06:11 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-10-01 06:10 - 2021-10-01 06:11 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml
2021-10-01 06:10 - 2021-10-01 06:11 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2021-10-01 06:10 - 2021-10-01 06:11 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2021-10-01 06:10 - 2021-10-01 06:11 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 __SHD C:\Program Files\Windows Sidebar
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 __RSD C:\WINDOWS\Media
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 __RHD C:\Users\Public\Libraries
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ___SD C:\WINDOWS\system32\Nui
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ___SD C:\WINDOWS\system32\Configuration
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ___HD C:\WINDOWS\LanguageOverlayCache
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\Web
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\WaaS
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\Vss
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\tracing
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\TAPI
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\SysWOW64\ras
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Msdtc
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\SystemResources
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\SystemApps
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\winevt
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\ti-et
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\ta-lk
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\ta-in
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\si-lk
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\ras
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\ProximityToast
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\PointOfService
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\osa-Osge-001
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\my-mm
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\Macromed
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\Ipmi
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\IME
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\icsxml
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\ias
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\Hydrogen
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\GroupPolicyUsers
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\ff-Adlm-SN
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\DriverState
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\downlevel
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\DDFs
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\ContainerSettingsProviders
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\config\RegBack
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\config\Journal
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\Bthprops
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\am-et
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\System
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\SKB
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\schemas
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\SchCache
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\security
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\Resources
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\rescache
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\Provisioning
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\PLA
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\Performance
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\ModemLogs
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\L2Schemas
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\InputMethod
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\IdentityCRL
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\Globalization
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\Cursors
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\Containers
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\Branding
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\ProgramData\USOShared
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\Program Files\Windows Security
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\Program Files\Windows Portable Devices
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\Program Files\ModifiableWindowsApps
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\Program Files\Common Files\Services
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2021-10-01 06:10 - 2021-10-01 06:07 - 000215943 _____ C:\WINDOWS\system32\dssec.dat
2021-10-01 06:10 - 2021-10-01 06:07 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-10-01 06:10 - 2021-10-01 06:07 - 000017635 _____ C:\WINDOWS\system32\Drivers\etc\services
2021-10-01 06:10 - 2021-10-01 06:07 - 000003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2021-10-01 06:10 - 2021-10-01 06:07 - 000003103 _____ C:\WINDOWS\system32\mmc.exe.config
2021-10-01 06:10 - 2021-10-01 06:07 - 000001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol
2021-10-01 06:10 - 2021-10-01 06:07 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2021-10-01 06:10 - 2021-10-01 06:07 - 000000741 _____ C:\WINDOWS\system32\NOISE.DAT
2021-10-01 06:10 - 2021-10-01 06:07 - 000000407 _____ C:\WINDOWS\system32\Drivers\etc\networks
2021-10-01 06:10 - 2021-10-01 06:07 - 000000219 _____ C:\WINDOWS\system.ini
2021-10-01 06:10 - 2021-10-01 06:07 - 000000092 _____ C:\WINDOWS\win.ini
2021-10-01 06:08 - 2021-10-02 02:34 - 000000000 ____D C:\WINDOWS\INF
2021-10-01 06:00 - 2021-10-01 18:39 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-10-01 05:53 - 2021-10-01 18:39 - 000000000 ____D C:\WINDOWS\servicing
2021-10-01 05:53 - 2021-10-01 13:26 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-10-01 05:53 - 2021-10-01 12:08 - 068157440 _____ C:\WINDOWS\system32\config\SOFTWARE
2021-10-01 05:53 - 2021-10-01 12:08 - 013893632 _____ C:\WINDOWS\system32\config\SYSTEM
2021-10-01 05:53 - 2021-10-01 12:08 - 000524288 _____ C:\WINDOWS\system32\config\DEFAULT
2021-10-01 05:53 - 2021-10-01 12:08 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-10-01 05:53 - 2021-10-01 12:08 - 000131072 _____ C:\WINDOWS\system32\config\SAM
2021-10-01 05:53 - 2021-10-01 12:08 - 000032768 _____ C:\WINDOWS\system32\config\SECURITY
2021-10-01 05:53 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\SMI
2021-10-01 05:50 - 2021-10-01 12:58 - 000000000 ___HD C:\$SysReset
2021-09-15 10:25 - 2021-09-15 10:25 - 000672768 ____N C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-09-15 10:25 - 2021-09-15 10:25 - 000452096 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-09-15 10:24 - 2021-09-15 10:24 - 002111488 ____N (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll
2021-09-15 10:24 - 2021-09-15 10:24 - 001333760 ____N C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-09-15 10:24 - 2021-09-15 10:24 - 001313608 ____N (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-09-15 10:24 - 2021-09-15 10:24 - 001164288 ____N C:\WINDOWS\system32\MBR2GPT.EXE
2021-09-15 10:24 - 2021-09-15 10:24 - 000570368 ____N (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-09-15 10:24 - 2021-09-15 10:24 - 000426496 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-09-15 10:24 - 2021-09-15 10:24 - 000223744 ____N C:\WINDOWS\SysWOW64\TpmTool.exe
2021-09-15 10:24 - 2021-09-15 10:24 - 000147456 ____N (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2021-09-15 10:24 - 2021-09-15 10:24 - 000122880 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2021-09-15 10:24 - 2021-09-15 10:24 - 000011355 ____N C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-09-15 10:23 - 2021-09-15 10:23 - 002295296 ____N (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll
2021-09-15 10:23 - 2021-09-15 10:23 - 002260992 ____N C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-09-15 10:23 - 2021-09-15 10:23 - 001823304 ____N (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-09-15 10:23 - 2021-09-15 10:23 - 001393480 ____N (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-09-15 10:23 - 2021-09-15 10:23 - 000098816 ____N C:\WINDOWS\system32\Drivers\cimfs.sys
2021-09-15 10:22 - 2021-09-15 10:22 - 000566784 ____N (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-09-15 10:22 - 2021-09-15 10:22 - 000272384 ____N C:\WINDOWS\system32\TpmTool.exe
2021-09-15 10:22 - 2021-09-15 10:22 - 000162816 ____N C:\WINDOWS\system32\DataStoreCacheDumpTool.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)


==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2021
Ran by k08ik (02-10-2021 21:04:08)
Running from C:\Users\k08ik\Desktop
Windows 10 Home Version 21H1 19043.1237 (X64) (2021-10-01 10:10:30)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-63133299-3127860021-3020444460-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-63133299-3127860021-3020444460-503 - Limited - Disabled)
Guest (S-1-5-21-63133299-3127860021-3020444460-501 - Limited - Disabled)
k08ik (S-1-5-21-63133299-3127860021-3020444460-1001 - Administrator - Enabled) => C:\Users\k08ik
WDAGUtilityAccount (S-1-5-21-63133299-3127860021-3020444460-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 94.0.4606.71 - Google LLC)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 94.0.992.31 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-63133299-3127860021-3020444460-1001\...\OneDriveSetup.exe) (Version: 21.170.0822.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B981965-2FBC-433C-B4B3-E183EE97CD29}) (Version: 2.83.0.0 - Microsoft Corporation)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.1.5 - Notepad++ Team)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7040 - Realtek Semiconductor Corp.)

Packages:
=========
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-10-01] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.169.612.0_x86__zpdnekdrzrea0 [2021-10-01] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2021-09-26] (Notepad++ -> )
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2021-10-01 06:10 - 2021-10-02 13:28 - 000000852 _____ C:\WINDOWS\system32\drivers\etc\hosts

2021-10-02 02:32 - 2021-10-02 02:33 - 000000444 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-63133299-3127860021-3020444460-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{830032DD-7603-4FC3-B71F-5F8079EB8D10}C:\windows\system32\mmc.exe] => (Block) C:\windows\system32\mmc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{BF838FD7-B0DE-4B87-B530-0B3493637645}C:\windows\system32\mmc.exe] => (Block) C:\windows\system32\mmc.exe (Microsoft Windows -> Microsoft Corporation)

==================== Restore Points =========================

01-10-2021 18:31:09 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (10/02/2021 01:03:41 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0x8007007B
Argument příkazového řádku:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (10/02/2021 02:33:11 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0x8007007B
Argument příkazového řádku:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (10/01/2021 11:58:35 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0x8007007B
Argument příkazového řádku:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (10/01/2021 01:25:04 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0x8007007B
Argument příkazového řádku:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (10/01/2021 01:25:01 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0x8007007B
Argument příkazového řádku:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=UserLogon;SessionId=2

Error: (10/01/2021 12:14:34 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0x8007267C
Argument příkazového řádku:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=TimerEvent

Error: (10/01/2021 12:03:40 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu Windows Defender na SECURITY_PRODUCT_STATE_ON došlo k chybě.


System errors:
=============
Error: (10/02/2021 01:28:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba CredentialEnrollmentManagerUserSvc_1a9071 byla neočekávaně ukončena. Tento stav nastal již 2krát.

Error: (10/02/2021 01:11:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba CredentialEnrollmentManagerUserSvc_1a9071 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (10/02/2021 01:11:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Content Protection HECI Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/02/2021 01:11:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Elan Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/01/2021 12:07:32 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba seznamu sítí byla ukončena s následující chybou:
Zařízení není připraveno.

Error: (10/01/2021 12:07:32 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {A47979D2-C419-11D9-A5B4-001185AD2B89} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/01/2021 12:05:32 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba seznamu sítí byla ukončena s následující chybou:
Zařízení není připraveno.

Error: (10/01/2021 12:05:32 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {A47979D2-C419-11D9-A5B4-001185AD2B89} se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
================
Date: 2021-10-01 13:00:02
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 0.0.0.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 0.0.0.0
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2021-10-01 12:35:01
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 0.0.0.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 0.0.0.0
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2021-10-01 12:35:01
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 0.0.0.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 0.0.0.0
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2021-10-01 12:35:01
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 0.0.0.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 0.0.0.0
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2021-10-01 12:35:01
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 0.0.0.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 0.0.0.0
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

==================== Memory info ===========================

BIOS: Acer V1.09 07/30/2012
Motherboard: Acer EA50_HC_HR
Processor: Intel(R) Pentium(R) CPU B960 @ 2.20GHz
Percentage of memory in use: 88%
Total physical RAM: 3932.36 MB
Available physical RAM: 448.56 MB
Total Virtual: 5955.61 MB
Available Virtual: 1257.34 MB

==================== Drives ================================

Drive c: (Windows 10) (Fixed) (Total:930.45 GB) (Free:905.31 GB) NTFS

\\?\Volume{39e4c2b3-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.54 GB) (Free:0.5 GB) NTFS
\\?\Volume{39e4c2b3-0000-0000-0000-40bfe8000000}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 39E4C2B3)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=535 MB) - (Type=27)

==================== End of Addition.txt =======================

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
Task: {7D4BF4F1-4E86-423E-AB29-56B432AEF460} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-01] (Google LLC -> Google LLC)
Task: {8977863A-2AA5-442C-A040-DDC420EBEBAB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-01] (Google LLC -> Google LLC)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 02-10-2021
Ran by k08ik (02-10-2021 22:59:33) Run:1
Running from C:\Users\k08ik\Desktop
Loaded Profiles: k08ik
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
Task: {7D4BF4F1-4E86-423E-AB29-56B432AEF460} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-01] (Google LLC -> Google LLC)
Task: {8977863A-2AA5-442C-A040-DDC420EBEBAB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-01] (Google LLC -> Google LLC)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7D4BF4F1-4E86-423E-AB29-56B432AEF460}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7D4BF4F1-4E86-423E-AB29-56B432AEF460}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8977863A-2AA5-442C-A040-DDC420EBEBAB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8977863A-2AA5-442C-A040-DDC420EBEBAB}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Local Page"="C:\Windows\System32\blank.htm" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Local Page"="C:\Windows\SysWOW64\blank.htm" => value restored successfully

=========== EmptyTemp: ==========

BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 14855312 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 1283242 B
Edge => 0 B
Chrome => 394803761 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 7828056 B
k08ik => 55440546 B

RecycleBin => 0 B
EmptyTemp: => 453.5 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 23:00:41 ====

Smazáno. Nastala nějaká změna?

Spíš je to postupem času horší a horší.

Několik procesů je spuštěno 2x (dllhost.exe ,csrss.exe,explorer.exe , taskhostw.exe .....)

Několik procesů přibylo např. (ApplicationFrameHost.exe , audiodg.exe , dasHost.exe ,fontdrvhost.exe,
(název ve správci úloh) registry (název souboru) ntoskrnl.exe (původní název souboru) ntkrnlmp.exe .....je to OK?

NDKPing.exe (umístění C:\Windows\System32) RdmaPing.sys (původní název souboru) RDMA Ping Cmd ( popis souboru)
msimg32.dll (umístění C:\Windows\System32) gdiext (původní název souboru) GDIEXT Client DLL ( popis souboru)
nltest.exe (umístění C:\Windows\System32) nltestrk.exe (původní název souboru) Microsoft Logon Server Test Utility ( popis souboru)
pospaymentsworker.exe (umístění C:\Windows\System32) , (podrobnosti) prázdné ,pouze -velikost : 43 KB a -typ : aplikace


C:\WINDOWS\Temp3 MB
C:\WINDOWS\Temp\87D623F4-42C0-4F55-9274-F0D1C13F1AF6-Sigs0 Byte
C:\WINDOWS\Temp\Crashpad40 Bytes
C:\WINDOWS\Temp\Crashpad\reports0 Byte
C:\WINDOWS\Temp\Crashpad\settings.dat40 Bytes
C:\WINDOWS\Temp\Crashpad\metadata0 Byte
C:\WINDOWS\Temp\MpCmdRun.log3 KB
C:\WINDOWS\Temp\MpCopyAccelerator.log610 Bytes
C:\WINDOWS\Temp\MpSigStub.log15 KB
C:\WINDOWS\Temp\msedge_installer.log43 KB
C:\WINDOWS\Temp\4dd1e0df-b960-4000-b5ae-5a3961d74ed4.tmp3 MB
C:\ProgramData\Microsoft\Windows\WER\ReportQueue0 Byte
C:\Users\k08ik\AppData\Local\Temp53 MB
C:\Users\k08ik\AppData\Local\Temp\nsvF091.tmp330 KB
C:\Users\k08ik\AppData\Local\Temp\nsvF091.tmp\rCrypt.dll283 KB
C:\Users\k08ik\AppData\Local\Temp\nsvF091.tmp\stack.dll11 KB
C:\Users\k08ik\AppData\Local\Temp\nsvF091.tmp\MSIBanner.dll36 KB
C:\Users\k08ik\AppData\Local\Temp\nsoA6E3.tmp476 KB
C:\Users\k08ik\AppData\Local\Temp\nsoA6E3.tmp\stack.dll11 KB
C:\Users\k08ik\AppData\Local\Temp\nsoA6E3.tmp\xml.dll182 KB
C:\Users\k08ik\AppData\Local\Temp\nsoA6E3.tmp\rCrypt.dll283 KB
C:\Users\k08ik\AppData\Local\Temp\nsgC70E.tmp294 KB
C:\Users\k08ik\AppData\Local\Temp\nsgC70E.tmp\stack.dll11 KB
C:\Users\k08ik\AppData\Local\Temp\nsgC70E.tmp\rCrypt.dll283 KB
C:\Users\k08ik\AppData\Local\Temp\nsbEF1D.tmp318 KB
C:\Users\k08ik\AppData\Local\Temp\nsbEF1D.tmp\registry.dll25 KB
C:\Users\k08ik\AppData\Local\Temp\nsbEF1D.tmp\stack.dll11 KB
C:\Users\k08ik\AppData\Local\Temp\nsbEF1D.tmp\rCrypt.dll283 KB
C:\Users\k08ik\AppData\Local\Temp\nsr6FA7.tmp465 KB
C:\Users\k08ik\AppData\Local\Temp\nsr6FA7.tmp\xml.dll182 KB
C:\Users\k08ik\AppData\Local\Temp\nsr6FA7.tmp\rCrypt.dll283 KB
C:\Users\k08ik\AppData\Local\Temp\7ea83f77-d2f4-4628-aa74-e2447dfb2db5.tmp430 KB
C:\Users\k08ik\AppData\Local\Temp\7f72fd6d-5628-40fc-928b-323c4dba3008.tmp569 KB
C:\Users\k08ik\AppData\Local\Temp\7fa050ed-d515-404e-99de-655312d5a218.tmp258 KB
C:\Users\k08ik\AppData\Local\Temp\6990ea25-7d1c-419c-83d9-129b85412a26.tmp0 Byte
C:\Users\k08ik\AppData\Local\Temp\ack.txt2 Bytes
C:\Users\k08ik\AppData\Local\Temp\chrome_installer.log2 KB
C:\Users\k08ik\AppData\Local\Temp\e963d7b6-38e8-4c37-befb-2ec9952f13fe.tmp2 MB
C:\Users\k08ik\AppData\Local\Temp\4d4850ff-e6e9-4350-935a-d9fa82773884.tmp834 KB
C:\Users\k08ik\AppData\Local\Temp\4ccedf79-d7a1-41f4-8549-6a2e309eb73b.tmp569 KB
C:\Users\k08ik\AppData\Local\Temp\3acb34c5-ffef-4851-86b6-bce1e62f449d.tmp430 KB
C:\Users\k08ik\AppData\Local\Temp\92bf4030-a618-4950-8fa8-b49bb33d951b.tmp6 KB
C:\Users\k08ik\AppData\Local\Temp\.ses53 Bytes
C:\Users\k08ik\AppData\Local\Temp\sqlite3.exe478 KB
C:\Users\k08ik\AppData\Local\Temp\StructuredQuery.log5 KB
C:\Users\k08ik\AppData\Local\Temp\wct4A6D.tmp40 KB
C:\Users\k08ik\AppData\Local\Temp\wctEE04.tmp40 KB
C:\Users\k08ik\AppData\Local\Temp\wctEE05.tmp46 MB
C:\$recycle.bin\S-1-5-21-63133299-3127860021-3020444460-1001129 Bytes
C:\$recycle.bin\S-1-5-21-63133299-3127860021-3020444460-1001\desktop.ini129 Bytes
C:\WINDOWS\inf\setupapi.dev.log16 KB
C:\WINDOWS\inf\setupapi.offline.log356 KB
C:\WINDOWS\inf\setupapi.offline.log356 KB
C:\WINDOWS\Logs\CBS\CBS.log10 MB
C:\WINDOWS\Panther\actionqueue\specialize.uaq515 Bytes
C:\WINDOWS\Panther\UnattendGC\*84 KB
C:\WINDOWS\Panther\UnattendGC\diagwrn.xml8 KB
C:\WINDOWS\Panther\UnattendGC\setupact.log70 KB
C:\WINDOWS\Panther\UnattendGC\setuperr.log129 Bytes
C:\WINDOWS\Panther\UnattendGC\diagerr.xml6 KB
C:\WINDOWS\security\logs\scecomp.old2 KB
C:\WINDOWS\security\logs\scesetup.log14 KB
C:\WINDOWS\ServiceProfiles\NetworkService\AppData\Local\Temp\MpCmdRun.log2 KB
C:\WINDOWS\setupact.log297 Bytes
C:\WINDOWS\setuperr.log0 Byte
C:\WINDOWS\SoftwareDistribution\DataStore\Logs\*.log8 MB
C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb00018.log1 MB
C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb00019.log1 MB
C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb0001A.log1 MB
C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb0001B.log1 MB
C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edbtmp.log1 MB
C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log1 MB
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log46 KB
C:\WINDOWS\system32\wdi\LogFiles\*25 MB
C:\WINDOWS\system32\wdi\LogFiles\ShutdownPerfDiagLogger.etl3 MB
C:\WINDOWS\system32\wdi\LogFiles\WdiContextLog.etl.001592 KB
C:\WINDOWS\system32\wdi\LogFiles\WdiContextLog.etl.0022 MB
C:\WINDOWS\system32\wdi\LogFiles\WdiContextLog.etl.0031 MB
C:\WINDOWS\system32\wdi\LogFiles\BootPerfDiagLogger.etl19 MB
C:\Users\k08ik\AppData\Local\IconCache.db56 KB
C:\Users\k08ik\AppData\Local\Microsoft\Windows\Explorer\*.db9 MB
C:\Users\k08ik\AppData\Local\Microsoft\Windows\Explorer\iconcache_1280.db24 Bytes
C:\Users\k08ik\AppData\Local\Microsoft\Windows\Explorer\iconcache_16.db1 MB
C:\Users\k08ik\AppData\Local\Microsoft\Windows\Explorer\iconcache_1920.db24 Bytes
C:\Users\k08ik\AppData\Local\Microsoft\Windows\Explorer\iconcache_256.db1 MB
C:\Users\k08ik\AppData\Local\Microsoft\Windows\Explorer\iconcache_2560.db24 Bytes
C:\Users\k08ik\AppData\Local\Microsoft\Windows\Explorer\iconcache_32.db1 MB
C:\Users\k08ik\AppData\Local\Microsoft\Windows\Explorer\iconcache_48.db1 MB
C:\Users\k08ik\AppData\Local\Microsoft\Windows\Explorer\iconcache_768.db24 Bytes
C:\Users\k08ik\AppData\Local\Microsoft\Windows\Explorer\iconcache_96.db24 Bytes
C:\Users\k08ik\AppData\Local\Microsoft\Windows\Explorer\iconcache_custom_stream.db24 Bytes
C:\Users\k08ik\AppData\Local\Microsoft\Windows\Explorer\iconcache_exif.db24 Bytes
C:\Users\k08ik\AppData\Local\Microsoft\Windows\Explorer\iconcache_idx.db29 KB
C:\Users\k08ik\AppData\Local\Microsoft\Windows\Explorer\iconcache_sr.db24 Bytes
C:\Users\k08ik\AppData\Local\Microsoft\Windows\Explorer\iconcache_wide.db24 Bytes
C:\Users\k08ik\AppData\Local\Microsoft\Windows\Explorer\iconcache_wide_alternate.db24 Bytes
C:\Users\k08ik\AppData\Local\Microsoft\Windows\Explorer\thumbcache_1280.db24 Bytes
C:\Users\k08ik\AppData\Local\Microsoft\Windows\Explorer\thumbcache_16.db1 MB
C:\Users\k08ik\AppData\Local\Microsoft\Windows\Explorer\thumbcache_1920.db24 Bytes
C:\Users\k08ik\AppData\Local\Microsoft\Windows\Explorer\thumbcache_256.db1 MB
C:\Users\k08ik\AppData\Local\Microsoft\Windows\Explorer\thumbcache_2560.db24 Bytes
C:\Users\k08ik\AppData\Local\Microsoft\Windows\Explorer\thumbcache_32.db1 MB
C:\Users\k08ik\AppData\Local\Microsoft\Windows\Explorer\thumbcache_48.db1 MB
C:\Users\k08ik\AppData\Local\Microsoft\Windows\Explorer\thumbcache_768.db24 Bytes
C:\Users\k08ik\AppData\Local\Microsoft\Windows\Explorer\thumbcache_96.db1 MB
C:\Users\k08ik\AppData\Local\Microsoft\Windows\Explorer\thumbcache_custom_stream.db24 Bytes
C:\Users\k08ik\AppData\Local\Microsoft\Windows\Explorer\thumbcache_exif.db24 Bytes
C:\Users\k08ik\AppData\Local\Microsoft\Windows\Explorer\thumbcache_idx.db14 KB
C:\Users\k08ik\AppData\Local\Microsoft\Windows\Explorer\thumbcache_sr.db24 Bytes
C:\Users\k08ik\AppData\Local\Microsoft\Windows\Explorer\thumbcache_wide.db24 Bytes
C:\Users\k08ik\AppData\Local\Microsoft\Windows\Explorer\thumbcache_wide_alternate.db24 Bytes
C:\Users\k08ik\AppData\Local\Microsoft\Windows\Explorer\*.etl496 KB
C:\Users\k08ik\AppData\Local\Microsoft\Windows\Explorer\ExplorerStartupLog_RunOnce.etl24 KB
C:\Users\k08ik\AppData\Local\Microsoft\Windows\Explorer\ExplorerStartupLog.etl472 KB
C:\WINDOWS\debug\*.log2 KB
C:\WINDOWS\debug\NetSetup.LOG912 Bytes
C:\WINDOWS\debug\PASSWD.LOG0 Byte
C:\WINDOWS\debug\sammui.log165 Bytes
C:\WINDOWS\debug\mrt.log1 KB
C:\WINDOWS\DtcInstall.log2 KB

nevím jestli z toho jde něco zjistit ...

Je běžné že soubor : Vytvořeno : středa 15. září 2021 , 9:54:03
Změněno : úterý 10. srpna 2021 , 5:36:53
Změnit něco ,co vlastně ještě není .... To vypadá že v tom má prsty Chuck Norris

Které procesy nejvíce zatěžují procesor?

Tak na záložce procesy : Hostitel služby :Spouštěč procesů serveru DCOM , Systém , Služba DPS , systémová přerušení, správce oken plochy , správce úloh
Na záložce podrobnosti : Svchost PID 2920 , Svchost PID 880 , dwm.exe , system , MsMpEng.exe

Udělejte sken AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 . Utilitu stáhněte, spusťte, nechte pracovat a po skončení skce smažte vše, co najde.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-10-2021
Ran by k08ik (administrator) on DESKTOP-QRU1R0I (Acer Aspire E1-531) (04-10-2021 19:40:00)
Running from C:\Users\k08ik\Desktop
Loaded Profiles: k08ik
Platform: Windows 10 Home Version 21H1 19043.1237 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <11>
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\k08ik\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowsstore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CredentialEnrollmentManager.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\NisSrv.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Restoro Ltd -> Restoro) C:\Program Files\Restoro\bin\RestoroProtection.exe
(Restoro Ltd -> Restoro) C:\Program Files\Restoro\bin\RestoroService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13653208 2013-09-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Restoro] => C:\Program Files\Restoro\bin\RestoroApp.exe [477648 2021-03-24] (Restoro Ltd -> Restoro) <==== ATTENTION
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\94.0.4606.71\Installer\chrmstp.exe [2021-10-01] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0A167680-FC7C-4603-BC2A-5699A146AA85} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-10-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3B2ACF3D-906E-4F89-A081-24280DEFE0A4} - System32\Tasks\AVG\Overseer => C:\Windows\OEM\CustomizationFiles\Overseer.exe [1815352 2021-10-01] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {3F32C23E-BB49-4749-8DA5-410304C14634} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-10-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6806969E-A8EB-4DA4-A0A3-DFA1493E5C05} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-10-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CECD55E2-7E9F-41D2-AF0A-D883715B560A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-10-01] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{dc0a2f1a-4531-49cf-87f3-a4e1d7ef6e8e}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\k08ik\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-03]

Chrome:
=======
CHR Profile: C:\Users\k08ik\AppData\Local\Google\Chrome\User Data\Default [2021-10-04]
CHR Extension: (Prezentace) - C:\Users\k08ik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-10-01]
CHR Extension: (Dokumenty) - C:\Users\k08ik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-10-01]
CHR Extension: (Disk Google) - C:\Users\k08ik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-10-01]
CHR Extension: (YouTube) - C:\Users\k08ik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-10-01]
CHR Extension: (Tabulky) - C:\Users\k08ik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-10-01]
CHR Extension: (Dokumenty Google offline) - C:\Users\k08ik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\k08ik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-01]
CHR Extension: (Gmail) - C:\Users\k08ik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-10-01]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 RestoroActiveProtection; C:\Program Files\Restoro\bin\RestoroProtection.exe [9310216 2021-02-07] (Restoro Ltd -> Restoro) <==== ATTENTION
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2108.7-0\NisSrv.exe [2772856 2021-10-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2108.7-0\MsMpEng.exe [136640 2021-10-01] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-10-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [433384 2021-10-01] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86264 2021-10-01] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Three months (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-10-03 23:14 - 2021-10-03 23:14 - 000000000 ____D C:\Users\k08ik\Documents\FeedbackHub
2021-10-03 15:22 - 2021-10-03 15:22 - 000000866 _____ C:\Users\Public\Desktop\Asmwsoft PC Optimizer.lnk
2021-10-03 15:22 - 2021-10-03 15:22 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-10-03 15:22 - 2021-10-03 15:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\asmwsoft.com
2021-10-03 15:22 - 2021-10-03 15:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asmwsoft PC Optimizer
2021-10-03 15:22 - 2021-10-03 15:22 - 000000000 ____D C:\Program Files (x86)\Asmwsoft PC optimizer
2021-10-03 15:22 - 2017-10-26 06:33 - 000053248 _____ C:\WINDOWS\SysWOW64\FileSearch.dll
2021-10-03 15:22 - 2017-10-20 07:54 - 000040960 _____ (Asmwsoft.com) C:\WINDOWS\SysWOW64\hist.ocx
2021-10-03 15:22 - 2016-08-13 14:38 - 000044544 _____ () C:\WINDOWS\SysWOW64\gif89.dll
2021-10-03 15:22 - 2015-12-09 19:58 - 001070232 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMCTL.OCX
2021-10-03 15:22 - 2014-11-21 11:14 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shfoff15.rra
2021-10-03 15:22 - 2013-08-22 07:16 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wbemdisp.tlb
2021-10-03 15:22 - 2013-08-22 07:16 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stdof10c.rra
2021-10-03 15:22 - 2012-10-03 14:13 - 000132880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSINET.OCX
2021-10-03 15:22 - 2009-03-24 07:52 - 000659264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMCT2.OCX
2021-10-03 15:22 - 2009-03-24 07:52 - 000170080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COMCT232.OCX
2021-10-03 15:22 - 2009-03-24 07:52 - 000155984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COMDLG32.OCX
2021-10-03 15:22 - 2004-10-20 22:31 - 000021504 _____ (asmwsoft.com) C:\WINDOWS\SysWOW64\asmwZipIt.ocx
2021-10-03 15:22 - 2004-03-09 00:00 - 000212240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RICHTX32.OCX
2021-10-03 15:22 - 2004-03-09 00:00 - 000124688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSWINSCK.OCX
2021-10-03 15:22 - 2004-02-04 08:40 - 000151552 _____ (Asmw Soft Systems www.asmwsoft.com) C:\WINDOWS\SysWOW64\style.ocx
2021-10-03 15:22 - 2003-09-21 07:28 - 000233526 _____ (asmw soft systems) C:\WINDOWS\SysWOW64\asmwmenu.dll
2021-10-03 15:22 - 1997-01-16 01:42 - 000006114 _____ C:\WINDOWS\SysWOW64\SHELLLNK.TLB
2021-10-03 15:21 - 2021-10-03 15:21 - 010043728 _____ (Macrovision Corporation) C:\Users\k08ik\Downloads\asmwsoftpcoptimizersetup.exe
2021-10-03 13:27 - 2021-10-03 13:31 - 000000000 ____D C:\ProgramData\Restoro
2021-10-03 13:27 - 2021-10-03 13:27 - 000001755 _____ C:\Users\Public\Desktop\Restoro.lnk
2021-10-03 13:27 - 2021-10-03 13:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Restoro
2021-10-03 13:27 - 2021-10-03 13:27 - 000000000 ____D C:\Program Files\Restoro
2021-10-03 13:26 - 2021-10-03 13:31 - 000000161 _____ C:\WINDOWS\restoro.ini
2021-10-03 13:26 - 2021-10-03 13:26 - 000932664 _____ (Restoro) C:\Users\k08ik\Downloads\Restoro.exe
2021-10-02 23:04 - 2021-10-02 23:04 - 000000000 ___HD C:\OneDriveTemp
2021-10-02 22:59 - 2021-10-02 23:00 - 000004399 _____ C:\Users\k08ik\Desktop\Fixlog.txt
2021-10-02 21:04 - 2021-10-02 21:10 - 000014842 _____ C:\Users\k08ik\Desktop\Addition.txt
2021-10-02 21:00 - 2021-10-04 19:41 - 000008385 _____ C:\Users\k08ik\Desktop\FRST.txt
2021-10-02 20:59 - 2021-10-04 19:39 - 000000000 ____D C:\Users\k08ik\Desktop\FRST-OlderVersion
2021-10-02 13:07 - 2021-10-02 13:07 - 008553680 _____ (Malwarebytes) C:\Users\k08ik\Desktop\adwcleaner_8.3.0 (1).exe
2021-10-02 13:05 - 2021-10-02 13:09 - 000000000 ____D C:\AdwCleaner
2021-10-02 13:05 - 2021-10-02 13:05 - 008553680 _____ (Malwarebytes) C:\Users\k08ik\Downloads\adwcleaner_8.3.0.exe
2021-10-02 02:32 - 2021-10-02 02:33 - 000000444 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2021-10-01 22:33 - 2021-10-02 22:56 - 000000000 ____D C:\Users\k08ik\AppData\Roaming\Notepad++
2021-10-01 22:33 - 2021-10-01 22:33 - 000000887 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2021-10-01 22:33 - 2021-10-01 22:33 - 000000875 _____ C:\Users\Public\Desktop\Notepad++.lnk
2021-10-01 22:33 - 2021-10-01 22:33 - 000000000 ____D C:\Program Files\Notepad++
2021-10-01 22:32 - 2021-10-01 22:32 - 004338784 _____ (Don HO don.h@free.fr) C:\Users\k08ik\Downloads\npp.8.1.5.Installer.x64.exe
2021-10-01 21:49 - 2021-10-04 19:40 - 000000000 ____D C:\FRST
2021-10-01 21:47 - 2021-10-04 19:39 - 002308096 _____ (Farbar) C:\Users\k08ik\Desktop\FRST64.exe
2021-10-01 18:30 - 2021-10-01 18:30 - 000000000 ___HD C:\$WinREAgent
2021-10-01 18:30 - 2021-10-01 18:30 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-10-01 18:29 - 2021-10-01 18:30 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-10-01 14:06 - 2021-10-01 14:06 - 001341272 _____ (Google LLC) C:\Users\k08ik\Downloads\ChromeSetup (1).exe
2021-10-01 13:54 - 2021-10-01 14:07 - 000002329 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-10-01 13:54 - 2021-10-01 14:07 - 000002288 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-10-01 13:53 - 2021-10-01 13:53 - 000000000 ____D C:\Program Files\Google
2021-10-01 13:52 - 2021-10-04 19:32 - 000000000 ____D C:\Program Files (x86)\Google
2021-10-01 13:52 - 2021-10-01 14:00 - 000000000 ____D C:\Users\k08ik\AppData\Local\Google
2021-10-01 13:52 - 2021-10-01 13:52 - 001341272 _____ (Google LLC) C:\Users\k08ik\Downloads\ChromeSetup.exe
2021-10-01 13:40 - 2021-10-01 13:40 - 000000000 ____D C:\Users\k08ik\AppData\Local\Comms
2021-10-01 13:35 - 2021-10-04 07:29 - 000000000 ____D C:\Users\k08ik\AppData\Local\D3DSCache
2021-10-01 13:27 - 2021-10-01 13:47 - 000000000 ____D C:\Users\k08ik\AppData\Local\PlaceholderTileLogoFolder
2021-10-01 13:25 - 2021-10-02 23:04 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-63133299-3127860021-3020444460-1001
2021-10-01 13:25 - 2021-10-02 23:04 - 000000000 ___RD C:\Users\k08ik\OneDrive
2021-10-01 13:24 - 2021-10-01 13:24 - 000001339 _____ C:\Users\k08ik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Správce zvuku Realtek HD.lnk
2021-10-01 13:24 - 2021-10-01 13:24 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-10-01 13:23 - 2021-10-01 13:47 - 000000000 ____D C:\ProgramData\Packages
2021-10-01 13:23 - 2021-10-01 13:23 - 000000000 ____D C:\Users\k08ik\AppData\Local\Publishers
2021-10-01 13:22 - 2021-10-02 23:03 - 000000000 ____D C:\Users\k08ik\AppData\Local\ConnectedDevicesPlatform
2021-10-01 13:22 - 2021-10-01 13:47 - 000000000 ____D C:\Users\k08ik\AppData\Local\Packages
2021-10-01 13:22 - 2021-10-01 13:24 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-10-01 13:22 - 2021-10-01 13:22 - 000000000 ___RD C:\Users\k08ik\3D Objects
2021-10-01 13:22 - 2021-10-01 13:22 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG
2021-10-01 13:22 - 2021-10-01 13:22 - 000000000 ____D C:\Users\k08ik\AppData\Local\VirtualStore
2021-10-01 13:12 - 2021-10-02 23:04 - 000002387 _____ C:\Users\k08ik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-10-01 13:12 - 2021-10-01 13:25 - 000000000 ____D C:\Users\k08ik
2021-10-01 13:12 - 2021-10-01 13:12 - 000000020 ___SH C:\Users\k08ik\ntuser.ini
2021-10-01 13:12 - 2021-10-01 13:12 - 000000000 _SHDL C:\Users\k08ik\Šablony
2021-10-01 13:12 - 2021-10-01 13:12 - 000000000 _SHDL C:\Users\k08ik\Soubory cookie
2021-10-01 13:12 - 2021-10-01 13:12 - 000000000 _SHDL C:\Users\k08ik\Poslední
2021-10-01 13:12 - 2021-10-01 13:12 - 000000000 _SHDL C:\Users\k08ik\Okolní tiskárny
2021-10-01 13:12 - 2021-10-01 13:12 - 000000000 _SHDL C:\Users\k08ik\Okolní síť
2021-10-01 13:12 - 2021-10-01 13:12 - 000000000 _SHDL C:\Users\k08ik\Nabídka Start
2021-10-01 13:12 - 2021-10-01 13:12 - 000000000 _SHDL C:\Users\k08ik\Dokumenty
2021-10-01 13:12 - 2021-10-01 13:12 - 000000000 _SHDL C:\Users\k08ik\Documents\Obrázky
2021-10-01 13:12 - 2021-10-01 13:12 - 000000000 _SHDL C:\Users\k08ik\Documents\Hudba
2021-10-01 13:12 - 2021-10-01 13:12 - 000000000 _SHDL C:\Users\k08ik\Documents\Filmy
2021-10-01 13:12 - 2021-10-01 13:12 - 000000000 _SHDL C:\Users\k08ik\Data aplikací
2021-10-01 13:12 - 2021-10-01 13:12 - 000000000 _SHDL C:\Users\k08ik\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2021-10-01 13:12 - 2021-10-01 13:12 - 000000000 _SHDL C:\Users\k08ik\AppData\Local\Data aplikací
2021-10-01 12:14 - 2021-10-02 23:06 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Public\Documents\Obrázky
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Public\Documents\Hudba
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Public\Documents\Filmy
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Default\Šablony
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Default\Poslední
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Default\Okolní síť
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Default\Dokumenty
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Default\Documents\Obrázky
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Default\Documents\Hudba
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Default\Documents\Filmy
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Default\Data aplikací
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\Default User
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Users\All Users
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\ProgramData\Šablony
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\ProgramData\Plocha
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\ProgramData\Dokumenty
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\ProgramData\Data aplikací
2021-10-01 12:09 - 2021-10-01 12:09 - 000000000 _SHDL C:\Documents and Settings
2021-10-01 12:01 - 2021-10-03 10:41 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-10-01 12:01 - 2021-10-03 10:41 - 000002284 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-10-01 12:01 - 2021-10-02 13:43 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-01 12:01 - 2021-10-02 13:43 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-10-01 12:01 - 2021-10-01 12:01 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2021-10-01 12:01 - 2021-10-01 12:01 - 000000000 ____H C:\ProgramData\DP45977C.lfl
2021-10-01 12:01 - 2021-10-01 12:01 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2021-10-01 12:01 - 2021-10-01 12:01 - 000000000 ____D C:\Program Files\Realtek
2021-10-01 12:01 - 2021-10-01 12:01 - 000000000 ____D C:\Intel
2021-10-01 11:59 - 2021-10-04 18:59 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-10-01 11:59 - 2021-10-02 23:01 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-10-01 11:59 - 2021-10-01 13:29 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-10-01 11:59 - 2021-10-01 11:59 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-10-01 11:58 - 2021-10-03 00:07 - 000008192 ___SH C:\DumpStack.log.tmp
2021-10-01 11:58 - 2021-10-01 11:59 - 000258960 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-10-01 06:29 - 2021-10-01 06:29 - 000000000 ____D C:\WINDOWS\OEM
2021-10-01 06:28 - 2021-10-01 12:10 - 000000000 ____D C:\WINDOWS\Panther
2021-10-01 06:18 - 2021-10-01 06:18 - 000000000 ____D C:\Program Files\Elantech
2021-10-01 06:17 - 2021-10-01 06:17 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-10-01 06:16 - 2021-10-01 06:16 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2021-10-01 06:16 - 2021-10-01 06:16 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2021-10-01 06:16 - 2021-10-01 06:16 - 000000000 ____D C:\WINDOWS\Setup
2021-10-01 06:16 - 2021-10-01 06:16 - 000000000 ____D C:\WINDOWS\OCR
2021-10-01 06:15 - 2021-10-02 23:06 - 000683426 _____ C:\WINDOWS\system32\perfh005.dat
2021-10-01 06:15 - 2021-10-02 23:06 - 000137206 _____ C:\WINDOWS\system32\perfc005.dat
2021-10-01 06:15 - 2021-10-01 06:15 - 000296964 _____ C:\WINDOWS\system32\perfi005.dat
2021-10-01 06:15 - 2021-10-01 06:15 - 000038778 _____ C:\WINDOWS\system32\perfd005.dat
2021-10-01 06:15 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2021-10-01 06:15 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2021-10-01 06:15 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2021-10-01 06:15 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2021-10-01 06:15 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2021-10-01 06:15 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2021-10-01 06:15 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\SysWOW64\0409
2021-10-01 06:15 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\system32\winrm
2021-10-01 06:15 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\system32\WCN
2021-10-01 06:15 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\system32\slmgr
2021-10-01 06:15 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2021-10-01 06:15 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\system32\cs
2021-10-01 06:15 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\system32\0409
2021-10-01 06:15 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\DigitalLocker
2021-10-01 06:11 - 2021-10-01 06:07 - 000215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2021-10-01 06:11 - 2021-10-01 06:07 - 000003103 _____ C:\WINDOWS\SysWOW64\mmc.exe.config
2021-10-01 06:11 - 2021-10-01 06:07 - 000000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2021-10-01 06:10 - 2021-10-04 13:50 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-10-01 06:10 - 2021-10-03 15:22 - 000000000 ___RD C:\Program Files (x86)
2021-10-01 06:10 - 2021-10-03 14:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-10-01 06:10 - 2021-10-03 10:41 - 000000000 ___HD C:\Program Files\WindowsApps
2021-10-01 06:10 - 2021-10-02 22:59 - 000000000 ____D C:\WINDOWS\Registration
2021-10-01 06:10 - 2021-10-02 13:03 - 000000000 ____D C:\WINDOWS\appcompat
2021-10-01 06:10 - 2021-10-01 13:40 - 000000000 ____D C:\WINDOWS\ServiceState
2021-10-01 06:10 - 2021-10-01 13:39 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-10-01 06:10 - 2021-10-01 13:27 - 000000000 ____D C:\Program Files\Windows Defender
2021-10-01 06:10 - 2021-10-01 13:23 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-10-01 06:10 - 2021-10-01 13:12 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-10-01 06:10 - 2021-10-01 13:05 - 000000000 ____D C:\ProgramData\USOPrivate
2021-10-01 06:10 - 2021-10-01 12:11 - 000000000 ____D C:\WINDOWS\system32\spool
2021-10-01 06:10 - 2021-10-01 12:09 - 000000000 ____D C:\Program Files\Windows NT
2021-10-01 06:10 - 2021-10-01 11:58 - 000000000 ____D C:\WINDOWS\system32\config\TxR
2021-10-01 06:10 - 2021-10-01 06:27 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ___SD C:\WINDOWS\system32\dsc
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\system32\setup
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\system32\MUI
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\system32\Com
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\IME
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\WINDOWS\Help
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\Program Files\Common Files\System
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\Program Files (x86)\Windows NT
2021-10-01 06:10 - 2021-10-01 06:15 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-10-01 06:10 - 2021-10-01 06:11 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui
2021-10-01 06:10 - 2021-10-01 06:11 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-10-01 06:10 - 2021-10-01 06:11 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-10-01 06:10 - 2021-10-01 06:11 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2021-10-01 06:10 - 2021-10-01 06:11 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-10-01 06:10 - 2021-10-01 06:11 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml
2021-10-01 06:10 - 2021-10-01 06:11 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2021-10-01 06:10 - 2021-10-01 06:11 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2021-10-01 06:10 - 2021-10-01 06:11 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 __SHD C:\Program Files\Windows Sidebar
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 __RSD C:\WINDOWS\Media
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 __RHD C:\Users\Public\Libraries
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ___SD C:\WINDOWS\system32\Nui
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ___SD C:\WINDOWS\system32\Configuration
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ___HD C:\WINDOWS\LanguageOverlayCache
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\Web
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\WaaS
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\Vss
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\tracing
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\TAPI
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\SysWOW64\ras
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Msdtc
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\SystemResources
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\SystemApps
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\winevt
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\ti-et
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\ta-lk
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\ta-in
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\si-lk
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\ras
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\ProximityToast
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\PointOfService
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\osa-Osge-001
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\my-mm
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\Macromed
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\Ipmi
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\IME
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\icsxml
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\ias
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\Hydrogen
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\GroupPolicyUsers
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\ff-Adlm-SN
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\DriverState
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\downlevel
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\DDFs
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\ContainerSettingsProviders
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\config\RegBack
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\config\Journal
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\Bthprops
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\am-et
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\System
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\SKB
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\schemas
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\SchCache
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\security
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\Resources
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\rescache
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\Provisioning
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\PLA
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\Performance
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\ModemLogs
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\L2Schemas
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\InputMethod
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\IdentityCRL
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\Globalization
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\Cursors
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\Containers
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\Branding
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\ProgramData\USOShared
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\Program Files\Windows Security
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\Program Files\Windows Portable Devices
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\Program Files\ModifiableWindowsApps
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\Program Files\Common Files\Services
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2021-10-01 06:10 - 2021-10-01 06:10 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2021-10-01 06:10 - 2021-10-01 06:07 - 000215943 _____ C:\WINDOWS\system32\dssec.dat
2021-10-01 06:10 - 2021-10-01 06:07 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-10-01 06:10 - 2021-10-01 06:07 - 000017635 _____ C:\WINDOWS\system32\Drivers\etc\services
2021-10-01 06:10 - 2021-10-01 06:07 - 000003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2021-10-01 06:10 - 2021-10-01 06:07 - 000003103 _____ C:\WINDOWS\system32\mmc.exe.config
2021-10-01 06:10 - 2021-10-01 06:07 - 000001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol
2021-10-01 06:10 - 2021-10-01 06:07 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2021-10-01 06:10 - 2021-10-01 06:07 - 000000741 _____ C:\WINDOWS\system32\NOISE.DAT
2021-10-01 06:10 - 2021-10-01 06:07 - 000000407 _____ C:\WINDOWS\system32\Drivers\etc\networks
2021-10-01 06:10 - 2021-10-01 06:07 - 000000219 _____ C:\WINDOWS\system.ini
2021-10-01 06:10 - 2021-10-01 06:07 - 000000092 _____ C:\WINDOWS\win.ini
2021-10-01 06:08 - 2021-10-02 23:06 - 000000000 ____D C:\WINDOWS\INF
2021-10-01 06:00 - 2021-10-01 18:39 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-10-01 05:53 - 2021-10-02 23:01 - 068681728 _____ C:\WINDOWS\system32\config\SOFTWARE
2021-10-01 05:53 - 2021-10-02 23:01 - 013893632 _____ C:\WINDOWS\system32\config\SYSTEM
2021-10-01 05:53 - 2021-10-02 23:01 - 000524288 _____ C:\WINDOWS\system32\config\DEFAULT
2021-10-01 05:53 - 2021-10-02 23:01 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-10-01 05:53 - 2021-10-02 23:01 - 000131072 _____ C:\WINDOWS\system32\config\SAM
2021-10-01 05:53 - 2021-10-02 23:01 - 000032768 _____ C:\WINDOWS\system32\config\SECURITY
2021-10-01 05:53 - 2021-10-01 18:39 - 000000000 ____D C:\WINDOWS\servicing
2021-10-01 05:53 - 2021-10-01 13:26 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-10-01 05:53 - 2021-10-01 06:10 - 000000000 ____D C:\WINDOWS\system32\SMI
2021-10-01 05:50 - 2021-10-01 12:58 - 000000000 ___HD C:\$SysReset
2021-09-15 10:25 - 2021-09-15 10:25 - 000672768 ____N C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-09-15 10:25 - 2021-09-15 10:25 - 000452096 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-09-15 10:24 - 2021-09-15 10:24 - 002111488 ____N (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll
2021-09-15 10:24 - 2021-09-15 10:24 - 001333760 ____N C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-09-15 10:24 - 2021-09-15 10:24 - 001313608 ____N (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-09-15 10:24 - 2021-09-15 10:24 - 001164288 ____N C:\WINDOWS\system32\MBR2GPT.EXE
2021-09-15 10:24 - 2021-09-15 10:24 - 000570368 ____N (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-09-15 10:24 - 2021-09-15 10:24 - 000426496 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-09-15 10:24 - 2021-09-15 10:24 - 000223744 ____N C:\WINDOWS\SysWOW64\TpmTool.exe
2021-09-15 10:24 - 2021-09-15 10:24 - 000147456 ____N (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2021-09-15 10:24 - 2021-09-15 10:24 - 000122880 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2021-09-15 10:24 - 2021-09-15 10:24 - 000011355 ____N C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-09-15 10:23 - 2021-09-15 10:23 - 002295296 ____N (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll
2021-09-15 10:23 - 2021-09-15 10:23 - 002260992 ____N C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-09-15 10:23 - 2021-09-15 10:23 - 001823304 ____N (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-09-15 10:23 - 2021-09-15 10:23 - 001393480 ____N (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-09-15 10:23 - 2021-09-15 10:23 - 000098816 ____N C:\WINDOWS\system32\Drivers\cimfs.sys
2021-09-15 10:22 - 2021-09-15 10:22 - 000566784 ____N (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-09-15 10:22 - 2021-09-15 10:22 - 000272384 ____N C:\WINDOWS\system32\TpmTool.exe
2021-09-15 10:22 - 2021-09-15 10:22 - 000162816 ____N C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-08-13 02:45 - 2021-08-13 02:45 - 002755584 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-08-13 02:44 - 2021-08-13 02:44 - 002755584 ____N (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-08-13 02:43 - 2021-08-13 02:43 - 000288768 ____N C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-07-15 03:56 - 2021-07-15 03:56 - 000007680 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-07-15 03:56 - 2021-07-15 03:56 - 000007680 ____N (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-07-15 03:56 - 2021-07-15 03:56 - 000006656 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-07-15 03:56 - 2021-07-15 03:56 - 000006656 ____N (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2021-07-07 19:23 - 2021-07-07 19:23 - 002371072 ____N C:\WINDOWS\system32\rdpnano.dll
2021-07-07 19:23 - 2021-07-07 19:23 - 000084992 ____N (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-07-07 19:23 - 2021-07-07 19:23 - 000067584 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-07-07 19:22 - 2021-07-07 19:22 - 000060928 ____N C:\WINDOWS\system32\runexehelper.exe

==================== Three months (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)


==================== SigCheckExt =========================

2021-10-03 15:22 - 2003-09-21 07:28 - 000233526 _____ (asmw soft systems) C:\WINDOWS\SysWOW64\asmwmenu.dll
2021-10-03 15:22 - 2017-10-26 06:33 - 000053248 _____ C:\WINDOWS\SysWOW64\FileSearch.dll
2021-10-03 15:22 - 2016-08-13 14:38 - 000044544 _____ () C:\WINDOWS\SysWOW64\gif89.dll
2021-10-01 21:47 - 2021-10-04 19:39 - 002308096 _____ (Farbar) C:\Users\k08ik\Desktop\FRST64.exe
2021-10-03 15:21 - 2021-10-03 15:21 - 010043728 _____ (Macrovision Corporation) C:\Users\k08ik\Downloads\asmwsoftpcoptimizersetup.exe

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


==================== BCD ================================

Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=\Device\HarddiskVolume1
description Windows Boot Manager
locale cs-CZ
inherit {globalsettings}
default {current}
resumeobject {9b0124f5-226e-11ec-a647-90fbd4410f82}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30

Windows Boot Loader
-------------------
identifier {current}
device partition=C:
path \WINDOWS\system32\winload.exe
description Windows 10
locale cs-CZ
inherit {bootloadersettings}
recoverysequence {e746e2e3-ded0-11ea-ab9a-9cb4751df4f5}
displaymessageoverride Recovery
recoveryenabled Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {9b0124f5-226e-11ec-a647-90fbd4410f82}
nx OptIn
bootmenupolicy Standard

Windows Boot Loader
-------------------
identifier {e746e2e3-ded0-11ea-ab9a-9cb4751df4f5}
device ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{e746e2e4-ded0-11ea-ab9a-9cb4751df4f5}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale cs-CZ
inherit {bootloadersettings}
displaymessage Recovery
displaymessageoverride PushButtonReset
osdevice ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{e746e2e4-ded0-11ea-ab9a-9cb4751df4f5}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes

Resume from Hibernate
---------------------
identifier {9b0124f5-226e-11ec-a647-90fbd4410f82}
device partition=C:
path \WINDOWS\system32\winresume.exe
description Windows Resume Application
locale cs-CZ
inherit {resumeloadersettings}
recoverysequence {e746e2e3-ded0-11ea-ab9a-9cb4751df4f5}
recoveryenabled Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No

Windows Memory Tester
---------------------
identifier {memdiag}
device partition=\Device\HarddiskVolume1
path \boot\memtest.exe
description Diagnostika pamŘti syst‚mu Windows
locale cs-CZ
inherit {globalsettings}
badmemoryaccess Yes

EMS Settings
------------
identifier {emssettings}
bootems No

Debugger Settings
-----------------
identifier {dbgsettings}
debugtype Local

RAM Defects
-----------
identifier {badmemory}

Global Settings
---------------
identifier {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Boot Loader Settings
--------------------
identifier {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Hypervisor Settings
-------------------
identifier {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Resume Loader Settings
----------------------
identifier {resumeloadersettings}
inherit {globalsettings}

Device options
--------------
identifier {e746e2e4-ded0-11ea-ab9a-9cb4751df4f5}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume3
ramdisksdipath \Recovery\WindowsRE\boot.sdi

==================== End of FRST.txt ========================

Tak došel jsem před chvilkou z práce zapnu komp a peklo... Najednou je zde asi 50 groups profiles ...
Jako admin nemůžu řídit služby. Ve službách kde jsem ještě ráno byl nastaven jako účet pro přihlášení - místní systemovy účet teď je nastaven ; tento účet :
password: ••••••••••••
password: ••••••••••••