Kontrola logu

Zpráva

romcolahvac · #1 Příspěvek od **romcolahvac** » 29 srp 2023 13:00

Dobrý den, mohu poprosit o kontrolu logu? Děkuji

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-08-2023
Ran by agnes (29-08-2023 13:57:41)
Running from C:\Users\agnes\Downloads
Microsoft Windows 11 Home Version 22H2 22621.2134 (X64) (2023-01-08 18:07:37)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-966670334-227796945-3083744542-500 - Administrator - Disabled)
agnes (S-1-5-21-966670334-227796945-3083744542-1001 - Administrator - Enabled) => C:\Users\agnes
DefaultAccount (S-1-5-21-966670334-227796945-3083744542-503 - Limited - Disabled)
Guest (S-1-5-21-966670334-227796945-3083744542-501 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-966670334-227796945-3083744542-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton 360 (Enabled - Up to date) {AECE2126-F4E7-6909-11F2-1B69D1FBCBD0}
FW: Norton 360 (Enabled) {96F5A003-BE88-6851-3AAD-B25C2F288CAB}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-966670334-227796945-3083744542-1001\...\uTorrent) (Version: 3.6.0.46672 - BitTorrent Inc.)
4K Video Downloader 4.14.0.4010 (HKLM\...\4K Video Downloader_is1) (Version: 4.14.0.4010 - lrepacks.ru)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 23.003.20284 - Adobe)
Adobe Premiere Pro 2022 (HKLM-x32\...\PPRO_22_2) (Version: 22.2 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
CEWE fotosvet (HKLM\...\CEWE fotosvet) (Version: 7.3.3 - CEWE Stiftung u Co. KGaA)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 11.1.0.2037 - Disc Soft Ltd)
f.lux (HKU\S-1-5-21-966670334-227796945-3083744542-1001\...\Flux) (Version: 4.124 - f.lux Software LLC)
Gen5 3.14 (HKLM\...\{6CB16334-6E4F-49B3-B665-CE610043DF6F}) (Version: 3.14.03 - Agilent)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 116.0.5845.111 - Google LLC)
GraphPad Prism 9.5.1.733 (HKLM\...\{0B252ED3-16E8-4B29-B80C-6F645D743D7C}) (Version: 9.5.1733 - GraphPad Software LLC)
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - )
iLovePDF (HKLM-x32\...\iLovePDF) (Version: 2.0.78.0 - iLovePDF.S.L)
Mendeley Reference Manager 2.81.0 (HKU\S-1-5-21-966670334-227796945-3083744542-1001\...\b4b58389-01e4-5dfd-9842-aad36733657a) (Version: 2.81.0 - Mendeley)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.16626.20170 - Microsoft Corporation)
Microsoft 365 - en-gb (HKLM\...\O365HomePremRetail - en-gb) (Version: 16.0.16626.20170 - Microsoft Corporation)
Microsoft 365 - hu-hu (HKLM\...\O365HomePremRetail - hu-hu) (Version: 16.0.16626.20170 - Microsoft Corporation)
Microsoft 365 - pl-pl (HKLM\...\O365HomePremRetail - pl-pl) (Version: 16.0.16626.20170 - Microsoft Corporation)
Microsoft 365 - sk-sk (HKLM\...\O365HomePremRetail - sk-sk) (Version: 16.0.16626.20170 - Microsoft Corporation)
Microsoft Access database engine 2010 (English) (HKLM\...\{90140000-00D1-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Bing Service (HKLM-x32\...\{27990F25-A90A-4CE5-868E-1A1BB70A58EE}) (Version: 2.0.0.7 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 116.0.1938.62 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 116.0.1938.62 - Microsoft Corporation)
Microsoft Office Professional Plus 2021 - cs-cz (HKLM\...\ProPlus2021Retail - cs-cz) (Version: 16.0.16626.20170 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.158.0730.0001 - Microsoft Corporation)
Microsoft OneNote - cs-cz (HKLM\...\OneNoteFreeRetail - cs-cz) (Version: 16.0.16626.20170 - Microsoft Corporation)
Microsoft OneNote - en-gb (HKLM\...\OneNoteFreeRetail - en-gb) (Version: 16.0.16626.20170 - Microsoft Corporation)
Microsoft OneNote - hu-hu (HKLM\...\OneNoteFreeRetail - hu-hu) (Version: 16.0.16626.20170 - Microsoft Corporation)
Microsoft OneNote - pl-pl (HKLM\...\OneNoteFreeRetail - pl-pl) (Version: 16.0.16626.20170 - Microsoft Corporation)
Microsoft OneNote - sk-sk (HKLM\...\OneNoteFreeRetail - sk-sk) (Version: 16.0.16626.20170 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{43D501A5-E5E3-46EC-8F33-9E15D2A2CBD5}) (Version: 5.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30135 (HKLM-x32\...\{fa7f6d52-f85e-48ef-8f56-a37268aa5772}) (Version: 14.29.30135.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.31.31103 (HKLM-x32\...\{41d7b770-418a-43b7-95a5-f925fff05789}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30135 (HKLM\...\{34DB4181-0770-4B5A-B561-68758A077B0F}) (Version: 14.29.30135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30135 (HKLM\...\{40118CD9-A805-400C-864E-041A5B5C01B0}) (Version: 14.29.30135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.31.31103 (HKLM-x32\...\{5720EC03-F26F-40B7-980C-50B5D420B5DE}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.31.31103 (HKLM-x32\...\{799E3FFF-705C-461F-B400-6DE27398B3E5}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Norton 360 (HKLM-x32\...\NGC) (Version: 22.23.6.5 - NortonLifeLock Inc)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16626.20170 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16626.20170 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0415-1000-0000000FF1CE}) (Version: 16.0.16626.20170 - Microsoft Corporation) Hidden
PDF24 Creator 11.9.1 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 11.9.1 - PDF24.org)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
ZPS 19 CZ (HKU\S-1-5-21-966670334-227796945-3083744542-1001\...\{E83AA227-7862-F115-2E87-46DCA9E3D879}) (Version: v.19.2004.2.262 - 18.08.2020 - libbi)

Packages:
=========
5A894077.McAfeeSecurity -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy [2023-01-10] (McAfee LLC.)
Adobe Express -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobeCreativeCloudExpress_2.1.1.0_neutral__ynb6jyjzte8ga [2023-08-28] (Adobe Inc.)
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5180.0_x64__8j3eq9eme6ctt [2023-08-20] (INTEL CORP) [Startup Task]
B9ECED6F.ScreenPadMaster -> C:\Program Files\WindowsApps\B9ECED6F.ScreenPadMaster_3.0.22.0_x64__qmba6cd70vzyy [2023-05-08] (ASUSTeK COMPUTER INC.)
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2023-08-20] (Microsoft Corporation)
DTS Audio Processing -> C:\Program Files\WindowsApps\DTSInc.DTSAudioProcessing_1.10.14.0_x64__t5j2fzbtdg37r [2023-07-07] (DTS, Inc.)
HEIC Converter - HEIC to JPG -> C:\Program Files\WindowsApps\45907smallapp.HEICConverter-HEICtoJPG_1.1.3.0_x64__z9hw59krvrfng [2023-05-20] (screen recorder app)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_148.2.1069.0_x64__v10z8vjag6ke6 [2023-08-06] (HP Inc.)
LiquidText -> C:\Program Files\WindowsApps\LiquidText.LiquidText_2.7.102.0_x64__rx5mtpcf576t0 [2023-08-03] (LiquidText)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1920.8.125.0_x64__8xx8rvfyw5nnt [2023-08-03] (Meta) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.39.0_x64__8wekyb3d8bbwe [2023-01-10] (Microsoft Corp.)
Microsoft.WindowsAppRuntime.CBS -> C:\WINDOWS\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2023-08-20] (Microsoft Corporation)
MyASUS -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.23.0_x64__qmba6cd70vzyy [2023-08-03] (ASUSTeK COMPUTER INC.)
Norton Security -> C:\Program Files\Norton Security\Engine\22.23.6.5 [2023-08-29] (NortonLifeLock Inc.)
Radio Stations Online Free -> C:\Program Files\WindowsApps\5331LeThanhDat.RadioStationsOnlineFree_3.0.1.0_x64__4sg46mhseqky0 [2023-07-22] (Le Thanh Dat)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.36.273.0_x64__dt26b99r8h8gj [2023-01-10] (Realtek Semiconductor Corp)
Recorder One -> C:\Program Files\WindowsApps\IPTGroup.LuckyRecorderFree_10.10.45.0_x64__fbja025meezca [2023-08-24] (IPT International Technologies Corporation.)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2333.8.0_x64__cv1g1gvanyjgm [2023-08-27] (WhatsApp Inc.) [Startup Task]
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2023-08-20] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.158.0730.0001\FileSyncShell64.dll [2023-08-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.158.0730.0001\FileSyncShell64.dll [2023-08-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.158.0730.0001\FileSyncShell64.dll [2023-08-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.158.0730.0001\FileSyncShell64.dll [2023-08-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.158.0730.0001\FileSyncShell64.dll [2023-08-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.158.0730.0001\FileSyncShell64.dll [2023-08-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.158.0730.0001\FileSyncShell64.dll [2023-08-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.23.6.5\buShell.dll [2023-07-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.23.6.5\buShell.dll [2023-07-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.23.6.5\buShell.dll [2023-07-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.158.0730.0001\FileSyncShell64.dll [2023-08-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.158.0730.0001\FileSyncShell64.dll [2023-08-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.158.0730.0001\FileSyncShell64.dll [2023-08-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.158.0730.0001\FileSyncShell64.dll [2023-08-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.158.0730.0001\FileSyncShell64.dll [2023-08-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.158.0730.0001\FileSyncShell64.dll [2023-08-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.158.0730.0001\FileSyncShell64.dll [2023-08-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.23.6.5\buShell.dll [2023-07-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.23.6.5\buShell.dll [2023-07-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.23.6.5\buShell.dll [2023-07-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.158.0730.0001\FileSyncShell64.dll [2023-08-28] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.23.6.5\buShell.dll [2023-07-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.23.6.5\NavShExt.dll [2023-07-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2023-01-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers2: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.23.6.5\NavShExt.dll [2023-07-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2023-01-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.158.0730.0001\FileSyncShell64.dll [2023-08-28] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.158.0730.0001\FileSyncShell64.dll [2023-08-28] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.23.6.5\buShell.dll [2023-07-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers6: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.23.6.5\NavShExt.dll [2023-07-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\agnes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Zoom.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hmbjbjdpkobdjplfobhljndfdfdipjhg

==================== Loaded Modules (Whitelisted) =============

2021-10-04 23:55 - 2021-10-04 23:55 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2021-10-04 23:55 - 2021-10-04 23:55 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-08-03] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM-x32 - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-08-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-08-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-08-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-08-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-08-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-08-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-08-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-08-03] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-966670334-227796945-3083744542-1001\...\sharepoint.com -> hxxps://vscht-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2021-06-05 14:08 - 2023-01-08 13:45 - 000000859 ____N C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0 account.zoner.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-966670334-227796945-3083744542-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\agnes\Downloads\interstellar-3840x2160.jpg
DNS Servers: 31.30.90.11 - 31.30.90.12
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{DF31D293-EEF2-464E-B09A-2C0D0538BDC4}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{B7F37492-DFD5-438D-ABF0-09F27770A5F9}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{7AB964B2-3528-404E-A626-1071BA4FAC42}] => (Allow) C:\Users\agnes\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) [File not signed]
FirewallRules: [{CF7FFCD5-0D17-4845-8529-D1A32A65FF2F}] => (Allow) C:\Users\agnes\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) [File not signed]
FirewallRules: [{88DA94C1-4D93-4AB0-935B-015D1C619711}] => (Allow) C:\Users\agnes\AppData\Local\Temp\utorrent\utorrent.exe => No File
FirewallRules: [{4B68E55B-5563-414A-820A-4381A2E83888}] => (Allow) C:\Users\agnes\AppData\Local\Temp\utorrent\utorrent.exe => No File
FirewallRules: [{B5E7DD9F-9306-477A-91FC-940629765C7F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{14544438-0095-476C-8283-9B27DC8B9578}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.23.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{73250F91-455A-4172-8ADB-87B0B333D04E}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.23.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{165E89AA-281C-4662-965F-A165653633B7}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.23.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{D8244C31-CB9F-4830-ADCC-7F6173C0BB6D}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.23.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{FC29A9FA-1466-4945-8A4C-48AFF8A6F41A}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{9481252B-3FEC-45B1-BDFC-4BF316197361}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23195.1511.2279.823_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0DBBD0C0-DEE7-442C-B39C-6EB99F1E6BB1}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23195.1511.2279.823_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{00598A09-DCE5-4ABE-9946-0EA384EBEA3D}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\116.0.1938.62\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A8E666DE-E66C-4EFB-AB7E-9B0FC43FFF4E}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSLinkNear\AsusLinkNear.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{BAA8FDCA-0389-451A-9D51-05475BFC1569}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSwitch\AsusSwitchNet.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{C847F20F-96C2-452C-ACB9-8A2DD3BACA0A}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSwitch\AsusSwitchNetMDNS.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{E3613E26-ADC2-41D5-82B1-992DE6291590}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{0F749F66-E8A9-4551-A07B-637CAB85011C}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{278BB33F-D49D-4E8C-9238-42CC6FAFB3FE}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23216.905.2334.6698_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2709D5EA-30FD-4F69-8F94-3316F3C12A17}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23216.905.2334.6698_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

20-08-2023 12:27:16 Instalační služba modulů systému Windows
20-08-2023 12:30:51 Instalační služba modulů systému Windows
20-08-2023 12:31:23 Instalační služba modulů systému Windows
29-08-2023 13:11:49 Windows Update
29-08-2023 13:11:52 Windows Update
29-08-2023 13:12:00 Windows Update

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (08/29/2023 01:05:19 PM) (Source: DPTF) (EventID: 17) (User: NT AUTHORITY)
Description: Event-ID 17

Error: (08/28/2023 11:57:24 AM) (Source: DPTF) (EventID: 17) (User: NT AUTHORITY)
Description: Event-ID 17

Error: (08/28/2023 07:33:08 AM) (Source: DPTF) (EventID: 17) (User: NT AUTHORITY)
Description: Event-ID 17

Error: (08/20/2023 12:26:46 PM) (Source: Application Error) (EventID: 1000) (User: VIVOBOOK)
Description: Název chybující aplikace: AsusScreenXpertReunion.exe, verze: 3.0.18.0, časové razítko: 0xab2c19b6
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.22621.1928, časové razítko: 0xe9af6ed4
Kód výjimky: 0xc000041d
Posun chyby: 0x0000000000064b2c
ID chybujícího procesu: 0x0xff8
Čas spuštění chybující aplikace: 0x0x1d9d350cfe8ffb6
Cesta k chybující aplikaci: C:\Program Files\ASUS\AsusScreenXpert\AsusScreenXpertReunion.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 49f6d8d9-40df-4abb-81f6-ec2cce1d302c
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (08/20/2023 12:26:45 PM) (Source: Application Error) (EventID: 1000) (User: VIVOBOOK)
Description: Název chybující aplikace: AsusScreenXpertReunion.exe, verze: 3.0.18.0, časové razítko: 0xab2c19b6
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00007ff87908c070
ID chybujícího procesu: 0x0xff8
Čas spuštění chybující aplikace: 0x0x1d9d350cfe8ffb6
Cesta k chybující aplikaci: C:\Program Files\ASUS\AsusScreenXpert\AsusScreenXpertReunion.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: e047d820-b718-4924-89b2-b39fa9a544f8
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (08/16/2023 10:19:26 PM) (Source: DPTF) (EventID: 17) (User: NT AUTHORITY)
Description: Event-ID 17

Error: (07/26/2023 03:02:43 PM) (Source: DPTF) (EventID: 17) (User: NT AUTHORITY)
Description: Event-ID 17

Error: (07/15/2023 08:30:58 AM) (Source: DPTF) (EventID: 17) (User: NT AUTHORITY)
Description: Event-ID 17

System errors:
=============
Error: (08/29/2023 01:07:44 PM) (Source: DCOM) (EventID: 10010) (User: VIVOBOOK)
Description: Server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/29/2023 01:05:19 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: NT AUTHORITY)
Description: Na miniportu Microsoft Wi-Fi Direct Virtual Adapter #2, {15d41a4a-08ef-433e-a48f-b088e88fa326}, došlo k události 74.

Error: (08/29/2023 12:11:06 AM) (Source: IntcAzAudAddService) (EventID: 258) (User: )
Description: Event-ID 258

Error: (08/28/2023 12:36:32 PM) (Source: DCOM) (EventID: 10010) (User: VIVOBOOK)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/28/2023 12:36:32 PM) (Source: DCOM) (EventID: 10010) (User: VIVOBOOK)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/28/2023 12:36:32 PM) (Source: DCOM) (EventID: 10010) (User: VIVOBOOK)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/28/2023 12:36:32 PM) (Source: DCOM) (EventID: 10010) (User: VIVOBOOK)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/28/2023 12:36:32 PM) (Source: DCOM) (EventID: 10010) (User: VIVOBOOK)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

CodeIntegrity:
===============
Date: 2023-08-29 13:15:45
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.23.6.5\symamsi.dll that did not meet the Windows signing level requirements.

Date: 2023-08-29 13:13:18
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.23.6.5\symamsi.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends International, LLC. X515EA.309 05/16/2022
Motherboard: ASUSTeK COMPUTER INC. X515EA
Processor: 11th Gen Intel(R) Core(TM) i3-1115G4 @ 3.00GHz
Percentage of memory in use: 75%
Total physical RAM: 7886.7 MB
Available physical RAM: 1933.75 MB
Total Virtual: 16078.7 MB
Available Virtual: 8328.22 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:475.55 GB) (Free:365.6 GB) (Model: NVMe INTEL SSDPEKNU512GZ) (Protected) NTFS

\\?\Volume{96babb30-2b5f-4cb5-94cc-9faa60770177}\ (RECOVERY) (Fixed) (Total:0.93 GB) (Free:0.17 GB) NTFS
\\?\Volume{6c078469-4e98-4186-a979-04bd27f64734}\ (MYASUS) (Fixed) (Total:0.19 GB) (Free:0.14 GB) FAT32
\\?\Volume{adf006f5-0daf-4828-9cb7-8feeef1aefe4}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: FF5C6691)

Partition: GPT.

==================== End of Addition.txt =======================

romcolahvac · #2 Příspěvek od **romcolahvac** » 29 srp 2023 13:01

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-08-2023
Ran by agnes (administrator) on VIVOBOOK (ASUSTeK COMPUTER INC. VivoBook_ASUSLaptop X515EA_X1500EA) (29-08-2023 13:58:38)
Running from C:\Users\agnes\Downloads\FRST64.exe
Loaded Profiles: agnes
Platform: Microsoft Windows 11 Home Version 22H2 22621.2134 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSOptimization\AsusOSD.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\ASUS\AsusScreenXpert\AsusScreenXpertHostService.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\AsusScreenXpert\AsusScreenXpertUI.exe
(C:\Program Files\ASUS\AsusScreenXpert\AsusScreenXpertUI.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\AsusScreenXpert\AsusScreenXpertReunion.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_23195.1511.2279.823_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\116.0.1938.62\msedgewebview2.exe <13>
(C:\Users\agnes\Downloads\FRST64.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_11.2306.15.0_x64__8wekyb3d8bbwe\Notepad\Notepad.exe <3>
(DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSOptimization\AsusOptimization.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSOptimization\AsusOptimizationStartupTask.exe
(DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSoftwareManager\AsusSoftwareManager.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_617efc0299240684\igfxCUIServiceN.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_617efc0299240684\igfxEMN.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <31>
(F.lux Software LLC -> f.lux Software LLC) C:\Users\agnes\AppData\Local\FluxSoftware\Flux\flux.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Users\agnes\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSLinkRemote\AsusLinkRemote.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\AsusScreenXpert\AsusScreenXpertHostService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\AsusAppService\AsusAppService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSLinkNear\AsusLinkNear.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSOptimization\AsusOptimization.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSoftwareManager\AsusSoftwareManager.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSwitch\AsusSwitch.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSystemAnalysis\AsusSystemAnalysis.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe
(services.exe ->) (geek software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe <2>
(services.exe ->) (Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_617efc0299240684\igfxCUIServiceN.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_897ea327b3fe52f7\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorvd.inf_amd64_a5ea1b1d8db1527e\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_6bfff1da475a22be\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_e32ced29f236e322\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_21e0cf0737fd48af\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_06dd582276d3f601\AS\IAS\IntelAudioService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (NortonLifeLock Inc. -> NortonLifelock Inc.) C:\Program Files\Norton Security\Engine\22.23.6.5\NortonSecurity.exe <2>
(services.exe ->) (NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Security\Engine\22.23.6.5\nsWscSvc.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.13900.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_be03f2dca68bf962\RtkAudUService64.exe <3>
Failed to access process -> explorer.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [619192 2023-01-02] (geek software GmbH -> geek software GmbH)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2023-01-07] (Adobe Inc. -> )
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-966670334-227796945-3083744542-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [482128 2023-01-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-966670334-227796945-3083744542-1001\...\Run: [f.lux] => C:\Users\agnes\AppData\Local\FluxSoftware\Flux\flux.exe [1525880 2023-05-18] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-966670334-227796945-3083744542-1001\...\Run: [BingSvc] => C:\Users\agnes\AppData\Local\Microsoft\BingSvc\BingSvc.exe [6638496 2022-09-12] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-966670334-227796945-3083744542-1001\...\MountPoints2: {03e12faa-9278-11ed-af3b-2c3b700bd83c} - "D:\SISetup.exe"
HKU\S-1-5-21-966670334-227796945-3083744542-1001\...\MountPoints2: {edbe903f-dd80-11ed-af4b-2c3b700bd83c} - "D:\RTK_NIC_DRIVER_INSTALLER.sfx.exe"
HKLM\...\Windows x64\Print Processors\HP1100PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP1100PP.DLL [74240 2010-03-04] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\HP1100LM: C:\WINDOWS\system32\HP1100LM.DLL [289280 2010-03-04] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\116.0.5845.111\Installer\chrmstp.exe [2023-08-25] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
Startup: C:\Users\agnes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2023-05-31]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2023-01-08]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {8DCB19BD-402D-4269-9499-8C0965BB7A1A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {6F043E21-461F-4EBA-A46F-2B55B67337DE} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSOptimization\AsusHotkey.exe [291408 2023-07-26] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {E166595B-19AD-41D2-AF4D-81808966064B} - System32\Tasks\ASUS Update Checker 2.0 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSoftwareManager\AsusUpdateChecker.exe [797776 2023-07-26] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {C6DE27D7-3886-4E91-BD84-F718ADD97512} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSystemAnalysis\AsusSystemAnalysis.exe [4082808 2023-07-26] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {5D21D8DB-57D2-4A2E-A6BF-1C00DEDECC92} - System32\Tasks\GoogleUpdateTaskMachineCore{B388F3B3-B4E6-44C7-8430-E02AD8EFA9B2} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-01-08] (Google LLC -> Google LLC)
Task: {361F8295-A27B-4093-BEB2-DD7AC809D738} - System32\Tasks\GoogleUpdateTaskMachineUA{88286215-481B-4534-8B30-C7E82FDDB59F} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-01-08] (Google LLC -> Google LLC)
Task: {BDFCD2A9-6D41-45B7-AD40-0DE976ADA586} - System32\Tasks\McAfeeTsk\OOBEUpgrader => C:\Program Files\McAfee\MSC\OOBE_Upgrader.exe /Run (No File)
Task: {CAFEC526-8854-48C5-B92B-1686374B51C5} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26656848 2023-08-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {AC4C0C82-578D-4E5E-B952-007604181D2E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26656848 2023-08-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {E1A4133E-D912-4B96-BC96-3F0612AA5686} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158872 2023-08-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {EAEB921C-12C2-4F2E-984D-89494ECFF0A7} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158872 2023-08-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {96821B72-35CD-4D7E-B53F-9A4E0EC0BB6D} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [167864 2023-08-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {F6E92BE2-A45E-4909-8E4A-357B42579E59} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\14850BB5-335A-4237-8E79-E6FCBE92DFF6\OS Edition Upgrade event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [495616 2023-08-20] (Microsoft Windows -> Microsoft Corporation)
Task: {557F9B9A-EC4D-41D0-A917-3E44C75E5456} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\14850BB5-335A-4237-8E79-E6FCBE92DFF6\Passport for Work alert created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [495616 2023-08-20] (Microsoft Windows -> Microsoft Corporation)
Task: {46468F9A-C9D7-4F7D-B5AB-DB93DD274A51} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\14850BB5-335A-4237-8E79-E6FCBE92DFF6\Provisioning initiated session => C:\WINDOWS\system32\deviceenroller.exe [495616 2023-08-20] (Microsoft Windows -> Microsoft Corporation)
Task: {18D66D11-42DE-4968-952F-E35CEC2E29CB} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\14850BB5-335A-4237-8E79-E6FCBE92DFF6\PushLaunch => C:\WINDOWS\system32\deviceenroller.exe [495616 2023-08-20] (Microsoft Windows -> Microsoft Corporation)
Task: {42CDCA30-A663-4451-A7D8-63675DACD0A9} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\14850BB5-335A-4237-8E79-E6FCBE92DFF6\PushRenewal => C:\WINDOWS\system32\deviceenroller.exe [495616 2023-08-20] (Microsoft Windows -> Microsoft Corporation)
Task: {D0C58E21-B6A6-499E-9B24-86D19DF9D3D8} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\14850BB5-335A-4237-8E79-E6FCBE92DFF6\PushUpgrade => C:\WINDOWS\system32\deviceenroller.exe [495616 2023-08-20] (Microsoft Windows -> Microsoft Corporation)
Task: {D964F69A-3464-4B9A-B997-10593EF0F352} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\14850BB5-335A-4237-8E79-E6FCBE92DFF6\Schedule #1 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [495616 2023-08-20] (Microsoft Windows -> Microsoft Corporation)
Task: {8EA5C93C-FB18-4D45-9649-3FFFE99A1F51} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\14850BB5-335A-4237-8E79-E6FCBE92DFF6\Schedule #2 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [495616 2023-08-20] (Microsoft Windows -> Microsoft Corporation)
Task: {5E23B927-BCBD-46FA-B3B2-EEC3B8FE09F7} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\14850BB5-335A-4237-8E79-E6FCBE92DFF6\Schedule #3 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [495616 2023-08-20] (Microsoft Windows -> Microsoft Corporation)
Task: {C55AE6F4-9A7F-4CD6-8B30-C62B57526D16} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\14850BB5-335A-4237-8E79-E6FCBE92DFF6\Schedule created by enrollment client for renewal of certificate warning => C:\WINDOWS\system32\deviceenroller.exe [495616 2023-08-20] (Microsoft Windows -> Microsoft Corporation)
Task: {8D158106-776C-4F78-9D2E-FA54F50C2EDC} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\14850BB5-335A-4237-8E79-E6FCBE92DFF6\Schedule to run OMADMClient by client => C:\WINDOWS\system32\omadmclient.exe [466944 2023-07-22] (Microsoft Windows -> Microsoft Corporation)
Task: {1241E2AB-F795-41B1-9BFD-41B2572CDC08} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\14850BB5-335A-4237-8E79-E6FCBE92DFF6\Schedule to run OMADMClient by server => C:\WINDOWS\system32\omadmclient.exe [466944 2023-07-22] (Microsoft Windows -> Microsoft Corporation)
Task: {7E8D909F-CFD5-4160-BBEA-C517BBA292FD} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\14850BB5-335A-4237-8E79-E6FCBE92DFF6\Win10 S Mode event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [495616 2023-08-20] (Microsoft Windows -> Microsoft Corporation)
Task: {99B29791-C119-43D7-B01F-5F44A906D360} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\14850BB5-335A-4237-8E79-E6FCBE92DFF6\Wsc Startup event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [495616 2023-08-20] (Microsoft Windows -> Microsoft Corporation)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {672295EA-B43C-41C4-A7E2-2CD7592C0A25} - System32\Tasks\Norton 360\Norton 360 Autofix => C:\Program Files\Norton Security\Engine\22.23.6.5\SymErr.exe [379024 2023-07-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {26D3A28F-9380-468C-BA93-82527E50FC82} - System32\Tasks\Norton 360\Norton 360 Error Analyzer => C:\Program Files\Norton Security\Engine\22.23.6.5\SymErr.exe [379024 2023-07-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {9C0FAF15-DE18-4257-AD2B-8E3A4A06ADD9} - System32\Tasks\Norton 360\Norton 360 Error Processor => C:\Program Files\Norton Security\Engine\22.23.6.5\SymErr.exe [379024 2023-07-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {73B3F25B-D374-4254-B885-01C47B80E07E} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.23.6.5\WSCStub.exe [646520 2023-07-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {BCF025C1-2368-4688-9CED-2EA5D01C18B6} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4125600 2023-08-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {F09DF449-8E5F-49BC-9508-6BD909278C5F} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-966670334-227796945-3083744542-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4125600 2023-08-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {5F4226D3-F96A-4BA7-8D31-3C2C2B866DCC} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton 360\Upgrade.exe [2353000 2023-07-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {3DDDB870-CD0C-44B6-B953-086248B09890} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_be03f2dca68bf962\RtkAudUService64.exe [3498472 2022-05-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 0.0.0.0 account.zoner.com
Tcpip\Parameters: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{6817aeb8-d386-4e54-a592-9e67a38bd10d}: [DhcpNameServer] 10.66.0.1 10.8.60.1 10.8.60.2
Tcpip\..\Interfaces\{99ec88d3-c951-459f-af0a-2c0b990a677e}: [DhcpNameServer] 31.30.90.11 31.30.90.12

Edge:
=======
Edge Profile: C:\Users\agnes\AppData\Local\Microsoft\Edge\User Data\Default [2023-07-22]
Edge Extension: (Edge relevant text changes) - C:\Users\agnes\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-05-20]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-08-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-08-19] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-08-03] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\agnes\AppData\Local\Google\Chrome\User Data\Default [2023-08-29]
CHR DownloadDir: C:\Users\agnes\Downloads
CHR Extension: (Torrent Scanner) - C:\Users\agnes\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2023-03-02]
CHR Extension: (Mendeley Web Importer) - C:\Users\agnes\AppData\Local\Google\Chrome\User Data\Default\Extensions\dagcmkpagjlhakfdhnbomgmjdpkdklff [2023-08-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\agnes\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-29]
CHR Extension: (Microsoft Bing Search Engine) - C:\Users\agnes\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkecabaloghleaicfhefejdijblljpco [2023-08-27]
CHR Extension: (Zoom) - C:\Users\agnes\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmbjbjdpkobdjplfobhljndfdfdipjhg [2023-01-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\agnes\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-01-08]
CHR Profile: C:\Users\agnes\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-02-14]
CHR HKU\S-1-5-21-966670334-227796945-3083744542-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hkecabaloghleaicfhefejdijblljpco]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
R2 AsusAppService; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\AsusAppService\AsusAppService.exe [1177208 2023-07-26] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSLinkNear; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSLinkNear\AsusLinkNear.exe [1630288 2023-07-26] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 ASUSLinkRemote; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSLinkRemote\AsusLinkRemote.exe [772688 2023-07-26] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSOptimization; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSOptimization\AsusOptimization.exe [473168 2023-07-26] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 AsusScreenXpertHostService; C:\Program Files\ASUS\AsusScreenXpert\AsusScreenXpertHostService.exe [1747088 2023-05-08] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSoftwareManager; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSoftwareManager\AsusSoftwareManager.exe [1111120 2023-07-26] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSwitch; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSwitch\AsusSwitch.exe [641104 2023-07-26] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSystemAnalysis\AsusSystemAnalysis.exe [4082808 2023-07-26] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [832632 2023-07-26] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11878368 2023-08-04] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4976976 2023-01-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 DtsApo4Service; C:\WINDOWS\System32\DTS\PC\APO4x\DtsApo4Service.exe [241760 2022-04-29] (DTS, Inc. -> DTS Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.158.0730.0001\FileSyncHelper.exe [3448224 2023-08-28] (Microsoft Corporation -> Microsoft Corporation)
R2 HPSIService; C:\WINDOWS\system32\HPSIsvc.exe [127800 2010-04-07] (Hewlett-Packard Company -> HP)
R2 IntelAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_06dd582276d3f601\AS\IAS\IntelAudioService.exe [532024 2022-06-02] (Intel Corporation -> Intel)
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.23.6.5\NortonSecurity.exe [344888 2023-07-11] (NortonLifeLock Inc. -> NortonLifelock Inc.)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.23.6.5\nsWscSvc.exe [1059176 2023-07-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.158.0730.0001\OneDriveUpdaterService.exe [3785656 2023-08-28] (Microsoft Corporation -> Microsoft Corporation)
R2 PDF24; C:\Program Files\PDF24\pdf24.exe [619192 2023-01-02] (geek software GmbH -> geek software GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [2909208 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [128376 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AcxHdAudio; C:\WINDOWS\System32\drivers\AcxHdAudio.sys [561152 2023-07-22] (Microsoft Windows -> Microsoft Corporation)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R3 AsusPTPDrv; C:\WINDOWS\System32\DriverStore\FileRepository\asusptpfilter.inf_amd64_314b5cb6bf57f471\AsusPTPFilter.sys [116712 2021-12-02] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R3 AsusSAIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSSystemAnalysis\AsusSAIO.sys [49208 2023-07-26] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R1 ATKWMIACPIIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_32ddcc2f81113491\ASUSOptimization\AsusWmiAcpi.sys [48760 2023-07-26] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.22.11.12\Definitions\BASHDefs\20230828.001\BHDrvx64.sys [1696736 2023-07-20] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1617060.005\ccSetx64.sys [198280 2023-07-11] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2023-01-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [63696 2023-01-07] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [527832 2022-09-19] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [159720 2023-01-08] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 iaLPSS2_GPIO2_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_2546dafe2183e972\iaLPSS2_GPIO2_TGL.sys [131224 2021-07-21] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_tgl.inf_amd64_1308f85f1b0adf27\iaLPSS2_I2C_TGL.sys [204440 2021-07-21] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_SPI_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_spi_tgl.inf_amd64_fc1ed3a5a1d514f2\iaLPSS2_SPI_TGL.sys [158352 2021-07-21] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_UART2_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_uart2_tgl.inf_amd64_cd8c3a141c1b1284\iaLPSS2_UART2_TGL.sys [313504 2021-07-21] (Intel Corporation -> Intel Corporation)
R0 iaStorVD; C:\WINDOWS\System32\drivers\iaStorVD.sys [1544912 2021-08-30] (Intel Corporation -> Intel Corporation)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.22.11.12\Definitions\IPSDefs\20230828.064\IDSvia64.sys [1527816 2023-07-21] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 IntcUSB; C:\WINDOWS\System32\DriverStore\FileRepository\intcusb.inf_amd64_d97909364d9908a5\IntcUSB.sys [892968 2022-06-02] (Intel Corporation -> Intel(R) Corporation)
R3 IntelGNA; C:\WINDOWS\System32\DriverStore\FileRepository\gna.inf_amd64_19ceb7ce67a7cf8b\gna.sys [87200 2022-01-11] (Intel Corporation -> Intel Corporation)
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [20480 2010-03-06] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
S3 nsvst_NGC; C:\WINDOWS\System32\drivers\NGCx64\1617060.005\nsvst.sys [57120 2023-07-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S3 rtump64x64; C:\WINDOWS\System32\drivers\rtump64x64.sys [937472 2021-06-30] (Realtek Semiconductor Corp. -> Realtek Corporation)
S3 rtux64w10; C:\WINDOWS\System32\DriverStore\FileRepository\rtux64w10.inf_amd64_03831aeaaa2c730e\rtux64w10.sys [683520 2022-05-07] (Microsoft Windows -> Realtek Corporation)
R3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1617060.005\SRTSP64.SYS [956048 2023-07-11] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1617060.005\SRTSPX64.SYS [52872 2023-07-11] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1617060.005\SYMEFASI64.SYS [2180248 2023-07-11] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1617060.005\SymELAM.sys [36016 2023-07-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [100344 2023-01-08] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.22.11.12\SymPlatform\SymEvnt.sys [722400 2022-09-21] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1617060.005\Ironx64.SYS [306824 2023-07-11] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1617060.005\symnets.sys [492728 2023-07-11] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [48536 2022-05-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [438544 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [90384 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R1 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1617060.005\wpCtrlDrv.sys [1016792 2023-07-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-08-29 13:57 - 2023-08-29 13:58 - 000034491 _____ C:\Users\agnes\Downloads\Addition.txt
2023-08-29 13:56 - 2023-08-29 13:59 - 000033903 _____ C:\Users\agnes\Downloads\FRST.txt
2023-08-29 13:56 - 2023-08-29 13:58 - 000000000 ____D C:\FRST
2023-08-29 13:55 - 2023-08-29 13:55 - 002382336 _____ (Farbar) C:\Users\agnes\Downloads\FRST64.exe
2023-08-29 00:37 - 2023-08-29 00:37 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2023-08-29 00:15 - 2023-08-29 00:15 - 000693828 _____ C:\WINDOWS\system32\perfh005.dat
2023-08-29 00:15 - 2023-08-29 00:15 - 000143682 _____ C:\WINDOWS\system32\perfc005.dat
2023-08-29 00:11 - 2023-08-29 00:44 - 000000000 ____D C:\Users\agnes\Desktop\SZS
2023-08-27 11:04 - 2023-08-27 11:04 - 000370789 _____ C:\Users\agnes\Documents\Praha 9 - Černý Most, prodej bytu 4+kk, 96 m2, okr. Praha. _ Reality.iDNES.cz.pdf
2023-08-27 11:03 - 2023-08-27 11:03 - 000329183 _____ C:\Users\agnes\Documents\Prodej bytu 4+1, 90 m2, Praha, ul. Vybíralova _ Reality.iDNES.cz.pdf
2023-08-07 14:41 - 2023-08-07 14:42 - 001099961 _____ C:\Users\agnes\Downloads\Ikea_DUKTIG_Faucet___water_tap_-_Wasserhahn_4854508.zip
2023-08-07 14:25 - 2023-08-29 13:19 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton 360
2023-08-07 14:25 - 2023-08-07 14:52 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2023-08-07 14:25 - 2023-08-07 14:25 - 000003374 _____ C:\WINDOWS\system32\Tasks\Norton WSC Integration

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-08-29 13:58 - 2022-05-07 07:22 - 000000000 ____D C:\WINDOWS\INF
2023-08-29 13:56 - 2023-01-08 12:59 - 000000000 ____D C:\Program Files (x86)\Google
2023-08-29 13:56 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-08-29 13:30 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-08-29 13:16 - 2023-01-08 12:50 - 000000000 ____D C:\Users\agnes\AppData\Local\D3DSCache
2023-08-29 13:13 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-08-29 13:13 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-08-29 13:12 - 2023-01-08 20:07 - 000003752 _____ C:\WINDOWS\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2023-08-29 13:05 - 2023-01-08 12:50 - 000000000 __SHD C:\Users\agnes\IntelGraphicsProfiles
2023-08-29 00:42 - 2023-01-08 19:32 - 000000000 ____D C:\Users\agnes\AppData\Roaming\Microsoft\Word
2023-08-29 00:15 - 2023-01-08 20:11 - 001629494 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-08-29 00:12 - 2022-05-07 07:17 - 000016384 _____ C:\WINDOWS\system32\config\ELAM
2023-08-29 00:11 - 2023-01-10 02:57 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2023-08-29 00:11 - 2023-01-08 20:07 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-08-29 00:11 - 2023-01-08 20:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-08-29 00:11 - 2022-06-24 22:09 - 000000000 ___HD C:\Intel
2023-08-29 00:11 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ServiceState
2023-08-29 00:11 - 2021-10-04 23:52 - 000012288 ___SH C:\DumpStack.log.tmp
2023-08-29 00:10 - 2023-01-08 20:02 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2023-08-29 00:10 - 2022-05-07 07:17 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-08-28 23:53 - 2023-01-08 20:07 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-966670334-227796945-3083744542-1001
2023-08-28 23:53 - 2023-01-08 20:07 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2023-08-28 23:53 - 2023-01-08 19:31 - 000002132 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-08-28 11:58 - 2023-01-11 00:05 - 000000000 ____D C:\Users\agnes\AppData\Roaming\Mendeley Reference Manager
2023-08-28 07:36 - 2023-01-08 12:51 - 000000000 ____D C:\Users\agnes\AppData\Local\PlaceholderTileLogoFolder
2023-08-28 07:36 - 2023-01-08 12:50 - 000000000 ____D C:\Users\agnes\AppData\Local\Packages
2023-08-28 07:33 - 2023-01-12 05:57 - 000002063 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-08-28 07:33 - 2023-01-08 20:07 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-08-28 07:33 - 2023-01-08 13:32 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-08-27 10:42 - 2023-01-16 15:36 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-08-27 10:42 - 2021-10-04 23:52 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-08-20 16:55 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\USOPrivate
2023-08-20 16:39 - 2023-01-08 20:02 - 000472960 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-08-20 16:38 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-08-20 16:38 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-08-20 16:38 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\UUS
2023-08-20 16:38 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-08-20 16:38 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2023-08-20 16:38 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2023-08-20 16:38 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2023-08-20 16:38 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2023-08-20 16:38 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2023-08-20 16:38 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2023-08-20 16:38 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2023-08-20 16:38 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2023-08-20 16:38 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-08-20 16:38 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-08-20 16:38 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2023-08-20 16:38 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemResources
2023-08-20 16:38 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemApps
2023-08-20 16:38 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-08-20 16:38 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-08-20 16:38 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2023-08-20 16:38 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2023-08-20 16:38 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\setup
2023-08-20 16:38 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-08-20 16:38 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-08-20 16:38 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-08-20 16:38 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2023-08-20 16:38 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2023-08-20 16:38 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\id-ID
2023-08-20 16:38 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2023-08-20 16:38 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2023-08-20 16:38 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2023-08-20 16:38 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\et-EE
2023-08-20 16:38 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-08-20 16:38 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-08-20 16:38 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2023-08-20 16:38 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-08-20 16:38 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-08-20 16:38 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-08-20 16:38 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-08-20 16:38 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\appcompat
2023-08-20 12:45 - 2023-01-10 02:52 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-08-20 12:43 - 2023-01-10 02:51 - 175983240 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-08-20 12:43 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-08-20 12:39 - 2023-01-08 20:05 - 003210752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-08-20 12:26 - 2023-01-22 23:29 - 000000000 ____D C:\Users\agnes\AppData\Local\CrashDumps
2023-08-16 22:26 - 2021-10-04 23:54 - 000000000 ____D C:\Program Files\Microsoft Office
2023-08-16 22:21 - 2023-01-08 20:07 - 000004122 _____ C:\WINDOWS\system32\Tasks\ASUS Update Checker 2.0
2023-08-16 22:21 - 2023-01-08 20:07 - 000003756 _____ C:\WINDOWS\system32\Tasks\ASUS Optimization 36D18D69AFC3
2023-08-07 14:52 - 2023-02-17 00:46 - 000002399 _____ C:\Users\Public\Desktop\Norton Security.lnk
2023-08-07 14:50 - 2023-01-07 22:54 - 000000000 ____D C:\Program Files\Common Files\AV
2023-08-07 14:28 - 2021-10-04 23:54 - 000000000 ____D C:\ProgramData\Packages
2023-08-07 14:25 - 2023-01-08 13:20 - 000000000 ____D C:\WINDOWS\system32\Drivers\NGCx64
2023-08-03 15:51 - 2023-01-08 20:07 - 000003844 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{88286215-481B-4534-8B30-C7E82FDDB59F}
2023-08-03 15:51 - 2023-01-08 20:07 - 000003720 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{B388F3B3-B4E6-44C7-8430-E02AD8EFA9B2}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

#3 Příspěvek od **JaRon** » 30 srp 2023 08:39

ahoj,
citat:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>

Kód: Vybrat vše

Start
CloseProcesses:
Toolbar: HKLM-x32 - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-966670334-227796945-3083744542-1001\...\MountPoints2: {03e12faa-9278-11ed-af3b-2c3b700bd83c} - "D:\SISetup.exe"
HKU\S-1-5-21-966670334-227796945-3083744542-1001\...\MountPoints2: {edbe903f-dd80-11ed-af4b-2c3b700bd83c} - "D:\RTK_NIC_DRIVER_INSTALLER.sfx.exe" 
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
Task: {5D21D8DB-57D2-4A2E-A6BF-1C00DEDECC92} - System32\Tasks\GoogleUpdateTaskMachineCore{B388F3B3-B4E6-44C7-8430-E02AD8EFA9B2} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-01-08] (Google LLC -> Google LLC)
Task: {361F8295-A27B-4093-BEB2-DD7AC809D738} - System32\Tasks\GoogleUpdateTaskMachineUA{88286215-481B-4534-8B30-C7E82FDDB59F} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-01-08] (Google LLC -> Google LLC)
Task: {BDFCD2A9-6D41-45B7-AD40-0DE976ADA586} - System32\Tasks\McAfeeTsk\OOBEUpgrader => C:\Program Files\McAfee\MSC\OOBE_Upgrader.exe /Run (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]



EmptyTemp:
Reboot:
End

•Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

VIRY.CZ

Kontrola logu

Kontrola logu

Re: Kontrola logu

Re: Kontrola logu