prosím o kontrolu -po zapnutí PC jel větráček při nulové činnosti naplno

Zpráva

ebola · #1 Příspěvek od **ebola** » 20 bře 2024 10:48

po kontrole AVASTEM A AdwCleaner a odstranění napadených souborů uz větráček jede normálně ,ale stále mi tam vyskakují upozornění :error 2-SYSTÉM NEMŮŽE NALÉZT... C:\ProgramData\certim.exe.manifest...

.. log
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19.03.2024
Ran by Uživatel (administrator) on DESKTOP-PC (Gigabyte Technology Co., Ltd. B760 DS3H AX) (20-03-2024 10:41:13)
Running from C:\Users\Uživatel\Desktop\FRST64.exe
Loaded Profiles: Uživatel
Platform: Microsoft Windows 11 Home Version 23H2 22631.3296 (X64) Language: Čeština (Česko)
Default browser not detected!
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe ->) (NVIDIA Corporation -> NVIDIA) C:\Program Files\NVIDIA Corporation\FrameViewSDK\bin\nvrla.exe
(C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe ->) (NVIDIA Corporation -> NVIDIA) C:\Program Files\NVIDIA Corporation\FrameViewSDK\bin\PresentMon_x64.exe <2>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Users\Uživatel\AppData\Roaming\utorrent\updates\3.6.0_47016\utorrentie.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\msedgewebview2.exe <14>
(C:\Users\Uživatel\AppData\Roaming\utorrent\uTorrent.exe ->) (BitTorrent Inc -> BitTorrent Inc.) C:\Users\Uživatel\AppData\Roaming\utorrent\helper\helper.exe
(C:\Users\Uživatel\AppData\Roaming\utorrent\uTorrent.exe ->) (BitTorrent Inc -> BitTorrent Inc.) C:\Users\Uživatel\AppData\Roaming\utorrent\updates\3.6.0_47016\utorrentie.exe <2>
(Discord Inc. -> Discord Inc.) C:\Users\Uživatel\AppData\Local\Discord\app-1.0.9037\Discord.exe <6>
(explorer.exe ->) (BitTorrent Inc -> BitTorrent Limited) C:\Users\Uživatel\AppData\Roaming\utorrent\uTorrent.exe
(explorer.exe ->) (Tošovský Jan) [File not signed] C:\Program Files (x86)\Noční obloha\vesmir.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> Gigabyte Technology CO.) C:\Program Files\GIGABYTE\Smart Backup\RPMDaemon.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (cFos Software GmbH -> cFos Software GmbH) C:\Program Files\cFosSpeed\spd.exe
(services.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\Gigabyte\EasyTuneEngineService\EasyTuneEngineService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_06c43e1ee675eae7\WMIRegistrationService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_92b25561841a09dd\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA) C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_b55ed36a9a78cc75\RtkAudUService64.exe <2>
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.310.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_b55ed36a9a78cc75\RtkAudUService64.exe [3495808 2022-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Gigabyte Speed] => C:\Program Files\cFosSpeed\cFosSpeed.exe [1647880 2021-06-15] (cFos Software GmbH -> cFos Software GmbH)
HKLM\...\RunOnce: [RPMKickstart] => C:\Program Files\GIGABYTE\Smart Backup\RPMKickstartEx.exe [2320384 2014-04-01] (TODO: <Company name>) [File not signed]
HKU\S-1-5-21-2881046685-694218226-4097810256-1002\...\Run: [MicrosoftEdgeAutoLaunch_83C387DA30640047C508B0EE92F9D83E] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4060712 2024-03-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2881046685-694218226-4097810256-1002\...\Run: [ut] => C:\Users\Uživatel\AppData\Roaming\utorrent\uTorrent.exe [2071560 2024-02-19] (BitTorrent Inc -> BitTorrent Limited)
HKU\S-1-5-21-2881046685-694218226-4097810256-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4384104 2024-03-06] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2881046685-694218226-4097810256-1002\...\Run: [Discord] => C:\Users\Uživatel\AppData\Local\Discord\Update.exe [1525016 2023-07-06] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2881046685-694218226-4097810256-1002\...\Run: [DQCIKCDACO] => C:\ProgramData\certlm.exe [498784 2024-03-20] (Adersoft -> Adersoft) <==== ATTENTION
HKU\S-1-5-21-2881046685-694218226-4097810256-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [61440 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\122.0.6261.129\Installer\chrmstp.exe [2024-03-15] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{581537f7-1fc5-4505-8cfe-3b8a8c15c908}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{581537f7-1fc5-4505-8cfe-3b8a8c15c908}: [DhcpDomain] local.tld
Tcpip\..\Interfaces\{8eed2691-82f0-4ef7-833f-406d835710d0}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8eed2691-82f0-4ef7-833f-406d835710d0}: [DhcpDomain] local.tld

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Uživatel\AppData\Local\Microsoft\Edge\User Data\Default [2024-03-20]
Edge Notifications: Default -> hxxps://www.facebook.com
Edge HomePage: Default -> hxxps://?
Edge Extension: (Dokumenty Google offline) - C:\Users\Uživatel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-01]
Edge Extension: (Edge relevant text changes) - C:\Users\Uživatel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-31]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]

Chrome:
=======
CHR Profile: C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default [2024-03-20]
CHR HomePage: Default -> hxxps://?
CHR StartupUrls: Default -> "hxxps://?"
CHR DefaultSearchURL: Default -> hxxps://simplesearch.co?q={searchTerms}&pId=JD180501&iDate=2024-02-02 08:46:42&bitmask=9998&searchsource=58&sp=12
CHR DefaultSearchKeyword: Default -> default bing
CHR DefaultSuggestURL: Default -> hxxp://api.bing.com/osjson.aspx?query={searchTerms}
CHR Extension: (Dokumenty Google offline) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-01-31]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

Opera:
=======
OPR DefaultProfile: Default

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [602376 2021-06-15] (cFos Software GmbH -> cFos Software GmbH)
R2 EasyTuneEngineService; C:\Program Files (x86)\Gigabyte\EasyTuneEngineService\EasyTuneEngineService.exe [150640 2023-11-06] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S2 GBTECService; C:\Program Files (x86)\Gigabyte\GBTECService\OLEDDisplayService.exe [19568 2023-12-07] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S2 GoogleUpdaterInternalService124.0.6359.0; C:\Program Files (x86)\Google\GoogleUpdater\124.0.6359.0\updater.exe [4749088 2024-03-15] (Google LLC -> Google LLC)
S2 GoogleUpdaterService124.0.6359.0; C:\Program Files (x86)\Google\GoogleUpdater\124.0.6359.0\updater.exe [4749088 2024-03-15] (Google LLC -> Google LLC)
S2 Intel(R) Platform License Manager Service; C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_4911ed214bf8cf23\lib\PlatformLicenseManagerService.exe [740960 2023-06-22] (Intel Corporation -> Intel(R) Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_92b25561841a09dd\Display.NvContainer\NVDisplay.Container.exe [1275000 2024-03-02] (NVIDIA Corporation -> NVIDIA Corporation)
S2 OCButtonService; C:\Program Files (x86)\Gigabyte\EasyTuneEngineService\OcButtonService.exe [131184 2023-12-06] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\NisSrv.exe [3191272 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe [133688 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 DCIService; C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe [X] <==== ATTENTION
S3 LibreOfficeMaintenance; "C:\Program Files\LibreOffice\program\update_service.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 BdDci; C:\Windows\system32\DRIVERS\bddci.sys [800672 2024-02-02] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
R1 cFosSpeed; C:\Windows\system32\DRIVERS\cfosspeed6.sys [1694504 2021-06-15] (cFos Software GmbH -> cFos Software GmbH)
R1 CTIIO; C:\Windows\system32\drivers\CtiIo64.sys [34512 2024-01-31] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
R3 gdrv3; C:\Windows\system32\drivers\gdrv3.sys [51520 2024-01-31] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R3 iaLPSS2_GPIO2_ADL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_302e75596cffa74a\iaLPSS2_GPIO2_ADL.sys [150616 2022-10-18] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_ADL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_i2c_adl.inf_amd64_e736c048ca307ed2\iaLPSS2_I2C_ADL.sys [220224 2022-10-18] (Intel Corporation -> Intel Corporation)
R3 MpKsl866f17ef; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{84C04FEE-094D-4BE5-81DD-94F32114DDD4}\MpKslDrv.sys [300312 2024-03-20] (Microsoft Windows -> Microsoft Corporation)
R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2024-01-18] (Nvidia Corporation -> NVIDIA Corporation)
R3 rt68cx21; C:\Windows\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_fbf50634f3ddb33d\rt68cx21x64.sys [779728 2023-12-05] (Realtek Semiconductor Corp. -> Realtek)
S3 rtcx21; C:\Windows\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
R0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [20928 2024-03-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [603416 2024-03-13] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105752 2024-03-13] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-03-20 10:40 - 2024-03-20 10:40 - 000725758 _____ C:\Windows\system32\perfh005.dat
2024-03-20 10:40 - 2024-03-20 10:40 - 000151026 _____ C:\Windows\system32\perfc005.dat
2024-03-20 10:27 - 2024-03-20 10:41 - 000014738 _____ C:\Users\Uživatel\Desktop\FRST.txt
2024-03-20 10:27 - 2024-03-20 10:41 - 000000000 ____D C:\FRST
2024-03-20 10:26 - 2024-03-20 10:27 - 002390528 _____ (Farbar) C:\Users\Uživatel\Desktop\FRST64.exe
2024-03-20 10:21 - 2024-03-20 10:22 - 000000000 ____D C:\AdwCleaner
2024-03-20 10:21 - 2024-03-20 10:21 - 008790880 _____ (Malwarebytes) C:\Users\Uživatel\Downloads\adwcleaner(1).exe
2024-03-20 10:13 - 2024-03-20 10:13 - 008791352 _____ (Malwarebytes) C:\Users\Uživatel\Downloads\AdwCleaner.exe
2024-03-20 10:05 - 2024-03-20 10:05 - 002585496 _____ (Malwarebytes) C:\Users\Uživatel\Downloads\MBSetup.exe
2024-03-20 09:31 - 2024-03-20 09:31 - 000000000 ___HD C:\$AV_ASW
2024-03-20 09:30 - 2024-03-20 09:30 - 000888600 _____ (Google LLC) C:\Users\Public\Documents\gcapi.dll
2024-03-20 09:29 - 2024-03-20 09:29 - 000264088 _____ (AVAST Software) C:\Users\Uživatel\Downloads\avast_free_antivirus_setup_online.exe
2024-03-20 09:22 - 2024-03-20 10:02 - 000001623 _____ C:\Windows\system32\config\VSMIDK
2024-03-20 09:21 - 2024-03-20 09:21 - 000003716 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{E58FF010-1160-4E42-9360-57A5AB343DFE}
2024-03-20 09:21 - 2024-03-20 09:21 - 000003592 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{3C69F2DF-9869-4CA3-BA58-65EB50FB2BF9}
2024-03-20 09:18 - 2024-03-20 09:18 - 000023067 _____ C:\Users\Uživatel\Downloads\[SkT]Milfy_City_[v1.0e]_[ICSTOR].torrent
2024-03-20 08:53 - 2024-03-20 08:53 - 000498784 _____ (Adersoft) C:\ProgramData\certlm.exe
2024-03-20 08:53 - 2021-08-23 01:34 - 000000122 _____ C:\ProgramData\S.bat
2024-03-20 08:53 - 2021-08-20 16:28 - 000033271 _____ C:\ProgramData\readme.md
2024-03-20 08:53 - 2021-08-20 16:20 - 000030588 _____ C:\ProgramData\readme_zh.md
2024-03-20 08:53 - 2021-08-20 13:37 - 000000078 _____ C:\ProgramData\nbminer.exe.sha256
2024-03-20 08:53 - 2021-06-11 15:12 - 000000129 _____ C:\ProgramData\start_ergo.bat
2024-03-20 08:53 - 2021-06-11 15:12 - 000000120 _____ C:\ProgramData\start_etc.bat
2024-03-20 08:53 - 2020-11-26 16:16 - 000000142 _____ C:\ProgramData\start_beam.bat
2024-03-20 08:53 - 2020-11-26 16:16 - 000000116 _____ C:\ProgramData\start_eth.bat
2024-03-20 08:53 - 2020-11-26 16:16 - 000000115 _____ C:\ProgramData\start_conflux.bat
2024-03-20 08:53 - 2020-05-13 03:56 - 000000106 _____ C:\ProgramData\start_rvn.bat
2024-03-20 08:53 - 2020-04-20 07:33 - 000000077 _____ C:\ProgramData\driver_uninstall.bat
2024-03-20 08:53 - 2020-04-20 07:33 - 000000075 _____ C:\ProgramData\driver_install.bat
2024-03-20 08:53 - 2019-11-07 12:51 - 000000204 _____ C:\ProgramData\start_sero.bat
2024-03-20 08:53 - 2019-11-07 12:51 - 000000148 _____ C:\ProgramData\modify_tdr_delay.reg
2024-03-20 08:53 - 2019-11-07 12:51 - 000000127 _____ C:\ProgramData\start_ae.bat
2024-03-20 08:53 - 2019-11-07 12:51 - 000000107 _____ C:\ProgramData\open_web_monitor.url
2024-03-20 08:53 - 2019-11-07 12:51 - 000000022 _____ C:\ProgramData\start_config.bat
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\Users\Uživatel\AppData\Roaming\RenPy
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\Users\Uživatel\AppData\Roaming\Key
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test9
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test8
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test7
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test6
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test5
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test4
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test3
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test2
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test17
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test16
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test15
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test14
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test13
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test12
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test11
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test10
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test1
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player9
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player8
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player7
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player6
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player5
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player4
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player3
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player2
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player17
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player16
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player15
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player14
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player13
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player12
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player11
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player10
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player1
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player
2024-03-20 07:03 - 2024-03-20 07:03 - 000010945 _____ C:\Users\Uživatel\Downloads\[SkT]ToLoveHonorandBetray-8.0-pc.torrent
2024-03-19 13:12 - 2024-03-19 13:12 - 000030077 _____ C:\Users\Uživatel\Downloads\[SkT]Šógun___Shōgun_S01E04_(EN)[WebRip][1080p]_=_CSFD_93%.torrent
2024-03-19 13:12 - 2024-03-19 13:12 - 000029330 _____ C:\Users\Uživatel\Downloads\[SkT]Šógun___Shōgun_S01E05_(EN)[WebRip][1080p]_=_CSFD_93%.torrent
2024-03-19 13:11 - 2024-03-19 13:11 - 000028420 _____ C:\Users\Uživatel\Downloads\[SkT]Šógun___Shōgun_S01E03_(EN)[WebRip][1080p]_=_CSFD_94%.torrent
2024-03-19 13:11 - 2024-03-19 13:11 - 000015416 _____ C:\Users\Uživatel\Downloads\[SkT]Šógun___Shōgun_S01E01_(EN)[WebRip][1080p]_=_CSFD_96%.torrent
2024-03-19 13:11 - 2024-03-19 13:11 - 000013196 _____ C:\Users\Uživatel\Downloads\[SkT]Šógun _ Shōgun S01E02 (EN)[WebRip][1080p] CSFD 96%.torrent
2024-03-19 08:06 - 2024-03-19 08:06 - 000000000 ____D C:\Users\Uživatel\AppData\Roaming\Microsoft\CLR Security Config
2024-03-19 06:59 - 2024-03-19 06:59 - 000014114 _____ C:\Users\Uživatel\Downloads\[SkT]Duna_ Část druhá _ Dune_ Part Two 2024 1080p HDTS CLEAN X264 COLLECTIVE CSFD 92%.torrent
2024-03-18 16:04 - 2024-03-18 16:04 - 000000000 ____D C:\Users\Uživatel\AppData\LocalLow\Endnight
2024-03-18 16:04 - 2024-03-18 16:04 - 000000000 ____D C:\Users\Public\Documents\OnlineFix
2024-03-17 05:15 - 2024-03-17 05:15 - 000187006 _____ C:\Users\Uživatel\Downloads\[SkT]Sons_Of_The_Forest.torrent
2024-03-17 04:49 - 2024-03-17 04:49 - 106718956 _____ C:\Users\Uživatel\Downloads\HorizonZeroDawn_V093.7z
2024-03-16 17:05 - 2024-03-16 17:08 - 000000000 ____D C:\Users\Uživatel\Documents\Broken Sword 5
2024-03-16 17:05 - 2024-03-16 17:05 - 000466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2024-03-16 17:05 - 2024-03-16 17:05 - 000444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2024-03-16 17:05 - 2024-03-16 17:05 - 000122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2024-03-16 17:05 - 2024-03-16 17:05 - 000109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2024-03-16 17:05 - 2024-03-16 17:05 - 000000980 _____ C:\Users\Public\Desktop\Broken Sword 5 - the Serpent's Curse.lnk
2024-03-16 17:05 - 2024-03-16 17:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Broken Sword 5 - the Serpents Curse [GOG.com]
2024-03-16 17:05 - 2024-03-16 17:05 - 000000000 ____D C:\Program Files (x86)\OpenAL
2024-03-16 16:04 - 2024-03-16 16:04 - 000015667 _____ C:\Users\Uživatel\Downloads\[SkT]Mladá dáma _ Damsel (2024)(CZ)[WEBrip][720p] CSFD 56%.torrent
2024-03-16 16:03 - 2024-03-16 16:03 - 000414432 _____ C:\Users\Uživatel\Downloads\[SkT]Mladá_dáma___Damsel_(2024)(CZ,EN,HUN,POL,ITA,SPA)[HEVC][HDR10][2160p]_=_CSFD_60%.torrent
2024-03-16 11:06 - 2024-03-16 11:06 - 000657224 _____ C:\Windows\gethelp_audiotroubleshooter_latestpackage.zip
2024-03-16 11:06 - 2024-03-16 11:06 - 000000000 ____D C:\ProgramData\WindowsPerformanceRecorder
2024-03-13 17:27 - 2024-03-13 17:28 - 000000000 ___HD C:\$WinREAgent
2024-03-12 20:41 - 2024-03-12 20:41 - 000030442 _____ C:\Users\Uživatel\Downloads\[SkT]Mladá dáma _ Damsel (2024)(CZ_EN) [WEB-DL][1080p] CSFD 50%.torrent
2024-03-12 20:40 - 2024-03-12 20:40 - 000715886 _____ C:\Users\Uživatel\Downloads\[SkT]Mladá_dáma___Damsel_(2024)(CZ_EN)(WEB-DL)(1080p)_=_CSFD_61%.torrent
2024-03-09 19:52 - 2024-03-20 06:21 - 000000000 ___HD C:\Users\Uživatel\Downloads\.opera
2024-03-09 11:00 - 2024-03-09 11:00 - 000131815 _____ C:\Users\Uživatel\Downloads\[SkT]Brothers_A_Tale_of_Two_Sons_Remake_MULTi11_REPACK_-_KaOs.torrent
2024-03-08 20:21 - 2024-03-08 20:21 - 000000000 ____D C:\Users\Uživatel\AppData\Local\openvr
2024-03-08 20:07 - 2024-03-08 20:07 - 000000222 _____ C:\Users\Uživatel\Desktop\SteamVR.url
2024-03-08 20:07 - 2024-03-08 20:07 - 000000000 ____D C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2024-03-08 17:02 - 2024-03-08 17:02 - 000014474 _____ C:\Users\Uživatel\Downloads\[SkT]Aristoteles_a_Dante_odhalují_záhady_vesmíru___Aristotle_and_Dante_Discover_the_Secrets_of_the_Universe_(2022)(CZ_EN)[WebRip][720p]_=_CSFD_72%.torrent
2024-03-06 21:11 - 2024-03-02 17:03 - 002031360 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2024-03-06 21:11 - 2024-03-02 17:03 - 002031360 _____ C:\Windows\system32\vulkaninfo.exe
2024-03-06 21:11 - 2024-03-02 17:03 - 001578752 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-03-06 21:11 - 2024-03-02 17:03 - 001578752 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2024-03-06 21:11 - 2024-03-02 17:03 - 001487904 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2024-03-06 21:11 - 2024-03-02 17:03 - 001445120 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2024-03-06 21:11 - 2024-03-02 17:03 - 001445120 _____ C:\Windows\system32\vulkan-1.dll
2024-03-06 21:11 - 2024-03-02 17:03 - 001295104 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2024-03-06 21:11 - 2024-03-02 17:03 - 001295104 _____ C:\Windows\SysWOW64\vulkan-1.dll
2024-03-06 21:11 - 2024-03-02 17:03 - 001226760 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2024-03-06 21:11 - 2024-03-02 17:00 - 001045520 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2024-03-06 21:11 - 2024-03-02 17:00 - 000669704 _____ (NVIDIA Corporation) C:\Windows\system32\nvofapi64.dll
2024-03-06 21:11 - 2024-03-02 17:00 - 000505360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvofapi.dll
2024-03-06 21:11 - 2024-03-02 16:59 - 002173560 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2024-03-06 21:11 - 2024-03-02 16:59 - 001625736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2024-03-06 21:11 - 2024-03-02 16:59 - 001541648 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2024-03-06 21:11 - 2024-03-02 16:59 - 001199752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2024-03-06 21:11 - 2024-03-02 16:59 - 001024032 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2024-03-06 21:11 - 2024-03-02 16:59 - 000841840 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2024-03-06 21:11 - 2024-03-02 16:59 - 000786952 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2024-03-06 21:11 - 2024-03-02 16:58 - 016033824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2024-03-06 21:11 - 2024-03-02 16:58 - 012928032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2024-03-06 21:11 - 2024-03-02 16:58 - 006780960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2024-03-06 21:11 - 2024-03-02 16:58 - 005772808 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll
2024-03-06 21:11 - 2024-03-02 16:58 - 003721752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2024-03-06 21:11 - 2024-03-02 16:58 - 000459808 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2024-03-06 21:11 - 2024-03-02 16:57 - 005913096 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2024-03-06 21:11 - 2024-03-02 16:57 - 000853640 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2024-03-06 21:11 - 2024-03-02 00:04 - 000119419 _____ C:\Windows\system32\nvinfo.pb
2024-03-06 16:24 - 2024-03-06 16:24 - 106716544 _____ C:\Users\Uživatel\Downloads\HorizonZeroDawn_V0922.7z
2024-03-03 13:45 - 2024-03-03 13:45 - 000000000 ____D C:\Users\Uživatel\AppData\Local\Saber
2024-03-03 13:30 - 2024-03-03 13:30 - 000000877 _____ C:\Users\Public\Desktop\Expeditions - A MudRunner Game.lnk
2024-03-03 11:45 - 2024-03-03 11:45 - 000110829 _____ C:\Users\Uživatel\Downloads\[SkT]Expeditions_-_A_MudRunner_-_CZ.torrent
2024-03-03 08:37 - 2024-03-03 08:37 - 000157786 _____ C:\Users\Uživatel\Downloads\[SkT]Expeditions_A_MudRunner_Game_-_RUNE.torrent
2024-03-03 08:18 - 2024-03-03 08:18 - 000017184 _____ C:\Users\Uživatel\Downloads\[SkT]Kód_8__Část_2___Code_8__Part_II_(2024)(CZ_EN)[WebRip][1080p].torrent
2024-03-01 17:07 - 2024-03-01 17:07 - 000020023 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-03-01 17:07 - 2024-03-01 17:07 - 000020023 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2024-03-01 16:25 - 2024-03-01 16:25 - 000018749 _____ C:\Users\Uživatel\Downloads\[SkT]Kosmonaut_z_Čech___Spaceman_(2024)(CZ_EN)[WEBrip][1080p]_=_CSFD_53%.torrent
2024-02-29 18:23 - 2024-02-29 18:51 - 000000000 ____D C:\Users\Uživatel\Documents\FIFA 23
2024-02-29 18:23 - 2024-02-29 18:23 - 000000000 ____D C:\Users\Uživatel\AppData\Local\anadius
2024-02-29 18:23 - 2024-02-29 18:23 - 000000000 ____D C:\ProgramData\Frostbite
2024-02-29 18:22 - 2024-02-29 18:31 - 000000000 ____D C:\FIFA 23 Live Editor
2024-02-29 16:28 - 2024-02-29 16:28 - 000000000 ____D C:\Users\Uživatel\Documents\Horizon Zero Dawn
2024-02-29 16:25 - 2024-02-29 16:25 - 000000902 _____ C:\Users\Public\Desktop\Horizon Zero Dawn™ Complete Edition.lnk
2024-02-29 16:25 - 2024-02-29 16:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Horizon Zero Dawn™ Complete Edition [GOG.com]
2024-02-29 16:22 - 2024-02-29 16:23 - 106712446 _____ C:\Users\Uživatel\Downloads\HorizonZeroDawn_V092 (1).7z
2024-02-29 16:20 - 2024-02-29 16:21 - 106712446 _____ C:\Users\Uživatel\Downloads\HorizonZeroDawn_V092.7z
2024-02-28 20:33 - 2024-02-28 20:33 - 000370345 _____ C:\Users\Uživatel\Downloads\[SkT]Horizon_Zero_Dawn_Complete_Edition_v1.11_ DLC_-_GOG_ _SK.torrent
2024-02-28 20:25 - 2024-02-28 20:25 - 000000000 ____D C:\Windows\SysWOW64\XPSViewer
2024-02-28 20:25 - 2024-02-28 20:25 - 000000000 ____D C:\Program Files\Reference Assemblies
2024-02-28 20:25 - 2024-02-28 20:25 - 000000000 ____D C:\Program Files\MSBuild
2024-02-28 20:25 - 2024-02-28 20:25 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2024-02-28 20:25 - 2024-02-28 20:25 - 000000000 ____D C:\Program Files (x86)\MSBuild
2024-02-28 20:18 - 2024-02-28 20:18 - 000014687 _____ C:\Users\Uživatel\Downloads\shutdown.zip
2024-02-28 17:33 - 2024-02-28 17:33 - 000000000 ____D C:\Users\Uživatel\AppData\LocalLow\Sky9 Games
2024-02-28 17:31 - 2024-02-28 17:31 - 000000631 _____ C:\Users\Public\Desktop\Strike Force Heroes.lnk
2024-02-28 17:18 - 2024-02-28 17:18 - 000017203 _____ C:\Users\Uživatel\Downloads\[SkT]Chudáčci___Poor_Things_(2023)[WebRip][1080p]_=_CSFD_86%.torrent
2024-02-28 17:05 - 2024-02-28 17:05 - 000063280 _____ C:\Users\Uživatel\Downloads\[SkT]_Code_8_(2019)[WebRip][1080p]_=_CSFD_59%.torrent
2024-02-27 19:23 - 2024-02-27 19:23 - 000012321 _____ C:\Users\Uživatel\Downloads\[SkT]Koblischkova_Helena,_Jiri_Ondra_a_Tereza_Verecka_-_Alchymisti_CRo2023(2h26m) (6).torrent
2024-02-27 19:18 - 2024-02-27 19:18 - 000012321 _____ C:\Users\Uživatel\Downloads\[SkT]Koblischkova_Helena,_Jiri_Ondra_a_Tereza_Verecka_-_Alchymisti_CRo2023(2h26m) (5).torrent
2024-02-27 19:17 - 2024-02-27 19:17 - 000012321 _____ C:\Users\Uživatel\Downloads\[SkT]Koblischkova_Helena,_Jiri_Ondra_a_Tereza_Verecka_-_Alchymisti_CRo2023(2h26m) (4).torrent
2024-02-27 19:16 - 2024-02-27 19:16 - 000012321 _____ C:\Users\Uživatel\Downloads\[SkT]Koblischkova_Helena,_Jiri_Ondra_a_Tereza_Verecka_-_Alchymisti_CRo2023(2h26m) (3).torrent
2024-02-27 19:16 - 2024-02-27 19:16 - 000012321 _____ C:\Users\Uživatel\Downloads\[SkT]Koblischkova_Helena,_Jiri_Ondra_a_Tereza_Verecka_-_Alchymisti_CRo2023(2h26m) (2).torrent
2024-02-27 19:15 - 2024-02-27 19:16 - 000012321 _____ C:\Users\Uživatel\Downloads\[SkT]Koblischkova_Helena,_Jiri_Ondra_a_Tereza_Verecka_-_Alchymisti_CRo2023(2h26m) (1).torrent
2024-02-27 19:15 - 2024-02-27 19:15 - 000012321 _____ C:\Users\Uživatel\Downloads\[SkT]Koblischkova_Helena,_Jiri_Ondra_a_Tereza_Verecka_-_Alchymisti_CRo2023(2h26m).torrent
2024-02-22 19:22 - 2024-02-22 19:23 - 000210377 _____ C:\Users\Uživatel\Downloads\[SkT]EA_SPORTS_FIFA_23.torrent
2024-02-22 18:57 - 2024-02-22 18:57 - 000281941 _____ C:\Users\Uživatel\Downloads\[SkT]FIFA_23__Ultimate_Edition_CZ__[DODI_Repack] (1).torrent
2024-02-20 19:49 - 2024-02-20 19:49 - 000000000 ____D C:\Windows\system32\Tasks\GoogleSystem
2024-02-19 21:50 - 2024-02-19 21:50 - 000106104 _____ C:\Users\Uživatel\Downloads\[SkT]Way_of_the_Hunter_(v.1.25b) 5_DLC(2022)(CZ)[GOG] (1).torrent
2024-02-19 19:42 - 2024-02-19 19:42 - 000000746 _____ C:\Users\Uživatel\Desktop\DOOM Eternal.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-03-20 10:40 - 2024-01-31 09:41 - 001718036 _____ C:\Windows\system32\PerfStringBackup.INI
2024-03-20 10:40 - 2022-05-07 06:22 - 000000000 ____D C:\Windows\INF
2024-03-20 10:39 - 2024-02-02 19:48 - 000000000 ____D C:\Users\Uživatel\AppData\Roaming\utorrent
2024-03-20 10:35 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SystemTemp
2024-03-20 10:33 - 2024-02-06 19:01 - 000000000 ____D C:\Users\Uživatel\AppData\Roaming\discord
2024-03-20 10:33 - 2024-02-06 19:01 - 000000000 ____D C:\Users\Uživatel\AppData\Local\Discord
2024-03-20 10:33 - 2024-02-02 20:13 - 000000000 ____D C:\Program Files (x86)\Steam
2024-03-20 10:33 - 2024-02-02 19:50 - 000000000 ____D C:\Users\Uživatel\AppData\Local\BitTorrentHelper
2024-03-20 10:33 - 2024-01-31 09:40 - 000000000 ____D C:\ProgramData\NVIDIA
2024-03-20 10:33 - 2024-01-30 16:58 - 000012288 ___SH C:\DumpStack.log.tmp
2024-03-20 10:33 - 2024-01-30 16:58 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-03-20 10:33 - 2024-01-30 16:58 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-03-20 10:33 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-03-20 10:32 - 2022-05-07 06:17 - 000786432 _____ C:\Windows\system32\config\BBI
2024-03-20 10:22 - 2024-02-02 21:46 - 000000000 ____D C:\Users\Uživatel\AppData\Roaming\Lavasoft
2024-03-20 10:22 - 2024-02-02 21:46 - 000000000 ____D C:\Users\Uživatel\AppData\Local\Lavasoft
2024-03-20 10:22 - 2024-02-02 21:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2024-03-20 10:22 - 2024-02-02 21:45 - 000000000 ____D C:\ProgramData\Lavasoft
2024-03-20 10:22 - 2024-02-02 21:45 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2024-03-20 10:21 - 2022-05-07 06:24 - 000000000 ___HD C:\Windows\ELAMBKUP
2024-03-20 10:02 - 2024-02-02 21:47 - 000000000 ____D C:\ProgramData\Avast Software
2024-03-20 09:54 - 2024-01-31 14:40 - 000000000 ____D C:\Users\Uživatel\AppData\Local\CrashDumps
2024-03-20 09:38 - 2024-01-31 11:44 - 000000000 ____D C:\Users\Uživatel\AppData\Local\D3DSCache
2024-03-20 08:49 - 2024-01-31 11:42 - 000000000 ____D C:\Users\Uživatel\AppData\Local\Packages
2024-03-20 08:49 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-03-20 08:49 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\AppReadiness
2024-03-20 06:21 - 2024-02-03 01:04 - 000000000 ___HD C:\Users\Uživatel\.opera
2024-03-20 06:16 - 2024-02-06 19:01 - 000002242 _____ C:\Users\Uživatel\Desktop\Discord.lnk
2024-03-20 06:16 - 2024-02-03 00:09 - 000000000 ____D C:\Fraps
2024-03-17 10:44 - 2024-02-12 21:31 - 000000000 ____D C:\Users\Uživatel\AppData\Local\ForzaHorizon5
2024-03-17 10:44 - 2024-01-31 11:42 - 000000000 ____D C:\Users\Uživatel
2024-03-16 17:28 - 2024-01-30 16:58 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-03-15 19:59 - 2024-01-31 11:42 - 000002386 _____ C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-03-15 18:32 - 2024-01-31 13:33 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-03-13 18:02 - 2024-01-31 09:47 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2024-03-13 18:02 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\Dism
2024-03-13 18:02 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SystemResources
2024-03-13 18:02 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\bcastdvr
2024-03-13 18:02 - 2022-05-07 06:17 - 000000000 ____D C:\Windows\servicing
2024-03-13 17:44 - 2024-01-30 16:59 - 000000000 ____D C:\ProgramData\Packages
2024-03-13 17:43 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-03-13 17:31 - 2024-01-31 13:02 - 000000000 ____D C:\Windows\system32\MRT
2024-03-13 17:30 - 2024-01-31 13:02 - 190470136 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-03-13 17:30 - 2022-05-07 06:17 - 000000000 ____D C:\Windows\CbsTemp
2024-03-13 17:29 - 2024-01-31 09:33 - 003213824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-03-13 16:46 - 2024-01-30 16:58 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-03-03 13:45 - 2024-02-17 07:40 - 000003373 _____ C:\Windows\system32\Drivers\etc\hosts.rollback
2024-03-03 13:45 - 2024-02-16 08:37 - 000000000 ____D C:\Users\Uživatel\Documents\My Games
2024-03-03 13:45 - 2024-02-05 17:16 - 000000000 ____D C:\Windows\SysWOW64\directx
2024-03-02 16:56 - 2024-01-31 14:05 - 006031080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2024-03-02 16:56 - 2024-01-31 09:40 - 006943440 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2024-03-02 05:16 - 2024-01-30 16:58 - 000445848 _____ C:\Windows\system32\FNTCACHE.DAT
2024-03-02 05:15 - 2022-05-07 06:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-03-02 05:15 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\oobe
2024-03-02 05:15 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\appraiser
2024-03-02 05:15 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ShellExperiences
2024-03-02 05:15 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ShellComponents
2024-02-28 20:25 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\MUI
2024-02-28 20:25 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\MUI
2024-02-26 17:21 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\LiveKernelReports
2024-02-25 12:58 - 2024-02-03 13:19 - 000000000 ____D C:\Users\Uživatel\AppData\Roaming\Trine5
2024-02-20 19:49 - 2024-01-31 13:32 - 000000000 ____D C:\Program Files (x86)\Google
2024-02-19 19:42 - 2024-02-05 17:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOOM Eternal

==================== Files in the root of some directories ========

2024-03-20 08:53 - 2024-03-20 08:53 - 000498784 _____ (Adersoft) C:\ProgramData\certlm.exe
2024-03-20 08:53 - 2020-04-20 07:33 - 000000075 _____ () C:\ProgramData\driver_install.bat
2024-03-20 08:53 - 2020-04-20 07:33 - 000000077 _____ () C:\ProgramData\driver_uninstall.bat
2024-03-20 08:53 - 2019-11-07 12:51 - 000000148 _____ () C:\ProgramData\modify_tdr_delay.reg
2024-03-20 08:53 - 2021-08-23 01:34 - 000000122 _____ () C:\ProgramData\S.bat
2024-03-20 08:53 - 2019-11-07 12:51 - 000000127 _____ () C:\ProgramData\start_ae.bat
2024-03-20 08:53 - 2020-11-26 16:16 - 000000142 _____ () C:\ProgramData\start_beam.bat
2024-03-20 08:53 - 2019-11-07 12:51 - 000000022 _____ () C:\ProgramData\start_config.bat
2024-03-20 08:53 - 2020-11-26 16:16 - 000000115 _____ () C:\ProgramData\start_conflux.bat
2024-03-20 08:53 - 2021-06-11 15:12 - 000000129 _____ () C:\ProgramData\start_ergo.bat
2024-03-20 08:53 - 2021-06-11 15:12 - 000000120 _____ () C:\ProgramData\start_etc.bat
2024-03-20 08:53 - 2020-11-26 16:16 - 000000116 _____ () C:\ProgramData\start_eth.bat
2024-03-20 08:53 - 2020-05-13 03:56 - 000000106 _____ () C:\ProgramData\start_rvn.bat
2024-03-20 08:53 - 2019-11-07 12:51 - 000000204 _____ () C:\ProgramData\start_sero.bat
2024-02-16 11:39 - 2024-02-16 11:39 - 000000218 _____ () C:\Users\Uživatel\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

log:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19.03.2024
Ran by Uživatel (20-03-2024 10:41:27)
Running from C:\Users\Uživatel\Desktop
Microsoft Windows 11 Home Version 23H2 22631.3296 (X64) (2024-01-30 15:59:28)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2881046685-694218226-4097810256-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2881046685-694218226-4097810256-503 - Limited - Disabled)
Guest (S-1-5-21-2881046685-694218226-4097810256-501 - Limited - Disabled)
Uživatel (S-1-5-21-2881046685-694218226-4097810256-1002 - Administrator - Enabled) => C:\Users\Uživatel
WDAGUtilityAccount (S-1-5-21-2881046685-694218226-4097810256-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2881046685-694218226-4097810256-1002\...\uTorrent) (Version: 3.6.0.47016 - BitTorrent Limited)
7-Zip 23.01 (x64) (HKLM\...\7-Zip) (Version: 23.01 - Igor Pavlov)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1653.5 - AVAST Software) Hidden
Broken Sword 5 - the Serpent's Curse (HKLM-x32\...\GOGPACKBROKENSWORD5EP1EP2_is1) (Version: 2.1.0.4 - GOG.com)
BZZZT (HKLM-x32\...\BZZZT_) (Version: - )
CPUID CPU-Z 2.06 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.06 - CPUID, Inc.)
Discord (HKU\S-1-5-21-2881046685-694218226-4097810256-1002\...\Discord) (Version: 1.0.9015 - Discord Inc.)
DOOM Eternal (HKLM-x32\...\DOOM Eternal_is1) (Version: - dixen18)
Dynamic Application Loader Host Interface Service (HKLM\...\{FD2C01C4-F511-4B2E-BA8B-AAE44D4C3C7F}) (Version: 1.0.0.0 - Intel Corporation) Hidden
EasyTuneEngineService (HKLM-x32\...\{964575C3-5820-4642-A89A-754255B5EFE1}) (Version: 1.24.0109 - GIGABYTE) Hidden
EasyTuneEngineService (HKLM-x32\...\InstallShield_{964575C3-5820-4642-A89A-754255B5EFE1}) (Version: 1.24.0109 - GIGABYTE)
ENE Video Capture Box HAL (HKLM\...\{A096611D-BA11-4A1A-8D09-0A0462D7C8F2}) (Version: 1.0.5.15 - Ene Tech.) Hidden
ENE Video Capture Box HAL (HKLM-x32\...\{974259bf-3ed1-4cd6-9ed1-40c7f601a786}) (Version: 1.0.5.15 - Ene Tech.) Hidden
ENE_AIC_Marvell_HAL (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden
ENE_AIC_Marvell_HAL (HKLM-x32\...\{887e18fb-6bc3-4cd4-b34e-32d9ff71bbae}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden
ENE_DRAM_RGB_AIO (HKLM\...\{5B5CE185-F845-487D-824D-9D02A8B778FB}) (Version: 1.0.9.1 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{661c7ac8-4c45-4772-ba1d-090085dde688}) (Version: 1.0.9.1 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.11.2 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{7cf61546-b8ec-4a85-a301-fa8c79296bd0}) (Version: 1.0.11.2 - ENE TECHNOLOGY INC.) Hidden
ENE_External_Device_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.12.7 - ENE Tech) Hidden
ENE_External_Device_HAL (HKLM-x32\...\{a7b1cf47-d8f0-423d-9494-568195f1c864}) (Version: 1.0.12.7 - ENE Tech) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.1.8 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{bf256b46-8ff7-48be-ab7f-5661e9a0651f}) (Version: 1.0.1.8 - ENE TECHNOLOGY INC.) Hidden
ENE_X_AIC_HAL (HKLM\...\{CF703694-01C6-4062-B797-84DB215662BC}) (Version: 1.0.6.3 - ENE TECHNOLOGY INC.) Hidden
ENE_X_AIC_HAL (HKLM-x32\...\{c662a481-d76a-4188-95d2-6eb4ffd55542}) (Version: 1.0.6.3 - ENE TECHNOLOGY INC.) Hidden
Expeditions: A MudRunner Game (HKLM-x32\...\Expeditions: A MudRunner Game_is1) (Version: - )
Forza Horizon 5 (HKLM-x32\...\Forza Horizon 5_is1) (Version: 0.0.0 - DODI-Repacks)
Fraps (HKLM-x32\...\Fraps) (Version: - )
GBT_MB_Update (HKLM\...\GBT_MB_Update) (Version: 24.01.02.01 - GIGABYTE)
GBT_RGB_Sync_Control 24.01.16.01 (HKLM\...\GBT_RGB_Sync_Control) (Version: 24.01.16.01 - GIGABYTE)
GBT_rgbMotherboard_UC 23.12.28.01 (HKLM\...\GBT_rgbMotherboard_UC) (Version: 23.12.28.01 - GIGABYTE)
GBTECService (HKLM-x32\...\{759D7F2F-1F0D-461E-A3CD-BF58FC60DB2F}) (Version: 1.24.0102 - Gigabyte) Hidden
GBTECService (HKLM-x32\...\InstallShield_{759D7F2F-1F0D-461E-A3CD-BF58FC60DB2F}) (Version: 1.24.0102 - Gigabyte)
GIGABYTE Control Center 24.01.20.01 (HKLM\...\GIGABYTE Control Center) (Version: 24.01.20.01 - GIGABYTE)
GIGABYTE Performance Library (HKLM\...\MBEasyTune) (Version: 24.01.09.01 - GIGABYTE)
Gigabyte Speed 12.00 (HKLM\...\Gigabyte Speed) (Version: 12.00 - cFos Software GmbH, Bonn)
GIGABYTE Storage Library (HKLM\...\MBStorage) (Version: 23.12.29.01 - GIGABYTE)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 122.0.6261.129 - Google LLC)
Half Life Alyx v.1.2 (HKLM-x32\...\Half Life Alyx_is1) (Version: - )
Hogwarts Legacy (HKLM-x32\...\Hogwarts Legacy_is1) (Version: 0.0.0 - DODI-Repacks)
Horizon Zero Dawn™ Complete Edition (HKLM-x32\...\1209025141_is1) (Version: 7517962 - GOG.com)
Intel(R) HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 2.2.1.386 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM\...\{D666FBA1-39CE-48D2-9336-9256827EB308}) (Version: 10.1.19502.8391 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{e7892987-b2d0-4c0d-951c-86af011df195}) (Version: 10.1.19502.8391 - Intel(R) Corporation)
Intel(R) Icls (HKLM\...\{731E6324-F594-4C19-AA7A-B9145A331BD2}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2331.5.20.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{E2021C1F-CC6F-43F5-B4FF-F21E3091DEF1}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{03F18B6E-52BA-4906-8993-9EA0AD0D6DD2}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME WMI Provider (HKLM\...\{492E26A3-3FB9-4ECA-913E-426EEA93E5FB}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{47D5774F-BBF9-401C-B909-B056C0391B39}) (Version: 30.100.2237.26 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.2237.26 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000020-0230-1029-84C8-B8D95FA3C8C3}) (Version: 23.20.0.3 - Intel Corporation)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0.1 - AppWork GmbH)
LibreOffice 24.2.0.3 (HKLM\...\{5A433714-C509-4707-BF0C-410D3FBCE8B3}) (Version: 24.2.0.3 - The Document Foundation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 122.0.2365.92 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 122.0.2365.92 - Microsoft Corporation)
Microsoft Flight Simulator v.1.12.13.0 Update 10 (HKLM-x32\...\Microsoft Flight Simulator_is1) (Version: - )
Microsoft OneDrive (HKU\S-1-5-21-2881046685-694218226-4097810256-1002\...\OneDriveSetup.exe) (Version: 24.040.0225.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33135 (HKLM-x32\...\{c649ede4-f16a-4486-a117-dcc2f2a35165}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.38.33135 (HKLM-x32\...\{46c3b171-c15c-4137-8e1d-67eeb2985b44}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.38.33135 (HKLM\...\{19AFE054-CA83-45D5-A9DB-4108EF4BD391}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.38.33135 (HKLM\...\{AA0C8AB5-7297-4D46-A0D9-08096FE59E46}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.38.33135 (HKLM-x32\...\{9C19C103-7DB1-44D1-A039-2C076A633A38}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.38.33135 (HKLM-x32\...\{286DC39B-5FB7-4AFF-9DD4-22DB47664CD7}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Noční obloha 1.5 (HKLM-x32\...\Noční obloha_is1) (Version: - )
NVIDIA FrameView (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameView) (Version: 1.4.8323.32104943 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 551.76 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 551.76 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.1.0.1 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{07236f40-ec25-4646-8cb6-b6aaf1597324}) (Version: 1.1.0.1 - Patriot Memory) Hidden
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9373.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 11.16.1123.2023 - Realtek)
Smart Backup (x64) (HKLM\...\{BC1FA5CF-A36F-4C61-9638-09D0B431B006}) (Version: 3.22.0826.1 - Gigabyte) Hidden
Smart Backup (x64) (HKLM-x32\...\InstallShield_{BC1FA5CF-A36F-4C61-9638-09D0B431B006}) (Version: 3.22.0826.1 - Gigabyte)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Strike Force Heroes (HKLM-x32\...\Strike Force Heroes_is1) (Version: - )
The Last of Us (HKLM-x32\...\The Last of Us_is1) (Version: 0.0.0 - DODI-Repacks)
Time Lock VR-2 (HKLM-x32\...\1668927526_is1) (Version: 5 - GOG.com)
Verbatim_SureFireGaming_Product (HKLM\...\{35CB65C6-A7E3-4EE7-AD40-738D70A72164}) (Version: 1.0.3.11 - Verbatim) Hidden
Verbatim_SureFireGaming_Product (HKLM-x32\...\{d601832a-0d94-46ce-9b19-78e8a5887313}) (Version: 1.0.3.11 - Verbatim) Hidden
WD P40 Game Drive (HKLM\...\{EE55DBAE-ECDD-4ADD-AAB5-23DE848B0996}) (Version: 1.0.2.18 - Western Digital Corporation) Hidden
WD P40 Game Drive (HKLM-x32\...\{72b1a866-fc31-4381-bff3-fa6cd8823777}) (Version: 1.0.2.18 - Western Digital Corporation) Hidden
WinRAR 6.24 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.24.0 - win.rar GmbH)

Packages:
=========

Dev Home -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.1200.442.0_x64__8wekyb3d8bbwe [2024-03-20] (Microsoft Corporation)
Microsoft.BingSearch -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.91.0_x64__8wekyb3d8bbwe [2024-02-16] (Microsoft Corporation)
Microsoft.WindowsAppRuntime.CBS -> C:\Windows\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2024-03-02] (Microsoft Corporation)
MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24022.88.0_x64__cw5n1h2txyewy [2024-03-20] (Microsoft Windows) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2024-03-06] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.36.273.0_x64__dt26b99r8h8gj [2024-01-31] (Realtek Semiconductor Corp)
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2024-03-02] (Microsoft Corporation)
WinRAR -> C:\Program Files\WinRAR [2024-01-31] (win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2881046685-694218226-4097810256-1002_Classes\CLSID\{FD848478-65F5-4F01-ACD9-69195EC3631F}\localserver32 -> C:\Program Files\cFosSpeed\cFosSpeed.exe (cFos Software GmbH -> cFos Software GmbH)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_92b25561841a09dd\nvshext.dll [2024-03-02] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2019-08-30] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2019-08-30] (Beepa P/L) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2013-03-08 11:28 - 2013-03-08 11:28 - 000187392 _____ (Gigabyte Technology CO., LTD.) [File not signed] C:\Program Files\GIGABYTE\Smart Backup\RescuePlan.dll
2018-10-19 10:44 - 2018-10-19 10:44 - 000751616 _____ (Gigabyte Technology CO., LTD.) [File not signed] C:\Program Files\GIGABYTE\Smart Backup\srpCore.dll
2024-02-02 19:48 - 2024-02-19 22:31 - 004309504 _____ (Rainberry, Inc.) [File not signed] C:\Users\Uživatel\AppData\Roaming\utorrent\bt_datachannel.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: GBHO.BHO -> {45d30484-7ded-43d9-957a-d2fd1f046511} -> C:\Windows\system32\mscoree.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation)
Toolbar: HKLM - Smart Backup - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\Windows\system32\mscoree.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2881046685-694218226-4097810256-1002\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2022-05-07 06:24 - 2024-03-03 13:45 - 000003373 _____ C:\Windows\system32\drivers\etc\hosts
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
127.0.0.1 checkhost.local
109.94.209.70 www.fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 fitgirl-repack.com # Fake FitGirl site
109.94.209.70 fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repack.net # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.net # Fake FitGirl site
109.94.209.70 fitgirlpack.site # Fake FitGirl site
109.94.209.70 www.fitgirlpack.site # Fake FitGirl site
109.94.209.70 fitgirl-repack.org # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.org # Fake FitGirl site
109.94.209.70 fitgirlrepacks.pro # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.pro # Fake FitGirl site
109.94.209.70 fitgirlrepack.games # Fake FitGirl site
109.94.209.70 www.fitgirlrepack.games # Fake FitGirl site
109.94.209.70 fitgirl-repacks-site.org # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks-site.org # Fake FitGirl site

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2881046685-694218226-4097810256-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

Network Binding:
=============
Wi-Fi: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)
Ethernet: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "Gigabyte Speed"
HKU\S-1-5-21-2881046685-694218226-4097810256-1002\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_83C387DA30640047C508B0EE92F9D83E"
HKU\S-1-5-21-2881046685-694218226-4097810256-1002\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{9461C0F8-7CB4-4747-B418-AC504562A20D}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23335.242.2641.4129_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5D83F325-3C49-47A3-886A-76473D2215B2}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23335.242.2641.4129_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{420F59FF-9517-4EF8-A3D0-BC4645F1618E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D9EFEEC2-C4BA-42B6-9485-9B60823ABCEF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7059A6E5-BF5A-4CB9-AFE4-C00821937A15}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C15D9A8D-8282-4025-883B-265AC23CE99F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{159669B1-7DA8-450C-953A-082C4EF1C74C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{23ECF8EA-0301-4CC5-8CB1-B86BB9D48AED}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A27B1296-23AD-4889-8123-A3791D4B83E7}] => (Allow) C:\Program Files\GIGABYTE\Control Center\GCC.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{23C914DC-E9DE-44DA-95B7-D9FBF9BE189B}] => (Allow) C:\Program Files\GIGABYTE\Control Center\GCC.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{645B6CD8-CC8A-437D-81B9-18C3EA9FB80A}] => (Allow) C:\Users\Uživatel\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [{F50295B0-E166-43CE-B114-343C8BA0AD83}] => (Allow) C:\Users\Uživatel\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [{13F35CF8-7686-40EB-8E52-632F2030B2BF}] => (Allow) C:\Users\Uživatel\AppData\Local\Programs\Opera\106.0.4998.70\opera.exe => No File
FirewallRules: [{09414CF3-EFDB-4C2D-918A-D5E1A3521501}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{3C51A5E7-A273-4071-8DB0-D6493434E07F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{6D2833B4-B362-48CB-91E3-CB1BF0525E78}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{FED59EBE-FC8B-457E-9635-AB18908481D9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{F98EFBCB-22E6-49C7-AF7B-1D176F615F89}D:\hry\resident evil 4 remake\re4.exe] => (Block) D:\hry\resident evil 4 remake\re4.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.)
FirewallRules: [UDP Query User{0760ED40-EC78-471B-A33F-BE6244D454B0}D:\hry\resident evil 4 remake\re4.exe] => (Block) D:\hry\resident evil 4 remake\re4.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.)
FirewallRules: [TCP Query User{09D1D9ED-9C9C-4808-A108-029D365C9DBD}D:\hry\uncharted legacy of thieves collection\u4.exe] => (Block) D:\hry\uncharted legacy of thieves collection\u4.exe () [File not signed]
FirewallRules: [UDP Query User{0C0E8880-E80C-437A-A241-48B5A36C8ABA}D:\hry\uncharted legacy of thieves collection\u4.exe] => (Block) D:\hry\uncharted legacy of thieves collection\u4.exe () [File not signed]
FirewallRules: [TCP Query User{AB41977B-DB43-4DFB-949B-C164C490E31B}D:\games\doom eternal\doometernalx64vk.exe] => (Allow) D:\games\doom eternal\doometernalx64vk.exe (id Software) [File not signed]
FirewallRules: [UDP Query User{286EDD34-9E77-4B07-B938-92B901F7AF76}D:\games\doom eternal\doometernalx64vk.exe] => (Allow) D:\games\doom eternal\doometernalx64vk.exe (id Software) [File not signed]
FirewallRules: [TCP Query User{9E17F5E4-9A88-43F1-B4E4-8972F904492D}D:\program files (x86)\dodi-repacks\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe] => (Allow) D:\program files (x86)\dodi-repacks\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe (Warner Bros. Interactive) [File not signed]
FirewallRules: [UDP Query User{AAA03BD6-CE8A-443B-9AA7-9E92A0074F2B}D:\program files (x86)\dodi-repacks\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe] => (Allow) D:\program files (x86)\dodi-repacks\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe (Warner Bros. Interactive) [File not signed]
FirewallRules: [TCP Query User{E22F5BB7-DE9F-4855-AED9-CE2951D9DF76}D:\download\beat saber v1 30 0 all dlc\beat.saber.v1.30.0.all.dlc\beat saber\beat saber.exe] => (Block) D:\download\beat saber v1 30 0 all dlc\beat.saber.v1.30.0.all.dlc\beat saber\beat saber.exe () [File not signed]
FirewallRules: [UDP Query User{732F6B18-8960-4C24-AAB7-35BE53A0CA5A}D:\download\beat saber v1 30 0 all dlc\beat.saber.v1.30.0.all.dlc\beat saber\beat saber.exe] => (Block) D:\download\beat saber v1 30 0 all dlc\beat.saber.v1.30.0.all.dlc\beat saber\beat saber.exe () [File not signed]
FirewallRules: [TCP Query User{1A6E1F03-E957-4382-9C01-49A742216D93}D:\games\microsoft flight simulator\flightsimulator.exe] => (Block) D:\games\microsoft flight simulator\flightsimulator.exe (Asobo Studio) [File not signed]
FirewallRules: [UDP Query User{BBD08820-943B-416C-9D80-6032054D4CD1}D:\games\microsoft flight simulator\flightsimulator.exe] => (Block) D:\games\microsoft flight simulator\flightsimulator.exe (Asobo Studio) [File not signed]
FirewallRules: [{C159A5EF-1DC0-4A94-98DC-B327BB051100}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B1C39C95-CCD5-43D3-B726-3BB5C87BB6DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{9CE71D39-4A9E-430E-861E-178CFD1E9E2D}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{4F082068-A460-4EE1-A5C5-020CE80A2DD2}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{16758445-B3AE-4DC7-A6EA-FD1A90F265A4}C:\programdata\nbminer.exe] => (Block) C:\programdata\nbminer.exe => No File
FirewallRules: [UDP Query User{14798890-7C04-44A4-83E0-AD836C122289}C:\programdata\nbminer.exe] => (Block) C:\programdata\nbminer.exe => No File

==================== Restore Points =========================

06-03-2024 16:56:02 Windows Update
12-03-2024 16:30:19 Windows Update
15-03-2024 19:38:02 Windows Update
19-03-2024 06:55:59 Windows Update

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (03/20/2024 09:55:21 AM) (Source: sbprotect) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/20/2024 09:55:21 AM) (Source: sbprotect) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/20/2024 09:54:25 AM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-PC)
Description: Název chybující aplikace: certlm.exe, verze: 9.7.82.5, časové razítko: 0x61eab30b
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.22621.3235, časové razítko: 0x2b72307b
Kód výjimky: 0x8000ffff
Posun chyby: 0x0000000000065b0c
ID chybujícího procesu: 0x0x4b5c
Čas spuštění chybující aplikace: 0x0x1da7aa42761eda0
Cesta k chybující aplikaci: C:\ProgramData\certlm.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: eddd7719-6e6a-4126-b461-1eab77db1232
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/20/2024 09:36:10 AM) (Source: sbprotect) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/20/2024 09:36:10 AM) (Source: sbprotect) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/20/2024 09:33:29 AM) (Source: sbprotect) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/20/2024 09:33:29 AM) (Source: sbprotect) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/20/2024 09:30:07 AM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-PC)
Description: Název chybující aplikace: certlm.exe, verze: 9.7.82.5, časové razítko: 0x61eab30b
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.22621.3235, časové razítko: 0x2b72307b
Kód výjimky: 0x8000ffff
Posun chyby: 0x0000000000065b0c
ID chybujícího procesu: 0x0x22b4
Čas spuštění chybující aplikace: 0x0x1da7aa0a9298fc8
Cesta k chybující aplikaci: C:\ProgramData\certlm.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 0295b54a-a084-4bac-ae8c-389bb32c3bdd
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

System errors:
=============
Error: (03/20/2024 10:35:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (03/20/2024 10:35:19 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).

Error: (03/20/2024 10:33:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba DCIService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (03/20/2024 10:25:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (03/20/2024 10:25:57 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).

Error: (03/20/2024 10:23:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba DCIService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (03/20/2024 10:23:29 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\DriverStore\FileRepository\netwtw6e.inf_amd64_676bed065e3f9992\IntelIHVRouter14.dll

Error: (03/20/2024 10:23:29 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\DriverStore\FileRepository\netwtw6e.inf_amd64_676bed065e3f9992\IntelIHVRouter14.dll

Windows Defender:
================
Date: 2024-03-20 10:33:31
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:VBS/Mountsi.C!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: amsi:_\Device\HarddiskVolume3\ProgramData\certlm.exe
Původ detekce: Neznámý
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.407.565.0, AS: 1.407.565.0, NIS: 1.407.565.0
Verze modulu: AM: 1.1.24020.9, NIS: 1.1.24020.9

Date: 2024-03-20 10:24:09
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:VBS/Mountsi.C!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: amsi:_\Device\HarddiskVolume3\ProgramData\certlm.exe
Původ detekce: Neznámý
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.407.565.0, AS: 1.407.565.0, NIS: 1.407.565.0
Verze modulu: AM: 1.1.24020.9, NIS: 1.1.24020.9

Date: 2024-03-20 10:20:55
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:VBS/Mountsi.C!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: amsi:_\Device\HarddiskVolume3\ProgramData\certlm.exe
Původ detekce: Neznámý
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.407.565.0, AS: 1.407.565.0, NIS: 1.407.565.0
Verze modulu: AM: 1.1.24020.9, NIS: 1.1.24020.9

Date: 2024-03-20 10:17:50
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:VBS/Mountsi.C!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: amsi:_\Device\HarddiskVolume3\ProgramData\certlm.exe
Původ detekce: Neznámý
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.407.565.0, AS: 1.407.565.0, NIS: 1.407.565.0
Verze modulu: AM: 1.1.24020.9, NIS: 1.1.24020.9

Date: 2024-03-20 10:16:02
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:VBS/Mountsi.C!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: amsi:_\Device\HarddiskVolume3\ProgramData\certlm.exe
Původ detekce: Neznámý
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.407.565.0, AS: 1.407.565.0, NIS: 1.407.565.0
Verze modulu: AM: 1.1.24020.9, NIS: 1.1.24020.9
Event[0]

Date: 2024-02-28 16:03:41
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.405.697.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.24010.10
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

Date: 2024-02-28 16:03:41
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.405.697.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.24010.10
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

Date: 2024-02-16 00:34:48
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.403.3761.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23110.2
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.

Date: 2024-02-16 00:34:48
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.403.3761.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23110.2
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.

Date: 2024-02-15 20:02:01
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.403.3761.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23110.2
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

CodeIntegrity:
===============
Date: 2024-03-20 09:57:58
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2024-03-20 09:57:47
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends International, LLC. F8 12/15/2023
Motherboard: Gigabyte Technology Co., Ltd. B760 DS3H AX
Processor: Intel(R) Core(TM) i7-14700F
Percentage of memory in use: 19%
Total physical RAM: 32604.92 MB
Available physical RAM: 26273.13 MB
Total Virtual: 37212.92 MB
Available Virtual: 27679.42 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:202.13 GB) (Free:104.75 GB) (Model: WD Blue SN580 2TB) NTFS
Drive d: (Nový svazek) (Fixed) (Total:1660.16 GB) (Free:532.84 GB) (Model: WD Blue SN580 2TB) NTFS

\\?\Volume{26049908-741c-4078-8fdd-acd3a0defc78}\ () (Fixed) (Total:0.61 GB) (Free:0.06 GB) NTFS
\\?\Volume{55d42113-0b7e-4d33-b111-5c469167e272}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

#2 Příspěvek od **Rudy** » 20 bře 2024 13:59

Zdravím!
Spusťte tuto utilitu:

lozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpoved

ebola · #3 Příspěvek od **ebola** » 20 bře 2024 15:58

# -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build: 03-04-2024
# Database: 2024-03-04.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 03-20-2024
# Duration: 00:00:03
# OS: Windows 11 (Build 22631.3296)
# Scanned: 32101
# Detected: 0

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.

AdwCleaner[S00].txt - [3418 octets] - [20/03/2024 10:21:50]
AdwCleaner[C00].txt - [3260 octets] - [20/03/2024 10:22:17]
AdwCleaner[S01].txt - [1542 octets] - [20/03/2024 10:23:01]
AdwCleaner[C01].txt - [1732 octets] - [20/03/2024 10:23:17]
AdwCleaner[S02].txt - [1664 octets] - [20/03/2024 15:47:02]
AdwCleaner[S03].txt - [1725 octets] - [20/03/2024 15:47:25]
AdwCleaner[S04].txt - [1786 octets] - [20/03/2024 15:49:27]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S05].txt ##########

#4 Příspěvek od **Rudy** » 20 bře 2024 17:08

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKU\S-1-5-21-2881046685-694218226-4097810256-1002\...\Run: [DQCIKCDACO] => C:\ProgramData\certlm.exe [498784 2024-03-20] (Adersoft -> Adersoft) <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
2 DCIService; C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe [X] <==== ATTENTION
C:\ProgramData\S.bat
C:\ProgramData\start_ergo.bat
C:\ProgramData\start_etc.bat
C:\ProgramData\start_beam.bat
C:\ProgramData\start_eth.bat
C:\ProgramData\start_conflux.bat
C:\ProgramData\start_rvn.bat
C:\ProgramData\driver_uninstall.bat
C:\ProgramData\driver_install.bat
C:\ProgramData\start_sero.bat
C:\ProgramData\start_ae.bat
C:\ProgramData\start_config.bat
C:\ProgramData\Test9
C:\ProgramData\Test8
C:\ProgramData\Test7
C:\ProgramData\Test6
C:\ProgramData\Test5
C:\ProgramData\Test4
C:\ProgramData\Test3
C:\ProgramData\Test2
C:\ProgramData\Test17
C:\ProgramData\Test16
C:\ProgramData\Test15
C:\ProgramData\Test14
C:\ProgramData\Test13
C:\ProgramData\Test12
C:\ProgramData\Test11
C:\ProgramData\Test10
C:\ProgramData\Test1
C:\ProgramData\player9
C:\ProgramData\player8
C:\ProgramData\player7
C:\ProgramData\player6
C:\ProgramData\player5
C:\ProgramData\player4
C:\ProgramData\player3
C:\ProgramData\player2
C:\ProgramData\player17
C:\ProgramData\player16
C:\ProgramData\player15
C:\ProgramData\player14
C:\ProgramData\player13
C:\ProgramData\player12
C:\ProgramData\player11
C:\ProgramData\player10
C:\ProgramData\player1
C:\ProgramData\player
FirewallRules: [{13F35CF8-7686-40EB-8E52-632F2030B2BF}] => (Allow) C:\Users\Uživatel\AppData\Local\Programs\Opera\106.0.4998.70\opera.exe => No File
FirewallRules: [TCP Query User{16758445-B3AE-4DC7-A6EA-FD1A90F265A4}C:\programdata\nbminer.exe] => (Block) C:\programdata\nbminer.exe => No File
FirewallRules: [UDP Query User{14798890-7C04-44A4-83E0-AD836C122289}C:\programdata\nbminer.exe] => (Block) C:\programdata\nbminer.exe => No File
\Device\HarddiskVolume3\ProgramData\certlm.exe

EmptyTemp:
Hosts:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

ebola · #5 Příspěvek od **ebola** » 21 bře 2024 08:23

zdravím
poznámkový blok jsem vytvořil ..spustil FRST ,fix nejde spustit
jen scan
zde je log

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19.03.2024
Ran by Uživatel (administrator) on DESKTOP-PC (Gigabyte Technology Co., Ltd. B760 DS3H AX) (21-03-2024 08:14:00)
Running from C:\Users\Uživatel\Desktop\FRST64.exe
Loaded Profiles: Uživatel
Platform: Microsoft Windows 11 Home Version 23H2 22631.3296 (X64) Language: Čeština (Česko)
Default browser not detected!
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Users\Uživatel\AppData\Roaming\utorrent\updates\3.6.0_47016\utorrentie.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\msedgewebview2.exe <14>
(C:\Users\Uživatel\AppData\Roaming\utorrent\uTorrent.exe ->) (BitTorrent Inc -> BitTorrent Inc.) C:\Users\Uživatel\AppData\Roaming\utorrent\helper\helper.exe
(C:\Users\Uživatel\AppData\Roaming\utorrent\uTorrent.exe ->) (BitTorrent Inc -> BitTorrent Inc.) C:\Users\Uživatel\AppData\Roaming\utorrent\updates\3.6.0_47016\utorrentie.exe <2>
(Discord Inc. -> Discord Inc.) C:\Users\Uživatel\AppData\Local\Discord\app-1.0.9037\Discord.exe <6>
(explorer.exe ->) (BitTorrent Inc -> BitTorrent Limited) C:\Users\Uživatel\AppData\Roaming\utorrent\uTorrent.exe
(explorer.exe ->) (Tošovský Jan) [File not signed] C:\Program Files (x86)\Noční obloha\vesmir.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> Gigabyte Technology CO.) C:\Program Files\GIGABYTE\Smart Backup\RPMDaemon.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(services.exe ->) (cFos Software GmbH -> cFos Software GmbH) C:\Program Files\cFosSpeed\spd.exe
(services.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\Gigabyte\EasyTuneEngineService\EasyTuneEngineService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_06c43e1ee675eae7\WMIRegistrationService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_92b25561841a09dd\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_b55ed36a9a78cc75\RtkAudUService64.exe <2>
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.310.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_b55ed36a9a78cc75\RtkAudUService64.exe [3495808 2022-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Gigabyte Speed] => C:\Program Files\cFosSpeed\cFosSpeed.exe [1647880 2021-06-15] (cFos Software GmbH -> cFos Software GmbH)
HKLM\...\RunOnce: [RPMKickstart] => C:\Program Files\GIGABYTE\Smart Backup\RPMKickstartEx.exe [2320384 2014-04-01] (TODO: <Company name>) [File not signed]
HKU\S-1-5-21-2881046685-694218226-4097810256-1002\...\Run: [MicrosoftEdgeAutoLaunch_83C387DA30640047C508B0EE92F9D83E] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4060712 2024-03-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2881046685-694218226-4097810256-1002\...\Run: [ut] => C:\Users\Uživatel\AppData\Roaming\utorrent\uTorrent.exe [2071560 2024-02-19] (BitTorrent Inc -> BitTorrent Limited)
HKU\S-1-5-21-2881046685-694218226-4097810256-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4384104 2024-03-06] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2881046685-694218226-4097810256-1002\...\Run: [Discord] => C:\Users\Uživatel\AppData\Local\Discord\Update.exe [1525016 2023-07-06] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2881046685-694218226-4097810256-1002\...\Run: [DQCIKCDACO] => C:\ProgramData\certlm.exe [498784 2024-03-20] (Adersoft -> Adersoft) <==== ATTENTION
HKU\S-1-5-21-2881046685-694218226-4097810256-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [61440 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\122.0.6261.129\Installer\chrmstp.exe [2024-03-15] (Google LLC -> Google LLC)
Startup: C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\certlm.exe [2024-03-20] (Adersoft -> Adersoft)
Startup: C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Vesmír na dlani.lnk [2024-02-13]
ShortcutTarget: Vesmír na dlani.lnk -> C:\Program Files (x86)\Noční obloha\vesmir.exe (Tošovský Jan) [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {C8F45409-ED7F-4B02-BCB7-A9196C1588FE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1561F180-44F3-4D31-B7A0-0B44193A6889} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {023BD764-0625-4A98-855D-95DBE15C3EE0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5E68D613-EBC4-41CA-BF27-D4EDEB3945B8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{581537f7-1fc5-4505-8cfe-3b8a8c15c908}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{581537f7-1fc5-4505-8cfe-3b8a8c15c908}: [DhcpDomain] local.tld
Tcpip\..\Interfaces\{8eed2691-82f0-4ef7-833f-406d835710d0}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8eed2691-82f0-4ef7-833f-406d835710d0}: [DhcpDomain] local.tld

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Uživatel\AppData\Local\Microsoft\Edge\User Data\Default [2024-03-21]
Edge Notifications: Default -> hxxps://www.facebook.com
Edge HomePage: Default -> hxxps://?
Edge Extension: (Dokumenty Google offline) - C:\Users\Uživatel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-01]
Edge Extension: (Edge relevant text changes) - C:\Users\Uživatel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-31]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]

Chrome:
=======
CHR Profile: C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default [2024-03-20]
CHR HomePage: Default -> hxxps://?
CHR StartupUrls: Default -> "hxxps://?"
CHR DefaultSearchURL: Default -> hxxps://simplesearch.co?q={searchTerms}&pId=JD180501&iDate=2024-02-02 08:46:42&bitmask=9998&searchsource=58&sp=12
CHR DefaultSearchKeyword: Default -> default bing
CHR DefaultSuggestURL: Default -> hxxp://api.bing.com/osjson.aspx?query={searchTerms}
CHR Extension: (Dokumenty Google offline) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-31]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-03-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-01-31]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

Opera:
=======
OPR DefaultProfile: Default

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [602376 2021-06-15] (cFos Software GmbH -> cFos Software GmbH)
R2 EasyTuneEngineService; C:\Program Files (x86)\Gigabyte\EasyTuneEngineService\EasyTuneEngineService.exe [150640 2023-11-06] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S2 GBTECService; C:\Program Files (x86)\Gigabyte\GBTECService\OLEDDisplayService.exe [19568 2023-12-07] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S2 GoogleUpdaterInternalService124.0.6359.0; C:\Program Files (x86)\Google\GoogleUpdater\124.0.6359.0\updater.exe [4749088 2024-03-15] (Google LLC -> Google LLC)
S2 GoogleUpdaterService124.0.6359.0; C:\Program Files (x86)\Google\GoogleUpdater\124.0.6359.0\updater.exe [4749088 2024-03-15] (Google LLC -> Google LLC)
S2 Intel(R) Platform License Manager Service; C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_4911ed214bf8cf23\lib\PlatformLicenseManagerService.exe [740960 2023-06-22] (Intel Corporation -> Intel(R) Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_92b25561841a09dd\Display.NvContainer\NVDisplay.Container.exe [1275000 2024-03-02] (NVIDIA Corporation -> NVIDIA Corporation)
S2 OCButtonService; C:\Program Files (x86)\Gigabyte\EasyTuneEngineService\OcButtonService.exe [131184 2023-12-06] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\NisSrv.exe [3191272 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe [133688 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 DCIService; C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe [X] <==== ATTENTION
S3 LibreOfficeMaintenance; "C:\Program Files\LibreOffice\program\update_service.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 BdDci; C:\Windows\system32\DRIVERS\bddci.sys [800672 2024-02-02] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
R1 cFosSpeed; C:\Windows\system32\DRIVERS\cfosspeed6.sys [1694504 2021-06-15] (cFos Software GmbH -> cFos Software GmbH)
R1 CTIIO; C:\Windows\system32\drivers\CtiIo64.sys [34512 2024-01-31] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
R3 gdrv3; C:\Windows\system32\drivers\gdrv3.sys [51520 2024-01-31] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R3 iaLPSS2_GPIO2_ADL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_302e75596cffa74a\iaLPSS2_GPIO2_ADL.sys [150616 2022-10-18] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_ADL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_i2c_adl.inf_amd64_e736c048ca307ed2\iaLPSS2_I2C_ADL.sys [220224 2022-10-18] (Intel Corporation -> Intel Corporation)
R3 MpKsl58e444ab; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D020999F-2FC7-4ED2-8D9A-E1D244BA6558}\MpKslDrv.sys [300312 2024-03-21] (Microsoft Windows -> Microsoft Corporation)
R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2024-01-18] (Nvidia Corporation -> NVIDIA Corporation)
R3 rt68cx21; C:\Windows\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_fbf50634f3ddb33d\rt68cx21x64.sys [779728 2023-12-05] (Realtek Semiconductor Corp. -> Realtek)
S3 rtcx21; C:\Windows\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
R0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [20928 2024-03-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [603416 2024-03-13] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105752 2024-03-13] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-03-21 08:14 - 2024-03-21 08:14 - 000015604 _____ C:\Users\Uživatel\Desktop\FRST.txt
2024-03-21 08:11 - 2024-03-21 08:11 - 000002242 _____ C:\Users\Uživatel\Desktop\fixlist.txt..txt
2024-03-20 17:37 - 2024-03-20 17:37 - 000725758 _____ C:\Windows\system32\perfh005.dat
2024-03-20 17:37 - 2024-03-20 17:37 - 000151026 _____ C:\Windows\system32\perfc005.dat
2024-03-20 15:46 - 2024-03-20 15:46 - 008790880 _____ (Malwarebytes) C:\Users\Uživatel\Downloads\adwcleaner(2).exe
2024-03-20 15:01 - 2024-03-20 15:01 - 000000000 ____D C:\Users\Uživatel\AppData\LocalLow\Petoons Studio
2024-03-20 10:27 - 2024-03-21 08:14 - 000000000 ____D C:\FRST
2024-03-20 10:26 - 2024-03-20 10:27 - 002390528 _____ (Farbar) C:\Users\Uživatel\Desktop\FRST64.exe
2024-03-20 10:21 - 2024-03-20 10:22 - 000000000 ____D C:\AdwCleaner
2024-03-20 09:30 - 2024-03-20 09:30 - 000888600 _____ (Google LLC) C:\Users\Public\Documents\gcapi.dll
2024-03-20 09:22 - 2024-03-20 10:02 - 000001623 _____ C:\Windows\system32\config\VSMIDK
2024-03-20 09:21 - 2024-03-20 09:21 - 000003716 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{E58FF010-1160-4E42-9360-57A5AB343DFE}
2024-03-20 09:21 - 2024-03-20 09:21 - 000003592 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{3C69F2DF-9869-4CA3-BA58-65EB50FB2BF9}
2024-03-20 08:53 - 2024-03-20 08:53 - 000498784 _____ (Adersoft) C:\ProgramData\certlm.exe
2024-03-20 08:53 - 2021-08-23 01:34 - 000000122 _____ C:\ProgramData\S.bat
2024-03-20 08:53 - 2021-08-20 16:28 - 000033271 _____ C:\ProgramData\readme.md
2024-03-20 08:53 - 2021-08-20 16:20 - 000030588 _____ C:\ProgramData\readme_zh.md
2024-03-20 08:53 - 2021-08-20 13:37 - 000000078 _____ C:\ProgramData\nbminer.exe.sha256
2024-03-20 08:53 - 2021-06-11 15:12 - 000000129 _____ C:\ProgramData\start_ergo.bat
2024-03-20 08:53 - 2021-06-11 15:12 - 000000120 _____ C:\ProgramData\start_etc.bat
2024-03-20 08:53 - 2020-11-26 16:16 - 000000142 _____ C:\ProgramData\start_beam.bat
2024-03-20 08:53 - 2020-11-26 16:16 - 000000116 _____ C:\ProgramData\start_eth.bat
2024-03-20 08:53 - 2020-11-26 16:16 - 000000115 _____ C:\ProgramData\start_conflux.bat
2024-03-20 08:53 - 2020-05-13 03:56 - 000000106 _____ C:\ProgramData\start_rvn.bat
2024-03-20 08:53 - 2020-04-20 07:33 - 000000077 _____ C:\ProgramData\driver_uninstall.bat
2024-03-20 08:53 - 2020-04-20 07:33 - 000000075 _____ C:\ProgramData\driver_install.bat
2024-03-20 08:53 - 2019-11-07 12:51 - 000000204 _____ C:\ProgramData\start_sero.bat
2024-03-20 08:53 - 2019-11-07 12:51 - 000000148 _____ C:\ProgramData\modify_tdr_delay.reg
2024-03-20 08:53 - 2019-11-07 12:51 - 000000127 _____ C:\ProgramData\start_ae.bat
2024-03-20 08:53 - 2019-11-07 12:51 - 000000107 _____ C:\ProgramData\open_web_monitor.url
2024-03-20 08:53 - 2019-11-07 12:51 - 000000022 _____ C:\ProgramData\start_config.bat
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\Users\Uživatel\AppData\Roaming\RenPy
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\Users\Uživatel\AppData\Roaming\Key
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test9
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test8
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test7
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test6
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test5
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test4
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test3
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test2
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test17
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test16
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test15
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test14
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test13
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test12
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test11
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test10
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test1
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player9
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player8
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player7
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player6
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player5
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player4
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player3
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player2
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player17
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player16
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player15
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player14
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player13
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player12
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player11
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player10
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player1
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player
2024-03-19 08:06 - 2024-03-19 08:06 - 000000000 ____D C:\Users\Uživatel\AppData\Roaming\Microsoft\CLR Security Config
2024-03-18 16:04 - 2024-03-18 16:04 - 000000000 ____D C:\Users\Uživatel\AppData\LocalLow\Endnight
2024-03-18 16:04 - 2024-03-18 16:04 - 000000000 ____D C:\Users\Public\Documents\OnlineFix
2024-03-16 17:05 - 2024-03-16 17:08 - 000000000 ____D C:\Users\Uživatel\Documents\Broken Sword 5
2024-03-16 17:05 - 2024-03-16 17:05 - 000466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2024-03-16 17:05 - 2024-03-16 17:05 - 000444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2024-03-16 17:05 - 2024-03-16 17:05 - 000122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2024-03-16 17:05 - 2024-03-16 17:05 - 000109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2024-03-16 17:05 - 2024-03-16 17:05 - 000000980 _____ C:\Users\Public\Desktop\Broken Sword 5 - the Serpent's Curse.lnk
2024-03-16 17:05 - 2024-03-16 17:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Broken Sword 5 - the Serpents Curse [GOG.com]
2024-03-16 17:05 - 2024-03-16 17:05 - 000000000 ____D C:\Program Files (x86)\OpenAL
2024-03-16 11:06 - 2024-03-16 11:06 - 000657224 _____ C:\Windows\gethelp_audiotroubleshooter_latestpackage.zip
2024-03-16 11:06 - 2024-03-16 11:06 - 000000000 ____D C:\ProgramData\WindowsPerformanceRecorder
2024-03-13 17:27 - 2024-03-13 17:28 - 000000000 ___HD C:\$WinREAgent
2024-03-08 20:21 - 2024-03-08 20:21 - 000000000 ____D C:\Users\Uživatel\AppData\Local\openvr
2024-03-08 20:07 - 2024-03-08 20:07 - 000000222 _____ C:\Users\Uživatel\Desktop\SteamVR.url
2024-03-08 20:07 - 2024-03-08 20:07 - 000000000 ____D C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2024-03-06 21:11 - 2024-03-02 17:03 - 002031360 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2024-03-06 21:11 - 2024-03-02 17:03 - 002031360 _____ C:\Windows\system32\vulkaninfo.exe
2024-03-06 21:11 - 2024-03-02 17:03 - 001578752 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-03-06 21:11 - 2024-03-02 17:03 - 001578752 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2024-03-06 21:11 - 2024-03-02 17:03 - 001487904 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2024-03-06 21:11 - 2024-03-02 17:03 - 001445120 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2024-03-06 21:11 - 2024-03-02 17:03 - 001445120 _____ C:\Windows\system32\vulkan-1.dll
2024-03-06 21:11 - 2024-03-02 17:03 - 001295104 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2024-03-06 21:11 - 2024-03-02 17:03 - 001295104 _____ C:\Windows\SysWOW64\vulkan-1.dll
2024-03-06 21:11 - 2024-03-02 17:03 - 001226760 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2024-03-06 21:11 - 2024-03-02 17:00 - 001045520 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2024-03-06 21:11 - 2024-03-02 17:00 - 000669704 _____ (NVIDIA Corporation) C:\Windows\system32\nvofapi64.dll
2024-03-06 21:11 - 2024-03-02 17:00 - 000505360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvofapi.dll
2024-03-06 21:11 - 2024-03-02 16:59 - 002173560 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2024-03-06 21:11 - 2024-03-02 16:59 - 001625736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2024-03-06 21:11 - 2024-03-02 16:59 - 001541648 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2024-03-06 21:11 - 2024-03-02 16:59 - 001199752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2024-03-06 21:11 - 2024-03-02 16:59 - 001024032 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2024-03-06 21:11 - 2024-03-02 16:59 - 000841840 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2024-03-06 21:11 - 2024-03-02 16:59 - 000786952 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2024-03-06 21:11 - 2024-03-02 16:58 - 016033824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2024-03-06 21:11 - 2024-03-02 16:58 - 012928032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2024-03-06 21:11 - 2024-03-02 16:58 - 006780960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2024-03-06 21:11 - 2024-03-02 16:58 - 005772808 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll
2024-03-06 21:11 - 2024-03-02 16:58 - 003721752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2024-03-06 21:11 - 2024-03-02 16:58 - 000459808 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2024-03-06 21:11 - 2024-03-02 16:57 - 005913096 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2024-03-06 21:11 - 2024-03-02 16:57 - 000853640 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2024-03-06 21:11 - 2024-03-02 00:04 - 000119419 _____ C:\Windows\system32\nvinfo.pb
2024-03-03 13:45 - 2024-03-03 13:45 - 000000000 ____D C:\Users\Uživatel\AppData\Local\Saber
2024-03-03 13:30 - 2024-03-03 13:30 - 000000877 _____ C:\Users\Public\Desktop\Expeditions - A MudRunner Game.lnk
2024-03-01 17:07 - 2024-03-01 17:07 - 000020023 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-03-01 17:07 - 2024-03-01 17:07 - 000020023 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2024-02-29 18:23 - 2024-02-29 18:51 - 000000000 ____D C:\Users\Uživatel\Documents\FIFA 23
2024-02-29 18:23 - 2024-02-29 18:23 - 000000000 ____D C:\Users\Uživatel\AppData\Local\anadius
2024-02-29 18:23 - 2024-02-29 18:23 - 000000000 ____D C:\ProgramData\Frostbite
2024-02-29 16:28 - 2024-02-29 16:28 - 000000000 ____D C:\Users\Uživatel\Documents\Horizon Zero Dawn
2024-02-29 16:25 - 2024-02-29 16:25 - 000000902 _____ C:\Users\Public\Desktop\Horizon Zero Dawn™ Complete Edition.lnk
2024-02-29 16:25 - 2024-02-29 16:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Horizon Zero Dawn™ Complete Edition [GOG.com]
2024-02-28 20:25 - 2024-02-28 20:25 - 000000000 ____D C:\Windows\SysWOW64\XPSViewer
2024-02-28 20:25 - 2024-02-28 20:25 - 000000000 ____D C:\Program Files\Reference Assemblies
2024-02-28 20:25 - 2024-02-28 20:25 - 000000000 ____D C:\Program Files\MSBuild
2024-02-28 20:25 - 2024-02-28 20:25 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2024-02-28 20:25 - 2024-02-28 20:25 - 000000000 ____D C:\Program Files (x86)\MSBuild
2024-02-28 17:33 - 2024-02-28 17:33 - 000000000 ____D C:\Users\Uživatel\AppData\LocalLow\Sky9 Games
2024-02-28 17:31 - 2024-02-28 17:31 - 000000631 _____ C:\Users\Public\Desktop\Strike Force Heroes.lnk
2024-02-20 19:49 - 2024-02-20 19:49 - 000000000 ____D C:\Windows\system32\Tasks\GoogleSystem

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-03-21 08:13 - 2024-02-02 20:13 - 000000000 ____D C:\Program Files (x86)\Steam
2024-03-21 08:13 - 2024-02-02 19:48 - 000000000 ____D C:\Users\Uživatel\AppData\Roaming\utorrent
2024-03-21 08:02 - 2024-02-07 17:40 - 000000000 ____D C:\Users\Uživatel\Desktop\dokumenty
2024-03-21 07:58 - 2024-02-06 19:01 - 000000000 ____D C:\Users\Uživatel\AppData\Roaming\discord
2024-03-21 07:58 - 2024-02-06 19:01 - 000000000 ____D C:\Users\Uživatel\AppData\Local\Discord
2024-03-21 07:58 - 2024-02-02 19:50 - 000000000 ____D C:\Users\Uživatel\AppData\Local\BitTorrentHelper
2024-03-21 07:58 - 2024-01-31 09:40 - 000000000 ____D C:\ProgramData\NVIDIA
2024-03-21 07:58 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-03-21 07:13 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SystemTemp
2024-03-20 17:37 - 2024-01-31 09:41 - 001718036 _____ C:\Windows\system32\PerfStringBackup.INI
2024-03-20 17:37 - 2022-05-07 06:22 - 000000000 ____D C:\Windows\INF
2024-03-20 16:07 - 2024-01-31 11:42 - 000000000 ____D C:\Users\Uživatel
2024-03-20 15:51 - 2024-01-30 16:58 - 000012288 ___SH C:\DumpStack.log.tmp
2024-03-20 15:51 - 2024-01-30 16:58 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-03-20 15:51 - 2022-05-07 06:17 - 000786432 _____ C:\Windows\system32\config\BBI
2024-03-20 15:01 - 2024-02-17 07:40 - 000003445 _____ C:\Windows\system32\Drivers\etc\hosts.rollback
2024-03-20 15:01 - 2024-02-05 17:16 - 000000000 ____D C:\Windows\SysWOW64\directx
2024-03-20 11:13 - 2024-01-31 14:40 - 000000000 ____D C:\Users\Uživatel\AppData\Local\CrashDumps
2024-03-20 11:13 - 2024-01-31 11:44 - 000000000 ____D C:\Users\Uživatel\AppData\Local\D3DSCache
2024-03-20 10:33 - 2024-01-30 16:58 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-03-20 10:22 - 2024-02-02 21:46 - 000000000 ____D C:\Users\Uživatel\AppData\Roaming\Lavasoft
2024-03-20 10:22 - 2024-02-02 21:46 - 000000000 ____D C:\Users\Uživatel\AppData\Local\Lavasoft
2024-03-20 10:22 - 2024-02-02 21:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2024-03-20 10:22 - 2024-02-02 21:45 - 000000000 ____D C:\ProgramData\Lavasoft
2024-03-20 10:22 - 2024-02-02 21:45 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2024-03-20 10:21 - 2022-05-07 06:24 - 000000000 ___HD C:\Windows\ELAMBKUP
2024-03-20 10:02 - 2024-02-02 21:47 - 000000000 ____D C:\ProgramData\Avast Software
2024-03-20 08:49 - 2024-01-31 11:42 - 000000000 ____D C:\Users\Uživatel\AppData\Local\Packages
2024-03-20 08:49 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-03-20 08:49 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\AppReadiness
2024-03-20 06:16 - 2024-02-06 19:01 - 000002242 _____ C:\Users\Uživatel\Desktop\Discord.lnk
2024-03-20 06:16 - 2024-02-03 00:09 - 000000000 ____D C:\Fraps
2024-03-17 10:44 - 2024-02-12 21:31 - 000000000 ____D C:\Users\Uživatel\AppData\Local\ForzaHorizon5
2024-03-16 17:28 - 2024-01-30 16:58 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-03-15 19:59 - 2024-01-31 11:42 - 000002386 _____ C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-03-15 18:32 - 2024-01-31 13:33 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-03-13 18:02 - 2024-01-31 09:47 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2024-03-13 18:02 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\Dism
2024-03-13 18:02 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SystemResources
2024-03-13 18:02 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\bcastdvr
2024-03-13 18:02 - 2022-05-07 06:17 - 000000000 ____D C:\Windows\servicing
2024-03-13 17:44 - 2024-01-30 16:59 - 000000000 ____D C:\ProgramData\Packages
2024-03-13 17:43 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-03-13 17:31 - 2024-01-31 13:02 - 000000000 ____D C:\Windows\system32\MRT
2024-03-13 17:30 - 2024-01-31 13:02 - 190470136 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-03-13 17:30 - 2022-05-07 06:17 - 000000000 ____D C:\Windows\CbsTemp
2024-03-13 17:29 - 2024-01-31 09:33 - 003213824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-03-13 16:46 - 2024-01-30 16:58 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-03-03 13:45 - 2024-02-16 08:37 - 000000000 ____D C:\Users\Uživatel\Documents\My Games
2024-03-02 16:56 - 2024-01-31 14:05 - 006031080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2024-03-02 16:56 - 2024-01-31 09:40 - 006943440 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2024-03-02 05:16 - 2024-01-30 16:58 - 000445848 _____ C:\Windows\system32\FNTCACHE.DAT
2024-03-02 05:15 - 2022-05-07 06:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-03-02 05:15 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\oobe
2024-03-02 05:15 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\appraiser
2024-03-02 05:15 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ShellExperiences
2024-03-02 05:15 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ShellComponents
2024-02-28 20:25 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\MUI
2024-02-28 20:25 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\MUI
2024-02-26 17:21 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\LiveKernelReports
2024-02-25 12:58 - 2024-02-03 13:19 - 000000000 ____D C:\Users\Uživatel\AppData\Roaming\Trine5
2024-02-20 19:49 - 2024-01-31 13:32 - 000000000 ____D C:\Program Files (x86)\Google

==================== Files in the root of some directories ========

2024-03-20 08:53 - 2024-03-20 08:53 - 000498784 _____ (Adersoft) C:\ProgramData\certlm.exe
2024-03-20 08:53 - 2020-04-20 07:33 - 000000075 _____ () C:\ProgramData\driver_install.bat
2024-03-20 08:53 - 2020-04-20 07:33 - 000000077 _____ () C:\ProgramData\driver_uninstall.bat
2024-03-20 08:53 - 2019-11-07 12:51 - 000000148 _____ () C:\ProgramData\modify_tdr_delay.reg
2024-03-20 08:53 - 2021-08-23 01:34 - 000000122 _____ () C:\ProgramData\S.bat
2024-03-20 08:53 - 2019-11-07 12:51 - 000000127 _____ () C:\ProgramData\start_ae.bat
2024-03-20 08:53 - 2020-11-26 16:16 - 000000142 _____ () C:\ProgramData\start_beam.bat
2024-03-20 08:53 - 2019-11-07 12:51 - 000000022 _____ () C:\ProgramData\start_config.bat
2024-03-20 08:53 - 2020-11-26 16:16 - 000000115 _____ () C:\ProgramData\start_conflux.bat
2024-03-20 08:53 - 2021-06-11 15:12 - 000000129 _____ () C:\ProgramData\start_ergo.bat
2024-03-20 08:53 - 2021-06-11 15:12 - 000000120 _____ () C:\ProgramData\start_etc.bat
2024-03-20 08:53 - 2020-11-26 16:16 - 000000116 _____ () C:\ProgramData\start_eth.bat
2024-03-20 08:53 - 2020-05-13 03:56 - 000000106 _____ () C:\ProgramData\start_rvn.bat
2024-03-20 08:53 - 2019-11-07 12:51 - 000000204 _____ () C:\ProgramData\start_sero.bat
2024-02-16 11:39 - 2024-02-16 11:39 - 000000218 _____ () C:\Users\Uživatel\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

#6 Příspěvek od **Rudy** » 21 bře 2024 09:48

Log po senu jsem už viděl, teď je třeba mazat. Zkuste FRST FIX spustit v nouz. režimu.

ebola · #7 Příspěvek od **ebola** » 21 bře 2024 10:18

puštěno v nouzovém režimu....fix nejde

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19.03.2024
Ran by Uživatel (administrator) on DESKTOP-PC (Gigabyte Technology Co., Ltd. B760 DS3H AX) (21-03-2024 10:08:29)
Running from C:\Users\Uživatel\Desktop\FRST64.exe
Loaded Profiles: Uživatel
Platform: Microsoft Windows 11 Home Version 23H2 22631.3296 (X64) Language: Čeština (Česko)
Default browser not detected!
Boot Mode: Safe Mode (minimal)

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <5>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_b55ed36a9a78cc75\RtkAudUService64.exe [3495808 2022-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Gigabyte Speed] => C:\Program Files\cFosSpeed\cFosSpeed.exe [1647880 2021-06-15] (cFos Software GmbH -> cFos Software GmbH)
HKLM\...\RunOnce: [RPMKickstart] => C:\Program Files\GIGABYTE\Smart Backup\RPMKickstartEx.exe [2320384 2014-04-01] (TODO: <Company name>) [File not signed]
HKU\S-1-5-21-2881046685-694218226-4097810256-1002\...\Run: [MicrosoftEdgeAutoLaunch_83C387DA30640047C508B0EE92F9D83E] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4060712 2024-03-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2881046685-694218226-4097810256-1002\...\Run: [ut] => C:\Users\Uživatel\AppData\Roaming\utorrent\uTorrent.exe [2071560 2024-02-19] (BitTorrent Inc -> BitTorrent Limited)
HKU\S-1-5-21-2881046685-694218226-4097810256-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4384104 2024-03-06] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2881046685-694218226-4097810256-1002\...\Run: [Discord] => C:\Users\Uživatel\AppData\Local\Discord\Update.exe [1525016 2023-07-06] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2881046685-694218226-4097810256-1002\...\Run: [DQCIKCDACO] => C:\ProgramData\certlm.exe [498784 2024-03-20] (Adersoft -> Adersoft) <==== ATTENTION
HKU\S-1-5-21-2881046685-694218226-4097810256-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [61440 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\122.0.6261.129\Installer\chrmstp.exe [2024-03-15] (Google LLC -> Google LLC)
Startup: C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\certlm.exe [2024-03-20] (Adersoft -> Adersoft)
Startup: C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Vesmír na dlani.lnk [2024-02-13]
ShortcutTarget: Vesmír na dlani.lnk -> C:\Program Files (x86)\Noční obloha\vesmir.exe (Tošovský Jan) [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {C8F45409-ED7F-4B02-BCB7-A9196C1588FE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1561F180-44F3-4D31-B7A0-0B44193A6889} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {023BD764-0625-4A98-855D-95DBE15C3EE0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5E68D613-EBC4-41CA-BF27-D4EDEB3945B8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{581537f7-1fc5-4505-8cfe-3b8a8c15c908}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{581537f7-1fc5-4505-8cfe-3b8a8c15c908}: [DhcpDomain] local.tld
Tcpip\..\Interfaces\{8eed2691-82f0-4ef7-833f-406d835710d0}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8eed2691-82f0-4ef7-833f-406d835710d0}: [DhcpDomain] local.tld

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Uživatel\AppData\Local\Microsoft\Edge\User Data\Default [2024-03-21]
Edge Notifications: Default -> hxxps://www.facebook.com
Edge HomePage: Default -> hxxps://?
Edge Extension: (Dokumenty Google offline) - C:\Users\Uživatel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-01]
Edge Extension: (Edge relevant text changes) - C:\Users\Uživatel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-31]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]

Chrome:
=======
CHR Profile: C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default [2024-03-20]
CHR HomePage: Default -> hxxps://?
CHR StartupUrls: Default -> "hxxps://?"
CHR DefaultSearchURL: Default -> hxxps://simplesearch.co?q={searchTerms}&pId=JD180501&iDate=2024-02-02 08:46:42&bitmask=9998&searchsource=58&sp=12
CHR DefaultSearchKeyword: Default -> default bing
CHR DefaultSuggestURL: Default -> hxxp://api.bing.com/osjson.aspx?query={searchTerms}
CHR Extension: (Dokumenty Google offline) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-31]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-03-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-01-31]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

Opera:
=======
OPR DefaultProfile: Default

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [602376 2021-06-15] (cFos Software GmbH -> cFos Software GmbH)
S2 EasyTuneEngineService; C:\Program Files (x86)\Gigabyte\EasyTuneEngineService\EasyTuneEngineService.exe [150640 2023-11-06] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S2 GBTECService; C:\Program Files (x86)\Gigabyte\GBTECService\OLEDDisplayService.exe [19568 2023-12-07] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S2 GoogleUpdaterInternalService124.0.6359.0; C:\Program Files (x86)\Google\GoogleUpdater\124.0.6359.0\updater.exe [4749088 2024-03-15] (Google LLC -> Google LLC)
S2 GoogleUpdaterService124.0.6359.0; C:\Program Files (x86)\Google\GoogleUpdater\124.0.6359.0\updater.exe [4749088 2024-03-15] (Google LLC -> Google LLC)
S2 Intel(R) Platform License Manager Service; C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_4911ed214bf8cf23\lib\PlatformLicenseManagerService.exe [740960 2023-06-22] (Intel Corporation -> Intel(R) Corporation)
S2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_92b25561841a09dd\Display.NvContainer\NVDisplay.Container.exe [1275000 2024-03-02] (NVIDIA Corporation -> NVIDIA Corporation)
S2 OCButtonService; C:\Program Files (x86)\Gigabyte\EasyTuneEngineService\OcButtonService.exe [131184 2023-12-06] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\NisSrv.exe [3191272 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe [133688 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 DCIService; C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe [X] <==== ATTENTION
S3 LibreOfficeMaintenance; "C:\Program Files\LibreOffice\program\update_service.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 BdDci; C:\Windows\system32\DRIVERS\bddci.sys [800672 2024-02-02] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
S1 cFosSpeed; C:\Windows\system32\DRIVERS\cfosspeed6.sys [1694504 2021-06-15] (cFos Software GmbH -> cFos Software GmbH)
S1 CTIIO; C:\Windows\system32\drivers\CtiIo64.sys [34512 2024-01-31] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
S3 gdrv3; C:\Windows\system32\drivers\gdrv3.sys [51520 2024-01-31] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R3 iaLPSS2_GPIO2_ADL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_302e75596cffa74a\iaLPSS2_GPIO2_ADL.sys [150616 2022-10-18] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_ADL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_i2c_adl.inf_amd64_e736c048ca307ed2\iaLPSS2_I2C_ADL.sys [220224 2022-10-18] (Intel Corporation -> Intel Corporation)
S3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2024-01-18] (Nvidia Corporation -> NVIDIA Corporation)
S3 rt68cx21; C:\Windows\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_fbf50634f3ddb33d\rt68cx21x64.sys [779728 2023-12-05] (Realtek Semiconductor Corp. -> Realtek)
S3 rtcx21; C:\Windows\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
R0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [20928 2024-03-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [603416 2024-03-13] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105752 2024-03-13] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-03-21 10:06 - 2024-03-21 10:06 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2024-03-21 10:01 - 2024-03-21 10:06 - 001082182 _____ C:\Windows\ntbtlog.txt
2024-03-21 08:14 - 2024-03-21 10:08 - 000012489 _____ C:\Users\Uživatel\Desktop\FRST.txt
2024-03-21 08:14 - 2024-03-21 10:07 - 000040900 _____ C:\Users\Uživatel\Desktop\Addition.txt
2024-03-21 08:11 - 2024-03-21 08:11 - 000002242 _____ C:\Users\Uživatel\Desktop\fixlist.txt..txt
2024-03-20 17:37 - 2024-03-20 17:37 - 000725758 _____ C:\Windows\system32\perfh005.dat
2024-03-20 17:37 - 2024-03-20 17:37 - 000151026 _____ C:\Windows\system32\perfc005.dat
2024-03-20 15:46 - 2024-03-20 15:46 - 008790880 _____ (Malwarebytes) C:\Users\Uživatel\Downloads\adwcleaner(2).exe
2024-03-20 15:01 - 2024-03-20 15:01 - 000000000 ____D C:\Users\Uživatel\AppData\LocalLow\Petoons Studio
2024-03-20 10:27 - 2024-03-21 10:08 - 000000000 ____D C:\FRST
2024-03-20 10:26 - 2024-03-20 10:27 - 002390528 _____ (Farbar) C:\Users\Uživatel\Desktop\FRST64.exe
2024-03-20 10:21 - 2024-03-20 10:22 - 000000000 ____D C:\AdwCleaner
2024-03-20 09:30 - 2024-03-20 09:30 - 000888600 _____ (Google LLC) C:\Users\Public\Documents\gcapi.dll
2024-03-20 09:22 - 2024-03-20 10:02 - 000001623 _____ C:\Windows\system32\config\VSMIDK
2024-03-20 09:21 - 2024-03-20 09:21 - 000003716 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{E58FF010-1160-4E42-9360-57A5AB343DFE}
2024-03-20 09:21 - 2024-03-20 09:21 - 000003592 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{3C69F2DF-9869-4CA3-BA58-65EB50FB2BF9}
2024-03-20 08:53 - 2024-03-20 08:53 - 000498784 _____ (Adersoft) C:\ProgramData\certlm.exe
2024-03-20 08:53 - 2021-08-23 01:34 - 000000122 _____ C:\ProgramData\S.bat
2024-03-20 08:53 - 2021-08-20 16:28 - 000033271 _____ C:\ProgramData\readme.md
2024-03-20 08:53 - 2021-08-20 16:20 - 000030588 _____ C:\ProgramData\readme_zh.md
2024-03-20 08:53 - 2021-08-20 13:37 - 000000078 _____ C:\ProgramData\nbminer.exe.sha256
2024-03-20 08:53 - 2021-06-11 15:12 - 000000129 _____ C:\ProgramData\start_ergo.bat
2024-03-20 08:53 - 2021-06-11 15:12 - 000000120 _____ C:\ProgramData\start_etc.bat
2024-03-20 08:53 - 2020-11-26 16:16 - 000000142 _____ C:\ProgramData\start_beam.bat
2024-03-20 08:53 - 2020-11-26 16:16 - 000000116 _____ C:\ProgramData\start_eth.bat
2024-03-20 08:53 - 2020-11-26 16:16 - 000000115 _____ C:\ProgramData\start_conflux.bat
2024-03-20 08:53 - 2020-05-13 03:56 - 000000106 _____ C:\ProgramData\start_rvn.bat
2024-03-20 08:53 - 2020-04-20 07:33 - 000000077 _____ C:\ProgramData\driver_uninstall.bat
2024-03-20 08:53 - 2020-04-20 07:33 - 000000075 _____ C:\ProgramData\driver_install.bat
2024-03-20 08:53 - 2019-11-07 12:51 - 000000204 _____ C:\ProgramData\start_sero.bat
2024-03-20 08:53 - 2019-11-07 12:51 - 000000148 _____ C:\ProgramData\modify_tdr_delay.reg
2024-03-20 08:53 - 2019-11-07 12:51 - 000000127 _____ C:\ProgramData\start_ae.bat
2024-03-20 08:53 - 2019-11-07 12:51 - 000000107 _____ C:\ProgramData\open_web_monitor.url
2024-03-20 08:53 - 2019-11-07 12:51 - 000000022 _____ C:\ProgramData\start_config.bat
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\Users\Uživatel\AppData\Roaming\RenPy
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\Users\Uživatel\AppData\Roaming\Key
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test9
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test8
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test7
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test6
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test5
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test4
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test3
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test2
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test17
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test16
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test15
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test14
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test13
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test12
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test11
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test10
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\Test1
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player9
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player8
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player7
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player6
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player5
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player4
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player3
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player2
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player17
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player16
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player15
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player14
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player13
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player12
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player11
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player10
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player1
2024-03-20 08:52 - 2024-03-20 08:52 - 000000000 ____D C:\ProgramData\player
2024-03-19 08:06 - 2024-03-19 08:06 - 000000000 ____D C:\Users\Uživatel\AppData\Roaming\Microsoft\CLR Security Config
2024-03-18 16:04 - 2024-03-18 16:04 - 000000000 ____D C:\Users\Uživatel\AppData\LocalLow\Endnight
2024-03-18 16:04 - 2024-03-18 16:04 - 000000000 ____D C:\Users\Public\Documents\OnlineFix
2024-03-16 17:05 - 2024-03-16 17:08 - 000000000 ____D C:\Users\Uživatel\Documents\Broken Sword 5
2024-03-16 17:05 - 2024-03-16 17:05 - 000466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2024-03-16 17:05 - 2024-03-16 17:05 - 000444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2024-03-16 17:05 - 2024-03-16 17:05 - 000122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2024-03-16 17:05 - 2024-03-16 17:05 - 000109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2024-03-16 17:05 - 2024-03-16 17:05 - 000000980 _____ C:\Users\Public\Desktop\Broken Sword 5 - the Serpent's Curse.lnk
2024-03-16 17:05 - 2024-03-16 17:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Broken Sword 5 - the Serpents Curse [GOG.com]
2024-03-16 17:05 - 2024-03-16 17:05 - 000000000 ____D C:\Program Files (x86)\OpenAL
2024-03-16 11:06 - 2024-03-16 11:06 - 000657224 _____ C:\Windows\gethelp_audiotroubleshooter_latestpackage.zip
2024-03-16 11:06 - 2024-03-16 11:06 - 000000000 ____D C:\ProgramData\WindowsPerformanceRecorder
2024-03-13 17:27 - 2024-03-13 17:28 - 000000000 ___HD C:\$WinREAgent
2024-03-08 20:21 - 2024-03-08 20:21 - 000000000 ____D C:\Users\Uživatel\AppData\Local\openvr
2024-03-08 20:07 - 2024-03-08 20:07 - 000000222 _____ C:\Users\Uživatel\Desktop\SteamVR.url
2024-03-08 20:07 - 2024-03-08 20:07 - 000000000 ____D C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2024-03-06 21:11 - 2024-03-02 17:03 - 002031360 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2024-03-06 21:11 - 2024-03-02 17:03 - 002031360 _____ C:\Windows\system32\vulkaninfo.exe
2024-03-06 21:11 - 2024-03-02 17:03 - 001578752 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-03-06 21:11 - 2024-03-02 17:03 - 001578752 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2024-03-06 21:11 - 2024-03-02 17:03 - 001487904 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2024-03-06 21:11 - 2024-03-02 17:03 - 001445120 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2024-03-06 21:11 - 2024-03-02 17:03 - 001445120 _____ C:\Windows\system32\vulkan-1.dll
2024-03-06 21:11 - 2024-03-02 17:03 - 001295104 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2024-03-06 21:11 - 2024-03-02 17:03 - 001295104 _____ C:\Windows\SysWOW64\vulkan-1.dll
2024-03-06 21:11 - 2024-03-02 17:03 - 001226760 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2024-03-06 21:11 - 2024-03-02 17:00 - 001045520 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2024-03-06 21:11 - 2024-03-02 17:00 - 000669704 _____ (NVIDIA Corporation) C:\Windows\system32\nvofapi64.dll
2024-03-06 21:11 - 2024-03-02 17:00 - 000505360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvofapi.dll
2024-03-06 21:11 - 2024-03-02 16:59 - 002173560 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2024-03-06 21:11 - 2024-03-02 16:59 - 001625736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2024-03-06 21:11 - 2024-03-02 16:59 - 001541648 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2024-03-06 21:11 - 2024-03-02 16:59 - 001199752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2024-03-06 21:11 - 2024-03-02 16:59 - 001024032 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2024-03-06 21:11 - 2024-03-02 16:59 - 000841840 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2024-03-06 21:11 - 2024-03-02 16:59 - 000786952 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2024-03-06 21:11 - 2024-03-02 16:58 - 016033824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2024-03-06 21:11 - 2024-03-02 16:58 - 012928032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2024-03-06 21:11 - 2024-03-02 16:58 - 006780960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2024-03-06 21:11 - 2024-03-02 16:58 - 005772808 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll
2024-03-06 21:11 - 2024-03-02 16:58 - 003721752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2024-03-06 21:11 - 2024-03-02 16:58 - 000459808 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2024-03-06 21:11 - 2024-03-02 16:57 - 005913096 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2024-03-06 21:11 - 2024-03-02 16:57 - 000853640 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2024-03-06 21:11 - 2024-03-02 00:04 - 000119419 _____ C:\Windows\system32\nvinfo.pb
2024-03-03 13:45 - 2024-03-03 13:45 - 000000000 ____D C:\Users\Uživatel\AppData\Local\Saber
2024-03-03 13:30 - 2024-03-03 13:30 - 000000877 _____ C:\Users\Public\Desktop\Expeditions - A MudRunner Game.lnk
2024-03-01 17:07 - 2024-03-01 17:07 - 000020023 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-03-01 17:07 - 2024-03-01 17:07 - 000020023 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2024-02-29 18:23 - 2024-02-29 18:51 - 000000000 ____D C:\Users\Uživatel\Documents\FIFA 23
2024-02-29 18:23 - 2024-02-29 18:23 - 000000000 ____D C:\Users\Uživatel\AppData\Local\anadius
2024-02-29 18:23 - 2024-02-29 18:23 - 000000000 ____D C:\ProgramData\Frostbite
2024-02-29 16:28 - 2024-02-29 16:28 - 000000000 ____D C:\Users\Uživatel\Documents\Horizon Zero Dawn
2024-02-29 16:25 - 2024-02-29 16:25 - 000000902 _____ C:\Users\Public\Desktop\Horizon Zero Dawn™ Complete Edition.lnk
2024-02-29 16:25 - 2024-02-29 16:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Horizon Zero Dawn™ Complete Edition [GOG.com]
2024-02-28 20:25 - 2024-02-28 20:25 - 000000000 ____D C:\Windows\SysWOW64\XPSViewer
2024-02-28 20:25 - 2024-02-28 20:25 - 000000000 ____D C:\Program Files\Reference Assemblies
2024-02-28 20:25 - 2024-02-28 20:25 - 000000000 ____D C:\Program Files\MSBuild
2024-02-28 20:25 - 2024-02-28 20:25 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2024-02-28 20:25 - 2024-02-28 20:25 - 000000000 ____D C:\Program Files (x86)\MSBuild
2024-02-28 17:33 - 2024-02-28 17:33 - 000000000 ____D C:\Users\Uživatel\AppData\LocalLow\Sky9 Games
2024-02-28 17:31 - 2024-02-28 17:31 - 000000631 _____ C:\Users\Public\Desktop\Strike Force Heroes.lnk
2024-02-20 19:49 - 2024-02-20 19:49 - 000000000 ____D C:\Windows\system32\Tasks\GoogleSystem

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-03-21 10:06 - 2024-01-30 16:58 - 000012288 ___SH C:\DumpStack.log.tmp
2024-03-21 10:06 - 2024-01-30 16:58 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-03-21 10:04 - 2024-02-06 19:01 - 000000000 ____D C:\Users\Uživatel\AppData\Roaming\discord
2024-03-21 10:04 - 2024-02-06 19:01 - 000000000 ____D C:\Users\Uživatel\AppData\Local\Discord
2024-03-21 10:04 - 2024-02-02 20:13 - 000000000 ____D C:\Program Files (x86)\Steam
2024-03-21 10:04 - 2024-02-02 19:50 - 000000000 ____D C:\Users\Uživatel\AppData\Local\BitTorrentHelper
2024-03-21 10:04 - 2024-02-02 19:48 - 000000000 ____D C:\Users\Uživatel\AppData\Roaming\utorrent
2024-03-21 10:04 - 2024-01-31 09:40 - 000000000 ____D C:\ProgramData\NVIDIA
2024-03-21 10:04 - 2024-01-30 16:58 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-03-21 10:04 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-03-21 10:04 - 2022-05-07 06:17 - 000786432 _____ C:\Windows\system32\config\BBI
2024-03-21 10:03 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SystemTemp
2024-03-21 08:02 - 2024-02-07 17:40 - 000000000 ____D C:\Users\Uživatel\Desktop\dokumenty
2024-03-20 17:37 - 2024-01-31 09:41 - 001718036 _____ C:\Windows\system32\PerfStringBackup.INI
2024-03-20 17:37 - 2022-05-07 06:22 - 000000000 ____D C:\Windows\INF
2024-03-20 16:07 - 2024-01-31 11:42 - 000000000 ____D C:\Users\Uživatel
2024-03-20 15:01 - 2024-02-17 07:40 - 000003445 _____ C:\Windows\system32\Drivers\etc\hosts.rollback
2024-03-20 15:01 - 2024-02-05 17:16 - 000000000 ____D C:\Windows\SysWOW64\directx
2024-03-20 11:13 - 2024-01-31 14:40 - 000000000 ____D C:\Users\Uživatel\AppData\Local\CrashDumps
2024-03-20 11:13 - 2024-01-31 11:44 - 000000000 ____D C:\Users\Uživatel\AppData\Local\D3DSCache
2024-03-20 10:22 - 2024-02-02 21:46 - 000000000 ____D C:\Users\Uživatel\AppData\Roaming\Lavasoft
2024-03-20 10:22 - 2024-02-02 21:46 - 000000000 ____D C:\Users\Uživatel\AppData\Local\Lavasoft
2024-03-20 10:22 - 2024-02-02 21:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2024-03-20 10:22 - 2024-02-02 21:45 - 000000000 ____D C:\ProgramData\Lavasoft
2024-03-20 10:22 - 2024-02-02 21:45 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2024-03-20 10:21 - 2022-05-07 06:24 - 000000000 ___HD C:\Windows\ELAMBKUP
2024-03-20 10:02 - 2024-02-02 21:47 - 000000000 ____D C:\ProgramData\Avast Software
2024-03-20 08:49 - 2024-01-31 11:42 - 000000000 ____D C:\Users\Uživatel\AppData\Local\Packages
2024-03-20 08:49 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-03-20 08:49 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\AppReadiness
2024-03-20 06:16 - 2024-02-06 19:01 - 000002242 _____ C:\Users\Uživatel\Desktop\Discord.lnk
2024-03-20 06:16 - 2024-02-03 00:09 - 000000000 ____D C:\Fraps
2024-03-17 10:44 - 2024-02-12 21:31 - 000000000 ____D C:\Users\Uživatel\AppData\Local\ForzaHorizon5
2024-03-16 17:28 - 2024-01-30 16:58 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-03-15 19:59 - 2024-01-31 11:42 - 000002386 _____ C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-03-15 18:32 - 2024-01-31 13:33 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-03-13 18:02 - 2024-01-31 09:47 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2024-03-13 18:02 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\Dism
2024-03-13 18:02 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SystemResources
2024-03-13 18:02 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\bcastdvr
2024-03-13 18:02 - 2022-05-07 06:17 - 000000000 ____D C:\Windows\servicing
2024-03-13 17:44 - 2024-01-30 16:59 - 000000000 ____D C:\ProgramData\Packages
2024-03-13 17:43 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-03-13 17:31 - 2024-01-31 13:02 - 000000000 ____D C:\Windows\system32\MRT
2024-03-13 17:30 - 2024-01-31 13:02 - 190470136 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-03-13 17:30 - 2022-05-07 06:17 - 000000000 ____D C:\Windows\CbsTemp
2024-03-13 17:29 - 2024-01-31 09:33 - 003213824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-03-13 16:46 - 2024-01-30 16:58 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-03-03 13:45 - 2024-02-16 08:37 - 000000000 ____D C:\Users\Uživatel\Documents\My Games
2024-03-02 16:56 - 2024-01-31 14:05 - 006031080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2024-03-02 16:56 - 2024-01-31 09:40 - 006943440 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2024-03-02 05:16 - 2024-01-30 16:58 - 000445848 _____ C:\Windows\system32\FNTCACHE.DAT
2024-03-02 05:15 - 2022-05-07 06:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-03-02 05:15 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\oobe
2024-03-02 05:15 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\appraiser
2024-03-02 05:15 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ShellExperiences
2024-03-02 05:15 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ShellComponents
2024-02-28 20:25 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\MUI
2024-02-28 20:25 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\MUI
2024-02-26 17:21 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\LiveKernelReports
2024-02-25 12:58 - 2024-02-03 13:19 - 000000000 ____D C:\Users\Uživatel\AppData\Roaming\Trine5
2024-02-20 19:49 - 2024-01-31 13:32 - 000000000 ____D C:\Program Files (x86)\Google

==================== Files in the root of some directories ========

2024-03-20 08:53 - 2024-03-20 08:53 - 000498784 _____ (Adersoft) C:\ProgramData\certlm.exe
2024-03-20 08:53 - 2020-04-20 07:33 - 000000075 _____ () C:\ProgramData\driver_install.bat
2024-03-20 08:53 - 2020-04-20 07:33 - 000000077 _____ () C:\ProgramData\driver_uninstall.bat
2024-03-20 08:53 - 2019-11-07 12:51 - 000000148 _____ () C:\ProgramData\modify_tdr_delay.reg
2024-03-20 08:53 - 2021-08-23 01:34 - 000000122 _____ () C:\ProgramData\S.bat
2024-03-20 08:53 - 2019-11-07 12:51 - 000000127 _____ () C:\ProgramData\start_ae.bat
2024-03-20 08:53 - 2020-11-26 16:16 - 000000142 _____ () C:\ProgramData\start_beam.bat
2024-03-20 08:53 - 2019-11-07 12:51 - 000000022 _____ () C:\ProgramData\start_config.bat
2024-03-20 08:53 - 2020-11-26 16:16 - 000000115 _____ () C:\ProgramData\start_conflux.bat
2024-03-20 08:53 - 2021-06-11 15:12 - 000000129 _____ () C:\ProgramData\start_ergo.bat
2024-03-20 08:53 - 2021-06-11 15:12 - 000000120 _____ () C:\ProgramData\start_etc.bat
2024-03-20 08:53 - 2020-11-26 16:16 - 000000116 _____ () C:\ProgramData\start_eth.bat
2024-03-20 08:53 - 2020-05-13 03:56 - 000000106 _____ () C:\ProgramData\start_rvn.bat
2024-03-20 08:53 - 2019-11-07 12:51 - 000000204 _____ () C:\ProgramData\start_sero.bat
2024-02-16 11:39 - 2024-02-16 11:39 - 000000218 _____ () C:\Users\Uživatel\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

#8 Příspěvek od **Rudy** » 21 bře 2024 13:56

To je mi líto. Bude asi něco se systémem. Do přík. řádku napište:

sfc /scannow

a odentrujte. Proběhne sken a příp. oprava systémových souborů. Poté znovu zkuste ten fix.

ebola · #9 Příspěvek od **ebola** » 22 bře 2024 13:08

sfc /scannow jsem udělal,pak restart.znovu FRST , fix nejde
po zapnutí PC vyskakují tyhle tabulky ..

error 2 - Systém nemůže nalézt uvedený soubor
c:\ProgramData\certim.exe.manifest
a druhé okno

error 2 -Systém nemůže nalézt uvedený soubor

c:\USER\UŽIVATEL\AppData\Roaming\Microsofft\Windows\Start
Menu\Programs\Startup\certim.exe.manifest

#10 Příspěvek od **Rudy** » 22 bře 2024 14:00

Bude třeba provést obnovu systému k datu, kdy korketně fungoval. V PC byl certim.exe (certifikace), coby malware, který nahradil ten správný. Zkusíme nejprve toto a pak se uvidí.

ebola · #11 Příspěvek od **ebola** » 22 bře 2024 15:08

..po obnově systému oknu už nevyskakují-díky za pomoc

#12 Příspěvek od **Rudy** » 22 bře 2024 16:00

Rádo se stalo!

VIRY.CZ

prosím o kontrolu -po zapnutí PC jel větráček při nulové činnosti naplno

prosím o kontrolu -po zapnutí PC jel větráček při nulové činnosti naplno

Re: prosím o kontrolu -po zapnutí PC jel větráček při nulové činnosti naplno

Re: prosím o kontrolu -po zapnutí PC jel větráček při nulové činnosti naplno

Re: prosím o kontrolu -po zapnutí PC jel větráček při nulové činnosti naplno

Re: prosím o kontrolu -po zapnutí PC jel větráček při nulové činnosti naplno

Re: prosím o kontrolu -po zapnutí PC jel větráček při nulové činnosti naplno

Re: prosím o kontrolu -po zapnutí PC jel větráček při nulové činnosti naplno

Re: prosím o kontrolu -po zapnutí PC jel větráček při nulové činnosti naplno

Re: prosím o kontrolu -po zapnutí PC jel větráček při nulové činnosti naplno

Re: prosím o kontrolu -po zapnutí PC jel větráček při nulové činnosti naplno

Re: prosím o kontrolu -po zapnutí PC jel větráček při nulové činnosti naplno

Re: prosím o kontrolu -po zapnutí PC jel větráček při nulové činnosti naplno