VIRY.CZ

Dobrý den, v událostech jsem našel, že proběhl tento skript viz odkaz níže. Jestli tomu správně rozumím tak došlo k prekonfigurovani síťových služeb a jejich umožnění kontroly že vzdáleného přístupu.

https://github.com/cooperdustin12/pspro ... ctions.ps1

V událostech jsem objevil ještě 6-7 dalších probehnutyvh rozsáhlých skriptů.
Prosím o pomoc
Děkuji

Pozeral som tie scripty.

Preskenujte pocitac s FRST - navod tu: https://forum.viry.cz/viewtopic.php?f=24&t=132509, skopirujte FRST.log + Addition log sem.

/Dobrý den,
omlouvám se, ale mezi svátky jsem tu nebyl a včera jsem omylem odklikl "reklamu na Zoner" a přitom dle odkazu jde o warez. Takže potřebuji udělat kontrolu. Nebudu zakládat nové vlákno a budu pokračovat zde, ano?
Ten odkaz jsem párkrát nechal projet Hybridní analýzou, nejsem odborník, takže neumím/nevím jak se dál "ptát" na ty jednotlívá vlákna atd. Ale i z té základní análýzy vyplynulo skore 94/100 viz https://www.hybrid-analysis.com/sample/ ... cd24adec3d

Samotný toxický odkaz zde:
https://iueuue.xyz/?s=160&q=Zoner%2BPho ... I4ZDg2NCJd

V dalším příspěvku posílám FRST logy.

FRST:
Vidím tam, že včera se do Chrome přidaly nějaké doplňky, ale ve správci v chromu nic nevidím Dale nějaké torrenty, což nepoužívám.
Zarazil mne CloudIdWxhExtension.dll - a na Bleepingcomputer jsem našel, že se často vyskytuje v souvislosti s problémy, které začínám pozorovat https://www.bleepingcomputer.com/forums ... workgroup/

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-12-2021
Ran by Administrator (administrator) on ASUSNTB (ASUSTeK COMPUTER INC. VivoBook_ASUSLaptop X571GD_X571GD) (08-01-2022 10:41:56)
Running from C:\Users\Leech\Desktop
Loaded Profiles: Leech & Administrator
Platform: Microsoft Windows 11 Home Version 21H2 22000.376 (X64) Language: Čeština (Česko) -> Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Antibody Software Limited -> Antibody Software Limited) C:\Program Files\Bulk Image Downloader\BID.exe <3>
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSLinkRemote\AsusLinkRemote.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\AsusAppService\AsusAppService.exe
(ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSLinkNear\AsusLinkNear.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSOptimization\AsusOptimization.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSOptimization\AsusOptimizationStartupTask.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSSoftwareManager\AsusSoftwareManager.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSSystemAnalysis\AsusSystemAnalysis.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe
(Electronic Arts, Inc. -> The Qt Company Ltd.) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtWebEngineProcess.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <44>
(ICEpower a/s -> ICEpower A/S) C:\Windows\System32\DriverStore\FileRepository\icesoundapo64.inf_amd64_f2e61b83163bf054\ICEsoundService64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_9de8154b682af864\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_9de8154b682af864\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_9de8154b682af864\igfxext.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_74dc8483545826b6\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_74dc8483545826b6\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_99239023b47c777a\RstMwService.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_7ad571204ec9fcd3\Intel_PIE_Service.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <10>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\96.0.1054.62\msedgewebview2.exe <6>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Scans\MsMpEngCP.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_39f6d2586ed0b7d9\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_ec5ad85a0fbc74ea\RtkAudUService64.exe <3>
(The qBittorrent Project) [File not signed] C:\Program Files\qBittorrent\qbittorrent.exe
(ZONER software, a.s. -> ZONER software) C:\Users\Leech\AppData\Local\Programs\Zoner\ZPS X\binary\Program32\ZPSTray.exe
0 C:\Program Files\WindowsApps\Microsoft.GamingApp_2112.1001.10.0_x64__8wekyb3d8bbwe\XboxAppServices.exe
0 C:\Program Files\WindowsApps\Microsoft.GamingApp_2112.1001.10.0_x64__8wekyb3d8bbwe\XboxPcApp.exe
0 C:\Program Files\WindowsApps\Microsoft.GamingServices_3.60.12001.0_x64__8wekyb3d8bbwe\gamingservices.exe
0 C:\Program Files\WindowsApps\Microsoft.GamingServices_3.60.12001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
0 C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2021.21120.8011.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
0 C:\Program Files\WindowsApps\microsoft.windowsstore_22112.1401.2.0_x64__8wekyb3d8bbwe\WinStore.App.exe
0 C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.21111.10511.0_x64__8wekyb3d8bbwe\Video.UI.exe
0 C:\Program Files\WindowsApps\microsoftwindows.client.webexperience_421.20050.505.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\RunOnce: [DEL_ST_CPL] => CMD /C del "C:\WINDOWS\TEMP\ST_CPL.pkg.XML" /F (No File) <==== ATTENTION
HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\96.0.1054.62\Installer\setup.exe [2873728 2022-01-05] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2232147753-1779878456-3232465511-1002\...\Run: [MicrosoftEdgeAutoLaunch_5EFC64ECA0D48DE2BD7F1727EE2A7543] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKU\S-1-5-21-2232147753-1779878456-3232465511-1002\...\Run: [Zoner Photo Studio Autoupdate] => C:\Users\Leech\AppData\Local\Programs\Zoner\ZPS X\binary\Program32\ZPSTRAY.EXE [814240 2021-12-09] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-2232147753-1779878456-3232465511-1002\...\MountPoints2: {2ae7830f-6fd4-11ec-a5bc-04d9f5003b5d} - "D:\setup.exe"
HKU\S-1-5-21-2232147753-1779878456-3232465511-500\...\Run: [Zoner Photo Studio Autoupdate] => C:\Users\Administrator\AppData\Local\Programs\Zoner\ZPS X\binary\Program32\ZPSTRAY.EXE [814240 2021-12-09] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-2232147753-1779878456-3232465511-500\...\Run: [BID Drop Box] => C:\Program Files\Bulk Image Downloader\BIDDropBox.exe [3226264 2021-08-25] (Antibody Software Limited -> )
HKU\S-1-5-21-2232147753-1779878456-3232465511-500\...\Run: [MicrosoftEdgeAutoLaunch_98769996E24836F99EC8617644423B4C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKU\S-1-5-21-2232147753-1779878456-3232465511-500\...\Run: [qBittorrent] => C:\Program Files\qBittorrent\qbittorrent.exe [29029376 2022-01-06] (The qBittorrent Project) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\97.0.4692.71\Installer\chrmstp.exe [2022-01-06] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1ADA6395-D103-40C5-943F-CFEF9358CED2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-01-06] (Google LLC -> Google LLC)
Task: {1C3BE9D1-C29D-46D1-AC6C-5B6A2A1CC5F6} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSOptimization\AsusHotkeyExec.exe [233616 2021-08-19] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {31C57B2D-6956-4A72-9EBA-7F9B6C27F987} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2022-01-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {32F859D1-CC4C-4E33-A65C-D397205F6F7A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-01-06] (Google LLC -> Google LLC)
Task: {3DCB65D5-A9C7-4D48-9740-99DC5B3BE04D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2022-01-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4443535F-853D-4242-8AF9-C0BC6A46C674} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2232147753-1779878456-3232465511-1002 => C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {4A16F80B-4039-4728-81AC-5BCA6F43A909} - System32\Tasks\ASUS Update Checker 2.0 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSSoftwareManager\AsusUpdateChecker.exe [771208 2021-08-19] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {65B3E96C-82E6-4ECF-A101-9B93500639DF} - System32\Tasks\Zoner.Updater.S-1-5-21-2232147753-1779878456-3232465511-500 => C:\ProgramData\Zoner\Zoner.Installer.Core\Updater.exe [1603488 2022-01-07] (ZONER software, a.s. -> ZONER software, a.s.)
Task: {8A1DC710-8796-40B3-8392-50CBCCAB7DC6} - System32\Tasks\Opera scheduled Autoupdate 1641556806 => C:\Program Files\Opera\launcher.exe [2256592 2021-12-21] (Opera Software AS -> Opera Software)
Task: {8ED1257E-0B97-4088-9D58-6CF513D23923} - System32\Tasks\Zoner.Updater.S-1-5-21-2232147753-1779878456-3232465511-1002 => C:\ProgramData\Zoner\Zoner.Installer.Core\Updater.exe [1603488 2022-01-07] (ZONER software, a.s. -> ZONER software, a.s.)
Task: {AFB0930D-D3DD-435B-8E3C-B6229456E488} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2232147753-1779878456-3232465511-1002 => C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File)
Task: {C12CBE11-BAF3-4B8D-8829-EE04648FE9FC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2022-01-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D1D324C1-E74E-48B1-B011-43E97B4F0260} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2232147753-1779878456-3232465511-1001 => C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {E6079C8A-B049-432E-B103-1339B9BEC471} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_ec5ad85a0fbc74ea\RtkAudUService64.exe [1212720 2020-12-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {F2C2A53E-D11E-468C-BD61-7951E4D7BEDD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2022-01-05] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.1.138
Tcpip\..\Interfaces\{1dbd4ef5-d8ec-4caf-87f8-7ca0f3fc8917}: [DhcpNameServer] 10.0.1.138

Edge:
=======
Edge Profile: C:\Users\Administrator\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-06]

Chrome:
=======
CHR Profile: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default [2022-01-07]
CHR Extension: (Slides) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-01-07]
CHR Extension: (Docs) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2022-01-07]
CHR Extension: (Google Drive) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-01-07]
CHR Extension: (YouTube) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-01-07]
CHR Extension: (Sheets) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-01-07]
CHR Extension: (Google Docs Offline) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-07]
CHR Extension: (Gmail) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-01-07]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AsusAppService; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\AsusAppService\AsusAppService.exe [364688 2021-08-19] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSLinkNear; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSLinkNear\AsusLinkNear.exe [1307792 2021-08-19] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 ASUSLinkRemote; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSLinkRemote\AsusLinkRemote.exe [753808 2021-08-19] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​)
R2 ASUSOptimization; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSOptimization\AsusOptimization.exe [334464 2021-08-19] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSoftwareManager; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSSoftwareManager\AsusSoftwareManager.exe [1012872 2021-08-19] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSSystemAnalysis\AsusSystemAnalysis.exe [2553472 2021-08-19] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [612760 2021-08-19] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.)
R2 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [10043032 2022-01-07] (Electronic Arts, Inc. -> Electronic Arts)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2022-01-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2022-01-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_39f6d2586ed0b7d9\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_39f6d2586ed0b7d9\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [113496 2021-01-14] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R1 ATKWMIACPIIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSOptimization\atkwmiacpi64.sys [44200 2021-08-19] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
S3 Hsp; C:\WINDOWS\System32\drivers\Hsp.sys [110904 2022-01-05] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2022-01-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435432 2022-01-05] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2022-01-05] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-08 10:41 - 2022-01-08 10:42 - 000019265 _____ C:\Users\Leech\Desktop\FRST.txt
2022-01-08 10:41 - 2022-01-08 10:42 - 000000000 ____D C:\FRST
2022-01-08 10:40 - 2022-01-08 10:39 - 002311168 _____ (Farbar) C:\Users\Leech\Desktop\FRST64.exe
2022-01-08 10:39 - 2022-01-08 10:39 - 002311168 _____ (Farbar) C:\Users\Leech\Downloads\FRST64.exe
2022-01-08 01:46 - 2022-01-08 01:46 - 000001220 _____ C:\Users\Leech\Desktop\Mass Effect Legendary Edition.lnk
2022-01-08 01:05 - 2022-01-08 01:46 - 000000000 ____D C:\Users\Leech\AppData\Local\CrashDumps
2022-01-08 01:03 - 2022-01-08 01:03 - 000000000 ____D C:\Games
2022-01-08 00:22 - 2022-01-08 00:22 - 000000000 ____D C:\Users\Leech\AppData\Roaming\QtProject
2022-01-08 00:21 - 2022-01-08 00:57 - 000000000 ____D C:\Users\Leech\AppData\Local\MiniTool MovieMaker
2022-01-07 20:23 - 2022-01-07 20:23 - 000019743 _____ C:\Users\Leech\Downloads\[SkT]Zoner_Photo_Studio_X_v.19.2004.2.262_(2020)(CZ_SK).torrent
2022-01-07 20:18 - 2022-01-07 20:18 - 000016309 _____ C:\Users\Leech\Downloads\[SkT]Zoner_Photo_Studio_X_19.2109.2.346.torrent
2022-01-07 20:03 - 2022-01-07 20:03 - 000003792 _____ C:\WINDOWS\system32\Tasks\Zoner.Updater.S-1-5-21-2232147753-1779878456-3232465511-1002
2022-01-07 20:03 - 2022-01-07 20:03 - 000001563 _____ C:\Users\Leech\AppData\Roaming\Microsoft\Windows\Start Menu\Zoner Photo Studio X.lnk
2022-01-07 20:03 - 2022-01-07 20:03 - 000001561 _____ C:\Users\Leech\Desktop\Zoner Photo Studio X.lnk
2022-01-07 20:02 - 2022-01-07 20:02 - 000390088 _____ (ZONER software, a.s.) C:\Users\Leech\Downloads\zpsx (1).exe
2022-01-07 17:20 - 2022-01-07 17:20 - 000408929 _____ C:\Users\Leech\Desktop\pavel_kadlecek_CV.pdf
2022-01-07 17:04 - 2022-01-07 17:04 - 000000000 ____D C:\Users\Leech\AppData\Local\OneDrive
2022-01-07 13:57 - 2022-01-07 17:09 - 000000000 ____D C:\ProgramData\NVIDIA
2022-01-07 13:57 - 2022-01-07 13:57 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2022-01-07 13:57 - 2022-01-07 13:57 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2022-01-07 13:54 - 2021-12-15 21:58 - 001450200 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-01-07 13:54 - 2021-12-15 21:58 - 001450200 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-01-07 13:54 - 2021-12-15 21:57 - 001874648 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-01-07 13:54 - 2021-12-15 21:57 - 001874648 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-01-07 13:54 - 2021-12-15 21:57 - 001466024 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-01-07 13:54 - 2021-12-15 21:57 - 001209312 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-01-07 13:54 - 2021-12-15 21:57 - 001112336 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-01-07 13:54 - 2021-12-15 21:57 - 001112336 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-01-07 13:54 - 2021-12-15 21:57 - 000966416 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-01-07 13:54 - 2021-12-15 21:57 - 000966416 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-01-07 13:54 - 2021-12-15 21:54 - 001524392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-01-07 13:54 - 2021-12-15 21:54 - 000802216 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-01-07 13:54 - 2021-12-15 21:54 - 000679384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2022-01-07 13:54 - 2021-12-15 21:54 - 000658344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-01-07 13:54 - 2021-12-15 21:54 - 000636840 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-01-07 13:54 - 2021-12-15 21:54 - 000565416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2022-01-07 13:54 - 2021-12-15 21:53 - 002116520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-01-07 13:54 - 2021-12-15 21:53 - 001597552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-01-07 13:54 - 2021-12-15 21:53 - 001175512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-01-07 13:54 - 2021-12-15 21:53 - 000982952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-01-07 13:54 - 2021-12-15 21:53 - 000794024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-01-07 13:54 - 2021-12-15 21:53 - 000708776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-01-07 13:54 - 2021-12-15 21:52 - 008725160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-01-07 13:54 - 2021-12-15 21:52 - 007843968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-01-07 13:54 - 2021-12-15 21:52 - 005732320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-01-07 13:54 - 2021-12-15 21:52 - 004938880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-01-07 13:54 - 2021-12-15 21:52 - 002852280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-01-07 13:54 - 2021-12-15 21:52 - 000452224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-01-07 13:54 - 2021-12-15 21:51 - 000851936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-01-07 13:54 - 2021-12-15 21:50 - 006438112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-01-07 13:54 - 2021-12-15 13:16 - 000085698 _____ C:\WINDOWS\system32\nvinfo.pb
2022-01-07 13:46 - 2022-01-07 13:52 - 871815184 _____ (NVIDIA Corporation) C:\Users\Leech\Downloads\497.29-notebook-win10-win11-64bit-international-dch-whql.exe
2022-01-07 13:43 - 2022-01-07 13:45 - 000001116 _____ C:\Users\Leech\Desktop\Forza Horizon 5.lnk
2022-01-07 13:43 - 2022-01-07 13:43 - 000001112 _____ C:\Users\Leech\Desktop\Carrion.lnk
2022-01-07 13:35 - 2022-01-08 10:28 - 000000000 ____D C:\Users\Leech\AppData\Roaming\qBittorrent
2022-01-07 13:35 - 2022-01-07 15:40 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\qBittorrent
2022-01-07 13:35 - 2022-01-07 13:45 - 000000000 ____D C:\Users\Leech\Downloads\Mass_Effect_Legendary_Edition-FLT
2022-01-07 13:35 - 2022-01-07 13:35 - 000000000 ____D C:\Users\Leech\AppData\Local\qBittorrent
2022-01-07 13:35 - 2022-01-07 13:35 - 000000000 ____D C:\Users\Administrator\AppData\Local\qBittorrent
2022-01-07 13:29 - 2022-01-07 13:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2022-01-07 13:29 - 2022-01-07 13:29 - 000000000 ____D C:\Program Files\qBittorrent
2022-01-07 13:18 - 2022-01-07 13:27 - 030177492 _____ (The qBittorrent project) C:\Users\Leech\Downloads\qbittorrent_4.4.0_x64_setup.exe
2022-01-07 13:13 - 2022-01-07 13:13 - 000000000 ____D C:\Users\Administrator\Downloads\Mass_Effect_Legendary_Edition-FLT
2022-01-07 13:12 - 2022-01-07 13:12 - 000228258 _____ C:\Users\Leech\Downloads\Mass_Effect_Legendary_Edition-FLT-[rarbg.to].torrent
2022-01-07 13:11 - 2022-01-07 15:40 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Azureus
2022-01-07 13:11 - 2022-01-07 13:11 - 000001863 _____ C:\Users\Public\Desktop\Vuze.lnk
2022-01-07 13:11 - 2022-01-07 13:11 - 000001863 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk
2022-01-07 13:11 - 2022-01-07 13:11 - 000000000 ____D C:\Users\Administrator\Documents\Vuze Downloads
2022-01-07 13:11 - 2022-01-07 13:11 - 000000000 ____D C:\Users\Administrator\.swt
2022-01-07 13:11 - 2022-01-07 13:11 - 000000000 ____D C:\Program Files\Vuze
2022-01-07 13:09 - 2022-01-07 13:09 - 000000000 ____D C:\ProgramData\Oracle
2022-01-07 13:08 - 2022-01-07 13:08 - 000091808 _____ (Azureus Software, Inc.) C:\Users\Leech\Downloads\VuzeBittorrentClientInstaller.exe
2022-01-07 13:00 - 2022-01-07 13:00 - 000003948 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1641556806
2022-01-07 13:00 - 2022-01-07 13:00 - 000001197 _____ C:\Users\Public\Desktop\Prohlížeč Opera.lnk
2022-01-07 13:00 - 2022-01-07 13:00 - 000001197 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2022-01-07 13:00 - 2022-01-07 13:00 - 000000000 ____D C:\Users\Leech\AppData\Roaming\Opera Software
2022-01-07 13:00 - 2022-01-07 13:00 - 000000000 ____D C:\Users\Leech\AppData\Local\Opera Software
2022-01-07 12:59 - 2022-01-07 17:15 - 000000000 ____D C:\Program Files\Opera
2022-01-07 12:59 - 2022-01-07 12:59 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Opera Software
2022-01-07 12:56 - 2022-01-07 12:57 - 002618592 _____ (Opera Software) C:\Users\Leech\Downloads\OperaSetup.exe
2022-01-07 12:47 - 2022-01-07 12:47 - 000000000 ____D C:\Users\Leech\AppData\Local\EALaunchHelper
2022-01-07 12:25 - 2022-01-07 12:25 - 000000000 ____D C:\ProgramData\Origin
2022-01-07 12:23 - 2022-01-07 12:23 - 000000000 ____D C:\Users\Leech\AppData\Local\EADesktop
2022-01-07 11:58 - 2022-01-07 11:58 - 000002342 _____ C:\Users\Administrator\Desktop\Stremio.lnk
2022-01-07 11:58 - 2022-01-07 11:58 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\stremio
2022-01-07 11:58 - 2022-01-07 11:58 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Stremio
2022-01-07 11:58 - 2022-01-07 11:58 - 000000000 ____D C:\Users\Administrator\AppData\Local\Smart Code ltd
2022-01-07 11:57 - 2022-01-07 11:58 - 110434664 _____ (Smart Code Ltd) C:\Users\Leech\Downloads\Stremio+4.4.142.exe
2022-01-07 11:54 - 2022-01-07 12:49 - 000000000 ____D C:\Program Files\EA Games
2022-01-07 11:54 - 2022-01-07 12:23 - 000000000 ____D C:\ProgramData\EA Desktop
2022-01-07 11:54 - 2022-01-07 11:54 - 000002138 _____ C:\Users\Public\Desktop\EA.lnk
2022-01-07 11:54 - 2022-01-07 11:54 - 000000000 ____D C:\Users\Leech\AppData\Local\Origin
2022-01-07 11:54 - 2022-01-07 11:54 - 000000000 ____D C:\Users\Leech\AppData\Local\Electronic Arts
2022-01-07 11:54 - 2022-01-07 11:54 - 000000000 ____D C:\Users\Leech\AppData\Local\EAConnect_microsoft
2022-01-07 11:54 - 2022-01-07 11:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
2022-01-07 11:54 - 2022-01-07 11:54 - 000000000 ____D C:\Program Files\Electronic Arts
2022-01-07 11:34 - 2022-01-07 11:34 - 000000000 ____D C:\Users\Leech\AppData\Local\INetHistory
2022-01-07 11:20 - 2022-01-07 11:20 - 000000000 ____D C:\Users\Leech\AppData\LocalLow\Mobius Digital
2022-01-07 11:18 - 2022-01-07 11:18 - 000000000 ___HD C:\OneDriveTemp
2022-01-07 07:59 - 2022-01-07 07:59 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-01-07 07:54 - 2022-01-07 07:54 - 000841500 _____ C:\Users\Leech\Downloads\prilohy_161207.zip
2022-01-07 05:47 - 2022-01-07 05:47 - 000042453 _____ C:\Users\Leech\Downloads\pavel_kadlecek_CV.odt
2022-01-07 04:59 - 2022-01-07 04:59 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-01-07 04:59 - 2022-01-07 04:59 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-01-06 20:38 - 2022-01-07 12:00 - 000000000 ____D C:\Users\Administrator\AppData\Local\Google
2022-01-06 20:38 - 2022-01-06 20:38 - 000002319 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-06 20:38 - 2022-01-06 20:38 - 000002278 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-01-06 20:37 - 2022-01-08 10:42 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-06 20:37 - 2022-01-06 20:42 - 000000000 ____D C:\Users\Leech\AppData\Local\Google
2022-01-06 20:37 - 2022-01-06 20:37 - 001341272 _____ (Google LLC) C:\Users\Leech\Downloads\ChromeSetup.exe
2022-01-06 20:37 - 2022-01-06 20:37 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-01-06 20:37 - 2022-01-06 20:37 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-01-06 20:37 - 2022-01-06 20:37 - 000000000 ____D C:\Program Files\Google
2022-01-06 05:25 - 2022-01-06 05:27 - 000000000 ____D C:\Users\Leech\AppData\Roaming\Luminar AI
2022-01-06 05:25 - 2022-01-06 05:25 - 000000000 ____D C:\Users\Leech\AppData\Local\Sentry
2022-01-06 05:18 - 2022-01-06 05:18 - 000001223 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Luminar AI.lnk
2022-01-06 05:18 - 2022-01-06 05:18 - 000001217 _____ C:\Users\Public\Desktop\Luminar AI.lnk
2022-01-06 05:18 - 2022-01-06 05:18 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\QtProject
2022-01-06 05:18 - 2022-01-06 05:18 - 000000000 ____D C:\Program Files\Skylum
2022-01-06 05:17 - 2022-01-06 05:18 - 000000000 ____D C:\Users\Administrator\AppData\Local\MiniTool MovieMaker
2022-01-06 05:17 - 2022-01-06 05:17 - 000001910 _____ C:\Users\Public\Desktop\MiniTool MovieMaker.lnk
2022-01-06 05:17 - 2022-01-06 05:17 - 000000000 ____D C:\Users\Administrator\Documents\MiniTool MovieMaker
2022-01-06 05:17 - 2022-01-06 05:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool MovieMaker
2022-01-06 05:17 - 2021-11-19 09:40 - 000002843 _____ C:\WINDOWS\fonts.conf
2022-01-06 05:16 - 2022-01-07 11:54 - 000000000 ____D C:\ProgramData\Package Cache
2022-01-06 05:16 - 2022-01-06 05:17 - 000000000 ____D C:\Program Files\MiniTool MovieMaker
2022-01-06 05:16 - 2022-01-06 05:16 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Luminar AI
2022-01-06 05:16 - 2022-01-06 05:16 - 000000000 ____D C:\ProgramData\Luminar AI
2022-01-06 05:16 - 2021-11-30 04:30 - 307040200 _____ (MiniTool ) C:\Users\Administrator\Downloads\mmm-noframe-x64.exe
2022-01-06 05:15 - 2022-01-06 05:15 - 019996968 _____ () C:\Users\Leech\Downloads\LuminarAISetup.exe
2022-01-06 05:09 - 2022-01-06 05:09 - 002129560 _____ (MiniTool) C:\Users\Leech\Downloads\mmm-setup.exe
2022-01-06 03:56 - 2022-01-06 03:56 - 000188240 _____ (hxxps://getfireshot.com) C:\Users\Leech\Downloads\fireshot-chrome-plugin (1).exe
2022-01-06 03:55 - 2022-01-06 03:56 - 000000000 ____D C:\Users\Leech\Downloads\FireShot
2022-01-06 03:55 - 2022-01-06 03:55 - 000188240 _____ (hxxps://getfireshot.com) C:\Users\Leech\Downloads\fireshot-chrome-plugin.exe
2022-01-06 01:54 - 2022-01-06 01:54 - 000275724 _____ C:\Users\Leech\Downloads\R.jfif
2022-01-05 23:22 - 2022-01-06 05:23 - 000010509 _____ C:\Users\Leech\Desktop\Nabídky.ods
2022-01-05 22:57 - 2022-01-05 22:58 - 000000000 ____D C:\Users\Leech\AppData\Roaming\Canva
2022-01-05 22:55 - 2022-01-05 22:55 - 000002217 _____ C:\Users\Leech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Canva.lnk
2022-01-05 22:55 - 2022-01-05 22:55 - 000002209 _____ C:\Users\Leech\Desktop\Canva.lnk
2022-01-05 22:55 - 2022-01-05 22:55 - 000000000 ____D C:\Users\Leech\AppData\Local\canva-updater
2022-01-05 22:24 - 2022-01-07 11:58 - 000000000 ____D C:\Users\Administrator\AppData\Local\cache
2022-01-05 22:23 - 2022-01-05 22:24 - 000000000 ____D C:\Users\Administrator\AppData\Local\Movavi
2022-01-05 22:23 - 2022-01-05 22:23 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\NVIDIA
2022-01-05 22:23 - 2022-01-05 22:23 - 000000000 ____D C:\Users\Administrator\AppData\Local\VideoEditorPlus
2022-01-05 22:23 - 2022-01-05 22:23 - 000000000 ____D C:\Users\Administrator\AppData\Local\CrashRpt
2022-01-05 22:17 - 2022-01-05 22:17 - 000000000 ____D C:\Users\Leech\AppData\Local\cache
2022-01-05 22:07 - 2022-01-05 22:07 - 000000000 ____D C:\Users\Leech\AppData\Local\VideoEditorPlus
2022-01-05 22:07 - 2022-01-05 22:07 - 000000000 ____D C:\Users\Leech\AppData\Local\CrashRpt
2022-01-05 22:06 - 2022-01-05 22:06 - 000001020 _____ C:\Users\Leech\Desktop\Movavi Video Editor Plus 2022.lnk
2022-01-05 22:06 - 2022-01-05 22:06 - 000000000 ____D C:\Users\Leech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Movavi Video Editor Plus 2022
2022-01-05 22:05 - 2022-01-05 22:13 - 000000000 ____D C:\Users\Leech\AppData\Local\Movavi
2022-01-05 22:05 - 2022-01-05 22:06 - 000000000 ____D C:\Users\Leech\AppData\Roaming\Movavi Video Editor Plus 2022
2022-01-05 22:05 - 2022-01-05 22:05 - 000012755 _____ C:\ProgramData\goyslgxe.nnn
2022-01-05 22:05 - 2022-01-05 22:05 - 000000016 _____ C:\ProgramData\mntemp
2022-01-05 20:25 - 2022-01-07 23:41 - 000000000 ____D C:\Users\Administrator\Documents\Bulk Image Downloader
2022-01-05 20:25 - 2022-01-05 20:25 - 000000000 ____D C:\Users\Administrator\AppData\Local\D3DSCache
2022-01-05 20:18 - 2022-01-05 20:23 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\BID
2022-01-05 20:18 - 2022-01-05 20:18 - 000215552 _____ C:\WINDOWS\system32\CloudIdWxhExtension.dll
2022-01-05 20:18 - 2022-01-05 20:18 - 000040960 _____ C:\WINDOWS\system32\prxyqry.dll
2022-01-05 20:18 - 2022-01-05 20:18 - 000015000 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-01-05 20:18 - 2022-01-05 20:18 - 000013824 _____ C:\WINDOWS\SysWOW64\prxyqry.dll
2022-01-05 20:18 - 2022-01-05 20:18 - 000000979 _____ C:\Users\Administrator\Desktop\BID Queue Manager.lnk
2022-01-05 20:18 - 2022-01-05 20:18 - 000000913 _____ C:\Users\Administrator\Desktop\Bulk Image Downloader.lnk
2022-01-05 20:18 - 2022-01-05 20:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bulk Image Downloader
2022-01-05 20:18 - 2022-01-05 20:18 - 000000000 ____D C:\Program Files\Bulk Image Downloader
2022-01-05 20:17 - 2022-01-05 20:17 - 019067328 _____ (Antibody Software ) C:\Users\Leech\Downloads\bid_6_05_setup_x64.exe
2022-01-05 20:17 - 2022-01-05 20:17 - 000000000 ____D C:\Users\Administrator\AppData\Local\Bulk Image Downloader
2022-01-05 20:16 - 2022-01-05 20:16 - 000000000 ___HD C:\$WinREAgent
2022-01-05 09:11 - 2022-01-06 20:37 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2232147753-1779878456-3232465511-1002
2022-01-05 07:12 - 2022-01-05 07:12 - 000000000 ____D C:\Users\Leech\AppData\Roaming\Zoner
2022-01-05 07:12 - 2022-01-05 07:12 - 000000000 ____D C:\Users\Leech\AppData\Local\Zoner
2022-01-05 07:12 - 2022-01-05 07:12 - 000000000 ____D C:\Users\Leech\AppData\Local\CEF
2022-01-05 06:15 - 2022-01-05 07:12 - 000001748 _____ C:\Users\Administrator\Desktop\Zoner Photo Studio X.lnk
2022-01-05 06:15 - 2022-01-05 06:45 - 000000000 ____D C:\Users\Administrator\AppData\Local\Zoner
2022-01-05 06:15 - 2022-01-05 06:15 - 000003806 _____ C:\WINDOWS\system32\Tasks\Zoner.Updater.S-1-5-21-2232147753-1779878456-3232465511-500
2022-01-05 06:15 - 2022-01-05 06:15 - 000001567 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Zoner Photo Studio X.lnk
2022-01-05 06:15 - 2022-01-05 06:15 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Zoner
2022-01-05 06:15 - 2022-01-05 06:15 - 000000000 ____D C:\Users\Administrator\AppData\Local\CEF
2022-01-05 06:14 - 2022-01-07 20:03 - 000000000 ____D C:\ProgramData\Zoner
2022-01-05 06:13 - 2022-01-05 06:13 - 000390088 _____ (ZONER software, a.s.) C:\Users\Leech\Downloads\zpsx.exe
2022-01-05 06:08 - 2022-01-05 06:47 - 000084302 _____ C:\Users\Leech\Downloads\OIP.jfif
2022-01-05 05:53 - 2022-01-05 05:53 - 000042453 _____ C:\Users\Leech\Desktop\pavel_kadlecek_CV.odt
2022-01-05 05:44 - 2022-01-05 05:44 - 000000093 ____H C:\Users\Leech\Downloads\.~lock.sebastian-zivotopisny-cv (1).docx#
2022-01-05 05:21 - 2022-01-05 05:21 - 000000093 ____H C:\Users\Leech\Downloads\.~lock.!Pavel Kadlecek - zivotopis (1).docx#
2022-01-05 05:16 - 2022-01-07 15:42 - 000000000 ____D C:\Users\Leech\AppData\Local\NVIDIA
2022-01-05 05:13 - 2022-01-05 05:13 - 000000000 ____D C:\Users\Leech\AppData\Roaming\NVIDIA
2022-01-05 05:13 - 2022-01-05 05:13 - 000000000 ____D C:\Users\Leech\AppData\Roaming\LibreOffice
2022-01-05 05:12 - 2022-01-05 05:12 - 000001165 _____ C:\Users\Public\Desktop\LibreOffice 7.2.lnk
2022-01-05 05:12 - 2022-01-05 05:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.2
2022-01-05 05:12 - 2022-01-05 05:12 - 000000000 ____D C:\Program Files\LibreOffice
2022-01-05 05:10 - 2022-01-05 05:11 - 339103744 _____ C:\Users\Leech\Downloads\LibreOffice_7.2.4_Win_x64.msi
2022-01-05 04:57 - 2022-01-05 04:57 - 000000000 ____D C:\Users\Leech\AppData\Local\Comms
2022-01-05 04:56 - 2022-01-07 19:56 - 000000000 ____D C:\Users\Leech\AppData\Local\PlaceholderTileLogoFolder
2022-01-05 04:47 - 2022-01-05 04:47 - 000000000 ____D C:\Users\Leech\AppData\Local\ASUS
2022-01-05 04:46 - 2022-01-07 17:10 - 000000000 ___RD C:\Users\Leech\OneDrive
2022-01-05 04:46 - 2022-01-06 20:37 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2232147753-1779878456-3232465511-1002
2022-01-05 04:46 - 2022-01-06 20:37 - 000002381 _____ C:\Users\Leech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-01-05 04:46 - 2022-01-05 04:46 - 000000000 ____D C:\Users\Leech\AppData\Local\VirtualStore
2022-01-05 04:46 - 2022-01-05 04:46 - 000000000 ____D C:\Users\Leech\AppData\Local\Publishers
2022-01-05 04:45 - 2022-01-07 17:09 - 000000000 __SHD C:\Users\Leech\IntelGraphicsProfiles
2022-01-05 04:45 - 2022-01-07 15:42 - 000000000 ____D C:\Users\Leech\AppData\Local\Packages
2022-01-05 04:45 - 2022-01-07 12:47 - 000000000 ____D C:\Users\Leech\AppData\Local\ConnectedDevicesPlatform
2022-01-05 04:45 - 2022-01-05 06:13 - 000000000 ____D C:\Users\Leech\AppData\Roaming\Adobe
2022-01-05 04:45 - 2022-01-05 04:46 - 000000000 ____D C:\Users\Leech\AppData\Local\Intel
2022-01-05 04:44 - 2022-01-07 13:45 - 000000000 ____D C:\Users\Leech\AppData\Local\D3DSCache
2022-01-05 04:32 - 2022-01-07 17:09 - 000000000 ____D C:\Users\Leech
2022-01-05 04:32 - 2022-01-05 04:32 - 000000020 ___SH C:\Users\Leech\ntuser.ini
2022-01-05 04:32 - 2022-01-05 04:32 - 000000000 _SHDL C:\Users\Leech\Šablony
2022-01-05 04:32 - 2022-01-05 04:32 - 000000000 _SHDL C:\Users\Leech\Soubory cookie
2022-01-05 04:32 - 2022-01-05 04:32 - 000000000 _SHDL C:\Users\Leech\Poslední
2022-01-05 04:32 - 2022-01-05 04:32 - 000000000 _SHDL C:\Users\Leech\Okolní tiskárny
2022-01-05 04:32 - 2022-01-05 04:32 - 000000000 _SHDL C:\Users\Leech\Okolní síť
2022-01-05 04:32 - 2022-01-05 04:32 - 000000000 _SHDL C:\Users\Leech\Nabídka Start
2022-01-05 04:32 - 2022-01-05 04:32 - 000000000 _SHDL C:\Users\Leech\Dokumenty
2022-01-05 04:32 - 2022-01-05 04:32 - 000000000 _SHDL C:\Users\Leech\Documents\Obrázky
2022-01-05 04:32 - 2022-01-05 04:32 - 000000000 _SHDL C:\Users\Leech\Documents\Hudba
2022-01-05 04:32 - 2022-01-05 04:32 - 000000000 _SHDL C:\Users\Leech\Documents\Filmy
2022-01-05 04:32 - 2022-01-05 04:32 - 000000000 _SHDL C:\Users\Leech\Data aplikací
2022-01-05 04:32 - 2022-01-05 04:32 - 000000000 _SHDL C:\Users\Leech\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2022-01-05 04:32 - 2022-01-05 04:32 - 000000000 _SHDL C:\Users\Leech\AppData\Local\Data aplikací
2022-01-05 04:32 - 2021-06-05 13:04 - 000001281 _____ C:\Users\Leech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk
2022-01-05 04:32 - 2021-06-05 13:04 - 000000407 _____ C:\Users\Leech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk
2022-01-05 04:15 - 2022-01-07 13:11 - 000000000 ____D C:\Users\Administrator
2022-01-05 04:15 - 2022-01-05 04:15 - 000000020 ___SH C:\Users\Administrator\ntuser.ini
2022-01-05 04:15 - 2022-01-05 04:15 - 000000000 _SHDL C:\Users\Administrator\Šablony
2022-01-05 04:15 - 2022-01-05 04:15 - 000000000 _SHDL C:\Users\Administrator\Soubory cookie
2022-01-05 04:15 - 2022-01-05 04:15 - 000000000 _SHDL C:\Users\Administrator\Poslední
2022-01-05 04:15 - 2022-01-05 04:15 - 000000000 _SHDL C:\Users\Administrator\Okolní tiskárny
2022-01-05 04:15 - 2022-01-05 04:15 - 000000000 _SHDL C:\Users\Administrator\Okolní síť
2022-01-05 04:15 - 2022-01-05 04:15 - 000000000 _SHDL C:\Users\Administrator\Nabídka Start
2022-01-05 04:15 - 2022-01-05 04:15 - 000000000 _SHDL C:\Users\Administrator\Dokumenty
2022-01-05 04:15 - 2022-01-05 04:15 - 000000000 _SHDL C:\Users\Administrator\Documents\Obrázky
2022-01-05 04:15 - 2022-01-05 04:15 - 000000000 _SHDL C:\Users\Administrator\Documents\Hudba
2022-01-05 04:15 - 2022-01-05 04:15 - 000000000 _SHDL C:\Users\Administrator\Documents\Filmy
2022-01-05 04:15 - 2022-01-05 04:15 - 000000000 _SHDL C:\Users\Administrator\Data aplikací
2022-01-05 04:15 - 2022-01-05 04:15 - 000000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2022-01-05 04:15 - 2022-01-05 04:15 - 000000000 _SHDL C:\Users\Administrator\AppData\Local\Data aplikací
2022-01-05 04:15 - 2021-06-05 13:04 - 000001281 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk
2022-01-05 04:15 - 2021-06-05 13:04 - 000000407 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk
2022-01-05 04:07 - 2022-01-05 04:43 - 000289582 _____ C:\WINDOWS\ntbtlog.txt
2022-01-05 04:01 - 2022-01-05 04:01 - 000000000 ___HD C:\$SysReset
2022-01-05 03:58 - 2022-01-05 03:58 - 000000000 ____D C:\Users\Lucie\AppData\Local\Comms
2022-01-05 03:56 - 2022-01-05 03:56 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2022-01-05 03:55 - 2022-01-05 03:55 - 009461184 _____ (JAM Software ) C:\Users\Lucie\Downloads\TreeSizeFreeSetup.exe
2022-01-05 03:53 - 2022-01-05 03:53 - 000000000 ____D C:\Users\Lucie\AppData\Local\PlaceholderTileLogoFolder
2022-01-05 03:45 - 2022-01-05 03:45 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2232147753-1779878456-3232465511-1001
2022-01-05 03:45 - 2022-01-05 03:45 - 000002365 _____ C:\Users\Lucie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-01-05 03:45 - 2022-01-05 03:45 - 000000000 ____D C:\Users\Lucie\AppData\Local\VirtualStore
2022-01-05 03:45 - 2022-01-05 03:45 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2022-01-05 03:44 - 2022-01-07 17:17 - 001626360 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-01-05 03:43 - 2022-01-07 15:42 - 000000000 ____D C:\ProgramData\Packages
2022-01-05 03:43 - 2022-01-05 03:59 - 000000000 ____D C:\Users\Lucie\AppData\Local\Packages
2022-01-05 03:43 - 2022-01-05 03:55 - 000000000 ____D C:\Users\Lucie\AppData\Local\D3DSCache
2022-01-05 03:43 - 2022-01-05 03:44 - 000000000 ____D C:\Users\Lucie\AppData\Local\Intel
2022-01-05 03:43 - 2022-01-05 03:43 - 000000020 ___SH C:\Users\Lucie\ntuser.ini
2022-01-05 03:43 - 2022-01-05 03:43 - 000000000 ____D C:\Users\Lucie\AppData\Roaming\Adobe
2022-01-05 03:43 - 2022-01-05 03:43 - 000000000 ____D C:\Users\Lucie\AppData\Local\Publishers
2022-01-05 03:43 - 2022-01-05 03:43 - 000000000 ____D C:\Users\Lucie\AppData\Local\ConnectedDevicesPlatform
2022-01-05 03:43 - 2022-01-05 03:43 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-01-05 03:41 - 2022-01-05 03:41 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2022-01-05 03:41 - 2022-01-05 03:41 - 000000000 _SHDL C:\Users\Default User
2022-01-05 03:41 - 2022-01-05 03:41 - 000000000 _SHDL C:\Users\All Users
2022-01-05 03:41 - 2022-01-05 03:41 - 000000000 _SHDL C:\ProgramData\Šablony
2022-01-05 03:41 - 2022-01-05 03:41 - 000000000 _SHDL C:\ProgramData\Plocha
2022-01-05 03:41 - 2022-01-05 03:41 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2022-01-05 03:41 - 2022-01-05 03:41 - 000000000 _SHDL C:\ProgramData\Dokumenty
2022-01-05 03:41 - 2022-01-05 03:41 - 000000000 _SHDL C:\ProgramData\Data aplikací
2022-01-05 03:40 - 2022-01-05 03:40 - 000008116 _____ C:\Users\Lucie\Desktop\Odebrané aplikace.html
2022-01-05 03:38 - 2022-01-05 03:43 - 000000000 ____D C:\Users\Lucie
2022-01-05 03:38 - 2022-01-05 03:38 - 000000000 _SHDL C:\Users\Lucie\Šablony
2022-01-05 03:38 - 2022-01-05 03:38 - 000000000 _SHDL C:\Users\Lucie\Soubory cookie
2022-01-05 03:38 - 2022-01-05 03:38 - 000000000 _SHDL C:\Users\Lucie\Poslední
2022-01-05 03:38 - 2022-01-05 03:38 - 000000000 _SHDL C:\Users\Lucie\Okolní tiskárny
2022-01-05 03:38 - 2022-01-05 03:38 - 000000000 _SHDL C:\Users\Lucie\Okolní síť
2022-01-05 03:38 - 2022-01-05 03:38 - 000000000 _SHDL C:\Users\Lucie\Nabídka Start
2022-01-05 03:38 - 2022-01-05 03:38 - 000000000 _SHDL C:\Users\Lucie\Dokumenty
2022-01-05 03:38 - 2022-01-05 03:38 - 000000000 _SHDL C:\Users\Lucie\Documents\Obrázky
2022-01-05 03:38 - 2022-01-05 03:38 - 000000000 _SHDL C:\Users\Lucie\Documents\Hudba
2022-01-05 03:38 - 2022-01-05 03:38 - 000000000 _SHDL C:\Users\Lucie\Documents\Filmy
2022-01-05 03:38 - 2022-01-05 03:38 - 000000000 _SHDL C:\Users\Lucie\Data aplikací
2022-01-05 03:38 - 2022-01-05 03:38 - 000000000 _SHDL C:\Users\Lucie\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2022-01-05 03:38 - 2022-01-05 03:38 - 000000000 _SHDL C:\Users\Lucie\AppData\Local\Data aplikací
2022-01-05 03:38 - 2021-06-05 13:04 - 000001281 _____ C:\Users\Lucie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk
2022-01-05 03:38 - 2021-06-05 13:04 - 000000407 _____ C:\Users\Lucie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk
2022-01-05 03:37 - 2022-01-07 13:55 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-01-05 03:37 - 2022-01-05 03:37 - 000003366 _____ C:\WINDOWS\system32\Tasks\RtkAudUService64_BG
2022-01-05 03:37 - 2022-01-05 03:37 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2022-01-05 03:37 - 2022-01-05 03:37 - 000000000 ____D C:\ProgramData\Intel
2022-01-05 03:37 - 2022-01-05 03:37 - 000000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2022-01-05 03:35 - 2022-01-08 10:32 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-05 03:35 - 2022-01-07 17:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-01-05 03:35 - 2022-01-06 03:50 - 000493736 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-01-05 03:35 - 2022-01-05 17:26 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-05 03:35 - 2022-01-05 17:26 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-01-05 03:35 - 2022-01-05 08:13 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-01-05 03:35 - 2022-01-05 04:57 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-01-05 03:35 - 2022-01-05 04:57 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-01-05 03:35 - 2022-01-05 03:43 - 000000000 ____D C:\WINDOWS\Panther
2022-01-05 03:35 - 2022-01-05 03:43 - 000000000 ____D C:\Windows.old
2022-01-05 03:35 - 2022-01-05 03:38 - 000004122 _____ C:\WINDOWS\system32\Tasks\ASUS Update Checker 2.0
2022-01-05 03:35 - 2022-01-05 03:35 - 000003764 _____ C:\WINDOWS\system32\Tasks\ASUS Optimization 36D18D69AFC3
2022-01-05 03:35 - 2022-01-05 03:35 - 000000000 ____D C:\WINDOWS\system32\Tasks\Intel
2022-01-05 03:35 - 2022-01-05 03:35 - 000000000 ____D C:\ProgramData\ASUS
2022-01-05 03:34 - 2022-01-05 03:35 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2022-01-05 03:34 - 2022-01-05 03:34 - 000000000 ____D C:\WINDOWS\system32\Intel
2022-01-05 03:34 - 2022-01-05 03:34 - 000000000 ____D C:\WINDOWS\system32\cAVS
2022-01-05 03:34 - 2022-01-05 03:34 - 000000000 ____D C:\WINDOWS\Firmware
2022-01-05 03:33 - 2022-01-05 03:44 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2022-01-05 03:33 - 2022-01-05 03:35 - 000000000 ____D C:\WINDOWS\Setup
2022-01-05 03:33 - 2022-01-05 03:33 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2022-01-05 03:33 - 2022-01-05 03:33 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2022-01-05 03:33 - 2022-01-05 03:33 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2022-01-05 03:33 - 2022-01-05 03:33 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2022-01-05 03:33 - 2022-01-05 03:33 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2022-01-05 03:33 - 2022-01-05 03:33 - 000000000 ____D C:\WINDOWS\addins
2022-01-05 03:33 - 2022-01-05 03:33 - 000000000 ____D C:\ProgramData\ssh
2022-01-05 03:32 - 2022-01-07 17:17 - 000692670 _____ C:\WINDOWS\system32\perfh005.dat
2022-01-05 03:32 - 2022-01-07 17:17 - 000143218 _____ C:\WINDOWS\system32\perfc005.dat
2022-01-05 03:32 - 2022-01-05 03:32 - 000296964 _____ C:\WINDOWS\system32\perfi005.dat
2022-01-05 03:32 - 2022-01-05 03:32 - 000038778 _____ C:\WINDOWS\system32\perfd005.dat
2022-01-05 03:32 - 2022-01-05 03:32 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2022-01-05 03:32 - 2022-01-05 03:32 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2022-01-05 03:32 - 2022-01-05 03:32 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2022-01-05 03:32 - 2022-01-05 03:32 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2022-01-05 03:32 - 2022-01-05 03:32 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2022-01-05 03:32 - 2022-01-05 03:32 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2022-01-05 03:32 - 2022-01-05 03:32 - 000000000 ____D C:\WINDOWS\SysWOW64\0409
2022-01-05 03:32 - 2022-01-05 03:32 - 000000000 ____D C:\WINDOWS\system32\winrm
2022-01-05 03:32 - 2022-01-05 03:32 - 000000000 ____D C:\WINDOWS\system32\WCN
2022-01-05 03:32 - 2022-01-05 03:32 - 000000000 ____D C:\WINDOWS\system32\slmgr
2022-01-05 03:32 - 2022-01-05 03:32 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2022-01-05 03:32 - 2022-01-05 03:32 - 000000000 ____D C:\WINDOWS\system32\cs
2022-01-05 03:32 - 2022-01-05 03:32 - 000000000 ____D C:\WINDOWS\system32\0409
2022-01-05 03:32 - 2022-01-05 03:32 - 000000000 ____D C:\WINDOWS\DigitalLocker
2022-01-05 03:31 - 2022-01-08 09:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-05 03:31 - 2022-01-08 08:52 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-01-05 03:31 - 2022-01-07 21:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-01-05 03:31 - 2022-01-07 20:52 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-05 03:31 - 2022-01-07 17:09 - 000000000 ____D C:\WINDOWS\ServiceState
2022-01-05 03:31 - 2022-01-07 13:57 - 000000000 ___RD C:\Program Files (x86)
2022-01-05 03:31 - 2022-01-07 11:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-01-05 03:31 - 2022-01-06 03:59 - 000000000 ____D C:\WINDOWS\appcompat
2022-01-05 03:31 - 2022-01-06 03:49 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-01-05 03:31 - 2022-01-06 03:49 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2022-01-05 03:31 - 2022-01-06 03:49 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2022-01-05 03:31 - 2022-01-06 03:49 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2022-01-05 03:31 - 2022-01-06 03:49 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2022-01-05 03:31 - 2022-01-06 03:49 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-01-05 03:31 - 2022-01-06 03:49 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2022-01-05 03:31 - 2022-01-06 03:49 - 000000000 ____D C:\WINDOWS\SystemResources
2022-01-05 03:31 - 2022-01-06 03:49 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2022-01-05 03:31 - 2022-01-06 03:49 - 000000000 ____D C:\WINDOWS\system32\setup
2022-01-05 03:31 - 2022-01-06 03:49 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-01-05 03:31 - 2022-01-06 03:49 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-01-05 03:31 - 2022-01-06 03:49 - 000000000 ____D C:\WINDOWS\system32\id-ID
2022-01-05 03:31 - 2022-01-06 03:49 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2022-01-05 03:31 - 2022-01-06 03:49 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2022-01-05 03:31 - 2022-01-06 03:49 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-01-05 03:31 - 2022-01-06 03:49 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2022-01-05 03:31 - 2022-01-06 03:49 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-01-05 03:31 - 2022-01-06 03:49 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-01-05 03:31 - 2022-01-06 03:49 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-01-05 03:31 - 2022-01-05 08:13 - 000000000 ____D C:\Program Files\Windows Defender
2022-01-05 03:31 - 2022-01-05 03:59 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-01-05 03:31 - 2022-01-05 03:44 - 000000000 ____D C:\WINDOWS\system32\spool
2022-01-05 03:31 - 2022-01-05 03:43 - 000000000 ____D C:\ProgramData\USOPrivate
2022-01-05 03:31 - 2022-01-05 03:41 - 000000000 ____D C:\Program Files\Windows NT
2022-01-05 03:31 - 2022-01-05 03:35 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2022-01-05 03:31 - 2022-01-05 03:35 - 000000000 __RHD C:\Users\Public\Libraries
2022-01-05 03:31 - 2022-01-05 03:35 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2022-01-05 03:31 - 2022-01-05 03:33 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-01-05 03:31 - 2022-01-05 03:33 - 000000000 ____D C:\WINDOWS\OCR
2022-01-05 03:31 - 2022-01-05 03:32 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2022-01-05 03:31 - 2022-01-05 03:32 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2022-01-05 03:31 - 2022-01-05 03:32 - 000000000 ___SD C:\WINDOWS\system32\F12
2022-01-05 03:31 - 2022-01-05 03:32 - 000000000 ___SD C:\WINDOWS\system32\dsc
2022-01-05 03:31 - 2022-01-05 03:32 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-01-05 03:31 - 2022-01-05 03:32 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2022-01-05 03:31 - 2022-01-05 03:32 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2022-01-05 03:31 - 2022-01-05 03:32 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2022-01-05 03:31 - 2022-01-05 03:32 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2022-01-05 03:31 - 2022-01-05 03:32 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-01-05 03:31 - 2022-01-05 03:32 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2022-01-05 03:31 - 2022-01-05 03:32 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2022-01-05 03:31 - 2022-01-05 03:32 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2022-01-05 03:31 - 2022-01-05 03:32 - 000000000 ____D C:\WINDOWS\system32\MUI
2022-01-05 03:31 - 2022-01-05 03:32 - 000000000 ____D C:\WINDOWS\system32\Com
2022-01-05 03:31 - 2022-01-05 03:32 - 000000000 ____D C:\WINDOWS\IME
2022-01-05 03:31 - 2022-01-05 03:32 - 000000000 ____D C:\WINDOWS\Help
2022-01-05 03:31 - 2022-01-05 03:32 - 000000000 ____D C:\WINDOWS\BrowserCore
2022-01-05 03:31 - 2022-01-05 03:32 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2022-01-05 03:31 - 2022-01-05 03:32 - 000000000 ____D C:\Program Files\Common Files\System
2022-01-05 03:31 - 2022-01-05 03:32 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-01-05 03:31 - 2022-01-05 03:32 - 000000000 ____D C:\Program Files (x86)\Windows NT
2022-01-05 03:31 - 2022-01-05 03:32 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 __SHD C:\Program Files\Windows Sidebar
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ___SD C:\WINDOWS\SysWOW64\lxss
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ___SD C:\WINDOWS\system32\Nui
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ___SD C:\WINDOWS\system32\lxss
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ___SD C:\WINDOWS\system32\Configuration
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ___HD C:\WINDOWS\LanguageOverlayCache
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\WUModels
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\Web
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\WaaS
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\Vss
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\UUS
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\tracing
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\TAPI
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\SysWOW64\ras
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\SysWOW64\Msdtc
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\SystemApps
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\system32\winevt
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\system32\ras
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\system32\ProximityToast
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\system32\PointOfService
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\system32\Pbr
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\system32\Keywords
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\system32\Ipmi
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\system32\IME
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\system32\icsxml
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\system32\ias
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\system32\Hydrogen
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\system32\GroupPolicyUsers
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\system32\DriverState
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\system32\downlevel
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\system32\config\TxR
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\system32\config\RegBack
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\system32\config\Journal
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\system32\Bthprops
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\System
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\SKB
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\schemas
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\SchCache
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\security
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\Resources
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\rescache
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\Registration
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\Provisioning
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\PLA
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\Performance
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\ModemLogs
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\Media
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\L2Schemas
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\InputMethod
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\IdentityCRL
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\Globalization
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\DiagTrack
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\Cursors
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\Containers
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\Branding
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\ProgramData\USOShared
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\Program Files\ModifiableWindowsApps
2022-01-05 03:31 - 2022-01-05 03:31 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-01-05 03:31 - 2022-01-05 03:30 - 000215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2022-01-05 03:31 - 2022-01-05 03:30 - 000215943 _____ C:\WINDOWS\system32\dssec.dat
2022-01-05 03:31 - 2022-01-05 03:30 - 000021047 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2022-01-05 03:31 - 2022-01-05 03:30 - 000017635 _____ C:\WINDOWS\system32\Drivers\etc\services
2022-01-05 03:31 - 2022-01-05 03:30 - 000003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2022-01-05 03:31 - 2022-01-05 03:30 - 000003103 _____ C:\WINDOWS\SysWOW64\mmc.exe.config
2022-01-05 03:31 - 2022-01-05 03:30 - 000003103 _____ C:\WINDOWS\system32\mmc.exe.config
2022-01-05 03:31 - 2022-01-05 03:30 - 000001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol
2022-01-05 03:31 - 2022-01-05 03:30 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2022-01-05 03:31 - 2022-01-05 03:30 - 000000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2022-01-05 03:31 - 2022-01-05 03:30 - 000000741 _____ C:\WINDOWS\system32\NOISE.DAT
2022-01-05 03:31 - 2022-01-05 03:30 - 000000407 _____ C:\WINDOWS\system32\Drivers\etc\networks
2022-01-05 03:31 - 2022-01-05 03:30 - 000000219 _____ C:\WINDOWS\system.ini
2022-01-05 03:31 - 2022-01-05 03:30 - 000000092 _____ C:\WINDOWS\win.ini
2022-01-05 03:30 - 2022-01-07 17:17 - 000000000 ____D C:\WINDOWS\INF
2022-01-05 03:28 - 2022-01-07 19:58 - 000000000 ____D C:\WINDOWS\servicing
2022-01-05 03:28 - 2022-01-07 19:58 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-01-05 03:28 - 2022-01-07 15:41 - 081526784 _____ C:\WINDOWS\system32\config\SOFTWARE
2022-01-05 03:28 - 2022-01-07 15:41 - 016777216 _____ C:\WINDOWS\system32\config\SYSTEM
2022-01-05 03:28 - 2022-01-07 15:41 - 000524288 _____ C:\WINDOWS\system32\config\DEFAULT
2022-01-05 03:28 - 2022-01-07 15:41 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-01-05 03:28 - 2022-01-07 15:41 - 000065536 _____ C:\WINDOWS\system32\config\SAM
2022-01-05 03:28 - 2022-01-07 15:41 - 000032768 _____ C:\WINDOWS\system32\config\SECURITY
2022-01-05 03:28 - 2022-01-05 03:36 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-01-05 03:28 - 2022-01-05 03:31 - 000000000 ____D C:\WINDOWS\system32\SMI
2022-01-05 02:19 - 2020-12-17 00:22 - 000276720 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTHDASIO64.dll
2022-01-05 02:19 - 2020-12-17 00:22 - 000231664 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RTHDASIO.dll
2022-01-05 02:17 - 2020-12-17 00:14 - 005994080 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2022-01-05 02:17 - 2020-12-17 00:03 - 043517749 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2022-01-05 02:16 - 2020-11-30 04:35 - 001144408 ____N (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\IntcOED.sys
2022-01-05 02:16 - 2020-11-30 04:35 - 000295520 _____ (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\IntcAudioBus.sys
2022-01-05 02:16 - 2020-11-30 04:09 - 000587948 _____ C:\WINDOWS\system32\Drivers\dsp_fw_release.bin
2022-01-05 02:14 - 2021-12-15 21:50 - 007586784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2022-01-05 02:12 - 2022-01-05 02:12 - 000000000 ___RD C:\Users\Public\Documents\Harmony Agent_FrameworkDirectory_Don'tErase
2022-01-05 02:12 - 2022-01-05 02:12 - 000000000 ___RD C:\Users\Lucie\Documents\&CP&SecurityFolderDo not&Remove
2022-01-05 02:12 - 2018-12-14 13:47 - 000403440 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\esif_lf.sys
2022-01-05 02:12 - 2018-12-14 13:47 - 000075248 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\dptf_cpu.sys
2022-01-05 02:11 - 2022-01-05 02:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZoneAlarm
2022-01-05 02:11 - 2018-12-14 13:47 - 000078832 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\dptf_acpi.sys
2022-01-05 02:10 - 2022-01-05 04:04 - 000000000 __SHD C:\Users\Lucie\IntelGraphicsProfiles
2022-01-05 02:09 - 2022-01-05 02:09 - 005960776 _____ (Check Point Software Technologies Ltd.) C:\Users\Lucie\Downloads\zafwSetupWeb_158_181_18901.exe
2022-01-05 02:09 - 2022-01-05 02:09 - 001088008 _____ (CheckPoint Software Technologies Ltd.) C:\Users\Lucie\Downloads\ZoneAlarmNGSetup_ZA_20PBETA_845DGV.exe
2022-01-05 02:09 - 2019-03-28 23:08 - 024902672 _____ (Intel Corporation) C:\WINDOWS\system32\mfxplugin64_hw.dll
2022-01-05 02:09 - 2019-03-28 23:08 - 011726352 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfxplugin32_hw.dll
2022-01-05 02:09 - 2019-03-28 23:08 - 002991632 _____ (Intel Corporation) C:\WINDOWS\system32\mfx_mft_mjpgvd_64.dll
2022-01-05 02:09 - 2019-03-28 23:08 - 002433552 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfx_mft_mjpgvd_32.dll
2022-01-05 02:09 - 2019-03-28 23:08 - 000161296 _____ C:\WINDOWS\SysWOW64\libGLESv2.dll
2022-01-05 02:09 - 2019-03-28 23:08 - 000147472 _____ C:\WINDOWS\SysWOW64\libEGL.dll
2022-01-05 02:09 - 2019-03-28 23:08 - 000144912 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2022-01-05 02:09 - 2019-03-28 23:08 - 000125968 _____ C:\WINDOWS\SysWOW64\libGLESv1_CM.dll
2022-01-05 02:09 - 2019-03-28 23:08 - 000119824 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2022-01-05 02:09 - 2019-03-28 20:10 - 020843488 _____ (Intel Corporation) C:\WINDOWS\system32\libmfxhw64.dll
2022-01-05 02:09 - 2019-03-28 20:10 - 019745792 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\libmfxhw32.dll
2022-01-05 02:09 - 2019-03-28 20:10 - 003169504 _____ (Intel Corporation) C:\WINDOWS\system32\mfx_mft_h265ve_64.dll
2022-01-05 02:09 - 2019-03-28 20:10 - 003161704 _____ (Intel Corporation) C:\WINDOWS\system32\mfx_mft_vp9ve_64.dll
2022-01-05 02:09 - 2019-03-28 20:10 - 003148520 _____ (Intel Corporation) C:\WINDOWS\system32\mfx_mft_h264ve_64.dll
2022-01-05 02:09 - 2019-03-28 20:10 - 002951592 _____ (Intel Corporation) C:\WINDOWS\system32\mfx_mft_encrypt_64.dll
2022-01-05 02:09 - 2019-03-28 20:10 - 002576032 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfx_mft_h265ve_32.dll
2022-01-05 02:09 - 2019-03-28 20:10 - 002570840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfx_mft_vp9ve_32.dll
2022-01-05 02:09 - 2019-03-28 20:10 - 002562360 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfx_mft_h264ve_32.dll
2022-01-05 02:09 - 2019-03-28 20:10 - 002410336 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfx_mft_encrypt_32.dll
2022-01-05 02:09 - 2019-03-28 20:10 - 000204880 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll
2022-01-05 02:09 - 2019-03-28 20:10 - 000176728 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll
2022-01-05 02:09 - 2019-03-28 19:52 - 001376256 _____ C:\WINDOWS\system32\c_64.cpa
2022-01-05 02:09 - 2019-03-28 19:52 - 001361159 _____ C:\WINDOWS\SysWOW64\c_32.cpa
2022-01-05 02:09 - 2019-03-28 19:52 - 000071489 _____ C:\WINDOWS\SysWOW64\h265e_32.vp
2022-01-05 02:09 - 2019-03-28 19:52 - 000071092 _____ C:\WINDOWS\SysWOW64\vp9e_32.vp
2022-01-05 02:09 - 2019-03-28 19:52 - 000069909 _____ C:\WINDOWS\SysWOW64\he_32.vp
2022-01-05 02:09 - 2019-03-28 19:52 - 000065201 _____ C:\WINDOWS\SysWOW64\mj_32.vp
2022-01-05 02:09 - 2019-03-28 19:52 - 000057143 _____ C:\WINDOWS\SysWOW64\dev_32.vp
2022-01-05 02:09 - 2019-03-28 19:52 - 000056359 _____ C:\WINDOWS\system32\dev_64.vp
2022-01-05 02:09 - 2019-03-28 19:52 - 000014001 _____ C:\WINDOWS\system32\h265e_64.vp
2022-01-05 02:09 - 2019-03-28 19:52 - 000013860 _____ C:\WINDOWS\system32\vp9e_64.vp
2022-01-05 02:09 - 2019-03-28 19:52 - 000013417 _____ C:\WINDOWS\system32\he_64.vp
2022-01-05 02:09 - 2019-03-28 19:52 - 000013181 _____ C:\WINDOWS\system32\mj_64.vp
2022-01-05 02:09 - 2019-03-28 19:52 - 000001125 _____ C:\WINDOWS\SysWOW64\cpa_32.vp
2022-01-05 02:09 - 2019-03-28 19:52 - 000001125 _____ C:\WINDOWS\system32\cpa_64.vp
2022-01-05 02:08 - 2019-10-24 06:00 - 005291760 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RsDMFT64.dll
2022-01-05 01:57 - 2022-01-05 04:45 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-01-05 01:22 - 2022-01-05 03:45 - 000000000 ___RD C:\Users\Lucie\OneDrive
2022-01-05 01:20 - 2022-01-05 01:20 - 000000000 ___RD C:\Users\Lucie\3D Objects
2022-01-04 23:34 - 2022-01-04 23:34 - 000000000 _SHDL C:\Users\Public\Documents\Obrázky
2022-01-04 23:34 - 2022-01-04 23:34 - 000000000 _SHDL C:\Users\Public\Documents\Hudba
2022-01-04 23:34 - 2022-01-04 23:34 - 000000000 _SHDL C:\Users\Public\Documents\Filmy
2022-01-04 23:34 - 2022-01-04 23:34 - 000000000 _SHDL C:\Users\Default\Šablony
2022-01-04 23:34 - 2022-01-04 23:34 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2022-01-04 23:34 - 2022-01-04 23:34 - 000000000 _SHDL C:\Users\Default\Poslední
2022-01-04 23:34 - 2022-01-04 23:34 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2022-01-04 23:34 - 2022-01-04 23:34 - 000000000 _SHDL C:\Users\Default\Okolní síť
2022-01-04 23:34 - 2022-01-04 23:34 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2022-01-04 23:34 - 2022-01-04 23:34 - 000000000 _SHDL C:\Users\Default\Dokumenty
2022-01-04 23:34 - 2022-01-04 23:34 - 000000000 _SHDL C:\Users\Default\Documents\Obrázky
2022-01-04 23:34 - 2022-01-04 23:34 - 000000000 _SHDL C:\Users\Default\Documents\Hudba
2022-01-04 23:34 - 2022-01-04 23:34 - 000000000 _SHDL C:\Users\Default\Documents\Filmy
2022-01-04 23:34 - 2022-01-04 23:34 - 000000000 _SHDL C:\Users\Default\Data aplikací
2022-01-04 23:34 - 2022-01-04 23:34 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2022-01-04 23:34 - 2022-01-04 23:34 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2022-01-04 23:21 - 2022-01-04 23:21 - 000000000 _____ C:\Recovery.txt
2022-01-04 22:38 - 2022-01-04 22:38 - 000000000 ___HD C:\$GetCurrent
2021-12-25 06:02 - 2022-01-05 03:17 - 000000000 ____D C:\Intel
2021-12-24 17:01 - 2022-01-04 21:54 - 000000000 ____D C:\LEECH ZALOHA SAMSUNG
2021-12-24 17:01 - 2021-12-24 17:01 - 000000000 ____D C:\Nová složka
2021-12-20 21:53 - 2021-12-20 21:53 - 001377016 _____ (Check Point Software Technologies Ltd.) C:\vsinit.dll
2021-12-20 21:52 - 2021-12-20 21:52 - 000995504 _____ (Check Point Software Technologies Ltd.) C:\InstHelper.exe
2021-12-18 01:54 - 2021-12-18 01:55 - 000000000 ____D C:\Zaloha
2021-12-18 00:36 - 2021-12-17 23:47 - 000065552 ____T C:\DDISK
2021-12-17 23:47 - 2021-12-17 23:47 - 000000000 _SHDL C:\Documents and Settings
2021-12-17 23:45 - 2022-01-07 17:09 - 000012288 ___SH C:\DumpStack.log.tmp

==================== One month (modified) ==================

(There is no automatic fix for files that do not pass verification.)


==================== SigCheckExt =========================

2022-01-07 07:59 - 2022-01-07 07:59 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-01-08 10:40 - 2022-01-08 10:39 - 002311168 _____ (Farbar) C:\Users\Leech\Desktop\FRST64.exe
2022-01-08 10:39 - 2022-01-08 10:39 - 002311168 _____ (Farbar) C:\Users\Leech\Downloads\FRST64.exe
2022-01-07 13:18 - 2022-01-07 13:27 - 030177492 _____ (The qBittorrent project) C:\Users\Leech\Downloads\qbittorrent_4.4.0_x64_setup.exe
2022-01-07 11:57 - 2022-01-07 11:58 - 110434664 _____ (Smart Code Ltd) C:\Users\Leech\Downloads\Stremio+4.4.142.exe

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


==================== BCD ================================

Firmware Boot Manager
---------------------
identifier {fwbootmgr}
displayorder {c0a5f917-6f81-11ec-a5b6-806e6f6e6963}
{c0a5f918-6f81-11ec-a5b6-806e6f6e6963}
{bootmgr}
{a10e2e09-6dad-11ec-ba8e-eef6e046822d}
timeout 0

Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI
description Windows Boot Manager
locale cs-CZ
inherit {globalsettings}
default {current}
resumeobject {1e814730-6dd0-11ec-8404-8fe25218b44e}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30

Firmware Application (101fffff)
-------------------------------
identifier {a10e2e09-6dad-11ec-ba8e-eef6e046822d}
description ajkasdak

Firmware Application (101fffff)
-------------------------------
identifier {c0a5f917-6f81-11ec-a5b6-806e6f6e6963}
description UEFI: PXE IP4 Realtek PCIe GBE Family Controller

Firmware Application (101fffff)
-------------------------------
identifier {c0a5f918-6f81-11ec-a5b6-806e6f6e6963}
description UEFI: PXE IP6 Realtek PCIe GBE Family Controller

Windows Boot Loader
-------------------
identifier {16053de9-6dc2-11ec-9d05-a79eeef8d01d}
device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{16053dea-6dc2-11ec-9d05-a79eeef8d01d}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale cs-CZ
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{16053dea-6dc2-11ec-9d05-a79eeef8d01d}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes

Windows Boot Loader
-------------------
identifier {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 11
locale cs-CZ
inherit {bootloadersettings}
recoverysequence {16053de9-6dc2-11ec-9d05-a79eeef8d01d}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {1e814730-6dd0-11ec-8404-8fe25218b44e}
nx OptIn
bootmenupolicy Standard

Windows Boot Loader
-------------------
identifier {a10e2e0d-6dad-11ec-ba8e-eef6e046822d}
device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{a10e2e0e-6dad-11ec-ba8e-eef6e046822d}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale cs-cz
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{a10e2e0e-6dad-11ec-ba8e-eef6e046822d}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes

Resume from Hibernate
---------------------
identifier {1e814730-6dd0-11ec-8404-8fe25218b44e}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale cs-CZ
inherit {resumeloadersettings}
recoverysequence {16053de9-6dc2-11ec-9d05-a79eeef8d01d}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
custom:21000026 partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No

Windows Memory Tester
---------------------
identifier {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostika pamŘti syst‚mu Windows
locale cs-CZ
inherit {globalsettings}
badmemoryaccess Yes

EMS Settings
------------
identifier {emssettings}
bootems No

Debugger Settings
-----------------
identifier {dbgsettings}
debugtype Local

RAM Defects
-----------
identifier {badmemory}

Global Settings
---------------
identifier {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Boot Loader Settings
--------------------
identifier {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Hypervisor Settings
-------------------
identifier {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Resume Loader Settings
----------------------
identifier {resumeloadersettings}
inherit {globalsettings}

Device options
--------------
identifier {16053dea-6dc2-11ec-9d05-a79eeef8d01d}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume4
ramdisksdipath \Recovery\WindowsRE\boot.sdi

==================== End of FRST.txt ========================

Tady mne zaráží, Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{1DBD4EF5-D8EC-4CAF-87F8-7CA0F3FC8917}, protože jiný počítač v síti má stejný název. Server nelze spustit. Já nemám, žádný jiný počítač v siti. Na WIFI jsou jen tento počítač, telefony, O2 IPTV a SmartTV-

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-12-2021
Ran by Administrator (08-01-2022 10:44:15)
Running from C:\Users\Leech\Desktop
Microsoft Windows 11 Home Version 21H2 22000.376 (X64) (2022-01-05 02:43:35)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2232147753-1779878456-3232465511-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-2232147753-1779878456-3232465511-503 - Limited - Disabled)
defaultuser100000 (S-1-5-21-2232147753-1779878456-3232465511-1005 - Limited - Enabled)
Guest (S-1-5-21-2232147753-1779878456-3232465511-501 - Limited - Disabled)
Leech (S-1-5-21-2232147753-1779878456-3232465511-1002 - Limited - Enabled) => C:\Users\Leech
Lucie (S-1-5-21-2232147753-1779878456-3232465511-1001 - Limited - Enabled) => C:\Users\Lucie
WDAGUtilityAccount (S-1-5-21-2232147753-1779878456-3232465511-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Bulk Image Downloader v6.5.0.0 (64 bit) (HKLM\...\Bulk Image Downloader (64 bit)_is1) (Version: 6.05 - Antibody Software)
Canva (HKU\S-1-5-21-2232147753-1779878456-3232465511-1002\...\3d0ba22d-e02b-5c6d-93a1-4e2a9af9c1f2) (Version: 1.38.0 - Canva Pty Ltd)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 12.0.173.5074 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{6f5115cf-c3c7-489c-b98d-66ec45eaff05}) (Version: 12.0.173.5074 - Electronic Arts)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 97.0.4692.71 - Google LLC)
LibreOffice 7.2.4.1 (HKLM\...\{BB7C5E72-36E2-4455-96F7-2DC1D9586AF4}) (Version: 7.2.4.1 - The Document Foundation)
Luminar AI (HKLM\...\Luminar AI) (Version: 1.5.1.8913 - Skylum)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.62 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 96.0.1054.62 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2232147753-1779878456-3232465511-1001\...\OneDriveSetup.exe) (Version: 21.050.0310.0001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2232147753-1779878456-3232465511-1002\...\OneDriveSetup.exe) (Version: 21.230.1107.0004 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{2FA9DAAC-895B-4E99-99D9-DC2965FBE79C}) (Version: 2.87.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29325 (HKLM-x32\...\{33628a12-6787-4b9f-95a1-92449f69fae0}) (Version: 14.28.29325.2 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29325 (HKLM-x32\...\{d7a6435f-ac9a-4af6-8fdc-ca130d13fac9}) (Version: 14.28.29325.2 - Microsoft Corporation)
MiniTool MovieMaker (HKLM\...\{MT-39B9213B-B182-41FB-B149-CD1016372F9C}_is1) (Version: 3.0.1 - MiniTool Software Limited)
Movavi Video Editor Plus 2022 (HKU\S-1-5-21-2232147753-1779878456-3232465511-1002\...\Movavi Video Editor Plus 2022) (Version: 22.1.0 - Movavi)
NVIDIA Ovladače grafiky 497.29 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 497.29 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Opera Stable 82.0.4227.43 (HKLM-x32\...\Opera 82.0.4227.43) (Version: 82.0.4227.43 - Opera Software)
qBittorrent 4.4.0 (HKLM-x32\...\qBittorrent) (Version: 4.4.0 - The qBittorrent project)
Stremio (HKU\S-1-5-21-2232147753-1779878456-3232465511-500\...\Stremio) (Version: 4.4.142 - Smart Code Ltd)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.7.0 - Azureus Software, Inc.)
Zoner Photo Studio X CS (HKU\S-1-5-21-2232147753-1779878456-3232465511-1002\...\ZPS X) (Version: 19.2109.2.353 - ZONER software)
Zoner Photo Studio X CS (HKU\S-1-5-21-2232147753-1779878456-3232465511-500\...\ZPS X) (Version: 19.2109.2.353 - ZONER software)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2232147753-1779878456-3232465511-1002_Classes\CLSID\{444c3d34-4024-4c6f-a9da-b47eed58ceb6}\localserver32 -> C:\Program Files\Skylum\Luminar AI\Luminar AI.exe (Skylum Software USA, Inc. -> Skylum)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_39f6d2586ed0b7d9\nvshext.dll [2021-12-15] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers1_S-1-5-21-2232147753-1779878456-3232465511-1002: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4_S-1-5-21-2232147753-1779878456-3232465511-1002: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers5_S-1-5-21-2232147753-1779878456-3232465511-1002: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2022-01-05 20:18 - 2020-02-23 08:59 - 116863488 _____ () [File not signed] C:\Program Files\Bulk Image Downloader\libcef.dll
2022-01-05 20:18 - 2016-08-16 18:45 - 000402944 _____ () [File not signed] C:\Program Files\Bulk Image Downloader\libwebp\libwebp.dll
2022-01-05 20:18 - 2020-02-23 07:45 - 000401408 _____ () [File not signed] C:\Program Files\Bulk Image Downloader\swiftshader\libegl.dll
2022-01-05 20:18 - 2020-02-23 07:47 - 003762176 _____ () [File not signed] C:\Program Files\Bulk Image Downloader\swiftshader\libglesv2.dll
2022-01-07 11:55 - 2022-01-07 11:55 - 000017920 _____ () [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libEGL.DLL
2022-01-07 11:55 - 2022-01-07 11:55 - 003567616 _____ () [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libGLESv2.dll
2022-01-05 20:18 - 2019-10-27 23:57 - 012886340 _____ (Chilkat Software, Inc.) [File not signed] C:\Program Files\Bulk Image Downloader\ChilkatDelphi64.dll
2022-01-05 02:14 - 2022-01-05 02:14 - 000137184 _____ (Microsoft Windows -> Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20050.505.0_x64__cw5n1h2txyewy\Dashboard\WebView2Loader.dll
2022-01-05 20:18 - 2020-01-28 09:44 - 001918464 _____ (SQLite Development Team) [File not signed] C:\Program Files\Bulk Image Downloader\sqlite3.dll
2022-01-05 20:18 - 2020-02-23 07:50 - 000969216 _____ (The Chromium Authors) [File not signed] C:\Program Files\Bulk Image Downloader\chrome_elf.dll
2022-01-05 20:18 - 2019-12-22 00:01 - 002293248 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Bulk Image Downloader\libeay32.dll
2022-01-07 11:55 - 2022-01-07 11:55 - 002815488 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libcrypto-1_1-x64.dll
2022-01-07 11:55 - 2022-01-07 11:55 - 000678400 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libssl-1_1-x64.dll
2022-01-07 11:55 - 2022-01-07 11:55 - 000046592 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\bearer\qgenericbearer.dll
2022-01-07 11:55 - 2022-01-07 11:55 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qgif.dll
2022-01-07 11:55 - 2022-01-07 11:55 - 000039936 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qicns.dll
2022-01-07 11:55 - 2022-01-07 11:55 - 000031232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qico.dll
2022-01-07 11:55 - 2022-01-07 11:55 - 000415232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qjpeg.dll
2022-01-07 11:55 - 2022-01-07 11:55 - 000025600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qsvg.dll
2022-01-07 11:55 - 2022-01-07 11:55 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qtga.dll
2022-01-07 11:55 - 2022-01-07 11:55 - 000380416 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qtiff.dll
2022-01-07 11:55 - 2022-01-07 11:55 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qwbmp.dll
2022-01-07 11:55 - 2022-01-07 11:55 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qwebp.dll
2022-01-07 11:55 - 2022-01-07 11:55 - 001455616 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\platforms\qwindows.dll
2022-01-07 11:55 - 2022-01-07 11:55 - 000227328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt\labs\platform\qtlabsplatformplugin.dll
2022-01-07 11:55 - 2022-01-07 11:55 - 006270976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Core.dll
2022-01-07 11:55 - 2022-01-07 11:55 - 006947328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Gui.dll
2022-01-07 11:55 - 2022-01-07 11:55 - 001389568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Network.dll
2022-01-07 11:55 - 2022-01-07 11:55 - 000327168 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Positioning.dll
2022-01-07 11:55 - 2022-01-07 11:55 - 000319488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5PrintSupport.dll
2022-01-07 11:55 - 2022-01-07 11:55 - 003798528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Qml.dll
2022-01-07 11:55 - 2022-01-07 11:55 - 000440832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QmlModels.dll
2022-01-07 11:55 - 2022-01-07 11:55 - 000054784 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QmlWorkerScript.dll
2022-01-07 11:55 - 2022-01-07 11:55 - 004254720 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Quick.dll
2022-01-07 11:55 - 2022-01-07 11:55 - 000171520 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QuickControls2.dll
2022-01-07 11:55 - 2022-01-07 11:55 - 000222208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QuickShapes.dll
2022-01-07 11:55 - 2022-01-07 11:55 - 001128960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QuickTemplates2.dll
2022-01-07 11:55 - 2022-01-07 11:55 - 000075264 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QuickWidgets.dll
2022-01-07 11:55 - 2022-01-07 11:55 - 000334848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Svg.dll
2022-01-07 11:55 - 2022-01-07 11:55 - 000396288 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebEngine.dll
2022-01-07 11:55 - 2022-01-07 11:55 - 103583232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebEngineCore.dll
2022-01-07 11:55 - 2022-01-07 11:55 - 000250880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebEngineWidgets.dll
2022-01-07 11:55 - 2022-01-07 11:55 - 000133120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebChannel.dll
2022-01-07 11:55 - 2022-01-07 11:55 - 000157184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebSockets.dll
2022-01-07 11:55 - 2022-01-07 11:55 - 005611520 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Widgets.dll
2022-01-07 11:55 - 2022-01-07 11:55 - 000210432 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Xml.dll
2022-01-07 11:55 - 2022-01-07 11:55 - 000056832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2022-01-07 11:55 - 2022-01-07 11:55 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2022-01-07 11:55 - 2022-01-07 11:55 - 000018432 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick.2\qtquick2plugin.dll
2022-01-07 11:55 - 2022-01-07 11:55 - 000294400 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2022-01-07 11:55 - 2022-01-07 11:55 - 000106496 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Layouts\qquicklayoutsplugin.dll
2022-01-07 11:55 - 2022-01-07 11:55 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Shapes\qmlshapesplugin.dll
2022-01-07 11:55 - 2022-01-07 11:55 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2022-01-07 11:55 - 2022-01-07 11:55 - 000045568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Window.2\windowplugin.dll
2022-01-07 11:55 - 2022-01-07 11:55 - 000093696 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtWebEngine\qtwebengineplugin.dll
2022-01-07 11:55 - 2022-01-07 11:55 - 000021504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtWebChannel\declarative_webchannel.dll
2022-01-07 11:55 - 2022-01-07 11:55 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\styles\qwindowsvistastyle.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2022-01-05 03:31 - 2022-01-05 03:30 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2232147753-1779878456-3232465511-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2232147753-1779878456-3232465511-1002\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2232147753-1779878456-3232465511-500\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 10.0.1.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{40FAEAC4-F3AC-4AF9-896D-7E1E742157F4}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.0.34.0_x64__qmba6cd70vzyy\MyASUS\MyASUS.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{87BE4631-9A3A-4928-A372-58A88BD46D45}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.0.34.0_x64__qmba6cd70vzyy\MyASUS\MyASUS.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{72C5A41F-A66A-4420-9ED9-96B8764B9A96}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.0.34.0_x64__qmba6cd70vzyy\MyASUS\MyASUS.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{1378B7AC-6BF6-48FD-BAA3-F36BC36B30D8}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.0.34.0_x64__qmba6cd70vzyy\MyASUS\MyASUS.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{2C38A8AA-6C77-4D49-BBB8-CCC385F2DABF}] => (Allow) C:\Program Files\WindowsApps\microsoftteams_21323.200.1078.109_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AA28412B-5F59-4D2D-91FC-3924B17A9856}] => (Allow) C:\Program Files\WindowsApps\microsoftteams_21323.200.1078.109_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DE87B16C-D2C2-4F3D-A5AB-85C1F1B10054}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D9CA877E-A4AC-477E-AB0D-D9807916CEDA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A16EE238-032A-4853-B26B-E060C8F29E3E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B1C4DD4A-45E7-433F-B829-22B7B68BBF66}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F63A736C-B645-4D2D-9997-1680D4DE8141}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{753F366F-60D5-4635-B098-D5DE770771EA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3D8385F9-86DF-4CDD-9BC6-8DC1FD9670ED}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{60C92BCC-CA91-4EDA-B69A-373EA0E75917}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3EBAB300-93AA-4470-B34C-B35153C7B9F7}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\96.0.1054.62\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D4AD19FC-4AFB-426A-AD88-A0A30D72DC86}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{EFF973DE-340E-4A4A-A87C-775919668557}C:\users\administrator\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe] => (Allow) C:\users\administrator\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe (Stremio (Smart Code OOD) -> Stremio Runtime) [File not signed]
FirewallRules: [UDP Query User{FF7DF953-8101-45A4-B495-DC0CF5B8EE96}C:\users\administrator\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe] => (Allow) C:\users\administrator\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe (Stremio (Smart Code OOD) -> Stremio Runtime) [File not signed]
FirewallRules: [{9B22B3E3-62D7-4316-9F4F-CF76ADBF485C}] => (Allow) C:\Program Files\Opera\82.0.4227.43\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [TCP Query User{CAD0F071-94C7-41F5-B679-8B9E0F5D10D1}C:\program files\opera\opera.exe] => (Allow) C:\program files\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{00BCB978-12AB-468C-B0FC-493D81E223A1}C:\program files\opera\opera.exe] => (Allow) C:\program files\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{8FF5D0A5-9370-48BC-8685-BA850EEEDB26}] => (Allow) C:\Program Files\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{4AEB56F8-FA56-4A90-916D-89DCA524A2C5}] => (Allow) C:\Program Files\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{8FA8FDE8-C350-469B-BF07-705685FD4858}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{5D8BE7C9-BCC0-4AD4-A75D-629A936169DC}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{231EA078-99FF-403E-9DD9-38409DAED446}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSLinkNear\AsusLinkNear.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{76E71279-1A86-444D-8816-6055260CB7E5}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​)
FirewallRules: [{84D921FC-DAD6-4184-9476-C4229E0E3FD9}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​)

==================== Restore Points =========================

08-01-2022 04:10:22 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/08/2022 01:46:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: setup.exe_Installer.exe, verze: 1.0.0.0, časové razítko: 0x608f1df9
Název chybujícího modulu: setup.exe, verze: 1.0.0.0, časové razítko: 0x608f1df9
Kód výjimky: 0xc0000005
Posun chyby: 0x00034a4e
ID chybujícího procesu: 0x38a4
Čas spuštění chybující aplikace: 0x01d804233501ae05
Cesta k chybující aplikaci: D:\setup.exe
Cesta k chybujícímu modulu: D:\setup.exe
ID zprávy: 0e814e7a-5240-493a-bb3d-465a33472eb0
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/08/2022 01:05:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: TCUI-App.exe, verze: 3.60.2112.12001, časové razítko: 0x61b61f5a
Název chybujícího modulu: twinapi.appcore.dll, verze: 10.0.22000.318, časové razítko: 0x773eea87
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000010a824
ID chybujícího procesu: 0x1a0c
Čas spuštění chybující aplikace: 0x01d80423740d90f7
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.GamingServices_3.60.12001.0_x64__8wekyb3d8bbwe\TCUI-App.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\twinapi.appcore.dll
ID zprávy: 68ad1126-2cc1-4e36-b081-b8d77282fd73
Úplný název chybujícího balíčku: Microsoft.GamingServices_3.60.12001.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: Microsoft.GamingServices

Error: (01/07/2022 01:43:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program dllhost.exe verze 10.0.22000.1 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 2e24

Čas spuštění: 01d803be03839803

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\System32\dllhost.exe

ID hlášení: 11edc999-7971-4ca6-8588-68a3a6e67d53

Úplný název balíčku s chybou: Microsoft.OneDriveSync_21230.1107.4.0_neutral__8wekyb3d8bbwe

ID aplikace relativní podle balíčku s chybou: OneDrive

Typ zablokování: Quiesce

Error: (01/07/2022 05:39:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MagickViewer.exe, verze: 7.0.0.0, časové razítko: 0x614d9acb
Název chybujícího modulu: ntdll.dll, verze: 10.0.22000.348, časové razítko: 0x22eb3761
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000019790
ID chybujícího procesu: 0x2a50
Čas spuštění chybující aplikace: 0x01d80380303f021f
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\38526MediaLife.PhotosOpenerForWin10_0.0.14.0_x64__1crh1k73ty8mg\MagickViewer\MagickViewer.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: c4382488-c1a3-456a-8a63-c25032cbd378
Úplný název chybujícího balíčku: 38526MediaLife.PhotosOpenerForWin10_0.0.14.0_x64__1crh1k73ty8mg
ID aplikace související s chybujícím balíčkem: App

Error: (01/05/2022 03:59:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SystemSettings.exe, verze: 10.0.22000.120, časové razítko: 0x27a6d211
Název chybujícího modulu: Windows.UI.Xaml.dll, verze: 10.0.22000.318, časové razítko: 0xe4273f56
Kód výjimky: 0xc000027b
Posun chyby: 0x0000000000834450
ID chybujícího procesu: 0x2b38
Čas spuštění chybující aplikace: 0x01d801e02a13aed2
Cesta k chybující aplikaci: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Cesta k chybujícímu modulu: C:\Windows\System32\Windows.UI.Xaml.dll
ID zprávy: 3f5151c7-0a79-4443-8bae-6ae9b2dfa331
Úplný název chybujícího balíčku: windows.immersivecontrolpanel_10.0.6.1000_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: microsoft.windows.immersivecontrolpanel

Error: (01/05/2022 03:43:46 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0x80072EE7
Argument příkazového řádku:
RuleId=3482d82e-ca2c-4e1f-8864-da0267b484b2;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=0567073a-7d74-403b-b2d5-6b35da372d8d;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (01/05/2022 03:43:46 AM) (Source: Software Protection Platform Service) (EventID: 1014) (User: )
Description: Získání licence koncového uživatele se nezdařilo. hr=0x80072EE7
ID SKU=0567073a-7d74-403b-b2d5-6b35da372d8d

Error: (01/05/2022 03:43:46 AM) (Source: Software Protection Platform Service) (EventID: 8200) (User: )
Description: Podrobnosti chyby získávání licence
hr=0x80072EE7


System errors:
=============
Error: (01/08/2022 10:12:39 AM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{1DBD4EF5-D8EC-4CAF-87F8-7CA0F3FC8917}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (01/08/2022 09:42:06 AM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{1DBD4EF5-D8EC-4CAF-87F8-7CA0F3FC8917}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (01/08/2022 09:11:33 AM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{1DBD4EF5-D8EC-4CAF-87F8-7CA0F3FC8917}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (01/08/2022 08:40:59 AM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{1DBD4EF5-D8EC-4CAF-87F8-7CA0F3FC8917}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (01/08/2022 08:10:26 AM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{1DBD4EF5-D8EC-4CAF-87F8-7CA0F3FC8917}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (01/08/2022 07:39:53 AM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{1DBD4EF5-D8EC-4CAF-87F8-7CA0F3FC8917}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (01/08/2022 07:09:20 AM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{1DBD4EF5-D8EC-4CAF-87F8-7CA0F3FC8917}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (01/08/2022 06:39:18 AM) (Source: ACPI) (EventID: 13) (User: )
Description: : Integrovaný řadič neodpověděl během zadaného časového limitu. Může to znamenat chybu hardwaru nebo firmwaru integrovaného řadiče nebo že systém BIOS přistupuje k integrovanému řadiči nesprávně. Měli byste zjistit, zda výrobce počítače nemá k dispozici upgrade systému BIOS. V některých situacích může tato chyba způsobit, že počítač nebude pracovat správně.


Windows Defender:
================Event[0]

Date: 2022-01-05 04:07:44
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby. ਍

==================== Memory info ===========================

BIOS: American Megatrends Inc. X571GD.312 09/15/2021
Motherboard: ASUSTeK COMPUTER INC. X571GD
Processor: Intel(R) Core(TM) i5-8300H CPU @ 2.30GHz
Percentage of memory in use: 83%
Total physical RAM: 8043.85 MB
Available physical RAM: 1348.13 MB
Total Virtual: 13668.95 MB
Available Virtual: 1994.05 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:475.74 GB) (Free:15.71 GB) NTFS
Drive d: (MASS_EFFECT_LEGENDARY_EDITION) (CDROM) (Total:88.91 GB) (Free:0 GB) UDF

\\?\Volume{4ebf579f-2647-4518-816a-462805f151d4}\ () (Fixed) (Total:0.6 GB) (Free:0.08 GB) NTFS
\\?\Volume{f43ce88f-20a2-4a11-b215-33847fa4c989}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 4A1C1A6F)

Partition: GPT.

==================== End of Addition.txt =======================

Do poznamkoveho bloku skopirujte obsah dole:
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.