Prosim o kontrolu logu

[Yelkinson]

když dam vyhledat VirusTotal: C:\Windows\pss\tmpB9FB.tmp.vbs" => not found

tak mi to ukáže akorát log z FRST

a zjistil sem že mi po restartu opět vyskakuji ty stránky ve foxu

[Reklama]

[jaro3]

Jaké stránky?

Ale ne , myslel jsem tento soubor:
C:\Windows\pss\tmpB9FB.tmp.vbs

[Yelkinson]

no po zapnutí počítače se mi otevře firefox a ty dvě okna s těma stránkama co sem psal.



asi je tam tohle na me vyskoci : tmpB9FB.tmp.vbs.Startup

[jaro3]

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na https://www.virustotal.com/#/home/uploadVirustotal
C:\Windows\pss\tmpB9FB.tmp.vbs
Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

[Yelkinson]

https://www.virustotal.com/gui/file/e3b ... ?nocache=1


Snad je to dobře.

[jaro3]

Pokud je to ten soubor, tak je.

Dej znovu nové logy z frst.

[Yelkinson]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-06-2023
Ran by David (03-07-2023 05:55:52)
Running from C:\Users\David\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X64) (2018-06-16 17:31:55)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2767009719-3010479440-3224241737-500 - Administrator - Disabled)
David (S-1-5-21-2767009719-3010479440-3224241737-1000 - Administrator - Enabled) => C:\Users\David
Guest (S-1-5-21-2767009719-3010479440-3224241737-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ACP Application (HKLM\...\{C70C71CD-B59A-4A57-83BA-FF64C3F1E6E9}) (Version: 1.2.3.5 - Advanced Micro Devices, Inc.) Hidden
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.42.34 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.207 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.207 - Adobe)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 21.5.2 - Advanced Micro Devices, Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.1.0 - Asmedia Technology)
Branding64 (HKLM\...\{C871FC62-0186-40ED-BAEA-7C65BE367755}) (Version: 1.00.0006 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 6.04 - Piriform)
Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec Pack 64bit_is1) (Version: 2015.10.19.0 - CCCP Project)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LibreOffice 6.3.3.2 (HKLM\...\{4DACF7A7-C851-4943-A63D-3CAE495C48E0}) (Version: 6.3.3.2 - The Document Foundation)
Malwarebytes version 4.5.30.269 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.30.269 - Malwarebytes)
Microsoft .NET Framework 4.8 (CSY) (HKLM\...\{39DC4515-B8C1-3AD9-AA88-D7C8A333612F}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{16735AF7-1D8D-3681-94A5-C578A61EC832}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 109.0.1518.115 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 109.0.1518.115 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2767009719-3010479440-3224241737-1000\...\Teams) (Version: 1.4.00.35564 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702 (HKLM-x32\...\{49697869-be8e-427d-81a0-c334d1d14950}) (Version: 14.21.27702.2 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.28.29334 (HKLM\...\{2E11EF4E-901F-4B2D-B68E-3DB2A566C857}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.28.29334 (HKLM\...\{8A3F7D5B-422D-49D9-84F7-8DC1B7782967}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29334 (HKLM-x32\...\{14C49FC8-3E9B-4F29-8526-26629B5CF30B}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29334 (HKLM-x32\...\{0D01A812-82A1-481F-8546-8E28E976F8DF}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Minecraft 1.13.2 CZ + TLauncher 2.53 (HKLM-x32\...\Minecraft 1.13.2 CZ + TLauncher 2.53 1.13.2) (Version: 1.13.2 - Mojang)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 114.0.2 (x64 cs)) (Version: 114.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0.2 - Mozilla)
Nitrox (HKLM\...\{F24D865C-7EF4-4089-BDF7-FA738EB52B9D}) (Version: 1.0.6930.29659 - Nitrox)
NVIDIA PhysX (HKLM-x32\...\{DEA314C4-0929-4250-BC92-98E4C105F28D}) (Version: 9.10.0129 - NVIDIA Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.141.511.2021 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
Roblox Player for David (HKU\S-1-5-21-2767009719-3010479440-3224241737-1000\...\roblox-player) (Version: - Roblox Corporation)
RogueKiller version 15.11.0.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 15.11.0.0 - Adlice Software)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.9.0 - Sophos Limited)
UE4 Prerequisites (x64) (HKLM\...\{F9EC45F9-074A-48BF-92E9-A8CADD56F693}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{4e242cc8-5e3c-4b08-9d55-dbc62ddd1208}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.18 - VideoLAN)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Zemana AntiMalware verze 3.2.28 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.2.28 - Zemana)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2767009719-3010479440-3224241737-1000_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\David\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21328.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2767009719-3010479440-3224241737-1000_Classes\CLSID\{5EA43877-C6D8-4885-B77A-C0BB27E94372}\InprocServer32 -> C:\Users\David\AppData\Local\Microsoft\EdgeUpdate\1.3.175.29\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2767009719-3010479440-3224241737-1000_Classes\CLSID\{608D599A-DCA6-4A7C-BED7-AFCD8465345A}\InprocServer32 -> C:\Users\David\AppData\Local\Microsoft\EdgeUpdate\1.3.175.29\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2767009719-3010479440-3224241737-1000_Classes\CLSID\{81093D63-7825-417B-BFC8-ADC63FA4E53D}\InprocServer32 -> C:\Users\David\AppData\Local\Microsoft\EdgeUpdate\1.3.175.29\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2021-03-30] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-06-27] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Windows\System32\atiacm64.dll [2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2021-03-30] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-06-27] (Malwarebytes Inc. -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2018-06-17 11:23 - 2018-06-17 11:22 - 000104448 _____ () [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2018-06-17 11:23 - 2023-07-02 12:01 - 000033792 _____ () [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2018-06-17 11:23 - 2018-06-17 11:22 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.20\ASACPI.DLL
2018-06-17 11:25 - 2018-06-17 11:22 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsAcpi.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 11) (Whitelisted) ==========

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-2767009719-3010479440-3224241737-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2021-12-24] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2021-12-24] (Oracle America, Inc. -> Oracle Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2023-06-28 22:30 - 000000841 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0
HKU\S-1-5-21-2767009719-3010479440-3224241737-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\David\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
DNS Servers: 10.0.1.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^GoogleUpdate.lnk => C:\Windows\pss\GoogleUpdate.lnk.Startup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Intel HD Graphics Drivers for Windows(R).lnk => C:\Windows\pss\Intel HD Graphics Drivers for Windows(R).lnk.Startup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^tmpB9FB.tmp.vbs => C:\Windows\pss\tmpB9FB.tmp.vbs.Startup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^windowsUpdate.lnk => C:\Windows\pss\windowsUpdate.lnk.Startup
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: com.squirrel.Teams.Teams => C:\Users\David\AppData\Local\Microsoft\Teams\Update.exe --processStart "Teams.exe" --process-start-args "--system-initiated"
MSCONFIG\startupreg: Intel HD Graphics Drivers for Windows(R) => C:\Users\David\AppData\Roaming\Microsoft\Windows\Templates\Intel HD Graphics Drivers for Windows(R).URL
MSCONFIG\startupreg: Intel HD Graphics Drivers for Windows(R)2 => C:\Users\David\AppData\Roaming\Microsoft\Windows\Templates\Intel HD Graphics Drivers for Windows(R).URL
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B0D9C293-F8AF-493A-B59F-A85B8251CC26}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D93ABC39-5093-4ECE-A52C-CDFC01207F10}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{447233FF-9B04-4B0A-9DE8-C76A38C19AC2}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{090574C4-D4C9-4ED4-BBD6-F6D24F6DC4F5}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [TCP Query User{0AC7C2BD-76D0-4D75-B692-8A369F3CBD3E}C:\program files\java\jre1.8.0_191\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_191\bin\javaw.exe
FirewallRules: [UDP Query User{B8942491-970A-46FE-9FBF-9F9365D04D41}C:\program files\java\jre1.8.0_191\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_191\bin\javaw.exe
FirewallRules: [TCP Query User{BCF67290-3E0D-42AF-8A32-5296B8E47AB5}C:\users\david\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\david\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{948323A4-3CC9-4B5D-9347-0BB1EFB85E3B}C:\users\david\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\david\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{93426A26-52B3-4A16-A511-ACACAE12E887}] => (Allow) C:\Users\David\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{9C22D9A0-E292-4FFA-831A-F40B5AE5019A}] => (Allow) C:\Users\David\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{73DE7557-8E17-44D7-B0FF-5F0720254821}] => (Allow) C:\Users\David\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{93BE0343-0661-42E5-977B-183D514EA875}] => (Allow) C:\Users\David\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [TCP Query User{89E27204-A8C8-4C16-9EA6-86146BF02670}C:\users\david\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Block) C:\users\david\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{E965E726-78DD-43B8-A812-4837AA13F8B7}C:\users\david\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Block) C:\users\david\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{82EAD628-BA52-4A99-A49A-177F0B942F88}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{4EEE9BBD-5A4C-4C22-BA7A-939ECC899894}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1A0EEE7B-635F-4071-BA82-136040106C8E}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.115\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

29-06-2023 16:37:25 Restore Point Created by FRST

==================== Faulty Device Manager Devices ============

Name: AODDriver4.3.0
Description: AODDriver4.3.0
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AODDriver4.3.0
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: ========================

Application errors:
==================
Error: (06/29/2023 04:37:25 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {8e22756d-b0f6-40d8-9e0f-70e8d1c615f7}

Error: (06/02/2023 01:11:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RobloxPlayerBeta.exe, verze: 0.578.0.13398, časové razítko: 0xe89600b6
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0xffffffffffffffff
ID chybujícího procesu: 0xad4
Čas spuštění chybující aplikace: 0x01d99542d93499c8
Cesta k chybující aplikaci: C:\Users\David\AppData\Local\Roblox\Versions\version-21bedf9513a74867\RobloxPlayerBeta.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 47dcadcd-0136-11ee-a3ae-d850e654df35

Error: (05/04/2023 07:18:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RobloxPlayerBeta.exe, verze: 0.574.1.38815, časové razítko: 0x9cd12f3b
Název chybujícího modulu: RobloxPlayerBeta.exe, verze: 0.574.1.38815, časové razítko: 0x9cd12f3b
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000cd082c
ID chybujícího procesu: 0xa68
Čas spuštění chybující aplikace: 0x01d97eac6b030dec
Cesta k chybující aplikaci: C:\Users\David\AppData\Local\Roblox\Versions\version-dc61c2db7d694b7b\RobloxPlayerBeta.exe
Cesta k chybujícímu modulu: C:\Users\David\AppData\Local\Roblox\Versions\version-dc61c2db7d694b7b\RobloxPlayerBeta.exe
ID zprávy: bd09276d-ea9f-11ed-aaa1-d850e654df35

Error: (02/24/2023 01:45:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: firefox.exe, verze: 110.0.0.8445, časové razítko: 0x63eb2d97
Název chybujícího modulu: xul.dll, verze: 110.0.0.8445, časové razítko: 0x63eb2f31
Kód výjimky: 0x80000003
Posun chyby: 0x000000000473de47
ID chybujícího procesu: 0xa60
Čas spuštění chybující aplikace: 0x01d948454b6c3d79
Cesta k chybující aplikaci: C:\Program Files\Mozilla Firefox\firefox.exe
Cesta k chybujícímu modulu: C:\Program Files\Mozilla Firefox\xul.dll
ID zprávy: c2392a67-b438-11ed-aae4-d850e654df35


System errors:
=============
Error: (07/03/2023 05:58:49 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} se v daném časovém limitu neregistroval u služby DCOM.

Error: (07/03/2023 01:17:45 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (07/03/2023 01:17:45 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (07/02/2023 12:31:02 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (07/02/2023 12:31:02 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (07/02/2023 12:31:02 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (07/02/2023 12:31:01 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (07/02/2023 11:59:29 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AODDriver4.3.0 neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedenou cestu.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 1903 07/11/2013
Motherboard: ASUSTeK COMPUTER INC. M5A97 LE R2.0
Processor: AMD FX(tm)-6300 Six-Core Processor
Percentage of memory in use: 54%
Total physical RAM: 3996.25 MB
Available physical RAM: 1802.21 MB
Total Virtual: 7990.64 MB
Available Virtual: 5653.43 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:271.27 GB) (Model: WDC WD50 00AZRX-00A8LB0 SATA Disk Device) NTFS

\\?\Volume{49321cd0-7188-11e8-bf22-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: D7C0CC3F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

[Yelkinson]

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.1.138
Tcpip\..\Interfaces\{273FA7FE-5002-44B9-B6CE-23FAE36A39B8}: [DhcpNameServer] 10.0.1.138

Edge:
=======
Edge DefaultProfile: Default

FireFox:
========
FF DefaultProfile: qhykbeu8.default
FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qhykbeu8.default [2023-07-03]
FF Homepage: Mozilla\Firefox\Profiles\qhykbeu8.default -> hxxps://www.seznam.cz/
FF NewTab: Mozilla\Firefox\Profiles\qhykbeu8.default -> about:newtab
FF Notifications: Mozilla\Firefox\Profiles\qhykbeu8.default -> hxxps://www.youtube.com; hxxps://www.facebook.com
FF NewTabOverride: Mozilla\Firefox\Profiles\qhykbeu8.default -> Enabled: {ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: (Add-ons Restricted Domains) - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qhykbeu8.default\features\{25f25c58-3842-4d8c-8ae1-1368e5563aa1}\addons-restricted-domains@mozilla.com.xpi [2023-06-22]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_207.dll [2019-06-11] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_207.dll [2019-06-11] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2021-12-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2021-12-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.18 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-2767009719-3010479440-3224241737-1000: @jlgplayer3.julegame.com -> C:\Users\David\AppData\Local\JuleGame\jlgplayer\npjlgplayer3.dll [No File]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-06-11] (Adobe Inc. -> Adobe)
S3 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [190464 2021-05-11] () [File not signed]
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2018-06-17] (ASUSTeK Computer Inc. -> )
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2018-06-17] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2018-06-17] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe [1632256 2018-06-17] (ASUSTeK Computer Inc.) [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8901968 2021-03-31] (BattlEye Innovations e.K. -> )
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1082896 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9258016 2023-06-27] (Malwarebytes Inc. -> Malwarebytes)
S3 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [15971760 2023-06-22] (ADLICE -> )
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
S4 EasyAntiCheat; "C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2013-01-28] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R1 amsdk; C:\Windows\system32\drivers\amsdk.sys [232792 2023-06-28] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2018-06-17] (ASUSTeK Computer Inc. -> )
R3 asmthub3; C:\Windows\System32\DRIVERS\asmthub3.sys [129000 2011-09-14] (MCCI Internal Testing Software -> ASMedia Technology Inc)
R3 asmtxhci; C:\Windows\System32\DRIVERS\asmtxhci.sys [394216 2011-09-14] (MCCI Internal Testing Software -> ASMedia Technology Inc)
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2018-06-17] (ASUSTeK Computer Inc. -> )
S3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2018-06-17] (MCCI Corporation -> MCCI Corporation)
S3 ASUSumsc; C:\Windows\System32\DRIVERS\ASUSumsc.sys [151808 2018-06-17] (MCCI Corporation -> MCCI Corporation)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2022-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [163644 2018-07-03] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
S3 VOICEMOD_Driver; C:\Windows\System32\drivers\vmdrv.sys [27648 2018-03-15] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider)
S2 AODDriver4.3.0; \??\C:\Program Files\AMD\Performance Profile Client\amd64\AODDriver2.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-07-03 05:54 - 2023-07-03 05:55 - 000005926 _____ C:\Users\David\Desktop\FRST.txt
2023-07-02 16:26 - 2023-07-02 16:37 - 1174191127 _____ C:\Users\David\Desktop\Avatar 2 - Cesta vody - CZ Dabing.mp4
2023-06-29 16:37 - 2023-06-29 16:38 - 000007616 _____ C:\Users\David\Desktop\Fixlog.txt
2023-06-29 06:17 - 2023-06-29 06:17 - 002383360 _____ (Farbar) C:\Users\David\Desktop\FRST64.exe
2023-06-28 23:01 - 2023-06-28 23:01 - 000232792 _____ (Copyright 2018.) C:\Windows\system32\Drivers\amsdk.sys
2023-06-28 23:01 - 2023-06-28 23:01 - 000003474 _____ C:\Windows\system32\Tasks\AMHelper
2023-06-28 23:01 - 2023-06-28 23:01 - 000002508 _____ C:\Windows\system32\Tasks\AMSkipUAC
2023-06-28 23:01 - 2023-06-28 23:01 - 000001260 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2023-06-28 23:01 - 2023-06-28 23:01 - 000000000 ____D C:\Users\David\AppData\Local\AMSDK
2023-06-28 23:01 - 2023-06-28 23:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2023-06-28 23:01 - 2023-06-28 23:01 - 000000000 ____D C:\Program Files (x86)\Zemana
2023-06-28 22:54 - 2014-02-13 23:59 - 000024064 _____ C:\Windows\zoek-delete.exe
2023-06-28 22:27 - 2023-06-28 22:51 - 000000000 ____D C:\zoek_backup
2023-06-28 16:24 - 2023-06-28 16:24 - 000002759 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2023-06-28 16:24 - 2023-06-28 16:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2023-06-28 16:24 - 2023-06-28 16:24 - 000000000 ____D C:\Program Files (x86)\Sophos
2023-06-28 16:23 - 2020-09-07 00:04 - 002038755 _____ C:\Users\David\Desktop\zoek (1).exe
2023-06-28 07:07 - 2023-06-28 07:13 - 000001015 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2023-06-28 07:07 - 2023-06-28 07:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2023-06-28 07:07 - 2023-06-28 07:07 - 000000000 ____D C:\Program Files\RogueKiller
2023-06-27 19:01 - 2023-06-27 19:01 - 000000000 ____D C:\Users\David\AppData\Local\Malwarebytes
2023-06-27 18:57 - 2023-06-27 18:57 - 000001665 _____ C:\mmm.txt
2023-06-27 12:05 - 2023-06-27 12:05 - 000000000 ____D C:\Users\David\AppData\Local\AMD
2023-06-27 12:01 - 2023-06-27 12:01 - 008791352 _____ (Malwarebytes) C:\Users\David\Desktop\AdwCleaner.exe
2023-06-27 12:01 - 2023-06-27 12:01 - 000448512 _____ (OldTimer Tools) C:\Users\David\Desktop\TFC.exe
2023-06-27 12:01 - 2023-06-27 12:01 - 000050688 _____ (Atribune.org) C:\Users\David\Desktop\ATF-Cleaner(1).exe
2023-06-27 11:13 - 2023-07-02 11:59 - 000003112 _____ C:\Windows\system32\Tasks\AMDInstallLauncher
2023-06-25 11:36 - 2023-06-25 11:36 - 000000000 ____D C:\Users\David\Desktop\backups
2023-06-25 11:31 - 2023-06-25 11:31 - 000388608 _____ (Trend Micro Inc.) C:\Users\David\Desktop\hijackthis.exe
2023-06-21 15:20 - 2023-06-23 06:21 - 000000000 ____D C:\Program Files\Mozilla Firefox

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-07-03 05:55 - 2019-08-09 19:52 - 000000000 ____D C:\FRST
2023-07-03 05:55 - 2019-08-04 20:29 - 000112155 _____ C:\Windows\ZAM.krnl.trace
2023-07-03 05:54 - 2022-02-08 18:48 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-07-03 03:16 - 2009-07-14 06:45 - 000024224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2023-07-03 03:16 - 2009-07-14 06:45 - 000024224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2023-07-02 21:01 - 2022-10-15 09:01 - 000003356 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-07-02 21:01 - 2022-10-15 09:01 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-07-02 21:01 - 2018-07-14 20:43 - 000000000 ____D C:\Program Files\CCleaner
2023-07-02 16:22 - 2023-02-12 20:12 - 000000000 ____D C:\Users\David\AppData\Roaming\vlc
2023-07-02 11:59 - 2023-05-20 09:20 - 000003082 _____ C:\Windows\system32\Tasks\AMDLinkUpdate
2023-07-02 11:59 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-07-01 21:25 - 2018-06-17 12:50 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2023-07-01 08:12 - 2018-06-17 21:07 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2023-06-29 16:38 - 2019-10-31 19:40 - 000000000 ____D C:\Users\David\AppData\LocalLow\Temp
2023-06-29 16:37 - 2018-06-17 11:21 - 000000000 ____D C:\Windows\system32\Tasks\ASUS
2023-06-28 22:56 - 2009-07-14 07:08 - 000032624 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2023-06-28 22:51 - 2018-06-16 19:31 - 000000000 ____D C:\Users\David
2023-06-28 07:13 - 2019-08-02 22:41 - 000000000 ____D C:\ProgramData\RogueKiller
2023-06-23 06:21 - 2018-06-17 10:42 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-06-22 06:09 - 2021-09-25 09:00 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2023-06-15 21:15 - 2023-04-23 09:02 - 000003718 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2767009719-3010479440-3224241737-1000UA{5C760954-2F23-49C2-A1B0-2852A08DEFE8}
2023-06-15 21:15 - 2023-04-23 09:02 - 000003650 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2767009719-3010479440-3224241737-1000Core{B62F3645-F9E0-45AD-9849-132A9773D0C5}
2023-06-14 22:06 - 2018-06-17 11:07 - 000000000 ____D C:\Windows\system32\MRT
2023-06-14 22:03 - 2018-06-17 11:07 - 170078616 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-06-14 15:34 - 2020-06-26 07:07 - 000002221 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-06-13 19:03 - 2020-06-26 07:06 - 000003540 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-06-13 19:03 - 2020-06-26 07:06 - 000003412 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

==================== Files in the root of some directories ========

2021-09-23 09:02 - 2021-10-29 18:07 - 000099384 _____ () C:\Users\David\AppData\Roaming\inst.exe
2021-09-23 09:02 - 2021-10-29 18:07 - 000007859 _____ () C:\Users\David\AppData\Roaming\pcouffin.cat
2021-09-23 09:02 - 2021-10-29 18:07 - 000001167 _____ () C:\Users\David\AppData\Roaming\pcouffin.inf
2021-09-23 09:02 - 2021-10-29 18:07 - 000082816 _____ (VSO Software) C:\Users\David\AppData\Roaming\pcouffin.sys
2019-12-25 20:21 - 2023-01-09 14:18 - 000004608 _____ () C:\Users\David\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-01-30 21:43 - 2020-06-20 14:53 - 000007601 _____ () C:\Users\David\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2023-07-01 09:16
==================== End of FRST.txt ========================

[jaro3]

Zkontroluj ty logy , chybí začátek frst.

[Yelkinson]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-07-2023
Ran by David (administrator) on DAVID-PC (19-07-2023 06:02:32)
Running from C:\Users\David\Desktop\FRST64.exe
Loaded Profiles: David
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(services.exe ->) (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9228800 2017-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [739448 2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2767009719-3010479440-3224241737-1000\...\Run: [Microsoft Edge Update] => C:\Users\David\AppData\Local\Microsoft\EdgeUpdate\1.3.177.11\MicrosoftEdgeUpdateCore.exe [263648 2023-07-12] (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Java.bat [2019-04-13] () [File not signed]

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {EFBE04FD-4093-4727-B609-2011974731FD} - System32\Tasks\{64F9115D-F208-4941-A36B-DB47C6B6CAD4} => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (No File)
Task: {C245A449-22C6-40C2-837F-807AFF2E9342} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_207_Plugin.exe [1457208 2019-06-11] (Adobe Inc. -> Adobe)
Task: {A8E08529-E9BC-4F45-A5BB-15AA34F90A90} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_207_pepper.exe [1452600 2019-06-11] (Adobe Inc. -> Adobe)
Task: {C3490F6C-7B47-408C-B3F7-BD1E61DB8302} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-06-11] (Adobe Inc. -> Adobe)
Task: {CB69A1DB-F0EB-42E3-BEDF-D192FA1906A6} - System32\Tasks\AMD ThankingURL => C:\Program Files\AMD\CIM\Bin64\Setup.exe [1126176 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {A624DE6E-B16A-4C4D-A3C2-B4B93EFB6390} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1713952 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {3B8E604C-2CF2-43BD-BD2A-80D99B35C2FC} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [682008 2021-03-30] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {9045C9E7-BFD1-43B6-82A3-29EAD752BBA4} - System32\Tasks\AMSkipUAC => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [682008 2021-03-30] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {3AE989B3-3628-40D8-A6CF-BB33234D1E6D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Flash Player Updater" /ENABLE
Task: {3AE989B3-3628-40D8-A6CF-BB33234D1E6D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {3AE989B3-3628-40D8-A6CF-BB33234D1E6D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {3AE989B3-3628-40D8-A6CF-BB33234D1E6D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {3AE989B3-3628-40D8-A6CF-BB33234D1E6D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\Opera scheduled Autoupdate 1534580516" /ENABLE
Task: {3AE989B3-3628-40D8-A6CF-BB33234D1E6D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {47B51B91-1602-465F-B2A8-82FCBA8C1795} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe /from_scheduler:1 (No File)
Task: {777016B2-F7A2-4306-BE1D-1F143B81C808} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-09-12] (Piriform Software Ltd -> Piriform)
Task: {B3833455-7E98-4ED3-A92B-FA31430E7408} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4666896 2022-09-12] (Piriform Software Ltd -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "ef795822-d53c-44b8-9f45-6cca434f0142" --version "6.04.10044" --silent
Task: {4125B674-CB30-478E-8D9F-C99EAA06E611} - System32\Tasks\CCleanerSkipUAC - David => C:\Program Files\CCleaner\CCleaner.exe [32204304 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9C9E8E09-0D64-44E8-8FC2-A0DC3CF4BB69} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2767009719-3010479440-3224241737-1000Core{B62F3645-F9E0-45AD-9849-132A9773D0C5} => C:\Users\David\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [206256 2023-04-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {9366A54A-0458-43A4-90AB-B5EF79C7BFE0} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2767009719-3010479440-3224241737-1000UA{5C760954-2F23-49C2-A1B0-2852A08DEFE8} => C:\Users\David\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [206256 2023-04-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {EBA1884A-7386-4199-9777-1C96EBB910A3} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1713952 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {B18909D6-E3B0-45EC-B792-FD8D18FFFD74} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [686496 2023-07-19] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {A4C912D5-CAA0-4461-B65B-71D08987087B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [724384 2023-07-19] (Mozilla Corporation -> Mozilla Foundation)
Task: {FC83BE08-5243-48D5-97E3-B6E158DD8C4A} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [62752 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {80CB8A2C-CB76-43B6-8D8B-4C78E60902AF} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [268576 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.1.138
Tcpip\..\Interfaces\{273FA7FE-5002-44B9-B6CE-23FAE36A39B8}: [DhcpNameServer] 10.0.1.138

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\David\AppData\Local\Microsoft\Edge\User Data\Default [2023-07-09]

FireFox:
========
FF DefaultProfile: qhykbeu8.default
FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qhykbeu8.default [2023-07-19]
FF Homepage: Mozilla\Firefox\Profiles\qhykbeu8.default -> hxxps://www.seznam.cz/
FF NewTab: Mozilla\Firefox\Profiles\qhykbeu8.default -> about:newtab
FF Notifications: Mozilla\Firefox\Profiles\qhykbeu8.default -> hxxps://www.youtube.com; hxxps://www.facebook.com
FF NewTabOverride: Mozilla\Firefox\Profiles\qhykbeu8.default -> Enabled: {ea614400-e918-4741-9a97-7a972ff7c30b}
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_207.dll [2019-06-11] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_207.dll [2019-06-11] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.371.2 -> C:\Program Files (x86)\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.371.2 -> C:\Program Files (x86)\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.18 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-2767009719-3010479440-3224241737-1000: @jlgplayer3.julegame.com -> C:\Users\David\AppData\Local\JuleGame\jlgplayer\npjlgplayer3.dll [No File]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-06-11] (Adobe Inc. -> Adobe)
S3 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [190464 2021-05-11] () [File not signed]
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2018-06-17] (ASUSTeK Computer Inc. -> )
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2018-06-17] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2018-06-17] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe [1632256 2018-06-17] (ASUSTeK Computer Inc.) [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8901968 2021-03-31] (BattlEye Innovations e.K. -> )
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1082896 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9258016 2023-06-27] (Malwarebytes Inc. -> Malwarebytes)
S3 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [15971760 2023-06-22] (ADLICE -> )
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
S4 EasyAntiCheat; "C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2013-01-28] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R1 amsdk; C:\Windows\system32\drivers\amsdk.sys [232792 2023-06-28] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2018-06-17] (ASUSTeK Computer Inc. -> )
R3 asmthub3; C:\Windows\System32\DRIVERS\asmthub3.sys [129000 2011-09-14] (MCCI Internal Testing Software -> ASMedia Technology Inc)
R3 asmtxhci; C:\Windows\System32\DRIVERS\asmtxhci.sys [394216 2011-09-14] (MCCI Internal Testing Software -> ASMedia Technology Inc)
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2018-06-17] (ASUSTeK Computer Inc. -> )
S3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2018-06-17] (MCCI Corporation -> MCCI Corporation)
S3 ASUSumsc; C:\Windows\System32\DRIVERS\ASUSumsc.sys [151808 2018-06-17] (MCCI Corporation -> MCCI Corporation)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2022-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [163644 2018-07-03] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
S3 VOICEMOD_Driver; C:\Windows\System32\drivers\vmdrv.sys [27648 2018-03-15] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider)
S2 AODDriver4.3.0; \??\C:\Program Files\AMD\Performance Profile Client\amd64\AODDriver2.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-07-19 06:01 - 2023-07-19 06:01 - 000000000 ____D C:\Users\David\Desktop\FRST-OlderVersion
2023-07-19 05:50 - 2023-07-19 05:51 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-07-14 19:43 - 2023-07-14 19:43 - 000001306 _____ C:\Users\David\Desktop\Roblox Player.lnk
2023-07-11 20:27 - 2023-07-11 20:27 - 000000000 ____D C:\Users\David\AppData\Roaming\Sun
2023-07-11 20:27 - 2023-07-11 20:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2023-07-11 20:27 - 2023-07-11 20:27 - 000000000 ____D C:\Program Files (x86)\Java
2023-07-11 20:27 - 2023-03-17 04:39 - 000170656 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2023-07-11 20:26 - 2023-07-11 20:26 - 002329224 _____ (Oracle Corporation) C:\Users\David\Downloads\jre-8u371-windows-i586-iftw.exe
2023-07-11 20:21 - 2023-07-11 20:21 - 000001854 _____ C:\Users\David\Desktop\TLauncher.lnk
2023-07-11 20:21 - 2023-07-11 20:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TLauncher
2023-07-11 19:32 - 2023-07-15 21:47 - 000000000 ____D C:\Users\David\AppData\Roaming\.tlauncher
2023-07-03 05:55 - 2023-07-03 05:59 - 000026593 _____ C:\Users\David\Desktop\Addition.txt
2023-07-03 05:54 - 2023-07-19 06:03 - 000014665 _____ C:\Users\David\Desktop\FRST.txt
2023-07-02 16:26 - 2023-07-02 16:37 - 1174191127 _____ C:\Users\David\Desktop\Avatar 2 - Cesta vody - CZ Dabing.mp4
2023-06-29 16:37 - 2023-06-29 16:38 - 000007616 _____ C:\Users\David\Desktop\Fixlog.txt
2023-06-29 06:17 - 2023-07-19 06:01 - 002384384 _____ (Farbar) C:\Users\David\Desktop\FRST64.exe
2023-06-28 23:01 - 2023-06-28 23:01 - 000232792 _____ (Copyright 2018.) C:\Windows\system32\Drivers\amsdk.sys
2023-06-28 23:01 - 2023-06-28 23:01 - 000003474 _____ C:\Windows\system32\Tasks\AMHelper
2023-06-28 23:01 - 2023-06-28 23:01 - 000002508 _____ C:\Windows\system32\Tasks\AMSkipUAC
2023-06-28 23:01 - 2023-06-28 23:01 - 000001260 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2023-06-28 23:01 - 2023-06-28 23:01 - 000000000 ____D C:\Users\David\AppData\Local\AMSDK
2023-06-28 23:01 - 2023-06-28 23:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2023-06-28 23:01 - 2023-06-28 23:01 - 000000000 ____D C:\Program Files (x86)\Zemana
2023-06-28 22:54 - 2014-02-13 23:59 - 000024064 _____ C:\Windows\zoek-delete.exe
2023-06-28 22:27 - 2023-06-28 22:51 - 000000000 ____D C:\zoek_backup
2023-06-28 16:24 - 2023-06-28 16:24 - 000002759 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2023-06-28 16:24 - 2023-06-28 16:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2023-06-28 16:24 - 2023-06-28 16:24 - 000000000 ____D C:\Program Files (x86)\Sophos
2023-06-28 16:23 - 2020-09-07 00:04 - 002038755 _____ C:\Users\David\Desktop\zoek (1).exe
2023-06-28 07:07 - 2023-06-28 07:13 - 000001015 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2023-06-28 07:07 - 2023-06-28 07:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2023-06-28 07:07 - 2023-06-28 07:07 - 000000000 ____D C:\Program Files\RogueKiller
2023-06-27 19:01 - 2023-06-27 19:01 - 000000000 ____D C:\Users\David\AppData\Local\Malwarebytes
2023-06-27 18:57 - 2023-06-27 18:57 - 000001665 _____ C:\mmm.txt
2023-06-27 12:05 - 2023-07-11 20:32 - 000000000 ____D C:\Users\David\AppData\Local\AMD
2023-06-27 12:01 - 2023-06-27 12:01 - 008791352 _____ (Malwarebytes) C:\Users\David\Desktop\AdwCleaner.exe
2023-06-27 12:01 - 2023-06-27 12:01 - 000448512 _____ (OldTimer Tools) C:\Users\David\Desktop\TFC.exe
2023-06-27 12:01 - 2023-06-27 12:01 - 000050688 _____ (Atribune.org) C:\Users\David\Desktop\ATF-Cleaner(1).exe
2023-06-25 11:36 - 2023-06-25 11:36 - 000000000 ____D C:\Users\David\Desktop\backups
2023-06-25 11:31 - 2023-06-25 11:31 - 000388608 _____ (Trend Micro Inc.) C:\Users\David\Desktop\hijackthis.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-07-19 06:03 - 2019-08-09 19:52 - 000000000 ____D C:\FRST
2023-07-19 06:03 - 2019-08-04 20:29 - 000057032 _____ C:\Windows\ZAM.krnl.trace
2023-07-19 06:02 - 2022-02-08 18:48 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-07-19 05:59 - 2009-07-14 06:45 - 000024224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2023-07-19 05:59 - 2009-07-14 06:45 - 000024224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2023-07-19 05:52 - 2021-09-25 09:00 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2023-07-19 05:52 - 2018-06-17 10:42 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-07-19 05:51 - 2022-10-15 09:01 - 000003356 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-07-19 05:51 - 2022-10-15 09:01 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-07-19 05:51 - 2018-07-14 20:43 - 000000000 ____D C:\Program Files\CCleaner
2023-07-19 05:49 - 2023-05-20 09:20 - 000003082 _____ C:\Windows\system32\Tasks\AMDLinkUpdate
2023-07-19 05:49 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-07-18 22:29 - 2018-06-17 12:50 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2023-07-16 22:30 - 2023-02-12 20:12 - 000000000 ____D C:\Users\David\AppData\Roaming\vlc
2023-07-15 21:49 - 2020-05-24 18:13 - 000000000 ____D C:\Users\David\AppData\Roaming\.minecraft
2023-07-14 19:43 - 2018-06-17 21:07 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2023-07-13 03:04 - 2018-06-17 11:07 - 000000000 ____D C:\Windows\system32\MRT
2023-07-13 03:00 - 2018-06-17 11:07 - 173351160 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-07-12 18:41 - 2023-04-23 09:02 - 000003718 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2767009719-3010479440-3224241737-1000UA{5C760954-2F23-49C2-A1B0-2852A08DEFE8}
2023-07-12 18:41 - 2023-04-23 09:02 - 000003650 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2767009719-3010479440-3224241737-1000Core{B62F3645-F9E0-45AD-9849-132A9773D0C5}
2023-07-11 03:09 - 2020-06-26 07:06 - 000003540 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-07-11 03:09 - 2020-06-26 07:06 - 000003412 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-06-29 16:38 - 2019-10-31 19:40 - 000000000 ____D C:\Users\David\AppData\LocalLow\Temp
2023-06-29 16:37 - 2018-06-17 11:21 - 000000000 ____D C:\Windows\system32\Tasks\ASUS
2023-06-28 22:56 - 2009-07-14 07:08 - 000032624 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2023-06-28 22:51 - 2018-06-16 19:31 - 000000000 ____D C:\Users\David
2023-06-28 07:13 - 2019-08-02 22:41 - 000000000 ____D C:\ProgramData\RogueKiller

==================== Files in the root of some directories ========

2021-09-23 09:02 - 2021-10-29 18:07 - 000099384 _____ () C:\Users\David\AppData\Roaming\inst.exe
2021-09-23 09:02 - 2021-10-29 18:07 - 000007859 _____ () C:\Users\David\AppData\Roaming\pcouffin.cat
2021-09-23 09:02 - 2021-10-29 18:07 - 000001167 _____ () C:\Users\David\AppData\Roaming\pcouffin.inf
2021-09-23 09:02 - 2021-10-29 18:07 - 000082816 _____ (VSO Software) C:\Users\David\AppData\Roaming\pcouffin.sys
2019-12-25 20:21 - 2023-01-09 14:18 - 000004608 _____ () C:\Users\David\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-01-30 21:43 - 2020-06-20 14:53 - 000007601 _____ () C:\Users\David\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2023-07-11 00:59
==================== End of FRST.txt ========================

[Yelkinson]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-07-2023
Ran by David (administrator) on DAVID-PC (19-07-2023 06:02:32)
Running from C:\Users\David\Desktop\FRST64.exe
Loaded Profiles: David
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(services.exe ->) (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9228800 2017-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [739448 2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2767009719-3010479440-3224241737-1000\...\Run: [Microsoft Edge Update] => C:\Users\David\AppData\Local\Microsoft\EdgeUpdate\1.3.177.11\MicrosoftEdgeUpdateCore.exe [263648 2023-07-12] (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Java.bat [2019-04-13] () [File not signed]

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {EFBE04FD-4093-4727-B609-2011974731FD} - System32\Tasks\{64F9115D-F208-4941-A36B-DB47C6B6CAD4} => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (No File)
Task: {C245A449-22C6-40C2-837F-807AFF2E9342} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_207_Plugin.exe [1457208 2019-06-11] (Adobe Inc. -> Adobe)
Task: {A8E08529-E9BC-4F45-A5BB-15AA34F90A90} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_207_pepper.exe [1452600 2019-06-11] (Adobe Inc. -> Adobe)
Task: {C3490F6C-7B47-408C-B3F7-BD1E61DB8302} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-06-11] (Adobe Inc. -> Adobe)
Task: {CB69A1DB-F0EB-42E3-BEDF-D192FA1906A6} - System32\Tasks\AMD ThankingURL => C:\Program Files\AMD\CIM\Bin64\Setup.exe [1126176 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {A624DE6E-B16A-4C4D-A3C2-B4B93EFB6390} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1713952 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {3B8E604C-2CF2-43BD-BD2A-80D99B35C2FC} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [682008 2021-03-30] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {9045C9E7-BFD1-43B6-82A3-29EAD752BBA4} - System32\Tasks\AMSkipUAC => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [682008 2021-03-30] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {3AE989B3-3628-40D8-A6CF-BB33234D1E6D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Flash Player Updater" /ENABLE
Task: {3AE989B3-3628-40D8-A6CF-BB33234D1E6D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {3AE989B3-3628-40D8-A6CF-BB33234D1E6D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {3AE989B3-3628-40D8-A6CF-BB33234D1E6D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {3AE989B3-3628-40D8-A6CF-BB33234D1E6D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\Opera scheduled Autoupdate 1534580516" /ENABLE
Task: {3AE989B3-3628-40D8-A6CF-BB33234D1E6D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {47B51B91-1602-465F-B2A8-82FCBA8C1795} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe /from_scheduler:1 (No File)
Task: {777016B2-F7A2-4306-BE1D-1F143B81C808} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-09-12] (Piriform Software Ltd -> Piriform)
Task: {B3833455-7E98-4ED3-A92B-FA31430E7408} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4666896 2022-09-12] (Piriform Software Ltd -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "ef795822-d53c-44b8-9f45-6cca434f0142" --version "6.04.10044" --silent
Task: {4125B674-CB30-478E-8D9F-C99EAA06E611} - System32\Tasks\CCleanerSkipUAC - David => C:\Program Files\CCleaner\CCleaner.exe [32204304 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9C9E8E09-0D64-44E8-8FC2-A0DC3CF4BB69} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2767009719-3010479440-3224241737-1000Core{B62F3645-F9E0-45AD-9849-132A9773D0C5} => C:\Users\David\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [206256 2023-04-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {9366A54A-0458-43A4-90AB-B5EF79C7BFE0} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2767009719-3010479440-3224241737-1000UA{5C760954-2F23-49C2-A1B0-2852A08DEFE8} => C:\Users\David\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [206256 2023-04-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {EBA1884A-7386-4199-9777-1C96EBB910A3} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1713952 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {B18909D6-E3B0-45EC-B792-FD8D18FFFD74} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [686496 2023-07-19] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {A4C912D5-CAA0-4461-B65B-71D08987087B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [724384 2023-07-19] (Mozilla Corporation -> Mozilla Foundation)
Task: {FC83BE08-5243-48D5-97E3-B6E158DD8C4A} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [62752 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {80CB8A2C-CB76-43B6-8D8B-4C78E60902AF} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [268576 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.1.138
Tcpip\..\Interfaces\{273FA7FE-5002-44B9-B6CE-23FAE36A39B8}: [DhcpNameServer] 10.0.1.138

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\David\AppData\Local\Microsoft\Edge\User Data\Default [2023-07-09]

FireFox:
========
FF DefaultProfile: qhykbeu8.default
FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\qhykbeu8.default [2023-07-19]
FF Homepage: Mozilla\Firefox\Profiles\qhykbeu8.default -> hxxps://www.seznam.cz/
FF NewTab: Mozilla\Firefox\Profiles\qhykbeu8.default -> about:newtab
FF Notifications: Mozilla\Firefox\Profiles\qhykbeu8.default -> hxxps://www.youtube.com; hxxps://www.facebook.com
FF NewTabOverride: Mozilla\Firefox\Profiles\qhykbeu8.default -> Enabled: {ea614400-e918-4741-9a97-7a972ff7c30b}
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_207.dll [2019-06-11] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_207.dll [2019-06-11] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.371.2 -> C:\Program Files (x86)\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.371.2 -> C:\Program Files (x86)\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.18 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-2767009719-3010479440-3224241737-1000: @jlgplayer3.julegame.com -> C:\Users\David\AppData\Local\JuleGame\jlgplayer\npjlgplayer3.dll [No File]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-06-11] (Adobe Inc. -> Adobe)
S3 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [190464 2021-05-11] () [File not signed]
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2018-06-17] (ASUSTeK Computer Inc. -> )
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2018-06-17] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2018-06-17] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe [1632256 2018-06-17] (ASUSTeK Computer Inc.) [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8901968 2021-03-31] (BattlEye Innovations e.K. -> )
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1082896 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9258016 2023-06-27] (Malwarebytes Inc. -> Malwarebytes)
S3 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [15971760 2023-06-22] (ADLICE -> )
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
S4 EasyAntiCheat; "C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2013-01-28] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R1 amsdk; C:\Windows\system32\drivers\amsdk.sys [232792 2023-06-28] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2018-06-17] (ASUSTeK Computer Inc. -> )
R3 asmthub3; C:\Windows\System32\DRIVERS\asmthub3.sys [129000 2011-09-14] (MCCI Internal Testing Software -> ASMedia Technology Inc)
R3 asmtxhci; C:\Windows\System32\DRIVERS\asmtxhci.sys [394216 2011-09-14] (MCCI Internal Testing Software -> ASMedia Technology Inc)
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2018-06-17] (ASUSTeK Computer Inc. -> )
S3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2018-06-17] (MCCI Corporation -> MCCI Corporation)
S3 ASUSumsc; C:\Windows\System32\DRIVERS\ASUSumsc.sys [151808 2018-06-17] (MCCI Corporation -> MCCI Corporation)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2022-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [163644 2018-07-03] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
S3 VOICEMOD_Driver; C:\Windows\System32\drivers\vmdrv.sys [27648 2018-03-15] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider)
S2 AODDriver4.3.0; \??\C:\Program Files\AMD\Performance Profile Client\amd64\AODDriver2.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-07-19 06:01 - 2023-07-19 06:01 - 000000000 ____D C:\Users\David\Desktop\FRST-OlderVersion
2023-07-19 05:50 - 2023-07-19 05:51 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-07-14 19:43 - 2023-07-14 19:43 - 000001306 _____ C:\Users\David\Desktop\Roblox Player.lnk
2023-07-11 20:27 - 2023-07-11 20:27 - 000000000 ____D C:\Users\David\AppData\Roaming\Sun
2023-07-11 20:27 - 2023-07-11 20:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2023-07-11 20:27 - 2023-07-11 20:27 - 000000000 ____D C:\Program Files (x86)\Java
2023-07-11 20:27 - 2023-03-17 04:39 - 000170656 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2023-07-11 20:26 - 2023-07-11 20:26 - 002329224 _____ (Oracle Corporation) C:\Users\David\Downloads\jre-8u371-windows-i586-iftw.exe
2023-07-11 20:21 - 2023-07-11 20:21 - 000001854 _____ C:\Users\David\Desktop\TLauncher.lnk
2023-07-11 20:21 - 2023-07-11 20:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TLauncher
2023-07-11 19:32 - 2023-07-15 21:47 - 000000000 ____D C:\Users\David\AppData\Roaming\.tlauncher
2023-07-03 05:55 - 2023-07-03 05:59 - 000026593 _____ C:\Users\David\Desktop\Addition.txt
2023-07-03 05:54 - 2023-07-19 06:03 - 000014665 _____ C:\Users\David\Desktop\FRST.txt
2023-07-02 16:26 - 2023-07-02 16:37 - 1174191127 _____ C:\Users\David\Desktop\Avatar 2 - Cesta vody - CZ Dabing.mp4
2023-06-29 16:37 - 2023-06-29 16:38 - 000007616 _____ C:\Users\David\Desktop\Fixlog.txt
2023-06-29 06:17 - 2023-07-19 06:01 - 002384384 _____ (Farbar) C:\Users\David\Desktop\FRST64.exe
2023-06-28 23:01 - 2023-06-28 23:01 - 000232792 _____ (Copyright 2018.) C:\Windows\system32\Drivers\amsdk.sys
2023-06-28 23:01 - 2023-06-28 23:01 - 000003474 _____ C:\Windows\system32\Tasks\AMHelper
2023-06-28 23:01 - 2023-06-28 23:01 - 000002508 _____ C:\Windows\system32\Tasks\AMSkipUAC
2023-06-28 23:01 - 2023-06-28 23:01 - 000001260 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2023-06-28 23:01 - 2023-06-28 23:01 - 000000000 ____D C:\Users\David\AppData\Local\AMSDK
2023-06-28 23:01 - 2023-06-28 23:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2023-06-28 23:01 - 2023-06-28 23:01 - 000000000 ____D C:\Program Files (x86)\Zemana
2023-06-28 22:54 - 2014-02-13 23:59 - 000024064 _____ C:\Windows\zoek-delete.exe
2023-06-28 22:27 - 2023-06-28 22:51 - 000000000 ____D C:\zoek_backup
2023-06-28 16:24 - 2023-06-28 16:24 - 000002759 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2023-06-28 16:24 - 2023-06-28 16:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2023-06-28 16:24 - 2023-06-28 16:24 - 000000000 ____D C:\Program Files (x86)\Sophos
2023-06-28 16:23 - 2020-09-07 00:04 - 002038755 _____ C:\Users\David\Desktop\zoek (1).exe
2023-06-28 07:07 - 2023-06-28 07:13 - 000001015 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2023-06-28 07:07 - 2023-06-28 07:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2023-06-28 07:07 - 2023-06-28 07:07 - 000000000 ____D C:\Program Files\RogueKiller
2023-06-27 19:01 - 2023-06-27 19:01 - 000000000 ____D C:\Users\David\AppData\Local\Malwarebytes
2023-06-27 18:57 - 2023-06-27 18:57 - 000001665 _____ C:\mmm.txt
2023-06-27 12:05 - 2023-07-11 20:32 - 000000000 ____D C:\Users\David\AppData\Local\AMD
2023-06-27 12:01 - 2023-06-27 12:01 - 008791352 _____ (Malwarebytes) C:\Users\David\Desktop\AdwCleaner.exe
2023-06-27 12:01 - 2023-06-27 12:01 - 000448512 _____ (OldTimer Tools) C:\Users\David\Desktop\TFC.exe
2023-06-27 12:01 - 2023-06-27 12:01 - 000050688 _____ (Atribune.org) C:\Users\David\Desktop\ATF-Cleaner(1).exe
2023-06-25 11:36 - 2023-06-25 11:36 - 000000000 ____D C:\Users\David\Desktop\backups
2023-06-25 11:31 - 2023-06-25 11:31 - 000388608 _____ (Trend Micro Inc.) C:\Users\David\Desktop\hijackthis.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-07-19 06:03 - 2019-08-09 19:52 - 000000000 ____D C:\FRST
2023-07-19 06:03 - 2019-08-04 20:29 - 000057032 _____ C:\Windows\ZAM.krnl.trace
2023-07-19 06:02 - 2022-02-08 18:48 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-07-19 05:59 - 2009-07-14 06:45 - 000024224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2023-07-19 05:59 - 2009-07-14 06:45 - 000024224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2023-07-19 05:52 - 2021-09-25 09:00 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2023-07-19 05:52 - 2018-06-17 10:42 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-07-19 05:51 - 2022-10-15 09:01 - 000003356 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-07-19 05:51 - 2022-10-15 09:01 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-07-19 05:51 - 2018-07-14 20:43 - 000000000 ____D C:\Program Files\CCleaner
2023-07-19 05:49 - 2023-05-20 09:20 - 000003082 _____ C:\Windows\system32\Tasks\AMDLinkUpdate
2023-07-19 05:49 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-07-18 22:29 - 2018-06-17 12:50 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2023-07-16 22:30 - 2023-02-12 20:12 - 000000000 ____D C:\Users\David\AppData\Roaming\vlc
2023-07-15 21:49 - 2020-05-24 18:13 - 000000000 ____D C:\Users\David\AppData\Roaming\.minecraft
2023-07-14 19:43 - 2018-06-17 21:07 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2023-07-13 03:04 - 2018-06-17 11:07 - 000000000 ____D C:\Windows\system32\MRT
2023-07-13 03:00 - 2018-06-17 11:07 - 173351160 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-07-12 18:41 - 2023-04-23 09:02 - 000003718 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2767009719-3010479440-3224241737-1000UA{5C760954-2F23-49C2-A1B0-2852A08DEFE8}
2023-07-12 18:41 - 2023-04-23 09:02 - 000003650 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2767009719-3010479440-3224241737-1000Core{B62F3645-F9E0-45AD-9849-132A9773D0C5}
2023-07-11 03:09 - 2020-06-26 07:06 - 000003540 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-07-11 03:09 - 2020-06-26 07:06 - 000003412 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-06-29 16:38 - 2019-10-31 19:40 - 000000000 ____D C:\Users\David\AppData\LocalLow\Temp
2023-06-29 16:37 - 2018-06-17 11:21 - 000000000 ____D C:\Windows\system32\Tasks\ASUS
2023-06-28 22:56 - 2009-07-14 07:08 - 000032624 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2023-06-28 22:51 - 2018-06-16 19:31 - 000000000 ____D C:\Users\David
2023-06-28 07:13 - 2019-08-02 22:41 - 000000000 ____D C:\ProgramData\RogueKiller

==================== Files in the root of some directories ========

2021-09-23 09:02 - 2021-10-29 18:07 - 000099384 _____ () C:\Users\David\AppData\Roaming\inst.exe
2021-09-23 09:02 - 2021-10-29 18:07 - 000007859 _____ () C:\Users\David\AppData\Roaming\pcouffin.cat
2021-09-23 09:02 - 2021-10-29 18:07 - 000001167 _____ () C:\Users\David\AppData\Roaming\pcouffin.inf
2021-09-23 09:02 - 2021-10-29 18:07 - 000082816 _____ (VSO Software) C:\Users\David\AppData\Roaming\pcouffin.sys
2019-12-25 20:21 - 2023-01-09 14:18 - 000004608 _____ () C:\Users\David\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-01-30 21:43 - 2020-06-20 14:53 - 000007601 _____ () C:\Users\David\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2023-07-11 00:59
==================== End of FRST.txt ========================

[Yelkinson]

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-07-19 06:01 - 2023-07-19 06:01 - 000000000 ____D C:\Users\David\Desktop\FRST-OlderVersion
2023-07-19 05:50 - 2023-07-19 05:51 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-07-14 19:43 - 2023-07-14 19:43 - 000001306 _____ C:\Users\David\Desktop\Roblox Player.lnk
2023-07-11 20:27 - 2023-07-11 20:27 - 000000000 ____D C:\Users\David\AppData\Roaming\Sun
2023-07-11 20:27 - 2023-07-11 20:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2023-07-11 20:27 - 2023-07-11 20:27 - 000000000 ____D C:\Program Files (x86)\Java
2023-07-11 20:27 - 2023-03-17 04:39 - 000170656 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2023-07-11 20:26 - 2023-07-11 20:26 - 002329224 _____ (Oracle Corporation) C:\Users\David\Downloads\jre-8u371-windows-i586-iftw.exe
2023-07-11 20:21 - 2023-07-11 20:21 - 000001854 _____ C:\Users\David\Desktop\TLauncher.lnk
2023-07-11 20:21 - 2023-07-11 20:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TLauncher
2023-07-11 19:32 - 2023-07-15 21:47 - 000000000 ____D C:\Users\David\AppData\Roaming\.tlauncher
2023-07-03 05:55 - 2023-07-03 05:59 - 000026593 _____ C:\Users\David\Desktop\Addition.txt
2023-07-03 05:54 - 2023-07-19 06:03 - 000014665 _____ C:\Users\David\Desktop\FRST.txt
2023-07-02 16:26 - 2023-07-02 16:37 - 1174191127 _____ C:\Users\David\Desktop\Avatar 2 - Cesta vody - CZ Dabing.mp4
2023-06-29 16:37 - 2023-06-29 16:38 - 000007616 _____ C:\Users\David\Desktop\Fixlog.txt
2023-06-29 06:17 - 2023-07-19 06:01 - 002384384 _____ (Farbar) C:\Users\David\Desktop\FRST64.exe
2023-06-28 23:01 - 2023-06-28 23:01 - 000232792 _____ (Copyright 2018.) C:\Windows\system32\Drivers\amsdk.sys
2023-06-28 23:01 - 2023-06-28 23:01 - 000003474 _____ C:\Windows\system32\Tasks\AMHelper
2023-06-28 23:01 - 2023-06-28 23:01 - 000002508 _____ C:\Windows\system32\Tasks\AMSkipUAC
2023-06-28 23:01 - 2023-06-28 23:01 - 000001260 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2023-06-28 23:01 - 2023-06-28 23:01 - 000000000 ____D C:\Users\David\AppData\Local\AMSDK
2023-06-28 23:01 - 2023-06-28 23:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2023-06-28 23:01 - 2023-06-28 23:01 - 000000000 ____D C:\Program Files (x86)\Zemana
2023-06-28 22:54 - 2014-02-13 23:59 - 000024064 _____ C:\Windows\zoek-delete.exe
2023-06-28 22:27 - 2023-06-28 22:51 - 000000000 ____D C:\zoek_backup
2023-06-28 16:24 - 2023-06-28 16:24 - 000002759 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2023-06-28 16:24 - 2023-06-28 16:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2023-06-28 16:24 - 2023-06-28 16:24 - 000000000 ____D C:\Program Files (x86)\Sophos
2023-06-28 16:23 - 2020-09-07 00:04 - 002038755 _____ C:\Users\David\Desktop\zoek (1).exe
2023-06-28 07:07 - 2023-06-28 07:13 - 000001015 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2023-06-28 07:07 - 2023-06-28 07:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2023-06-28 07:07 - 2023-06-28 07:07 - 000000000 ____D C:\Program Files\RogueKiller
2023-06-27 19:01 - 2023-06-27 19:01 - 000000000 ____D C:\Users\David\AppData\Local\Malwarebytes
2023-06-27 18:57 - 2023-06-27 18:57 - 000001665 _____ C:\mmm.txt
2023-06-27 12:05 - 2023-07-11 20:32 - 000000000 ____D C:\Users\David\AppData\Local\AMD
2023-06-27 12:01 - 2023-06-27 12:01 - 008791352 _____ (Malwarebytes) C:\Users\David\Desktop\AdwCleaner.exe
2023-06-27 12:01 - 2023-06-27 12:01 - 000448512 _____ (OldTimer Tools) C:\Users\David\Desktop\TFC.exe
2023-06-27 12:01 - 2023-06-27 12:01 - 000050688 _____ (Atribune.org) C:\Users\David\Desktop\ATF-Cleaner(1).exe
2023-06-25 11:36 - 2023-06-25 11:36 - 000000000 ____D C:\Users\David\Desktop\backups
2023-06-25 11:31 - 2023-06-25 11:31 - 000388608 _____ (Trend Micro Inc.) C:\Users\David\Desktop\hijackthis.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-07-19 06:03 - 2019-08-09 19:52 - 000000000 ____D C:\FRST
2023-07-19 06:03 - 2019-08-04 20:29 - 000057032 _____ C:\Windows\ZAM.krnl.trace
2023-07-19 06:02 - 2022-02-08 18:48 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-07-19 05:59 - 2009-07-14 06:45 - 000024224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2023-07-19 05:59 - 2009-07-14 06:45 - 000024224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2023-07-19 05:52 - 2021-09-25 09:00 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2023-07-19 05:52 - 2018-06-17 10:42 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-07-19 05:51 - 2022-10-15 09:01 - 000003356 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-07-19 05:51 - 2022-10-15 09:01 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-07-19 05:51 - 2018-07-14 20:43 - 000000000 ____D C:\Program Files\CCleaner
2023-07-19 05:49 - 2023-05-20 09:20 - 000003082 _____ C:\Windows\system32\Tasks\AMDLinkUpdate
2023-07-19 05:49 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-07-18 22:29 - 2018-06-17 12:50 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2023-07-16 22:30 - 2023-02-12 20:12 - 000000000 ____D C:\Users\David\AppData\Roaming\vlc
2023-07-15 21:49 - 2020-05-24 18:13 - 000000000 ____D C:\Users\David\AppData\Roaming\.minecraft
2023-07-14 19:43 - 2018-06-17 21:07 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2023-07-13 03:04 - 2018-06-17 11:07 - 000000000 ____D C:\Windows\system32\MRT
2023-07-13 03:00 - 2018-06-17 11:07 - 173351160 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-07-12 18:41 - 2023-04-23 09:02 - 000003718 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2767009719-3010479440-3224241737-1000UA{5C760954-2F23-49C2-A1B0-2852A08DEFE8}
2023-07-12 18:41 - 2023-04-23 09:02 - 000003650 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2767009719-3010479440-3224241737-1000Core{B62F3645-F9E0-45AD-9849-132A9773D0C5}
2023-07-11 03:09 - 2020-06-26 07:06 - 000003540 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-07-11 03:09 - 2020-06-26 07:06 - 000003412 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-06-29 16:38 - 2019-10-31 19:40 - 000000000 ____D C:\Users\David\AppData\LocalLow\Temp
2023-06-29 16:37 - 2018-06-17 11:21 - 000000000 ____D C:\Windows\system32\Tasks\ASUS
2023-06-28 22:56 - 2009-07-14 07:08 - 000032624 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2023-06-28 22:51 - 2018-06-16 19:31 - 000000000 ____D C:\Users\David
2023-06-28 07:13 - 2019-08-02 22:41 - 000000000 ____D C:\ProgramData\RogueKiller

==================== Files in the root of some directories ========

2021-09-23 09:02 - 2021-10-29 18:07 - 000099384 _____ () C:\Users\David\AppData\Roaming\inst.exe
2021-09-23 09:02 - 2021-10-29 18:07 - 000007859 _____ () C:\Users\David\AppData\Roaming\pcouffin.cat
2021-09-23 09:02 - 2021-10-29 18:07 - 000001167 _____ () C:\Users\David\AppData\Roaming\pcouffin.inf
2021-09-23 09:02 - 2021-10-29 18:07 - 000082816 _____ (VSO Software) C:\Users\David\AppData\Roaming\pcouffin.sys
2019-12-25 20:21 - 2023-01-09 14:18 - 000004608 _____ () C:\Users\David\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-01-30 21:43 - 2020-06-20 14:53 - 000007601 _____ () C:\Users\David\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2023-07-11 00:59
==================== End of FRST.txt ========================