Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16.02.2024
Ran by Zbyšek Hlaváč (administrator) on DESKTOP-NDJPJIE (ASUSTeK COMPUTER INC. X556UV) (18-02-2024 18:04:48)
Running from C:\Users\Zbyšek Hlaváč\Downloads\FRST64.exe
Loaded Profiles: Zbyšek Hlaváč
Platform: Microsoft Windows 10 Home Version 22H2 19045.3930 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.241.0.10\OverwolfHelper.exe
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.241.0.10\OverwolfHelper64.exe
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\0.241.0.10\OverwolfBrowser.exe <4>
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Users\Zbyšek Hlaváč\AppData\Local\Overwolf\ProcessCache\0.241.0.10\cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj\curseforge.exe
(C:\Users\Zbyšek Hlaváč\AppData\Local\Overwolf\ProcessCache\0.241.0.10\cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj\curseforge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Windows\SysWOW64\esif_uf.exe ->) (Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(cmd.exe ->) (Microsoft Corporation -> Mojang) D:\Curse\Install\minecraft.exe <5>
(D:\Curse\Install\minecraft.exe ->) (Microsoft) [File not signed] D:\Curse\Install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
(Discord Inc. -> Discord Inc.) C:\Users\Zbyšek Hlaváč\AppData\Local\Discord\app-1.0.9032\Discord.exe <6>
(DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxEM.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <16>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Samsung Electronics CO., LTD. -> ) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(services.exe ->) (ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c2ac023763d5d3ad\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] (Samsung Electronics CO., LTD. -> )
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-06-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\Update\OneDriveSetup.exe" (No File)
HKLM\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-2795015868-4172513210-562769521-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2598328 2024-02-16] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2795015868-4172513210-562769521-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4386664 2023-12-08] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2795015868-4172513210-562769521-1001\...\Run: [Discord] => C:\Users\Zbyšek Hlaváč\AppData\Local\Discord\Update.exe [1512104 2021-05-24] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2795015868-4172513210-562769521-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1785864 2024-01-07] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-2795015868-4172513210-562769521-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3149616 2022-08-17] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-2795015868-4172513210-562769521-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37180368 2023-12-25] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2795015868-4172513210-562769521-1001\...\Run: [MicrosoftEdgeAutoLaunch_0F61AEA0AB66EB72860815847CA35A74] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3854376 2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\shj2mPC: C:\Windows\System32\spool\prtprocs\x64\shj2mpc.dll [91216 2022-01-24] (联想图像(天津)科技有限公司 -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\shj2m Langmon: C:\WINDOWS\system32\shj2mlm.dll [44264 2019-03-31] (联想图像(天津)科技有限公司 -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\121.0.6167.185\Installer\chrmstp.exe [2024-02-16] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {3B664193-D8CF-4436-9701-FD68EE43C2EC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {303029E8-F394-4A8E-A921-45E3B2D716C1} - System32\Tasks\EPM Preload => C:\Program Files (x86)\HP\Easy Printer Manager\EPM2DotNetHandler.exe [1339976 2019-01-21] (HP Inc. -> )
Task: {280E89DB-F696-4AE5-96A7-EA4326A5F27E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2020-02-18] (Google Inc -> Google Inc.)
Task: {BE3AE6B6-C1D0-4961-8A97-03B8963BA678} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2020-02-18] (Google Inc -> Google Inc.)
Task: {DC0512C0-2DB8-409A-9DF0-66F831BB5DF1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3BF026E4-988F-457D-9298-894966D26F22} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F83BA394-3458-4CAF-A86E-250F65ADA8DC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E78740C3-5175-447F-AB8A-5929F69985D8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4A2EC696-B0B0-430F-8E4C-09F20AD7246A} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130320 2024-02-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {C36392EA-FDF8-4B76-A65C-EC09B6221B04} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2795015868-4172513210-562769521-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130320 2024-02-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {02AC722C-DFAF-4068-B49A-5ED5EDD9A308} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2641928 2024-01-07] (Overwolf Ltd -> Overwolf LTD)
Task: {63B3F89A-7902-4349-8173-ADAF8D60C110} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489920 2017-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {2FC9BCE5-DA38-4111-AC9D-02EEE0A35586} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489920 2017-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.146.118
Tcpip\..\Interfaces\{06eae04f-f4c7-4912-9637-fb06c94a7f7a}: [DhcpNameServer] 192.168.146.118
Tcpip\..\Interfaces\{6f7fccd6-c263-4e2f-8eaa-86468a344ace}: [DhcpNameServer] 10.0.1.138
Tcpip\..\Interfaces\{6f7fccd6-c263-4e2f-8eaa-86468a344ace}: [DhcpDomain] home

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Zbyšek Hlaváč\AppData\Local\Microsoft\Edge\User Data\Default [2024-01-22]
Edge Extension: (Dokumenty Google offline) - C:\Users\Zbyšek Hlaváč\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-21]
Edge Extension: (Edge relevant text changes) - C:\Users\Zbyšek Hlaváč\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-21]
Edge Profile: C:\Users\Zbyšek Hlaváč\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2022-09-23]
Edge Profile: C:\Users\Zbyšek Hlaváč\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2024-01-22]
Edge Extension: (Dokumenty Google offline) - C:\Users\Zbyšek Hlaváč\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-21]
Edge Extension: (Edge relevant text changes) - C:\Users\Zbyšek Hlaváč\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-21]
Edge Profile: C:\Users\Zbyšek Hlaváč\AppData\Local\Microsoft\Edge\User Data\Profile 2 [2024-01-22]
Edge Extension: (Dokumenty Google offline) - C:\Users\Zbyšek Hlaváč\AppData\Local\Microsoft\Edge\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-21]
Edge Extension: (Edge relevant text changes) - C:\Users\Zbyšek Hlaváč\AppData\Local\Microsoft\Edge\User Data\Profile 2\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-21]

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.301.2 -> C:\Program Files\Java\jre1.8.0_301\bin\dtplugin\npDeployJava1.dll [2021-07-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.301.2 -> C:\Program Files\Java\jre1.8.0_301\bin\plugin2\npjp2.dll [2021-07-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2024-02-10] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Zbyšek Hlaváč\AppData\Local\Google\Chrome\User Data\Default [2024-02-18]
CHR Notifications: Default -> hxxps://highercaptcha-settle.com; hxxps://mail.google.com; hxxps://www.facebook.com; hxxps://www.youtube.com; hxxps://za-play.cz
CHR Extension: (BlockSite: Block Websites & Stay Focused) - C:\Users\Zbyšek Hlaváč\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh [2024-02-18]
CHR Extension: (Dokumenty Google offline) - C:\Users\Zbyšek Hlaváč\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-10]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Zbyšek Hlaváč\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-02-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Zbyšek Hlaváč\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Profile: C:\Users\Zbyšek Hlaváč\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-05-18]
CHR Profile: C:\Users\Zbyšek Hlaváč\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-08-13]
CHR Notifications: Profile 1 -> hxxps://mail.google.com
CHR Extension: (Dokumenty Google offline) - C:\Users\Zbyšek Hlaváč\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Zbyšek Hlaváč\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-31]
CHR Profile: C:\Users\Zbyšek Hlaváč\AppData\Local\Google\Chrome\User Data\System Profile [2024-02-18]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [935344 2023-09-06] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2022-03-03] (Epic Games Inc. -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncHelper.exe [3515936 2024-02-16] (Microsoft Corporation -> Microsoft Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.020.0128.0003\OneDriveUpdaterService.exe [3853856 2024-02-16] (Microsoft Corporation -> Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2579272 2022-08-17] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3497808 2022-08-17] (Electronic Arts, Inc. -> Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2641928 2024-01-07] (Overwolf Ltd -> Overwolf LTD)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2023-03-18] (Even Balance, Inc. -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2024-01-20] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2024-01-20] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
R3 MpKsld88430f5; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{451B5F0C-AAA2-484F-BBFF-FCBE803FD87B}\MpKslDrv.sys [263560 2024-01-22] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsle032effe; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{451B5F0C-AAA2-484F-BBFF-FCBE803FD87B}\MpKslDrv.sys [263560 2024-01-22] (Microsoft Windows -> Microsoft Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2024-01-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2024-01-20] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2024-01-20] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Three months (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-02-18 18:04 - 2024-02-18 18:04 - 000000000 ____D C:\Users\Zbyšek Hlaváč\Downloads\FRST-OlderVersion
2024-02-16 16:38 - 2024-02-16 16:38 - 000004166 _____ C:\Users\Zbyšek Hlaváč\Downloads\cetisilverclay.nbt
2024-02-16 16:37 - 2024-02-16 16:37 - 000003216 _____ C:\Users\Zbyšek Hlaváč\Downloads\iron_farm.nbt
2024-02-16 16:36 - 2024-02-16 16:36 - 000003575 _____ C:\Users\Zbyšek Hlaváč\Downloads\biofule_3_0.nbt
2024-02-16 16:35 - 2024-02-16 16:35 - 000008739 _____ C:\Users\Zbyšek Hlaváč\Downloads\mixed_salad_farm_2_3.nbt
2024-02-16 16:34 - 2024-02-16 16:34 - 000006721 _____ C:\Users\Zbyšek Hlaváč\Downloads\obsidian_farm.nbt
2024-02-16 16:34 - 2024-02-16 16:34 - 000001476 _____ C:\Users\Zbyšek Hlaváč\Downloads\cutting_board_automation.nbt
2024-02-16 16:33 - 2024-02-16 16:33 - 000019376 _____ C:\Users\Zbyšek Hlaváč\Downloads\big_iris_door.nbt
2024-02-16 16:32 - 2024-02-16 16:32 - 000003229 _____ C:\Users\Zbyšek Hlaváč\Downloads\dpfox86_autocertus_v2_0.nbt
2024-02-16 16:31 - 2024-02-16 16:31 - 000002861 _____ C:\Users\Zbyšek Hlaváč\Downloads\premoon_universal_seq_assembler_vol.nbt
2024-02-16 16:31 - 2024-02-16 16:31 - 000002294 _____ C:\Users\Zbyšek Hlaváč\Downloads\universal_seq_assembler_vol.nbt
2024-02-16 16:29 - 2024-02-16 16:29 - 000004342 _____ C:\Users\Zbyšek Hlaváč\Downloads\elevator.nbt
2024-02-16 16:29 - 2024-02-16 16:29 - 000001696 _____ C:\Users\Zbyšek Hlaváč\Downloads\elevator_controls.nbt
2024-02-16 16:29 - 2024-02-16 16:29 - 000000451 _____ C:\Users\Zbyšek Hlaváč\Downloads\create_elevator_controls.nbt
2024-02-16 16:28 - 2024-02-16 16:28 - 000009707 _____ C:\Users\Zbyšek Hlaváč\Downloads\new_seared_stone_farm.nbt
2024-02-16 16:25 - 2024-02-16 16:25 - 000003956 _____ C:\Users\Zbyšek Hlaváč\Downloads\justincasev1_1_1.nbt
2024-02-16 16:25 - 2024-02-16 16:25 - 000003680 _____ C:\Users\Zbyšek Hlaváč\Downloads\good_looking_smeltery.nbt
2024-02-16 16:24 - 2024-02-16 16:24 - 000002470 _____ C:\Users\Zbyšek Hlaváč\Downloads\integrated_circuit_assembler.nbt
2024-02-13 17:05 - 2024-02-14 10:03 - 000050495 _____ C:\Users\Zbyšek Hlaváč\Downloads\Shortcut.txt
2024-02-13 16:58 - 2024-02-14 10:03 - 000065887 _____ C:\Users\Zbyšek Hlaváč\Downloads\Addition.txt
2024-02-13 16:46 - 2024-02-18 18:07 - 000018913 _____ C:\Users\Zbyšek Hlaváč\Downloads\FRST.txt
2024-02-13 16:44 - 2024-02-18 18:06 - 000000000 ____D C:\FRST
2024-02-13 16:40 - 2024-02-18 18:04 - 002390016 _____ (Farbar) C:\Users\Zbyšek Hlaváč\Downloads\FRST64.exe
2024-02-04 21:37 - 2024-02-04 21:36 - 001053007 _____ C:\Users\Zbyšek Hlaváč\Desktop\freecam-fabric-1.2.1+1.18.jar
2024-02-04 21:37 - 2024-02-04 21:36 - 000040813 _____ C:\Users\Zbyšek Hlaváč\Desktop\boosted-brightness-2.1.1+1.18.2.jar
2024-01-21 03:42 - 2024-01-21 03:42 - 000000000 ____D C:\WINDOWS\InboxApps
2024-01-21 02:27 - 2024-01-21 02:27 - 000016707 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-01-21 01:27 - 2024-01-21 01:27 - 000000000 ___HD C:\$WinREAgent
2024-01-20 11:35 - 2024-01-20 11:35 - 000000223 _____ C:\Users\Zbyšek Hlaváč\Desktop\STAR WARS Jedi Survivor™.url
2023-12-25 20:49 - 2023-12-25 20:49 - 000000000 ____D C:\Users\Zbyšek Hlaváč\Documents\My Games
2023-12-25 20:49 - 2023-12-25 20:49 - 000000000 ____D C:\Users\Zbyšek Hlaváč\AppData\Local\Fallout3
2023-12-25 20:49 - 2023-12-25 20:49 - 000000000 ____D C:\Users\Zbyšek Hlaváč\AppData\Local\BethesdaNet
2023-12-25 20:20 - 2023-12-25 20:20 - 000000372 _____ C:\Users\Zbyšek Hlaváč\Desktop\Fallout 3 Game of the Year Edition.url
2023-12-25 18:30 - 2023-12-25 18:30 - 000000000 ____D C:\Program Files\Epic Games
2023-12-09 21:19 - 2023-12-09 21:21 - 077487738 _____ C:\Users\Zbyšek Hlaváč\Downloads\minecolonies-1.20.1-1.1.328-BETA (1).jar
2023-12-09 21:19 - 2023-12-09 21:20 - 077487738 _____ C:\Users\Zbyšek Hlaváč\Desktop\minecolonies-1.20.1-1.1.328-BETA.jar
2023-11-28 20:40 - 2023-11-28 20:40 - 000148435 _____ C:\Users\Zbyšek Hlaváč\Downloads\atm8_last_backup.zip.torrent
2023-11-26 16:09 - 2023-11-26 16:09 - 000000000 ____D C:\Users\Zbyšek Hlaváč\AppData\LocalLow\Squad
2023-11-26 16:07 - 2023-11-26 16:08 - 000000000 ____D C:\Users\Zbyšek Hlaváč\AppData\Roaming\PD Launcher
2023-11-26 16:07 - 2023-11-26 16:08 - 000000000 ____D C:\Users\Zbyšek Hlaváč\AppData\Local\PD Launcher
2023-11-26 13:46 - 2023-11-26 13:46 - 000000222 _____ C:\Users\Zbyšek Hlaváč\Desktop\Kerbal Space Program.url

==================== Three months (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-02-18 17:57 - 2020-12-12 16:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-02-18 17:55 - 2021-12-19 02:42 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-02-18 17:55 - 2020-02-18 16:28 - 000000000 ____D C:\Program Files (x86)\Google
2024-02-18 15:33 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-02-17 22:40 - 2020-09-06 13:30 - 000000000 ____D C:\Users\Zbyšek Hlaváč\AppData\Local\D3DSCache
2024-02-17 19:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-02-16 18:31 - 2021-09-16 12:51 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-02-16 18:29 - 2022-10-12 17:02 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2024-02-16 18:21 - 2023-10-10 19:43 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-02-16 18:21 - 2023-10-10 19:42 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-02-16 18:21 - 2023-10-10 19:42 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-02-16 18:21 - 2022-01-15 11:51 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2795015868-4172513210-562769521-1001
2024-02-16 16:33 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-02-16 16:32 - 2022-10-21 15:13 - 000095848 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2024-02-16 16:32 - 2022-10-21 15:13 - 000075256 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2024-02-16 16:32 - 2021-11-20 16:45 - 000202344 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2024-02-16 16:32 - 2020-07-28 17:15 - 002713080 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2024-02-16 16:32 - 2020-07-28 17:15 - 000689656 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2024-02-16 16:32 - 2020-07-28 17:15 - 000218728 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2024-02-16 16:32 - 2020-07-28 17:15 - 000144888 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2024-02-16 16:32 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-02-16 16:30 - 2020-02-18 16:29 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-02-15 12:22 - 2021-07-20 19:13 - 000000000 ____D C:\Users\Zbyšek Hlaváč\AppData\Local\Overwolf
2024-02-14 10:50 - 2021-07-30 23:14 - 000000000 ____D C:\Users\Zbyšek Hlaváč\AppData\Local\Discord
2024-02-13 14:51 - 2021-07-30 23:14 - 000000000 ____D C:\Users\Zbyšek Hlaváč\AppData\Roaming\discord
2024-02-11 18:17 - 2021-07-20 18:36 - 000000000 ____D C:\Users\Zbyšek Hlaváč\AppData\Roaming\.minecraft
2024-02-08 17:51 - 2021-07-30 23:15 - 000002267 _____ C:\Users\Zbyšek Hlaváč\Desktop\Discord.lnk
2024-02-05 22:37 - 2023-05-19 14:35 - 000002333 _____ C:\Users\Zbyšek Hlaváč\Desktop\FTB App.lnk
2024-02-05 22:36 - 2022-07-02 12:29 - 000504756 _____ C:\WINDOWS\system32\perfh008.dat
2024-02-05 22:36 - 2022-07-02 12:29 - 000081316 _____ C:\WINDOWS\system32\perfc008.dat
2024-02-05 22:36 - 2021-07-20 19:17 - 000002333 _____ C:\Users\Zbyšek Hlaváč\Desktop\CurseForge.lnk
2024-02-05 22:36 - 2020-12-12 16:49 - 002185856 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-02-05 22:36 - 2019-12-07 15:41 - 000684882 _____ C:\WINDOWS\system32\perfh005.dat
2024-02-05 22:36 - 2019-12-07 15:41 - 000137646 _____ C:\WINDOWS\system32\perfc005.dat
2024-02-05 22:32 - 2020-02-18 15:48 - 000000000 __SHD C:\Users\Zbyšek Hlaváč\IntelGraphicsProfiles
2024-02-05 22:30 - 2020-02-18 15:45 - 000000000 ____D C:\ProgramData\NVIDIA
2024-02-05 22:28 - 2020-12-12 17:07 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-02-05 22:28 - 2020-12-12 16:29 - 000008192 ___SH C:\DumpStack.log.tmp
2024-02-05 22:28 - 2020-02-18 15:48 - 000000000 ____D C:\Intel
2024-02-05 22:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2024-02-05 22:27 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-02-05 22:23 - 2020-12-12 16:36 - 000000000 ____D C:\Users\Zbyšek Hlaváč
2024-02-02 19:37 - 2020-12-12 17:07 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-02-02 19:37 - 2020-12-12 17:07 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-02-02 19:37 - 2020-03-27 15:19 - 000000000 ____D C:\Program Files (x86)\Steam
2024-01-28 22:08 - 2022-01-03 16:51 - 000000000 ____D C:\Users\Zbyšek Hlaváč\AppData\Local\Ubisoft Game Launcher
2024-01-26 22:21 - 2020-05-14 03:45 - 000000000 ____D C:\Users\Zbyšek Hlaváč\AppData\Local\CrashDumps
2024-01-26 22:15 - 2020-10-01 07:36 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2024-01-26 22:14 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-01-21 03:59 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-01-21 03:58 - 2020-02-18 15:27 - 000000000 ____D C:\Users\Zbyšek Hlaváč\AppData\Local\Packages
2024-01-21 03:53 - 2020-08-25 20:31 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-01-21 03:49 - 2020-12-12 16:29 - 000456584 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-01-21 03:43 - 2022-07-02 12:28 - 000000000 ____D C:\WINDOWS\SysWOW64\el
2024-01-21 03:43 - 2022-07-02 12:28 - 000000000 ____D C:\WINDOWS\system32\el
2024-01-21 03:43 - 2019-12-07 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2024-01-21 03:43 - 2019-12-07 15:41 - 000000000 ____D C:\WINDOWS\system32\cs
2024-01-21 03:43 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2024-01-21 03:43 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2024-01-21 03:43 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-01-21 03:43 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2024-01-21 03:43 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-01-21 03:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-01-21 03:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-01-21 03:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2024-01-21 03:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2024-01-21 03:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2024-01-21 03:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2024-01-21 03:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2024-01-21 03:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2024-01-21 03:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2024-01-21 03:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-01-21 03:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2024-01-21 03:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2024-01-21 03:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-01-21 03:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-01-21 03:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-01-21 03:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2024-01-21 03:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2024-01-21 03:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-01-21 03:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-01-21 03:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-01-21 03:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-01-21 03:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-01-21 03:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-01-21 03:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2024-01-21 03:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2024-01-21 03:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2024-01-21 03:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2024-01-21 03:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-01-21 03:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2024-01-21 03:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2024-01-21 03:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-01-21 03:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2024-01-21 03:42 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2024-01-21 03:42 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2024-01-21 03:42 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-01-21 03:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemApps
2024-01-21 03:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-01-21 03:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-01-21 03:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2024-01-21 03:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-01-21 03:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2024-01-21 03:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-01-21 03:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\appcompat
2024-01-21 03:42 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2024-01-21 03:42 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2024-01-21 03:42 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2024-01-21 03:42 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2024-01-21 02:53 - 2019-12-07 15:44 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2024-01-21 02:53 - 2019-12-07 15:44 - 000020827 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2024-01-21 02:53 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2024-01-21 02:53 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2024-01-21 02:25 - 2020-12-12 16:33 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-01-21 01:18 - 2020-02-18 15:43 - 000000000 ____D C:\ProgramData\Packages
2024-01-21 00:55 - 2020-02-18 16:14 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-01-21 00:54 - 2020-02-18 16:14 - 189718008 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-01-21 00:35 - 2023-09-19 16:04 - 000263672 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_3.dll
2024-01-20 22:49 - 2020-02-18 15:09 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-01-20 22:48 - 2023-04-14 16:28 - 000000000 ____D C:\Program Files\RUXIM
2024-01-20 21:03 - 2020-02-18 15:32 - 000918944 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2024-01-20 20:58 - 2023-02-28 18:08 - 000000000 ____D C:\Program Files (x86)\Overwolf
2024-01-20 11:35 - 2020-09-06 13:36 - 000000000 ____D C:\Users\Zbyšek Hlaváč\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2024-01-20 11:30 - 2023-04-08 15:00 - 000000000 ____D C:\Program Files (x86)\AGB-GT
2024-01-20 11:27 - 2020-12-12 17:07 - 000003768 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2024-01-20 11:27 - 2020-12-12 17:07 - 000003644 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

==================== Files in the root of some directories ========

2021-07-23 14:45 - 2021-07-23 14:45 - 000007597 _____ () C:\Users\Zbyšek Hlaváč\AppData\Local\Resmon.ResmonCfg

==================== SigCheckExt =========================

2014-09-08 13:37 - 2014-09-08 13:37 - 000072192 _____ C:\WINDOWS\system32\CDASpl.dll
2021-02-08 19:44 - 2018-10-22 22:50 - 002847744 ____N C:\WINDOWS\system32\DlgSearchEngine.dll
2018-06-14 09:50 - 2018-06-14 09:50 - 000087552 _____ C:\WINDOWS\system32\ssdevm64.dll
2018-06-14 09:50 - 2018-06-14 09:50 - 000049152 _____ C:\WINDOWS\system32\ssusbp64.dll
2021-02-08 19:43 - 2018-10-22 22:50 - 002094592 ____N C:\WINDOWS\SysWOW64\DlgSearchEngine.dll
2018-06-14 09:50 - 2018-06-14 09:50 - 000094208 _____ C:\WINDOWS\SysWOW64\ssdevm.dll
2018-06-14 09:50 - 2018-06-14 09:50 - 000049152 _____ (Samsung Electronics) C:\WINDOWS\SysWOW64\ssusbpn.dll
2023-01-15 15:48 - 2023-01-15 15:48 - 022445318 _____ C:\Users\Zbyšek Hlaváč\Desktop\bulanci.exe
2022-09-28 09:14 - 2022-09-28 09:14 - 000198656 _____ (Epic Games, Inc.) C:\Users\Zbyšek Hlaváč\Desktop\FactoryGame.exe
2023-02-07 15:43 - 2021-05-23 17:07 - 040978375 _____ (Firestorm ) C:\Users\Zbyšek Hlaváč\Desktop\FirestormLauncherSetup.exe
2021-10-09 10:46 - 2021-10-09 10:47 - 264424269 _____ (Realtek Semiconductor Corp.) C:\Users\Zbyšek Hlaváč\Downloads\0009-64bit_Win7_Win8_Win81_Win10_R282.exe
2022-10-25 19:39 - 2022-10-25 19:39 - 002771690 _____ (ATLauncher ) C:\Users\Zbyšek Hlaváč\Downloads\ATLauncher-setup-1.1.0.0.exe
2024-02-13 16:40 - 2024-02-18 18:04 - 002390016 _____ (Farbar) C:\Users\Zbyšek Hlaváč\Downloads\FRST64.exe
2023-06-10 16:07 - 2023-06-10 16:07 - 010955776 _____ C:\Users\Zbyšek Hlaváč\Downloads\ftb-debug (1).exe
2023-05-19 14:38 - 2023-05-19 14:38 - 010955776 _____ C:\Users\Zbyšek Hlaváč\Downloads\ftb-debug.exe
2020-03-27 12:42 - 2020-03-27 12:43 - 089011280 _____ (TeamSpeak Systems GmbH) C:\Users\Zbyšek Hlaváč\Downloads\TeamSpeak3-Client-win64-3.5.1.exe

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


==================== BCD ================================

Firmware Boot Manager
---------------------
identifier              {fwbootmgr}
displayorder            {bootmgr}
                        {340d0f3f-5257-11ea-a8aa-ef8ff5452f13}
                        {56812217-5259-11ea-9790-806e6f6e6963}
                        {56812218-5259-11ea-9790-806e6f6e6963}
                        {56812219-5259-11ea-9790-806e6f6e6963}
timeout                 1

Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=\Device\HarddiskVolume2
path                    \EFI\Microsoft\Boot\bootmgfw.efi
description             Windows Boot Manager
locale                  cs-CZ
inherit                 {globalsettings}
default                 {current}
resumeobject            {b7e2a343-3c8e-11eb-8afa-aadb16967f5d}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30

Firmware Application (101fffff)
-------------------------------
identifier              {340d0f3f-5257-11ea-a8aa-ef8ff5452f13}
device                  unknown
description             UEFI: JetFlashTranscend 8GB 1100, Partition 1

Firmware Application (101fffff)
-------------------------------
identifier              {56812217-5259-11ea-9790-806e6f6e6963}
description             UEFI:CD/DVD Drive

Firmware Application (101fffff)
-------------------------------
identifier              {56812218-5259-11ea-9790-806e6f6e6963}
description             UEFI:Removable Device

Firmware Application (101fffff)
-------------------------------
identifier              {56812219-5259-11ea-9790-806e6f6e6963}
description             UEFI:Network Device

Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \WINDOWS\system32\winload.efi
description             Windows 10
locale                  cs-CZ
inherit                 {bootloadersettings}
recoverysequence        {b7e2a345-3c8e-11eb-8afa-aadb16967f5d}
displaymessageoverride  Recovery
recoveryenabled         Yes
isolatedcontext         Yes
allowedinmemorysettings 0x15000075
osdevice                partition=C:
systemroot              \WINDOWS
resumeobject            {b7e2a343-3c8e-11eb-8afa-aadb16967f5d}
nx                      OptOut
numproc                 4
bootmenupolicy          Standard
usefirmwarepcisettings  No

Windows Boot Loader
-------------------
identifier              {b7e2a345-3c8e-11eb-8afa-aadb16967f5d}
device                  ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{b7e2a346-3c8e-11eb-8afa-aadb16967f5d}
path                    \windows\system32\winload.efi
description             Windows Recovery Environment
locale                  cs-CZ
inherit                 {bootloadersettings}
displaymessage          Recovery
osdevice                ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{b7e2a346-3c8e-11eb-8afa-aadb16967f5d}
systemroot              \windows
nx                      OptIn
bootmenupolicy          Standard
winpe                   Yes

Resume from Hibernate
---------------------
identifier              {b7e2a343-3c8e-11eb-8afa-aadb16967f5d}
device                  partition=C:
path                    \WINDOWS\system32\winresume.efi
description             Windows Resume Application
locale                  cs-CZ
inherit                 {resumeloadersettings}
recoverysequence        {b7e2a345-3c8e-11eb-8afa-aadb16967f5d}
recoveryenabled         Yes
isolatedcontext         Yes
allowedinmemorysettings 0x15000075
filedevice              partition=C:
filepath                \hiberfil.sys
bootmenupolicy          Standard
debugoptionenabled      No

Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=\Device\HarddiskVolume2
path                    \EFI\Microsoft\Boot\memtest.efi
description             Diagnostika paměti systému Windows
locale                  cs-CZ
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS Settings
------------
identifier              {emssettings}
bootems                 No

Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Local

RAM Defects
-----------
identifier              {badmemory}

Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}

Device options
--------------
identifier              {b7e2a346-3c8e-11eb-8afa-aadb16967f5d}
description             Windows Recovery
ramdisksdidevice        partition=\Device\HarddiskVolume1
ramdisksdipath          \Recovery\WindowsRE\boot.sdi

==================== End of FRST.txt ========================