Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

častá CAPTCHA na Google

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
dokturek11
Návštěvník
Návštěvník
Příspěvky: 4
Registrován: 24 bře 2021 16:32

častá CAPTCHA na Google

#1 Příspěvek od dokturek11 »

Dobrý den,

prosím o kontrolu, na google mám poměrně často capthu. Dělá to od doby, co jsem změnil poskytovatele. Pokud bude log čistý, je možné, že je chyba u poskytovatele?

Předem mockrát děkuji.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-03-2021
Ran by Dokto (administrator) on DESKTOP-8VEH03A (Micro-Star International Co., Ltd. MS-7A34) (24-03-2021 16:36:18)
Running from C:\Users\Dokto\Desktop
Loaded Profiles: Dokto
Platform: Windows 10 Pro Version 20H2 19042.867 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0361132.inf_amd64_4863ccf4c1b997c9\B361196\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0361132.inf_amd64_4863ccf4c1b997c9\B361196\atiesrxx.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2102.8653.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.521.3093.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.521.3093.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Windows -> Microsoft Corporation) C:\Users\Dokto\AppData\Local\Temp\D1E3D964-C264-4066-9221-C7B22C4A7D1D\DismHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SystemSettingsAdminFlows.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.860_none_e73d0c67262f5c28\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Samsung Electronics CO., LTD. -> ) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] (Samsung Electronics CO., LTD. -> )
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269328 2019-01-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3137728 2021-01-09] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKU\S-1-5-21-2588642571-1065584595-175318307-1001\...\Run: [Spotify] => C:\Users\Dokto\AppData\Roaming\Spotify\Spotify.exe [23854664 2021-03-07] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2588642571-1065584595-175318307-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4087528 2021-03-22] (Valve -> Valve Corporation)
HKU\S-1-5-21-2588642571-1065584595-175318307-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [14858824 2020-12-23] (GOG Sp. z o.o. -> GOG.com)
HKLM\...\Windows x64\Print Processors\ssm4mPC: C:\Windows\System32\spool\prtprocs\x64\ssm4mpc.dll [52088 2019-06-20] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\ssm4m Langmon: C:\WINDOWS\system32\ssm4mlm.dll [22528 2015-06-11] (Microsoft Windows Hardware Compatibility Publisher -> )
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {276429B0-1ACA-4062-BD2D-AA301FC4F27D} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-11-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {293D9119-8039-47AB-B87F-F0539FAC3ECA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2D583726-A3C5-4232-985D-4AEB9CC33237} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [694256 2021-03-11] (Mozilla Corporation -> Mozilla Foundation)
Task: {406BC582-F784-4C06-9EA7-0AFB0AA635CF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {5025CC05-6455-431B-BA3E-73D936AB7E12} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1710464 2020-11-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {5AC41905-847E-455E-9140-C90565B06033} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Dokto\Downloads\esetonlinescanner.exe
Task: {71ECD561-04C8-4897-857E-BA2CDB715F5C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23080824 2021-03-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {8ED35008-25AC-4F4F-AADB-C14E749C5EBE} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1710464 2020-11-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {91A94C7F-8D88-43B3-A0E6-7E4A549E80C5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {952BEB20-C16B-4B0A-A918-2CDA830A127B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4004296 2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {9D627187-86A3-41EA-9DF7-BDA772EA48CE} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23080824 2021-03-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {A301B49F-8655-40B1-A33A-3ABEC8FC1134} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2491736 2021-02-26] (Overwolf Ltd -> Overwolf LTD)
Task: {A5C55EC2-2B22-4BF9-9E70-3931E37C0FCA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B3992E27-7B71-4868-8666-EF5752153BCD} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-11-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {B3A35E74-8176-4B9C-B57A-DF287B448D70} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1710464 2020-11-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {B5B0C1D0-7389-44E1-A6C1-C26BFA6C6C74} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114024 2021-03-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {B76CDDA3-4834-4E0E-8CA2-53BFFCEBEF3E} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114024 2021-03-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {CF2AD1DF-3232-47F4-BE5A-1B6DE120D50F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4004296 2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {E9209616-26C5-4B37-99F6-116C17F275B6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FAA768A5-B72D-4D24-BA93-95B13B01030D} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Dokto\Downloads\esetonlinescanner.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{934935fc-0540-40c2-98ae-a7d8324a94ed}: [DhcpNameServer] 192.168.1.1

Edge:
=======
DownloadDir: C:\Users\Dokto\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-2588642571-1065584595-175318307-1001 -> hxxp://seznam.cz/
Edge DefaultProfile: Default
Edge Profile: C:\Users\Dokto\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-24]
Edge DownloadDir: C:\Users\Dokto\Downloads
Edge HomePage: Default -> hxxp://seznam.cz/
Edge StartupUrls: Default -> "hxxp://seznam.cz/"

FireFox:
========
FF DefaultProfile: 6l5q1hez.default
FF ProfilePath: C:\Users\Dokto\AppData\Roaming\Mozilla\Firefox\Profiles\6l5q1hez.default [2020-01-25]
FF ProfilePath: C:\Users\Dokto\AppData\Roaming\Mozilla\Firefox\Profiles\pgoa3yck.default-release [2021-03-24]
FF Homepage: Mozilla\Firefox\Profiles\pgoa3yck.default-release -> hxxps://www.seznam.cz/
FF Extension: (I don't care about cookies) - C:\Users\Dokto\AppData\Roaming\Mozilla\Firefox\Profiles\pgoa3yck.default-release\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2021-03-08]
FF Extension: (uBlock Origin) - C:\Users\Dokto\AppData\Roaming\Mozilla\Firefox\Profiles\pgoa3yck.default-release\Extensions\uBlock0@raymondhill.net.xpi [2021-03-11]
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-03-06] (Adobe Inc. -> Adobe Systems Inc.)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8615864 2020-05-30] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8990072 2021-03-11] (Microsoft Corporation -> Microsoft Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1741384 2020-12-23] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6821960 2020-03-18] (GOG Sp. z o.o. -> GOG.com)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2522424 2020-11-25] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3476800 2020-11-25] (Electronic Arts, Inc. -> Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2491736 2021-02-26] (Overwolf Ltd -> Overwolf LTD)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5352528 2021-03-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe [2483616 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe [128376 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-03-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [420072 2021-03-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-16] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-24 16:36 - 2021-03-24 16:36 - 000016159 _____ C:\Users\Dokto\Desktop\FRST.txt
2021-03-24 16:35 - 2021-03-24 16:36 - 000000000 ____D C:\FRST
2021-03-24 16:34 - 2021-03-24 16:34 - 002300928 _____ (Farbar) C:\Users\Dokto\Desktop\FRST64.exe
2021-03-20 20:54 - 2021-03-20 20:54 - 002669441 _____ C:\Users\Dokto\Downloads\67b8619b-b04a-4dbd-9ffe-600e82d880ef.pdf
2021-03-19 20:33 - 2021-03-19 20:33 - 000082444 _____ C:\Users\Dokto\Downloads\receipt.pdf
2021-03-12 08:21 - 2021-03-12 08:21 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-12 08:21 - 2021-03-12 08:21 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-12 08:21 - 2021-03-12 08:21 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-12 08:21 - 2021-03-12 08:21 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-12 08:21 - 2021-03-12 08:21 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-03-12 08:21 - 2021-03-12 08:21 - 000480256 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-03-12 08:21 - 2021-03-12 08:21 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-03-12 08:20 - 2021-03-12 08:20 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-12 08:20 - 2021-03-12 08:20 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-12 08:20 - 2021-03-12 08:20 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-03-12 08:20 - 2021-03-12 08:20 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-12 08:20 - 2021-03-12 08:20 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-03-12 08:14 - 2021-03-12 08:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-03-11 21:52 - 2021-03-12 08:26 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-03-07 13:31 - 2021-03-07 13:31 - 000000027 _____ C:\Users\Dokto\Documents\Telefon prace.txt
2021-02-23 17:35 - 2021-02-23 17:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wolfenstein - The Old Blood [GOG.com]
2021-02-22 19:25 - 2021-02-22 19:25 - 000000000 ____D C:\Users\Dokto\AppData\Roaming\A Plague Tale Innocence

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-24 16:36 - 2020-01-25 23:40 - 000000000 ____D C:\Users\Dokto\AppData\LocalLow\Mozilla
2021-03-24 16:36 - 2020-01-25 23:40 - 000000000 ____D C:\ProgramData\Mozilla
2021-03-24 16:33 - 2020-01-25 22:52 - 000000000 ____D C:\Users\Dokto\AppData\Local\D3DSCache
2021-03-24 16:30 - 2020-01-25 23:43 - 000000000 ____D C:\Users\Dokto\AppData\Local\Battle.net
2021-03-24 16:28 - 2020-12-20 15:10 - 000000000 ____D C:\Users\Dokto\AppData\Local\AMD_Common
2021-03-24 16:04 - 2020-11-11 16:40 - 000002172 _____ C:\Users\Dokto\Desktop\CurseForge.lnk
2021-03-24 16:04 - 2020-11-11 16:37 - 000000000 ____D C:\Users\Dokto\AppData\Local\Overwolf
2021-03-24 16:03 - 2020-07-18 11:39 - 000003126 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2021-03-24 16:03 - 2020-07-18 11:39 - 000003110 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2021-03-24 16:03 - 2020-07-18 11:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-24 16:02 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-24 15:06 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-24 15:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-24 04:51 - 2020-12-20 18:05 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-03-23 16:59 - 2020-01-25 23:34 - 000000000 ____D C:\Program Files (x86)\Steam
2021-03-23 16:56 - 2020-01-25 23:29 - 000000000 ____D C:\Users\Dokto\AppData\Local\Spotify
2021-03-23 16:40 - 2020-01-25 23:28 - 000000000 ____D C:\Users\Dokto\AppData\Roaming\Spotify
2021-03-21 15:06 - 2020-01-25 23:32 - 000000000 ____D C:\Users\Dokto\AppData\Roaming\Discord
2021-03-20 17:04 - 2020-06-08 03:57 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-19 17:11 - 2020-01-25 23:52 - 000000000 ____D C:\Users\Dokto\AppData\Roaming\vlc
2021-03-19 15:15 - 2020-01-26 07:47 - 000000000 ____D C:\World of Warcraft
2021-03-19 15:14 - 2020-01-25 23:41 - 000000000 ____D C:\Program Files (x86)\Battle.net
2021-03-17 17:42 - 2020-01-25 23:24 - 000000000 ____D C:\Users\Dokto\AppData\Roaming\KeePass
2021-03-16 09:32 - 2020-01-25 21:39 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-03-15 23:26 - 2020-07-18 11:39 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2588642571-1065584595-175318307-1001
2021-03-15 23:26 - 2020-07-18 11:21 - 000002361 _____ C:\Users\Dokto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-03-15 23:26 - 2020-01-25 22:46 - 000000000 ___RD C:\Users\Dokto\OneDrive
2021-03-12 15:28 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-03-12 12:25 - 2020-01-25 23:33 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-03-12 08:48 - 2020-07-18 11:43 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-03-12 08:48 - 2019-12-07 15:43 - 000716770 _____ C:\WINDOWS\system32\perfh005.dat
2021-03-12 08:48 - 2019-12-07 15:43 - 000144948 _____ C:\WINDOWS\system32\perfc005.dat
2021-03-12 08:40 - 2020-07-18 11:39 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-12 08:40 - 2020-07-18 11:36 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-12 08:40 - 2020-01-25 22:52 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2021-03-12 08:40 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-03-12 08:39 - 2020-07-18 11:21 - 000000000 ____D C:\Users\Dokto
2021-03-12 08:39 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-12 08:26 - 2020-07-18 11:36 - 000643456 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-12 08:26 - 2020-01-25 23:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-03-12 08:25 - 2019-12-07 15:47 - 000000000 ___SD C:\WINDOWS\system32\AppV
2021-03-12 08:25 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-03-12 08:25 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-12 08:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-12 08:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-12 08:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-12 08:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-12 08:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-12 08:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-12 08:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-12 08:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-12 08:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-12 08:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-12 08:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-12 08:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-12 08:15 - 2020-01-25 22:58 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-12 08:14 - 2020-01-25 23:40 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-03-12 08:13 - 2020-01-25 22:58 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-03-07 13:35 - 2020-01-25 22:52 - 000000000 ____D C:\Program Files\AMD
2021-03-07 10:06 - 2020-11-11 16:40 - 000000000 ____D C:\Program Files (x86)\Overwolf
2021-03-07 01:14 - 2020-01-25 22:44 - 000000000 ____D C:\Users\Dokto\AppData\Local\Packages
2021-03-06 14:48 - 2020-01-25 22:47 - 000000000 ____D C:\Users\Dokto\AppData\Local\PlaceholderTileLogoFolder
2021-03-06 12:19 - 2020-01-25 23:49 - 000002346 _____ C:\ProgramData\Desktop\Samsung Printer Diagnostics.lnk
2021-03-06 12:19 - 2020-01-25 23:49 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
2021-03-06 12:19 - 2020-01-25 23:49 - 000000000 ____D C:\Program Files (x86)\SamsungPrinterLiveUpdateInstaller
2021-03-05 09:00 - 2020-07-18 11:39 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-05 09:00 - 2020-07-18 11:39 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-03-02 18:07 - 2020-07-04 07:59 - 000000000 ____D C:\Users\Dokto\AppData\Local\Ubisoft Game Launcher
2021-03-01 17:18 - 2020-01-25 23:23 - 000013070 _____ C:\Users\Dokto\Documents\Doktor.kdbx
2021-02-22 20:06 - 2020-01-26 09:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\A Plague Tale - Innocence [GOG.com]
2021-02-22 17:32 - 2020-09-07 15:28 - 000001116 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2021-02-22 17:32 - 2020-09-07 15:28 - 000001104 _____ C:\ProgramData\Desktop\paint.net.lnk
2021-02-22 17:32 - 2020-09-07 15:28 - 000000000 ____D C:\Program Files\paint.net

==================== Files in the root of some directories ========

2020-07-04 20:07 - 2020-07-04 20:08 - 000007608 _____ () C:\Users\Dokto\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================





Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-03-2021
Ran by Dokto (24-03-2021 16:37:17)
Running from C:\Users\Dokto\Desktop
Windows 10 Pro Version 20H2 19042.867 (X64) (2020-07-18 10:39:54)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2588642571-1065584595-175318307-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2588642571-1065584595-175318307-503 - Limited - Disabled)
Dokto (S-1-5-21-2588642571-1065584595-175318307-1001 - Administrator - Enabled) => C:\Users\Dokto
Guest (S-1-5-21-2588642571-1065584595-175318307-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2588642571-1065584595-175318307-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
A Plague Tale: Innocence - Coats of Arms (HKLM-x32\...\1223727318_is1) (Version: 1.07 - GOG.com)
A Plague Tale: Innocence (HKLM-x32\...\1901367087_is1) (Version: 1.07 - GOG.com)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20145 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.11.2 - Advanced Micro Devices, Inc.)
Autodesk Fusion 360 (HKU\S-1-5-21-2588642571-1065584595-175318307-1001\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.7438 - Autodesk, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Blasphemous (HKLM-x32\...\2068474256_is1) (Version: 3.0.32a - GOG.com)
Branding64 (HKLM\...\{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden
CurseForge (HKU\S-1-5-21-2588642571-1065584595-175318307-1001\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.170.1.2 - Overwolf app)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Discord (HKU\S-1-5-21-2588642571-1065584595-175318307-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Firewatch (HKLM-x32\...\1459256379_is1) (Version: 1.09 - GOG.com)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Hollow Knight (HKLM-x32\...\1308320804_is1) (Version: 1.4.3.2 - GOG.com)
KeePass Password Safe 2.47 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.47 - Dominik Reichl)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.57 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Retail - cs-cz) (Version: 16.0.13801.20360 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2588642571-1065584595-175318307-1001\...\OneDriveSetup.exe) (Version: 21.030.0211.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.26.28720 (HKLM-x32\...\{7d607fb4-7e28-4c7a-a92f-3fcdaf555faf}) (Version: 14.26.28720.3 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Mozilla Firefox 86.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 86.0.1 (x64 cs)) (Version: 86.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 72.0.2 - Mozilla)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.9.1 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13801.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13801.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13801.20360 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.13801.20274 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.88.45577 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.166.1.16 - Overwolf Ltd.)
paint.net (HKLM\...\{6FED3D93-C0FA-4BD7-A36F-7FC53698244F}) (Version: 4.2.15 - dotPDN LLC)
Paradox Launcher v2 (HKLM\...\{986898D9-7C26-4E7F-814C-9B5472FA3209}) (Version: 2.0.0.0 - Paradox Interactive)
Python 3.8.1 (64-bit) (HKU\S-1-5-21-2588642571-1065584595-175318307-1001\...\{edfa99b7-1514-493a-aeaf-a37eeec724d2}) (Version: 3.8.1150.0 - Python Software Foundation)
Python 3.8.1 Add to Path (64-bit) (HKLM\...\{63F5D8C4-D931-4B71-8B2D-FAAC7A862CC7}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 Core Interpreter (64-bit) (HKLM\...\{F94E2016-28A6-4FCC-B5A1-D2D9757AF26A}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 Development Libraries (64-bit) (HKLM\...\{913F572C-BF38-4E44-9065-7E1B024D43FB}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 Documentation (64-bit) (HKLM\...\{3FE61A1E-16AE-4702-81A6-C9F6CE3586EB}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 Executables (64-bit) (HKLM\...\{D6160A7A-D48F-48A6-8E5D-FECBE5901D82}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 pip Bootstrap (64-bit) (HKLM\...\{912206BD-EA52-4586-8A89-BD7716E5BD50}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 Standard Library (64-bit) (HKLM\...\{7E83F4DD-B376-4158-90C3-4E9AE54D0AB3}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 Tcl/Tk Support (64-bit) (HKLM\...\{96BBA29C-F949-4DF7-9221-EEE7F7D66377}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 Test Suite (64-bit) (HKLM\...\{64A5FC80-95DB-4CA0-AA8A-C4D652BBC96E}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 Utility Scripts (64-bit) (HKLM\...\{F0D5C7E7-4ECE-425F-BD33-8091DB57A31F}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{41A9BB87-60B8-47C3-BB79-6EC186827EC7}) (Version: 3.8.6925.0 - Python Software Foundation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.38.1118.2019 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8619 - Realtek Semiconductor Corp.)
RSI Launcher 1.4.6 (HKLM\...\81bfc699-f883-50c7-b674-2483b6baae23) (Version: 1.4.6 - Cloud Imperium Games)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 2.02.53 (30.05.2018) - HP Printing Korea Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.06.00.08(07.09.2016) - Samsung Electronics Co., Ltd.)
Samsung M2070 Series (HKLM-x32\...\Samsung M2070 Series) (Version: 1.27.02 (14.06.2019) - Samsung Electronics Co., Ltd.)
Samsung Printer Diagnostics (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.1.6.02 - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (HKLM-x32\...\Samsung Scan Process Machine) (Version: 1.03.05.18 - Samsung Electronics Co., Ltd.) Hidden
Skype verze 8.68 (HKLM-x32\...\Skype_is1) (Version: 8.68 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-2588642571-1065584595-175318307-1001\...\Spotify) (Version: 1.1.54.592.gc0b20638 - Spotify AB)
STAR WARS Jedi - Fallen Order™ (HKLM-x32\...\{D00A89F1-2D8C-4589-B1D1-73A6544E3B1F}) (Version: 1.0.8.0 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 111.0 - Ubisoft)
VEGAS Pro 14.0 (64-bit) (HKLM\...\{8BA11E80-4FB0-11E7-9B6D-A9EF5249FCEF}) (Version: 14.0.270 - VEGAS)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Wolfenstein: The Old Blood (HKLM-x32\...\1961572821_is1) (Version: 1.0 - GOG.com)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
World of Warcraft Classic (HKLM-x32\...\World of Warcraft Classic) (Version: - Blizzard Entertainment)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-05-01] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-25] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-01-28] (Microsoft Studios) [MS Ad]
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2020-01-25] (Samsung Electronics Co. Ltd.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2588642571-1065584595-175318307-1001_Classes\CLSID\{C4F0910E-E0B4-4E68-8086-452730C7A26A}\InprocServer32 -> C:\Users\Dokto\AppData\Local\Autodesk\webdeploy\production\f22942efe2b06fa9ddd3dbfac8de50bab0281b28\NPreview10.dll (Autodesk, Inc. -> )
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2020-01-12] (Notepad++ -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2020-11-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-07-27 14:14 - 2020-07-27 14:14 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2014-09-08 13:38 - 2014-09-08 13:38 - 000051200 _____ () [File not signed] C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2020-11-13 14:48 - 2020-11-13 14:48 - 001470976 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\WVR\OpenVR\bin\win64\driver_amdwvr.dll
2020-01-25 23:35 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2016-07-26 11:57 - 2016-07-26 11:57 - 000123904 _____ (Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files (x86)\Samsung\Easy Printer Manager\SmartScreenPrint\CDAKEYMonitor64.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000414720 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 001441792 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 001189888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000134656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000058880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt\labs\folderlistmodel\qmlfolderlistmodelplugin.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 006184448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 006867456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 000735232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Multimedia.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 000120832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5MultimediaQuick.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 001104896 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 003668480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 000517120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlModels.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 000051712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlWorkerScript.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 004228608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 001085440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 000205824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 000390656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 095598080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 000127488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 005587968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 000462848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 000188928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 002878464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000055808 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000262144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtMultimedia\declarative_multimedia.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQml\qmlplugin.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000284160 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000333824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000136704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2020-11-13 15:00 - 2020-11-13 15:00 - 000091648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-2588642571-1065584595-175318307-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://seznam.cz/
SearchScopes: HKU\S-1-5-21-2588642571-1065584595-175318307-1001 -> DefaultScope {98CED06F-8CC2-4DC8-882D-F26BB97DC66B} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
SearchScopes: HKU\S-1-5-21-2588642571-1065584595-175318307-1001 -> {98CED06F-8CC2-4DC8-882D-F26BB97DC66B} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2020-03-07 19:33 - 2020-06-29 17:39 - 000000445 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2588642571-1065584595-175318307-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Dokto\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\9pczjoa.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "KeePass 2 PreLoad"
HKU\S-1-5-21-2588642571-1065584595-175318307-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-2588642571-1065584595-175318307-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2588642571-1065584595-175318307-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2588642571-1065584595-175318307-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2588642571-1065584595-175318307-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2588642571-1065584595-175318307-1001\...\StartupApproved\Run: => "launchOnStartup"
HKU\S-1-5-21-2588642571-1065584595-175318307-1001\...\StartupApproved\Run: => "GogGalaxy"
HKU\S-1-5-21-2588642571-1065584595-175318307-1001\...\StartupApproved\Run: => "Overwolf"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E5B67D0B-69A1-46C7-BBB9-BB07475EFF27}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{171A6A34-7E52-44EF-AA6D-EBA2B42C3AA7}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{2CE0865F-A8D7-40BE-AD3E-812ABB21F577}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{E6331482-D5D8-44F1-BDC4-91A53D92E5A9}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{70EF78DE-6860-4259-AE71-DC4F44BAF507}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{51F758A4-B39D-4082-BA3E-85E2DAE59667}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{C37A9E93-9A5D-4D8A-B2EA-D4FC6A15C46C}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{9DCAC822-4164-4FA5-BE47-90AC423C28E5}] => (Allow) D:\SteamLibrary\steamapps\common\Arma 3\arma3launcher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{F6D90F0B-30E0-4206-863F-BA596B3F6D53}] => (Allow) D:\SteamLibrary\steamapps\common\Arma 3\arma3launcher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [UDP Query User{EFDD18B5-277A-437A-8512-CC7451CFACA9}D:\gog.com\dying light\dyinglightgame.exe] => (Allow) D:\gog.com\dying light\dyinglightgame.exe => No File
FirewallRules: [TCP Query User{1E8FD99B-C911-48D5-B5CD-F4D7AAA1B6FD}D:\gog.com\dying light\dyinglightgame.exe] => (Allow) D:\gog.com\dying light\dyinglightgame.exe => No File
FirewallRules: [{D21254DE-0371-4D91-9910-152AE11F3B33}] => (Allow) D:\SteamLibrary\steamapps\common\Jedi Fallen Order\SwGame\Binaries\Win64\starwarsjedifallenorder.exe (Electronic Arts, Inc. -> Respawn Entertainment)
FirewallRules: [{32B66BCA-6E87-4363-A6E5-DA04B05FF025}] => (Allow) D:\SteamLibrary\steamapps\common\Jedi Fallen Order\SwGame\Binaries\Win64\starwarsjedifallenorder.exe (Electronic Arts, Inc. -> Respawn Entertainment)
FirewallRules: [UDP Query User{E9681249-7BC7-4AC2-9DED-1AA4B5848B44}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe => No File
FirewallRules: [TCP Query User{332F78C1-1178-493D-A62E-1F7952E7BB18}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe => No File
FirewallRules: [UDP Query User{DF22C68E-C94D-4444-BD46-1B01265EAA19}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{435804AC-1C02-4147-9C7B-1149203C0563}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{DCA70FAB-0C84-4FD5-ABC3-775C7E59DB29}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{299283BC-B693-4210-8E39-8D675FD2BE40}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{DBFB00E5-2136-4E82-8C4E-14D0F6240570}C:\users\dokto\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dokto\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{4113266B-0622-46B4-978B-92889CDB72F7}C:\users\dokto\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dokto\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6B051295-08E8-4174-A0CB-0108B37CE736}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{04E16DDC-6CB5-4498-8267-40BB48B40CF8}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{5E856E0C-F571-4E77-A263-2BED286C148B}] => (Allow) D:\SteamLibrary\steamapps\common\Life is Strange 2\LIS2\Binaries\Win64\LIS2-Win64-Shipping.exe (Square Enix) [File not signed]
FirewallRules: [{5705E3FF-6D58-4713-91CB-296F879767E2}] => (Allow) D:\SteamLibrary\steamapps\common\Life is Strange 2\LIS2\Binaries\Win64\LIS2-Win64-Shipping.exe (Square Enix) [File not signed]
FirewallRules: [{338722F4-7199-44FF-9EDE-35DE641AD155}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{25736A64-8B2C-4F2B-BEC1-18A91ACD052A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{3EBE27F2-1CA2-4351-95DA-9F35C512B53F}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe (HP Inc. -> )
FirewallRules: [{FD0EA03F-023B-4B51-8F59-CB5B124CE6FD}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe (HP Inc. -> )
FirewallRules: [{B2BC0F57-C670-4AAC-AF60-65441FF4FE21}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{54A3ADDC-5748-4092-BE10-529CEC97C62A}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{D1AAD17A-A135-4BB5-AEB1-E3EB163B5423}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe (Scan2PCNotify) [File not signed]
FirewallRules: [{DAA984E2-DDFF-4807-81D1-83551D852E0E}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe (ScanProcess) [File not signed]
FirewallRules: [{E04911B9-D1CE-417D-B88F-78248AA06DAD}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe (Samsung Electronics Co., Ltd.) [File not signed]
FirewallRules: [{5760B679-74CE-4374-A826-92F9429D3188}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe (Samsung Electronics Co., Ltd.) [File not signed]
FirewallRules: [{A056181F-CCA6-4A31-81AB-4BEC8DD077A3}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe (Samsung Electronics Co., Ltd.) [File not signed]
FirewallRules: [{B94719B8-B661-4689-93EF-70B18826A77D}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe (Samsung Electronics Co., Ltd.) [File not signed]
FirewallRules: [{C3036939-7F2A-4EAF-AE67-AFB9106FF58C}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe (Samsung Electronics Co., Ltd.) [File not signed]
FirewallRules: [{89B9F6A2-04A4-46CC-A2BF-54E9F25C310C}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{D6A98E96-097A-4509-B976-C14F829EB046}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{E63415E9-ABA3-4B88-8B64-05468F5DCBB4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F84F9612-2AB1-4DD0-96BD-784F566D747B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B6327687-319D-4D78-99A1-F7D7BE973610}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{38BBDAD6-2515-4582-8E1E-33ECE31D60A1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{C8A1D30D-9D48-4139-B6C7-FDB04D26FD8C}] => (Allow) D:\SteamLibrary\steamapps\common\Far Cry New Dawn\bin\FarCryNewDawn.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{9354614D-4F78-4554-B4FA-249B4265850C}] => (Allow) D:\SteamLibrary\steamapps\common\Far Cry New Dawn\bin\FarCryNewDawn.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{18FD11A4-9C64-4634-B351-39CC60238CBC}] => (Allow) D:\SteamLibrary\steamapps\common\Factorio Demo\bin\x64\factorio.exe => No File
FirewallRules: [{8491FE69-A559-4F5A-9093-CEEB9AA9717B}] => (Allow) D:\SteamLibrary\steamapps\common\Factorio Demo\bin\x64\factorio.exe => No File
FirewallRules: [TCP Query User{46270CCF-5CF9-4945-9110-696CBD9A33B3}D:\gog.com\spongebob squarepants battle for bikini bottom - rehydrated\pineapple\binaries\win64\pineapple-win64-shipping.exe] => (Allow) D:\gog.com\spongebob squarepants battle for bikini bottom - rehydrated\pineapple\binaries\win64\pineapple-win64-shipping.exe => No File
FirewallRules: [UDP Query User{AA49E627-9E03-4E33-991F-55DD704CCFDE}D:\gog.com\spongebob squarepants battle for bikini bottom - rehydrated\pineapple\binaries\win64\pineapple-win64-shipping.exe] => (Allow) D:\gog.com\spongebob squarepants battle for bikini bottom - rehydrated\pineapple\binaries\win64\pineapple-win64-shipping.exe => No File
FirewallRules: [TCP Query User{70F63B6A-6410-4022-8A36-F6A696B8B1A7}E:\starcitizen\live\bin64\starcitizen.exe] => (Allow) E:\starcitizen\live\bin64\starcitizen.exe (Cloud Imperium Games Corp.) [File not signed]
FirewallRules: [UDP Query User{F0EE40E5-CB46-4A2F-86F8-B434C2AD270D}E:\starcitizen\live\bin64\starcitizen.exe] => (Allow) E:\starcitizen\live\bin64\starcitizen.exe (Cloud Imperium Games Corp.) [File not signed]
FirewallRules: [TCP Query User{DFD2FDEA-07E5-4C5F-8B8B-3CE9B2F1B38A}C:\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{61950A7A-BFC5-43F2-BC0D-EC1E71443220}C:\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{D2D04A53-821C-43ED-B8EA-6E6B3E66F358}D:\steamlibrary\steamapps\common\awayout\haze1\binaries\win64\awayout.exe] => (Allow) D:\steamlibrary\steamapps\common\awayout\haze1\binaries\win64\awayout.exe (Hazelight Studios AB -> Hazelight Studios AB)
FirewallRules: [UDP Query User{2A7B37C8-8D50-46D1-BE0F-A531EF83D732}D:\steamlibrary\steamapps\common\awayout\haze1\binaries\win64\awayout.exe] => (Allow) D:\steamlibrary\steamapps\common\awayout\haze1\binaries\win64\awayout.exe (Hazelight Studios AB -> Hazelight Studios AB)
FirewallRules: [TCP Query User{18CCA197-2E47-4E04-B872-C032DF350D25}C:\program files (x86)\patriot viper gaming mouse\patriot viper mouse.exe] => (Block) C:\program files (x86)\patriot viper gaming mouse\patriot viper mouse.exe => No File
FirewallRules: [UDP Query User{1E222D36-FAE0-4DB2-9129-35B0028A07A3}C:\program files (x86)\patriot viper gaming mouse\patriot viper mouse.exe] => (Block) C:\program files (x86)\patriot viper gaming mouse\patriot viper mouse.exe => No File
FirewallRules: [{1738B9A2-C13B-44F3-A918-2C88B6431B7B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{973944B1-92FE-4E11-B35E-E3EBDDBC0E94}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E8C643A8-BFD3-495D-A536-5CD3268AD587}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D0465CCD-2713-433D-86B1-D060D45D8F97}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C9C78C41-4EC6-4FE1-AAD4-B41A9AF8B790}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3288B210-A473-416A-BE18-2EECB09AA8C6}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{632498E1-453E-44AE-9588-DE95EB7A81BF}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{D68067CB-4184-46F6-99A7-2E6D244B0309}C:\program files (x86)\battle.net\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{8DE695CB-E563-41FD-8EF8-558D5811F06E}C:\program files (x86)\battle.net\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{30EA4FBD-9D85-4A3D-9B32-98C8D8B3DCCC}D:\steamlibrary\steamapps\common\marie's room\mariesroom\binaries\win64\mariesroom-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\marie's room\mariesroom\binaries\win64\mariesroom-win64-shipping.exe => No File
FirewallRules: [UDP Query User{30BDE183-AFED-4C5A-B311-D5ABBC2472C7}D:\steamlibrary\steamapps\common\marie's room\mariesroom\binaries\win64\mariesroom-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\marie's room\mariesroom\binaries\win64\mariesroom-win64-shipping.exe => No File
FirewallRules: [{DF9005BD-C873-4CDD-A247-8153F4E0A739}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDCApp.exe (HP Inc. -> )
FirewallRules: [{5DDD9605-B7FE-44F4-8C36-7CC01B439C1B}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDCApp.exe (HP Inc. -> )
FirewallRules: [{83A72F87-8681-4F85-9961-E3D5DB95B3B6}] => (Allow) C:\Program Files (x86)\Overwolf\0.166.1.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{34BCA1A2-9FDD-4F3E-9177-FD2DD1AB8967}] => (Allow) C:\Program Files (x86)\Overwolf\0.166.1.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{430856FC-A91D-4137-9C14-FABAF6CB776D}] => (Block) C:\Program Files (x86)\Overwolf\0.166.1.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{FB7A3731-BED0-4DCF-82B3-609BD4F77A59}] => (Block) C:\Program Files (x86)\Overwolf\0.166.1.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)

==================== Restore Points =========================

12-03-2021 08:15:33 Instalační služba modulů systému Windows
20-03-2021 18:15:35 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/21/2021 05:04:55 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Místní disk (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/20/2021 06:26:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program RadeonSoftware.exe verze 10.1.2.1829 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1f24

Čas spuštění: 01d71d855a1e6c96

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe

ID hlášení: c5d25971-4b24-46cd-9675-0d036202b719

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Top level window is idle

Error: (03/14/2021 05:25:30 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Místní disk (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/12/2021 08:40:02 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (03/12/2021 08:40:02 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (03/08/2021 11:17:42 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL na řádku 1.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované komponenty.
Odkaz je UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definice je UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (03/07/2021 03:51:28 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Místní disk (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/07/2021 01:47:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: LIS2-Win64-Shipping.exe, verze: 4.16.3.0, časové razítko: 0x5e453216
Název chybujícího modulu: LIS2-Win64-Shipping.exe, verze: 4.16.3.0, časové razítko: 0x5e453216
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000be454c0
ID chybujícího procesu: 0x1488
Čas spuštění chybující aplikace: 0x01d713501562fa53
Cesta k chybující aplikaci: D:\SteamLibrary\steamapps\common\Life is Strange 2\LIS2\Binaries\Win64\LIS2-Win64-Shipping.exe
Cesta k chybujícímu modulu: D:\SteamLibrary\steamapps\common\Life is Strange 2\LIS2\Binaries\Win64\LIS2-Win64-Shipping.exe
ID zprávy: 08850a96-d5cd-4240-8933-dcb3755f8f0a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (03/24/2021 05:01:40 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-8VEH03A)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/23/2021 04:59:12 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-8VEH03A)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/23/2021 03:21:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (03/23/2021 03:21:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).

Error: (03/23/2021 05:02:24 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-8VEH03A)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/19/2021 09:55:11 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-8VEH03A)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/19/2021 05:23:14 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-8VEH03A)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/12/2021 08:37:24 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (8:26:31, ‎12.‎03.‎2021) bylo neočekávané.


Windows Defender:
================
Date: 2021-03-24 16:30:51
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {EDCFF4CB-3FBB-468A-8D52-422CE13A0728}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: DESKTOP-8VEH03A\Dokto

Date: 2021-03-24 15:05:58
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {AE89AB44-85A0-4A72-A6FB-9260AC948AD5}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-22 15:05:24
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {DF53F7FE-0581-4FA0-AE25-61A43E49710E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-21 11:13:39
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {86050F16-3C50-4DE2-AFFC-BDECEAB3CB31}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-20 18:12:33
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1A6404E1-69DA-4809-B7ED-4F3796029770}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2021-03-24 16:04:27
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Overwolf\0.166.1.16\win32\OWExplorer.dll that did not meet the Microsoft signing level requirements.

Date: 2021-03-21 13:52:06
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Users\Dokto\AppData\Local\Discord\app-0.0.309\Discord.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Overwolf\0.166.1.16\win32\OWExplorer.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 1.OQ 11/15/2019
Motherboard: Micro-Star International Co., Ltd. B350 TOMAHAWK (MS-7A34)
Processor: AMD Ryzen 5 2600 Six-Core Processor
Percentage of memory in use: 28%
Total physical RAM: 16338.08 MB
Available physical RAM: 11702.98 MB
Total Virtual: 19410.08 MB
Available Virtual: 10764.05 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.25 GB) (Free:81.49 GB) NTFS
Drive d: (Místní disk) (Fixed) (Total:1863.01 GB) (Free:910.04 GB) NTFS
Drive e: () (Fixed) (Total:111.79 GB) (Free:46.84 GB) NTFS

\\?\Volume{2b4692ee-1c57-4af2-87b1-db38ad4a04a5}\ (Obnovení) (Fixed) (Total:0.52 GB) (Free:0.1 GB) NTFS
\\?\Volume{28f7ecb2-cc09-4274-a305-e93506145468}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 762551BC)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 0FC0AF67)
Partition 1: (Not Active) - (Size=111.8 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: E0611246)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: častá CAPTCHA na Google

#2 Příspěvek od Rudy »

Zdravím!
Problm může být na kterékolv pracovní stanici v síti poskytovatele. Google vidí jen IP vašeho poskytovatele, nikoliv tu vaší v síti. Problém obvykle během několika dní zmizí sám. Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

dokturek11
Návštěvník
Návštěvník
Příspěvky: 4
Registrován: 24 bře 2021 16:32

Re: častá CAPTCHA na Google

#3 Příspěvek od dokturek11 »

Aha, dobré vědět. Díky

# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build: 03-22-2021
# Database: 2021-03-22.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-25-2021
# Duration: 00:00:00
# OS: Windows 10 Pro
# Cleaned: 2
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.SamsungEasyDocumentCreator Folder C:\Program Files (x86)\SAMSUNG\EASY DOCUMENT CREATOR
Deleted Preinstalled.SamsungEasyDocumentCreator Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Samsung Easy Document Creator


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1633 octets] - [25/03/2021 15:15:13]
AdwCleaner[S01].txt - [1694 octets] - [25/03/2021 15:16:24]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: častá CAPTCHA na Google

#4 Příspěvek od Rudy »

Toto je OK. Smazány byly jen nějaké neškodné utility od Samsung. Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
FirewallRules: [UDP Query User{EFDD18B5-277A-437A-8512-CC7451CFACA9}D:\gog.com\dying light\dyinglightgame.exe] => (Allow) D:\gog.com\dying light\dyinglightgame.exe => No File
FirewallRules: [TCP Query User{1E8FD99B-C911-48D5-B5CD-F4D7AAA1B6FD}D:\gog.com\dying light\dyinglightgame.exe] => (Allow) D:\gog.com\dying light\dyinglightgame.exe => No File
FirewallRules: [UDP Query User{E9681249-7BC7-4AC2-9DED-1AA4B5848B44}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe => No File
FirewallRules: [TCP Query User{332F78C1-1178-493D-A62E-1F7952E7BB18}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe => No File
FirewallRules: [{338722F4-7199-44FF-9EDE-35DE641AD155}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{25736A64-8B2C-4F2B-BEC1-18A91ACD052A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{18FD11A4-9C64-4634-B351-39CC60238CBC}] => (Allow) D:\SteamLibrary\steamapps\common\Factorio Demo\bin\x64\factorio.exe => No File
FirewallRules: [{8491FE69-A559-4F5A-9093-CEEB9AA9717B}] => (Allow) D:\SteamLibrary\steamapps\common\Factorio Demo\bin\x64\factorio.exe => No File
FirewallRules: [TCP Query User{46270CCF-5CF9-4945-9110-696CBD9A33B3}D:\gog.com\spongebob squarepants battle for bikini bottom - rehydrated\pineapple\binaries\win64\pineapple-win64-shipping.exe] => (Allow) D:\gog.com\spongebob squarepants battle for bikini bottom - rehydrated\pineapple\binaries\win64\pineapple-win64-shipping.exe => No File
FirewallRules: [UDP Query User{AA49E627-9E03-4E33-991F-55DD704CCFDE}D:\gog.com\spongebob squarepants battle for bikini bottom - rehydrated\pineapple\binaries\win64\pineapple-win64-shipping.exe] => (Allow) D:\gog.com\spongebob squarepants battle for bikini bottom - rehydrated\pineapple\binaries\win64\pineapple-win64-shipping.exe => No File
FirewallRules: [TCP Query User{18CCA197-2E47-4E04-B872-C032DF350D25}C:\program files (x86)\patriot viper gaming mouse\patriot viper mouse.exe] => (Block) C:\program files (x86)\patriot viper gaming mouse\patriot viper mouse.exe => No File
FirewallRules: [UDP Query User{1E222D36-FAE0-4DB2-9129-35B0028A07A3}C:\program files (x86)\patriot viper gaming mouse\patriot viper mouse.exe] => (Block) C:\program files (x86)\patriot viper gaming mouse\patriot viper mouse.exe => No File

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

dokturek11
Návštěvník
Návštěvník
Příspěvky: 4
Registrován: 24 bře 2021 16:32

Re: častá CAPTCHA na Google

#5 Příspěvek od dokturek11 »

Fix result of Farbar Recovery Scan Tool (x64) Version: 21-03-2021
Ran by Dokto (25-03-2021 18:30:44) Run:1
Running from C:\Users\Dokto\Desktop
Loaded Profiles: Dokto
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
FirewallRules: [UDP Query User{EFDD18B5-277A-437A-8512-CC7451CFACA9}D:\gog.com\dying light\dyinglightgame.exe] => (Allow) D:\gog.com\dying light\dyinglightgame.exe => No File
FirewallRules: [TCP Query User{1E8FD99B-C911-48D5-B5CD-F4D7AAA1B6FD}D:\gog.com\dying light\dyinglightgame.exe] => (Allow) D:\gog.com\dying light\dyinglightgame.exe => No File
FirewallRules: [UDP Query User{E9681249-7BC7-4AC2-9DED-1AA4B5848B44}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe => No File
FirewallRules: [TCP Query User{332F78C1-1178-493D-A62E-1F7952E7BB18}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe => No File
FirewallRules: [{338722F4-7199-44FF-9EDE-35DE641AD155}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{25736A64-8B2C-4F2B-BEC1-18A91ACD052A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{18FD11A4-9C64-4634-B351-39CC60238CBC}] => (Allow) D:\SteamLibrary\steamapps\common\Factorio Demo\bin\x64\factorio.exe => No File
FirewallRules: [{8491FE69-A559-4F5A-9093-CEEB9AA9717B}] => (Allow) D:\SteamLibrary\steamapps\common\Factorio Demo\bin\x64\factorio.exe => No File
FirewallRules: [TCP Query User{46270CCF-5CF9-4945-9110-696CBD9A33B3}D:\gog.com\spongebob squarepants battle for bikini bottom - rehydrated\pineapple\binaries\win64\pineapple-win64-shipping.exe] => (Allow) D:\gog.com\spongebob squarepants battle for bikini bottom - rehydrated\pineapple\binaries\win64\pineapple-win64-shipping.exe => No File
FirewallRules: [UDP Query User{AA49E627-9E03-4E33-991F-55DD704CCFDE}D:\gog.com\spongebob squarepants battle for bikini bottom - rehydrated\pineapple\binaries\win64\pineapple-win64-shipping.exe] => (Allow) D:\gog.com\spongebob squarepants battle for bikini bottom - rehydrated\pineapple\binaries\win64\pineapple-win64-shipping.exe => No File
FirewallRules: [TCP Query User{18CCA197-2E47-4E04-B872-C032DF350D25}C:\program files (x86)\patriot viper gaming mouse\patriot viper mouse.exe] => (Block) C:\program files (x86)\patriot viper gaming mouse\patriot viper mouse.exe => No File
FirewallRules: [UDP Query User{1E222D36-FAE0-4DB2-9129-35B0028A07A3}C:\program files (x86)\patriot viper gaming mouse\patriot viper mouse.exe] => (Block) C:\program files (x86)\patriot viper gaming mouse\patriot viper mouse.exe => No File

EmptyTemp:
End
*****************

Processes closed successfully.
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{EFDD18B5-277A-437A-8512-CC7451CFACA9}D:\gog.com\dying light\dyinglightgame.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{1E8FD99B-C911-48D5-B5CD-F4D7AAA1B6FD}D:\gog.com\dying light\dyinglightgame.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E9681249-7BC7-4AC2-9DED-1AA4B5848B44}C:\program files (x86)\fahclient\fahclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{332F78C1-1178-493D-A62E-1F7952E7BB18}C:\program files (x86)\fahclient\fahclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{338722F4-7199-44FF-9EDE-35DE641AD155}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{25736A64-8B2C-4F2B-BEC1-18A91ACD052A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{18FD11A4-9C64-4634-B351-39CC60238CBC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8491FE69-A559-4F5A-9093-CEEB9AA9717B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{46270CCF-5CF9-4945-9110-696CBD9A33B3}D:\gog.com\spongebob squarepants battle for bikini bottom - rehydrated\pineapple\binaries\win64\pineapple-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{AA49E627-9E03-4E33-991F-55DD704CCFDE}D:\gog.com\spongebob squarepants battle for bikini bottom - rehydrated\pineapple\binaries\win64\pineapple-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{18CCA197-2E47-4E04-B872-C032DF350D25}C:\program files (x86)\patriot viper gaming mouse\patriot viper mouse.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1E222D36-FAE0-4DB2-9129-35B0028A07A3}C:\program files (x86)\patriot viper gaming mouse\patriot viper mouse.exe" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 19131325 B
Java, Flash, Steam htmlcache => 637675341 B
Windows/system/drivers => 20357340 B
Edge => 1125244 B
Firefox => 1462951322 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 523036 B
Dokto => 88935696 B

RecycleBin => 0 B
EmptyTemp: => 2.1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:31:20 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: častá CAPTCHA na Google

#6 Příspěvek od Rudy »

Smazáno, log je již OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

dokturek11
Návštěvník
Návštěvník
Příspěvky: 4
Registrován: 24 bře 2021 16:32

Re: častá CAPTCHA na Google

#7 Příspěvek od dokturek11 »

Tak jsem se ptal sousedů, co mají stejného poskytovatele a problém s captchou mají všichni. Nakonec bude doopravdy chyba někde v síti poskytovatele.
Přesto ještě jednou děkuji za kontrolu logů. :thumbsup: :closed:

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: častá CAPTCHA na Google

#8 Příspěvek od Rudy »

Tušil ksem to, když jsem u vás nic podstatného neobjevil. Nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno