Zdravím, prosím o preventivní kontrolu. Předem díky moc.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-12-2019
Ran by Petr (administrator) on DESKTOP-MQ5PIOV (27-12-2019 10:32:25)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr)
Platform: Windows 10 Pro Version 1903 18362.535 (X64) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Windows\DAODx.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\Temp\DELF72D.tmp
(AMD) [File not signed] C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe
(AMD) [File not signed] C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Electronic Arts, Inc. -> ) C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
(Electronic Arts, Inc. -> ) C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(HP) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_1.35.26001.0_x64__8wekyb3d8bbwe\GamingServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_1.35.26001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11912.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.471_none_5f12f35059003107\TiWorker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\NisSrv.exe
(Opera Software AS -> Opera Software) C:\Users\Petr\AppData\Local\Programs\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Petr\AppData\Local\Programs\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Petr\AppData\Local\Programs\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Petr\AppData\Local\Programs\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Petr\AppData\Local\Programs\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Petr\AppData\Local\Programs\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Petr\AppData\Local\Programs\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Petr\AppData\Local\Programs\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Petr\AppData\Local\Programs\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Petr\AppData\Local\Programs\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Petr\AppData\Local\Programs\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Petr\AppData\Local\Programs\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Petr\AppData\Local\Programs\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Petr\AppData\Local\Programs\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Petr\AppData\Local\Programs\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Petr\AppData\Local\Programs\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Petr\AppData\Local\Programs\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Petr\AppData\Local\Programs\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Petr\AppData\Local\Programs\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Petr\AppData\Local\Programs\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Petr\AppData\Local\Programs\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Petr\AppData\Local\Programs\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Petr\AppData\Local\Programs\Opera\65.0.3467.78\opera_crashreporter.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logicool\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech -> Logitech Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [330176 2014-08-19] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKU\S-1-5-21-1509276542-816349280-2872763448-1001\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe [15900912 2019-06-13] (A FOUR TECH CO., LTD. -> )
HKU\S-1-5-21-1509276542-816349280-2872763448-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3137808 2019-12-17] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-1509276542-816349280-2872763448-1001\...\Run: [Discord] => C:\Users\Petr\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-1509276542-816349280-2872763448-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3288016 2019-12-16] (Valve -> Valve Corporation)
HKU\S-1-5-21-1509276542-816349280-2872763448-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [371304 2019-11-30] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1509276542-816349280-2872763448-1001\...\Run: [Chromium] => "c:\users\petr\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
HKU\S-1-5-21-1509276542-816349280-2872763448-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-1509276542-816349280-2872763448-1001\...\MountPoints2: {a6f42b0c-12fc-11ea-ba65-107b44f19dfb} - "K:\setup.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-19] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.92\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0078BC36-4613-4DDB-A0CC-72862D8867B5} - System32\Tasks\ASUS\RunDAOD => C:\Windows\DAODx.exe [32768 2009-03-30] () [File not signed]
Task: {03AAE845-84B3-4701-9F14-324D14922FAE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {16D6A699-A1B8-4902-A467-4EBB2A7AC6EB} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [506880 2019-12-16] (Advanced Micro Devices, Inc.) [File not signed]
Task: {20778923-4BAB-4C2B-898A-60C117923674} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-29] (Google Inc -> Google LLC)
Task: {29F2827E-8E32-4E34-B3E7-96B3D06BA0DD} - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2019-12-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {382E0A3B-F48A-498B-BA80-448DDFADD360} - System32\Tasks\Opera scheduled Autoupdate 1567089129 => C:\Users\Petr\AppData\Local\Programs\Opera\launcher.exe [1528344 2019-12-19] (Opera Software AS -> Opera Software)
Task: {52B05A9C-5A2F-4DAE-9333-3B794D50E89E} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_303_pepper.exe [1453112 2019-12-15] (Adobe Inc. -> Adobe)
Task: {75B480C5-2FD0-4EEC-A39C-BA285D29D574} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {764810C3-246C-4195-AB55-FFE615BBDEFF} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2019-12-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {79DC848D-C36D-41C6-B155-43DB84E66242} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-29] (Google Inc -> Google LLC)
Task: {906997E9-4C07-4FEA-AC5E-D717C2670974} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-12-11] (AVAST Software s.r.o. -> AVAST Software)
Task: {9B09B60D-2787-4C66-AD52-DA4BB0E3D76A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A68858D0-74D8-4355-823D-9FCF65B80003} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [506880 2019-12-16] (Advanced Micro Devices, Inc.) [File not signed]
Task: {B2E3AE94-C2BA-4576-AA0D-AC9301FD3A55} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BC0D8A3E-6D35-4552-AA29-E405AEFED974} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [506880 2019-12-16] (Advanced Micro Devices, Inc.) [File not signed]
Task: {C379F638-CED0-4F63-859B-2F4F7EE9B969} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2019-12-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {C628109F-2DC2-4719-9F16-237B2199F953} - System32\Tasks\AMDInstallUEP => C:\Program Files\AMD\InstallUEP\AMDInstallUEP.exe [2356736 2019-10-22] () [File not signed]
Task: {C635E11F-BBBC-4B4E-9B14-B79C99FAA40B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {D94F3E2F-FFCB-48B1-A03A-48D8DB2BB455} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [89840 2014-10-19] (Hewlett-Packard Company -> Hewlett Packard)
Task: {DAA49C78-614B-47FC-859B-A31AE9DBF1D0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DAEC6F55-3FD5-4062-8DFE-CD69B6EC2547} - System32\Tasks\AMD ThankingURL => C:\Program Files\AMD\CIM\Bin64\Setup.exe [1124536 2019-12-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{853c0339-6f19-4842-b28f-9ea2a152e32b}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2019-12-11]
CHR Extension: (Prezentace) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-08-29]
CHR Extension: (Dokumenty) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-08-29]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-08-29]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-08-29]
CHR Extension: (Vyhledávání Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2019-08-29]
CHR Extension: (Tabulky) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-08-29]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2019-11-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-08-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-12-01]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-08-29]
CHR Extension: (Chrome Media Router) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-01]
Opera:
=======
OPR DownloadDir: D:\down
OPR Notifications: hxxps://www.navratdoreality.cz
OPR Extension: (Adblock Plus - free ad blocker) - C:\Users\Petr\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2019-10-23]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C:\Windows\System32\DriverStore\FileRepository\c0349841.inf_amd64_d70567d658937ff8\B349895\atiesrxx.exe [524504 2019-12-17] (Advanced Micro Devices, Inc. -> AMD)
R2 AUEPLauncher; C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe [43008 2019-12-16] (AMD) [File not signed]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4452456 2019-11-30] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 GamingServices; C:\Program Files\WindowsApps\Microsoft.GamingServices_1.35.26001.0_x64__8wekyb3d8bbwe\GamingServices.exe [21640 2019-12-13] (Microsoft Corporation -> Microsoft Corporation)
R2 GamingServicesNet; C:\Program Files\WindowsApps\Microsoft.GamingServices_1.35.26001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe [21640 2019-12-13] (Microsoft Corporation -> Microsoft Corporation)
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176128 2014-06-24] (HP) [File not signed]
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2475312 2019-12-17] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3352376 2019-12-17] (Electronic Arts, Inc. -> Electronic Arts)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2019-10-08] (Even Balance, Inc. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-09-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-03] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdkmdag; C:\Windows\System32\DriverStore\FileRepository\c0349841.inf_amd64_d70567d658937ff8\B349895\atikmdag.sys [65722064 2019-12-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DriverStore\FileRepository\c0349841.inf_amd64_d70567d658937ff8\B349895\atikmpag.sys [592296 2019-12-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [102832 2019-05-31] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R2 AODDriver4.3.0; C:\Program Files\AMD\Performance Profile Client\amd64\AODDriver2.sys [60104 2015-02-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 AsrSetupDrv3_0_38; C:\Windows\SysWOW64\Drivers\AsrSetupDrv3_0_38.sys [23304 2019-08-29] (ASROCK Incorporation -> RW-Everything) [File not signed]
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [108152 2019-07-24] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [42256 2019-11-30] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [59360 2019-11-30] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 gameflt; C:\Windows\System32\DriverStore\FileRepository\gameflt.inf_amd64_1b1c9965dc1c6f0f\gameflt.sys [71000 2019-12-13] (Microsoft Windows -> Microsoft Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek Semiconductor Corp -> Realtek )
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [45664 2019-12-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [355760 2019-12-03] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-03] (Microsoft Windows -> Microsoft Corporation)
R3 Xvdd; C:\Windows\System32\DriverStore\FileRepository\xvdd.inf_amd64_4beca0218f643d77\xvdd.sys [478256 2019-10-10] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-12-27 10:32 - 2019-12-27 10:33 - 000021920 _____ C:\Users\Petr\Desktop\FRST.txt
2019-12-27 10:32 - 2019-12-27 10:32 - 000000000 ____D C:\FRST
2019-12-27 10:29 - 2019-12-27 10:29 - 002272256 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2019-12-27 10:25 - 2019-12-27 10:25 - 000000000 ____D C:\rsit
2019-12-27 10:25 - 2019-12-27 10:25 - 000000000 ____D C:\Program Files\trend micro
2019-12-26 11:37 - 2019-12-27 10:15 - 000003124 _____ C:\Windows\system32\Tasks\AMDInstallLauncher
2019-12-26 11:37 - 2019-12-26 11:37 - 000003304 _____ C:\Windows\system32\Tasks\StartCNBM
2019-12-26 11:28 - 2019-12-26 11:28 - 000000000 ____D C:\Windows\LastGood
2019-12-26 11:28 - 2019-12-26 11:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Software
2019-12-26 11:26 - 2019-12-17 21:08 - 062867672 _____ C:\Windows\system32\amd_comgr.dll
2019-12-26 11:26 - 2019-12-17 21:08 - 052403416 _____ C:\Windows\SysWOW64\amd_comgr32.dll
2019-12-26 11:26 - 2019-12-17 21:08 - 001594280 _____ (AMD) C:\Windows\system32\coinst_19.50.dll
2019-12-26 11:26 - 2019-12-17 21:08 - 001243352 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2019-12-26 11:26 - 2019-12-17 21:08 - 001073312 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2019-12-26 11:26 - 2019-12-17 21:08 - 001073312 _____ C:\Windows\system32\vulkan-1.dll
2019-12-26 11:26 - 2019-12-17 21:08 - 000930136 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2019-12-26 11:26 - 2019-12-17 21:08 - 000930136 _____ C:\Windows\SysWOW64\vulkan-1.dll
2019-12-26 11:26 - 2019-12-17 21:08 - 000852392 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2019-12-26 11:26 - 2019-12-17 21:08 - 000852392 _____ C:\Windows\system32\vulkaninfo.exe
2019-12-26 11:26 - 2019-12-17 21:08 - 000710056 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-12-26 11:26 - 2019-12-17 21:08 - 000710056 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2019-12-26 11:26 - 2019-12-17 21:08 - 000135384 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2019-12-26 11:26 - 2019-12-17 21:08 - 000121560 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2019-12-26 11:26 - 2019-12-17 21:08 - 000020632 _____ (Microsoft Corporation) C:\Windows\system32\detoured.dll
2019-12-26 11:26 - 2019-08-19 19:06 - 000125488 _____ C:\Windows\system32\kapp_ci.sbin
2019-12-26 11:26 - 2019-07-16 20:58 - 000069770 _____ C:\Windows\system32\AMDKernelEvents.man
2019-12-26 11:23 - 2019-12-26 11:23 - 041535000 _____ (AMD Inc.) C:\Users\Petr\Downloads\radeon-software-adrenalin-2020-19.12.3-minimalsetup-191218_64bit.exe
2019-12-18 21:12 - 2019-12-18 21:12 - 000000000 ____D C:\Users\Petr\Documents\DyingLight
2019-12-18 19:34 - 2019-12-18 19:34 - 000000222 _____ C:\Users\Petr\Desktop\Dying Light.url
2019-12-16 22:15 - 2019-12-16 22:15 - 000000000 ____D C:\Users\Petr\AppData\Roaming\FastStone
2019-12-16 22:14 - 2019-12-16 22:14 - 000001192 _____ C:\Users\Public\Desktop\FastStone Image Viewer.lnk
2019-12-16 22:14 - 2019-12-16 22:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Image Viewer
2019-12-16 22:14 - 2019-12-16 22:14 - 000000000 ____D C:\Program Files (x86)\FastStone Image Viewer
2019-12-15 10:47 - 2019-12-15 10:47 - 000000000 ____D C:\Users\Petr\AppData\Local\Electronic Arts
2019-12-13 20:14 - 2019-12-13 00:08 - 000052152 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 025443840 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 018020352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 009927992 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-12-11 23:42 - 2019-12-11 23:42 - 007905000 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 007754240 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 007600448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 007278592 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 007263992 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 006516648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 006083832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 005943296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 005914112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 005764664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 004129416 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 003729408 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2019-12-11 23:42 - 2019-12-11 23:42 - 003703296 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 002800640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2019-12-11 23:42 - 2019-12-11 23:42 - 002762296 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 002716672 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2019-12-11 23:42 - 2019-12-11 23:42 - 002698768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-12-11 23:42 - 2019-12-11 23:42 - 002494432 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 002284544 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 002188816 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystems64.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 002147328 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 002082208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 001757304 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-12-11 23:42 - 2019-12-11 23:42 - 001748480 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 001743888 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 001697280 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 001664904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 001656600 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 001647072 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 001610752 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 001539584 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 001512528 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-12-11 23:42 - 2019-12-11 23:42 - 001496080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVEntSubsystems32.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 001458688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 001451520 _____ (Microsoft Corporation) C:\Windows\system32\usocoreworker.exe
2019-12-11 23:42 - 2019-12-11 23:42 - 001413840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 001399312 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2019-12-11 23:42 - 2019-12-11 23:42 - 001366128 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-12-11 23:42 - 2019-12-11 23:42 - 001261464 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 001182448 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2019-12-11 23:42 - 2019-12-11 23:42 - 001149712 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2019-12-11 23:42 - 2019-12-11 23:42 - 001098928 _____ (Microsoft Corporation) C:\Windows\system32\DolbyDecMFT.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 001072952 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2019-12-11 23:42 - 2019-12-11 23:42 - 001066496 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 001054864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 001006904 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostCommon.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 000986936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refsv1.sys
2019-12-11 23:42 - 2019-12-11 23:42 - 000921600 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 000878080 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.Service.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 000842552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostCommon.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 000826368 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2019-12-11 23:42 - 2019-12-11 23:42 - 000822416 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2019-12-11 23:42 - 2019-12-11 23:42 - 000797112 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 000774456 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2019-12-11 23:42 - 2019-12-11 23:42 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.Internal.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 000674280 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2019-12-11 23:42 - 2019-12-11 23:42 - 000673456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2019-12-11 23:42 - 2019-12-11 23:42 - 000646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 000598016 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2019-12-11 23:42 - 2019-12-11 23:42 - 000595968 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 000593128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\SppExtComObj.Exe
2019-12-11 23:42 - 2019-12-11 23:42 - 000550400 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-12-11 23:42 - 2019-12-11 23:42 - 000532480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 000530944 _____ (Microsoft Corporation) C:\Windows\system32\usosvc.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 000524264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Enumeration.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 000513536 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2019-12-11 23:42 - 2019-12-11 23:42 - 000511000 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 000457216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cldflt.sys
2019-12-11 23:42 - 2019-12-11 23:42 - 000430080 _____ (Microsoft Corporation) C:\Windows\system32\fhcfg.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 000422712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2019-12-11 23:42 - 2019-12-11 23:42 - 000406480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Enumeration.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 000404480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2019-12-11 23:42 - 2019-12-11 23:42 - 000342528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2019-12-11 23:42 - 2019-12-11 23:42 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys
2019-12-11 23:42 - 2019-12-11 23:42 - 000210744 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 000201728 _____ (Microsoft Corporation) C:\Windows\system32\AppXApplicabilityBlob.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 000139776 _____ (Microsoft Corporation) C:\Windows\system32\Chakrathunk.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 000138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 000127272 _____ (Microsoft Corporation) C:\Windows\system32\win32u.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 000117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 000105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakrathunk.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 000100352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys
2019-12-11 23:42 - 2019-12-11 23:42 - 000099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 000097080 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 000089536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32u.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\CustomInstallExec.exe
2019-12-11 23:42 - 2019-12-11 23:42 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\autopilot.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\fdProxy.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 000067112 _____ (Microsoft Corporation) C:\Windows\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelineprxy.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\DevQueryBroker.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 000032056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2019-12-11 23:42 - 2019-12-11 23:42 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\autopilotdiag.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 000011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\DMAlertListener.ProxyStub.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DMAlertListener.ProxyStub.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 000003072 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2019-12-11 23:42 - 2019-12-11 23:42 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2019-12-11 18:07 - 2019-12-11 18:07 - 000318074 _____ C:\Users\Petr\Documents\cc_20191211_180711.reg
2019-12-11 18:05 - 2019-12-11 18:05 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2019-12-11 18:05 - 2019-12-11 18:05 - 000002886 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2019-12-11 18:05 - 2019-12-11 18:05 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-12-11 18:05 - 2019-12-11 18:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-12-11 18:05 - 2019-12-11 18:05 - 000000000 ____D C:\Program Files\CCleaner
2019-12-11 17:52 - 2019-12-11 17:52 - 303294376 _____ (Microsoft Corporation) C:\Users\Petr\Downloads\microsoft_word.exe
2019-12-11 17:51 - 2019-12-11 17:51 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2019-12-11 17:51 - 2019-12-11 17:51 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-12-11 17:50 - 2019-12-11 18:13 - 000000000 ____D C:\ProgramData\AVAST Software
2019-12-11 17:50 - 2019-12-11 18:10 - 000000000 ____D C:\Users\Petr\AppData\Local\chromium
2019-12-11 17:50 - 2019-12-11 18:08 - 000000000 ____D C:\Program Files (x86)\bookingDesktopApp
2019-12-11 17:50 - 2019-12-11 17:52 - 000000000 ____D C:\Users\Petr\AppData\Local\{81C1B79D-A569-DB25-C8F1-FECDEC990255}
2019-12-11 17:50 - 2019-12-11 17:52 - 000000000 ____D C:\ProgramData\fzxbj
2019-12-11 17:50 - 2019-12-11 17:50 - 000000000 ____D C:\ProgramData\{87E1BBDD-AFC9-C3A5-F791-EB8D1F793355}
2019-12-06 14:00 - 2019-12-06 14:00 - 000000000 ____D C:\Users\Petr\AppData\Local\CAPCOM
2019-12-06 11:43 - 2019-12-06 11:43 - 000000222 _____ C:\Users\Petr\Desktop\Resident Evil biohazard HD REMASTER.url
2019-12-01 10:02 - 2019-12-01 10:02 - 000003160 _____ C:\Windows\system32\Tasks\StartCN
2019-12-01 10:02 - 2019-12-01 10:02 - 000003080 _____ C:\Windows\system32\Tasks\StartDVR
2019-12-01 10:00 - 2019-12-01 10:07 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\AMD
2019-12-01 09:58 - 2019-12-01 09:58 - 028295000 _____ (AMD Inc.) C:\Users\Petr\Downloads\radeon-software-adrenalin-2019-19.11.3-minimalsetup-191118_64bit.exe
2019-11-30 01:26 - 2019-11-30 01:26 - 000000000 ____D C:\Users\Public\Documents\Steam
2019-11-30 00:28 - 2019-11-30 00:28 - 000000890 _____ C:\Users\Petr\Desktop\Homefront The Revolution.lnk
2019-11-30 00:28 - 2019-11-30 00:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Homefront The Revolution
2019-11-30 00:06 - 2019-11-30 00:07 - 000000000 ____D C:\Users\Petr\AppData\Local\Disc_Soft_Ltd
2019-11-30 00:06 - 2019-11-30 00:06 - 000000000 ____D C:\Windows\SysWOW64\XPSViewer
2019-11-30 00:06 - 2019-11-30 00:06 - 000000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2019-11-30 00:06 - 2019-11-30 00:06 - 000000000 ____D C:\Program Files\Reference Assemblies
2019-11-30 00:06 - 2019-11-30 00:06 - 000000000 ____D C:\Program Files\MSBuild
2019-11-30 00:06 - 2019-11-30 00:06 - 000000000 ____D C:\Program Files (x86)\MSBuild
2019-11-30 00:05 - 2019-03-01 17:31 - 001166488 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2019-11-30 00:05 - 2019-03-01 17:31 - 000124568 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2019-11-30 00:05 - 2019-03-01 17:31 - 000035592 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2019-11-30 00:05 - 2019-02-05 18:41 - 000778912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2019-11-30 00:05 - 2019-02-05 18:41 - 000103072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2019-11-30 00:05 - 2019-02-05 18:41 - 000035592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2019-11-30 00:04 - 2019-12-11 18:06 - 000000000 ____D C:\Users\Petr\AppData\Roaming\DAEMON Tools Lite
2019-11-30 00:04 - 2019-11-30 00:04 - 000059360 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtliteusbbus.sys
2019-11-30 00:04 - 2019-11-30 00:04 - 000042256 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2019-11-30 00:04 - 2019-11-30 00:04 - 000002667 _____ C:\Users\Petr\Desktop\WarThunder.lnk
2019-11-30 00:04 - 2019-11-30 00:04 - 000000856 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2019-11-30 00:04 - 2019-11-30 00:04 - 000000000 ____D C:\Users\Public\Documents\Catch!
2019-11-30 00:04 - 2019-11-30 00:04 - 000000000 ____D C:\Users\Petr\AppData\Roaming\WarThunder
2019-11-30 00:04 - 2019-11-30 00:04 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2019-11-30 00:04 - 2019-11-30 00:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\DAEMON Tools Lite
2019-11-30 00:04 - 2019-11-30 00:04 - 000000000 ____D C:\ProgramData\DAEMON Tools Lite
2019-11-30 00:04 - 2019-11-30 00:04 - 000000000 ____D C:\Program Files\DAEMON Tools Lite
2019-11-27 13:14 - 2019-12-06 10:04 - 000000000 ____D C:\ProgramData\EA Logs
2019-11-27 13:14 - 2019-11-27 13:14 - 000000000 ____D C:\Users\Petr\Documents\BioWare
2019-11-27 13:14 - 2019-11-27 13:14 - 000000000 ____D C:\ProgramData\EA Core
2019-11-27 12:51 - 2019-11-27 12:51 - 000000919 _____ C:\Users\Public\Desktop\Mass Effect 3.lnk
2019-11-27 12:51 - 2019-11-27 12:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect 3
2019-11-27 12:51 - 2019-11-27 12:51 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-11-27 12:50 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2019-11-27 12:50 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2019-11-27 12:50 - 2010-06-02 04:55 - 000239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2019-11-27 12:50 - 2010-06-02 04:55 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2019-11-27 12:50 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2019-11-27 12:50 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2019-11-27 12:50 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2019-11-27 12:50 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2019-11-27 12:50 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2019-11-27 12:50 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2019-11-27 12:50 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2019-11-27 12:50 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2019-11-27 12:50 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2019-11-27 12:50 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2019-11-27 12:50 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2019-11-27 12:50 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2019-11-27 12:50 - 2010-02-04 10:01 - 000530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2019-11-27 12:50 - 2010-02-04 10:01 - 000528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2019-11-27 12:50 - 2010-02-04 10:01 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2019-11-27 12:50 - 2010-02-04 10:01 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2019-11-27 12:50 - 2010-02-04 10:01 - 000078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2019-11-27 12:50 - 2010-02-04 10:01 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2019-11-27 12:50 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2019-11-27 12:50 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2019-11-27 12:50 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2019-11-27 12:50 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2019-11-27 12:50 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2019-11-27 12:50 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2019-11-27 12:50 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2019-11-27 12:50 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2019-11-27 12:50 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2019-11-27 12:50 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2019-11-27 12:50 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2019-11-27 12:50 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2019-11-27 12:50 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2019-11-27 12:50 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2019-11-27 12:50 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2019-11-27 12:50 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2019-11-27 12:50 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2019-11-27 12:50 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2019-11-27 12:50 - 2009-03-16 14:18 - 000521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2019-11-27 12:50 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2019-11-27 12:50 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2019-11-27 12:50 - 2009-03-16 14:18 - 000174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2019-11-27 12:50 - 2009-03-16 14:18 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2019-11-27 12:50 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2019-11-27 12:50 - 2009-03-09 15:27 - 005425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2019-11-27 12:50 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2019-11-27 12:50 - 2009-03-09 15:27 - 002430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2019-11-27 12:50 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2019-11-27 12:50 - 2009-03-09 15:27 - 000520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2019-11-27 12:50 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2019-11-27 12:50 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2019-11-27 12:50 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2019-11-27 12:50 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2019-11-27 12:50 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2019-11-27 12:50 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2019-11-27 12:50 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2019-11-27 12:50 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2019-11-27 12:50 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2019-11-27 12:50 - 2008-10-15 06:22 - 005631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2019-11-27 12:50 - 2008-10-15 06:22 - 004379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2019-11-27 12:50 - 2008-10-15 06:22 - 002605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2019-11-27 12:50 - 2008-10-15 06:22 - 002036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2019-11-27 12:50 - 2008-10-15 06:22 - 000519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2019-11-27 12:50 - 2008-10-15 06:22 - 000452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2019-11-27 12:50 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2019-11-27 12:50 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2019-11-27 12:50 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2019-11-27 12:50 - 2008-07-31 10:41 - 000068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2019-11-27 12:50 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2019-11-27 12:50 - 2008-07-31 10:40 - 000509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2019-11-27 12:50 - 2008-07-10 11:01 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2019-11-27 12:50 - 2008-07-10 11:00 - 004992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2019-11-27 12:50 - 2008-07-10 11:00 - 003851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2019-11-27 12:50 - 2008-07-10 11:00 - 001942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2019-11-27 12:50 - 2008-07-10 11:00 - 001493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2019-11-27 12:50 - 2008-07-10 11:00 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2019-11-27 12:50 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2019-11-27 12:50 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2019-11-27 12:50 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2019-11-27 12:50 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2019-11-27 12:50 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2019-11-27 12:50 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2019-11-27 12:50 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2019-11-27 12:50 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2019-11-27 12:50 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2019-11-27 12:50 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2019-11-27 12:50 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2019-11-27 12:50 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2019-11-27 12:50 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2019-11-27 12:50 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2019-11-27 12:50 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2019-11-27 12:50 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2019-11-27 12:50 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2019-11-27 12:50 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2019-11-27 12:50 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2019-11-27 12:50 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2019-11-27 12:50 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2019-11-27 12:50 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2019-11-27 12:50 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2019-11-27 12:50 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2019-11-27 12:50 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2019-11-27 12:50 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2019-11-27 12:50 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2019-11-27 12:50 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2019-11-27 12:50 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2019-11-27 12:50 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2019-11-27 12:50 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2019-11-27 12:50 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2019-11-27 12:50 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2019-11-27 12:50 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2019-11-27 12:50 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2019-11-27 12:50 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2019-11-27 12:50 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2019-11-27 12:50 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2019-11-27 12:50 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2019-11-27 12:50 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2019-11-27 12:50 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2019-11-27 12:50 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2019-11-27 12:50 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2019-11-27 12:50 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2019-11-27 12:50 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2019-11-27 12:50 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2019-11-27 12:50 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2019-11-27 12:50 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2019-11-27 12:50 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2019-11-27 12:50 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2019-11-27 12:50 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2019-11-27 12:50 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2019-11-27 12:50 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2019-11-27 12:50 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2019-11-27 12:50 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2019-11-27 12:50 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2019-11-27 12:50 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2019-11-27 12:50 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2019-11-27 12:50 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2019-11-27 12:50 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2019-11-27 12:50 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2019-11-27 12:50 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2019-11-27 12:50 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2019-11-27 12:50 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2019-11-27 12:50 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2019-11-27 12:50 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2019-11-27 12:50 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2019-11-27 12:50 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2019-11-27 12:50 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2019-11-27 12:50 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2019-11-27 12:50 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2019-11-27 12:50 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2019-11-27 12:50 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2019-11-27 12:50 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2019-11-27 12:50 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2019-11-27 12:50 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2019-11-27 12:50 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2019-11-27 12:50 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2019-11-27 12:50 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2019-11-27 12:50 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2019-11-27 12:50 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2019-11-27 12:50 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2019-11-27 12:50 - 2006-03-31 12:41 - 003927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2019-11-27 12:50 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2019-11-27 12:50 - 2006-03-31 12:40 - 000352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2019-11-27 12:50 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2019-11-27 12:50 - 2006-03-31 12:39 - 000083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2019-11-27 12:50 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2019-11-27 12:50 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2019-11-27 12:50 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2019-11-27 12:50 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2019-11-27 12:50 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2019-11-27 12:50 - 2006-02-03 08:41 - 000016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2019-11-27 12:50 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2019-11-27 12:50 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2019-11-27 12:50 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2019-11-27 12:50 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2019-11-27 12:50 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2019-11-27 12:50 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2019-11-27 12:50 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2019-11-27 12:50 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2019-11-27 12:50 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2019-11-27 12:50 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2019-11-27 12:50 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-12-27 10:32 - 2019-03-19 05:50 - 000000000 ____D C:\Windows\INF
2019-12-27 10:30 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-27 10:21 - 2019-08-29 14:01 - 000000000 ____D C:\Users\Petr\AppData\Local\AMD
2019-12-27 10:16 - 2019-11-24 19:56 - 000000000 ____D C:\Program Files (x86)\Steam
2019-12-27 10:16 - 2019-08-29 16:53 - 000000000 ____D C:\Users\Petr\AppData\Local\D3DSCache
2019-12-27 10:16 - 2019-08-29 15:36 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Origin
2019-12-27 10:16 - 2019-08-29 15:36 - 000000000 ____D C:\ProgramData\Origin
2019-12-27 10:15 - 2019-09-13 15:40 - 000003110 _____ C:\Windows\system32\Tasks\AMDLinkUpdate
2019-12-27 10:15 - 2019-08-29 15:36 - 000000000 ____D C:\Users\Petr\AppData\Local\Origin
2019-12-27 01:24 - 2019-08-31 19:11 - 000000000 ____D C:\Users\Petr\AppData\Roaming\vlc
2019-12-27 00:32 - 2019-08-29 13:49 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-12-26 11:37 - 2019-08-29 16:53 - 000000000 ____D C:\Program Files\AMD
2019-12-26 11:26 - 2019-08-29 13:56 - 001694640 _____ C:\Windows\system32\PerfStringBackup.INI
2019-12-26 11:26 - 2019-03-19 12:57 - 000717182 _____ C:\Windows\system32\perfh005.dat
2019-12-26 11:26 - 2019-03-19 12:57 - 000145262 _____ C:\Windows\system32\perfc005.dat
2019-12-26 11:25 - 2019-09-13 15:37 - 000003522 _____ C:\Windows\system32\Tasks\AMDInstallUEP
2019-12-26 11:25 - 2019-08-29 14:01 - 000000000 ____D C:\AMD
2019-12-26 11:22 - 2019-08-29 13:49 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-12-21 00:07 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-21 00:07 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\AppReadiness
2019-12-20 12:06 - 2019-08-29 15:32 - 000004198 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1567089129
2019-12-20 12:06 - 2019-08-29 15:32 - 000001396 _____ C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2019-12-19 19:24 - 2019-08-29 17:09 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-19 19:24 - 2019-08-29 17:09 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-12-17 21:08 - 2019-11-18 15:01 - 000020608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\detoured.dll
2019-12-17 21:08 - 2017-05-16 17:06 - 004564184 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amfrt64.dll
2019-12-17 21:08 - 2017-05-16 17:06 - 004076760 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amfrt32.dll
2019-12-17 21:08 - 2017-05-16 17:06 - 001730776 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2019-12-17 21:08 - 2017-05-16 17:06 - 001243352 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2019-12-17 21:08 - 2017-05-16 17:06 - 000941784 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2019-12-17 21:08 - 2017-05-16 17:06 - 000769240 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2019-12-17 21:08 - 2017-05-16 17:06 - 000761048 _____ (AMD) C:\Windows\system32\atieclxx.exe
2019-12-17 21:08 - 2017-05-16 17:06 - 000574888 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Rapidfire64.dll
2019-12-17 21:08 - 2017-05-16 17:06 - 000554200 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmcl64.dll
2019-12-17 21:08 - 2017-05-16 17:06 - 000493992 _____ C:\Windows\system32\dgtrayicon.exe
2019-12-17 21:08 - 2017-05-16 17:06 - 000491944 _____ C:\Windows\system32\GameManager64.dll
2019-12-17 21:08 - 2017-05-16 17:06 - 000485800 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\Rapidfire.dll
2019-12-17 21:08 - 2017-05-16 17:06 - 000469208 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2019-12-17 21:08 - 2017-05-16 17:06 - 000451800 _____ C:\Windows\system32\atieah64.exe
2019-12-17 21:08 - 2017-05-16 17:06 - 000384216 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmcl32.dll
2019-12-17 21:08 - 2017-05-16 17:06 - 000374696 _____ C:\Windows\SysWOW64\GameManager32.dll
2019-12-17 21:08 - 2017-05-16 17:06 - 000345816 _____ C:\Windows\SysWOW64\atieah32.exe
2019-12-17 21:08 - 2017-05-16 17:06 - 000345000 _____ C:\Windows\system32\clinfo.exe
2019-12-17 21:08 - 2017-05-16 17:06 - 000241880 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2019-12-17 21:08 - 2017-05-16 17:06 - 000209112 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2019-12-17 21:08 - 2017-05-16 17:06 - 000184744 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2019-12-17 21:08 - 2017-05-16 17:06 - 000178864 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2019-12-17 21:08 - 2017-05-16 17:06 - 000163240 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2019-12-17 21:08 - 2017-05-16 17:06 - 000159656 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2019-12-17 21:08 - 2017-05-16 17:06 - 000158216 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2019-12-17 21:08 - 2017-05-16 17:06 - 000153512 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2019-12-17 21:08 - 2017-05-16 17:06 - 000138664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2019-12-17 21:08 - 2017-05-16 17:06 - 000136616 _____ (AMD) C:\Windows\system32\atimuixx.dll
2019-12-17 21:08 - 2017-05-16 17:06 - 000136616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2019-12-17 21:08 - 2017-05-16 17:06 - 000124632 _____ C:\Windows\system32\atidxx64.dll
2019-12-17 21:08 - 2017-05-16 17:06 - 000121048 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdxc64.dll
2019-12-17 21:08 - 2017-05-16 17:06 - 000107224 _____ C:\Windows\SysWOW64\atidxx32.dll
2019-12-17 21:08 - 2017-05-16 17:06 - 000106200 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdxc32.dll
2019-12-17 21:08 - 2017-05-16 17:06 - 000070872 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ati2erec.dll
2019-12-17 21:08 - 2017-05-16 17:06 - 000047528 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\RapidFireServer64.dll
2019-12-17 21:08 - 2017-05-16 17:06 - 000044456 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\RapidFireServer.dll
2019-12-17 21:07 - 2019-09-10 17:06 - 000197392 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdihk64.dll
2019-12-17 21:07 - 2019-09-10 17:06 - 000166992 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdihk32.dll
2019-12-17 21:07 - 2017-05-16 17:06 - 000484568 _____ C:\Windows\system32\amdgfxinfo64.dll
2019-12-17 21:07 - 2017-05-16 17:06 - 000373976 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2019-12-17 21:06 - 2017-05-16 17:05 - 000546328 _____ C:\Windows\system32\amdmiracast.dll
2019-12-17 21:06 - 2017-05-16 17:05 - 000134944 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2019-12-17 21:06 - 2017-05-16 17:05 - 000128736 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2019-12-17 21:06 - 2017-05-16 17:05 - 000128736 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2019-12-17 21:06 - 2017-05-16 17:05 - 000119856 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2019-12-17 21:06 - 2017-05-16 17:05 - 000107840 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2019-12-17 21:06 - 2017-05-16 17:05 - 000107840 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2019-12-17 14:32 - 2019-08-29 15:37 - 000000000 ____D C:\Program Files (x86)\Origin
2019-12-16 19:35 - 2017-04-24 23:56 - 003437632 _____ C:\Windows\system32\atiumd6a.cap
2019-12-16 19:35 - 2017-04-24 23:51 - 003471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2019-12-16 19:27 - 2017-04-25 00:06 - 000541192 _____ C:\Windows\SysWOW64\atiapfxx.blb
2019-12-16 19:27 - 2017-04-25 00:06 - 000541192 _____ C:\Windows\system32\atiapfxx.blb
2019-12-16 12:16 - 2019-08-29 16:02 - 000000674 _____ C:\Users\Public\Desktop\Battlefield™ V.lnk
2019-12-15 10:47 - 2019-08-31 14:32 - 000000000 ____D C:\Users\Petr\AppData\Local\Adobe
2019-12-15 10:39 - 2019-08-31 14:32 - 000004622 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2019-12-15 10:39 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-12-15 10:39 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\Macromed
2019-12-14 06:56 - 2019-08-29 17:09 - 000003474 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-14 06:56 - 2019-08-29 17:09 - 000003350 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-13 00:08 - 2019-10-10 23:08 - 000031880 _____ (Microsoft Corporation) C:\Windows\system32\gamemodcontrol.exe
2019-12-13 00:08 - 2019-09-02 07:22 - 001320376 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll
2019-12-13 00:08 - 2019-09-02 07:22 - 000149432 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll
2019-12-13 00:08 - 2019-09-02 07:22 - 000088200 _____ (Microsoft Corporation) C:\Windows\system32\gamingservicesproxy.dll
2019-12-12 15:38 - 2019-08-29 13:56 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-12-12 15:38 - 2019-08-29 13:56 - 000000000 ___RD C:\Users\Petr\3D Objects
2019-12-12 00:42 - 2019-08-29 14:01 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2019-12-12 00:42 - 2019-08-29 13:49 - 000258096 _____ C:\Windows\system32\FNTCACHE.DAT
2019-12-12 00:42 - 2019-03-19 05:37 - 000786432 _____ C:\Windows\system32\config\BBI
2019-12-12 00:41 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SystemResources
2019-12-12 00:41 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\ShellExperiences
2019-12-12 00:41 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\bcastdvr
2019-12-11 23:47 - 2019-08-29 14:13 - 000000000 ____D C:\Windows\system32\MRT
2019-12-11 23:44 - 2019-08-29 14:13 - 129221664 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-12-11 23:44 - 2019-03-19 05:37 - 000000000 ____D C:\Windows\CbsTemp
2019-12-11 18:11 - 2019-08-29 13:56 - 000000000 ____D C:\Users\Petr\AppData\Local\Packages
2019-12-11 18:06 - 2019-08-29 14:48 - 000000000 ____D C:\Windows\Panther
2019-12-11 18:06 - 2019-08-29 13:51 - 000000000 ____D C:\Windows\minidump
2019-12-11 18:06 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\LiveKernelReports
2019-12-11 17:51 - 2019-03-19 05:52 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-12-10 14:48 - 2019-09-26 21:15 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Discord
2019-12-10 14:48 - 2019-08-29 13:58 - 000000000 ___RD C:\Users\Petr\OneDrive
2019-12-03 18:00 - 2019-08-29 13:49 - 000000000 ____D C:\Windows\system32\Drivers\wd
2019-12-01 10:05 - 2019-08-29 17:48 - 000003414 _____ C:\Windows\system32\Tasks\AMD ThankingURL
2019-12-01 09:58 - 2019-09-13 15:37 - 000000060 _____ C:\ProgramData\SoftwareUpdateTemp.xml
2019-12-01 00:14 - 2019-08-29 17:09 - 000000000 ____D C:\Users\Petr\AppData\Local\Google
2019-11-30 00:06 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SysWOW64\MUI
2019-11-30 00:06 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\MUI
2019-11-27 13:14 - 2019-08-29 16:02 - 000000000 ____D C:\ProgramData\Electronic Arts
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu, děkuji.
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118271
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu, děkuji.
Zdravím!
Ještě potřebuji vidět log Addition. Najdete ho v souboru addition.txt na ploše. Děkuji.
Ještě potřebuji vidět log Addition. Najdete ho v souboru addition.txt na ploše. Děkuji.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu, děkuji.
Dobrý večer, děkuji, log zde:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-12-2019
Ran by Petr (27-12-2019 10:33:52)
Running from C:\Users\Petr\Desktop
Windows 10 Pro Version 1903 18362.535 (X64) (2019-08-29 12:51:31)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1509276542-816349280-2872763448-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1509276542-816349280-2872763448-503 - Limited - Disabled)
Guest (S-1-5-21-1509276542-816349280-2872763448-501 - Limited - Disabled)
Petr (S-1-5-21-1509276542-816349280-2872763448-1001 - Administrator - Enabled) => C:\Users\Petr
WDAGUtilityAccount (S-1-5-21-1509276542-816349280-2872763448-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (HKLM\...\{BC741628-0AFC-405C-8946-DD46D1005A0A}) (Version: 8.2.4 - Hewlett-Packard) Hidden
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.303 - Adobe)
AMD Product Verification Tool version 1.0.4.8 (HKLM\...\{4242685A-EF3E-45FF-B4AE-758E49020936}}_is1) (Version: 1.0.4.8 - AMD)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.12.3 - Advanced Micro Devices, Inc.)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.57.44284 - Electronic Arts)
Battlefield™ Hardline (HKLM-x32\...\{CB4AC3DA-8CC1-4516-86DA-4078B57DB229}) (Version: 1.4.0.10 - Electronic Arts)
Battlefield™ V (HKLM-x32\...\{e26b382f-e945-4f70-9318-121b683f1d61}) (Version: 1.0.62.35851 - Electronic Arts)
Bloody6 (HKLM-x32\...\Bloody3) (Version: 19.06.0006 - Bloody)
Branding64 (HKLM\...\{133E6274-9FD4-4ABD-80A8-2A954E89EAD6}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.11.0.1001 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-1509276542-816349280-2872763448-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
EPSON PX730 Series Printer Uninstall (HKLM\...\EPSON PX730 Series) (Version: - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
FastStone Image Viewer 7.4 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.4 - FastStone Soft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.24.15 - Google Inc.) Hidden
HP LaserJet 200 color M251 (HKLM-x32\...\{6682B5C4-530A-4FB8-ACAC-80DB5CCC68DD}) (Version: 15.0.15188.1774 - Hewlett-Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDXP (HKLM-x32\...\{6BA4598F-9ECC-453D-B6F7-ABAEEFA35561}) (Version: 3.0.26.12 - HP) Hidden
HPLaserJet200color-M251_HelpLearnCenter_SI (HKLM-x32\...\{DDEBEA89-2B5A-4E5B-8702-369882BB3F52}) (Version: 1.01.0000 - Hewlett-Packard)
HPLJDXPHelper (HKLM-x32\...\{010788AB-706E-4604-A46B-6785EAB64B5E}) (Version: 140.069.007 - HP) Hidden
HPLJUTCore (HKLM-x32\...\{B445502B-2F83-4873-90F1-06059F71A46A}) (Version: 014.000.0001 - HP) Hidden
HPLJUTM251 (HKLM-x32\...\{663A3950-CA55-4541-8B46-646BD548641D}) (Version: 3.00.0003 - HP) Hidden
hppLaserJetService (HKLM-x32\...\{0C4C3664-157A-4D69-B474-31EBF2EE1AE3}) (Version: 009.033.00926 - Hewlett-Packard) Hidden
hppM251LaserJetService (HKLM-x32\...\{09C0DA15-AB94-43BC-9B02-57DF3FEB469F}) (Version: 001.019.00639 - Hewlett-Packard) Hidden
hpStatusAlerts (HKLM-x32\...\{E35D0ED5-716B-4E1F-8477-54DD746DF527}) (Version: 140.040.00231 - Hewlett Packard) Hidden
hpStatusAlertsM251 (HKLM-x32\...\{A1EF28FB-74A8-4157-91E9-9C164CAB10F8}) (Version: 050.034.00131 - Hewlett-Packard) Hidden
LJDXPHelperUI (HKLM-x32\...\{DEB23FB1-04FF-44AC-98B5-EEB243D65A28}) (Version: 140.069.007 - HP) Hidden
Logicool Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logicool)
Mass Effect™ 3 (HKLM-x32\...\{534A31BD-20F4-46b0-85CE-09778379663C}) (Version: 1.05.0.0 - Electronic Arts)
Microsoft OneDrive (HKU\S-1-5-21-1509276542-816349280-2872763448-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
NVIDIA PhysX (HKLM-x32\...\{9530AE42-DAE1-4619-9594-B23487285D17}) (Version: 9.11.1107 - NVIDIA Corporation)
Opera Stable 65.0.3467.78 (HKU\S-1-5-21-1509276542-816349280-2872763448-1001\...\Opera 65.0.3467.78) (Version: 65.0.3467.78 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.57.35162 - Electronic Arts, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8716.1 - Realtek Semiconductor Corp.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
WarThunder (HKLM-x32\...\WarThunder) (Version: - ) <==== ATTENTION
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.4.4.0_x86__kgqvnymyfvs32 [2019-12-10] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.27.6.0_x86__kgqvnymyfvs32 [2019-12-13] (king.com)
DirectX -> C:\Program Files\WindowsApps\Microsoft.DirectXRuntime_9.29.952.0_x64__8wekyb3d8bbwe [2019-09-02] (Microsoft Corporation)
DirectX -> C:\Program Files\WindowsApps\Microsoft.DirectXRuntime_9.29.952.0_x86__8wekyb3d8bbwe [2019-09-02] (Microsoft Corporation)
Gears of War: Ultimate Edition for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.DeltaPC_1.10.0.0_x64__8wekyb3d8bbwe [2019-11-02] (Microsoft Studios)
Herní služby -> C:\Program Files\WindowsApps\Microsoft.GamingServices_1.35.26001.0_x64__8wekyb3d8bbwe [2019-12-13] (Microsoft Corporation)
Metro Exodus (Windows) -> C:\Program Files\WindowsApps\DeepSilver.ProjectWindfall_1.0.19.0_x64__hmv7qcest37me [2019-10-09] (Koch Media GmbH)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-08-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-08-29] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-11] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
Rise of the Tomb Raider -> C:\Program Files\WindowsApps\39C668CD.RiseoftheTombRaider_1.753.1.0_x64__r7bfsmp40f67j [2019-09-06] (Square Enix Ltd.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0 [2019-12-20] (Spotify AB) [Startup Task]
State of Decay 2 -> C:\Program Files\WindowsApps\Microsoft.Dayton_1.3764.5.2_x64__8wekyb3d8bbwe [2019-12-21] (Microsoft Studios)
Worms W.M.D -> C:\Program Files\WindowsApps\Team17DigitalLimited.WormsW.M.DWin10_1.0.352.0_x64__j5x4vj4y67jhc [2019-10-16] (Team17 Digital Limited)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-11-30] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-11-30] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-12-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Petr\Desktop\WarThunder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --app=hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=1&aff_sub2=JFNSWiiFXIyksJyNaLVtTKTlXUnp3AVx7d1dcfnZTUTQmUVIoOVPipJgAAABVjZRgie&click_id=cab269e76ac6be97f667652d7d5afd19da022089 --app-window-size=1680,1050
ShortcutWithArgument: C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\WarThunder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --app=hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=1&aff_sub2=JFNSWiiFXIyksJyNaLVtTKTlXUnp3AVx7d1dcfnZTUTQmUVIoOVPipJgAAABVjZRgie&click_id=cab269e76ac6be97f667652d7d5afd19da022089 --app-window-size=1680,1050
ShortcutWithArgument: C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --app=hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=1&aff_sub2=JFNSWiiFXIyksJyNaLVtTKTlXUnp3AVx7d1dcfnZTUTQmUVIoOVPipJgAAABVjZRgie&click_id=cab269e76ac6be97f667652d7d5afd19da022089 --app-window-size=1680,1050
==================== Loaded Modules (Whitelisted) =============
2019-08-29 15:37 - 2019-12-17 14:32 - 000015360 _____ () [File not signed] C:\Program Files (x86)\Origin\libEGL.DLL
2019-08-29 15:37 - 2019-12-17 14:32 - 003090944 _____ () [File not signed] C:\Program Files (x86)\Origin\libGLESv2.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2018-03-13 03:47 - 2018-03-13 03:47 - 000912896 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-core.dll
2018-03-13 03:47 - 2018-03-13 03:47 - 003109888 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-s3.dll
2015-02-19 00:13 - 2015-02-19 00:13 - 000817152 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\Device.dll
2015-02-19 00:13 - 2015-02-19 00:13 - 003650560 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\Platform.dll
2019-12-16 13:31 - 2019-12-16 13:31 - 001516544 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\WVR\OpenVR\bin\win64\driver_amdwvr.dll
2009-09-16 17:44 - 2009-09-16 17:44 - 000153088 _____ (Hewlett Packard) [File not signed] C:\Windows\System32\hptcpmib.dll
2009-09-16 17:45 - 2009-09-16 17:45 - 000331264 _____ (Hewlett Packard) [File not signed] C:\Windows\System32\HpTcpMon.dll
2009-09-16 10:44 - 2009-09-16 10:44 - 000132096 _____ (Hewlett Packard) [File not signed] C:\Windows\System32\hpzjrd01.dll
2014-06-24 22:31 - 2014-06-24 22:31 - 000041472 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPHTTPProxy.dll
2014-06-24 22:31 - 2014-06-24 22:31 - 000073728 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPTools.dll
2014-06-24 22:31 - 2014-06-24 22:31 - 001222656 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\LEDMXMLObjects.dll
2014-06-24 22:31 - 2014-06-24 22:31 - 000034816 _____ (HP) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPServiceCommunicator.dll
2009-09-16 17:45 - 2009-09-16 17:45 - 000317440 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\HPTcpMUI.dll
2019-10-10 16:07 - 2012-11-12 14:15 - 000558592 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Windows\System32\enppmon.dll
2019-10-10 16:07 - 2012-10-22 16:19 - 000219648 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Windows\System32\enpres.dll
2019-12-17 14:32 - 2019-12-17 14:32 - 000002560 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Origin\icudt58.dll
2019-12-17 14:32 - 2019-12-17 14:32 - 001252864 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Origin\icuuc58.dll
2019-08-29 15:37 - 2019-12-17 14:32 - 001277440 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2019-08-29 15:37 - 2019-12-17 14:32 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\SSLEAY32.dll
2019-12-17 14:32 - 2019-12-17 14:32 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qgif.dll
2019-12-17 14:32 - 2019-12-17 14:32 - 000032768 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qico.dll
2019-12-17 14:32 - 2019-12-17 14:32 - 000256512 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2019-12-17 14:32 - 2019-12-17 14:32 - 000026112 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qtga.dll
2019-12-17 14:32 - 2019-12-17 14:32 - 000305152 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2019-12-17 14:32 - 2019-12-17 14:32 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2019-08-29 15:37 - 2019-12-17 14:32 - 000278016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\mediaservice\dsengine.dll
2019-08-29 15:37 - 2019-12-17 14:32 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2019-12-17 14:32 - 2019-12-17 14:32 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2019-12-17 14:32 - 2019-12-17 14:32 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2019-12-17 14:32 - 2019-12-17 14:32 - 000709120 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Multimedia.dll
2019-12-17 14:32 - 2019-12-17 14:32 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2019-12-17 14:32 - 2019-12-17 14:32 - 000207360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Positioning.dll
2019-12-17 14:32 - 2019-12-17 14:32 - 000310272 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5PrintSupport.dll
2019-12-17 14:32 - 2019-12-17 14:32 - 003513344 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Qml.dll
2019-12-17 14:32 - 2019-12-17 14:32 - 003390976 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Quick.dll
2019-12-17 14:32 - 2019-12-17 14:32 - 000068096 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5QuickWidgets.dll
2019-12-17 14:32 - 2019-12-17 14:32 - 000045568 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5TextToSpeech.dll
2019-12-17 14:32 - 2019-12-17 14:32 - 054071296 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebEngineCore.dll
2019-12-17 14:32 - 2019-12-17 14:32 - 000211456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebEngineWidgets.dll
2019-12-17 14:32 - 2019-12-17 14:32 - 000116224 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebChannel.dll
2019-12-17 14:32 - 2019-12-17 14:32 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2019-12-17 14:32 - 2019-12-17 14:32 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2019-12-17 14:32 - 2019-12-17 14:32 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000413696 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000519168 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 001431040 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 001180672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2019-12-16 13:39 - 2019-12-16 13:39 - 006010880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 006345216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 001078272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 004000256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 003802624 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 001083904 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 000205312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 000376320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 092323328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 005560832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 000188416 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 002888704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000287232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000329216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000136192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000089088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000312320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2019-12-16 13:39 - 2019-12-16 13:39 - 000085504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1509276542-816349280-2872763448-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Petr\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\P1016731.JPG
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "Start WingMan Profiler"
HKLM\...\StartupApproved\Run32: => "StatusAlerts"
HKU\S-1-5-21-1509276542-816349280-2872763448-1001\...\StartupApproved\Run: => "Bloody2"
HKU\S-1-5-21-1509276542-816349280-2872763448-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1509276542-816349280-2872763448-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1509276542-816349280-2872763448-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_99DE362BF37F05AF23B8D5CFF8AAB751"
HKU\S-1-5-21-1509276542-816349280-2872763448-1001\...\StartupApproved\Run: => "Chromium"
HKU\S-1-5-21-1509276542-816349280-2872763448-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{112F24A0-5A91-4967-993D-2FBAE5FAE76A}] => (Allow) D:\hry\Battlefield 1\bf1Trial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{8F06DE42-E106-4488-A580-5027682911BF}] => (Allow) D:\hry\Battlefield 1\bf1Trial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{C1B9E5B8-D5BE-428B-8CB6-CE3D076087CF}] => (Allow) D:\hry\Battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{C39B6ACE-BCAD-4E21-83B8-AB537689C860}] => (Allow) D:\hry\Battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{B831EE28-6AB1-4813-9DEF-6843C5212E4D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{90FE60E6-6912-401A-9E0E-92FFA59A2656}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{A22089AC-FA86-430F-B08C-88191A693C75}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{B157E7A7-8672-432E-9E5E-017DD15C789F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{78343BEA-6FE5-4DDE-BF17-52114B0B4552}] => (Allow) D:\hry\BFH\BFHWebHelper.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{57D64B27-FBD1-4497-8008-838255B9DCFF}] => (Allow) D:\hry\BFH\BFHWebHelper.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [TCP Query User{813FEBFE-BB2E-4895-9646-70AC8D1E80D4}D:\hry\bfh\bfh.exe] => (Allow) D:\hry\bfh\bfh.exe (Electronic Arts -> Visceral Games)
FirewallRules: [UDP Query User{39598308-2164-4940-9FB0-8A80A6DF7F83}D:\hry\bfh\bfh.exe] => (Allow) D:\hry\bfh\bfh.exe (Electronic Arts -> Visceral Games)
FirewallRules: [TCP Query User{AE5EA527-2EB6-4740-9A79-02F1C2BD1C19}C:\users\petr\appdata\local\programs\opera\65.0.3467.48\opera.exe] => (Block) C:\users\petr\appdata\local\programs\opera\65.0.3467.48\opera.exe No File
FirewallRules: [UDP Query User{F085D1D7-CCB6-4B93-87FB-94A1C5CC2A88}C:\users\petr\appdata\local\programs\opera\65.0.3467.48\opera.exe] => (Block) C:\users\petr\appdata\local\programs\opera\65.0.3467.48\opera.exe No File
FirewallRules: [{5B730B61-667C-4516-938B-EC15A9637983}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{E93EC311-5E58-4E08-B98C-0235B7A73406}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{943FFC37-DC3A-4F40-9069-F228EE43B246}] => (Allow) D:\hry\SteamLibrary\steamapps\common\Syberia3\Syberia3.exe () [File not signed]
FirewallRules: [{753D5192-E625-409B-870E-92936AF340EC}] => (Allow) D:\hry\SteamLibrary\steamapps\common\Syberia3\Syberia3.exe () [File not signed]
FirewallRules: [{C5E1C6B2-34D7-457D-B5D2-3585F4F189ED}] => (Allow) D:\hry\Mass Effect 3\Binaries\Win32\MassEffect3.exe (Electronic Arts -> BioWare)
FirewallRules: [{B6CE67D0-2212-4EF5-9CC0-8CFF04E6E103}] => (Allow) D:\hry\Mass Effect 3\Binaries\Win32\MassEffect3.exe (Electronic Arts -> BioWare)
FirewallRules: [{9AAD93C6-52C7-4FE2-B87D-5DB01CAD76C3}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{CE6EEF2D-1F36-462F-AB41-88FAB44C700E}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{D7AC227F-0A37-4BE3-AF57-D36B2995251A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{BB8ACC7B-E2D1-4E88-9214-C72F3EDBE9F1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{16B3BAF6-F1D7-4B01-B680-00258D58E31A}] => (Allow) D:\hry\SteamLibrary\steamapps\common\Resident Evil Biohazard HD REMASTER\bhd.exe () [File not signed]
FirewallRules: [{7A7790A4-C87C-4E2C-9F51-F8B5672F7A67}] => (Allow) D:\hry\SteamLibrary\steamapps\common\Resident Evil Biohazard HD REMASTER\bhd.exe () [File not signed]
FirewallRules: [TCP Query User{0B948609-F943-49D8-AE86-EE2C664000AC}C:\users\petr\appdata\local\programs\opera\65.0.3467.62\opera.exe] => (Block) C:\users\petr\appdata\local\programs\opera\65.0.3467.62\opera.exe No File
FirewallRules: [UDP Query User{3CA8E5EA-876D-4BD7-BA55-01C0D83BE727}C:\users\petr\appdata\local\programs\opera\65.0.3467.62\opera.exe] => (Block) C:\users\petr\appdata\local\programs\opera\65.0.3467.62\opera.exe No File
FirewallRules: [{2D18E0DF-0F1E-4D3C-BD88-6A4C53E7FE44}] => (Allow) D:\hry\Battlefield V\bfvTrial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{79165461-6FDA-48BA-87C3-6D31F0FCADDE}] => (Allow) D:\hry\Battlefield V\bfvTrial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{D2267909-6903-4FF4-A604-7CC2334625A8}] => (Allow) D:\hry\Battlefield V\bfv.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{E3D25593-FC6A-484D-A782-ABD86FDC1A84}] => (Allow) D:\hry\Battlefield V\bfv.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [TCP Query User{BF5764D0-7E72-470B-A7AC-49B39B777FC3}C:\users\petr\appdata\local\programs\opera\65.0.3467.72\opera.exe] => (Block) C:\users\petr\appdata\local\programs\opera\65.0.3467.72\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{BFCA10DF-B60D-4F49-A658-BC30E731F021}C:\users\petr\appdata\local\programs\opera\65.0.3467.72\opera.exe] => (Block) C:\users\petr\appdata\local\programs\opera\65.0.3467.72\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{6B39D53A-1F5C-4231-BC2D-87AE1C303AE4}] => (Allow) D:\hry\SteamLibrary\steamapps\common\Dying Light\DyingLightGame.exe (Techland Sp. z o.o. -> Techland)
FirewallRules: [{B6E26884-DFF2-4133-B945-64DFB3FD2470}] => (Allow) D:\hry\SteamLibrary\steamapps\common\Dying Light\DyingLightGame.exe (Techland Sp. z o.o. -> Techland)
FirewallRules: [{F4650AC6-7BBE-4E90-AE63-E69C1F7BA82D}] => (Allow) D:\hry\SteamLibrary\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe (Techland) [File not signed]
FirewallRules: [{E8457553-3BFC-4D9A-801E-0F340FA24A24}] => (Allow) D:\hry\SteamLibrary\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe (Techland) [File not signed]
FirewallRules: [{C74F1440-F60F-42C2-9F1F-DD9420755911}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{8B84DA4E-7ED1-45D2-BF33-A91EF21A8305}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3320AD9D-B20C-4D5F-96BC-2746DF22AB68}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{45B2143E-B65C-4BD3-A5A9-9332A7C43F47}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2EE66349-72BD-49D9-8ED2-523F32A8AF82}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{50953BA9-2499-41FA-8630-FD20650D5FB0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{324EA6FA-1FB6-4897-9AD9-73AA294085A4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8846BB69-3927-4147-A618-D9ADF2541E81}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5399C34D-243B-4538-BAE8-F8AFC363723E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{FC9AB020-7D9E-4FD2-BB2D-5009A53B6C0F}C:\users\petr\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Block) C:\users\petr\appdata\local\programs\opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{9BE411BD-0B1E-4A34-913A-1976BF4E3FE0}C:\users\petr\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Block) C:\users\petr\appdata\local\programs\opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:111.16 GB) (Free:50.32 GB) (45%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/27/2019 10:16:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: OriginWebHelperService.exe, verze: 10.5.57.35162, časové razítko: 0x5df243e3
Název chybujícího modulu: OriginWebHelperService.exe, verze: 10.5.57.35162, časové razítko: 0x5df243e3
Kód výjimky: 0xc0000005
Posun chyby: 0x00099d50
ID chybujícího procesu: 0x28e0
Čas spuštění chybující aplikace: 0x01d5bc9642d074ef
Cesta k chybující aplikaci: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
ID zprávy: c934b0f6-079b-4433-926a-f158d4eaef2a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/26/2019 11:22:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: OriginWebHelperService.exe, verze: 10.5.57.35162, časové razítko: 0x5df243e3
Název chybujícího modulu: OriginWebHelperService.exe, verze: 10.5.57.35162, časové razítko: 0x5df243e3
Kód výjimky: 0xc0000005
Posun chyby: 0x00099d50
ID chybujícího procesu: 0x1bc8
Čas spuštění chybující aplikace: 0x01d5bbd66dfc6e8b
Cesta k chybující aplikaci: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
ID zprávy: 2fb0e4a7-83a3-4dba-b585-d7d682252e9a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/26/2019 11:22:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: OriginWebHelperService.exe, verze: 10.5.57.35162, časové razítko: 0x5df243e3
Název chybujícího modulu: OriginWebHelperService.exe, verze: 10.5.57.35162, časové razítko: 0x5df243e3
Kód výjimky: 0xc0000005
Posun chyby: 0x00099d50
ID chybujícího procesu: 0xd04
Čas spuštění chybující aplikace: 0x01d5bbd65fdd9b3a
Cesta k chybující aplikaci: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
ID zprávy: cafc8449-047d-4cfb-aa32-05736036e384
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/25/2019 09:38:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: OriginWebHelperService.exe, verze: 10.5.57.35162, časové razítko: 0x5df243e3
Název chybujícího modulu: OriginWebHelperService.exe, verze: 10.5.57.35162, časové razítko: 0x5df243e3
Kód výjimky: 0xc0000005
Posun chyby: 0x00099d50
ID chybujícího procesu: 0x3e18
Čas spuštění chybující aplikace: 0x01d5bafeac0ef213
Cesta k chybující aplikaci: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
ID zprávy: 5644b657-a6ab-4093-b8af-6169d9ac7e74
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/24/2019 10:07:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: OriginWebHelperService.exe, verze: 10.5.57.35162, časové razítko: 0x5df243e3
Název chybujícího modulu: OriginWebHelperService.exe, verze: 10.5.57.35162, časové razítko: 0x5df243e3
Kód výjimky: 0xc0000005
Posun chyby: 0x00099d50
ID chybujícího procesu: 0x3e58
Čas spuštění chybující aplikace: 0x01d5ba9e318ecdfc
Cesta k chybující aplikaci: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
ID zprávy: 002d9783-75cc-417d-8bd2-0bad8ac34240
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/24/2019 10:49:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: OriginWebHelperService.exe, verze: 10.5.57.35162, časové razítko: 0x5df243e3
Název chybujícího modulu: OriginWebHelperService.exe, verze: 10.5.57.35162, časové razítko: 0x5df243e3
Kód výjimky: 0xc0000005
Posun chyby: 0x00099d50
ID chybujícího procesu: 0x4b68
Čas spuštění chybující aplikace: 0x01d5ba3f6742ca50
Cesta k chybující aplikaci: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
ID zprávy: 1f9046b8-9079-4ac3-b760-26f1c05771e5
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/23/2019 10:09:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: OriginWebHelperService.exe, verze: 10.5.57.35162, časové razítko: 0x5df243e3
Název chybujícího modulu: OriginWebHelperService.exe, verze: 10.5.57.35162, časové razítko: 0x5df243e3
Kód výjimky: 0xc0000005
Posun chyby: 0x00099d50
ID chybujícího procesu: 0x1c74
Čas spuštění chybující aplikace: 0x01d5b970b57e4f89
Cesta k chybující aplikaci: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
ID zprávy: 3c7948f1-9396-4222-881d-5562b5aa4362
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/22/2019 09:28:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: OriginWebHelperService.exe, verze: 10.5.57.35162, časové razítko: 0x5df243e3
Název chybujícího modulu: OriginWebHelperService.exe, verze: 10.5.57.35162, časové razítko: 0x5df243e3
Kód výjimky: 0xc0000005
Posun chyby: 0x00099d50
ID chybujícího procesu: 0x3860
Čas spuštění chybující aplikace: 0x01d5b8a1c2c1a846
Cesta k chybující aplikaci: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
ID zprávy: 8a605e87-c090-4d1e-a25c-e7f9a6ee9d63
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (12/27/2019 10:16:11 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Origin Web Helper Service byla neočekávaně ukončena. Tento stav nastal již 3krát.
Error: (12/26/2019 11:37:23 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba AMD User Experience Program Launcher je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (12/26/2019 11:26:46 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD User Experience Program Launcher byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (12/26/2019 11:22:58 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Origin Web Helper Service byla neočekávaně ukončena. Tento stav nastal již 2krát.
Error: (12/26/2019 11:22:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Origin Web Helper Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (12/26/2019 11:22:26 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (10:56:42, 26.12.2019) bylo neočekávané.
Error: (12/25/2019 09:38:34 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Origin Web Helper Service byla neočekávaně ukončena. Tento stav nastal již 10krát.
Error: (12/24/2019 10:07:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Origin Web Helper Service byla neočekávaně ukončena. Tento stav nastal již 9krát.
Windows Defender:
===================================
Date: 2019-12-20 15:07:37.000
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {F4183D2B-B62C-4D6C-B984-938FD5AD3593}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-12-20 13:01:10.474
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {CC3BA1F5-16DD-42B2-BD12-8DB1EA959448}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-12-12 20:17:46.095
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {0AD2315A-281F-4538-8AAB-077FF73A8A5E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-12-12 19:46:07.631
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {28C794C7-C77E-4498-9CC4-CCBCEB50C28C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
CodeIntegrity:
===================================
Date: 2019-12-11 17:51:28.992
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-11 17:51:28.974
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-11 17:51:28.954
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-11 17:51:28.853
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-11 17:51:28.829
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 2603 06/26/2015
Motherboard: ASUSTeK COMPUTER INC. M5A97 R2.0
Processor: AMD FX(tm)-8350 Eight-Core Processor
Percentage of memory in use: 28%
Total physical RAM: 16283.51 MB
Available physical RAM: 11665.43 MB
Total Virtual: 18715.51 MB
Available Virtual: 10439.42 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.16 GB) (Free:50.32 GB) NTFS
Drive d: (HDD) (Fixed) (Total:931.51 GB) (Free:3.32 GB) NTFS
Drive e: () (Fixed) (Total:19.53 GB) (Free:4.71 GB) NTFS
Drive f: (Data) (Fixed) (Total:39.06 GB) (Free:1.32 GB) NTFS
Drive g: (Foto) (Fixed) (Total:14.65 GB) (Free:3.18 GB) NTFS
Drive h: (Hry) (Fixed) (Total:75.8 GB) (Free:15.02 GB) NTFS
\\?\Volume{d4618fa8-1499-48d2-9ae8-ddae5bc9040c}\ (Obnovení) (Fixed) (Total:0.52 GB) (Free:0.11 GB) NTFS
\\?\Volume{d2e1b529-0924-5188-90a2-934f6f20e2ea}\ () (Fixed) (Total:60.69 GB) (Free:0 GB) NTFS
\\?\Volume{a29ad78c-b612-f5ee-129a-50671beed9db}\ () (Fixed) (Total:5 GB) (Free:0 GB) NTFS
\\?\Volume{f7d463f0-f151-40c2-8963-640aacf0b21a}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 9EBFDF90)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 63FEE4B8)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 149.1 GB) (Disk ID: A005A005)
Partition 1: (Active) - (Size=19.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=129.5 GB) - (Type=0F Extended)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 3.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 4.
==================== End of Addition.txt =======================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-12-2019
Ran by Petr (27-12-2019 10:33:52)
Running from C:\Users\Petr\Desktop
Windows 10 Pro Version 1903 18362.535 (X64) (2019-08-29 12:51:31)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1509276542-816349280-2872763448-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1509276542-816349280-2872763448-503 - Limited - Disabled)
Guest (S-1-5-21-1509276542-816349280-2872763448-501 - Limited - Disabled)
Petr (S-1-5-21-1509276542-816349280-2872763448-1001 - Administrator - Enabled) => C:\Users\Petr
WDAGUtilityAccount (S-1-5-21-1509276542-816349280-2872763448-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (HKLM\...\{BC741628-0AFC-405C-8946-DD46D1005A0A}) (Version: 8.2.4 - Hewlett-Packard) Hidden
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.303 - Adobe)
AMD Product Verification Tool version 1.0.4.8 (HKLM\...\{4242685A-EF3E-45FF-B4AE-758E49020936}}_is1) (Version: 1.0.4.8 - AMD)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.12.3 - Advanced Micro Devices, Inc.)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.57.44284 - Electronic Arts)
Battlefield™ Hardline (HKLM-x32\...\{CB4AC3DA-8CC1-4516-86DA-4078B57DB229}) (Version: 1.4.0.10 - Electronic Arts)
Battlefield™ V (HKLM-x32\...\{e26b382f-e945-4f70-9318-121b683f1d61}) (Version: 1.0.62.35851 - Electronic Arts)
Bloody6 (HKLM-x32\...\Bloody3) (Version: 19.06.0006 - Bloody)
Branding64 (HKLM\...\{133E6274-9FD4-4ABD-80A8-2A954E89EAD6}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.11.0.1001 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-1509276542-816349280-2872763448-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
EPSON PX730 Series Printer Uninstall (HKLM\...\EPSON PX730 Series) (Version: - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
FastStone Image Viewer 7.4 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.4 - FastStone Soft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.24.15 - Google Inc.) Hidden
HP LaserJet 200 color M251 (HKLM-x32\...\{6682B5C4-530A-4FB8-ACAC-80DB5CCC68DD}) (Version: 15.0.15188.1774 - Hewlett-Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDXP (HKLM-x32\...\{6BA4598F-9ECC-453D-B6F7-ABAEEFA35561}) (Version: 3.0.26.12 - HP) Hidden
HPLaserJet200color-M251_HelpLearnCenter_SI (HKLM-x32\...\{DDEBEA89-2B5A-4E5B-8702-369882BB3F52}) (Version: 1.01.0000 - Hewlett-Packard)
HPLJDXPHelper (HKLM-x32\...\{010788AB-706E-4604-A46B-6785EAB64B5E}) (Version: 140.069.007 - HP) Hidden
HPLJUTCore (HKLM-x32\...\{B445502B-2F83-4873-90F1-06059F71A46A}) (Version: 014.000.0001 - HP) Hidden
HPLJUTM251 (HKLM-x32\...\{663A3950-CA55-4541-8B46-646BD548641D}) (Version: 3.00.0003 - HP) Hidden
hppLaserJetService (HKLM-x32\...\{0C4C3664-157A-4D69-B474-31EBF2EE1AE3}) (Version: 009.033.00926 - Hewlett-Packard) Hidden
hppM251LaserJetService (HKLM-x32\...\{09C0DA15-AB94-43BC-9B02-57DF3FEB469F}) (Version: 001.019.00639 - Hewlett-Packard) Hidden
hpStatusAlerts (HKLM-x32\...\{E35D0ED5-716B-4E1F-8477-54DD746DF527}) (Version: 140.040.00231 - Hewlett Packard) Hidden
hpStatusAlertsM251 (HKLM-x32\...\{A1EF28FB-74A8-4157-91E9-9C164CAB10F8}) (Version: 050.034.00131 - Hewlett-Packard) Hidden
LJDXPHelperUI (HKLM-x32\...\{DEB23FB1-04FF-44AC-98B5-EEB243D65A28}) (Version: 140.069.007 - HP) Hidden
Logicool Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logicool)
Mass Effect™ 3 (HKLM-x32\...\{534A31BD-20F4-46b0-85CE-09778379663C}) (Version: 1.05.0.0 - Electronic Arts)
Microsoft OneDrive (HKU\S-1-5-21-1509276542-816349280-2872763448-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
NVIDIA PhysX (HKLM-x32\...\{9530AE42-DAE1-4619-9594-B23487285D17}) (Version: 9.11.1107 - NVIDIA Corporation)
Opera Stable 65.0.3467.78 (HKU\S-1-5-21-1509276542-816349280-2872763448-1001\...\Opera 65.0.3467.78) (Version: 65.0.3467.78 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.57.35162 - Electronic Arts, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8716.1 - Realtek Semiconductor Corp.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
WarThunder (HKLM-x32\...\WarThunder) (Version: - ) <==== ATTENTION
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.4.4.0_x86__kgqvnymyfvs32 [2019-12-10] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.27.6.0_x86__kgqvnymyfvs32 [2019-12-13] (king.com)
DirectX -> C:\Program Files\WindowsApps\Microsoft.DirectXRuntime_9.29.952.0_x64__8wekyb3d8bbwe [2019-09-02] (Microsoft Corporation)
DirectX -> C:\Program Files\WindowsApps\Microsoft.DirectXRuntime_9.29.952.0_x86__8wekyb3d8bbwe [2019-09-02] (Microsoft Corporation)
Gears of War: Ultimate Edition for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.DeltaPC_1.10.0.0_x64__8wekyb3d8bbwe [2019-11-02] (Microsoft Studios)
Herní služby -> C:\Program Files\WindowsApps\Microsoft.GamingServices_1.35.26001.0_x64__8wekyb3d8bbwe [2019-12-13] (Microsoft Corporation)
Metro Exodus (Windows) -> C:\Program Files\WindowsApps\DeepSilver.ProjectWindfall_1.0.19.0_x64__hmv7qcest37me [2019-10-09] (Koch Media GmbH)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-08-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-08-29] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-11] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
Rise of the Tomb Raider -> C:\Program Files\WindowsApps\39C668CD.RiseoftheTombRaider_1.753.1.0_x64__r7bfsmp40f67j [2019-09-06] (Square Enix Ltd.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0 [2019-12-20] (Spotify AB) [Startup Task]
State of Decay 2 -> C:\Program Files\WindowsApps\Microsoft.Dayton_1.3764.5.2_x64__8wekyb3d8bbwe [2019-12-21] (Microsoft Studios)
Worms W.M.D -> C:\Program Files\WindowsApps\Team17DigitalLimited.WormsW.M.DWin10_1.0.352.0_x64__j5x4vj4y67jhc [2019-10-16] (Team17 Digital Limited)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-11-30] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-11-30] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-12-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Petr\Desktop\WarThunder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --app=hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=1&aff_sub2=JFNSWiiFXIyksJyNaLVtTKTlXUnp3AVx7d1dcfnZTUTQmUVIoOVPipJgAAABVjZRgie&click_id=cab269e76ac6be97f667652d7d5afd19da022089 --app-window-size=1680,1050
ShortcutWithArgument: C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\WarThunder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --app=hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=1&aff_sub2=JFNSWiiFXIyksJyNaLVtTKTlXUnp3AVx7d1dcfnZTUTQmUVIoOVPipJgAAABVjZRgie&click_id=cab269e76ac6be97f667652d7d5afd19da022089 --app-window-size=1680,1050
ShortcutWithArgument: C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --app=hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=1&aff_sub2=JFNSWiiFXIyksJyNaLVtTKTlXUnp3AVx7d1dcfnZTUTQmUVIoOVPipJgAAABVjZRgie&click_id=cab269e76ac6be97f667652d7d5afd19da022089 --app-window-size=1680,1050
==================== Loaded Modules (Whitelisted) =============
2019-08-29 15:37 - 2019-12-17 14:32 - 000015360 _____ () [File not signed] C:\Program Files (x86)\Origin\libEGL.DLL
2019-08-29 15:37 - 2019-12-17 14:32 - 003090944 _____ () [File not signed] C:\Program Files (x86)\Origin\libGLESv2.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2018-03-13 03:47 - 2018-03-13 03:47 - 000912896 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-core.dll
2018-03-13 03:47 - 2018-03-13 03:47 - 003109888 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-s3.dll
2015-02-19 00:13 - 2015-02-19 00:13 - 000817152 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\Device.dll
2015-02-19 00:13 - 2015-02-19 00:13 - 003650560 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\Platform.dll
2019-12-16 13:31 - 2019-12-16 13:31 - 001516544 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\WVR\OpenVR\bin\win64\driver_amdwvr.dll
2009-09-16 17:44 - 2009-09-16 17:44 - 000153088 _____ (Hewlett Packard) [File not signed] C:\Windows\System32\hptcpmib.dll
2009-09-16 17:45 - 2009-09-16 17:45 - 000331264 _____ (Hewlett Packard) [File not signed] C:\Windows\System32\HpTcpMon.dll
2009-09-16 10:44 - 2009-09-16 10:44 - 000132096 _____ (Hewlett Packard) [File not signed] C:\Windows\System32\hpzjrd01.dll
2014-06-24 22:31 - 2014-06-24 22:31 - 000041472 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPHTTPProxy.dll
2014-06-24 22:31 - 2014-06-24 22:31 - 000073728 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPTools.dll
2014-06-24 22:31 - 2014-06-24 22:31 - 001222656 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\LEDMXMLObjects.dll
2014-06-24 22:31 - 2014-06-24 22:31 - 000034816 _____ (HP) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPServiceCommunicator.dll
2009-09-16 17:45 - 2009-09-16 17:45 - 000317440 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\HPTcpMUI.dll
2019-10-10 16:07 - 2012-11-12 14:15 - 000558592 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Windows\System32\enppmon.dll
2019-10-10 16:07 - 2012-10-22 16:19 - 000219648 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Windows\System32\enpres.dll
2019-12-17 14:32 - 2019-12-17 14:32 - 000002560 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Origin\icudt58.dll
2019-12-17 14:32 - 2019-12-17 14:32 - 001252864 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Origin\icuuc58.dll
2019-08-29 15:37 - 2019-12-17 14:32 - 001277440 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2019-08-29 15:37 - 2019-12-17 14:32 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\SSLEAY32.dll
2019-12-17 14:32 - 2019-12-17 14:32 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qgif.dll
2019-12-17 14:32 - 2019-12-17 14:32 - 000032768 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qico.dll
2019-12-17 14:32 - 2019-12-17 14:32 - 000256512 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2019-12-17 14:32 - 2019-12-17 14:32 - 000026112 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qtga.dll
2019-12-17 14:32 - 2019-12-17 14:32 - 000305152 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2019-12-17 14:32 - 2019-12-17 14:32 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2019-08-29 15:37 - 2019-12-17 14:32 - 000278016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\mediaservice\dsengine.dll
2019-08-29 15:37 - 2019-12-17 14:32 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2019-12-17 14:32 - 2019-12-17 14:32 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2019-12-17 14:32 - 2019-12-17 14:32 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2019-12-17 14:32 - 2019-12-17 14:32 - 000709120 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Multimedia.dll
2019-12-17 14:32 - 2019-12-17 14:32 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2019-12-17 14:32 - 2019-12-17 14:32 - 000207360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Positioning.dll
2019-12-17 14:32 - 2019-12-17 14:32 - 000310272 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5PrintSupport.dll
2019-12-17 14:32 - 2019-12-17 14:32 - 003513344 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Qml.dll
2019-12-17 14:32 - 2019-12-17 14:32 - 003390976 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Quick.dll
2019-12-17 14:32 - 2019-12-17 14:32 - 000068096 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5QuickWidgets.dll
2019-12-17 14:32 - 2019-12-17 14:32 - 000045568 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5TextToSpeech.dll
2019-12-17 14:32 - 2019-12-17 14:32 - 054071296 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebEngineCore.dll
2019-12-17 14:32 - 2019-12-17 14:32 - 000211456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebEngineWidgets.dll
2019-12-17 14:32 - 2019-12-17 14:32 - 000116224 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebChannel.dll
2019-12-17 14:32 - 2019-12-17 14:32 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2019-12-17 14:32 - 2019-12-17 14:32 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2019-12-17 14:32 - 2019-12-17 14:32 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000413696 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000519168 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 001431040 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 001180672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2019-12-16 13:39 - 2019-12-16 13:39 - 006010880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 006345216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 001078272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 004000256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 003802624 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 001083904 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 000205312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 000376320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 092323328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 005560832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 000188416 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-12-05 02:48 - 2019-12-05 02:48 - 002888704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000287232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000329216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000136192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000089088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000312320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2019-12-05 02:49 - 2019-12-05 02:49 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2019-12-16 13:39 - 2019-12-16 13:39 - 000085504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1509276542-816349280-2872763448-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Petr\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\P1016731.JPG
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "Start WingMan Profiler"
HKLM\...\StartupApproved\Run32: => "StatusAlerts"
HKU\S-1-5-21-1509276542-816349280-2872763448-1001\...\StartupApproved\Run: => "Bloody2"
HKU\S-1-5-21-1509276542-816349280-2872763448-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1509276542-816349280-2872763448-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1509276542-816349280-2872763448-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_99DE362BF37F05AF23B8D5CFF8AAB751"
HKU\S-1-5-21-1509276542-816349280-2872763448-1001\...\StartupApproved\Run: => "Chromium"
HKU\S-1-5-21-1509276542-816349280-2872763448-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{112F24A0-5A91-4967-993D-2FBAE5FAE76A}] => (Allow) D:\hry\Battlefield 1\bf1Trial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{8F06DE42-E106-4488-A580-5027682911BF}] => (Allow) D:\hry\Battlefield 1\bf1Trial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{C1B9E5B8-D5BE-428B-8CB6-CE3D076087CF}] => (Allow) D:\hry\Battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{C39B6ACE-BCAD-4E21-83B8-AB537689C860}] => (Allow) D:\hry\Battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{B831EE28-6AB1-4813-9DEF-6843C5212E4D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{90FE60E6-6912-401A-9E0E-92FFA59A2656}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{A22089AC-FA86-430F-B08C-88191A693C75}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{B157E7A7-8672-432E-9E5E-017DD15C789F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{78343BEA-6FE5-4DDE-BF17-52114B0B4552}] => (Allow) D:\hry\BFH\BFHWebHelper.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{57D64B27-FBD1-4497-8008-838255B9DCFF}] => (Allow) D:\hry\BFH\BFHWebHelper.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [TCP Query User{813FEBFE-BB2E-4895-9646-70AC8D1E80D4}D:\hry\bfh\bfh.exe] => (Allow) D:\hry\bfh\bfh.exe (Electronic Arts -> Visceral Games)
FirewallRules: [UDP Query User{39598308-2164-4940-9FB0-8A80A6DF7F83}D:\hry\bfh\bfh.exe] => (Allow) D:\hry\bfh\bfh.exe (Electronic Arts -> Visceral Games)
FirewallRules: [TCP Query User{AE5EA527-2EB6-4740-9A79-02F1C2BD1C19}C:\users\petr\appdata\local\programs\opera\65.0.3467.48\opera.exe] => (Block) C:\users\petr\appdata\local\programs\opera\65.0.3467.48\opera.exe No File
FirewallRules: [UDP Query User{F085D1D7-CCB6-4B93-87FB-94A1C5CC2A88}C:\users\petr\appdata\local\programs\opera\65.0.3467.48\opera.exe] => (Block) C:\users\petr\appdata\local\programs\opera\65.0.3467.48\opera.exe No File
FirewallRules: [{5B730B61-667C-4516-938B-EC15A9637983}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{E93EC311-5E58-4E08-B98C-0235B7A73406}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{943FFC37-DC3A-4F40-9069-F228EE43B246}] => (Allow) D:\hry\SteamLibrary\steamapps\common\Syberia3\Syberia3.exe () [File not signed]
FirewallRules: [{753D5192-E625-409B-870E-92936AF340EC}] => (Allow) D:\hry\SteamLibrary\steamapps\common\Syberia3\Syberia3.exe () [File not signed]
FirewallRules: [{C5E1C6B2-34D7-457D-B5D2-3585F4F189ED}] => (Allow) D:\hry\Mass Effect 3\Binaries\Win32\MassEffect3.exe (Electronic Arts -> BioWare)
FirewallRules: [{B6CE67D0-2212-4EF5-9CC0-8CFF04E6E103}] => (Allow) D:\hry\Mass Effect 3\Binaries\Win32\MassEffect3.exe (Electronic Arts -> BioWare)
FirewallRules: [{9AAD93C6-52C7-4FE2-B87D-5DB01CAD76C3}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{CE6EEF2D-1F36-462F-AB41-88FAB44C700E}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{D7AC227F-0A37-4BE3-AF57-D36B2995251A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{BB8ACC7B-E2D1-4E88-9214-C72F3EDBE9F1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{16B3BAF6-F1D7-4B01-B680-00258D58E31A}] => (Allow) D:\hry\SteamLibrary\steamapps\common\Resident Evil Biohazard HD REMASTER\bhd.exe () [File not signed]
FirewallRules: [{7A7790A4-C87C-4E2C-9F51-F8B5672F7A67}] => (Allow) D:\hry\SteamLibrary\steamapps\common\Resident Evil Biohazard HD REMASTER\bhd.exe () [File not signed]
FirewallRules: [TCP Query User{0B948609-F943-49D8-AE86-EE2C664000AC}C:\users\petr\appdata\local\programs\opera\65.0.3467.62\opera.exe] => (Block) C:\users\petr\appdata\local\programs\opera\65.0.3467.62\opera.exe No File
FirewallRules: [UDP Query User{3CA8E5EA-876D-4BD7-BA55-01C0D83BE727}C:\users\petr\appdata\local\programs\opera\65.0.3467.62\opera.exe] => (Block) C:\users\petr\appdata\local\programs\opera\65.0.3467.62\opera.exe No File
FirewallRules: [{2D18E0DF-0F1E-4D3C-BD88-6A4C53E7FE44}] => (Allow) D:\hry\Battlefield V\bfvTrial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{79165461-6FDA-48BA-87C3-6D31F0FCADDE}] => (Allow) D:\hry\Battlefield V\bfvTrial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{D2267909-6903-4FF4-A604-7CC2334625A8}] => (Allow) D:\hry\Battlefield V\bfv.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{E3D25593-FC6A-484D-A782-ABD86FDC1A84}] => (Allow) D:\hry\Battlefield V\bfv.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [TCP Query User{BF5764D0-7E72-470B-A7AC-49B39B777FC3}C:\users\petr\appdata\local\programs\opera\65.0.3467.72\opera.exe] => (Block) C:\users\petr\appdata\local\programs\opera\65.0.3467.72\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{BFCA10DF-B60D-4F49-A658-BC30E731F021}C:\users\petr\appdata\local\programs\opera\65.0.3467.72\opera.exe] => (Block) C:\users\petr\appdata\local\programs\opera\65.0.3467.72\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{6B39D53A-1F5C-4231-BC2D-87AE1C303AE4}] => (Allow) D:\hry\SteamLibrary\steamapps\common\Dying Light\DyingLightGame.exe (Techland Sp. z o.o. -> Techland)
FirewallRules: [{B6E26884-DFF2-4133-B945-64DFB3FD2470}] => (Allow) D:\hry\SteamLibrary\steamapps\common\Dying Light\DyingLightGame.exe (Techland Sp. z o.o. -> Techland)
FirewallRules: [{F4650AC6-7BBE-4E90-AE63-E69C1F7BA82D}] => (Allow) D:\hry\SteamLibrary\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe (Techland) [File not signed]
FirewallRules: [{E8457553-3BFC-4D9A-801E-0F340FA24A24}] => (Allow) D:\hry\SteamLibrary\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe (Techland) [File not signed]
FirewallRules: [{C74F1440-F60F-42C2-9F1F-DD9420755911}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{8B84DA4E-7ED1-45D2-BF33-A91EF21A8305}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3320AD9D-B20C-4D5F-96BC-2746DF22AB68}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{45B2143E-B65C-4BD3-A5A9-9332A7C43F47}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2EE66349-72BD-49D9-8ED2-523F32A8AF82}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{50953BA9-2499-41FA-8630-FD20650D5FB0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{324EA6FA-1FB6-4897-9AD9-73AA294085A4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8846BB69-3927-4147-A618-D9ADF2541E81}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5399C34D-243B-4538-BAE8-F8AFC363723E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{FC9AB020-7D9E-4FD2-BB2D-5009A53B6C0F}C:\users\petr\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Block) C:\users\petr\appdata\local\programs\opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{9BE411BD-0B1E-4A34-913A-1976BF4E3FE0}C:\users\petr\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Block) C:\users\petr\appdata\local\programs\opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:111.16 GB) (Free:50.32 GB) (45%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/27/2019 10:16:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: OriginWebHelperService.exe, verze: 10.5.57.35162, časové razítko: 0x5df243e3
Název chybujícího modulu: OriginWebHelperService.exe, verze: 10.5.57.35162, časové razítko: 0x5df243e3
Kód výjimky: 0xc0000005
Posun chyby: 0x00099d50
ID chybujícího procesu: 0x28e0
Čas spuštění chybující aplikace: 0x01d5bc9642d074ef
Cesta k chybující aplikaci: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
ID zprávy: c934b0f6-079b-4433-926a-f158d4eaef2a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/26/2019 11:22:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: OriginWebHelperService.exe, verze: 10.5.57.35162, časové razítko: 0x5df243e3
Název chybujícího modulu: OriginWebHelperService.exe, verze: 10.5.57.35162, časové razítko: 0x5df243e3
Kód výjimky: 0xc0000005
Posun chyby: 0x00099d50
ID chybujícího procesu: 0x1bc8
Čas spuštění chybující aplikace: 0x01d5bbd66dfc6e8b
Cesta k chybující aplikaci: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
ID zprávy: 2fb0e4a7-83a3-4dba-b585-d7d682252e9a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/26/2019 11:22:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: OriginWebHelperService.exe, verze: 10.5.57.35162, časové razítko: 0x5df243e3
Název chybujícího modulu: OriginWebHelperService.exe, verze: 10.5.57.35162, časové razítko: 0x5df243e3
Kód výjimky: 0xc0000005
Posun chyby: 0x00099d50
ID chybujícího procesu: 0xd04
Čas spuštění chybující aplikace: 0x01d5bbd65fdd9b3a
Cesta k chybující aplikaci: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
ID zprávy: cafc8449-047d-4cfb-aa32-05736036e384
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/25/2019 09:38:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: OriginWebHelperService.exe, verze: 10.5.57.35162, časové razítko: 0x5df243e3
Název chybujícího modulu: OriginWebHelperService.exe, verze: 10.5.57.35162, časové razítko: 0x5df243e3
Kód výjimky: 0xc0000005
Posun chyby: 0x00099d50
ID chybujícího procesu: 0x3e18
Čas spuštění chybující aplikace: 0x01d5bafeac0ef213
Cesta k chybující aplikaci: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
ID zprávy: 5644b657-a6ab-4093-b8af-6169d9ac7e74
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/24/2019 10:07:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: OriginWebHelperService.exe, verze: 10.5.57.35162, časové razítko: 0x5df243e3
Název chybujícího modulu: OriginWebHelperService.exe, verze: 10.5.57.35162, časové razítko: 0x5df243e3
Kód výjimky: 0xc0000005
Posun chyby: 0x00099d50
ID chybujícího procesu: 0x3e58
Čas spuštění chybující aplikace: 0x01d5ba9e318ecdfc
Cesta k chybující aplikaci: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
ID zprávy: 002d9783-75cc-417d-8bd2-0bad8ac34240
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/24/2019 10:49:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: OriginWebHelperService.exe, verze: 10.5.57.35162, časové razítko: 0x5df243e3
Název chybujícího modulu: OriginWebHelperService.exe, verze: 10.5.57.35162, časové razítko: 0x5df243e3
Kód výjimky: 0xc0000005
Posun chyby: 0x00099d50
ID chybujícího procesu: 0x4b68
Čas spuštění chybující aplikace: 0x01d5ba3f6742ca50
Cesta k chybující aplikaci: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
ID zprávy: 1f9046b8-9079-4ac3-b760-26f1c05771e5
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/23/2019 10:09:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: OriginWebHelperService.exe, verze: 10.5.57.35162, časové razítko: 0x5df243e3
Název chybujícího modulu: OriginWebHelperService.exe, verze: 10.5.57.35162, časové razítko: 0x5df243e3
Kód výjimky: 0xc0000005
Posun chyby: 0x00099d50
ID chybujícího procesu: 0x1c74
Čas spuštění chybující aplikace: 0x01d5b970b57e4f89
Cesta k chybující aplikaci: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
ID zprávy: 3c7948f1-9396-4222-881d-5562b5aa4362
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/22/2019 09:28:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: OriginWebHelperService.exe, verze: 10.5.57.35162, časové razítko: 0x5df243e3
Název chybujícího modulu: OriginWebHelperService.exe, verze: 10.5.57.35162, časové razítko: 0x5df243e3
Kód výjimky: 0xc0000005
Posun chyby: 0x00099d50
ID chybujícího procesu: 0x3860
Čas spuštění chybující aplikace: 0x01d5b8a1c2c1a846
Cesta k chybující aplikaci: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
ID zprávy: 8a605e87-c090-4d1e-a25c-e7f9a6ee9d63
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (12/27/2019 10:16:11 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Origin Web Helper Service byla neočekávaně ukončena. Tento stav nastal již 3krát.
Error: (12/26/2019 11:37:23 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba AMD User Experience Program Launcher je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (12/26/2019 11:26:46 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD User Experience Program Launcher byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (12/26/2019 11:22:58 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Origin Web Helper Service byla neočekávaně ukončena. Tento stav nastal již 2krát.
Error: (12/26/2019 11:22:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Origin Web Helper Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (12/26/2019 11:22:26 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (10:56:42, 26.12.2019) bylo neočekávané.
Error: (12/25/2019 09:38:34 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Origin Web Helper Service byla neočekávaně ukončena. Tento stav nastal již 10krát.
Error: (12/24/2019 10:07:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Origin Web Helper Service byla neočekávaně ukončena. Tento stav nastal již 9krát.
Windows Defender:
===================================
Date: 2019-12-20 15:07:37.000
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {F4183D2B-B62C-4D6C-B984-938FD5AD3593}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-12-20 13:01:10.474
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {CC3BA1F5-16DD-42B2-BD12-8DB1EA959448}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-12-12 20:17:46.095
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {0AD2315A-281F-4538-8AAB-077FF73A8A5E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-12-12 19:46:07.631
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {28C794C7-C77E-4498-9CC4-CCBCEB50C28C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
CodeIntegrity:
===================================
Date: 2019-12-11 17:51:28.992
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-11 17:51:28.974
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-11 17:51:28.954
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-11 17:51:28.853
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-11 17:51:28.829
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 2603 06/26/2015
Motherboard: ASUSTeK COMPUTER INC. M5A97 R2.0
Processor: AMD FX(tm)-8350 Eight-Core Processor
Percentage of memory in use: 28%
Total physical RAM: 16283.51 MB
Available physical RAM: 11665.43 MB
Total Virtual: 18715.51 MB
Available Virtual: 10439.42 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.16 GB) (Free:50.32 GB) NTFS
Drive d: (HDD) (Fixed) (Total:931.51 GB) (Free:3.32 GB) NTFS
Drive e: () (Fixed) (Total:19.53 GB) (Free:4.71 GB) NTFS
Drive f: (Data) (Fixed) (Total:39.06 GB) (Free:1.32 GB) NTFS
Drive g: (Foto) (Fixed) (Total:14.65 GB) (Free:3.18 GB) NTFS
Drive h: (Hry) (Fixed) (Total:75.8 GB) (Free:15.02 GB) NTFS
\\?\Volume{d4618fa8-1499-48d2-9ae8-ddae5bc9040c}\ (Obnovení) (Fixed) (Total:0.52 GB) (Free:0.11 GB) NTFS
\\?\Volume{d2e1b529-0924-5188-90a2-934f6f20e2ea}\ () (Fixed) (Total:60.69 GB) (Free:0 GB) NTFS
\\?\Volume{a29ad78c-b612-f5ee-129a-50671beed9db}\ () (Fixed) (Total:5 GB) (Free:0 GB) NTFS
\\?\Volume{f7d463f0-f151-40c2-8963-640aacf0b21a}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 9EBFDF90)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 63FEE4B8)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 149.1 GB) (Disk ID: A005A005)
Partition 1: (Active) - (Size=19.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=129.5 GB) - (Type=0F Extended)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 3.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 4.
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 118271
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu, děkuji.
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1509276542-816349280-2872763448-1001\...\MountPoints2: {a6f42b0c-12fc-11ea-ba65-107b44f19dfb} - "K:\setup.exe"
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
ask: {20778923-4BAB-4C2B-898A-60C117923674} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-29] (Google Inc -> Google LLC)
Task: {79DC848D-C36D-41C6-B155-43DB84E66242} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-29] (Google Inc -> Google LLC)
C:\ProgramData\fzxbj
C:\ProgramData\{87E1BBDD-AFC9-C3A5-F791-EB8D1F793355}
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu, děkuji.
Fix result of Farbar Recovery Scan Tool (x64) Version: 28-12-2019
Ran by Petr (29-12-2019 12:06:05) Run:1
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1509276542-816349280-2872763448-1001\...\MountPoints2: {a6f42b0c-12fc-11ea-ba65-107b44f19dfb} - "K:\setup.exe"
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
ask: {20778923-4BAB-4C2B-898A-60C117923674} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-29] (Google Inc -> Google LLC)
Task: {79DC848D-C36D-41C6-B155-43DB84E66242} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-29] (Google Inc -> Google LLC)
C:\ProgramData\fzxbj
C:\ProgramData\{87E1BBDD-AFC9-C3A5-F791-EB8D1F793355}
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
HKU\S-1-5-21-1509276542-816349280-2872763448-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a6f42b0c-12fc-11ea-ba65-107b44f19dfb} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
ask: {20778923-4BAB-4C2B-898A-60C117923674} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-29] (Google Inc -> Google LLC) => Error: No automatic fix found for this entry.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{79DC848D-C36D-41C6-B155-43DB84E66242}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{79DC848D-C36D-41C6-B155-43DB84E66242}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
C:\ProgramData\fzxbj => moved successfully
C:\ProgramData\{87E1BBDD-AFC9-C3A5-F791-EB8D1F793355} => moved successfully
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
=========== EmptyTemp: ==========
BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 108837751 B
Java, Flash, Steam htmlcache => 366307175 B
Windows/system/drivers => 1047238 B
Edge => 44557 B
Chrome => 177758 B
Firefox => 0 B
Opera => 458605192 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 3178 B
NetworkService => 48720 B
Petr => 183029411 B
RecycleBin => 0 B
EmptyTemp: => 1.1 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 12:06:51 ====
Ran by Petr (29-12-2019 12:06:05) Run:1
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1509276542-816349280-2872763448-1001\...\MountPoints2: {a6f42b0c-12fc-11ea-ba65-107b44f19dfb} - "K:\setup.exe"
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
ask: {20778923-4BAB-4C2B-898A-60C117923674} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-29] (Google Inc -> Google LLC)
Task: {79DC848D-C36D-41C6-B155-43DB84E66242} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-29] (Google Inc -> Google LLC)
C:\ProgramData\fzxbj
C:\ProgramData\{87E1BBDD-AFC9-C3A5-F791-EB8D1F793355}
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
HKU\S-1-5-21-1509276542-816349280-2872763448-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a6f42b0c-12fc-11ea-ba65-107b44f19dfb} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
ask: {20778923-4BAB-4C2B-898A-60C117923674} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-29] (Google Inc -> Google LLC) => Error: No automatic fix found for this entry.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{79DC848D-C36D-41C6-B155-43DB84E66242}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{79DC848D-C36D-41C6-B155-43DB84E66242}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
C:\ProgramData\fzxbj => moved successfully
C:\ProgramData\{87E1BBDD-AFC9-C3A5-F791-EB8D1F793355} => moved successfully
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
=========== EmptyTemp: ==========
BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 108837751 B
Java, Flash, Steam htmlcache => 366307175 B
Windows/system/drivers => 1047238 B
Edge => 44557 B
Chrome => 177758 B
Firefox => 0 B
Opera => 458605192 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 3178 B
NetworkService => 48720 B
Petr => 183029411 B
RecycleBin => 0 B
EmptyTemp: => 1.1 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 12:06:51 ====
-
Rudy
- Site Admin
- Příspěvky: 118271
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu, děkuji.
Smazáno, log je již OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu, děkuji.
Děkuji za Váš čas a pomoc a do nového roku přeji vše nejlepší.
Díky.
Díky.
-
Rudy
- Site Admin
- Příspěvky: 118271
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu, děkuji.
Nemáte zač a šťastný a veselý! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?